Forgot your password?

Comment: Perhaps calling it "password" is partly to blame? (Score 1) 299

by ezakimak (#45575245) Attached to: Why People Are So Bad At Picking Passwords

If pass phrases are inherently far more secure, why do we still prompt people to create and use a *password* and then make a big stink that they did *exactly that*? Just because they do that poorly we shouldn't hold that against them since the process itself doesn't do anything to help them do so better--it's actually at odds, whereas simply indicating the different process of selecting a pass *phrase* does.

Why not simply change the labels and validation (since when should a site ever *prohibit* any specific character from a pass phrase?!!) to say "pass phrase" to urge people in a better direction?

We have bone-headed developers that have "helpfully" sent out emails to every member of a site saying "to improve security we have stripped all non alpha-numerics from your password"... Huh????? a) that means you stored my pass phrase *in plain text* in your database, then b) you *shortened it*! and c) you reduced the available combinations and d) turned my pass phrase into a password.

We have *banks* adding "site lock" security--reducing the security of their websites and *lying* to their users telling them that a) it increases their security and b) *trust the site lock image to indicate that it's really the correct site* rather than educating them to check the *SSL cert*!

Perhaps we need an article similar to "what every developer needs to know about character encoding" but for "handling user credentials". It's obvious that it's not just users that don't get it--but many developers and businesses also.

Comment: I just wish the public could purchase directly (Score 1) 168

by ezakimak (#44696159) Attached to: Death of the Car Salesman? BMW Makes AI App To Sell Electric Cars

When I know what I want, I don't need (or want) a salesman in the way. They aren't actually providing a service at that point--they're just like little kids watching as the cookie jar is brought out waiting to get their hand in it.

It's silly to me that manufacturers cannot sell their products directly to consumers. I'd love it if the "build-your-own" features on all their websites were actually useful--with a "buy now" button at the end rather than a "check local inventory" that never has exactly what you just spent 10 minutes configuring.

Comment: Re:What about my privacy? (Score 5, Insightful) 620

by ezakimak (#42534909) Attached to: Man Charged With HIPAA Violations For Video Taping Police

There is *no privacy* in a *public* place. By definition. For any party, anywhere. How you act in public, witnesses around or not, is open to public knowledge--be it praiseworthy or ridicule-worthy.

Furthermore, if they first claim it was being taken in as evidence, then later they *deleted* the file--doesn't that constitute destruction of evidence (the source recording) on the police department's part? (unless they used full chain-of-custody and a data-forensics lab to copy the file?) Not to mention the obvious violation of his private information as well--I highly doubt they bothered to get a search warrant before perusing his phone's contents.

Comment: Re:Raspberry Pi (Score 2) 352

by ezakimak (#42412637) Attached to: Ask Slashdot: Linux-Friendly Motherboard Manufacturers?

This is also only a problem if you insist on using 64 bit Linux, which means you can't use Flash, Skype, or anything else that's 32 bit only, and your Linux ends up less compatible with all the content on the Internet than it usually is.

I dunno what distros have this limitation. At least gentoo installs as multilib by default allowing 32bit apps to run just fine. There are also 32bit library wrappers allowing 64bit browsers to use 32bit plugins. This has been true for years.

Comment: Re:Why I doubt driverless cars will ever happen (Score 1) 604

by ezakimak (#42109327) Attached to: How Do We Program Moral Machines?

Even if the car had a fault, accedents usually come from stupid drivers.

While I agree with this conclusion, the problem here, is that drivers don't get trained and routinely tested in a simulator for their ability to handle failure conditions, unlike airline pilots that both learn and *train* what to do for all sorts of contingencies. Furthermore airline pilots are given psych evaluations to ensure they have a reasonable ability to not panic and freeeze in an emergency situation. A stuck accelerator pedal will likely cause a majority of average drivers to panic and just hang on for the ride feeling out of control.

There's a reason flying an aircraft requires more training and more frequent recertification (check rides)--more can go wrong, and anything going wrong that is not handled in an aircraft is much more likely to be fatal. Whereas just about any idiot can manage to get a license to drive a car.

I would not be opposed to more stringent qualifications for driver licensing. I think people take for granted how serious operating a vehicle really is--it's a 2 ton missile, and the laws of physics yield for no one.

Comment: Just test cogntive/motor function directly. (Score 1) 608

by ezakimak (#42056235) Attached to: With Pot Legal, Scientists Study Detection of Impaired Drivers

Rather than try to formulate some arbitrary yet scientifically measurable number specifically for just one more possible cause of impairment, which may result in different actual effects in different people, why not just directly test cognitive and motor skills like they used to for alcohol before the breathalyzers were widely available?
Seems that testing someone's awareness and motor function directly would address the immediate concern--and handle *any* possible cause: alcohol, THC, prescription meds, OTC meds, and outright drowsiness (your own melatonin) all with one test.

news: gotcha