Skip navigation

Week in Review

warning: Creating default object from empty value in /var/www/vhosts/ on line 33.
Original author: 
Megan Geuss

List your passwords alphabetically, so it's easy for you and others to find them!

Give three password crackers a list of 16,000 cryptographically hashed passwords and ask them to come up with the plaintext phrases they correspond to. That's what Ars did this week in Dan Goodin's Anatomy of a hack: How crackers ransack passwords like “qeadzcwrsfxv1331.” Turns out, with just a little skill and some good hardware, three prominent password crackers were able to decode up to 90 percent of the list using common techniques.

The hashes the security experts used were converted using the MD5 cryptographic hash function, something that puzzled our readers a bit. MD5 is seen as a relatively weak hash function compared to hashing functions like bcrypt. flunk wrote, "These articles are interesting but this particular test isn't very relevant. MD5 wasn't considered a secure way to hash passwords 10 years ago, let alone now. Why wasn't this done with bcrypt and salting? That's much more realistic. Giving them a list of passwords that is encrypted in a way that would be considered massively incompetent in today's IT world isn't really a useful test."

To this, Goodin replied that plenty of Web services employ weak security practices: "This exercise was entirely relevant given the huge number of websites that use MD5, SHA1, and other fast functions to hash passwords. Only when MD5 is no longer used will exercises like this be irrelevant." Goodin later went on to cite the recent compromises of "LinkedIn, eHarmony, and LivingSocial," which were all using "fast hashing" techniques similar to MD5.

Read 14 remaining paragraphs | Comments

Your rating: None

From the building blocks of the Internet to the Mark of the Beast, Ars delivered more than a few exploratory articles on things that many of us find mysterious. How does carbon capture work, and how likely is it to be adopted? Got it covered. What's the state of autonomous drones? Check and check. Why isn't the Wii U's clock speed an acceptable variable upon which to judge the entire console? We have you up to date.

Naturally, some news articles are mixed in there as well, so have a gander and see if you missed anything this week, and catch up!

Read on Ars Technica | Comments

Your rating: None

Steps by Thomas Prior

Welcome back to the HHS! Week in Review, a handy roundup all the best photo links from the past week.

+ This paset week we released 20x200 editions of two photographs by Thomas Prior, whose work we first discovered when he entered last year's HHS! competition. These editions are a new favorite around our office.

+ Oh noooo...the C-prints are fading!! Collectors of photographs printed in the 1990's—such as those by Andreas Gursky—are advised to keep their unstable prints out of strong light or risk erasure. Considering that a Gursky print sold for $3.3 million at Sotheby's in 2007, collectors will definitely want to heed this advice.

+ We just posted an exhaustive review of upcoming photo deadlines including: Daylight/CDS competition, Present Tense at PCNW, Aperture Portfolio Prize, Blurb's Photo Book Now, and 1000 Words' workshop in Morocco. There is literally something for everyone, so go read up and don't miss out.

+ A fond farewell to Nymphoto, one of our favorite photo blogs, who announced what may be a permanent hiatus on Friday. We've spent many hours perusing the sidebar of conversations. You will be missed!

+ Last week, we got a mention from @ElizaGregory who tweeted "@heyhotshot Your ratio of time spent on application to potential benefit to applicant is awesome." We're flattered! But it's true, we're really honored by each entry to HHS! and we love spending time reviewing the work. Have you seen the write-ups of our latest contenders? Stacia Prosser, Jo Ann Walters, Sheri Manson, Janet Taylor, Kevin C. Moore

+ It's Nina Berman's turn at the Whitney on May 28th! You're invited to My Turn, "a unique night of dialogue and interaction" that promises to bring the war home.

+ After a brief blip, Joe's NYC photoblog (by Joseph Holmes, for the unacquainted) is back.

+ Gregory Krum's solo show ...Practice... recently opened at Jen Bekman Gallery and we've got install shots up on the blog. Don't miss this great review on the NYT's T Magazine Blog. The show remains on view till Saturday, June 27th.

+ Rachel Sussman speaks about The Oldest Living Things in the World at GEL 2010.

+ Raul Gutierrez linked to this great edit of photos of Saturn on The Big Picture.

+ Kevin Cherry's Mull it Over interviews contender Greg E. Jones

+ Eirik Johnson's show Sawdust Mountain at the Aperture Gallery in NY is an ArtForum critic's pick. Aperture has also made a podcast of Eirik discussing the series available online, which you can listen to right here.

See anything we missed? Let us know on Facebook or on Twitter @heyhotshot.

Your rating: None