Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Comment Re:Where were the professionals. (Score 1) 268

Look, it was clearly just a stupid mistake. That was the only meter they had available at Tepco, and the AC wasn't there to explain to them about the different type of meters. By the time they found out that stronger meters were available, and they waited for it to arrive with free shipping from amazon, it was already too late -- the press release already went out with the reading from the first meter. You can't expect them to know all of these details.. it isn't like they are nuclear engineers or anything.

Comment Re:The hashes are salted (BUT NOT PROPERLY) (Score 2) 108

the salt is random.. so each user's password would need to be cracked individually.

that doesn't make it 52min though..

You could speed this up by hashing the password you want to try, then hashing it with each user's salt. So instead of 2x hashes, you would have (# of users) + 1 md5 calcs for each password attempt.

And the average time would be 1/2 of the max time.

Also... most of those passwords are probably dictionary words.

Comment Re:The hashes are salted (BUT NOT PROPERLY) (Score 2) 108

MD5 is just not computationally intensive by todays standards. You can easily calculate several BILLION MD5 hashes per second on a modern GPU. It's fast enough that you can simply bruteforce it.. you can rent an EC2 cluster for a few dollars if you don't want to spend the money on the GPUs.

There's a reason why at a minimum stretching is used (this is when you hash a password + salt, then hash the hash typically a few 10000 times)... this is standard practice BTW if you're going to use hashes (or better, use bcrypt or pbkdf)

The only thing the salt does is prevent them from cracking all of the passwords at once.. they'll have to crack each user individually.

Comment Re:The hashes are salted (BUT NOT PROPERLY) (Score 4, Informative) 108

They use vBulletin.. the passwords are salted.. but it's just md5(salt+md5(password)). The salt is in the db, and it's just 2 md5 hashes -- NO stretching, PBKDF2, bcrypt, or anything else. It's literally one step up from plaintext. You can recover those passwords in very little time. You SHOULD assume the passwords are compromised.


Comment Re:Peer review (Score 4, Insightful) 707

Why are you such a troll? First, the quote is from the article. So it's the writers fault, not slashdot's.

Second, you should try reading TFA. You say, "A quack is someone who doesn't use the right process, who avoids peer review, who insists they can't be wrong.".

Guess what? If you read the fucking article, you would know that he did exactly that.

He tried to publish articles in a journal he had input into that would not scientifically valid just because they pushed his pro-vitamin agenda. He refused to believe studies that were published proving him wrong, and said they were personal attacks against him.

So please, STFU. You clearly didn't read the article. You go off on some rant that literally makes no sense at all,

Comment Clearly don't know your history (Score 2) 78

Softlayer was founded by Lance Crosby, the COO for The Planet.. They forced him out of the company, so he left and started Softlayer. Shortly after The Planet merged with EV1, and then about 5 years later Softlayer and The Planet merged and kept the Softlayer name.

I had servers at The Planet the entire time.. it's a good company.. and they have the revenue and profits to actually be worth $2B.. unlike some other recent acquisitions.

Comment Re:They took it seriously? (Score 1) 96

there's another corporate scam: sending fake compliance notices that look like they are from the state w/ an official looking seal, citing some state law, and demanding $X for compliance. I've received 3 of them over the past few years.

If I'm willing to risk tossing a state notice in the trash, then the trolls letter has no chance.

This guy posted an image of one on his blog:

Comment Re:Why is ONE building costing $ 1.5 Billion ? (Score 2) 82

you fail at reading comprehension. 1) the facility is being EXPANDED by 300000sqft to total 1.4m sqft. 2) a data center is obviously more complex and has more power and cooling requirements than an office tower.. and 3) the article mentions apple's 500k sq ft datacenter that cost 1billion... so this facility is not more expensive than other data centers.

Comment No (Score 2) 85

I wish you were right.. but the answer is no. What those rockets are used for has not changed. The missions are still the same; the customers are still the same.

We have to discover something valuable in space.. then the space age will begin as everyone capable goes into space to claim their share of whatever it is.

Slashdot Top Deals

Real wealth can only increase. -- R. Buckminster Fuller