I think the people who are most guilty of this are the "geeks." I see a lot of this stuff happen all the time, where the computer literate attempts to make a simple concept much more difficult in effort to make themselves look good.
It pisses me off when people choose to explain otherwise simple concepts in very complicated terms. Then, you have to deal with the aftermath, where people are so convinced that computers are a difficult thing.
I was explaining a rackmount chassis to my girlfriend, and she kept saying, "I don't know anything about computers." I kept telling her, "What I'm talking about has virtually nothing to do with computers. I'm talking about a metal box that you screw to a rack. You know what a closet is, and a shoebox, just listen to what I'm saying."
Took me forever to break down the computer==difficult wall, but she finally will actually listen, and understand that it really isn't all that difficult.
Yes, I think it is;) I suspect it will defeat only the casual attacker. It might also lead, as I mentioned, to weaker security through a *false* sense of security.
One thing you are missing is the ease of changing the passphrases. Also, if the algo was hash(passphrase + hash(password)) knowing the password (dns hostname) wouldn't reveal anything unless you knew the passphrase as well. You could try to bruteforce passphrases, but considering how long those could be, you would most likely not succeed. However, hashing something like that doesn't actually "work" for mental-math.
As for the PDA/Cell stuff, they have them. Devices that maintain a private/public key generation sequence based on time (I'm not sure what algo they use) and display the random numbers for you on an LCD.
I think what you missed in my initial design that it does result in stronger passwords because you can share passwords amongst multiple people and if one of those people is no longer trusted a simple passphrase change will lock them out. If you do the algo right, having the seed won't be particularly effective. It still is a crib, but it's hard to have people who used to work for you not have one. I was just using that as an example though, I doubt I would actually do that in practice.
It took me a few seconds to decode this. I think you mean "voila!":)
What started out as a joke, turned into a nasty habit. I didn't even catch that I did that...
You pick a passphrase that you use for all of your systems. You then pick a unique seed for each system. Then, you do some quick mental math on it (pick an algo of your choice, just make it simple) and then you have the effective security of two passwords + unknown algorithm. It will make all of your passwords invulnerable to dictionary attacks (unless a rare circumstance has your resulting password being "password" or something)
For example, if you have a pass phrase of "MYBOXISSECURE" then you can use the box name as a seed, lets call the box "DEBIAN" and have the algorithm block the seed and then subtract, modulo 26.
MYBOXISSECURE DEBIANDEBIAND ------------- I'm too tired to do this and I'm on my windows sytem without perl.
Then reverse it or something. Walla! Pseudo-random passwords. Works great, and after a few times you will memorize the keystrokes and you won't need to do it by hand. You can even have a standard system for the passphrases amongst an entire group for the root password, so each system can have a different root password that everybody can just figure out as long as they know the passphrase. In addition, if you want to remove someone from the loop, just change the passphrases and redistribute to the trusted source.
It's a hack solution for the weak-password problem.
The liberal usage of "dis" (in disadvanteged, and disenhanced) has caused irreperable harm to my clients, Mr. Zero and Mrs. Virtual. Heretofor, in the great county of Los Angeles, we will be pursuing legal actions against you for your transgressions.
In addition to this release, Mr. Zero wishes it to be known that he is not disadvantaged, but "Differently Positive." Mrs. Virtual wishes it to be known that she is not disenhanced, but "Differently Enhanced."
It's important to note, and understand, that because an individual is different than you, that they still maintain an important and vital role in society that cannot be filled by someone without their unique abilities. These are differently-abled people, and deserve to be treated like the unique individuals they are.
We can settle out of tort for $1,000,000USD to be transferred to my Nigerian bank account so my children can immediately extract it.
The beauty of CSS is that it can look different just by linking to a different stylesheet. If you read the full article, you would note he did make an alternate layout. It was sort of a mix between games and the traditional green, and wasn't exactly pretty. I don't think the idea was for it to be pretty, just to be "different."
Nope. There are plenty of laissez-faire right wingers and "libertarians" in the USA who think it would be good idea to let companies screw everyone thay can without restriction, and let the poor rot in the streets where they fall.
Oh no! Because I think that people should be accountable for their own personal actions I believe that big business should operate with whatever they want.
Fuck man, I think this takes the cake for putting words into someones mouth. Good job! Jackass.
Yes. That's why drugs and gambling should be legalised and heavily regulated - regulated because they can and do mess peoples lives up.
Am I the only person who believes this notion is wrong?
If you can't watch your own back, why does the government need to? Sure, it affects the other peoples lives... but don't marry some asshole with a gambling or drug addiction.
I'm amazed that humanity has developed to this point. 300 years ago our ancestors would kick our asses because of our societal problems.
I would agree on CUPS, until I had an issue. A CUPS processing was segfaulting because the gimp-print backend was failing. That was a gimp-print issue, because it shouldn't have been failing... riiight.
Any software product that segfaults because a backend system fails isn't a good software product. When reported, being told off, also isn't a good way to gain customers. I would have purchased the full version if Michael wasn't such a jackass about the whole thing.
Add that onto UserLinux, the ability to be helpful (or even saying, Not My Problem) without being a complete and utter asshole.
Anytime, anywere... as long as the game is played using the traditional time rules. Nobody even tries to play against the top computers in 5-10 minutes per player games. Even the top players get smashed.
They just need to use hardware as old as the opponent to make it a bit more fair. I can beat a 386 in a 5 minute game no problem, just by using a few no-fail techniques.
My point was simply that having to put up with assholes is a bad thing. The world would be better if we were all nice to each other, stopped war and poverty, had good skin, and smelled like roses. And I had a lot of money.
I just disagree that it's a bad thing. Assholes are inherent in the system. Not dealing with assholes will leave you ill-prepared for several other categories important moments in life.
The fact that there are assholes means that we need to learn to deal with them effectively, and the earlier we do, the better.
I just have to blame these kids' parents. The parents are saying, "Don't deal with it." That's dangerous.
No, a 12 year old should not have to deal with this stuff, but they do have to deal with it.
Why not? It's not a big deal. It's a big deal because everybody is telling them it's a big deal and it's wrong. Welcome to life, it's not fair, but you can get off at any time.
Because guess what? I deal with assholes today, too, just like 15 years ago. I expect to deal with them 15 years from now. Putting up with those kids back then trained me for today.
Exactly. Removing bullying from schools will just make people less apt to deal with bullying when the faculty doesn't exist.
The most important lessons to learn take place before you are 18. One of the biggest is that there is always someone who can beat your ass. Maybe in tech, maybe in fighting, maybe in both. Deal with it.
I'm with you. This shit is just over-sensitized, ridalin fed, drama-queen bullshit. These kids need a good old fashioned Burt Reynolds style ass-whooping to understand what bullying is. What happened to writing, "For a good time call 555-1212" on the bathroom walls after finding some asshats phone number somewhere? That was bullying. This isn't bullying.
"How many guys did you have sex with?" What the fuck? You think that's bullying? I'm sorry, but having that written on the blackboard before your class is much worse, and I've seen that. That guy didn't cry, he chuckled and asked who wanted to hook up with him.
Just keep taking your valium, ridalin, and talking to your therapist while I spend your social security!
Anyway, that wasn't my main point. My main point was that many of the young people in these countries are excelling in the computer world to a degree that is far beyond people in this country -- that's my observation anyway....
It is true. And because they excelling past domestic workers, and also providing their services cheaper than domestic workers can provide, they are getting the contracts. People just don't like it when it happens to them (Not in my backyard!) so they think the companies are somehow obligated to keep the domestic workers.
Theirs is producing good workers because they have drive. In their case it's usually to get the hell out of the country.
Wrong. Most people love the country they live in and came from, but they want a better life there. I knew a man who was Moroccan, went to school in England and eventually became a professor and lived a great life.
That argument doesn't hold water when you account for the penetration of computers into the lives of those 5.7 billion vs. our 300 million.
Please, just leave America for a couple months. Just go around and see the world. You know why Indians are busting American IT workers balls open? No? Well, go there and find out.
Sshhh, you read the article and realized that the Slashdot summary was much more sensational. The only proof that it was a single gang is that the mis-spelling were the same. The best "proof" provided was from Cleatis.
Slashdot Mirror
I think his terminology was incorrect. I think what he was saying is that it's a stock linux kernel with non-GPL'd kernel drivers.
I think the people who are most guilty of this are the "geeks." I see a lot of this stuff happen all the time, where the computer literate attempts to make a simple concept much more difficult in effort to make themselves look good.
It pisses me off when people choose to explain otherwise simple concepts in very complicated terms. Then, you have to deal with the aftermath, where people are so convinced that computers are a difficult thing.
I was explaining a rackmount chassis to my girlfriend, and she kept saying, "I don't know anything about computers." I kept telling her, "What I'm talking about has virtually nothing to do with computers. I'm talking about a metal box that you screw to a rack. You know what a closet is, and a shoebox, just listen to what I'm saying."
Took me forever to break down the computer==difficult wall, but she finally will actually listen, and understand that it really isn't all that difficult.
I think you forgot 3,
3. Getting mosted people to do what you wish them to do.
Yes, I think it is ;) I suspect it will defeat only the casual attacker. It might also lead, as I mentioned, to weaker security through a *false* sense of security.
:)
One thing you are missing is the ease of changing the passphrases. Also, if the algo was hash(passphrase + hash(password)) knowing the password (dns hostname) wouldn't reveal anything unless you knew the passphrase as well. You could try to bruteforce passphrases, but considering how long those could be, you would most likely not succeed. However, hashing something like that doesn't actually "work" for mental-math.
As for the PDA/Cell stuff, they have them. Devices that maintain a private/public key generation sequence based on time (I'm not sure what algo they use) and display the random numbers for you on an LCD.
I think what you missed in my initial design that it does result in stronger passwords because you can share passwords amongst multiple people and if one of those people is no longer trusted a simple passphrase change will lock them out. If you do the algo right, having the seed won't be particularly effective. It still is a crib, but it's hard to have people who used to work for you not have one. I was just using that as an example though, I doubt I would actually do that in practice.
It took me a few seconds to decode this. I think you mean "voila!"
What started out as a joke, turned into a nasty habit. I didn't even catch that I did that...
A good method: Easy mental ciphers.
m too tired to do this and I'm on my windows sytem without perl.
You pick a passphrase that you use for all of your systems. You then pick a unique seed for each system. Then, you do some quick mental math on it (pick an algo of your choice, just make it simple) and then you have the effective security of two passwords + unknown algorithm. It will make all of your passwords invulnerable to dictionary attacks (unless a rare circumstance has your resulting password being "password" or something)
For example, if you have a pass phrase of "MYBOXISSECURE" then you can use the box name as a seed, lets call the box "DEBIAN" and have the algorithm block the seed and then subtract, modulo 26.
MYBOXISSECURE
DEBIANDEBIAND
-------------
I'
Then reverse it or something. Walla! Pseudo-random passwords. Works great, and after a few times you will memorize the keystrokes and you won't need to do it by hand. You can even have a standard system for the passphrases amongst an entire group for the root password, so each system can have a different root password that everybody can just figure out as long as they know the passphrase. In addition, if you want to remove someone from the loop, just change the passphrases and redistribute to the trusted source.
It's a hack solution for the weak-password problem.
(where did i left my tinfoil hat?)
It's right over here.
(That was so horrible I couldn't pass it up, my apologies)
I fear that the average tech person is as blind as you are.
Pool messages, read when available, then let them queue up again.
Eghads! You mean... taking responsibility and not being a slave to the device? Holy hell, what is this world coming to? Personal accountability?
Nope, that's right out. Just blame the tools and not the people for using them in the way that best suits them.
The liberal usage of "dis" (in disadvanteged, and disenhanced) has caused irreperable harm to my clients, Mr. Zero and Mrs. Virtual. Heretofor, in the great county of Los Angeles, we will be pursuing legal actions against you for your transgressions.
In addition to this release, Mr. Zero wishes it to be known that he is not disadvantaged, but "Differently Positive." Mrs. Virtual wishes it to be known that she is not disenhanced, but "Differently Enhanced."
It's important to note, and understand, that because an individual is different than you, that they still maintain an important and vital role in society that cannot be filled by someone without their unique abilities. These are differently-abled people, and deserve to be treated like the unique individuals they are.
We can settle out of tort for $1,000,000USD to be transferred to my Nigerian bank account so my children can immediately extract it.
I think "RIAA" and "Consumer" would work, also. And my mom wouldn't object to that term, but she likely wouldn't understand the reference.
Man, I did walk right into that. Next time I talk about unlikely events, I'll say "*looks around*".
Well played.
The beauty of CSS is that it can look different just by linking to a different stylesheet. If you read the full article, you would note he did make an alternate layout. It was sort of a mix between games and the traditional green, and wasn't exactly pretty. I don't think the idea was for it to be pretty, just to be "different."
Hell just froze over.
Brr.
Nope. There are plenty of laissez-faire right wingers and "libertarians" in the USA who think it would be good idea to let companies screw everyone thay can without restriction, and let the poor rot in the streets where they fall.
Oh no! Because I think that people should be accountable for their own personal actions I believe that big business should operate with whatever they want.
Fuck man, I think this takes the cake for putting words into someones mouth. Good job! Jackass.
Yes. That's why drugs and gambling should be legalised and heavily regulated - regulated because they can and do mess peoples lives up.
Am I the only person who believes this notion is wrong?
If you can't watch your own back, why does the government need to? Sure, it affects the other peoples lives... but don't marry some asshole with a gambling or drug addiction.
I'm amazed that humanity has developed to this point. 300 years ago our ancestors would kick our asses because of our societal problems.
I would agree on CUPS, until I had an issue. A CUPS processing was segfaulting because the gimp-print backend was failing. That was a gimp-print issue, because it shouldn't have been failing... riiight.
Any software product that segfaults because a backend system fails isn't a good software product. When reported, being told off, also isn't a good way to gain customers. I would have purchased the full version if Michael wasn't such a jackass about the whole thing.
Add that onto UserLinux, the ability to be helpful (or even saying, Not My Problem) without being a complete and utter asshole.
Anytime, anywere... as long as the game is played using the traditional time rules. Nobody even tries to play against the top computers in 5-10 minutes per player games. Even the top players get smashed.
They just need to use hardware as old as the opponent to make it a bit more fair. I can beat a 386 in a 5 minute game no problem, just by using a few no-fail techniques.
My point was simply that having to put up with assholes is a bad thing. The world would be better if we were all nice to each other, stopped war and poverty, had good skin, and smelled like roses. And I had a lot of money.
I just disagree that it's a bad thing. Assholes are inherent in the system. Not dealing with assholes will leave you ill-prepared for several other categories important moments in life.
The fact that there are assholes means that we need to learn to deal with them effectively, and the earlier we do, the better.
I just have to blame these kids' parents. The parents are saying, "Don't deal with it." That's dangerous.
No, a 12 year old should not have to deal with this stuff, but they do have to deal with it.
Why not? It's not a big deal. It's a big deal because everybody is telling them it's a big deal and it's wrong. Welcome to life, it's not fair, but you can get off at any time.
Because guess what? I deal with assholes today, too, just like 15 years ago. I expect to deal with them 15 years from now. Putting up with those kids back then trained me for today.
Exactly. Removing bullying from schools will just make people less apt to deal with bullying when the faculty doesn't exist.
The most important lessons to learn take place before you are 18. One of the biggest is that there is always someone who can beat your ass. Maybe in tech, maybe in fighting, maybe in both. Deal with it.
I'm with you. This shit is just over-sensitized, ridalin fed, drama-queen bullshit. These kids need a good old fashioned Burt Reynolds style ass-whooping to understand what bullying is. What happened to writing, "For a good time call 555-1212" on the bathroom walls after finding some asshats phone number somewhere? That was bullying. This isn't bullying.
"How many guys did you have sex with?" What the fuck? You think that's bullying? I'm sorry, but having that written on the blackboard before your class is much worse, and I've seen that. That guy didn't cry, he chuckled and asked who wanted to hook up with him.
Just keep taking your valium, ridalin, and talking to your therapist while I spend your social security!
Anyway, that wasn't my main point. My main point was that many of the young people in these countries are excelling in the computer world to a degree that is far beyond people in this country -- that's my observation anyway....
It is true. And because they excelling past domestic workers, and also providing their services cheaper than domestic workers can provide, they are getting the contracts. People just don't like it when it happens to them (Not in my backyard!) so they think the companies are somehow obligated to keep the domestic workers.
Theirs is producing good workers because they have drive. In their case it's usually to get the hell out of the country.
Wrong. Most people love the country they live in and came from, but they want a better life there. I knew a man who was Moroccan, went to school in England and eventually became a professor and lived a great life.
And retired in Morocco.
That argument doesn't hold water when you account for the penetration of computers into the lives of those 5.7 billion vs. our 300 million.
Please, just leave America for a couple months. Just go around and see the world. You know why Indians are busting American IT workers balls open? No? Well, go there and find out.
Go back to the back of the class and try again.
Go back and read my post, monkey.
His name was "Cleatis" not "Cleatus", proving I at least read and paid attention.
Sshhh, you read the article and realized that the Slashdot summary was much more sensational. The only proof that it was a single gang is that the mis-spelling were the same. The best "proof" provided was from Cleatis.
The only problem the ipod has is that it's non-free.
Most people in a capitalist society would call that a feature.