Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror

Comment: Re:Where were the professionals. (Score 1) 268

by rgbrenner (#44735433) Attached to: More Bad News From Fukushima

Look, it was clearly just a stupid mistake. That was the only meter they had available at Tepco, and the AC wasn't there to explain to them about the different type of meters. By the time they found out that stronger meters were available, and they waited for it to arrive with free shipping from amazon, it was already too late -- the press release already went out with the reading from the first meter. You can't expect them to know all of these details.. it isn't like they are nuclear engineers or anything.

Comment: Re:The hashes are salted (BUT NOT PROPERLY) (Score 2) 108

by rgbrenner (#44377447) Attached to: Ubuntu Forum Security Breach

"Still - there are two md5 hashes with a salt added "

No, even that part was done improperly. Since they hashed the password, then added the salt, then hashed the result.. it's actually just (# of users) + 1 md5 hashes.

1) hash password
2) concat hash + salt
3) hash result
4) repeat 2 & 3 for each user

Comment: Re:The hashes are salted (BUT NOT PROPERLY) (Score 2) 108

by rgbrenner (#44377399) Attached to: Ubuntu Forum Security Breach

the salt is random.. so each user's password would need to be cracked individually.

that doesn't make it 52min though..

You could speed this up by hashing the password you want to try, then hashing it with each user's salt. So instead of 2x hashes, you would have (# of users) + 1 md5 calcs for each password attempt.

And the average time would be 1/2 of the max time.

Also... most of those passwords are probably dictionary words.

Comment: Re:The hashes are salted (BUT NOT PROPERLY) (Score 2) 108

by rgbrenner (#44377189) Attached to: Ubuntu Forum Security Breach

MD5 is just not computationally intensive by todays standards. You can easily calculate several BILLION MD5 hashes per second on a modern GPU. It's fast enough that you can simply bruteforce it.. you can rent an EC2 cluster for a few dollars if you don't want to spend the money on the GPUs.

There's a reason why at a minimum stretching is used (this is when you hash a password + salt, then hash the hash typically a few 10000 times)... this is standard practice BTW if you're going to use hashes (or better, use bcrypt or pbkdf)

The only thing the salt does is prevent them from cracking all of the passwords at once.. they'll have to crack each user individually.

Comment: Re:The hashes are salted (BUT NOT PROPERLY) (Score 4, Informative) 108

by rgbrenner (#44376871) Attached to: Ubuntu Forum Security Breach

They use vBulletin.. the passwords are salted.. but it's just md5(salt+md5(password)). The salt is in the db, and it's just 2 md5 hashes -- NO stretching, PBKDF2, bcrypt, or anything else. It's literally one step up from plaintext. You can recover those passwords in very little time. You SHOULD assume the passwords are compromised.

http://www.vbulletin.org/forum/showthread.php?t=178091

Comment: Re:Peer review (Score 4, Insightful) 707

by rgbrenner (#44344395) Attached to: The Man Who Convinced Us We Needed Vitamin Supplements

Why are you such a troll? First, the quote is from the article. So it's the writers fault, not slashdot's.

Second, you should try reading TFA. You say, "A quack is someone who doesn't use the right process, who avoids peer review, who insists they can't be wrong.".

Guess what? If you read the fucking article, you would know that he did exactly that.

He tried to publish articles in a journal he had input into that would not scientifically valid just because they pushed his pro-vitamin agenda. He refused to believe studies that were published proving him wrong, and said they were personal attacks against him.

So please, STFU. You clearly didn't read the article. You go off on some rant that literally makes no sense at all,

Comment: Clearly don't know your history (Score 2) 78

by rgbrenner (#43906955) Attached to: IBM Buys Dallas Based Softlayer For $2 Billion

Softlayer was founded by Lance Crosby, the COO for The Planet.. They forced him out of the company, so he left and started Softlayer. Shortly after The Planet merged with EV1, and then about 5 years later Softlayer and The Planet merged and kept the Softlayer name.

I had servers at The Planet the entire time.. it's a good company.. and they have the revenue and profits to actually be worth $2B.. unlike some other recent acquisitions.

Comment: Re:They took it seriously? (Score 1) 96

by rgbrenner (#43807121) Attached to: First Government Lawsuit Against a Patent Troll

there's another corporate scam: sending fake compliance notices that look like they are from the state w/ an official looking seal, citing some state law, and demanding $X for compliance. I've received 3 of them over the past few years.

If I'm willing to risk tossing a state notice in the trash, then the trolls letter has no chance.

This guy posted an image of one on his blog:
http://parasec.files.wordpress.com/2013/04/screen-shot-2013-04-05-at-9-23-41-am.png

Comment: Re:Cherry-picking (Score 1) 555

by rgbrenner (#43720327) Attached to: N. Carolina May Ban Tesla Sales To Prevent "Unfair Competition"

Q1 2013 - cars sold
    BMW Group (BMW + Mini + Rolls Royce): 448,200
    Audi: 369,500
    Mercedes: 341,511
    Tesla: 4,750

http://beta.fool.com/sarfarazis/2013/05/08/audi-vs-mercedes-who-is-winning/33384/
http://www.bmwblog.com/2013/05/02/bmw-group-reports-first-quarter-revenues/

Comment: Re:Why is ONE building costing $ 1.5 Billion ? (Score 2) 82

by rgbrenner (#43512653) Attached to: Facebook Revealed As Behind $1.5B "Catapult" Data Center In Iowa

you fail at reading comprehension. 1) the facility is being EXPANDED by 300000sqft to total 1.4m sqft. 2) a data center is obviously more complex and has more power and cooling requirements than an office tower.. and 3) the article mentions apple's 500k sq ft datacenter that cost 1billion... so this facility is not more expensive than other data centers.

Comment: No (Score 2) 85

I wish you were right.. but the answer is no. What those rockets are used for has not changed. The missions are still the same; the customers are still the same.

We have to discover something valuable in space.. then the space age will begin as everyone capable goes into space to claim their share of whatever it is.

Memory fault -- brain fried

Working...