Is the only solution. This is a stopgap measure like carpooling and congestion charges that don't actually fix the original problem of a diminishing resource.

The salt is usually stored side by side with the salt + password hash. The salt is just a random bunch of data (of reasonable length; you can usually get away with 16 bits, but I've seen 48+ around) generated each time the user creates/changes the password. It need not be unique in the whole database, but the longer it is, the more computationally difficult it is to crack (also using an expensive hash scheme like bcrypt). I usually also encrypt the salt as well using an application specific password (this usually doesn't change between installations) and the username combined to create a "salt password" (this too is a hash). The important thing is that the password is never stored anywhere as-is.

Sure, you can throw whatever current best practices are toward keeping your data secure, but let's at least have a plan B for when things really do go horribly wrong. Because if it can, it eventually will.

I don't like sticking to just one method for passwords because malicious hackers usually try the methods that are easiest to implement (whether one type of algorithm or a set number of iterations etc...) the difficulty in cracking is usually second and, let's be honest, changes day by day as GPUs, FPGAs and so on get faster and faster and can run in parallel. This is why you should try some combination of HMAC, bcrypt etc... (nothing too "new", too fast or DIY please)

The emails are unfortunate, since now these people are prime targets for phishing (unless they've seen this report, but even then, they might think "Oh, I should change my password! Let me click on this link that totally looks like it's from Living Social). Also of note, they should have done more to protect the birthdays most of all. That's what some people use for passwords still and I've seen it being thrown around in those "password reminder" questions. Some financial institutions even accept those in lieu of the mother's maiden name.

I have a feeling the studio had more to do with this than Jackson though. Granted he had a lot of creative control, but I'm sure there's a lot to the movie making process we're not privy to. Plus the thing has to make money and that means cutting and slicing until Joe popcorn-vacuum is willing to sit down for more when each movie was already pretty long. It's also a very expensive production.

I think Tolkien's family wasn't too happy with the end result either. The complaints were along the same lines and I can't say I would have disagreed.

Well, at least after I replace them the first time.

Brain wandering time: If these are the kinds of lights we'll be putting in long duration spacecraft, it would make sense that they last at least a few decades, since it's cost prohibitive to bring supplies and, if we're talking about Mars, that's potentially a permanent installation (precluding "lunar module" style landers meant to take off later).

A bit like the LOTR series, maybe they're actually planning to continuously shoot one movie that then gets sliced to comfortable (relatively speaking) run times.

Should be leading here

That would be a potential disaster with multiple collisions, radio jamming/frequency conflicts and stuff. These things aren't held up by magic after all.

But seriously, Google's case (or rather Eric Schmidt's case) that drones should be regulated is somewhat ironic considering monitoring is nothing new at Google. The drones in this case aren't armed (and I'm certainly not condoning arbitrary use), but the potential for "oops, we just veered off course and stumbled into your growlab" is all too easy. That's the real harm here, not that we're worried there would be any rockets taking out civilians; it's the gradual erosion of personal space.

Also drones going berserk and falling out of the sky. That's a worry too.

... except with an axe. This is why we should all switch to four legged power and methane scoops for the pooping area. I submit, this is the greatest idea ever conceived since the wheel.

Oops... did I say "shot"? I meant "should have cat urine poured down their throats". Seriously, I've never seen another institution meant for the citizens to petition government be abused so much. All lobbying (even the anti-gun lobby) will be at risk eventually when enough people decide enough is enough. At the moment, they're distracted by *idol shows to give a damn, but just wait and see.

Once and for all that says IP addresses cannot be used to identify users for anything without other corroborating evidence I.E. network traffic and such, which would require the cooperation of the ISP and, ostensibly, a warrant. Of course, lobbyists would need to be shot first.

Also a random SSID and has remote login disabled. Of course, they had other issues with UPnP and stuff, but at least this makes remote attacks a little bit harder since they're more difficult to discover (still security through obscurity; if they have a dumb device that responds outside NAT, it's still game over). Nothing will stop people from making devices that should be private available publicly for the sake of convenience though.