Password Security: Why the Horse Battery Staple Is Not Correct
> symbols, caps and numbers are still very useful when the site limits password length.
I disagree: Insist that there must be a cap, and it will be the initial letter in >90% of the cases.
Insist that it have numbers, and they'll either be trailing (often the year, especially if you require two digits)
Insist that it be symbols, and you'll probably find a period or comma at the end (the only symbols commonly available on the first smartphone keyboard screen).
So, now I've changed the two digits to one out of ten, and instead of a random character out of the 70 or so common ASCII characters, I'm probably starting with just one of the uppercase letters.
At one point when I was a system administrator and we only required 6-digit passwords changed every 90 days, I could log in to 3/4 of the computers with "spring", "summer", "autumn" or "winter". When we beefed up to 8 digits with numbers, it would be "spring95", "autumn96" etc.
You've got to make it more random: Pick a phrase, a song lyric, a movie quote. Change a word or two. Make some letters just the initials, a word all in caps, a number substitution: "You light up my life" -> "uL1GHT^ml". That's unlikely to be in a cracker dictionary (until today, of course).
Ask Slashdot: Is It Worth Being Grandfathered On Verizon's Unlimited Data Plan?
The two big catches with the unlimited plan are
(a) you can't buy a discounted phone (which someone above has already mentioned)
but the big one is
(b) you can't hotspot or share the account with other devices
(a) is less of a problem these days: There really aren't discounted phones, just installment payment plans. And I got my latest phone from a relative who's an exec at Verizon (no, I can't get you one too)
(b) is nearly a dealbreaker. I don't like touchscreen typing, so any message more than two lines long I want to use my laptop or tablet keyboard for... but I can't if I'm not in a free wifi zone. Is it worth losing unlimited to be able to occasionally tether? Maybe. At one point there were apps that would let you tether without rooting the phone, outside of the provider's knowledge, then they stopped working, maybe they work again.
Anyone have experience with non-root tether apps on Android?
Do Specs Matter Anymore For the Average Smartphone User?
#1 Does the volume go high enough? (actually, I often want several steps between 4 and 5)
#2 Does it fit in my pocket? (a big complaint of my wife -- most modern phones are too big for anything but a purse)
#3 Can I enjoy watching a movie on a screen that size (I want a 70" smartphone)
#4 Can I watch movies for the whole flight without plugging it in?
#5 How fast does my app appear (which has very little to do with specs, more to do with software)
#6 Can the GPS synch before I miss my exit?
That's enough specs for anyone
Ask Slashdot: What Smartwatch Apps Could You See Yourself Using?
If it could monitor blood sugar without stabbing you for blood, it'd be a great tool for diabetics (not a category I need it for)
If it can somehow monitor whether I've fallen asleep and beep/vibrate (and stab you for blood?), it'd be great while driving, or other dull work
Black hatting: Read every RFID/NFC object I pass my wrist near.
Lots Of People Really Want Slideout-Keyboard Phones: Where Are They?
...but I've gotten better results from Swype and the continuous-swipe Google keyboard, than I ever could from the physical keyboard.
I had a 1st-gen Moto Droid with the slideout keyboard, and found that I rarely slid out the keyboard, because (a) it was nearly as inaccurate to use as the on-screen keyboard, (b) it only worked in landscape mode, and (c) I was faster with Swype. The downside of Swype, of course, is that if the word recognition fails to find your word, you're going to have to peck it in all over again. I've been slowly entering all my ethnic cooking terms, but I probably find a couple new words to enter every week.
On the other hand, for anything more than a sentence or two, I will pull out my laptop and type with a real keyboard. I just bought a bluetooth keyboard for my 8" tablet -- I'm looking forward to seeing how useful that turns out to be.
On the gripping hand, voice recognition in Google Now is very, very good at local place names (I'm not sure if it's also indexing off my contacts). Unless you're off the grid, as it requires network access to recognize voice at all.
FBI Concerned About Criminals Using Driverless Cars
1) Order six cars to show up outside the bank, direct each to a different location (meanwhile, criminals walk away)
2) Order 2000 more cars to the block where you're robbing the bank, to prevent emergency vehicles from getting there
Ask Slashdot: Where's the Most Unusual Place You've Written a Program From?
Many years ago, pre cell phones, I was paged by an FDA reviewer writing on a database system I wrote, Friday night at the drive in theatre.
Fixing his proven required stepping through the code (Borland Paradox) over a pay phone in the concession stand, remembering exactly how the code worked, to tweak the behavior.
Admittedly not millions of lines of code, but still a pretty nifty feat.
50 Years of BASIC, the Language That Made Computers Personal
Long before Lisp or Perl, Basic made things much, much easier to deal with text.
C (and its children) had pointers and allocation to deal with.
Cobol, Fortran and Pascal, by default, dealt with fixed-length strings (yes, later versions improved it).
On the Digital operating systems (RSTS, RSX, VAX/VMS -- whose technology ended up influencing WinNT), BASIC was relatively sophisticated, long before Visual Basic: explicit variable declaration, access to database routines, etc. I got a LOT of stuff done where the Pascal and C programmers were spending time just making things work. Speed? Perhaps slower, but most of what I worked on was interactive, where the bulk of the time was waiting for a human being.
Reinventing the Axe
They're selling those things for close to 200 Euros, plus shipping.
The Home Depot sells splitting mauls for $30-$40.
With mass production, the prices should be similar, but not until the price comes way down would I even consider it.
Ask Slashdot: What Tech Products Were Built To Last?
Scoff if you must -- I'm not using it for audiophile, but as an employee-project-completion gift, it's made a fantastic $300 alarm clock.
I've had it for close to 15 years now (it debuted in 1998). It does exactly what I need: Good UI, wake up to radio, tone or CD with slow volume increase, two alarms. Most CD players I've seen don't last this long, and this thing has been a rock.
Ask Slashdot: What Tech Products Were Built To Last?
Those early-generation LaserJets were built like tanks. I've seen them pushed off a table (which took some effort -- the early ones were 70 lbs), hit the floor, and aside from some cosmetic damage, just keep printing. The same-era Digital Equipment Corp LN03 was pretty good too (except for having a toner tub which could spill); corresponding Xerox printers while larger-capacity and faster were much finickier.
HP and Apple's printers of that generation used the Canon print engine and optics. Whatever happened to that quality?
Ask Slashdot: What Good Print Media Is Left?
Science News is available online, though.
Ask Slashdot: What Good Print Media Is Left?
Two magazines I still read in print are Lucky Peach and Archaeology.
Lucky Peach is a bit of insanity: Food travel, recipes, and steam of consciousness weirdness. Not cheap, and so far as I can tell, not all of it is available online.
Archaeology is great because you get to see real science actually in use -- unlike the pap most newspapers post, where the big words are all left out. It does have digital subscriptions, but because most of its articles are short, I'm happy to take this into the (ahem) powder room, where I really don't want to bring a screen.
One Billion Android Devices Open To Privilege Escalation
So sweet of Verizon to not provide updates on a timely basis, then, which prevents this kind of attack from ever causing problems.
So I turn to CyanogenMod or similar, which I'm sure will have patched this by the time there's another upgrade.
How Do You Backup 20TB of Data?
Even if 100% of that 20TB is legally owned content, recovery is a huge process: re-ripping hard media is still awfully slow -- if you can even find where you stashed it (I think a few CD's have walked off the reservation)
Purchased digital media is no better: you've got many sources to find it from, and it may disappear: preview tracks, live tracks, etc. may disappear when they stop updating their MySpace, or a local distributor goes belly-up. That's also assuming you're still using the same providers: if you had download privs on some of the music servers of the 2000's, you'd have 'ownership' of that media, but you may not be able to get it again if you aren't still paying for the account.
The most economical and reliable is probably a mirror RAID array. It sounds like this guy accidentally issued a command to erase the content, rather than a RAID failure. Ordinarily, the RAID should be good for most stupidities, but this falls a little outside that. The question is, if you have mirroring software, how frequently does it try to match, and would it clean off the mirror too?
70% of U.S. Government Spending Is Writing Checks To Individuals
I can't take credit for this, it's a quote from Nobel Prize winning economist Paul Krugman.
Payments are up through mostly automatic processes: People are out of work due to the financial industry shenanigans, so unemployment checks are written, more people end up on Medicare or SNAP (nee food stamps), and because of the aging population, more people on Social Security. Obamacare barely has had any effect
Apple II DOS Source Code Released
Maybe we can fix a few bugs as a community, eh?
Movie Review: Ender's Game
The movie suffers from the compression of the novel -- the audience deserved more of the battle room, if nothing else, and a better idea of how grueling the schedule there and in Command School really was -- it looks like a couple days at most.
But the biggest issue with compression is moving command school to near the Formic homeworld. I couldn't figure out why, especially as they kept with the concept of instantaneous control with the ansible (FTL communication). But it was mainly so that they didn't have to break from Ender's shame at his destruction of his enemy to the hope of restoration by finding the last queen's egg.
Ok, I can see how that helps streamline things, until you realize that, uh, he just stepped off a military base, brought something alien back with him, and now he's going to traipse across the galaxy to find a place to put it? Um, no. That can't happen until he's already been out of the military.
They should have split it in two: Battle school, maybe up until the first victory of Dragon Army (going any further leaves too little for a second movie), then the rest. That would have let the characters breathe, let them have a decent epilogue reuniting Ender and Valentine, and the Hive Queen, and maybe even some way of bringing in Locke and Demosthenes.
Cornell Team Says It's Unified the Structure of Scientific Theories
Long since documented by our buddy Randall: http://xkcd.com/927/
Redesigned Seats Let Airlines Squeeze In More Passengers
at 6'7", economy on most airlines is beyond tolerable: the seat pitch is less than the length of my knee to butt.
Last night I was on a United flight that theoretically had "economy plus" but was given the lame excuse that it's a brand new airplane and "hasn't been reconfigured yet" -- never have I heard such refined bullsh*t.
I've got a job!
I am now Senior Consultant for a NJ software firm that specializes in Pharmaceutical publishing tools.
Just had to say it somewhere.
Bizarro of the day: Do-not-call is good for telemarketers
OK, when I get called by telemarketers, my first impulse is to be extremely rude to them, foul langauge, etc.
I won't buy things I need when I'm cold-called.
But I usually won't be rude, I'll at least ask them politely to never call me again.
But now I've got four numbers on the do-not-call list, and it seems to me that the telemarketers should be happy to know that they needen't wast their time calling me, because I won't ever, ever buy products or services I do not solicit myself.
So even for the industries not bound by the DNC list (banks, phone companies, insurance, *sigh*), it should be worth their while to not call me, neh?
Ok, probably nobody will read this, since I have few friends, foes, freaks and fans, but I had a thought worth posting.
I comment only a couple times a week, occasionally posting something I know will swallow a little Karma, but usually trying to be significant or occasionally funny.
The egoboo of being modded up is nice... but I'm always happier when someone replies. It's a conversation, perhaps a debate. More often than not, I'll reply to that poster.
The further down in the tree, the less likely it is to be modded -- because people don't look down the trees, and because the reply to the reply is likely to be a day later.
That makes me think that rewards on this site should be weighted towards replies, esp. replies that get modded up. And a mod on a reply is probably worth more than a top-level mod.
So... I finally start actually logging in, and it's fun. I've posted a few messages, gotten positive responses. I needed the egoboo yesterday too -- work is in a calm-before-storm mode.
Metamoderated 3 times since yesterday noon!?
Acquired a fan -- hmm.
But since the first few hours, the posted topics just haven't been what I want to talk about. I need something to keep up my enthusiasm, or I'll fade back to lurk mode.
Maybe I'll go back to reading up on Python, for the Chandler proj.