Actually, it's designed to be web-facing.

Worse, this is a laughably simple exploit of the web-facing interface:

In other words, it's about as simple as GET /../config.bog HTTP/1.1

Also, forgot to mention, isn't the implication of some cracked / some non cracked that whoever originally got their hands on the data only has the hashes, not the full passwords?

Of course, it's also possible that some scavenger started cracking the SHA-1 hashes in a file that someone else released...

Thanks for that info.

I checked the tail end of the SHA-1 hash of my LinkedIn password; it wasn't in the list, neither zeroed or in full. I'd already signed into LinkedIn and changed it, so it's moot, but yeah, my password wasn't in the dump.

I tested it in Opera before I posted my comment. Same effect as you: nothing happens.

Probably this bug.

Yes it is. Right here in the script.

jQuery(document).ready(
    function(){
        $('.commentSub .ui-icon.flag').live('click',
            function(fe){
                if($('#flag_comment').length>0){
                    $('#flag_comment').remove();
                }
                $(this).parent().append('<form id="flag_comment"><input type="hidden" name="comment" value="'+this.id+'"><input type="button" class="s" value="Report" disabled="disabled" onclick="reportCommentAbuse();"><input type="text" name="reason" class="t" placeholder="Specify reason" ></form>').parent().parent().addClass('flag-in');
                $('input[name=reason]').focus();
            }
        );
        $(".comment").hover(function(){},
            function(){
                if($(this).hasClass('flag-in')){
                    $('#flag_comment').remove();
                    $(this).removeClass('flag-in');
                }
            }
        );
        $("input[name=reason]").live('keypress',
            function(kp){
                var code=(kp.keyCode?kp.keyCode:kp.which);
                if(code==13){
                    $(this).prev().trigger('click');
                    kp.preventDefault();
                }
            }
        );
        $("#flag_comment .t").live('keyup',
            function(data){
                if($(this).val()!=""){
                    $("#flag_comment .s").removeAttr("disabled");
                }else{
                    $("#flag_comment .s").attr("disabled","disabled");
                }
            }
        );
    }
);
function reportCommentAbuse(){
    ajax_update(
        {
            op:'reportCommentAbuse',
            comment:$("#flag_comment input[name=comment]").val(),
            reason:$("#flag_comment input[name=reason]").val()
        },
        '',
        {
            onComplete:function(){
                Slash.busy('modal-fetch',false);
                $("#flag_comment").hide();
            }
        }
    );
    return false;
}

No, that's also because of issues with color dithering.

Most people expect their black and white printer to be able to print shades of gray. It doesn't have gray ink. It can't make gray ink. So it dithers.

That pixel-sized image is just a server-side script that logs some metrics based on the request the browser sent. It could send back a 404 error instead of a 1x1 transparent gif - it wouldn't matter. And it doesn't have to be an image; it could just as easily be a script or style tag, and the server sends back a 0-byte file after logging the request.

Thank you for your insightful explanation of why this would never work - if you were designing it.

It would get them nowhere, on its own. They would also need to intercept the entangled photon, without detection - which can't be done (in theory); that photon would simply be ignored, not used for the encryption.

It's basically like you're doing XOR encryption with a random one-time pad, known only to you and your target. The quantum encryption is basically the part that ensures that only you and your target can possibly know what the one-time pad contains (according to present interpretation of the laws of physics). Because any time your eavesdropper intercepts a single bit of the one-time pad, both of you are able to sense this and simply not use that bit.

Not the exact same thing - quoting from the paper,

It's not really known whether or not Bob's photon actually changes, or whether it's simply been in the same state as Alice's photon all along. If it changes that would imply that the information moved faster than the speed of light, which poses problems under current models. If it's been that way all along, the only thing that changes is that Alice now knows what state it's in.

In either case, Alice can tell Bob which quantum operation to perform on the entangled photon to determine the state of Alice's original photon. Intercepting this would tell you nothing unless you have one of the entangled photons, since the state of Alice's entangled photon is assumed to be random when she measures it. Bob's entangled photon has the same quantum state as Alice's does, and when he performs the correct operation, he finds the state of the original qubit.

I assume there must be some way to determine whether both Alice and Bob have an entangled pair of photons before Alice transmits which transformation Bob should use. Otherwise, it seems like someone could intercept an entangled photon intended for Bob and also intercept the transmission where Alice reveals which transformation will yield the encoded qubit.

Well, I went ahead and downloaded the PDF (surprisingly not paywalled).

It describes it as (paraphrasing slightly):

Alice has a photon of unknown quantum state and wishes to transfer it to Bob, who is at a distant location. Charlie first distributes an entangled photon pair to Alice and Bob, respectively. Alice now has two photons, and performs a joint Bell-state measurement (BSM) on them. The state of Bob's entangled photon is instantaneously altered by Alice's measurement. Alice then transmits the BSM result (meaningless on its own) to Bob via a classical channel. Based on this result, Bob can apply the appropriate unitary transformation which will convert the state of his entangled photon into the original state of the unknown photon.

So it sounds like the information is not teleported until Bob and Alice have successfully received a pair of entangled photons. Losses simply interfere with Bob's ability to receive entangled photons (Charlie and Alice are in the same physical location).

Conventional lasers use a beam consisting of millions of photons, and some percentage of them have to reach the destination. In the quantum version, individual photons are transmitted, and all must reach the destination, or both transmitter and receiver will know that the secure link has been broken. Additionally, it's theoretically impossible to eavesdrop without either breaking the quantum entanglement, or blocking the photon (or both). Either way, both parties will detect it.

Bill Cosby

The photons must remain in quantum entanglement while one photon is transmitted to the destination. A photon traveling through a glass fiber loses its quantum entanglement fairly rapidly.