> if you have physical access to the machine. But to be clear I don't think my Windows install will drop me to the desktop if I press enter on the password prompt for 70 seconds! LOL. Not to Linux bash
It'll give you a desktop if you put in a bootable flash drive first.
Btw the "issue" discussed here isn't a Linux bash shell either. It's an initrd nash. You're not logged into the OS, which is still securely encrypted.
Sure you could damage the data by reformatting the drive, but given you need physical access you could just as easily damage the drive with a hammer.
It's called root. You enable root, then choose from any of the many apps which mount the "rom" read-write and you check off which pre-installed apps you want to remove.
> It's a reason to get together with people TV as a whole is great for socializing.
It is, so I go socialize when I watch the game, rather than hiding out in my house. I go to the Denver Broncos bar here in Dallas, and cheer with the other Broncos fans.
Also, I hear the Corvette club is a fun way to socialize. That doesn't make a Corvette a necessity.
A made-up word has the best trademark protection, and for good reason.
You say Blackberry means something, consider Apple. Apple means something, and that killed the Apple ][ . The Beatles brand name was Apple. They called their record company Apple Records and their holding company Apple Corps. The records featured a logo of an apple.
A bit later, Steve Jobs also thought Apple was a good brand name. After a few years there were law suits. In 1978 Apple (computers) had to pay Apple (records) chunk of money, while Apple Corps agreed they would never get into the computer business and Apple Computer agreed they'd never sell get into the music business.
Apple installed chips from Ensoniq, a well-known maker of musical synthesizers, in the Apple ][Â That meant the Apple ][ could be used as a synth. At the time, Apple Records was well known for synthesizer music, so of course they sued again. That was the end of the Apple ][Â
Then a few years later along came the iPod and i Tunes. Apple sued Apple again, of course, since they weren't supposed to be in the music business.
Making up a new word for your trademark is a really good idea.
The attack I just described gets the cookie, it doesn't require CSRF, and will get the cookie for most any site.
Note the URLs used are all 404, they don't exist. CSRF would be causing the browser to load a legitimate and important URL like change-password.php?newpass=hacked
Clinton received four times as much from big donors.
In the primary, Trump paid for his own campaign, while Clinton was funded by Wall Street. In the general, Tump received, in total, about half the donations that Clinton did. Trumpâ(TM)s campaign has directly received 27 percent of its funds from small donations (less than $200) while Clinton received 16 percent of its money in donations of $200 or less.
Further, Trump still has $2 billion of his own money. He's not DEPENDENT on campaign donors. He'll take a donation, but he doesn't need it. He can run his re-election campaign without you, Mr. Special Interest.
Candidates always mark their own contributions to the campaigns as loans rather than donations, though they don't get paid back, because of campaign accounting rules. Also, in Trump's case, it's effectively a way of saying "I'll pay for whatever is needed". Like when your mom handed you a twenty and sent you in the store for bread and milk, expecting you to come back with change. He hands the campaign $50 million of his money, they spend $40 million and when it's over they can give him back the $10 million that wasn't spent. They couldn't so easily give him back the leftover change if it were labeled a donation.
Gee, a candidate wants to hold an event with 1,000 guests, so he needs a hotel with banquet facilities for 1,000 guests. Also signage with the candidate's name, etc. Gee, right there I see a very nice hotel with banquet facilities for 1,000 guests and it already has the candidate's name on top, as a 40 foot long gold-plated sign. Should we use that one, or the Motel 6 down the street? OF COURSE when you need a facility to host an event promoting TRUMP you use the beautiful facility with the TRUMP logo everywhere. To do otherwise would be stupid. A couple months ago from my office window a saw an airliner fly by on it's way to land. From my office I could see very clearly the huge gold letters that said TRUMP. When you're promoting Trump for president, and he already has a 757 with giant gold letters saying TRUMP across the side, OF COURSE you use that flying billboard, renting a plain plane would just be stupid.
You listed a lot of good things to look at. If you had to pick one or two objective measures to have an overall barometer, which would you choose?
By way of analogy, I wanted to compare presidential administrations based on the economy. There are many things you CAN consider about the health of the economy, but economic growth rate and unemployment rate were two simple, objective measures I could plot across time to get a general idea of how the economy was doing each year.
Would you say any of the items you listed could be used as a proxy to get a general measure of the overall health of foreign relations, in an objective way?
> Why do people keep saying this? He is the founder and executive of many businesses
He has business experience. He has executive experience. He doesn't have political experience, beyonworking with politicians to get approvals for projects, etc.
> When Barack Obama was elected
A few months before Obama launched his presidential campaign, he said he shouldn't and wouldn't run for pursuant because he had no experience. Because "I believe in knowing what you're doing when you -- when you apply for a job." I agree with Obama -he's correct that he lacked experience, severely. Yet the world didn't come to an end.
Kay created the title Object Oriented Programming as a label for his system of ideas. He's the authority on what Object Oriented Programming means - even if I find some applications of OOP annoying at times. Even if I thought all of his ideas were stupid, still his ideas would be called Object Oriented Programming.
I voted against Trump, twice. I got my wife to go vote for her first time, voting against Trump. We lost. Trump will be our presodent. He has no political experience or record, so we don't know how he'll do. As Hillary Clinton said the other day:
-- Donald Trump is going to be our president. We owe him an open mind and a chance to lead.... I congratulated Donald Trump and offered to work with him on behalf of our country. I hope that he will be a president for all of our country.... This is painful, and it will be for a long time. But I want you to remember this: our campaign was never about one person - it was about building a country that we love.
You might be right. Can you think of any objective measurement we can look at in 4 years (or 1) to get some gauge regarding whether Trump's foreign policy is working?
I can tolerate someone being a dick. I don't mind when people are clueless. But when you're clueless, don't be a dick. Here's the physics explanation for you, since you clearly never passed Physics 101:
Have you ever walked on trampoline or any other springed surface? It makes it harder to walk.
Since you like to use the physics terms, it's all about potential energy. Prior to stepping on the pad, you have a certain amount potential energy due to your altitude. Stepping on the pad, you go DOWN. That's a loss of energy, you have to exert effort to return back up where you started. That's the energy powering the electric stuff, it takes potential energy from pedestrians, requiring them to step up slightly to get off the pad.
Fortunately, a little bit of padding is more comfortable than concrete, even though it takes more energy.
Try reading the post before criticizing it and you might not make a complete fool out yourself again. Try reading the last three sentences or so starting with "if the password is hashed".
It seems like you're trying to read a whole lot into one word in the summary. Linked in that summary is an entire paper which explains the details. However, it may not be understandable if you're not at least a little bit familiar with programming.
I've read and understood the paper. I'm a career internet security professional, so the paper makes perfect sense to me. I'm not speculating that the problem MIGHT be platform-independent, I'm letting you know it IS platform-independent. It's an easily missed requirement of the Facebook and Google APIs. (Not a *hidden* requirement, but an easy mistake to make of you're not being careful.) There's no six volt car in my analogy.
I think I was unclear. I'm NOT talking about brute force. I'm taking about finding the first character, then several seconds later cracking the second character, then several more seconds to get the third character, etc. Here's a step by step for one easy example, a boolean return SQLi:
Padding oracle attacks are the same - you find the first character, then you find the second character, etc. Here's a rough description of one other similar example: As is/was common for https traffic, traffic compressed with gzip and encrypted. This string compresses well:
Cookie:abcabcabc
This one compresses poorly:
Cookie:abfkdgrkdgs
Assume the cookie is an access cookie for your bank. Seeing the encrypted traffic, I can't read it, but I can see how big it is. Using Javascript, I put an img tag on our web page for each of these URLs:
bank.com/Cookie:a bank.com/Cookie:b bank.com/Cookie:c
Your browser creates, compresses, and encrypts the following requests:
Get/Cookie:a Cookie:bfjshdhd
Get/Cookie:b Cookie:bfjshdhd
Get/Cookie:c Cookie:bfjshdhd
Since they are encrypted I, as an attacker can't read the requests to get your session cookie. However I can see how big the request is, after compression. You'll notice the second request contains the repeated string "Cookie:b". Since it's an exact repeat, it will compress better than the others, and I as an attacker nkw know the first character of your authentication cookie. My Javascript then repeats with:
Get/Cookie:ba Cookie:bfjshdhd
Get/Cookie:bb Cookie:bfjshdhd
Get/Cookie:bc Cookie:bfjshdhd...
Voila, I get your authentication cookie (effectively a password) one character at a time.
Yes, I do hack banks and other "secure" sites for a living.
Here's a specific example of hacking a password one character at a time, with details of how it's done.
Like most message boards, you can see my profile by going to: slashdot.org/~raymorris With many scripts, the profile url ends with ?userid=123
If you're a programmer, you know that's likely to be implemented with a line of code like this:
SELECT * FROM users WHERE userid='$input' That ends up running:
SELECT * FROM users WHERE userid='raymorris'
Note that you get an error message if the username doesn't exist.
To hack someone's password, we use this URL: slashdot.org/~raymorris'+ AND+password+LIKE+'a%
Which runs this SQL:
SELECT * FROM users WHERE userid='raymorris' AND password LIKE 'a%'
As always, if that matches a user it will show their profile. If no user is found by the SQL, the page shows an error.
We try each character until we don't get an error. Suppose "J" shows the profile. We know the first character of the password is J. So we load up:
slashdot.org/~raymorris'+ AND+password+LIKE+'Ja% Voila, cracking passwords one character at a time. Works on many systems that havev databases on the backend.
Suppose the coder is knowledgeable enough that they used salted hashes of the passwords. No problem, we just use:
If the site has a "forgot your password?" feature where you answer a question like "what was your first pet's name?", the name of the pet is effectively an alternate password, and it's unlikely to be hashed.
> ** Cracking a password one character at a time until all the characters are filled in. Nope, passwords are an all or nothing proposition.
Many attacks against passwords/keys are character-at-a-time. All types of padding oracle attacks are character-at-a-time, as are sql injection with results determined by the presence or absence of an error. (where password like 'a%'). Padding oracle attacks include POODLE and Lucky Thirteen.
> *** Hacking/coding as a real-time activity (e.g. furiously typing code to block another hacker in real-time)
I've done that, when I became aware of a breach due to what the attacker was doing at the moment, and I had only remote access so I couldn't pull the network cable.
> Trump's ego will never allow him to bow to other world leaders. Obama has spent two terms allowing himself and the country to be publically insulted and degraded by friend and foe.
For good and for bad, that's very likely true. Consider for example the Gold Star mom, Khizr and Ghazala Khan. He darn sure should have apologized, right away, then allowed Clinton's scandals to be back in the press. Instead he continued attacking her for a week. Like you said, "Trump's ego will never allow him", he can't control himself. That's worrisome.
> People getting paranoid that their iPhones are putting them at risk can relax, (Maybe...).
Most assuredly not. Frequently the Android and iPhone versions of an app are compiled from the same source. If the source code doesn't include checking the that the user name matches the token, which OS happens to be three layers under that doesn't matter a bit.
If the app developer has two sets of source code, one for Android and one for iOS, and forgets the check in one copy, they probably forgot the check in the other copy as well.
In case you're completely unfamiliar with OAuth, here's a bad car analogy:
The researchers mounted 8 different GPS units made by Garmin, Tom Tom, and Magellan in their F-150. Driving highway 1, six of the eight units...
What if they put the GPS units in Chevy? It would make no difference.
There are no known SHA-1 collisions. Essentially, it's never been fully hacked. As you mentioned any hash must be salted for password use, and salted SHA-1 would be fine for most any public web site.
However, a partial crack of SHA-1 exists. The NSA or the Chinese government might well be able to crack it.
SHA-2 is recommended for all new hashes. For example, new TLS (SSL) certificates are signed with SHA-2, not SHA-1. In 2017, major browsers may stop accepting TLS certificates signed with SHA-1.
Upgrading can be easy if you used the crypt() system call, or a higher-level function that calls crypt() underneath. That includes MySQL encrypt(), Perl crypt(), etc. If you do, just change the salt you use for the initial hashing - the password CHECKING code remains unchanged.
Your definition of object-oriented programming is in direct conflict with the definition used by the guy who coined the term in the first place, Dr. Alan Kay. You've confused the an object vs object-oriented programming. Most every program has functions, very few properly use Functional Programming. Similarly, according to Kay (and any random textbook you choose to consult), just because call something an object doesn't make it OOP, any more than calling your hour-long meeting a "scrum" makes your process Agile.
Your description of how national security people might think and feel about a candidate who represents real change is insightful. Mrs. Clinton, however, has been in politics since 1977. She's already spent TWELVE YEARS in the White House, and eight more in the Senate. 20 years in Washington and not a hint of doing anything about mass surveillance. It's outsider Trump who might change things.
> Trump has also demonstrated a strange immunity. Time after time he says things that should ruin any American politician
Strange indeed. I don't know why that is. Of course you said "should ruin any American POLITICIAN." Trump isn't a politician, he's a promoter, a hype man. (And a deal maker.)
> Sorry, that's all b.s.. The TPP is a payoff to the rich for their support of Government elected minions. The only way to fix this is get money out of politics.
For all of his faults (and he has plenty), Trump will be the first president in our lifetime who isn't dependent on big donors. This may get interesting, it will be different.
> if you have physical access to the machine. But to be clear I don't think my Windows install will drop me to the desktop if I press enter on the password prompt for 70 seconds! LOL. Not to Linux bash
It'll give you a desktop if you put in a bootable flash drive first.
Btw the "issue" discussed here isn't a Linux bash shell either. It's an initrd nash. You're not logged into the OS, which is still securely encrypted.
Sure you could damage the data by reformatting the drive, but given you need physical access you could just as easily damage the drive with a hammer.
It's called root. You enable root, then choose from any of the many apps which mount the "rom" read-write and you check off which pre-installed apps you want to remove.
> It's a reason to get together with people TV as a whole is great for socializing.
It is, so I go socialize when I watch the game, rather than hiding out in my house. I go to the Denver Broncos bar here in Dallas, and cheer with the other Broncos fans.
Also, I hear the Corvette club is a fun way to socialize. That doesn't make a Corvette a necessity.
A made-up word has the best trademark protection, and for good reason.
You say Blackberry means something, consider Apple. Apple means something, and that killed the Apple ][ .
The Beatles brand name was Apple. They called their record company Apple Records and their holding company Apple Corps. The records featured a logo of an apple.
A bit later, Steve Jobs also thought Apple was a good brand name. After a few years there were law suits. In 1978 Apple (computers) had to pay Apple (records) chunk of money, while Apple Corps agreed they would never get into the computer business and Apple Computer agreed they'd never sell get into the music business.
Apple installed chips from Ensoniq, a well-known maker of musical synthesizers, in the Apple ][Â That meant the Apple ][ could be used as a synth. At the time, Apple Records was well known for synthesizer music, so of course they sued again. That was the end of the Apple ][Â
Then a few years later along came the iPod and i Tunes. Apple sued Apple again, of course, since they weren't supposed to be in the music business.
Making up a new word for your trademark is a really good idea.
The attack I just described gets the cookie, it doesn't require CSRF, and will get the cookie for most any site.
Note the URLs used are all 404, they don't exist. CSRF would be causing the browser to load a legitimate and important URL like change-password.php?newpass=hacked
Clinton received four times as much from big donors.
In the primary, Trump paid for his own campaign, while Clinton was funded by Wall Street. In the general, Tump received, in total, about half the donations that Clinton did. Trumpâ(TM)s campaign has directly received 27 percent of its funds from small donations (less than $200) while Clinton received 16 percent of its money in donations of $200 or less.
Further, Trump still has $2 billion of his own money. He's not DEPENDENT on campaign donors. He'll take a donation, but he doesn't need it. He can run his re-election campaign without you, Mr. Special Interest.
Candidates always mark their own contributions to the campaigns as loans rather than donations, though they don't get paid back, because of campaign accounting rules. Also, in Trump's case, it's effectively a way of saying "I'll pay for whatever is needed". Like when your mom handed you a twenty and sent you in the store for bread and milk, expecting you to come back with change. He hands the campaign $50 million of his money, they spend $40 million and when it's over they can give him back the $10 million that wasn't spent. They couldn't so easily give him back the leftover change if it were labeled a donation.
Gee, a candidate wants to hold an event with 1,000 guests, so he needs a hotel with banquet facilities for 1,000 guests. Also signage with the candidate's name, etc. Gee, right there I see a very nice hotel with banquet facilities for 1,000 guests and it already has the candidate's name on top, as a 40 foot long gold-plated sign. Should we use that one, or the Motel 6 down the street? OF COURSE when you need a facility to host an event promoting TRUMP you use the beautiful facility with the TRUMP logo everywhere. To do otherwise would be stupid. A couple months ago from my office window a saw an airliner fly by on it's way to land. From my office I could see very clearly the huge gold letters that said TRUMP. When you're promoting Trump for president, and he already has a 757 with giant gold letters saying TRUMP across the side, OF COURSE you use that flying billboard, renting a plain plane would just be stupid.
You listed a lot of good things to look at. If you had to pick one or two objective measures to have an overall barometer, which would you choose?
By way of analogy, I wanted to compare presidential administrations based on the economy. There are many things you CAN consider about the health of the economy, but economic growth rate and unemployment rate were two simple, objective measures I could plot across time to get a general idea of how the economy was doing each year.
Would you say any of the items you listed could be used as a proxy to get a general measure of the overall health of foreign relations, in an objective way?
>> He has no political experience or record
> Why do people keep saying this? He is the founder and executive of many businesses
He has business experience. He has executive experience. He doesn't have political experience, beyonworking with politicians to get approvals for projects, etc.
> When Barack Obama was elected
A few months before Obama launched his presidential campaign, he said he shouldn't and wouldn't run for pursuant because he had no experience. Because "I believe in knowing what you're doing when you -- when you apply for a job." I agree with Obama -he's correct that he lacked experience, severely. Yet the world didn't come to an end.
Kay created the title Object Oriented Programming as a label for his system of ideas. He's the authority on what Object Oriented Programming means - even if I find some applications of OOP annoying at times. Even if I thought all of his ideas were stupid, still his ideas would be called Object Oriented Programming.
I voted against Trump, twice. I got my wife to go vote for her first time, voting against Trump. We lost. Trump will be our presodent. He has no political experience or record, so we don't know how he'll do. As Hillary Clinton said the other day:
-- ... ...
Donald Trump is going to be our president. We owe him an open mind and a chance to lead.
I congratulated Donald Trump and offered to work with him on behalf of our country. I hope that he will be a president for all of our country.
This is painful, and it will be for a long time. But I want you to remember this: our campaign was never about one person - it was about building a country that we love.
Hillary Rodham Clinton
---
You might be right. Can you think of any objective measurement we can look at in 4 years (or 1) to get some gauge regarding whether Trump's foreign policy is working?
I can tolerate someone being a dick. I don't mind when people are clueless. But when you're clueless, don't be a dick. Here's the physics explanation for you, since you clearly never passed Physics 101:
https://hardware.slashdot.org/...
Have you ever walked on trampoline or any other springed surface? It makes it harder to walk.
Since you like to use the physics terms, it's all about potential energy. Prior to stepping on the pad, you have a certain amount potential energy due to your altitude. Stepping on the pad, you go DOWN. That's a loss of energy, you have to exert effort to return back up where you started. That's the energy powering the electric stuff, it takes potential energy from pedestrians, requiring them to step up slightly to get off the pad.
Fortunately, a little bit of padding is more comfortable than concrete, even though it takes more energy.
Try reading the post before criticizing it and you might not make a complete fool out yourself again. Try reading the last three sentences or so starting with "if the password is hashed".
It seems like you're trying to read a whole lot into one word in the summary. Linked in that summary is an entire paper which explains the details. However, it may not be understandable if you're not at least a little bit familiar with programming.
I've read and understood the paper. I'm a career internet security professional, so the paper makes perfect sense to me. I'm not speculating that the problem MIGHT be platform-independent, I'm letting you know it IS platform-independent. It's an easily missed requirement of the Facebook and Google APIs. (Not a *hidden* requirement, but an easy mistake to make of you're not being careful.) There's no six volt car in my analogy.
That scene was entertaining.
I think I was unclear. I'm NOT talking about brute force. I'm taking about finding the first character, then several seconds later cracking the second character, then several more seconds to get the third character, etc. Here's a step by step for one easy example, a boolean return SQLi:
https://slashdot.org/comments....
Padding oracle attacks are the same - you find the first character, then you find the second character, etc. Here's a rough description of one other similar example:
As is/was common for https traffic, traffic compressed with gzip and encrypted. This string compresses well:
Cookie:abcabcabc
This one compresses poorly:
Cookie:abfkdgrkdgs
Assume the cookie is an access cookie for your bank. Seeing the encrypted traffic, I can't read it, but I can see how big it is. Using Javascript, I put an img tag on our web page for each of these URLs:
bank.com/Cookie:a
bank.com/Cookie:b
bank.com/Cookie:c
Your browser creates, compresses, and encrypts the following requests:
Get /Cookie:a
Cookie:bfjshdhd
Get /Cookie:b
Cookie:bfjshdhd
Get /Cookie:c
Cookie:bfjshdhd
Since they are encrypted I, as an attacker can't read the requests to get your session cookie. However I can see how big the request is, after compression. You'll notice the second request contains the repeated string "Cookie:b". Since it's an exact repeat, it will compress better than the others, and I as an attacker nkw know the first character of your authentication cookie. My Javascript then repeats with:
Get /Cookie:ba
Cookie:bfjshdhd
Get /Cookie:bb
Cookie:bfjshdhd
Get /Cookie:bc ...
Cookie:bfjshdhd
Voila, I get your authentication cookie (effectively a password) one character at a time.
Yes, I do hack banks and other "secure" sites for a living.
Here's a specific example of hacking a password one character at a time, with details of how it's done.
Like most message boards, you can see my profile by going to:
slashdot.org/~raymorris
With many scripts, the profile url ends with ?userid=123
If you're a programmer, you know that's likely to be implemented with a line of code like this:
SELECT * FROM users WHERE userid='$input'
That ends up running:
SELECT * FROM users WHERE userid='raymorris'
Note that you get an error message if the username doesn't exist.
To hack someone's password, we use this URL:
slashdot.org/~raymorris'+ AND+password+LIKE+'a%
Which runs this SQL:
SELECT * FROM users WHERE userid='raymorris' AND password LIKE 'a%'
As always, if that matches a user it will show their profile. If no user is found by the SQL, the page shows an error.
We try each character until we don't get an error. Suppose "J" shows the profile. We know the first character of the password is J. So we load up:
slashdot.org/~raymorris'+ AND+password+LIKE+'Ja%
Voila, cracking passwords one character at a time. Works on many systems that havev databases on the backend.
Suppose the coder is knowledgeable enough that they used salted hashes of the passwords. No problem, we just use:
slashdot.org/~raymorris'+ AND+forgot-pwd-answer+LIKE+'a%
If the site has a "forgot your password?" feature where you answer a question like "what was your first pet's name?", the name of the pet is effectively an alternate password, and it's unlikely to be hashed.
> ** Cracking a password one character at a time until all the characters are filled in. Nope, passwords are an all or nothing proposition.
Many attacks against passwords/keys are character-at-a-time. All types of padding oracle attacks are character-at-a-time, as are sql injection with results determined by the presence or absence of an error. (where password like 'a%'). Padding oracle attacks include POODLE and Lucky Thirteen.
> *** Hacking/coding as a real-time activity (e.g. furiously typing code to block another hacker in real-time)
I've done that, when I became aware of a breach due to what the attacker was doing at the moment, and I had only remote access so I couldn't pull the network cable.
> Trump's ego will never allow him to bow to other world leaders. Obama has spent two terms allowing himself and the country to be publically insulted and degraded by friend and foe.
For good and for bad, that's very likely true. Consider for example the Gold Star mom, Khizr and Ghazala Khan. He darn sure should have apologized, right away, then allowed Clinton's scandals to be back in the press. Instead he continued attacking her for a week. Like you said, "Trump's ego will never allow him", he can't control himself. That's worrisome.
> People getting paranoid that their iPhones are putting them at risk can relax, (Maybe...).
Most assuredly not. Frequently the Android and iPhone versions of an app are compiled from the same source. If the source code doesn't include checking the that the user name matches the token, which OS happens to be three layers under that doesn't matter a bit.
If the app developer has two sets of source code, one for Android and one for iOS, and forgets the check in one copy, they probably forgot the check in the other copy as well.
In case you're completely unfamiliar with OAuth, here's a bad car analogy:
The researchers mounted 8 different GPS units made by Garmin, Tom Tom, and Magellan in their F-150. ...
Driving highway 1, six of the eight units
What if they put the GPS units in Chevy? It would make no difference.
There are no known SHA-1 collisions. Essentially, it's never been fully hacked. As you mentioned any hash must be salted for password use, and salted SHA-1 would be fine for most any public web site.
However, a partial crack of SHA-1 exists. The NSA or the Chinese government might well be able to crack it.
SHA-2 is recommended for all new hashes. For example, new TLS (SSL) certificates are signed with SHA-2, not SHA-1. In 2017, major browsers may stop accepting TLS certificates signed with SHA-1.
Upgrading can be easy if you used the crypt() system call, or a higher-level function that calls crypt() underneath. That includes MySQL encrypt(), Perl crypt(), etc. If you do, just change the salt you use for the initial hashing - the password CHECKING code remains unchanged.
Your definition of object-oriented programming is in direct conflict with the definition used by the guy who coined the term in the first place, Dr. Alan Kay. You've confused the an object vs object-oriented programming. Most every program has functions, very few properly use Functional Programming. Similarly, according to Kay (and any random textbook you choose to consult), just because call something an object doesn't make it OOP, any more than calling your hour-long meeting a "scrum" makes your process Agile.
Your description of how national security people might think and feel about a candidate who represents real change is insightful. Mrs. Clinton, however, has been in politics since 1977. She's already spent TWELVE YEARS in the White House, and eight more in the Senate. 20 years in Washington and not a hint of doing anything about mass surveillance. It's outsider Trump who might change things.
> Trump has also demonstrated a strange immunity. Time after time he says things that should ruin any American politician
Strange indeed. I don't know why that is. Of course you said "should ruin any American POLITICIAN." Trump isn't a politician, he's a promoter, a hype man. (And a deal maker.)
> Sorry, that's all b.s.. The TPP is a payoff to the rich for their support of Government elected minions. The only way to fix this is get money out of politics.
For all of his faults (and he has plenty), Trump will be the first president in our lifetime who isn't dependent on big donors. This may get interesting, it will be different.