Forgot your password?

typodupeerror

Comment: Re:No it's not.... (Score 1) 195

by mseeger (#42874777) Attached to: Everything You Know About Password-Stealing Is Wrong

Less than 1:1000

That assumes that you actually change your passwords once a site tells it has been compromised. But even in worst case scenarios the chances are 1:100 compared to single/all passwords stolen.

Overall i would summarize:

- Memorizes passwords >> Stored passwords
- Cryptographic Storage >> Written down passwords
- Written down passwords >> Identical passwords
- Individual passwords >> Generic passwords
- Generic passwords >> Identical passwords

With ">>" as "better as". Special cases always applies, but i think those are good rules of thumb.

Comment: Re:No it's not.... (Score 1) 195

by mseeger (#42871889) Attached to: Everything You Know About Password-Stealing Is Wrong

There are two typical cases:

1. The attacker got your password at a hacked site.

2. The attacker got your password by being on your PC:

In case 1 he has one password, in case 2 he has all passwords. In both cases the weakness you mentioned is not relevant.

It is a weakness, but a rather small one compared to re-using the same password everywhere.

Also it makes it hard for an attacker to decrypt your stored password. To succeed he has to hack two sites which both store the password in plain text. I think we can ignore that probability ;-).

Comment: Re:No it's not.... (Score 1) 195

by mseeger (#42871719) Attached to: Everything You Know About Password-Stealing Is Wrong

When the question is wether to use a single password on multiple sites or writing all the passwords down, i vote for the second option.

Usually such things can be avoided, if the person is taught a password generating algorithm which modifies the password per site.

But writing them down (the safer with tools the better) is a lot better than re-using passwords all the time.

Comment: No it's not.... (Score 2) 195

by mseeger (#42871023) Attached to: Everything You Know About Password-Stealing Is Wrong

Another headline that may misslead people. Password stealing is not just a banking problem. Attackers may do a lot of damage to a person without needing to extract the money directly.

The most important lessons for passwords are:

1. One password, one service. Do not re-use passwords.

2. Prefer long to complex passwords.

Using a sentence that is important to you and modfy it per service.

E.g. "may the face be with you" for Facebook or "may the search be with you" for Google.

If the service allows such, you are beyond any rainbow table and those passwords are easy to remember and customize per service.

Comment: Probably already happened (Score 5, Interesting) 135

by mseeger (#42459949) Attached to: Security Firm Predicts "Murder By Internet-Connected Devices"

IID predicts for 2013 that criminals will leverage networked healthcare devices to carry out murders. My counter-theory is, that the first murder probably has already occurred; we and the police just didn't notice it. So 2013 may be the year the first murder via Internet device is proven.

During a BKA (German version of the FBI) conference, i made a remark that got me nationwide media attention in 2000: "In the Internet you'll find anything but murder." I wish i could say this with the same conviction today as i did back then (http://www.heise.de/newsticker/meldung/BKA-hat-Muehe-mit-der-Internet-Kriminalitaet-16354.html).

I think those happy days Daniel Suarez envisioned have already arrived.

Comment: I want the cinemas to die... (Score 1) 308

by mseeger (#42448745) Attached to: A Subscription-Based Movie Theater

I wish the cinemas would finally drop dead. Perhaps then i would get the movies on DVD/Blu-Ray at the release date. I sincerely dislikes cinemas.

Why shell i watch a movie at a fixed times with several (sometimes unpleasent) strangers in a room that cannot compete with my living room in terms of comfiness? To purchase overprices soda? To have a very, very small collections of food stuff to buy? To get the brother of Hulk sitting in front of you and block 20% of the image?

Picture quality and sound at home can compete with 90% of all cinemas and i have enough space for my friends to join.

Comment: Re:Disappointed (Score 1) 243

by mseeger (#42411521) Attached to: John McAfee Tells World How He Fooled Cops and Escaped Belize

Nope. Usually that doesn't include dead neighbors ;-).

Really, i don't freaking care if he was smoking his mattress, eating seaweed or running 30-day-trials of fancy pills. As long he is not offfering that stuff at the kindergarten, i could not care less. That his behavior may cause problems with law enforcement should not come completely unexpected for him. They are not as understanding as we are....

What i care about is: he had regular altercations with his neighbor about his dogs, first the dogs turn up dead, than the neighbor turns up dead and he flees the country while the police wants to question him (which i would not consider unreasonable).

He was in custody a few months prior to the incident. He was treated as roughly as everybody else there. He wasn't killed, not even close. So the claims that he has to fear for his life from the police are not credible.

APL is a natural extension of assembler language programming; ...and is best for educational purposes. -- A. Perlis

Working...