Releasing rainbow tables to accelerate Net-NTLMv1 protocol deprecation

https://cloud.google.com/blog/topics/threat-intelligence/net-ntlmv1-deprecation-rainbow-tables

32•linolevan•1h ago

Comments

ubuntulover2011•1h ago

pretty cool

postepowanieadm•1h ago

Can't wait for someone to decide one of protocols used by google needs to be deprecated.

bawolff•1h ago

Plenty of protocols used by google over the years have been deprecated. The difference being that google actually stops using insecure protocols when they are discovered to be insecure instead of trying to sweep things under the rug.

Keep in mind we are talking about a protocol from 1987. How many protocols from 1987 is google currently using?

schmuckonwheels•57m ago

Google does whatever is convenient and makes them money. Altruism was never part of the equation.

bawolff•52m ago

Sure. Not being hacked is good for business.

Keep in mind that google is primarily a cloud business. That means that they take on a lot more of a risk, as when they are hacked its a them problem vs traditional software where its much more the customer's problem. Security is very much about incentives, and the incentives line up better for google to do the right thing.

schmuckonwheels•47m ago

It's more about when Google assumed full control of the cloud, the browser, the OS, and everything in between they self-appointed themselves as the unelected standards board of the Internet, and forced everyone else to follow their whims and timelines. Some of which are completely insane.

Retr0id•1h ago

Well, you'll be waiting 20 years or so post-deprecation if you want an equivalent timeline.

schmuckonwheels•1h ago

Google thrives on being the Internet's biggest bully.

It turns out when nerds get a billion dollars they like being bullies too.

aunty_helen•1h ago

> under 12 hours using consumer hardware costing less than $600 USD

Great, so someone with half a motherboard can break this hash

schmuckonwheels•1h ago

"To demonstrate how crappy most front door locks are, to boost our company's social media cred we will be leaving drills and a dish of bump keys at the entrance of the neighborhood."

bigfatkitten•58m ago

NTLMv1 rainbow tables have been available for 15-20 years. The only thing new is that Google are publishing theirs.

throawayonthe•11m ago

you say that like it's a negative analogy

observationist•49m ago

This empowers script kiddies, but not significantly moreso than they already were. Of all the places this is still in use, they've been exposed for years, so this isn't likely to result in a a bunch of new exploitations.

However, it's most likely to be used by governments, with legacy servers that are finicky, with filesharing set up that's impacted other computers configured for compatibility, or legacy ancient network gear or printers.

I wonder who they're pushing around, and what the motivation is?

bigfatkitten•34m ago

Mandiant is Google's incident response consulting business. Having worked for many years in that field myself (though not for Mandiant), they're probably sick of going to the same old engagements where companies have been getting owned the same way over and over again for the last 15 years.

What releases like this do is give IT ops people the ammunition they need to convince their leadership to actually spend some money on fixing systemic security problems.

Retr0id•32m ago

I suspect Mandiant hears a lot of "this is impractical to exploit so we don't care" from their clients. Now they have a compelling rebuttal to that.

TacticalCoder•49m ago

Holy smoke. I honestly thought the 90s called and wanted their Windows exploits back (TFA mentions 1999). I do remember talk about this from many moons ago.

But we are in two-thousand-twenty-FUCKING-six.

It's unbelievable. Just plain unbelievable.

1970-01-01•46m ago

They're just dumping them out as 2GB blobs onto a cloud? Where is the zippy search UI? Very lazy behavior for the hyper giant Google.

bflesch•19m ago

I wonder how the Mandiant acquisition is regarded within google.

Was it a success? Is Mandiant a cash cow or was it basically an acquihire?

The big "contact mandiant" button next to the post feels a bit like trying to stay relevant and acquire more customers.

Miyazaki's Sherlock

2026 May Be the Year of the Mega IPO

Rcarmo/rdp-HTML5: RDP web client with Golang back end

Show HN: IncidentPost – Write public incident postmortems without heavy tooling

At the phase 'build a startup cause I can't get hired, and maybe I'll get hired'

Ralph Loop Built into AWS Kiro

Landscape beneath Antarctica's icy surface revealed in unprecedented detail

Floss and Training LLMs

Californians have a new privacy tool for deleting their data

ChatGPT and Codex Are About to Get a Helluva Lot Faster

Statistical Rethinking 2026 [video]

Trump Sets Fraudster Free from Prison for a Second Time

Mothers Against Decapentaplegic

Omero: Pervasive User Interfaces in the Plan B Operating System

What are we actually rushing towards with AI?

Building a Quake PC

I Got a Job in an Awful Job Market

The Dilbert Afterlife (By Scott Alexander)

The crisis whisperer: how Adam Tooze makes sense of our bewildering age

Make boxes from dried citrus rind

PAZ O.S. – A "Bio-Civic" Alignment Framework for Ethical LLMs

FCC Poised to Exempt Amateurs from Foreign Adversary Reporting Requirements

FTC Finalizes Order Banning GM from Sharing Driver Data

Ask HN: Browser extension vs. native app for structured form filling?

IETF@40

Re: Mix: open-source repairable blender

I thought Grammarly was essential. It wasn't

I have settled on XChaCha20+Blake3 as the AE suite of choice for my projects

For profit university offers scholarship to RuneScape skill cape recipients

Show HN: Neurop Forge: Live Demo /Real AI Action