Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror

Comment: Re:*Yawn* (Score 1) 145

by mattpalmer1086 (#48874739) Attached to: Doomsday Clock Could Move

So if a minute comes off, it's just fear mongering. And if one or two goes on? We pat ourselves on the back and ignore it? Seems like we get to ignore it in both cases!

Good point about climate change though. I also noticed they had moved beyond just the nuclear threat. I suppose it is called the Domesday clock, not the "Nuclear Threat Clock", but I kind of agree it should stick with what it was established for.

(btw: I think climate change is a real threat, but there are lots of existential threats other than nuclear weapons and climate change.)

Comment: Re: The doomsday clock should be renamed. (Score 1) 145

by mattpalmer1086 (#48873893) Attached to: Doomsday Clock Could Move

No idea who the researchers are, and I don't have an agenda. I linked to Wikipedia!

I have read about some of these studies before, on the web, and in fairly lay publications like New Scientist. I have no idea if they are wrong, true, or just some vast liberal conspiracy by left-leaning scientists to irritate their conservative colleagues!

I was only prompted to reply because the original poster saw it as political "fear" propoganda from "the left", and I saw it quite differently. Which made me think of these studies... make of them what you will!

Comment: Re:The doomsday clock should be renamed. (Score 0) 145

by mattpalmer1086 (#48873751) Attached to: Doomsday Clock Could Move

It's interesting reading your response to this. I saw it as "clever people try to assess big problems facing us, and communicate it in a way most people can easily understand". You saw it as fear mongering by the left.

Interestingly, there have been several studies that link political ideologies with fear-response. For example, see:

http://en.wikipedia.org/wiki/B...

Conservative people tend to have a higher disgust response, be more aggressive, and more resistant to change or things that appear threatening. Liberals tend to be not as frightened by apparent danger and more accepting of possibly disruptive change.

Of course, this may be completely wrong, but it does tally with my (entirely unscientific) experience.

Comment: Re:Seems... facile (Score 3, Interesting) 231

by mattpalmer1086 (#48873551) Attached to: The Paradoxes That Threaten To Tear Modern Cosmology Apart

IANAP, but my admittedly also very shallow understanding, is that when we're talking about the energy of the "vaccuum", we mean "energy associated with space itself".

A vaccuum is typically defined by the absence of matter in a volume of space (but not necessarily light or other energy). But let's exclude those too - there is no matter or electromagnetic radiation at all.

Even with those exclusions, at a fundamental level space appears to be a seething maelstrom of quantum particles popping in and out of existence. There seems to be some energy associated with "empty" space.

  Some people posit that the vaccuum (i.e. space as we know it) may be "unstable" - that the particular energy it possesses could be lower than it is - and that we're just caught on a local bump in the energy landscape. If the vaccuum ever "fell off" that bump to a lower level, it would apparently spread at the speed of light across the entire universe from wherever it started, destroying everything that currently exists, and leaving behind... I don't know what. More vaccuum, but with a much lower energy associated with it, and with lots of new matter and energy created by the release of the vaccuum energy. Probably.

Anway, happy for a real physicist to correct me on some or all of the above - that's just my very lay understanding of what is meant by vaccuum energy.

Comment: Re:Doubt it (Score 1) 299

by mattpalmer1086 (#48593003) Attached to: Blade Runner 2 Script Done, Harrison Ford Says "the Best Ever"

Interesting thesis, but I don't buy it. Audience were not discovering technology for the first time, and it was not the first time cinema explored it. One of the most classic sci fi films ever was Metropolis, made in the 1920s. There were some very good sci fi films made in that era (and some very bad ones too).

In fact, Blade runner didn't appeal to audiences much when it was released. It has become a classic afterwards, probably because it's based on a quality story and the acting, direction, music and atmosphere of the film are great. And because Ridley got rid of the annoying voice over, which the movie execs mandated so the dumb audience could understand it. Not a passionate audience, note, or at least, that's not how the movie industry saw the audience and the films they were creating for them.

Comment: Re:Would be 100 million as fast as hashcat claims (Score 1) 193

by mattpalmer1086 (#47060007) Attached to: eBay Compromised

Hmmm... I got my performance stats from a different web site. But the performance table on oclHashcat's fron page says 11231M c/s for SHA256. That's eleven billion a second, admittedly using 8 GPUs, but in the ballpark of my original post.

If crypt is iterating SHA256 110,000 times, that sounds fairly good. I've been looking at scrypt, which is explicitly designed to resist hardware based attacks.

Comment: Re:3,963 years per password (Score 1) 193

by mattpalmer1086 (#47058333) Attached to: eBay Compromised

Well, I would dispute those calculations a bit, but I accept that good long per-account salting forces each password to be cracked individually. I assume that the salt is compromised along with the password (or they won't be cracked at all).

Even randomly selected passwords from all alphanumeric characters only gives us about 6 bits of entropy per character. Most passwords are shorter than 10 characters, the average is more like 7. This only gives us 42 bits of entropy per password, assuming complete random selection from that space.

But - users don't randomly select from that space, and modern password crackers don't simply try all possible letter permutations, although they can successfully do this for passwords which are less than 7 characters. They exploit the patterns and techniques which users use to select passwords, using rules engines, password dictionaries, markov chains and all sorts of clever magic.

Run this on GPUs using hashcat, which for SHA256 can check about 3 billion hashes a second. A small cluster of 4 of these machines can then easily check over 10 billion hashes a second. You can now rent Amazon EC2 instances with GPUs. In a minute you can check 600 billion hashes, admittedly for a single password at a time.

Salted hashes are now crackable even for quite reasonable passwords, if the hash algorithm can be run on modern GPUs, and assuming the attacker has the salt as well.

Comment: Re:Why use it? (Score 1) 435

by mattpalmer1086 (#46884707) Attached to: C++ and the STL 12 Years Later: What Do You Think Now?

Good point. I checked out http://www.stroustrup.com/appl... and I can see they're mostly all quite demanding applications. I guess they deserve a demanding language :) But yes, fair enough. There are plenty of times getting the most out of what you have is going to be important.

I once worked on Java code which ran on the most ludicrously limited hardware. It was like treacle. I spent a lot of time tuning that code. Logging was the worst offendor, but some poor algorithms lurked in there too. Garbage collection was quite noticeable, even after rewriting to minimise it as much as possible.

Do you suffer painful hallucination? -- Don Juan, cited by Carlos Casteneda

Working...