I was searching online the whole weekend for the open source software for analysis of pre-recorded video in order to retrieve events and data from recorded video but had no luck.
WTF is wrong with the editors, this is an obvious troll post with bullshit question. In about 3-seconds it takes to type open source video recording you get all the answers out of Google. Douchebag poster and double-douchebag for the editor who approved this non-story.
Slashdot is now a corporate non-story advertising medium full of shills and trolls posting fake questions to associate with text source based ad-revenue spam ads.
College can be an interesting experience if you went there right out of high-school with everyone else in the same age group and got to study new and interesting topics and enjoy your time socializing, otherwise it is likely a waste of time.
I.T. is the frontier of the business world so most of the time it is the experience that matters when it comes to interviews for senior level positions that actually pay good money. In my career I have been interviewed and have interviewed and the question of where did you go to college was only asked twice of me and that was in-passing by a curious interviewer at the end of the interviews, the answer that I dropped-out of high-school didn't matter to them at that point.
I have worked for Fortune 500 (2012) companies #16, #68, #80, #384 and others in various order and none of the interviewers that mattered for getting the job cared if I went to college or not due to the experience that I had and my performance in the interviews.
I sometimes have thoughts of of what my life would be like if I finished high-school and went to college but I always think that it is unknown if I would be better off with a college degree versus the 5-extra years of hands-on hardcore experience that I had gained instead and was able to lands jobs paying middle 6-figures at any of these companies through my interviews in the ultra-competitive and I.T. saturated NYC.
I am also sometimes interested in making-up some of the hard science education that I have missed in my high-school and would-be college years such as physics, calculus, advanced algebra, etc. but I always end up thinking that I would rather continue self-educating myself in what I find fun at the moment such as PowerShell and.NET Framework instead of going back to learning things that I think I might like but have nothing to do with my current and future jobs.
It's possible that if I went through the standard route of high-school then college that I might be doing something much more technical than Server Administration but I could also be stuck doing something much worse at some crappy company with college dept left to pay since I didn't have any means of attending college.
Two employees in our hallway got sick with serious respiratory infections and spread them to the rest of us. Since PTO is my vacation time I came in every day while I was sick because I didn't want to lose any vacation time with my family. The infections lasted 2-months and spread to other people in the department.
We work at a very large healthcare company, we have mandatory flu shots, we have a work from home policy 1-day a week, and a 2-hours in the office and rest of the day from home sick time policy. None of these did any good since we had to show up at the office or lose PTO and vacation time.
PTO is P.O.S. for the employees but great for the company who can limit complete time off from work.
Last company and industry I worked for that isn't healthcare had unlimited sick days and they were not abused because the salaried people at those levels were mature enough not to abuse them and the ones that did were dealt with swiftly in that cut-throat industry.
American policies towards employees have been degrading steadily and pushing the quality of life, work, and enjoyment down steadily.
In my years as a Windows admin I found it interesting to find out which other admins could or could not write scripts and then classify them by the level of their abilities:
- The GUI clicker Guy - The Command Line ipconfig.exe Guy - The Google for a Script Guy - The Cut-and-Paste Each Line Separately Guy - The Excel Drag-and-Fill Guy - The Search and Replace In a Script Guy - The Batch Script with No "@echo off" Guy + The For loop Guy + The Reg.exe Guy + The PsExec Guy + The 2>&1 Redirect Guy + The Pushd/Popd Guy + The Setlocal Guy + The Rundll32.exe Guy + The Findstr.exe RegEx Guy * The GnuWin32 Sed/Grep/Tee Guy * The Cygwin Guy * The Perl Guy * The VBScript Retarted Syntax Language Guy * The JScript Cool Web Language Guy * The Script Signing Certificate Guy @ The PowerShell Guy @ The PowerShell & Quest PowerGUI Guy @ The PowerShell & PowerGUI & 3rd Party Cmdlets Guy @ The PowerShell & [.NET Framework] Accessing Guy @ The PowerShell &.NET FrameWork, Activator, Marshall, Reflection, COM+, Jobs, Runspaces Guy $ The Visual Studio C, C++,.NET, API, SDK, MSDN, Compiler, Remote Debugger, Memory Dump Analyzer Guy $ Kernel Developer
The failure mode on one was file system corruption like an HDD but check disk would find problems, fix them but error out and another run would find different errors. I was able to image that one off to an Intel X25-V (Value) G1 40GB SSD then did a whole Ubuntu distro upgrade that basically overwrote pretty much all the important files on the system to downloaded good ones and that took care of the corruption and any problems from the previous hard drive. System is still running Asterisk PBX to this day without any errors surprisingly. I'm still a little amazed at how simple this recovery was and that there were no issues after distro upgrade that seemed to fix any corrupted files. I sent the failed OCZ drive back to my friends after fixing their PBX with with instructions to put a bullet through it instead of sending it for replacement, and I was being serious and literal and it is likely that they did just that.
Another failed with inaccessible and unbootable from Windows XP. The last one just kernel panicked disappeared from the BIOS completely. Both went back to OCZ for replacement and new ones showed up. I told the folks to not open the boxes and sell them on eBay and instead buy Intel X25-M or -V series drives to replace them.
OCZ Bashing
I still have a sealed OCZ Agility 1 30GB in my house and I posted it on eBay twice and nobody wants to buy it. I guess the word is out that OCZ SSD has shit for reliability. Newegg reviews are just full of failure reports. Even though Anandtech keeps reviewing these OCZ Vertex 2, 3, 4 series drives and praising them for performance I stay the hell away from OCZ as a vendor due to the massive amounts of complaints of failures people report on these.
As a side story, I also got burned by a performance grade OCZ 550W power supply with unstable 12V rail that wasn't even heavily loaded that would drop to 11V for no reason and destabilize my system causing weird behavior. Switched to Corsair TX750 after that and weirdness went away.
Intel SSDs - 3 Generations Going Strong
I still run an Intel X25-M G1 80GB in my laptop for a few years now without issues that used to be a desktop drive. I have an Intel X25-M G2 80GB at work and it's still working fine. I also have an Intel 320 (G3) 160GB as my new desktop drive andI applied the firmware upgrade to it that was available to fix that weird lock-up 8MB issue that was reported. I also have that Intel 320 40GB in my Ubuntu XbmcLive HTPC in my living room and another Intel X25-V G1 40GB in a friend's Ubuntu based Asterisk PBX system running just fine.
Love Intel for their SSD, never had an issue and I'm quite happy with them and the engineering that they did on the drives. Looking at the return numbers Intel has very low return rates for SSD, somewhere within the neighborhood of 1% and most of those were related to the two firmware bugs found, the one in the X25-M series early and the other the 320 series.
Intel 520 Series and SandForce SF-2281 Controller Firmware
There's a nice little story on Anandtech when Intel was choosing the new SandForce SF-2281controller for their Intel 520 SSD product line that they ran so many tests and did so much engineering on the drives that they came up with firmware updates that they gave to the vendor due to the issue that they discovered. Too bad that later on Intel found out that the controller can't do AES256 only AES128 encryption and it offering refunds for those that care about it.
A few years ago on a whim I bought some generic branded local supermarket Stop & Shop seafood and came up with an upper body skin rash for a month. Later looked at the label and the stuff was made in China. Later found that there was a bunch of seafood enriched with some kind of a protein additive causing such bad allergic reactions to people that show up as an upper body skin rash just like I had. I had and still have no seafood allergies at the time and ate and still eat tons of seafood at restaurants weekly and sushi of all kinds, never have any bad results.
Last few weeks I tried to expand my home diet to include more seafood and looked at my new super market chain called Kroger and found that all of their generic fish was imported from China, including freezers full of tilapia and other fish. I could not find any non-generic seafood in this store that wasn't from China. Decided not to buy any this time around after I learned my lesson the last time. I had to travel to their competitor HEB to find some non-Chinese seafood and luckily found some Alaskan salmon at a hefty price.
I wish America would get it's shit together and wake the fuck up and stop importing food from China because of the horrible abuses of the environment that that country is perpetrating in the name of capitalism and profit and complete disregard for environmental and human safety as long as their shit infested products sell.
China will cut its own dick off in the name of profit and sell it to anyone willing to buy a small fried spring roll.
* Document what you think you saw and distribute to various non-alterable sources. * Inform family and friends of your situation to give them a peace of mind. * Inform your employer of an emergency situation and request time off or leave of absence. * Inform any utilities and creditors about suspension of service or cancellation. * Create a non electronic list of contacts and keep it on your person. * Print our copies your passport, identity documents and keep on your person. * Assemble your resources, money, water, food, cloths, toiletries, medications, prescriptions, firearms, etc. into a Bug Out Bag. * Store a good amount but not all money and copies of documents on your person. * Leave your primary residence for a secondary location not forgetting to power off any broadcasting electronics * Determine the adversary and their resources and speed of reaction. * Decide on the next course of action, fight or flight.
A 7-inch Android based tablet that will handle all type of content and a reader app that has a up and down gesture on the left edge to control brightness and has night mode inverted color reading mode.
I prefer to read for entertainment on my phone since I always have it with me throughout the day and I have read hundreds of fiction books like this since my first smartphone.
A smaller tablet will be better for technical reading and complex diagrams and also allow you to access references online and do lookups but be small enough to carry. I find that a full size 10 inch tablet to be too large for reading unless you view 2 pages side by side so a smaller tablet would suffice at that point.
I have been using the newest Asus Infinity tablet for almost a month and while it is great for content consumption it seems overly powered for the submitted requirement of reading.
Create a HIPAA like law for Law Enforcement gathered information ensuring privacy of information and enforce penalties against officers violating those rules and peeking around. FBI has a new system for that I hear so use them as a model.
In the healthcare sector peeking around gets you fired quite quickly.
NYC Big Apple already has a microphone system installed for detecting gun shot locations through triangulation. They also have deployed mobile raised platforms for surveillance by cameras and police personnel. They have mobile police command centers with multiple camera poles. What is so startling by the further progression of a surveillance society that the city has become?
We will soon be reading about police drones beings to record suspects and protests and soon after to target suspects and persons of interest with more than surveillance.
When will the first tear gas canister be dropped by a drone? When will the first person be shot or tasored by a police drone?
There is a reason why firearm manufacturers create parts out of single bar stock aluminum or steel metal pieces and machine them out, that is to maintain durability during firing process of the gun so it doesn't explode in your hands and injure you or worse and that it will last over repeated uses.
The most difficult part of creating the gun is the creation of the barrel with a chamber that can withstand pressures of 22,000 to 55,000 pounds-per-inch and not explode into shrapnel hurting you badly. Barrel creation is difficult and taken very seriously with many manufacturers using a magnetic particle inspection process to ensure that there are no metal weak points or fractures inside the walls of the barrels to prevent them from exploding.
Until these low priced home 3D printing machines can print out of aluminum, steel, or other metals to maintain some kind of rigidity on the parts these printed firearm pieces will just be an exercise in computer aided design and prototyping. Many of the pistols now use plastic frames
As far as legality of manufacturing your own firearm by people who are somehow restricted by law from owning one, well it's the possession and ownership that is restricted, not the creation so all possession restrictions still apply.
You can create your own firearms according to the Gun Control Act of 1968 for personal usage just not sale or distribution. If you decide to make these 3D printed firearm receivers you would have to apply for a Federal Firearms License type 7 or 10 and register your business then put serial numbers on these parts.
US BATFE (aka, ATF, BATF) Q: Is it legal to assemble a firearm from commercially available parts kits that can be purchased via internet or shotgun news?
For your information, per provisions of the Gun Control Act (GCA) of 1968, 18 U.S.C. Chapter 44, an unlicensed individual may make a “firearm” as defined in the GCA for his own personal use, but not for sale or distribution."
Saw it yesterday after the the Citrix Wow to How 3 seminar (great job on that Brad Peterson, very informative and well done presentation!). (PS: To any Slashdot geeks support Citrix, sign-up for next year to get an early preview of whatever movie is going to come out then.)
The movie was pretty good. It had a nicely flowing narrative with the main story and plenty of other side stories to keep it flowing nicely. Christian Bale performed as expected with a top notch performance, Tom Hardy did a great job as Bain showing a completely calm and serene villain standing up to anything that Batman threw at him and then outmatching him. Great performance there, hope to see more of Tom Hardy in future movies. The audio from Bain's filtered voice mask was very loud and clear and fully understandable with a very nice English accent. The mask did cover a lot of Tom Hardy's face and you really had to look down at his neck to even notice that he was actually the one talking because you can't see any movement. The performances of the other cast members were also very good with great character play.
There were of course a few plot issues and unbelievable things that you had to ignore with the police being trapped underground for 3-months and then finding out that it was only 3,000 officers. I grew up in NYC and I know that the NYPD has 36,000 officers so it was very hard to imagine so few out there in Gotham as the GPD force. That didn't jive with me. Also if you're trapped underground for 3-months without light and no access to clean water and food things don't go very well for you. Also NYC (Gotham in the movie) has so many access tunnels into the underground that it seems far fetched to be stuck down there without a way out.
Anyway, like the movie overall and am looking forward to the next set of Batman movies in the future. I don't mind this franchine being remade every few years because it attracts a lot of money from the studios and talented actors. (Heath Ledger being the most memorable, damn those Olsen twins!)
I can't add anything regarding ATI/AMD Catalyst drivers for Linux issues but I thought I'd mention results with nVidia so that someone can compare that to their experience with HTPC and ATI/AMD drivers.
Over a year ago I built an HTPC box based on Asus AT5ION-I motherboard with Intel Atom D525 (1.8 GHz 2-core + HyperThreading) and nVidia ION Next-Gen (~GT240 equivalent) video on board, 2GB of RAM, Intel X25-V 40GB SSD, and WD 1.5GB HDD. For software I used the old XBMCLive Ubuntu 9.x Linux distro that is now upgraded to Ubuntu 12.04 running XBMC. This system only consumes 50 Watts of power when running and decodes everything you can throw at it, even 8MB/s H.264 1080p with DTS or AC-3 Audio while only using 15-20% of CPU cycles on each logical core and 450MB of ram. This is all due to the VDPAU video acceleration available from the nVidia Linux drivers, currently 295.59 and always updating when new ones come up or new kernel is released since a re-compile is always required with this binary driver.
The biggest pain the arse is the recompiling of the nVidia driver every time that there is a Kernel update but the nVidia drivers work well enough with the command below that forces the re-download of a new driver, recompile, and reconfiguration. Then just killing Xorg process and starting uxlaunch service gets me back into XBMC frontend. This driver might be binary only and it might "taint" the kernel with its license but frankly it works well, every time, and never crashes. It provides video acceleration functions and decoding without any artifacts or issues.
After a year of working using this I have been super satisfied since it plays everything I throw at it, old XVid, AVI, MPEG-2, H.264, etc content without any issues and with full audio with MP3, AAC, AC3, DTS, etc.
I would be weary of going with an AMD/ATI Fusion based motherboard after having such a great experience with Intel Atom and nVidia ION. I don't wish to harp on AMD since I loved the company years ago during the Athlon days but the sour taste that I got from the Opteron Dual-Core issues with core timings going out of sync and other game strangeness I am weary of that company. Although I did buy an ATI 6950 unlocked to 6970 for $225 USD that I have been happy with in Windows 7 playing last year's games but I've been religiously downloading their monthly ATI Catalyst drivers, updated to 12.4 just today.
The amount of froth coming out of people's mouths makes me think that this is a blast from the past when Vista was being released. Lots of hate towards Microsoft and much of it very deserved.
I have no issue with going with a minimalist desktop interface, 15-years ago, when I was messing around with Windows colors to make a white-on-black theme for text to minimize the amount of ambient and useless light produced the monitor from black text on a overly white background... cough, Slashdot, cough. But today when my GPU is more powerful than my CPU for graphics processing that ship has sailed.
If Windows 8 is geared for Microsoft's entry into Mobile arena, will someone please tell them that today's Mobile devices come with some pretty powerful GPUs themselves that are able to handle shadows and gradients, even some flight blurring and transparency. Since they are putting in the OEM licensing fees at $85-95 per device they are going for the $500+ mobile device market where GPUs are going to be powerful enough to handle such graphics tasks. Are they asleep and not paying attention? Did they somehow hire some HP iPaq developers or did the Windows CE guys highjack the Windows 8 UI team.
There was something peaceful and comforting about the olden days of yore with a dark orange or green cursor blinking back at you and only the text on the screen producing output from the commands. Now these days computer display have turned into imitations of paper with light blaring out at you for no good reason. Eye fatigue does come into play after staring at all-white web site backgrounds or Explorer windows while your eyes are searching for that key piece of text you need to move on and do something.
Like many folks I skipped Vista, went from XP to 7. I'm about to hop-scotch Windows 8 the same way. Wake me up when Windows 9 comes around and some saner heads prevail in the computer display User Interface arena.
PS: If it wasn't for crappy apps that don't honor Windows colors and use their own, I could have had my white-on-black theme. Perhaps it will never happen judging from how developers refuse to re-use system defaults and standards.
...the buildings and stopping by that same Border's store mentioned above to check out some books at lunch time or being outside during the summer concert festivals sitting between the towers next to the golden globe. I miss those times. Only thing I have left from there is my green WTC ID card that has nothing on it stating it was from the WTC except for the little cartoonish logo of the two towers jutting up from a circle.
I carry it in my wallet these days to preserve the memory hoping to show it someday to someone who might be interested but so far nobody seems to care to see it even when I mention that I worked at #7 WTC when 9/11 happened but wasn't there that day since instead I was going in late to work and watched the whole thing happen on my TV from the safety of my apartment's living room overseeing the cloud of smoke spreading south towards the water.
Just as the poster above, I'm no longer working in Finance and no longer in NYC which has become a different place than I remember from that time and frankly I'm glad to be away from that Gotham City.
If you're like most people, you have a few passwords that you use over and over again on many different websites. You know this isn't secure, yet you do it anyway. Why? Because it's difficult to remember a unique password for each and every web site that requires one. Existing Solutions
Maybe you do use unique passwords, and get around the problem of remembering them by storing them in a spreadsheet or other file. Maybe you even use one of the many password managers that are available. But now you've centralized your passwords and access to them becomes difficult while at work, a friend's computer, or a public internet terminal. You can't get to your passwords without carrying them around or publishing them on the internet. Some people even carry a USB keychain with their passwords wherever they go. How inconvenient. And publishing them on the internet? Yikes! We need not even mention the security risks inherent with that solution. Even if you trust the company storing the passwords, you can be sure every hacker in the world is drooling over the prospect of accessing their database (Like the LastPass break in of May, 2011 LastPass Announcement).
Our Solution
PasswordMaker solves all of these issues. It is a small, lightweight, free, open-source tool for Internet Explorer, Firefox, Google Chrome, iPhone, Opera, PHP, Windows, OS/X, Linux, Flock, Yahoo! Widgets, Android, Python, and many other platforms & systems. It creates unique, secure passwords that are very easy for you to retrieve but no one else. Nothing is stored anywhere, anytime, so there's nothing to be hacked, lost, or stolen. PasswordMaker has been around since about 2003 and so is a mature, stable, popular solution. How It Works
Warning - technical jargon in this section!
You provide PasswordMaker two pieces of information: a "master password" -- that one, single password you like -- and the URL of the website requiring a password. Through the magic of one-way hash algorithms, PasswordMaker calculates a message digest, also known as a digital fingerprint, which can be used as your password for the website. Although one-way hash algorithms have a number of interesting characteristics, the one capitalized by PasswordMaker is that the resulting fingerprint (password) does "not reveal anything about the input that was used to generate it." 1. In other words, if someone has one or more of your generated passwords, it is computationally infeasible for him to derive your master password or to calculate your other passwords. Computationally infeasible means even computers like this won't help!
What About Portability?
For times when you must use one of the rare platforms to which PasswordMaker hasn't been ported, or are using a system where you can't install any software, there's an online version which mimics the extension and works in all web browsers new and old. No downloads or installations are required.
Since we're trading anecdotes about hard drives I personally like the Western Digital Caviar Green hard drive line and use them for external storage and had only 2-failures (one-predicted) out of ~12-drives of various sizes throughout a 5-year period or so. None of this should mean anything to anyone because this is all anecdotal evidence and Google's research paper about hard drive failures is what you should be judging failures by not Slashdot posts.
I like these slow 5400RPM or (IntelliPower Variable RPM) speed drives since I use them as floppies in my external caddies (i.e. cradles) connected with eSATA to my motherboard SATA controller. I plop them in, turn on the caddy, let the OS hot-detect the drive and mount it, I use it transfer stuff to them, then dismount them, and turn off the caddy the remove the drive sometimes while the platters are still spinning since I feel the gyroscopic effect.
The slower rotational speeds and power-saving technology prevents them from heating up so much and I still get ~75 MB/s peak transfer rates for large multi-GB files with ~50 MB/s nominal and ~30 MB/s slow rates for small files. Awesome drives and Western Digital's online Warranty check and RMA process is simple and efficient.
My drives all still have the 3-year warrant and that is fine. If the warrant suddenly drops to 1-year I'll still buy these drives for the performance and features that they offer and because they have been good to me.
Photography and related equipment questions DO NOT belong on Slashdot! There are dozens of sites that offer reviews, questions, answers, posts, and opinions. Go there and leave us computer geeks alone.
Photography opinions are akin to Religious opinions. Not to be discussed in polite company outside of their own circles.
Wasn't there are story about the Chinese telecom companies trying to get into the US telecom business last week? Wouldn't a T-Mobile buyout by a Chinese company be the next step now that AT&T lost their chance? Wouldn't the current administration which is beholden to foreign investment funds be willing to sell T-Mobile to the Chinese? Is this too far fetched to image this happening?
your master password is only as secure as the weakest website you use it on
Perhaps I am misunderstanding what you're trying to say or you misunderstood PasswordMaker's one-way hash based idea.
The master password is used as a seed plus the URL + other funky info for a hashing function to create the password. The password that any website sees is derived from the one-way hashing algorithm used (MD5, SHA1, RIPEMD, etc.). The hashed password cannot be reversed. Only thing that can be compromised is your password for that one single site which is useless for any other site.
The best attack you can do is create multiple rainbow tables each, per site, per hashing algorithm used, per length of password, per character set, per each funky info chosen leading to thousands of rainbow tables due to algorithm permutations you're trying to catch.
It would be easier to use a key logger sniffer trojan on my computer to grab my master password and also the settings file for PasswordMaker to figure out what settings I used to generate it. If you can do this then all my passwords are compromised no matter if I used PasswordMaker, md5sum, or storage-based password app like GPG, etc.
Or could could just beat me with a $5 pipe wrench until I tell you my settings scheme and master password so you can post snaky comments on forums using my accounts.
PS: Anytime you say something is MILSPEC then I know that you can't be serious because MILSPEC is largely an inside joke to people who know.
I understand the issue with truncation causing 32-character password to be pared down to 8-characters effectively shrinking the entropy to something easily guessable that is a serious problem. Base64 encoding is better than Hex but still can be truncated.
I do have my reservations about PasswordMaker or the simplistic md5sum method I described but I am also equally concerned about fully unique password stores in a file that has a single master password. That file is golden, and if you lose it or have it compromised even if someone doesn't know your master password they effectively defeated that security system because you can't be sure if they have or will compromise the encrypted file. File management also becomes an issue if you have to access those accounts from a mobile phone, work laptop, on vacation, in an emergency where you don't have access to your own computer or USB stick, etc.
I also agree that all the options in PasswordMaker doesn't really make much sense if your master password is good already, they just try to add complexity to the hashing algorithm which is unnecessary since the hashing function has a good entropy already. These settings are just to create security by obscurity for any would-be holders of the master password but like you said the total permutations of choices is really limited and not so useful. I think the character set alpha-num+symbols, password length, and hashing function are more than enough.
My plan is to use different master passwords for different types of sites and also different security level desired so that throw-away forum logins wouldn't share game account password wouldn't share e-mail account passwords, and so on and so on. If one password got compromised only that site's account would be compromised and no other. If one master password got compromised then only that group of sites would be compromised.
Multiple login attempts to online sites usually get met with verification schemes, time-outs, lock-outs slowing down the password guessing process. However, brute force breaking of a password file can happen without limitation on farms of botted computers.
Both solutions offer the same thing, unique passwords per site so that insiders cannot use your password to login to other sites and accounts. One is storage-less one is storage-based.
The truly unique password stored in the file are stronger since they are truly random so at first this sounds like a great idea until the reality of management of the password file surfaces and you end up with all your eggs in one basket, that can be copied.
The algorithmically based passwords are not nearly as strong since they can be reversed if the master password or passwords are known but you don't have to manage any files, except maybe the preference file showing the settings you used for special sites that don't accept certain characters or lengths that you normally use.
Password management is a difficult task, especially when we have to manage dozens if not hundreds of accounts by now all using their own authentication system instead of using OpenID or Google APIs or Microsoft.Net.
Right now, I like the idea of storage-less unique password management better than trying to guard a password file in the world of Windows machines and vulnerabilities.
On the morning of Nov 7th I started getting e-mails from Steam Support with confirmation codes when someone was trying to change my password and e-mail. Reinstalled Steam after a year or more of non-usage only to find that someone has been playing TeamFortress 2 on it, the same day. Changed my passwords. That evening received a number of angry e-mails from a Russian guy ( [www.crazy_denis@mail.ru]) demanding that I put the passwords back so he can use the account he bought and paid for. Used Google Translate into Russian sometimes Ukrainian to string him along through 12 short e-mails and got him to reveal and confirm that he actually had my username and password in clear text. Opened up a support case with Steam and forwarded the entire e-mail chain to them to start investigating. Got a form letter back, replied again asking them to check their systems for intrusion... today Slashdot story breaks about Steam being compromised. I wasn't the only one I guess!
PasswordMaker - Storage-less and per-site unique hash based password scheme
Changing all my passwords now to a PasswordMaker scheme for unique passwords for every single site based on a storege-less system that uses a master password + URL + other info you choose -> MD5 sum -> alpha-numeric symbols -> length limit to generate a unique password for every site and account based off your own single or multiple master passwords. You have to remember your own password and the settings you used and generate the same password every time that is unique and there is no secret data file to steal from you or for you to lose on a USB disk or upload to the net. This way your password is already hashed when you submit it to a site, it is unique per site, you don't have to store a list of passwords in any file, and you can regenerate your password on any browser, mobile phone, programming language since this app has been ported to practically everything.
I was thinking of something simpler such as "echo MyPassword69! slashdot.org|md5sum" and then "aaa53a64cbb02f01d79e6aa05f0027ba" using that as my password since many sites will take 32-character long passwords or they will truncate for you. More generalized than PasswordMaker and easier to access but no alpha-num+symbol translation and only (32) 0-9af characters but that should be random enough, or you can do sha1sum instead for a little longer hash string.
Here's the conversation for all of you.
From: [mailto:www.crazy_denis@mail.ru] Sent: Monday, November 07, 2011 11:03 PM
Crazy Denis: You bitch Give me my account is steam which I bought yesterday! will not come back you will have problems moshenik fucking
JakFrost: I would kindly suggest you go and get another account from the source before you lose more than just money. To understand each.
Crazy Denis: How do I get another account?
JakFrost: Ask a guy who you got this one and get another one. This account is off limits.
Crazy Denis: I wrote to him he was going to do nothing to write tehpoderzhku said there had already written an answer waiting for 24 hours damn well bring back pliz account you do what it's worth it
JakFrost: What's the password for that account so that I could find one for you?
Crazy Denis: Login: MyUsername Password: ********
JakFrost: (No Reply)
Crazy Denis: Well, I found?
JakFrost: That is correct user name and password, but that account is currently blocked by Steam support of a security breach. I can not use it either, so it ruined for us both.
Crazy Denis: Yes, all right there!, Today began to go wrong is led pishel password or an account is not suschustvuet
JakFrost: I do not know, I get an error that the password is incorrect or the account has not been found.
Crazy Denis: A registered on your soap the same account?
JakFrost: No, it does not work.
Crazy Denis: clear, damn well feel sorry for you and I were left wi
The chassis fan is connected to the CPU fan lead, there is no CPU fan on this motherboard. The temps are high but they are always this high even with the fan spinning slowly to cool down the case and also the fan in the power supply.
There might be less expensive and more powerful options available this year with the AMD and Intel with integrated graphics but I haven't looked into them in terms of thermals, Mini-ITX, case compatibility, noise, etc. My little HTPC runs non-stop as my Linux server and HTPC box and works great so I recommend it.
Slashdot Mirror
WTF is wrong with the editors, this is an obvious troll post with bullshit question. In about 3-seconds it takes to type open source video recording you get all the answers out of Google. Douchebag poster and double-douchebag for the editor who approved this non-story.
Slashdot is now a corporate non-story advertising medium full of shills and trolls posting fake questions to associate with text source based ad-revenue spam ads.
Zoneminder + Zones + Timeline
College can be an interesting experience if you went there right out of high-school with everyone else in the same age group and got to study new and interesting topics and enjoy your time socializing, otherwise it is likely a waste of time.
I.T. is the frontier of the business world so most of the time it is the experience that matters when it comes to interviews for senior level positions that actually pay good money. In my career I have been interviewed and have interviewed and the question of where did you go to college was only asked twice of me and that was in-passing by a curious interviewer at the end of the interviews, the answer that I dropped-out of high-school didn't matter to them at that point.
I have worked for Fortune 500 (2012) companies #16, #68, #80, #384 and others in various order and none of the interviewers that mattered for getting the job cared if I went to college or not due to the experience that I had and my performance in the interviews.
I sometimes have thoughts of of what my life would be like if I finished high-school and went to college but I always think that it is unknown if I would be better off with a college degree versus the 5-extra years of hands-on hardcore experience that I had gained instead and was able to lands jobs paying middle 6-figures at any of these companies through my interviews in the ultra-competitive and I.T. saturated NYC.
I am also sometimes interested in making-up some of the hard science education that I have missed in my high-school and would-be college years such as physics, calculus, advanced algebra, etc. but I always end up thinking that I would rather continue self-educating myself in what I find fun at the moment such as PowerShell and .NET Framework instead of going back to learning things that I think I might like but have nothing to do with my current and future jobs.
It's possible that if I went through the standard route of high-school then college that I might be doing something much more technical than Server Administration but I could also be stuck doing something much worse at some crappy company with college dept left to pay since I didn't have any means of attending college.
Two employees in our hallway got sick with serious respiratory infections and spread them to the rest of us. Since PTO is my vacation time I came in every day while I was sick because I didn't want to lose any vacation time with my family. The infections lasted 2-months and spread to other people in the department.
We work at a very large healthcare company, we have mandatory flu shots, we have a work from home policy 1-day a week, and a 2-hours in the office and rest of the day from home sick time policy. None of these did any good since we had to show up at the office or lose PTO and vacation time.
PTO is P.O.S. for the employees but great for the company who can limit complete time off from work.
Last company and industry I worked for that isn't healthcare had unlimited sick days and they were not abused because the salaried people at those levels were mature enough not to abuse them and the ones that did were dealt with swiftly in that cut-throat industry.
American policies towards employees have been degrading steadily and pushing the quality of life, work, and enjoyment down steadily.
In my years as a Windows admin I found it interesting to find out which other admins could or could not write scripts and then classify them by the level of their abilities:
- The GUI clicker Guy .NET FrameWork, Activator, Marshall, Reflection, COM+, Jobs, Runspaces Guy .NET, API, SDK, MSDN, Compiler, Remote Debugger, Memory Dump Analyzer Guy
- The Command Line ipconfig.exe Guy
- The Google for a Script Guy
- The Cut-and-Paste Each Line Separately Guy
- The Excel Drag-and-Fill Guy
- The Search and Replace In a Script Guy
- The Batch Script with No "@echo off" Guy
+ The For loop Guy
+ The Reg.exe Guy
+ The PsExec Guy
+ The 2>&1 Redirect Guy
+ The Pushd/Popd Guy
+ The Setlocal Guy
+ The Rundll32.exe Guy
+ The Findstr.exe RegEx Guy
* The GnuWin32 Sed/Grep/Tee Guy
* The Cygwin Guy
* The Perl Guy
* The VBScript Retarted Syntax Language Guy
* The JScript Cool Web Language Guy
* The Script Signing Certificate Guy
@ The PowerShell Guy
@ The PowerShell & Quest PowerGUI Guy
@ The PowerShell & PowerGUI & 3rd Party Cmdlets Guy
@ The PowerShell & [.NET Framework] Accessing Guy
@ The PowerShell &
$ The Visual Studio C, C++,
$ Kernel Developer
I personally know of (3) OCZ Agility 1 30GB drives fail, 2 on Linux, 1 on Windows.
OCZ Agility -> Intel SSD Image -> Distro Upgrade to Fix Corruption
The failure mode on one was file system corruption like an HDD but check disk would find problems, fix them but error out and another run would find different errors. I was able to image that one off to an Intel X25-V (Value) G1 40GB SSD then did a whole Ubuntu distro upgrade that basically overwrote pretty much all the important files on the system to downloaded good ones and that took care of the corruption and any problems from the previous hard drive. System is still running Asterisk PBX to this day without any errors surprisingly. I'm still a little amazed at how simple this recovery was and that there were no issues after distro upgrade that seemed to fix any corrupted files. I sent the failed OCZ drive back to my friends after fixing their PBX with with instructions to put a bullet through it instead of sending it for replacement, and I was being serious and literal and it is likely that they did just that.
Another failed with inaccessible and unbootable from Windows XP. The last one just kernel panicked disappeared from the BIOS completely. Both went back to OCZ for replacement and new ones showed up. I told the folks to not open the boxes and sell them on eBay and instead buy Intel X25-M or -V series drives to replace them.
OCZ Bashing
I still have a sealed OCZ Agility 1 30GB in my house and I posted it on eBay twice and nobody wants to buy it. I guess the word is out that OCZ SSD has shit for reliability. Newegg reviews are just full of failure reports. Even though Anandtech keeps reviewing these OCZ Vertex 2, 3, 4 series drives and praising them for performance I stay the hell away from OCZ as a vendor due to the massive amounts of complaints of failures people report on these.
As a side story, I also got burned by a performance grade OCZ 550W power supply with unstable 12V rail that wasn't even heavily loaded that would drop to 11V for no reason and destabilize my system causing weird behavior. Switched to Corsair TX750 after that and weirdness went away.
Intel SSDs - 3 Generations Going Strong
I still run an Intel X25-M G1 80GB in my laptop for a few years now without issues that used to be a desktop drive. I have an Intel X25-M G2 80GB at work and it's still working fine. I also have an Intel 320 (G3) 160GB as my new desktop drive andI applied the firmware upgrade to it that was available to fix that weird lock-up 8MB issue that was reported. I also have that Intel 320 40GB in my Ubuntu XbmcLive HTPC in my living room and another Intel X25-V G1 40GB in a friend's Ubuntu based Asterisk PBX system running just fine.
Love Intel for their SSD, never had an issue and I'm quite happy with them and the engineering that they did on the drives. Looking at the return numbers Intel has very low return rates for SSD, somewhere within the neighborhood of 1% and most of those were related to the two firmware bugs found, the one in the X25-M series early and the other the 320 series.
Intel 520 Series and SandForce SF-2281 Controller Firmware
There's a nice little story on Anandtech when Intel was choosing the new SandForce SF-2281controller for their Intel 520 SSD product line that they ran so many tests and did so much engineering on the drives that they came up with firmware updates that they gave to the vendor due to the issue that they discovered. Too bad that later on Intel found out that the controller can't do AES256 only AES128 encryption and it offering refunds for those that care about it.
http://www.anandtech.com/show/5508/intel-ssd-520-review-cherryville-brings-reliability-to-sandforce/
All of my Intel SSDs are about 2 to 3 generations behind and still use the old Intel controller that's limited to SATA-2 3Gbps speeds but
A few years ago on a whim I bought some generic branded local supermarket Stop & Shop seafood and came up with an upper body skin rash for a month. Later looked at the label and the stuff was made in China. Later found that there was a bunch of seafood enriched with some kind of a protein additive causing such bad allergic reactions to people that show up as an upper body skin rash just like I had. I had and still have no seafood allergies at the time and ate and still eat tons of seafood at restaurants weekly and sushi of all kinds, never have any bad results.
Last few weeks I tried to expand my home diet to include more seafood and looked at my new super market chain called Kroger and found that all of their generic fish was imported from China, including freezers full of tilapia and other fish. I could not find any non-generic seafood in this store that wasn't from China. Decided not to buy any this time around after I learned my lesson the last time. I had to travel to their competitor HEB to find some non-Chinese seafood and luckily found some Alaskan salmon at a hefty price.
I wish America would get it's shit together and wake the fuck up and stop importing food from China because of the horrible abuses of the environment that that country is perpetrating in the name of capitalism and profit and complete disregard for environmental and human safety as long as their shit infested products sell.
China will cut its own dick off in the name of profit and sell it to anyone willing to buy a small fried spring roll.
* Document what you think you saw and distribute to various non-alterable sources.
* Inform family and friends of your situation to give them a peace of mind.
* Inform your employer of an emergency situation and request time off or leave of absence.
* Inform any utilities and creditors about suspension of service or cancellation.
* Create a non electronic list of contacts and keep it on your person.
* Print our copies your passport, identity documents and keep on your person.
* Assemble your resources, money, water, food, cloths, toiletries, medications, prescriptions, firearms, etc. into a Bug Out Bag.
* Store a good amount but not all money and copies of documents on your person.
* Leave your primary residence for a secondary location not forgetting to power off any broadcasting electronics
* Determine the adversary and their resources and speed of reaction.
* Decide on the next course of action, fight or flight.
A 7-inch Android based tablet that will handle all type of content and a reader app that has a up and down gesture on the left edge to control brightness and has night mode inverted color reading mode.
I prefer to read for entertainment on my phone since I always have it with me throughout the day and I have read hundreds of fiction books like this since my first smartphone.
A smaller tablet will be better for technical reading and complex diagrams and also allow you to access references online and do lookups but be small enough to carry. I find that a full size 10 inch tablet to be too large for reading unless you view 2 pages side by side so a smaller tablet would suffice at that point.
I have been using the newest Asus Infinity tablet for almost a month and while it is great for content consumption it seems overly powered for the submitted requirement of reading.
Create a HIPAA like law for Law Enforcement gathered information ensuring privacy of information and enforce penalties against officers violating those rules and peeking around. FBI has a new system for that I hear so use them as a model.
In the healthcare sector peeking around gets you fired quite quickly.
NYC Big Apple already has a microphone system installed for detecting gun shot locations through triangulation. They also have deployed mobile raised platforms for surveillance by cameras and police personnel. They have mobile police command centers with multiple camera poles. What is so startling by the further progression of a surveillance society that the city has become?
We will soon be reading about police drones beings to record suspects and protests and soon after to target suspects and persons of interest with more than surveillance.
When will the first tear gas canister be dropped by a drone?
When will the first person be shot or tasored by a police drone?
The people are not in control of that city.
There is a reason why firearm manufacturers create parts out of single bar stock aluminum or steel metal pieces and machine them out, that is to maintain durability during firing process of the gun so it doesn't explode in your hands and injure you or worse and that it will last over repeated uses.
The most difficult part of creating the gun is the creation of the barrel with a chamber that can withstand pressures of 22,000 to 55,000 pounds-per-inch and not explode into shrapnel hurting you badly. Barrel creation is difficult and taken very seriously with many manufacturers using a magnetic particle inspection process to ensure that there are no metal weak points or fractures inside the walls of the barrels to prevent them from exploding.
Until these low priced home 3D printing machines can print out of aluminum, steel, or other metals to maintain some kind of rigidity on the parts these printed firearm pieces will just be an exercise in computer aided design and prototyping. Many of the pistols now use plastic frames
As far as legality of manufacturing your own firearm by people who are somehow restricted by law from owning one, well it's the possession and ownership that is restricted, not the creation so all possession restrictions still apply.
You can create your own firearms according to the Gun Control Act of 1968 for personal usage just not sale or distribution. If you decide to make these 3D printed firearm receivers you would have to apply for a Federal Firearms License type 7 or 10 and register your business then put serial numbers on these parts.
Saw it yesterday after the the Citrix Wow to How 3 seminar (great job on that Brad Peterson, very informative and well done presentation!). (PS: To any Slashdot geeks support Citrix, sign-up for next year to get an early preview of whatever movie is going to come out then.)
The movie was pretty good. It had a nicely flowing narrative with the main story and plenty of other side stories to keep it flowing nicely. Christian Bale performed as expected with a top notch performance, Tom Hardy did a great job as Bain showing a completely calm and serene villain standing up to anything that Batman threw at him and then outmatching him. Great performance there, hope to see more of Tom Hardy in future movies. The audio from Bain's filtered voice mask was very loud and clear and fully understandable with a very nice English accent. The mask did cover a lot of Tom Hardy's face and you really had to look down at his neck to even notice that he was actually the one talking because you can't see any movement. The performances of the other cast members were also very good with great character play.
There were of course a few plot issues and unbelievable things that you had to ignore with the police being trapped underground for 3-months and then finding out that it was only 3,000 officers. I grew up in NYC and I know that the NYPD has 36,000 officers so it was very hard to imagine so few out there in Gotham as the GPD force. That didn't jive with me. Also if you're trapped underground for 3-months without light and no access to clean water and food things don't go very well for you. Also NYC (Gotham in the movie) has so many access tunnels into the underground that it seems far fetched to be stuck down there without a way out.
Anyway, like the movie overall and am looking forward to the next set of Batman movies in the future. I don't mind this franchine being remade every few years because it attracts a lot of money from the studios and talented actors. (Heath Ledger being the most memorable, damn those Olsen twins!)
I can't add anything regarding ATI/AMD Catalyst drivers for Linux issues but I thought I'd mention results with nVidia so that someone can compare that to their experience with HTPC and ATI/AMD drivers.
Over a year ago I built an HTPC box based on Asus AT5ION-I motherboard with Intel Atom D525 (1.8 GHz 2-core + HyperThreading) and nVidia ION Next-Gen (~GT240 equivalent) video on board, 2GB of RAM, Intel X25-V 40GB SSD, and WD 1.5GB HDD. For software I used the old XBMCLive Ubuntu 9.x Linux distro that is now upgraded to Ubuntu 12.04 running XBMC. This system only consumes 50 Watts of power when running and decodes everything you can throw at it, even 8MB/s H.264 1080p with DTS or AC-3 Audio while only using 15-20% of CPU cycles on each logical core and 450MB of ram. This is all due to the VDPAU video acceleration available from the nVidia Linux drivers, currently 295.59 and always updating when new ones come up or new kernel is released since a re-compile is always required with this binary driver.
The biggest pain the arse is the recompiling of the nVidia driver every time that there is a Kernel update but the nVidia drivers work well enough with the command below that forces the re-download of a new driver, recompile, and reconfiguration. Then just killing Xorg process and starting uxlaunch service gets me back into XBMC frontend. This driver might be binary only and it might "taint" the kernel with its license but frankly it works well, every time, and never crashes. It provides video acceleration functions and decoding without any artifacts or issues.
sudo ./nvidia-installer --accept-license --force-update --update --no-questions --run-nvidia-xconfig
After a year of working using this I have been super satisfied since it plays everything I throw at it, old XVid, AVI, MPEG-2, H.264, etc content without any issues and with full audio with MP3, AAC, AC3, DTS, etc.
I would be weary of going with an AMD/ATI Fusion based motherboard after having such a great experience with Intel Atom and nVidia ION. I don't wish to harp on AMD since I loved the company years ago during the Athlon days but the sour taste that I got from the Opteron Dual-Core issues with core timings going out of sync and other game strangeness I am weary of that company. Although I did buy an ATI 6950 unlocked to 6970 for $225 USD that I have been happy with in Windows 7 playing last year's games but I've been religiously downloading their monthly ATI Catalyst drivers, updated to 12.4 just today.
The amount of froth coming out of people's mouths makes me think that this is a blast from the past when Vista was being released. Lots of hate towards Microsoft and much of it very deserved.
I have no issue with going with a minimalist desktop interface, 15-years ago, when I was messing around with Windows colors to make a white-on-black theme for text to minimize the amount of ambient and useless light produced the monitor from black text on a overly white background... cough, Slashdot, cough. But today when my GPU is more powerful than my CPU for graphics processing that ship has sailed.
If Windows 8 is geared for Microsoft's entry into Mobile arena, will someone please tell them that today's Mobile devices come with some pretty powerful GPUs themselves that are able to handle shadows and gradients, even some flight blurring and transparency. Since they are putting in the OEM licensing fees at $85-95 per device they are going for the $500+ mobile device market where GPUs are going to be powerful enough to handle such graphics tasks. Are they asleep and not paying attention? Did they somehow hire some HP iPaq developers or did the Windows CE guys highjack the Windows 8 UI team.
There was something peaceful and comforting about the olden days of yore with a dark orange or green cursor blinking back at you and only the text on the screen producing output from the commands. Now these days computer display have turned into imitations of paper with light blaring out at you for no good reason. Eye fatigue does come into play after staring at all-white web site backgrounds or Explorer windows while your eyes are searching for that key piece of text you need to move on and do something.
Like many folks I skipped Vista, went from XP to 7. I'm about to hop-scotch Windows 8 the same way. Wake me up when Windows 9 comes around and some saner heads prevail in the computer display User Interface arena.
PS: If it wasn't for crappy apps that don't honor Windows colors and use their own, I could have had my white-on-black theme. Perhaps it will never happen judging from how developers refuse to re-use system defaults and standards.
...the buildings and stopping by that same Border's store mentioned above to check out some books at lunch time or being outside during the summer concert festivals sitting between the towers next to the golden globe. I miss those times. Only thing I have left from there is my green WTC ID card that has nothing on it stating it was from the WTC except for the little cartoonish logo of the two towers jutting up from a circle.
I carry it in my wallet these days to preserve the memory hoping to show it someday to someone who might be interested but so far nobody seems to care to see it even when I mention that I worked at #7 WTC when 9/11 happened but wasn't there that day since instead I was going in late to work and watched the whole thing happen on my TV from the safety of my apartment's living room overseeing the cloud of smoke spreading south towards the water.
Just as the poster above, I'm no longer working in Finance and no longer in NYC which has become a different place than I remember from that time and frankly I'm glad to be away from that Gotham City.
Microsoft is finally warming up to the the Linux Kernel release version branch split system in terms of purpose and usability.
Windows XP = Stable
Windows Vista = Development/Experimental
Windows 7 = Stable
Windows 8 = Development/Experimental
Already Exists: http://passwordmaker.org/
Google Chrome: http://passwordmaker.org/Google_Chrome
Western Digital - Caviar Green
Since we're trading anecdotes about hard drives I personally like the Western Digital Caviar Green hard drive line and use them for external storage and had only 2-failures (one-predicted) out of ~12-drives of various sizes throughout a 5-year period or so. None of this should mean anything to anyone because this is all anecdotal evidence and Google's research paper about hard drive failures is what you should be judging failures by not Slashdot posts.
I like these slow 5400RPM or (IntelliPower Variable RPM) speed drives since I use them as floppies in my external caddies (i.e. cradles) connected with eSATA to my motherboard SATA controller. I plop them in, turn on the caddy, let the OS hot-detect the drive and mount it, I use it transfer stuff to them, then dismount them, and turn off the caddy the remove the drive sometimes while the platters are still spinning since I feel the gyroscopic effect.
The slower rotational speeds and power-saving technology prevents them from heating up so much and I still get ~75 MB/s peak transfer rates for large multi-GB files with ~50 MB/s nominal and ~30 MB/s slow rates for small files. Awesome drives and Western Digital's online Warranty check and RMA process is simple and efficient.
My drives all still have the 3-year warrant and that is fine. If the warrant suddenly drops to 1-year I'll still buy these drives for the performance and features that they offer and because they have been good to me.
Photography and related equipment questions DO NOT belong on Slashdot! There are dozens of sites that offer reviews, questions, answers, posts, and opinions. Go there and leave us computer geeks alone.
Photography opinions are akin to Religious opinions. Not to be discussed in polite company outside of their own circles.
Wasn't there are story about the Chinese telecom companies trying to get into the US telecom business last week? Wouldn't a T-Mobile buyout by a Chinese company be the next step now that AT&T lost their chance? Wouldn't the current administration which is beholden to foreign investment funds be willing to sell T-Mobile to the Chinese? Is this too far fetched to image this happening?
Perhaps I am misunderstanding what you're trying to say or you misunderstood PasswordMaker's one-way hash based idea.
The master password is used as a seed plus the URL + other funky info for a hashing function to create the password. The password that any website sees is derived from the one-way hashing algorithm used (MD5, SHA1, RIPEMD, etc.). The hashed password cannot be reversed. Only thing that can be compromised is your password for that one single site which is useless for any other site.
The best attack you can do is create multiple rainbow tables each, per site, per hashing algorithm used, per length of password, per character set, per each funky info chosen leading to thousands of rainbow tables due to algorithm permutations you're trying to catch.
It would be easier to use a key logger sniffer trojan on my computer to grab my master password and also the settings file for PasswordMaker to figure out what settings I used to generate it. If you can do this then all my passwords are compromised no matter if I used PasswordMaker, md5sum, or storage-based password app like GPG, etc.
Or could could just beat me with a $5 pipe wrench until I tell you my settings scheme and master password so you can post snaky comments on forums using my accounts.
PS: Anytime you say something is MILSPEC then I know that you can't be serious because MILSPEC is largely an inside joke to people who know.
I understand the issue with truncation causing 32-character password to be pared down to 8-characters effectively shrinking the entropy to something easily guessable that is a serious problem. Base64 encoding is better than Hex but still can be truncated.
I do have my reservations about PasswordMaker or the simplistic md5sum method I described but I am also equally concerned about fully unique password stores in a file that has a single master password. That file is golden, and if you lose it or have it compromised even if someone doesn't know your master password they effectively defeated that security system because you can't be sure if they have or will compromise the encrypted file. File management also becomes an issue if you have to access those accounts from a mobile phone, work laptop, on vacation, in an emergency where you don't have access to your own computer or USB stick, etc.
I also agree that all the options in PasswordMaker doesn't really make much sense if your master password is good already, they just try to add complexity to the hashing algorithm which is unnecessary since the hashing function has a good entropy already. These settings are just to create security by obscurity for any would-be holders of the master password but like you said the total permutations of choices is really limited and not so useful. I think the character set alpha-num+symbols, password length, and hashing function are more than enough.
My plan is to use different master passwords for different types of sites and also different security level desired so that throw-away forum logins wouldn't share game account password wouldn't share e-mail account passwords, and so on and so on. If one password got compromised only that site's account would be compromised and no other. If one master password got compromised then only that group of sites would be compromised.
Multiple login attempts to online sites usually get met with verification schemes, time-outs, lock-outs slowing down the password guessing process. However, brute force breaking of a password file can happen without limitation on farms of botted computers.
Both solutions offer the same thing, unique passwords per site so that insiders cannot use your password to login to other sites and accounts. One is storage-less one is storage-based.
The truly unique password stored in the file are stronger since they are truly random so at first this sounds like a great idea until the reality of management of the password file surfaces and you end up with all your eggs in one basket, that can be copied.
The algorithmically based passwords are not nearly as strong since they can be reversed if the master password or passwords are known but you don't have to manage any files, except maybe the preference file showing the settings you used for special sites that don't accept certain characters or lengths that you normally use.
Password management is a difficult task, especially when we have to manage dozens if not hundreds of accounts by now all using their own authentication system instead of using OpenID or Google APIs or Microsoft .Net.
Right now, I like the idea of storage-less unique password management better than trying to guard a password file in the world of Windows machines and vulnerabilities.
Got hit with this one!
On the morning of Nov 7th I started getting e-mails from Steam Support with confirmation codes when someone was trying to change my password and e-mail. Reinstalled Steam after a year or more of non-usage only to find that someone has been playing TeamFortress 2 on it, the same day. Changed my passwords. That evening received a number of angry e-mails from a Russian guy ( [www.crazy_denis@mail.ru]) demanding that I put the passwords back so he can use the account he bought and paid for. Used Google Translate into Russian sometimes Ukrainian to string him along through 12 short e-mails and got him to reveal and confirm that he actually had my username and password in clear text. Opened up a support case with Steam and forwarded the entire e-mail chain to them to start investigating. Got a form letter back, replied again asking them to check their systems for intrusion... today Slashdot story breaks about Steam being compromised. I wasn't the only one I guess!
PasswordMaker - Storage-less and per-site unique hash based password scheme
Changing all my passwords now to a PasswordMaker scheme for unique passwords for every single site based on a storege-less system that uses a master password + URL + other info you choose -> MD5 sum -> alpha-numeric symbols -> length limit to generate a unique password for every site and account based off your own single or multiple master passwords. You have to remember your own password and the settings you used and generate the same password every time that is unique and there is no secret data file to steal from you or for you to lose on a USB disk or upload to the net. This way your password is already hashed when you submit it to a site, it is unique per site, you don't have to store a list of passwords in any file, and you can regenerate your password on any browser, mobile phone, programming language since this app has been ported to practically everything.
I was thinking of something simpler such as "echo MyPassword69! slashdot.org|md5sum" and then "aaa53a64cbb02f01d79e6aa05f0027ba" using that as my password since many sites will take 32-character long passwords or they will truncate for you. More generalized than PasswordMaker and easier to access but no alpha-num+symbol translation and only (32) 0-9af characters but that should be random enough, or you can do sha1sum instead for a little longer hash string.
Here's the conversation for all of you.
GnuWin32
CoreUtils
DiffUtils
FindUtils
Gawk
Grep
Sed
WGet
Zip/UnZip
NirSoft
All Utilities (Ignore False-Positive VirusScan Warnings)
The chassis fan is connected to the CPU fan lead, there is no CPU fan on this motherboard. The temps are high but they are always this high even with the fan spinning slowly to cool down the case and also the fan in the power supply.
There might be less expensive and more powerful options available this year with the AMD and Intel with integrated graphics but I haven't looked into them in terms of thermals, Mini-ITX, case compatibility, noise, etc. My little HTPC runs non-stop as my Linux server and HTPC box and works great so I recommend it.