The salt is stored with the encrypted password, in cleartext. When the user logs in, the system combines the password they typed with the salt it knows in order to get the key. The main thing salt does is to prevent people with the same password from ending up with the same key, so that everyone needs to be attacked individually. Here's what a bcrypt key looks like from the AM files:

$2a$12$p9Ctp8EvU1x9jc09dqslHeGxS/Ytu464Xs5Yn1/AkqMSqAAN.4coa

The salt is p9Ctp8EvU1x9jc09dqslHe, the 22 characters that follow the $2a$12$. If you want to crack this password, make a guess, use bcrypt to combine it with that salt, and if they match you've cracked this password. This one is not hard to guess.

If he's really solved the problem, he's probably in a hurry to get it written up as he may believe that others are close, using similar methods. In that case, he'd write it up in his native Russian and make it public. That way, he's got priority, and the translation can come anytime. But there will certainly be a translation, because many English speaking mathematicians will want to give his work close scrutiny.

Travel geeks would kill for that NPS passport book stamp!

It's clear that Han will be the main negotiator in the pension dispute with the Stormtroopers union. Thousands of aging clones, all with the same left kidney failure at the age of 63.

Your distinction between life safety and computer security is good, but I think it's mainly due to the maturity of the two fields.

People have been making buildings for thousands of years, and the first ones fell down for all kinds of reasons. The notion that a building should survive an airplane impact would have been ridiculous twenty years ago, now it sounds desirable. And twenty years from now, some other unforseen hazard will add to the list of design parameters.

Computer security has a lot of threats which are understood and well described (brute force password attacks, man-in-the-middle, SQL injections, etc.) and many that aren't. And it's totally reasonable to blame software engineers if their systems fall to a well known, easily avoidable attack, that they left open by ignorance or incompetence.

I've been working on and teaching a course (Math and the Art of M.C. Escher) from a non-linear online textbook for years now. The book we're using could never be a paper book, because it is too heavily illustrated, animated, and linked. It's also based of of learning modules (Explorations) rather than a linear read-through.

I would love to provide paths through the book - my coauthor and I teach the course in quite different ways, and the other users of the 'book' do as well. But it's proven technically challenging. We host our book with Mediawiki, and maybe that was the wrong choice, but it's worked well in many ways. Is there a good model of how to provide discourses or ontologies? I haven't really seen such a thing in a serious text. WikiBooks, for example, doesn't really have such a thing - if they did, we'd jump on board.

Unlike the book from TFA, though, we're not charging an arm and a leg for a dubious license. This makes me wonder how much of this 'innovative' biology book is really just to make a boatload of cash for the publisher. They must save a considerable sum on production costs, and the maintenance of this book sound quite a bit easier than the usual 'new edition every five years' model. They can gradually replace smaller parts when needed, rather than rebuild the whole book to justify selling a bunch of new copies.

Hi.. where can I buy one of these 'fucking' scanners? They sound like a lot more fun than my regular scanner.

An ice floe is a floating chunk of ice that is less than 10 kilometers (six miles) in its greatest dimension. Big whoop.

The City Museum in St. Louis is a crazy, dangerous, and incredibly fun "playground" in an old industrial building. Most people who go there think it's incredibly fun. Some people who go there get seriously injured (often by exhibiting stupidity they should have learned to avoid on the playground).

The musem's founder, Bob Cassilly, says that $1 of every $12 admission ticket goes to pay insurance, and he has posted a 'wall of shame' listing all the lawyers who have sued the museum.

There's an excellent and relevant article in the WSJ about it: http://online.wsj.com/article/SB10001424052702304159304575183463721620890.html?KEYWORDS=city+museum

I'm a huge fan of Mathematica, and use it all the time for mathematical work. The manipulate command they're leveraging for the CDF is incredibly elegant and simple, as advertised. However, from the Wolfram CDF faq:

They've got to be kidding if they expect anyone to make serious use of an 'open' format that requires a proprietary player with advertising all over it. Compare with PDF, which is not 'free' but at least seamlessly operates with, say LaTeX.

Those good times are coming back. For the '90s and most of 00's, home computers got harder to program and universities used C/C++ to introduce programming, which meant novices were faced with a steep learning curve and got to write code that produced, say, and ASCII histogram of some random numbers. Now, there's a trend towards Python, Java, and other languages with simple, powerful library sets built in so that students can write easy programs that do interesting things - in particular graphics and/or games. I think it's kind of a waste of time to "de-emphasize" programming, though - the more coding you do the better you get. But that doesn't mean you're wasting your time if you code in some very high level game description language. As long as you're being required to handle abstract concepts and explicitly describe what you mean, you're learning how to program.

I get paid in US$, and expect to get paid in US$ for some time. If I get myself some bitcoin, I'm now involved in currency speculation whether I like it or not. I don't go out and buy a bunch of Euros so I'm ready to purchase things from France at some point - I wait until I (rarely) need to, and then convert at that moment. AT discourages speculation, but that is the only thing to see here!

Yes - the smells won't leave the room. They should design a "personal Smell-O-Vision" that you wear. Or better still, just get a bio-implant that triggers the scent receptors directly.

One of the best things that I see as a CS educator is that the threading package is now part of the STL. Teaching threading using PTHREADS always hid the concepts in a layer of obscurity. And usually, if something's obscure when you teach it, it will be a source of mistakes for novices and pros alike. Just the simplicity of async() and the creating of threads and mutexes makes this worth the price of admission.