Forgot your password?

5 Million Gmail Passwords Leaked, Google Says No Evidence Of Compromise 203

Posted by samzenpus
from the big-list dept.
kierny writes After first appearing on multiple Russian cybercrime boards, a list of 5 million Google account usernames — which of course double as email usernames — are circulating via file-sharing sites. Experts say the information most likely didn't result from a hack of any given site, including Google, but was rather amassed over time, likely via a number of hacks of smaller sites, as well as via malware infections. Numerous commenters who have found their email addresses included in the list of exposed credentials say the included password appears to date from at least three years ago, if not longer. That means anyone who's changed their Google/Gmail password in the last three years is likely safe from account takeover.

Comment: Re:Not that hard (Score 3, Insightful) 131

by rsclient (#47733705) Attached to: Ask Slashdot: Where Can I Find Good Replacement Batteries?

Actually, it is that hard. I needed some CR32032 batteries, and looked on Amazon. Guess what? There's a ton of sellers, claiming to sell from a ton of vendors. I'll guess that many of them will sell me a battery with the right physical and electrical form factor, but....

Which brands last longer?
Which sellers are selling official brands, and which are selling indistinguishable knockoffs?
Are the knockoffs actually worse?

Is something that looks more official and appears more reputable actually selling something better? Or am I paying for reputation and not actual quality?

How valid are the reviews? Are they astroturf? Does it matter? How can someone tell a good battery from a bad one, anyway, right after getting it. Are the just giving 5 stars because the batteries came quickly in nice packaging?

I think these are all reasonable questions, but I don't have an answer to any of them. I'm hoping that someone has done a real comparison, and can provide some kind of solid data.

Comment: Re:It's not "buss" - its bus. (Score 1) 124

Funny, I remember the same thing. And it's an old usage to -- I see from the Electric Interlocking Handbook (1913) at that it's been used in the industry.

Comment: Re:Progenitors? (Score 1) 686

by rsclient (#47221995) Attached to: Aliens and the Fermi Paradox

What's the probabilitiy...
It's easily possible to idly speculate on answers:
Probability of life starting? On Earth, life started up pretty much right away. If it was unlikely, it's more likely to have started later, not earlier.

Probability of life becoming complex: low (ish). Out of roughly 5 billion years, 4 billion were spent on one-celled organisms

Probability of sentience: out of a metric buttload of species, we know of exactly one species with both sentience and high technology. That kind of indicates that's it's not so much a survival trait :-)

Comment: Re:Basic programming principles what? (Score 1, Offtopic) 127

by rsclient (#47160327) Attached to: GnuTLS Flaw Leaves Many Linux Users Open To Attacks

Actually, most of the comments I've seen about the OpenSSL code are immature, and show a lack of appreciation for the changes in the industry.

Like, remember that if-isupper-then-tolower code? Well, back in the day, tolower on most platforms would just bit-bang in a '1' bit. That will convert A to a, but also converts at-sign to back-tick. In "modern" toolchains, this doesn't happen any more; tolower is expected to handle all chars, and work correctly.

But -- as a developer, can you prove that every system that you're running on has a proper implementation of tolower? It's easy for me; I only work with one version of Visual Studio, and I can quickly prove that tolower work.

I've done code that works on multiple platforms. It used to be really, really gnarly: everything platform was always just a little bit different. And you get code that looks just like what I've seen in the snarky comments.

Comment: Re:The Science is settled! (Score 1) 330

From TFA (2007): "Gore said that Arctic ice could be gone entirely in 34 years, and he made it seem like a really precise prediction"

OK, it's been 6 or 7 years since then. Would you say the artic ice is substantially less, substantially more, or about the same from then?

Hint: data at

Eyeballing the data, there's a ton of noise but there is a decent trend in there. And the data in the last 7 years doesn't look like it is violation of that trend, or the prediction voiced by Mr. Gore.

Comment: Re:The Science is settled! (Score 1) 330

WTF? Are you mad? Or drunk? The whole point of a model is to predict the future. And they can, and do, make predictions. And over time, we can see if the predictions worked.

And your biggest issue is that the model conserved energy? You do know that in the middle of a time-step, things get wonky, right? And that the modelers know this, and therefore apply some brainpower to make it work?

The early models of galaxy collision (per the Toomre brothers) were astonishingly low-res, and yet they captured some pretty subtle effects. And guess what? They had to apply fix-ups on each time-step, too!

Climate researchers have certainly put some real thought into geo-engineering. The neatest simulation was, "what happens if we try geo-engineering, and have to stop". Result: everything goes to heck, and in a hurry.

Comment: Re:Not a market back then (Score 1) 272

by rsclient (#46771933) Attached to: Nokia Had a Production-Ready Web Tablet 13 Years Ago

I've used some of the earlier "internet tablets" (e.g., the Nokia N800) and PDA. Early machines had real issues with being powerful enough to actually work well -- something my low-end phone still struggles with.

(Not to mention the terrible, terrible connection managers. For one particularly horrid PDA, I spent more time trying to get on the internet than actually using the internet)

Comment: Re:see where your taxes go (Score 1) 322

by rsclient (#46738149) Attached to: IRS Misses XP Deadline, Pays Microsoft Millions For Patches

That's a pretty strong accusation. Other than, "I don't know anything about this government department, so I'll throw around a random accusation", do you have any actual evidence?

For example, how well do they handle paperwork compared to a typical insurance company? Personally, I find the IRS documents more straightforward and less confusing.

How do they compare in cost to a typical payroll processor like ADP? They have about the same scale; according to because ADP is private and the IRS is public, ADP should have radically lower costs. Do they?

In short, just because they are big, that doesn't make them "inefficient".


Blender Foundation Video Taken Down On YouTube For Copyright Violation 306

Posted by timothy
from the now-it's-ours dept.
An anonymous reader writes "As if the automated take downs on Youtube weren't already bad enough, today fans of the popular open source 3D software Blender were greeted by a copyright take down notice for their third open movie, Sintel, despite it being released under a Creative Commons license: 'This video contains content from Sony Pictures Movies & Shows, who has blocked it on copyright grounds.' It is believed that the takedown was a result of Sony Electronics adding Sintel to their official 4k demo pool."

Comment: Re:Tip from a programmer (Score 1) 78

by rsclient (#46625559) Attached to: FTC Settles With Sites Over SSL Lies

OK, I'm a little late to the party here. The issue with the apps isn't that "SSL is insecure" or that "SSH is better". The problem is: most security APIs require multiple levels of APIs to work correctly, where each level is hard to get right, and easy to get wrong.

Worse, a substantial number of apps will turn off one level or another "for debugging" and then not turn them back on for their release version.

"Right now I feel that I've got my feet on the ground as far as my head is concerned." -- Baseball pitcher Bo Belinsky