Slashdot is powered by your submissions, so send in your scoop


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. ×

Comment Re:What should happen and what will happen (Score 1) 111

But this is exactly why good password hashing algorithms are moving to RAM consumption as the primary barrier. It's pretty trivial for a server with many GiB of RAM to allocate 256 MiB to hashing a password, for a few milliseconds, but it gets very costly, very fast, for the attacker. And if you can't afford 256 MiB, how about 64?

Using memory dependent hashes works better if one is a small server since one will rarely have a lot of people sending in their passwords at the same time, so the RAM space you need isn't that large. If you are a large organization then this doesn't work as well because you then need room to be able to do many such calculations functionally simultaneously.

Nope. The leverage factor in the password hashing case is linear, since the entropy of passwords is constant (on average). The leverage factor for cryptographic keys is exponential. The reason we don't use much longer keys for public key encryption, etc., is because there's no point in doing so, not because we can't afford it. The key sizes we use are already invulnerable to any practical attack in the near future. For data that must be secret for a long time, we do use larger key sizes, as a hedge against the unknown.

I agree that there's a linear v. exponential difference there(although for many of these it is more like linear and subexponential due to algorithms like the number field sieve), but the rest of your comment is essentially wrong. We keep keys just long enough that we consider it to be highly unlikely that they are going to be vulnerable, but not much more than that. That's why for example we've been steadily increasing the size of keys used in RSA, DH and other systems. Note by the way that part of the concern also is that many of these algorithms require a fair bit of computation not just on the server side but on the client side as well which may be a small device like a tablet or phone. In fact, it would be a lot safer if we increased key sizes more than we do, but there are infrastructural problems with that. See e.g. discussion at The only way that the linear v. exponential(or almost exponential) comes into play is how much we need to increase the underlying key size or how long we need to make the next hash system if we want it to be secure. Keys only need to be increased a tiny bit, whereas hashes need to grow a lot more. But in both cases we're still not making them any longer than we can plausibly get away with for most applications.

Comment Dont worry I've got a backup (Score 3, Funny) 122

As it turns out I have a backup sample, because you have to keep it at incredibly high pressure I keep it in the much more reliably pressurized environment of a dorm room with two Chemical Engineering majors.

Indeed because of the pressures involved I had to add some padding around the sample to prevent the rare metal from being crushed.

You can come collect it whenever, except of course when there's a sock on the door handle (P.S. there is never a sock on the door handle).

Comment Re:Practical? (Score 1) 111

There's one context in which their concern isn't unreasonable: the default assumption is that if any crypto system (key exchange, public key encryption, hashing system, etc.) becomes common then people are going to think about it pretty hard. That's going to lead to a lot of insight in how to do better than brute force. The classic example of this is RSA where RSA-129 was estimated by Rivest that it would take on the order of quadrillions of years to factor even assuming the same improvement rate in computational power. But now RSA-129 is factorable in a few hours with a standard implementation of the number field sieve. This isn't as much about improvement in hardware as it is in improvement in algorithms (modern sieves were inspired in a large part due to RSA). So if you aim for your key to be large enough that any brute force method will be physically impossible, you can be more confident that even with algorithmic improvements, cracking will still take very long.

The real problem with their idea is that given current hardware, demanding long keys is computationally intensive for all involved (and as you pointed out for the vast majority of these what they want to hide just isn't worth that).

Comment Re:What should happen and what will happen (Score 1) 111

The problem with that is on the other practical end: if you massively increase the resources needed will also increase the server side resources; it won't be as bad as it will be on the cracking end, but server resources are expensive. There's a point beyond which you aren't going to get people to agree to do it and a certain point where that insistence really does become reasonable. This is similar to why we don't use much longer keys for public key encryption and use really large primes for DH key exchange.

Comment Wow, just wow. (Score 4, Insightful) 89

So apparently an ISP being able to tell people up front what their fees and charges will be is a

burdensome requirements [...] that impose serious and unnecessary costs

I guess this explains why big ISPs like Comcast and such manage to fuck up billing people on a regular basis. It's just too goddamn hard for companies to know what they charge for their services.

Comment Hey guess what else this is true of - everything (Score 2) 134

was largely positive, but this changed from the mid-1990s to 2013,

The thing to understand is, this is not limited to tech. There has been an assault for a decade or two now on the public being happy in any way. You are meant to be riled up and agitated.... to what end I cannot say. But the end effect is not good, you can tell this is bleeding into everyone's real lives, affecting relationships and general behavior.

Comment And went to... (Score 1) 169

I documented all of this, got supporting statements from my colleagues, and went to HR

Aha, I see your mistake.

When your "I went to..." statement does not end with "the troublesome's persons direct supervisor", then you have done nothing except cause grief for yourself.

Companies don't change in response to HR reported threats. They clam up and protect the status quo. Hint: you reporting a problem is not the status quo...

If instead you report to a manager above the troubled employee, well now you are giving the company a chance to quietly sweep a problem under the rug... there is nothing large companies and high level executives like more than some good rug sweeping. Heck, they might even lay off her whole division just to be sure!

Comment What should happen and what will happen (Score 3, Interesting) 111

If one looks at the history of what happened the last time a major hash was broken, there was a large gap between when MD5 has its first collisions and when it became practical to detect collisions. There was about a little under a decade between when the first collisions were found and when it became easy to find collisions. The general expectation is that hash systems will fail gracefully in a similar way so we have a large amount of warning to switch over. Unfortunately, we've also seen that in practice people don't adopt new hash algorithms nearly as fast as they should. The second to last Yahoo security breach was so bad in part because the passwords were hashed with a completely unsalted MD5 The lack of salting would have been by itself a problem even when MD5 was still considered insecure. That in 2015, a decade after MD5 was broken for almost all purposes, Yahoo was still using it, is appalling. Unfortunately, they likely aren't the only one. And I fully expect that if Slashdot is around in a decade we'll read about someone who has foolishly stored passwords using SHA-1.

Comment It doesn't like going through walls though (Score 1) 63

Or anything solid really. If you have line-of-sight it works pretty well but get anything in the way, and you can have serious issues. I tried it for wireless HDMI and it wasn't able to maintain a solid signal over about 25 feet because there was an interior wall in between the transmitter and receiver.

Comment Re:Sterile and shattered. (Score 5, Interesting) 267

One thing you're forgetting is that these stars have very low gravity, so when they throw flares they get a lot further out into space than they do on the sun. Typically the incident radiation will be low for the reasons you described, but when a planet orbits through a flare it gets zapped really hard. Meanwhile, orbiting the sun, we are so unaffected by flares that when we saw one, we thought it was the Russians jamming our radar.

People who get excited about aliens living on planets orbiting dwarf stars are kidding themselves. These stars are a dime a dozen and make up more than 90% of all stars, their light is more strongly affected by planetary transits, and they tend not to gobble up their innermost planets when forming. It's no wonder we find exoplanets around them all the time. But there is nobody interesting living on any of them. You can really only trust type F and G stars with life. Larger stars explode so fast their planets haven't even had time to solidify, and smaller stars have to be hugged so closely that the planet is affected by the star's fickle weather patterns.

Comment Interesting to mull over effect of shapes. (Score 2) 100

I was also mulling this over in relation to the movie World War Z where (spoiler) zombies piled up against a wall until they got over the top...

Even against an angled wall that would work after a while I imagine, as you packed in enough tipped over zombies. But against curved and angled wall it seems like it would take much longer to work as most of the mindlessly piling on zombies would slide to the sides, or possibly even the force of new incoming zombies pushing the zombies up against the surface of the curve to either side. It would be really interesting to simulate.

I think you are right hat against Walking Dead zombies, it would tip them over and they wouldn't be able to exert any significant force on the wall. Indeed a pack of them would be helping to hold up a wall canted outward!

A new innovation for Zombie movies could be some kind of "stiction" zombie, that could attach to a surface, chemically bond, then pull instead of mindlessly ramming...

Comment All you Apple Haters can bite my shiny metal SD (Score 1) 48

Sony has also introduced a new memory card reader, the MRW-S1, due for release in April. It features an in-built SuperSpeed USB port for cable-free PC connection, so that your files can be copied faster than by using the slower SD slot on a PC

I seem to recall an awful lot of Apple Haters whining about a certain new MacBook Pro that had dropped the built in SD reader...

You just keep on using your slow vestigial reader while us MacBook Pro owners stay at the forefront of technological advance.

Slashdot Top Deals

Sendmail may be safely run set-user-id to root. -- Eric Allman, "Sendmail Installation Guide"