Skip navigation
Help

grant applications

warning: Creating default object from empty value in /var/www/vhosts/sayforward.com/subdomains/recorder/httpdocs/modules/taxonomy/taxonomy.pages.inc on line 33.
Original author: 
John Timmer

FirasMT

In the past few years, there have been a regular series of announcements about devices that cloak something in space. These typically bend light around the cloak so that it comes out behind the object looking as if it had never shifted at all. In contrast, there's just been a single description of a temporal cloaking device, something that hides an event in time. The device works because in some media different frequencies of light move at different speeds. With the right combination of frequency shifts, it's possible to create and then re-seal a break in a light beam.

But that particular cloak could only create breaks in the light beam that lasted picoseconds. Basically, you couldn't hide all that much using it. Now, researchers have taken the same general approach and used it to hide signals in a beam of light sent through an optical fiber. When the cloak is in operation, the signals largely disappear. In this case the cloak can hide nearly half of the total bandwidth of the light, resulting in a hidden transmission rate of 12.7 Gigabits per second.

The work started with the Talbot effect in mind, in which a diffraction grating causes repeated images of the grating to appear at set distances away from it. The cloaking device relies on the converse of this. At other distances, the light intensity drops to zero. The key trick is to convert the Talbot effect from something that happens in space to something that happens in time.

Read 6 remaining paragraphs | Comments

0
Your rating: None
Original author: 
Jon Brodkin

Aurich Lawson / Thinkstock

It's time to ask yourself an uncomfortable question: how many of your passwords are so absurdly weak that they might as well provide no security at all? Those of you using "123456," "abc123," or even just "password" might already know it's time to make some changes. And using pets' names, birth dates, your favorite sports teams, or adding a number or capital letter to a weak password isn't going to be enough.

Don’t worry, we're here to help. We’re going to focus on how to use a password manager, software that can help you go from passwords like "111111" to "6WKBTSkQq8Zn4PtAjmz7" without making you want to pull out all your hair. For good measure, we'll talk about how creating fictitious answers to password reset questions (e.g. mother's maiden name) can make you even more resistant to hacking.

Why you can’t just wing it anymore

A password manager helps you create long, complicated passwords for websites and integrates into your browser, automatically filling in your usernames and passwords. Instead of typing a different password into each site you visit, you only have to remember one master password.

Read 83 remaining paragraphs | Comments

0
Your rating: None
Original author: 
Sean Gallagher


MWE Lab's Emperor 1510 LX—don't call it a chair.

MWE Labs

Science fiction is filled with cherished seats of power, workstations that put the universe a finger-touch or a mere thought away. Darth Vader had his meditation pod, the Engineers of Prometheus had their womb-like control stations, and Captain Kirk has the Captain's Chair. But no real-life workstation has quite measured up to these fictional seats of power in the way that Martin Carpentier's Emperor workstations have.

The latest "modern working environment" from Carpentier's Quebec City-based MWE Lab is the Emperor 1510 LX. With a retractable monitor stand that can support up to five monitors (three 27-inch and two 19-inch), a reclining seat with thigh rest, a Bose sound system, and Italian leather upholstery, the Emperor 1510 LX looks more like a futuristic vehicle than a workstation.  And it's priced like a vehicle, too—it can soon be yours for the low, low price of $21,500.

Tale of the Scorpion

In 2006, Carpentier was slaving away as a web designer when he reached a breaking point. He was tired of his tangle of cables, the struggle to manage multiple monitors, and the horrible ergonomics that came with a standard computer desk. Inspired by the emperor scorpion, Carpentier modeled his workstation after its tail, with the monitors suspended at the stinger.

Read 12 remaining paragraphs | Comments

0
Your rating: None
Original author: 
Megan Geuss


List your passwords alphabetically, so it's easy for you and others to find them!

Give three password crackers a list of 16,000 cryptographically hashed passwords and ask them to come up with the plaintext phrases they correspond to. That's what Ars did this week in Dan Goodin's Anatomy of a hack: How crackers ransack passwords like “qeadzcwrsfxv1331.” Turns out, with just a little skill and some good hardware, three prominent password crackers were able to decode up to 90 percent of the list using common techniques.

The hashes the security experts used were converted using the MD5 cryptographic hash function, something that puzzled our readers a bit. MD5 is seen as a relatively weak hash function compared to hashing functions like bcrypt. flunk wrote, "These articles are interesting but this particular test isn't very relevant. MD5 wasn't considered a secure way to hash passwords 10 years ago, let alone now. Why wasn't this done with bcrypt and salting? That's much more realistic. Giving them a list of passwords that is encrypted in a way that would be considered massively incompetent in today's IT world isn't really a useful test."

To this, Goodin replied that plenty of Web services employ weak security practices: "This exercise was entirely relevant given the huge number of websites that use MD5, SHA1, and other fast functions to hash passwords. Only when MD5 is no longer used will exercises like this be irrelevant." Goodin later went on to cite the recent compromises of "LinkedIn, eHarmony, and LivingSocial," which were all using "fast hashing" techniques similar to MD5.

Read 14 remaining paragraphs | Comments

0
Your rating: None
Original author: 
Dan Goodin


Thanks to the XKCD comic, every password cracking word list in the world probably has correcthorsebatterystaple in it already.

Aurich Lawson

In March, readers followed along as Nate Anderson, Ars deputy editor and a self-admitted newbie to password cracking, downloaded a list of more than 16,000 cryptographically hashed passcodes. Within a few hours, he deciphered almost half of them. The moral of the story: if a reporter with zero training in the ancient art of password cracking can achieve such results, imagine what more seasoned attackers can do.

Imagine no more. We asked three cracking experts to attack the same list Anderson targeted and recount the results in all their color and technical detail Iron Chef style. The results, to say the least, were eye opening because they show how quickly even long passwords with letters, numbers, and symbols can be discovered.

The list contained 16,449 passwords converted into hashes using the MD5 cryptographic hash function. Security-conscious websites never store passwords in plaintext. Instead, they work only with these so-called one-way hashes, which are incapable of being mathematically converted back into the letters, numbers, and symbols originally chosen by the user. In the event of a security breach that exposes the password data, an attacker still must painstakingly guess the plaintext for each hash—for instance, they must guess that "5f4dcc3b5aa765d61d8327deb882cf99" and "7c6a180b36896a0a8c02787eeafb0e4c" are the MD5 hashes for "password" and "password1" respectively. (For more details on password hashing, see the earlier Ars feature "Why passwords have never been weaker—and crackers have never been stronger.")

Read 52 remaining paragraphs | Comments

0
Your rating: None

I'm entering a PhD program in the fall (scientific computing/bioinformatics) and am taking the summer off to travel. As such, I feel like I'm going to have a lot of free time for reading. I'm looking for suggestions for books that I should read that will make me a better computer scientist. I'm not interested in textbooks, since I'll be reading enough of those in the Fall and would prefer topics that I likely wouldn't get exposed to in a class. Also, everything I plan on reading I'm going to have to carry with me for the whole summer, so lighter and smaller is better.

So far I've compiled the following list based off of previous similar discussions:

  • The Soul of A New Machine - Tracy Kidder
  • COMPLEXITY: THE EMERGING SCIENCE AT THE EDGE OF ORDER AND CHAOS - M. Mitchell Waldrop
  • The Society of Mind - Marvin Minsky
  • Gödel, Escher, Bach: An Eternal Golden Braid - Douglas R. Hofstadter
  • Computer Power and Human Reason - Joseph Weizenbaum

What else is there anything else that I definitely should add?

EDIT: Thank you all for your suggestions. I'm definitely going to have a lot of good choices this summer.

submitted by easypeas
[link] [85 comments]

0
Your rating: None