-
Now That’s What I Call Gerrymandering! | Mother Jones
Impressive. Americans woke up on November 7 having elected a Democratic president, expanded the Democratic majority in the Senate, and preserved the Republican majority in the House. That’s not what they voted for, though. Most Americans voted for Democratic representation in the House. The votes are still being counted, but as of now it looks
-
RIP, Kevin O’Donnell, Jr – “ORA:CLE” and why you should read this book
This already got covered on Boing-Boing but Kevin O’Donnell, Jr died last week. He wrote a book which I found particularly formative and frankly until I read Snow Crash I did not encounter a peer for it in terms of writing that resonated with how I thought The Net – which is what we called
-
Huawei’s “functional-requirement” approach to cryptography finally gets airtime
Huawei devices support a weak password encryption algorithm. With this scheme, passwords are obfuscated and encrypted with DES, using an encryption key shared among all the affected devices. This encryption scheme does not use any password salting mechanism. As a consequence, passwords extracted from a victim’s device can be deciphered instantaneously. A Python procedure that
-
“Skype vulnerability allowing hijacking of any account if you know just the email address” – password reset vulnerability reported in the wild
Skype vulnerability allowing hijacking of any account if you know just the email address.. Here’s the original link where I’ve read about this (in Russian) – http://habrahabr.ru/post/158545/ with multiple people in the comments confirming it works and also reporting their accounts were stolen. Here’s how it works: Sign up for a new Skype account. Use
-
bcrypt’s [password] length limit is 72, not 55 #security
Quoth Solar: @alecmuffett bcrypt’s length limit is 72, not 55. The latter is an error originating from Blowfish’s 448-bit recommended maximum key size. — Solar Designer (@solardiz) November 14, 2012 I found the “55” number in some white paper but I was shocked at how hard it was to get any info on max plaintext
-
The solution to password guessability is this…
Extracts from three other posts: Password Cracking in a Nutshell The solution to guessability – even via brute force – is to get users to choose unguessable passwords; for that [see extract below]. And those passwords that they choose must most certainly be defended with the best algorithms possible on the server side to help
-
MI6: Truth in Advertising.
Full page advert for the Secret Service in Stylist Magazine this evening: I wonder where they insert the diodes?
-
Facebook Launches ‘Couples’ Pages So Users Can Chart Their Relationship # 1000 INTERNETZ FOR THE 1ST DIVORCE
HT Paul Bernal You’re in love and you want the world to know, now Facebook has created an ‘us’ page that lets you chronicle your relationship. The page combines every post, picture, and event that you have shared with your partner. It also includes your shared ‘likes’ and mutual friends. If you’re listed as “in
-
“the fairly strong password she used … was crackable by brute force alone” # wait what?
According to various accounts, Petraeus engaged in an affair with Broadwell after he left the military to become CIA chief between September 2011 and the summer of 2012, apparently breaking off the relationship around the time he discovered that Broadwell had been harassing Kelley by email. Kelley had reported the anonymous threatening email to the
-
Hot Chocolate with Pine Nuts and Pepper
Works. Surprisingly. Melt plain chocolate in a saucepan with milk and the above. Sugar to taste.