Why are you bringing up the average user when he was talking about the end user who has a strong reason to keep something patched? That's comparing a Mint home user to someone running the distribution upgrade servers.

If you are in charge of managing an important system or network, then you can either fix the problem yourself, have your programming team fix it and commit the fix back to the upstream vendor or you can potentially hire the work out. Even if you are an average end user, you could actually fix it if you were willing to put in the work, however unlikely that scenario might be.

As for remembering, is it harder to remember "username" and "password" or "usernamepassword"? It's the same. You just don't press return in between them.

Logically? No. But in practice, I support both approaches and yes, for no obvious logical reason, it makes a huge difference.

Some certainly do and that bothers me. It shouldn't be that hard to set the MITM proxy to reject invalid certificates and provide the reason for the rejection to the users, but I haven't seen it done right.

You think Sony did?

I doubt the value "most" in your statement.

How is 8 letters username + 8 letters password harder or easier to crack than a 16 letters password?

It isn't easier to crack, but people remember usernames easier, so you get people who will enter 16 characters instead of eight. The validating server can treat them as separate lookups or not without impacting the efficiency of brute force attacks. The advantage of using multiple entries is that you end up getting more characters that have to be guessed correctly, which is a compound effect, so adding a PIN or multiple choice question compounds it further and isn't pointless at all.

Say you are trying to brute force my slashdot password and it's eight characters. That's 7213895789838336* possible combinations you have to work through to target one user, but I'm user 166417, which means you'd be 166417 times more likely (at least) to get illicit access if I weren't using a separate username.

Now, if my username were hidden and combined with the password entry and had to be eight characters, you'd have 52040292466647269602037015248896 potential combinations, which is obviously harder to crack, but you'd sacrifice functionality for that trade off and 7213895789838336 is a reasonable number of permutations for the level of security required. In reality, I'm not limited to eight characters so the real number is even higher.

Now, you have a valid point if you say that 16 characters would be a better length for passwords, but if you required that, there would be far fewer people who would sign in and make comments which would degrade the value of the whole system.

* - I know there is additional math that can be done here, not limited to but certainly including the tendency of people to use words and pseudo words in their passwords. I've read the manuals and brute force cracking articles too but I'm not getting paid to figure it out so my motivation to get a more accurate number is low.

Interesting comment, can you point to any articles on the topic?

If we're talking about protecting against unauthorized access in the real world, we do want a username and password combination because that's harder to guess than just a password. If I am running a website where I'm using a cookie as part of the authentication process, then yes, it is best to keep a database where I tie the cookie to an IP address because that makes it harder to hijack a session.

When I can force you to hand over one thing you know, I can force you to hand over two things you know.... that second factor would keep me out.

Over and over you are stuck on this idea that you're defending against a physical attack, which is quite nearly pointless. The attacker who takes family members hostage will bypass pretty much any security you can put in place.

If you're really wanting to discuss security against physical force, then you're not thinking big enough, why not discuss defending against the attacker with a gun pointed at your family member or a bomb in a school? Why not discuss defending against the attacking country with ICBM with nuclear warheads? Pick your action movie plot of choice, I'm willing to go down Diehard lane with you. I just need to make sure we're talking about the same thing.

You're making this too hard. You can upload terabytes of data using good old SSL or encrypt files with zip tools like 7-zip and there is nothing in the stream of data that will be recognized... that's what encryption is for.

The person wanting to get data out doesn't have to work hard at all to ensure it can't be recognized as it is being transmitted. The difficulty is in making sure that the users of the system don't notice the decrease in disk IO and loss of bandwidth. If they've got a good perimeter defense or the right heuristics for the server, they may notice "hey, that's more activity than usual" and respond, but that's about the only way to catch somebody in the act of transporting data out of a system.

Unless they're stupid. Which, with Sony's security, they could have been.

Soon we will be wearing, burkas, sun glasses and gloves to make sure our identities will not be lifted.

No. Biometric authentication won't replace all other methods of security anytime in the foreseeable future, nothing that requires serious security will rely on them alone. I have a hard time believing they ever could. If any serious company tries anytime in the next twenty years, you have my advice to place bets that it will be compromised in short order.

I keep seeing this idea that biometrics are flawed because you can't change them if someone's information is compromised, but that idea ignores the reality that biometrics are not and will likely never be used alone as significant security.

Minor quibble: using two of one group is not useless either, it is only less useful.

• Most login prompts require a username and a password, which are both things you know, but that combination is better than requiring only one thing you know.
• Requiring answers to security questions, yet another thing you know, is often considered better still.
• Iris scans can be faked as can fingerprints, but both together is harder to fake than either alone.
• Bribing one guard is easier than bribing two.
• Checking that a browser supplies a cookie is a good thing, but checking that the IP and the cookie are paired correctly is better.

Not useless, just not sufficient.

Your house key will work in hundreds of locks, but it's easier to pick the lock than track down exactly which house key might work on the house you want to break into. The reason that biometrics are useful is that they provide a second condition that has to be met for authentication, not because they provide the only one. If you give employees RFID cards and pair it with iris scanning, you're going to have moderately secure door security. It can get a lot better by adding other controls, for example introducing human checks into the system or an employee PIN.

Most businesses don't even have a second check for door security. I wish people would quit confusing a method of authentication with the idea that any single method is sufficient.

Could we maybe buy some more of Russia? It worked out pretty well last time.

You say that but maybe you won't be able to. When I was filtering the internet for my kids, I included an interception of anything on DNS ports and redirected it to my filtering server.

Your ISP could do the same thing, fairly trivially and if they do, it won't matter what IPs you tell your machine to use as a DNS server, it will use the ISPs anyway.

I think it breaks DNSSEC and I *know* it makes MITM easy for non-encrypted sites (because I did that too) but don't expect the MPAA and Sony to care, they're happy to break the security of the internet for everybody as long as it lets them think they're preventing copyright infringement. The ISPs would do it now to increase profit if it was worth the effort and complaints it would come with. Don't expect it to take more than a hint of government suggestion for your current freedom to disappear.

Don't feel too bad for my kids, they're old enough now that discussing and spot checking their habits is a better solution and most of my active interference was to block them until they completed a chore each day.

Looks like somebody else had a similar idea in congress.

The problem here is that prosecutors and cops need to get along and need to trust each other and the public needs to see cops held to account for their actions. I am leaning toward "bypass the grand jury for public servants" as a solution to ensure that not only is justice done, but so that it is seen to be done.