Help
Post your comments for How Quickly Can Your Password be Cracked? here
How Quickly Can Your Password Be Cracked?
#2
bjbrochu 
- Member
-
- Group: Members
- Posts: 34
- Joined: 18-March 08
Posted 10 June 2012 - 12:16 PM
I use a 14 character password as my default password and I change the last two characters whenever it ques me to change it. I use numbers, symbols and Caps throughout. It is also a random character set and has no word associations.I have used it so often that I can type it in without looking now. I have not worried to much about it being guessed.
#3
Soundjudgment
- Advanced Member
-
- Group: Members
- Posts: 441
- Joined: 22-January 10
Posted 10 June 2012 - 12:37 PM
bjbrochu, on 10 June 2012 - 12:16 PM, said:
I use a 14 character password as my default password and I change the last two characters whenever it ques me to change it. I use numbers, symbols and Caps throughout. It is also a random character set and has no word associations.I have used it so often that I can type it in without looking now. I have not worried to much about it being guessed.
Or simply steal the unencrypted Password list from the poorly-secured Website in question: 16 seconds.
#4
waldojim
- Elite
-
- Group: Members
- Posts: 15,079
- Joined: 29-October 08
- Location:Texas
Posted 10 June 2012 - 12:59 PM
I love how they manage to come up with these attempts per second as if there is any set speed people can test at. The easiest way to slow down the attacks - use stronger encryption techniques. It has been proven time and time again, that stronger encryption can take even the fastest Nvidia Tegra arrays, and slow them to a crawl trying to crack passwords. If websites used a decent cypher, then it would still take far too long to crack the passwords.
"There is a cult of ignorance in the United States, and there always has been. The strain of anti-intellectualism has been a constant thread winding its way through our political and cultural life, nurtured by the false notion that democracy means that 'my ignorance is just as good as your knowledge.'" -- Isaac Asimov
Lenovo W520 CTO Intel i7-2620m, 8GB Patriot ram @ 1333Mhz, Nvidia Quadro 1000m with 2GB GDRR3, Plextor M3 256GB SSD, 1080P wide color display, Windows 8 Pro
Media Center: Intel Core i5 760 @ 3.1Ghz, 4GB DDR3, Corsair GS600PSU, EVGA Geforce 550ti, EVGA P55 SLI, 3x 1TB raid 5, 1x 1TB boot drive, Windows 8 Pro, Win TV 950(USB), Pioneer BR.
Server: AMD Phenom X4 945 @ 3.0Ghz, MSI 790FX-GD70, 16gb ddr3 RAM @ 1333mhz, 2TB Seagate HDD, 64GB Patriot SSD, Asus Silent Gefore 210
The Green machine: AMD Sempron 145EE Unlocked and OC'd to 4.1Ghz, Gigabyte GD970A-DS3, 8GB ram @ 1600mhz, Nvidia 550Ti, Thermaltake BlueOrb, Antec EW385
Samsung Galaxy Nexus, Paranoid Android 4.2 Rom http://www.speedtest...d/315465831.png
Lenovo W520 CTO Intel i7-2620m, 8GB Patriot ram @ 1333Mhz, Nvidia Quadro 1000m with 2GB GDRR3, Plextor M3 256GB SSD, 1080P wide color display, Windows 8 Pro
Media Center: Intel Core i5 760 @ 3.1Ghz, 4GB DDR3, Corsair GS600PSU, EVGA Geforce 550ti, EVGA P55 SLI, 3x 1TB raid 5, 1x 1TB boot drive, Windows 8 Pro, Win TV 950(USB), Pioneer BR.
Server: AMD Phenom X4 945 @ 3.0Ghz, MSI 790FX-GD70, 16gb ddr3 RAM @ 1333mhz, 2TB Seagate HDD, 64GB Patriot SSD, Asus Silent Gefore 210
The Green machine: AMD Sempron 145EE Unlocked and OC'd to 4.1Ghz, Gigabyte GD970A-DS3, 8GB ram @ 1600mhz, Nvidia 550Ti, Thermaltake BlueOrb, Antec EW385
Samsung Galaxy Nexus, Paranoid Android 4.2 Rom http://www.speedtest...d/315465831.png
#5
chingching
- Member
-
- Group: Members
- Posts: 11
- Joined: 20-November 10
Posted 10 June 2012 - 01:16 PM
I don't understand how this would be relevant to a site that uses a 5 minute time out after three or so failed attempts? How is it possible that they can download the entire site and try to crack it offline?
#6
Sunsmasher
- Full Member
-
- Group: Members
- Posts: 56
- Joined: 11-December 08
Posted 10 June 2012 - 01:24 PM
Longer than 10 characters is even better.
15-20 characters or even more is advisable, especially if it's a sensitive site like Paypal or your bank.
Use upper and lower case letters, numbers, and symbols.
There are articles on the web on how to create super passwords.
15-20 characters or even more is advisable, especially if it's a sensitive site like Paypal or your bank.
Use upper and lower case letters, numbers, and symbols.
There are articles on the web on how to create super passwords.
#7
chingching
- Member
-
- Group: Members
- Posts: 11
- Joined: 20-November 10
Posted 10 June 2012 - 01:56 PM
Sunsmasher, on 10 June 2012 - 01:24 PM, said:
Longer than 10 characters is even better.
15-20 characters or even more is advisable, especially if it's a sensitive site like Paypal or your bank.
Use upper and lower case letters, numbers, and symbols.
There are articles on the web on how to create super passwords.
15-20 characters or even more is advisable, especially if it's a sensitive site like Paypal or your bank.
Use upper and lower case letters, numbers, and symbols.
There are articles on the web on how to create super passwords.
Exactly, Paypal or your bank, is going to shut you down, or suspend your account, if you enter bad passwords 3.4.or 5 times in a row. So how exactly is a 'super' password necessary?
#8
MichaelMullins
- Full Member
-
- Group: Members
- Posts: 56
- Joined: 11-May 12
Posted 10 June 2012 - 02:07 PM
I have a 20 character password consisting of letters, numbers and symbols. Have fun, hackers.
#9
Evildave
- Expert
-
- Group: Members
- Posts: 4,287
- Joined: 24-January 08
Posted 10 June 2012 - 02:08 PM
There are some trivial things that can be done on the server, like force retries from the same IP to be several seconds apart. Sure, if you mistype your password, you'll suffer a bit, but better than letting a botnet have its way with a dictionary attack based on grabbed passwords.
The problem with the big linkedin snafu is, this provides a password dictionary to try on other sites, too.
If the attacker has a list of users, and a dictionary composed of nothing but stolen passwords, and you didn't change ALL of yours? According to how many user accounts, but hours at best. Less than an hour, if there are less than 3,600,000 users, making the 1000 tries per second assumption.
And once the attacker has a username(and/or email)+password, that can be trivially applied to various other web sites, in case you reuse your password. Meaning that if you are guilty of this sin, they can crack the rest of your accounts that share the same password, the same day. Especially if you're super-stupid, and you use the same password for your email. Which means they can effectively take over all of your accounts, even the ones with email confirmations.
The problem with the big linkedin snafu is, this provides a password dictionary to try on other sites, too.
If the attacker has a list of users, and a dictionary composed of nothing but stolen passwords, and you didn't change ALL of yours? According to how many user accounts, but hours at best. Less than an hour, if there are less than 3,600,000 users, making the 1000 tries per second assumption.
And once the attacker has a username(and/or email)+password, that can be trivially applied to various other web sites, in case you reuse your password. Meaning that if you are guilty of this sin, they can crack the rest of your accounts that share the same password, the same day. Especially if you're super-stupid, and you use the same password for your email. Which means they can effectively take over all of your accounts, even the ones with email confirmations.
#10
zaferatakan
- Newbie
-
- Group: New Member
- Posts: 4
- Joined: 10-June 12
Posted 10 June 2012 - 02:11 PM
Unrealistic. Many websites simply don't allow you to try multiple password in per second. Others ask you captcha after wrong input. I am having hard time believing that such a websites exists.
#11
Evildave
- Expert
-
- Group: Members
- Posts: 4,287
- Joined: 24-January 08
Posted 10 June 2012 - 02:12 PM
Of course, if an evil person sets up a web site JUST to steal passwords and exploit reuse...
http://imgs.xkcd.com...sword_reuse.png
http://xkcd.com/792/
http://imgs.xkcd.com...sword_reuse.png
http://xkcd.com/792/
#13
waldojim
- Elite
-
- Group: Members
- Posts: 15,079
- Joined: 29-October 08
- Location:Texas
Posted 10 June 2012 - 02:54 PM
chingching, on 10 June 2012 - 01:16 PM, said:
I don't understand how this would be relevant to a site that uses a 5 minute time out after three or so failed attempts? How is it possible that they can download the entire site and try to crack it offline?
Easy, they exploit a known vulnerability to gain access to the site, hit up the database with the passwords, which probably has next to no security internally, or worse yet, hasn't been patched in years. Then they download the entire password database. Once done, they get to take their sweet time cracking the passwords at home, knowing that the company will stall as long as they can before admitting they had a problem.
"There is a cult of ignorance in the United States, and there always has been. The strain of anti-intellectualism has been a constant thread winding its way through our political and cultural life, nurtured by the false notion that democracy means that 'my ignorance is just as good as your knowledge.'" -- Isaac Asimov
Lenovo W520 CTO Intel i7-2620m, 8GB Patriot ram @ 1333Mhz, Nvidia Quadro 1000m with 2GB GDRR3, Plextor M3 256GB SSD, 1080P wide color display, Windows 8 Pro
Media Center: Intel Core i5 760 @ 3.1Ghz, 4GB DDR3, Corsair GS600PSU, EVGA Geforce 550ti, EVGA P55 SLI, 3x 1TB raid 5, 1x 1TB boot drive, Windows 8 Pro, Win TV 950(USB), Pioneer BR.
Server: AMD Phenom X4 945 @ 3.0Ghz, MSI 790FX-GD70, 16gb ddr3 RAM @ 1333mhz, 2TB Seagate HDD, 64GB Patriot SSD, Asus Silent Gefore 210
The Green machine: AMD Sempron 145EE Unlocked and OC'd to 4.1Ghz, Gigabyte GD970A-DS3, 8GB ram @ 1600mhz, Nvidia 550Ti, Thermaltake BlueOrb, Antec EW385
Samsung Galaxy Nexus, Paranoid Android 4.2 Rom http://www.speedtest...d/315465831.png
Lenovo W520 CTO Intel i7-2620m, 8GB Patriot ram @ 1333Mhz, Nvidia Quadro 1000m with 2GB GDRR3, Plextor M3 256GB SSD, 1080P wide color display, Windows 8 Pro
Media Center: Intel Core i5 760 @ 3.1Ghz, 4GB DDR3, Corsair GS600PSU, EVGA Geforce 550ti, EVGA P55 SLI, 3x 1TB raid 5, 1x 1TB boot drive, Windows 8 Pro, Win TV 950(USB), Pioneer BR.
Server: AMD Phenom X4 945 @ 3.0Ghz, MSI 790FX-GD70, 16gb ddr3 RAM @ 1333mhz, 2TB Seagate HDD, 64GB Patriot SSD, Asus Silent Gefore 210
The Green machine: AMD Sempron 145EE Unlocked and OC'd to 4.1Ghz, Gigabyte GD970A-DS3, 8GB ram @ 1600mhz, Nvidia 550Ti, Thermaltake BlueOrb, Antec EW385
Samsung Galaxy Nexus, Paranoid Android 4.2 Rom http://www.speedtest...d/315465831.png
#14
chingching
- Member
-
- Group: Members
- Posts: 11
- Joined: 20-November 10
Posted 10 June 2012 - 04:14 PM
waldojim, on 10 June 2012 - 02:54 PM, said:
chingching, on 10 June 2012 - 01:16 PM, said:
I don't understand how this would be relevant to a site that uses a 5 minute time out after three or so failed attempts? How is it possible that they can download the entire site and try to crack it offline?
Easy, they exploit a known vulnerability to gain access to the site, hit up the database with the passwords, which probably has next to no security internally, or worse yet, hasn't been patched in years. Then they download the entire password database. Once done, they get to take their sweet time cracking the passwords at home, knowing that the company will stall as long as they can before admitting they had a problem.
o.k. Assuming I cannot patch, or don't know about a known vulnerability, I have sites on a shared hosting plan. I have Passwords stored in a mysql database. My hosting provider has a brute force attack lock down for 15 minutes, (I think about 6 or less tries) at which time they could again try attacking my databse. How vulnerable would you think my site is? Would a "super" password for the database be enough?
#15
chingching
- Member
-
- Group: Members
- Posts: 11
- Joined: 20-November 10
Posted 10 June 2012 - 04:16 PM
chingching, on 10 June 2012 - 04:14 PM, said:
waldojim, on 10 June 2012 - 02:54 PM, said:
chingching, on 10 June 2012 - 01:16 PM, said:
I don't understand how this would be relevant to a site that uses a 5 minute time out after three or so failed attempts? How is it possible that they can download the entire site and try to crack it offline?
Easy, they exploit a known vulnerability to gain access to the site, hit up the database with the passwords, which probably has next to no security internally, or worse yet, hasn't been patched in years. Then they download the entire password database. Once done, they get to take their sweet time cracking the passwords at home, knowing that the company will stall as long as they can before admitting they had a problem.
o.k. Assuming I cannot patch, or don't know about a known vulnerability, I have sites on a shared hosting plan. I have Passwords stored in a mysql database. My hosting provider has a brute force attack lock down for 15 minutes, (I think about 6 or less tries) at which time they could again try attacking my databse. How vulnerable would you think my site is? Would a "super" password for the database be enough?
And p.s. wouldn't they need to know besides that, the name of my database, and the username. (That information I have stored in php files)
#16
waldojim
- Elite
-
- Group: Members
- Posts: 15,079
- Joined: 29-October 08
- Location:Texas
Posted 10 June 2012 - 04:37 PM
chingching, on 10 June 2012 - 04:14 PM, said:
o.k. Assuming I cannot patch, or don't know about a known vulnerability, I have sites on a shared hosting plan. I have Passwords stored in a mysql database. My hosting provider has a brute force attack lock down for 15 minutes, (I think about 6 or less tries) at which time they could again try attacking my databse. How vulnerable would you think my site is? Would a "super" password for the database be enough?
They don't attack your SQL login. They don't have to. Google "SQL buffer overflow", or "known SQL vulnerabilities". People use weaknesses in the SQL server itself to gain access, no password needed.
"There is a cult of ignorance in the United States, and there always has been. The strain of anti-intellectualism has been a constant thread winding its way through our political and cultural life, nurtured by the false notion that democracy means that 'my ignorance is just as good as your knowledge.'" -- Isaac Asimov
Lenovo W520 CTO Intel i7-2620m, 8GB Patriot ram @ 1333Mhz, Nvidia Quadro 1000m with 2GB GDRR3, Plextor M3 256GB SSD, 1080P wide color display, Windows 8 Pro
Media Center: Intel Core i5 760 @ 3.1Ghz, 4GB DDR3, Corsair GS600PSU, EVGA Geforce 550ti, EVGA P55 SLI, 3x 1TB raid 5, 1x 1TB boot drive, Windows 8 Pro, Win TV 950(USB), Pioneer BR.
Server: AMD Phenom X4 945 @ 3.0Ghz, MSI 790FX-GD70, 16gb ddr3 RAM @ 1333mhz, 2TB Seagate HDD, 64GB Patriot SSD, Asus Silent Gefore 210
The Green machine: AMD Sempron 145EE Unlocked and OC'd to 4.1Ghz, Gigabyte GD970A-DS3, 8GB ram @ 1600mhz, Nvidia 550Ti, Thermaltake BlueOrb, Antec EW385
Samsung Galaxy Nexus, Paranoid Android 4.2 Rom http://www.speedtest...d/315465831.png
Lenovo W520 CTO Intel i7-2620m, 8GB Patriot ram @ 1333Mhz, Nvidia Quadro 1000m with 2GB GDRR3, Plextor M3 256GB SSD, 1080P wide color display, Windows 8 Pro
Media Center: Intel Core i5 760 @ 3.1Ghz, 4GB DDR3, Corsair GS600PSU, EVGA Geforce 550ti, EVGA P55 SLI, 3x 1TB raid 5, 1x 1TB boot drive, Windows 8 Pro, Win TV 950(USB), Pioneer BR.
Server: AMD Phenom X4 945 @ 3.0Ghz, MSI 790FX-GD70, 16gb ddr3 RAM @ 1333mhz, 2TB Seagate HDD, 64GB Patriot SSD, Asus Silent Gefore 210
The Green machine: AMD Sempron 145EE Unlocked and OC'd to 4.1Ghz, Gigabyte GD970A-DS3, 8GB ram @ 1600mhz, Nvidia 550Ti, Thermaltake BlueOrb, Antec EW385
Samsung Galaxy Nexus, Paranoid Android 4.2 Rom http://www.speedtest...d/315465831.png
#17
waldojim
- Elite
-
- Group: Members
- Posts: 15,079
- Joined: 29-October 08
- Location:Texas
Posted 10 June 2012 - 04:39 PM
chingching, on 10 June 2012 - 04:16 PM, said:
And p.s. wouldn't they need to know besides that, the name of my database, and the username. (That information I have stored in php files)
http://www.pantz.org...qlcommands.html
List all databases on the sql server.
mysql> show databases;
Switch to a database.
mysql> use [db name];
Dump all databases for backup. Backup file is sql commands to recreate all db's.
# [mysql dir]/bin/mysqldump -u root -ppassword --opt >/tmp/alldatabases.sql
"There is a cult of ignorance in the United States, and there always has been. The strain of anti-intellectualism has been a constant thread winding its way through our political and cultural life, nurtured by the false notion that democracy means that 'my ignorance is just as good as your knowledge.'" -- Isaac Asimov
Lenovo W520 CTO Intel i7-2620m, 8GB Patriot ram @ 1333Mhz, Nvidia Quadro 1000m with 2GB GDRR3, Plextor M3 256GB SSD, 1080P wide color display, Windows 8 Pro
Media Center: Intel Core i5 760 @ 3.1Ghz, 4GB DDR3, Corsair GS600PSU, EVGA Geforce 550ti, EVGA P55 SLI, 3x 1TB raid 5, 1x 1TB boot drive, Windows 8 Pro, Win TV 950(USB), Pioneer BR.
Server: AMD Phenom X4 945 @ 3.0Ghz, MSI 790FX-GD70, 16gb ddr3 RAM @ 1333mhz, 2TB Seagate HDD, 64GB Patriot SSD, Asus Silent Gefore 210
The Green machine: AMD Sempron 145EE Unlocked and OC'd to 4.1Ghz, Gigabyte GD970A-DS3, 8GB ram @ 1600mhz, Nvidia 550Ti, Thermaltake BlueOrb, Antec EW385
Samsung Galaxy Nexus, Paranoid Android 4.2 Rom http://www.speedtest...d/315465831.png
Lenovo W520 CTO Intel i7-2620m, 8GB Patriot ram @ 1333Mhz, Nvidia Quadro 1000m with 2GB GDRR3, Plextor M3 256GB SSD, 1080P wide color display, Windows 8 Pro
Media Center: Intel Core i5 760 @ 3.1Ghz, 4GB DDR3, Corsair GS600PSU, EVGA Geforce 550ti, EVGA P55 SLI, 3x 1TB raid 5, 1x 1TB boot drive, Windows 8 Pro, Win TV 950(USB), Pioneer BR.
Server: AMD Phenom X4 945 @ 3.0Ghz, MSI 790FX-GD70, 16gb ddr3 RAM @ 1333mhz, 2TB Seagate HDD, 64GB Patriot SSD, Asus Silent Gefore 210
The Green machine: AMD Sempron 145EE Unlocked and OC'd to 4.1Ghz, Gigabyte GD970A-DS3, 8GB ram @ 1600mhz, Nvidia 550Ti, Thermaltake BlueOrb, Antec EW385
Samsung Galaxy Nexus, Paranoid Android 4.2 Rom http://www.speedtest...d/315465831.png
#18
chingching
- Member
-
- Group: Members
- Posts: 11
- Joined: 20-November 10
Posted 10 June 2012 - 06:14 PM
waldojim, on 10 June 2012 - 04:39 PM, said:
chingching, on 10 June 2012 - 04:16 PM, said:
And p.s. wouldn't they need to know besides that, the name of my database, and the username. (That information I have stored in php files)
http://www.pantz.org...qlcommands.html
List all databases on the sql server.
mysql> show databases;
Switch to a database.
mysql> use [db name];
Dump all databases for backup. Backup file is sql commands to recreate all db's.
# [mysql dir]/bin/mysqldump -u root -ppassword --opt >/tmp/alldatabases.sql
O.K. I believe you, but then as being on a shared web hosting service, I can do nothing about MySql vulnerabilities, so is doing what the article suggests, hashing, adding a salt, about the only thing you can do? BTW, would they also be able to download my sites (php files)? They would then need to hack into the FTP server? Is that just as vulnerable?
Thanks,
#19
crosswordbob
- Veteran
-
- Group: Members
- Posts: 5,031
- Joined: 25-June 10
Posted 10 June 2012 - 06:32 PM
chingching, on 10 June 2012 - 06:14 PM, said:
waldojim, on 10 June 2012 - 04:39 PM, said:
chingching, on 10 June 2012 - 04:16 PM, said:
And p.s. wouldn't they need to know besides that, the name of my database, and the username. (That information I have stored in php files)
http://www.pantz.org...qlcommands.html
List all databases on the sql server.
mysql> show databases;
Switch to a database.
mysql> use [db name];
Dump all databases for backup. Backup file is sql commands to recreate all db's.
# [mysql dir]/bin/mysqldump -u root -ppassword --opt >/tmp/alldatabases.sql
O.K. I believe you, but then as being on a shared web hosting service, I can do nothing about MySql vulnerabilities, so is doing what the article suggests, hashing, adding a salt, about the only thing you can do? BTW, would they also be able to download my sites (php files)? They would then need to hack into the FTP server? Is that just as vulnerable?
Thanks,
This depends entirely on the content of your PHP files, and this is precisely the area in which web developers should focus their attention where it comes to security. If, for example, you have a page that can display a selection of news articles, with each article stored as a text file on your host, and with the filename specified as some request parameter, an attacker could easily construct a request that would lead to a page containing the contents of some arbitrary file from elsewhere in your file system. Indeed, this has quite often been used to persuade poorly written websites to happily deliver pages containing hashed passwords straight from the hosts' file systems. Once they have that, they can use brute-force attacks directly on their own local copies of the password hashes, entirely circumventing the attempt-limiting measures built into your host's login mechanism.
For examples, you might try http://en.wikipedia...._file_inclusion
This post has been edited by crosswordbob: 10 June 2012 - 06:35 PM
If I dispute one single point in a post, that should not be taken as an indication that I agree/disagree with any other point made by that poster or anyone else in the thread. Or anywhere else. Ever.
#20
waldojim
- Elite
-
- Group: Members
- Posts: 15,079
- Joined: 29-October 08
- Location:Texas
Posted 10 June 2012 - 07:16 PM
chingching, on 10 June 2012 - 06:14 PM, said:
waldojim, on 10 June 2012 - 04:39 PM, said:
chingching, on 10 June 2012 - 04:16 PM, said:
And p.s. wouldn't they need to know besides that, the name of my database, and the username. (That information I have stored in php files)
http://www.pantz.org...qlcommands.html
List all databases on the sql server.
mysql> show databases;
Switch to a database.
mysql> use [db name];
Dump all databases for backup. Backup file is sql commands to recreate all db's.
# [mysql dir]/bin/mysqldump -u root -ppassword --opt >/tmp/alldatabases.sql
O.K. I believe you, but then as being on a shared web hosting service, I can do nothing about MySql vulnerabilities, so is doing what the article suggests, hashing, adding a salt, about the only thing you can do? BTW, would they also be able to download my sites (php files)? They would then need to hack into the FTP server? Is that just as vulnerable?
Thanks,
There is no such thing as perfect security. If you have it exposed to the internet, it is vulnerable. That is a fact. My suggestion? Do whatever is in your power to make YOUR content less desirable. Use best practice security measures, and do everything in your power to keep your hosting company on top of updates. Make another target more inviting.
"There is a cult of ignorance in the United States, and there always has been. The strain of anti-intellectualism has been a constant thread winding its way through our political and cultural life, nurtured by the false notion that democracy means that 'my ignorance is just as good as your knowledge.'" -- Isaac Asimov
Lenovo W520 CTO Intel i7-2620m, 8GB Patriot ram @ 1333Mhz, Nvidia Quadro 1000m with 2GB GDRR3, Plextor M3 256GB SSD, 1080P wide color display, Windows 8 Pro
Media Center: Intel Core i5 760 @ 3.1Ghz, 4GB DDR3, Corsair GS600PSU, EVGA Geforce 550ti, EVGA P55 SLI, 3x 1TB raid 5, 1x 1TB boot drive, Windows 8 Pro, Win TV 950(USB), Pioneer BR.
Server: AMD Phenom X4 945 @ 3.0Ghz, MSI 790FX-GD70, 16gb ddr3 RAM @ 1333mhz, 2TB Seagate HDD, 64GB Patriot SSD, Asus Silent Gefore 210
The Green machine: AMD Sempron 145EE Unlocked and OC'd to 4.1Ghz, Gigabyte GD970A-DS3, 8GB ram @ 1600mhz, Nvidia 550Ti, Thermaltake BlueOrb, Antec EW385
Samsung Galaxy Nexus, Paranoid Android 4.2 Rom http://www.speedtest...d/315465831.png
Lenovo W520 CTO Intel i7-2620m, 8GB Patriot ram @ 1333Mhz, Nvidia Quadro 1000m with 2GB GDRR3, Plextor M3 256GB SSD, 1080P wide color display, Windows 8 Pro
Media Center: Intel Core i5 760 @ 3.1Ghz, 4GB DDR3, Corsair GS600PSU, EVGA Geforce 550ti, EVGA P55 SLI, 3x 1TB raid 5, 1x 1TB boot drive, Windows 8 Pro, Win TV 950(USB), Pioneer BR.
Server: AMD Phenom X4 945 @ 3.0Ghz, MSI 790FX-GD70, 16gb ddr3 RAM @ 1333mhz, 2TB Seagate HDD, 64GB Patriot SSD, Asus Silent Gefore 210
The Green machine: AMD Sempron 145EE Unlocked and OC'd to 4.1Ghz, Gigabyte GD970A-DS3, 8GB ram @ 1600mhz, Nvidia 550Ti, Thermaltake BlueOrb, Antec EW385
Samsung Galaxy Nexus, Paranoid Android 4.2 Rom http://www.speedtest...d/315465831.png
