Photographers around the world looked up to the sky this past weekend to capture the "supermoon." This is the phenomenon when the moon makes its closest approach to Earth, appearing 30 percent brighter and about 14 percent larger than a typical full moon. It occurs about once every 14 months and is technically called a perigee full moon. At 221,823 miles from Earth, the supermoon was a feast for the eyes.-Leanne Burden Seidel (24 photos total)
A cotton candy vendor walks in from of the moon during the Los Angeles Angels' baseball game against the Pittsburgh Pirates, June 22 in Anaheim, Calif. (Mark J. Terrill/Associated Press)
Leaked information about a piece of NSA software called Boundless Informant could shed light on how organized the agency's surveillance program really is. Glenn Greenwald — who recently exposed both widespread phone metadata collection and an internet spying program called PRISM — has revealed details about the ominously named program, which aggregates and organizes the NSA's data. Greenwald says the tool is focused on metadata, not the contents of emails or phone calls. Among other things, it tracks how many pieces of information have been collected per country.
3 billion pieces of information were allegedly tracked in the US over a 30-day period ending in March. In that same period, 97 billion pieces were collected worldwide, with...
Stephen Balaban is a co-founder of Lambda Labs, based in Palo Alto and San Francisco.
PALO ALTO, CA—Even while sitting in a café on University Avenue, one of Silicon Valley’s best-known commercial districts, it’s hard not to get noticed wearing Google Glass.
For more than an hour, I sat for lunch in late May 2013 with Stephen Balaban as he wore Google's new wearable tech. At least three people came by and gawked at the newfangled device, and Balaban even offered to let one woman try it on for herself—she turned out to be the wife of famed computer science professor Tony Ralston.
Balaban is the 23-year-old co-founder of Lambda Labs. It's a project he hopes will eventually become the “largest wearable computing software company in the world.” In Balaban's eyes, Lambda's recent foray into facial recognition only represents the beginning.
Heavy rainfall over Europe during the the past week has swollen many rivers past their flood stage, wreaking havoc unseen in decades across Germany, Austria, Switzerland, Hungary, Slovakia, Poland and the Czech Republic. At least 18 people across the region have been killed, and tens of thousands have been evacuated. In Germany, the crest of the Elbe River is now approaching the North Sea, as the swollen Danube River is surging toward the Hungarian capital of Budapest. Collected here are images from the past several days of those affected by these historic floods, even as meteorologists predict more rain over the coming weekend. [36 photos]
The city hall of Grimma, Germany, surrounded by floodwater, on June 3, 2013. Flooding has spread across a large area of central Europe following heavy rainfall in recent days. Eastern and southern Germany are suffering under floods that in some cases are the worst in 400 years. Tens of thousands of Germans, Hungarians and Czechs were evacuated from their homes as soldiers raced to pile up sandbags to hold back rising waters in the region. (AP Photo/dpa, Jens Wolf)
In the past few years, there have been a regular series of announcements about devices that cloak something in space. These typically bend light around the cloak so that it comes out behind the object looking as if it had never shifted at all. In contrast, there's just been a single description of a temporal cloaking device, something that hides an event in time. The device works because in some media different frequencies of light move at different speeds. With the right combination of frequency shifts, it's possible to create and then re-seal a break in a light beam.
But that particular cloak could only create breaks in the light beam that lasted picoseconds. Basically, you couldn't hide all that much using it. Now, researchers have taken the same general approach and used it to hide signals in a beam of light sent through an optical fiber. When the cloak is in operation, the signals largely disappear. In this case the cloak can hide nearly half of the total bandwidth of the light, resulting in a hidden transmission rate of 12.7 Gigabits per second.
The work started with the Talbot effect in mind, in which a diffraction grating causes repeated images of the grating to appear at set distances away from it. The cloaking device relies on the converse of this. At other distances, the light intensity drops to zero. The key trick is to convert the Talbot effect from something that happens in space to something that happens in time.
Aurich Lawson / Thinkstock
It's time to ask yourself an uncomfortable question: how many of your passwords are so absurdly weak that they might as well provide no security at all? Those of you using "123456," "abc123," or even just "password" might already know it's time to make some changes. And using pets' names, birth dates, your favorite sports teams, or adding a number or capital letter to a weak password isn't going to be enough.
Don’t worry, we're here to help. We’re going to focus on how to use a password manager, software that can help you go from passwords like "111111" to "6WKBTSkQq8Zn4PtAjmz7" without making you want to pull out all your hair. For good measure, we'll talk about how creating fictitious answers to password reset questions (e.g. mother's maiden name) can make you even more resistant to hacking.
Why you can’t just wing it anymore
A password manager helps you create long, complicated passwords for websites and integrates into your browser, automatically filling in your usernames and passwords. Instead of typing a different password into each site you visit, you only have to remember one master password.
MWE Lab's Emperor 1510 LX—don't call it a chair.
Science fiction is filled with cherished seats of power, workstations that put the universe a finger-touch or a mere thought away. Darth Vader had his meditation pod, the Engineers of Prometheus had their womb-like control stations, and Captain Kirk has the Captain's Chair. But no real-life workstation has quite measured up to these fictional seats of power in the way that Martin Carpentier's Emperor workstations have.
The latest "modern working environment" from Carpentier's Quebec City-based MWE Lab is the Emperor 1510 LX. With a retractable monitor stand that can support up to five monitors (three 27-inch and two 19-inch), a reclining seat with thigh rest, a Bose sound system, and Italian leather upholstery, the Emperor 1510 LX looks more like a futuristic vehicle than a workstation. And it's priced like a vehicle, too—it can soon be yours for the low, low price of $21,500.
Tale of the Scorpion
In 2006, Carpentier was slaving away as a web designer when he reached a breaking point. He was tired of his tangle of cables, the struggle to manage multiple monitors, and the horrible ergonomics that came with a standard computer desk. Inspired by the emperor scorpion, Carpentier modeled his workstation after its tail, with the monitors suspended at the stinger.
List your passwords alphabetically, so it's easy for you and others to find them!
Give three password crackers a list of 16,000 cryptographically hashed passwords and ask them to come up with the plaintext phrases they correspond to. That's what Ars did this week in Dan Goodin's Anatomy of a hack: How crackers ransack passwords like “qeadzcwrsfxv1331.” Turns out, with just a little skill and some good hardware, three prominent password crackers were able to decode up to 90 percent of the list using common techniques.
The hashes the security experts used were converted using the MD5 cryptographic hash function, something that puzzled our readers a bit. MD5 is seen as a relatively weak hash function compared to hashing functions like bcrypt. flunk wrote, "These articles are interesting but this particular test isn't very relevant. MD5 wasn't considered a secure way to hash passwords 10 years ago, let alone now. Why wasn't this done with bcrypt and salting? That's much more realistic. Giving them a list of passwords that is encrypted in a way that would be considered massively incompetent in today's IT world isn't really a useful test."
To this, Goodin replied that plenty of Web services employ weak security practices: "This exercise was entirely relevant given the huge number of websites that use MD5, SHA1, and other fast functions to hash passwords. Only when MD5 is no longer used will exercises like this be irrelevant." Goodin later went on to cite the recent compromises of "LinkedIn, eHarmony, and LivingSocial," which were all using "fast hashing" techniques similar to MD5.
Thanks to the XKCD comic, every password cracking word list in the world probably has correcthorsebatterystaple in it already.
In March, readers followed along as Nate Anderson, Ars deputy editor and a self-admitted newbie to password cracking, downloaded a list of more than 16,000 cryptographically hashed passcodes. Within a few hours, he deciphered almost half of them. The moral of the story: if a reporter with zero training in the ancient art of password cracking can achieve such results, imagine what more seasoned attackers can do.
Imagine no more. We asked three cracking experts to attack the same list Anderson targeted and recount the results in all their color and technical detail Iron Chef style. The results, to say the least, were eye opening because they show how quickly even long passwords with letters, numbers, and symbols can be discovered.
The list contained 16,449 passwords converted into hashes using the MD5 cryptographic hash function. Security-conscious websites never store passwords in plaintext. Instead, they work only with these so-called one-way hashes, which are incapable of being mathematically converted back into the letters, numbers, and symbols originally chosen by the user. In the event of a security breach that exposes the password data, an attacker still must painstakingly guess the plaintext for each hash—for instance, they must guess that "5f4dcc3b5aa765d61d8327deb882cf99" and "7c6a180b36896a0a8c02787eeafb0e4c" are the MD5 hashes for "password" and "password1" respectively. (For more details on password hashing, see the earlier Ars feature "Why passwords have never been weaker—and crackers have never been stronger.")
Journeyman Pictures' short documentary "Naked Citizens" is an absolutely terrifying and amazing must-see glimpse of the modern security state, and the ways in which it automatically ascribes guilt to people based on algorithmic inferences, and, having done so, conducts such far-reaching surveillance into its victims' lives that the lack of anything incriminating is treated of proof of being a criminal mastermind:
"I woke up to pounding on my door", says Andrej Holm, a sociologist from the Humboldt University. In what felt like a scene from a movie, he was taken from his Berlin home by armed men after a systematic monitoring of his academic research deemed him the probable leader of a militant group. After 30 days in solitary confinement, he was released without charges. Across Western Europe and the USA, surveillance of civilians has become a major business. With one camera for every 14 people in London and drones being used by police to track individuals, the threat of living in a Big Brother state is becoming a reality. At an annual conference of hackers, keynote speaker Jacob Appelbaum asserts, "to be free of suspicion is the most important right to be truly free". But with most people having a limited understanding of this world of cyber surveillance and how to protect ourselves, are our basic freedoms already being lost?