background preloader

 Password Haystacks: How Well Hidden is Your Needle?

 Password Haystacks: How Well Hidden is Your Needle?
... and how well hidden is YOUR needle? Every password you use can be thought of as a needle hiding in a haystack. After all searches of common passwords and dictionaries have failed, an attacker must resort to a “brute force” search – ultimately trying every possible combination of letters, numbers and then symbols until the combination you chose, is discovered. If every possible password is tried, sooner or later yours will be found. The question is: Will that be too soon . . . or enough later? This interactive brute force search space calculator allows you to experiment with password length and composition to develop an accurate and quantified sense for the safety of using passwords that can only be found through exhaustive search. <! (The Haystack Calculator has been viewed 2,587,584 times since its publication.) IMPORTANT!!! It is NOT a “Password Strength Meter.” Since it could be easily confused for one, it is very important for you to understand what it is, and what it isn't: Okay.

Related:  acallaiPasswordsweb security and jsTech Course

The DIY Terminator: Private Robot Armies And The Algorithm-Run Future Of War 1. Attack Of The Drones Last month, NATO’s commanders in Libya went with caps-in-hand to the Pentagon to ask for reconnaissance help in the form of more Predator drones. “It’s getting more difficult to find stuff to blow up,” a senior NATO officer complained to The Los Angeles Times. The Libyan rebels’ envoy in Washington had already made a similar request. “We can't get rid of [Qaddafi] by throwing eggs at him,” the envoy told the newspaper.

Today I Am Releasing Ten Million Passwords Frequently I get requests from students and security researchers to get a copy of my password research data. I typically decline to share the passwords but for quite some time I have wanted to provide a clean set of data to share with the world. A carefully-selected set of data provides great insight into user behavior and is valuable for furthering password security. So I built a data set of ten million usernames and passwords that I am releasing to the public domain. But recent events have made me question the prudence of releasing this information, even for research purposes. The arrest and aggressive prosecution of Barrett Brown had a marked chilling effect on both journalists and security researchers.

zxcvbn: realistic password strength estimation Over the last few months, I’ve seen a password strength meter on almost every signup form I’ve encountered. Password strength meters are on fire. Here’s a question: does a meter actually help people secure their accounts? Say goodbye to capitalism as we know it - Keynote Speaker By Jeremy Rifkin A new economic system has entered the world stage. The Collaborative Commons is the first new economic paradigm to take root since the advent of capitalism — and its antagonist socialism. The Collaborative Commons is already transforming the way we organize economic life, with profound implications for the future of the capitalist market. The trigger for this great economic transformation is known as Zero Marginal Cost.

Password Strength « explain xkcd by Jeff Image text: To anyone who understands information theory and security and is in an infuriating argument with someone who does not (possibly involving mixed case), I sincerely apologize. This comic is saying that the password in the top frames "Tr0ub4dor&3" is easier for password cracking software to guess than "correcthorsebatterystaple". And this is absolutely true that people make passwords hard to remember because that means that they are "safer". Worst passwords of 2014 are just as awful as you can imagine - CNET Few smartwatches have so far resonated with consumers. Apple is trying to drag the entire category into the mainstream with what it calls "the most advanced timepiece ever created." The consumer technology industry has spent the last 18 months hailing wearable devices as the next big thing. But who will want a smartwatch? And, more important, why do you need one? Apple on Monday set out to answer those questions with the Apple Watch, its entry into the burgeoning area of wearable technology.

Whitepixel breaks 28.6 billion password/sec - Zorinaq I am glad to announce, firstly, the release of whitepixel, an open source GPU-accelerated password hash auditing software for AMD/ATI graphics cards that qualifies as the world's fastest single-hash MD5 brute forcer; and secondly, that a Linux computer built with four dual-GPU AMD Radeon HD 5970 graphics cards for the purpose of running whitepixel is the first demonstration of eight AMD GPUs concurrently running this type of cryptographic workload on a single system. This software and hardware combination achieves a rate of 28.6 billion MD5 password hashes tested per second, consumes 1230 Watt at full load, and costs 2700 USD as of December 2010. The capital and operating costs of such a system are only a small fraction of running the same workload on Amazon EC2 GPU instances, as I will detail in this post.

The best free online conference platforms - Freelancers Union Source: Mike Licht Only half of freelancers work in their local cities and communities, so millions of independent workers across the country rely on online virtual meeting platforms to talk to clients and collaborate with other freelancers. Setting up a virtual meeting is the kind of thing that shouldn’t be complicated -- but always seems to be. We’ve compiled the most popular services and reviewed each. But most importantly, they all provide free plans (not just free trials) that probably have everything you need! Google Hangouts

Media Destruction Guidance The products on these lists meet specific NSA performance requirements for sanitizing, destroying, or disposing of media containing sensitive or classified information. Inclusion on a list does not constitute an endorsement by NSA or the U.S. Government. Note: NSA has determined that High Security Disintegrators listed on the Evaluated Products List provide adequate security for the destruction of paper, optical media (CDs and DVDs), and punched tape as annotated on the EPL. When destroying optical media in disintegrators, NSA recommends that paper be mixed with the optical media during destruction. Please contact the manufacturer to determine if a specific product is mechanically suited for optical media destruction.

Dictionary attack In cryptanalysis and computer security, a dictionary attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by trying hundreds or sometimes millions of likely possibilities, such as words in a dictionary. Technique[edit] Pre-computed dictionary attack/Rainbow table attack[edit] It is possible to achieve a time-space tradeoff by pre-computing a list of hashes of dictionary words, and storing these in a database using the hash as the key. This requires a considerable amount of preparation time, but allows the actual attack to be executed faster. The storage requirements for the pre-computed tables were once a major cost, but are less of an issue today because of the low cost of disk storage.

What's My Pass? » The Top 500 Worst Passwords of All Time From the moment people started using passwords, it didn’t take long to realize how many people picked the very same passwords over and over. Even the way people misspell words is consistent. In fact, people are so predictable that most hackers make use of lists of common passwords just like these.

Related:  wanderworriesGeeky and Tech