Gawker used encryption incorrectly. The odd choice of archaic DES encryption meant that the passwords they saved were all truncated to 8 characters. No matter how long your password actually was, you only had to enter the first 8 characters for it to work. So much for choosing a secure pass phrase.
This analysis is roughly 165 degrees misguided. Yes, the archaic password hash Gawker used prevented Gawker users from taking advantage of long passphrases on Gawker properties. But Gawker's properties were completely compromised anyways, so even an uncrackable passphrase wouldn't have helped you.
Meanwhile, that same archaic hash mitigated the compromise of all their password hashes, such that if you actually used a passphrase, it can't definitively be cracked from those hashes (there are obviously infinitely many passphrases that could hash to a given crypt(3) hash, only one of which would be your phrase).
Can you please elaborate on this? Exactly how did it prevent you from using a longer password? The best I can google are problems with DES ECB which encrypts in 64bit blocks but this would still allow for longer passwords, would it not? What am I missing?
DES crypt(3) isn't a block cipher. It's a (crappy) hash that uses the guts of the DES algorithm. Don't think of it like AES or Blowfish or whatever. It doesn't "encrypt" passwords. What it specific does is encrypt a single all-zeroes block using a key derived from your password. There are, for what it's worth, a lot of hashes that are --- in the heart of hearts --- block ciphers. Some of the SHA3 finalists fit that mold.
People are very confused by this whole "Gawker is using DES" narrative. But Gawker isn't "using DES"; they're using DES crypt(3), which is a construction derived from DES internals. That's not at all the same thing.
In this specific case, because DES crypt(3) is in fact a crappy hash, passphrases are irrelevant; crypt(3) truncates them to fit a DES key. The rest of the data for your passphrase is never even hitting the hash, so a stolen hash can't possibly disclose the whole passphrase.
This analysis is roughly 165 degrees misguided. Yes, the archaic password hash Gawker used prevented Gawker users from taking advantage of long passphrases on Gawker properties. But Gawker's properties were completely compromised anyways, so even an uncrackable passphrase wouldn't have helped you.
Meanwhile, that same archaic hash mitigated the compromise of all their password hashes, such that if you actually used a passphrase, it can't definitively be cracked from those hashes (there are obviously infinitely many passphrases that could hash to a given crypt(3) hash, only one of which would be your phrase).