That's a very generous assessment. Obviously, I don't know the guy, but another possible hypothesis is that he's made the oft-repeated mistake of an expert outside his own field, who thinks he's also good enough to be an expert in another field. Academia is chock full of this -- having a good publishing record in one field tends to inflate one's ego, and can frequently lead to moronic research in even a closely related field.

I'm thinking of you, "obesity spreads through a social network" guy, who is actually a political scientist.

Passphrases encourage the use of numbers, capitalization, longer passwords, and punctuation. If the common password is all lowercase letters and maybe digits, your looking at a search space of (26+10)^k for a password of length k. If you throw in the 30 or so punctuation marks, and capitalization, the search space is (26+26+30)^k for the same length of password.

Given that so many people use lowercase+digits passwords, I'd be inclined to think that anyone brute-forcing a bunch of passwords would stick to the (26+10)^k search space, and therefore leave yours uncrackable. If they're just going after yours though, all bets are off, but then you should probably be using some uber-fancy authentication scheme anyway.

You, sir, have outdone yourself, even for slashdot standards. A passphrase is NOT "a phrase as a password", but rather a phrase as a mnemonic for your password.

Example:

Passphrase: 100 quick clicked commentors barely read Slashdot each day!
Password: 100qccbrSed!

I'll leave it to you to figure the magic out.

Mark Newman! PNAS! The list goes on...generally seem to be people from field X trying to stuff from field Y (where Y is often ML/statistics/algorithms, and X != math or CS).

I agree with parent, and have you considered that developers whose code quality is affected by seating arrangements relative to other developers might not be...um, the best developers? Otherwise, I'd say you might be overthinking the issue.

Oh please, I think Sony put an end to the delusion that only grandmas and morons are susceptible to phishing or malware. Allow me to give you an example which most people here won't be able to do detect instantaneously: zero-day exploit in Flash + rootkit + trojan. I run a tight ship like the next nerd, but my AV software still flags trojans that somehow make it onto my system from time to time, and those are only the ones that it CAN detect.

And yes, there are zealots who will undoubtedly say things like "Flash is for suckers" or "what do you expect with Windows?", but these people should consider the fact that (a) not everyone lives in caves, and (b) some people just have more important things to worry about, like losing their homes.

Look, we as nerds must STOP treating "data mining" like an epithet, or at least a scarlet letter on one's resume. The term has been abused by the popular media in connection with the NSA's wiretapping, but people tend to overlook the fact that "data mining" is just a bunch of algorithms to find statistical patterns in different kinds of data. When it's referred to as "exploratory data analysis", no one seems to mind. When it's referred to as simply "applied statistics", no one seems to mind. Read the statement by ACM's data mining special interest group, SIGKDD.

That said, I completely agree with you -- of course Facebook is interested in mining the social graph and f***ing it for all its worth. They're a for-profit company whose only asset is detailed information about people and their interactions. Why is anyone shocked that they don't want to make the world a better place, and would rather become very rich instead off their only asset. For a capitalist country, a lot of nerds in the US seem to have rose-colored glasses on.

It's a relatively interesting article, especially the bit about the Micro SIM it supposedly uses, which is not in use anywhere in the US right now. But in any case, one can't help thinking that the reviewer at Gizmodo would pay good money to vigorously and servilely pleasure Steve Jobs. From TFA:

Only can a true fanboy turn the phrase "like a Braun product from the 70s" into a compliment. Because we all want to show off our new iEpilators.

You could pay for massive upgrades to child protective services, social security, medicare, etc. with $100 billion. You could put a million pedophile priests in jail for $100 billion. You could reinvigorate Detroit and create tens of thousands of jobs for $100 billion.

The point is that you could do a LOT of things with "just a small cut in the military budget", but it wouldn't sit well with the electorate. Obama already takes enough shit for being "soft on terrorists" and "elitist". I doubt he'd want to completely botch his re-election with a snooty re-allocation of military funds ("purtecctt amurreriicaa") to the space program ("scieencee and la dee daa").

Geez, will you at least RTFS?

The main site serves visitors from the US. Thus, measuring speeds from multiple locations around the US is probably the best thing to do. They're presumably measuring speed from all their datacenters (their crawlers are likely to be distributed across the country (and world), so recording the average speed over multiple crawls would be a good approximation when you're dealing with the scale of Google and the Web).

Did anyone think about the poor sod whose job it was to burn the mice? I mean, it's difficult to catch mice that have just unsuccessfully rushed into burning buildings, or set themselves on fire by accident.

Then again, I know a guy who works in tissue engineering whose job is to "harvest" mice, as he calls it. Keeps their heads in a jar above his desk. Apparently, they bob around all day with a smiling expression.

You have to get your hands dirty for a lot of science...

Maybe you should actually, you know,...use Linux before you attempt to troll about security.

Nobody uses the root account in Linux for everyday activity. In Ubuntu, root login is even disabled by default (you have to sudo). So no worries about the system in general. Although it's pretty devastating to issue a "rm -rf ~" to delete the user's home directory, it's on par with Windows. Then you say that most malware doesn't even need root access to function, but on all the millions of XP boxes out there, it's already given root access by default.

Windows has a pipe function too, in addition to being able to zoink your whole file system with a simple "del". It also comes with ftp and telnet, which are handy replacements for wget. In short telnet+response file = download an .exe from the web = any sort of functionality you might want using Unix command line tools.

Your comment, sir, is vapid.

Not only that, only nerds would get excited about a STOCK response from HR about discrimination, and then post it on slashdot. Not trying to troll here, but HR folks aren't lawyers, and are trained to be extremely careful when it comes to possible litigation. In short, even the bad publicity makes it worthwhile for HR to apologize to this "Jedi" instead of saying something like "we only recognize jedis on active duty, with working light sabers".

Initially, the idea of "code bubbles" sounds intuitive -- isolated, self-contained, easily testable pieces of code, with well-defined inputs and outputs. Then you could build a complex program by stringing these bubbles together (in theory, anyway).

Then TFS mentions something as banal as "wrapping long lines of code"....and my bubble bursts.

This is not so much about calling the researchers' methods and findings into question as the ISPs motivation for funding the research. As far as I can tell, the research seems to be sound and pretty neat. The question is WHY are ISPs interested in FUNDING this sort of research?

One possibility that the submitter didn't consider is the fact that many researchers list their funding sources on all published papers, regardless of whether the funding was given to fund that specific project. So it could be that ISPs generally fund this particular research group in any case, and they happened to put out a paper that analyzes BT. In other words, there might not be anything sinister going on.