Most people have responded with their experiences in keeping track of their passwords, but I was wondering if it would be possible to implement a system where the password expiry would be based on the complexity of your password. So when you enter your passowrd, the system could analyse the length, number of repeated characters, digits, and symbols. Then with the complexity, it could calculate the exipry time. So people who have passwords of length 8-12 would have to change their passwords every month, those who have 20+ length passwords could keep theirs for 6 months (depending on how you calculate the complexity). This way people could 'buy' a longer expiry time by adding symbols or length.
My personal favorite way of generating secure passwords is to use a Passphrase. You can use Diceware to generate some passphrases for you http://world.std.com/~reinhold/diceware.html and it also has instructions for adding symbols/numbers to the passphrase.
Other slashdotters have mentioned Password Safe by Bruice Schneier. I strongly recommend this as well. I keep a copy of these at home encrypted using my master passphrase just in case I forget them.
I'm not in a position like yours but I'm curious about what your backup plan would be. Do you have a second phone that you could activate in case of the first one failing? or would you simply run out to a store and buy a new one?
But the bigger point is, why the f*ck is this a story and why are we discussing it ?
It sounds like you agree with the other reasons for the existance of this story, so to address this last point I think this is a story because the guy took a technological method to solve his problems, managed to get help from people all over the world (or maybe just the country) to do his detective work.
I think that's pretty amazing. If you lost your BMW 765, posted to a website and within two days had people posting posting the thief's website and personal information, I think that would be pretty damn amazing. Sort of a demonstration of what technology can do for collaboration. Of course the first thing he had to do appeal to peoples' sense of 'goodness', 'honor', or 'justice'. The fact that so many people responded shows there are still people who care about that stuff.
* RIAA renames itself to Borg Civilization. * Borg Civilization whines we've not conquered enough alien civilizations and go on a crusade in space.
"We are the Borg. Lower your shields and power down your weapons. We will add your lack of technological distinctiveness to our own. Resistance is futile. You will be assimilated."
Fuck this, can we have a switch to ignore the first 10 people to post on any article? Its always the same people, and they get modded insightful for saying things like 'maybe'.
You know, when I read the article summary, the first thing that came to my mind was "When you have a hammer, everything looks like a nail." Clearly, lawyers have a better chance of winning when suing. So obviously when something goes wrong, you find someone you can blame it on, sue them, and you've made a bit of money and some publicity. Problem solved.
Similarly, when Slashdotters are outraged by stupidity, you find the closest people to blame, google them up, and post their email addresses on Slashdot. Problem solved.
How often do you need to view flash stuff at work? For me, that's nearly never, so I use flashblock with firefox. Obviously, you are free to do whatever you want on your own computer.
I too have thought about using some sort of trust system and have wondered how such a thing may be implemented. Luckily sombody smarter that me has also thought about it, wrote some research papers, and a prototype.
Credence was designed to filter spam from peer-to-peer network searches. The creators implemented a prototype as a Limewire addon. You can read the link to find out how it works, but in summary, the user can rate files positively or negatively. Users are encouraged to rate the files based on whether the metadata (filename, artist, album, etc.) match the actual content. I belive there is a distributed hash table where the results of a user's ratings are stored.
As a user's ratings accumulate, the software finds other users with similar ratings and uses them to determine if search results are spam or not. This creates the feedback effect that you noted. If a spammer injects false votes, their results will not look like your results and you won't trust them.
Of course in order for this to work, you would need to rate a lot of files so you can determine who is a spammer and who is not. Who better to do this than the foremost internet company of our age?;)
I don't know how well the system would scale though. The web page claims that the program has been downloaded more than 10 000 times, but the network status page is down. I think the last time I saw the network status page, it was around 1-2 thousand active users.
If such a system could be implemented for websites, it would essentially be a fuzzy trust system where you don't need to explicitly declare friends and trusted sources. If somethinig like this were integrated into the google toolbar there could be a button similar to the spam button for emails. The toolbar could probably also have some automatic voting mechanism where commonly visited websites have a small positive vote. (note, massive privacy concerns. Users broadcasting their surfing habits to some publicly accessable DHT) But if it could be done, the system would double as a phishing filter.
One random idea, assume people who have google toolbar installed trust google with their web surfing habits (does the toolbar track its users?). Then the DHT could be made accessible only to Google simply by using a CA type sytem with the Goog at the root.... I wonder how much CPU that would take up. Good thing those multicore processors are starting to come out. =/
Just curious, has your roommate heard of Last.fm? I'm a fan of the site from a technical and concept perspective, but I'm interested in what artists actually think about it.
After days of sifting through browser histories of infected computers, Security Fix has announced that http://www.google.com/ is the only website that all victims visited.
You're right, blown up is emotionally loaded. I believe G-funk is trying to express selflessness and support for liberty over FUD. I interpreted the sig to mean "Terrorists could blow me up and I would be happy so long as we remain a free country." or something like that.
From the look of it, you weren't pretty happy when it happened on your comment. What makes you think that GP would enjoy it? If you want to defend your writing style from a-holes, it makes more sense to complement people who have a style similar to yours. They'll do it more often and a-holes will have to get used to it.
It makes me smile when Slashdotters can derive facts, misconceptions, and all sorts of esoteric knowledge from simple jokes. That's part of what I like about Slashdot culture. Even the structure of Slashdot discussion threads facilitates random offtopic branches. If you think a branch is stupid, skip it; there's always more to read.
Oh, and clicking on your URL brings up a page that says "focus on communication". I thought that was funny.
Slashdot Mirror
Most people have responded with their experiences in keeping track of their passwords, but I was wondering if it would be possible to implement a system where the password expiry would be based on the complexity of your password. So when you enter your passowrd, the system could analyse the length, number of repeated characters, digits, and symbols. Then with the complexity, it could calculate the exipry time. So people who have passwords of length 8-12 would have to change their passwords every month, those who have 20+ length passwords could keep theirs for 6 months (depending on how you calculate the complexity). This way people could 'buy' a longer expiry time by adding symbols or length.
My personal favorite way of generating secure passwords is to use a Passphrase. You can use Diceware to generate some passphrases for you http://world.std.com/~reinhold/diceware.html and it also has instructions for adding symbols/numbers to the passphrase.
Other slashdotters have mentioned Password Safe by Bruice Schneier. I strongly recommend this as well. I keep a copy of these at home encrypted using my master passphrase just in case I forget them.
And what if you can duplicate the house at zero cost?
I'm not in a position like yours but I'm curious about what your backup plan would be. Do you have a second phone that you could activate in case of the first one failing? or would you simply run out to a store and buy a new one?
It sounds like you agree with the other reasons for the existance of this story, so to address this last point I think this is a story because the guy took a technological method to solve his problems, managed to get help from people all over the world (or maybe just the country) to do his detective work.
I think that's pretty amazing. If you lost your BMW 765, posted to a website and within two days had people posting posting the thief's website and personal information, I think that would be pretty damn amazing. Sort of a demonstration of what technology can do for collaboration. Of course the first thing he had to do appeal to peoples' sense of 'goodness', 'honor', or 'justice'. The fact that so many people responded shows there are still people who care about that stuff.
So technically, original poster is correct. They said up to 160% more and 150% is well within that bound.
;)>
<Wanders back to algorithms assignment
"We are the Borg. Lower your shields and power down your weapons. We will add your lack of technological distinctiveness to our own. Resistance is futile. You will be assimilated."
*Click*
*Click*
*Click*
"Oops, I did it again..."
http://slashdot.org/metamod.pl
Create an account and make your opinion known AC.
You know, when I read the article summary, the first thing that came to my mind was "When you have a hammer, everything looks like a nail." Clearly, lawyers have a better chance of winning when suing. So obviously when something goes wrong, you find someone you can blame it on, sue them, and you've made a bit of money and some publicity. Problem solved.
Similarly, when Slashdotters are outraged by stupidity, you find the closest people to blame, google them up, and post their email addresses on Slashdot. Problem solved.
How often do you need to view flash stuff at work? For me, that's nearly never, so I use flashblock with firefox. Obviously, you are free to do whatever you want on your own computer.
Well then... why don't the police ask them then?
+1 Insightful
Oh wait..
I second this request, if only to serve as a reminder to myself.
I too have thought about using some sort of trust system and have wondered how such a thing may be implemented. Luckily sombody smarter that me has also thought about it, wrote some research papers, and a prototype.
;)
... I wonder how much CPU that would take up. Good thing those multicore processors are starting to come out. =/
http://www.cs.cornell.edu/people/egs/credence/
Credence was designed to filter spam from peer-to-peer network searches. The creators implemented a prototype as a Limewire addon. You can read the link to find out how it works, but in summary, the user can rate files positively or negatively. Users are encouraged to rate the files based on whether the metadata (filename, artist, album, etc.) match the actual content. I belive there is a distributed hash table where the results of a user's ratings are stored.
As a user's ratings accumulate, the software finds other users with similar ratings and uses them to determine if search results are spam or not. This creates the feedback effect that you noted. If a spammer injects false votes, their results will not look like your results and you won't trust them.
Of course in order for this to work, you would need to rate a lot of files so you can determine who is a spammer and who is not. Who better to do this than the foremost internet company of our age?
I don't know how well the system would scale though. The web page claims that the program has been downloaded more than 10 000 times, but the network status page is down. I think the last time I saw the network status page, it was around 1-2 thousand active users.
If such a system could be implemented for websites, it would essentially be a fuzzy trust system where you don't need to explicitly declare friends and trusted sources. If somethinig like this were integrated into the google toolbar there could be a button similar to the spam button for emails. The toolbar could probably also have some automatic voting mechanism where commonly visited websites have a small positive vote. (note, massive privacy concerns. Users broadcasting their surfing habits to some publicly accessable DHT) But if it could be done, the system would double as a phishing filter.
One random idea, assume people who have google toolbar installed trust google with their web surfing habits (does the toolbar track its users?). Then the DHT could be made accessible only to Google simply by using a CA type sytem with the Goog at the root.
Did anyone else read that as Space Porno Video leaked?
The text is so small on the front page... yeah.
The 'u' in utorrent is the greek small letter mu and is pronounced "mew" or "myoo".
SI uses the symbol to represent the prefix micro.
http://en.wikipedia.org/wiki/Mu
Anyways, apparently the author pronounces it "you"-torrent. I personally prefer mu torrent.
Just curious, has your roommate heard of Last.fm? I'm a fan of the site from a technical and concept perspective, but I'm interested in what artists actually think about it.
dingding-da-dingding-da-ding
http://news.google.ca/news?hl=en&ned=ca&q=toronto
It's only 150 busses, but it's a start.
I just learned something. So yeah, informative.
Perfect signature for the topic.
After days of sifting through browser histories of infected computers, Security Fix has announced that http://www.google.com/ is the only website that all victims visited.
I prefer to think of it as identity sharing.
It's debacle. I don't know where you got the R from.
Apparently 968 other people have used it that way.
You're right, blown up is emotionally loaded. I believe G-funk is trying to express selflessness and support for liberty over FUD. I interpreted the sig to mean "Terrorists could blow me up and I would be happy so long as we remain a free country." or something like that.
From the look of it, you weren't pretty happy when it happened on your comment. What makes you think that GP would enjoy it? If you want to defend your writing style from a-holes, it makes more sense to complement people who have a style similar to yours. They'll do it more often and a-holes will have to get used to it.
It makes me smile when Slashdotters can derive facts, misconceptions, and all sorts of esoteric knowledge from simple jokes. That's part of what I like about Slashdot culture. Even the structure of Slashdot discussion threads facilitates random offtopic branches. If you think a branch is stupid, skip it; there's always more to read.
Oh, and clicking on your URL brings up a page that says "focus on communication". I thought that was funny.