* Posts by bish

18 posts • joined 30 May 2009

Mark Zuckerberg's Twitter and Pinterest password was 'dadada'

bish

Re: As for username and password,

Oh feck yes, this. "Security Questions" seemed utterly dumb to me back in the 90s, so I'd just mash keys for a minute and move on. Lost a few sweet usernames on decent sites when they then started requiring answers after suspicious login attempts.

0
0
bish

Re: Password strength lesson

How do salts and stored hashes protect against reused passes? I get LinkedIn's db, and find that they've only stores Zuck's hash and salt. Given he's not just any ordinary target but (a) an internationally recognisable figure with rather a lot of influence, and (b) someone who's (as of now) been known to reuse passwords, I decide he's a good target. I plug the salt into my script and bruteforce until I get a hash that matches. Huh, it's "dadada". Now I head over to a bunch of other sites and try dadada out. The salting and hashing has only protected the majority of users, because it's a PITA (and slow) to bruteforce all those salty hashes, but it hasn't actually added any (meaningful) extra protection to any individual login, and does nothing to mitigate idiot users keeping the same password for everything. Like the OP said, password reuse IS worse than weak passwords. If you find out my password for this site is 1234*, it doesn't matter too much for me since you can't use that pass to gain access to anything else of mine, and I only need to change one password to fix the breach.

NB: I accept I may be wrong or missing something here, so do let me know if that's the case. I also appreciate that I've made quite light of bruteforcing a salted hash, but a six lowercase letter password, containing only two characters, really isn't going to pose that much of a problem. My point is, if someone set out to target Zuck and the LinkedIn db had been salted and hashed, it wouldn't have made that much difference.

*[changes password]

4
0

Admin fishes dirty office chat from mistyped-email bin and then ...?

bish

No brainer

If you set yourself up as the kind of admin who redirects mail, you have to redirect it. There's nothing illegal going on, and flagging it up as a violation of company policy on computer use is obviously messy and unnecessarily complicated. The right answer is obviously to stop nannying your users and let their emails vanish into the void. Teach them how to look up email addresses and check their sent items and then just leave it the hell alone.

The implied moral quandary over being complicit in an affair between two adults is so absurdly puritanical, I can't help but wonder if the admin worked in some kind of hyper-zealous bible sales business.

1
0

Amazon WorkSpaces two years on: Are we ready for cloud-hosted Windows desktops?

bish

How much!!?

Really? Until it's (at most) half the current price, it really doesn't look like a viable product for anything other than uber-corporations with cash to burn and enormous tech teams to maintain it. The problems of managing the setup would appear to be at least as difficult as managing full fat machines, and much more complex than an in-house solution.

Just why?

1
1

Let’s re-invent small phones! Small screens! And rubber buttons!

bish

Re: Small != Small

Bravo. Better than the main article, in fact.

1
0

How exactly do you rein in a wildly powerful AI before it enslaves us all?

bish

Re: Isaac Asimov

Finally, someone mentions Asimov. Can I chuck in Banks' Minds in the Culture novels and suggest that a truly super-intelligent AI would likely be benevolent and certainly no worse a supreme overlord than our current governments? I, for one, welcome our new hive mind leaders.

1
0

Google Search head: I'm off. Yes, I told you yesterday. On Google+

bish

"our mission..and the impact it has had..cannot be overstated"

Ahem: Google's mission has cured cancer, ended world hunger, conclusively resolved all religious and nationalistic discord and finally proven that we are not alone among the stars.

As my mum always said, there's no such thing as 'cannot'.

2
0

Apple tablet will 'redefine print,' says rumor mill

bish
Stop

*snore*

"IT'S COMING AND IT'S GOING TO BE AMAZING!!!"

Except it's not coming, because it never does, and it won't be amazing, because even if it does finally appear, we'll all know everything there is to know about it LOOONG in advance and there won't be much to get excited about.

Jobs wants to make a game-changer portable computer. This has been his aim for as long as I can remember. The problem is, technology hasn't caught up to his vision, and his mortality is catching up with him. This leaves two possible outcomes:

1) This constant cycle of rumour, speculation and "this time next year" commentary will continue to add up to nothing, as Jobs keeps pulling back on going into production, because the best Apple can do still doesn't measure up to what he wants.

2) Jobs - worried he'll never see the day that cool kids with good hair iChat on their iTabs (or whatever) in Starbucks - goes ahead and launches the damn thing, but it's massively underwhelming to everyone and way too expensive, and while a few people shell out and sit in public places cooing at their overpriced gadget, most people just make do with a crappy netbook or phone, and get on with their lives.

It can't be thin enough or battery-efficient enough until someone invents fast-refresh flexible eInk, preferably with multi-touch capabilities. There have been prototypes of most of those ideas individually, but no one (that I know of) has put them all together, and certainly not affordably. It isn't likely to happen in Jobs' lifetime, and I for one wish he'd just shelve it, with detailed instructions on what he wants the Apple geeks to build when the tech is finally available. Why rush out a half-realised product? It's becoming a bit of a vanity project (like most Apple stock, I suppose).

0
0

Apple admits third of iPhone calls in New York are dropped

bish
FAIL

Hmm..

This is why, here in the UK, I've put off getting an iPhone. Sure, they're not super-magical solve-all-your-problems phones, but there's quite a few apps that would be really very useful to me, but I'm not trading that usefulness for lack of connectivity on 02 (which is rubbish in my area - a couple of friends have them and the amount of time they spend wandering round peering at their handsets, looking for a decent connection just doesn't seem worth it).

I thought about buying an iPod Touch, but that'd mean carrying around two things to break/lose/have stolen, and I've gotten used to my phone being an all-in-one. The news that the iPhone's coming to Orange is good for me, since their coverage is excellent, and my current contract runs out at the start of November.

0
0

iPhone app grabs your mobile number

bish
WTF?

Clarification?

Wait, they harvest the numbers via SMS? So are all these complaints from people who seem to have somehow forgotten sending a message to the company that makes the app? Or is the company lying? OR does the iPhone also allow apps to send SMS without the owner's approval? Because the latter would be a MUCH bigger security hole - not that the number-retrieving app isn't a big enough hole as it is... Whichever it is, I'd hope Apple addresses this soon, if they want to keep their customers.

0
0

Ageing Google supersizes its search box

bish
Thumb Down

Ugh.

Welcome to Fisher Price™'s My First Search Engine©!

It looks so retarded, I may even start using bing. Glad I wasn't the only one fiddling with zoom.

0
0

Tasered Oz man bursts into flames

bish
WTF?

@Kev K

"trust me it is a deeply unpleasant experience to me confronted by some violent, wild eyed, mouth frothing, smelly tosser high on that stuff"

Forgive me, but isn't it a police officer's JOB to confront people like that?

"being high on petrol/glue...gives the sniffer extra strength"

Patently absurd. Unbelievable silliness. Solvents may well make users FEEL stronger, but they act on the brain and certainly don't enhance muscles.

The issues here are - why did the situation so rapidly descend into one where the policemen felt they needed to break out the weaponry? Sure, he was behaving threateningly, so perhaps their actions were justified, but how they initially approached the suspect is unreported, and may have made all the difference (or not - not pointing fingers). Secondly, what reasoning led to employing a taser on a man with petrol? Did they have guns and did they consider using them? A well aimed disarming shot would've been a lot safer, since the likelihood of bullets igniting fuel is incredibly slim, despite what Hollywood and Mr O'Callaghan's suggest. And was it really out of the question to attempt to wrestle him to the ground? I'm assuming he had the petrol for sniffing, not burning himself to a crisp, so was it really reasonable to assume he'd use the lighter?

The fact that drug-crazed-crazies can be a bit intimidating is neither here nor there - if you panic as soon as someone threatens you, get a job in an office, not one of the forces.

0
0

Cyber security minister ridiculed over s'kiddie hire plan

bish
FAIL

As if further incentive were needed...

s'kiddies, and other nefarious 'cyber-criminals' (good god, when was the last time anyone outside the government used the word 'cyber' with a straight face? 96?) do their dodgy deeds for a variety of reasons - a sense of achievement, to boost their rep, and most commonly to earn a bit of dirty money.

None of those reasons is going to just go away, so why give baby geeks yet another incentive to turn to the dark side? Why not just run a recruitment ad - "Bored? Talented? Become a network bandit, get caught, and get a job working for the Ministry!" - I dare say they might get some of the less useless ones that way, too.

0
0

US city ends FaceSpaceGooHoo log-in grab

bish
Thumb Down

Madness

I've heard of checking out prospective employees on social sites, but demanding their login info when they accept a job? Hello, human rights?

Obviously local government in Bozeman just goes ahead and does stuff without actually stopping and working out whether their schemes are legal, responsible or useful.

What were they going to do with all those details (apart from probably not keep them secure)? Spam social networks with Bozeman tourism ads? Or just invade their employees privacy whenever they choose?

I hope they get a good slapping for even thinking of doing this, never mind putting it into practice. They'll probably just get nice jobs at MiniTrue.

0
0

Stilt-walking Cirque du Soleil founder turns space tourist

bish
Stop

Clear as muddy water...

"And the purpose is clear: to raise awareness on water issues to humankind on planet earth."

Which water issues do you suppose he means? As far as I'm aware, it ain't running out any time soon...

Aren't there more pressing environmental matters? And aren't they rather compounded by the frivolous burning of rocket fuel?

0
0

Apple confirms $1bn data center

bish
Thumb Down

Perdue's kidding himself...

...If he thinks a DATA CENTRE is going to create 250 jobs for locals. I thought 50 sounded a bit optimistic. And he seriously thinks Apple will employ the locals for REPAIR!???

Talk about a sucker...

0
0

Hackintosher to open US storefront

bish
Thumb Down

But...

Regarding the OS-less system + OS X disk model Allan Rutland and others have suggested - to run OS X on a Dell, or any other non-Apple computer, I thought you had to first modify the actual kernel? Unless I'm mistaken, I don't see how he could sell copies of OS X modified to run on his computers without seriously violating both the EULA and copyright law.

0
0

Microsoft breaks Windows 7 three-apps netbook handicap

bish
Linux

Wait...

...so, you pay less, and in return you get a slimmed-down version of Win7, without all the bloatware but otherwise fully functional?

Somehow, I'd expect to pay more...

0
0

Forums