domingo, 1 de mayo de 2016

A hacker told me how to make a super strong password I can actually remember

Kurt Muhl (right), an ethical hacker with RedTeam Security
By Paul Szoldra   Via  TECHINSIDER

"One of the easiest ways to give yourself a strong password would be using a full sentence," said Kurt Muhl of RedTeam Security. 

Based in St. Paul, Minn, the cybersecurity firm of ethical "white hat" hackers helps companies find security flaws before the bad guys do.

The full-sentence technique works like this: Think of an everyday phrase that you can remember, like "My #1 favorite thing in the world is my family," or as Muhl gives as an example, "I bought my house for $1."

Then you take that sentence and convert it to a password by grabbing the first letter of each word. "I bought my house for $1" then becomes Ibmhf$1.

"That's going to give your uppercase, lowercase, a number, and special characters in there," Muhl said. "It's something that's easy to remember. All you gotta do is remember that sentence."

It seems simple, yet many people still resort to weak passwords, which hackers can easily guess using free software tools like John the Ripper. A password that has a word found in a dictionary with a number thrown on the end is something that a tool like "John" could break in about an hour, Muhl explained.

Passwords like "123456" or "password" — consistently found on worst password lists — would only take seconds to crack.

"That is the first thing that we try to go after," Muhl said.

As Muhl explained, John works off dictionary lists — massive text files you can find on any number of hacker forums — that contain words, phrases, numbers, and other password possibilities. It basically keeps trying combinations of words and numbers until it gets it right, which wouldn't take long if the password is particularly weak.

But Muhl's technique makes a dictionary attack fairly impossible, since it's not a word at all. The password becomes even stronger if you have more characters, since the added length ups the number of possibilities.

"The longer your passwords could possibly be," Muhl said. "The more guesses it's gonna take for me to get it right."

martes, 26 de abril de 2016

¿Cómo sabe el GPS qué ruta recomendarnos?

¿Qué carretera es mejor para ir de Madrid a Ciudad Real?
Para viajar de Ciudad Real a Madrid, ¿es mejor la carretera de Toledo o la de Andalucía? Así toma la decisión tu GPS

By: Macario Polo Usaola  Via: EL PAÍS, TECNOLOGÍA

Vivo en Ciudad Real, pero tengo mucha familia en Madrid. Un tema recurrente, desde hace más de treinta y cinco años, cuando llegan o llegamos de viaje, es si hemos ido o venido por la carretera de Toledo o por la de Andalucía. A diferencia del GPS al que podríamos consultar para ver qué camino es mejor, nosotros tenemos mucha experiencia en este recorrido (y en la conversación consiguiente).

El inexperto aparato, sin embargo, recomienda uno u otro camino en función de la distancia, de las características de cada carretera, e incluso de las horas en que preveamos viajar: así, el sistema informático de enrutamiento puede mostrarnos una alternativa u otra. Lo que no hará, seguro, es recomendarnos pasar por Badajoz, o por Valencia, o por Cádiz, para llegar desde nuestro origen, en mitad de La Mancha, hasta la capital, en el centro de la Península Ibérica.

La determinación del camino mínimo desde un lugar de origen a uno de destino es un problema clásico en Informática, que cualquier estudiante universitario de esta disciplina debe saber resolver.

El problema responde a lo que se llama un recorrido en un grafo que, en Informática, es un colección de puntos (ciudades o edificios o direcciones postales, por ejemplo) con líneas que los conectan (carreteras, calles, caminos). A cada línea se le asigna lo que se llama un "peso", que normalmente es la distancia, pero que puede ser otro factor (como el número de carriles o la velocidad máxima permitida) o una conjunción de factores (la distancia y el número de carriles y la velocidad máxima y la existencia de obras en algún trecho).

¿Cómo determina un sistema informático la ruta óptima de manera automática? El cálculo del camino óptimo es lo que se llama un problema de orden n2, es decir, que su tiempo de cálculo depende del número de puntos en el mapa elevado al cuadrado. Pero son tantos los puntos en el mapa (sólo España tiene más de 8.000 municipios, cada uno con sus calles, cruces, monumentos, edificios públicos…) que la aplicación del llamado algoritmo de Dijkstra se torna imposible.

sábado, 23 de abril de 2016

1 Million people use Facebook over Tor

People who choose to communicate over Tor do so for a variety of reasons related to privacy, security and safety. As we've written previously it's important to us to provide methods for people to use our services securely – particularly if they lack reliable methods to do so. 

This is why in the last two years we built the Facebook onion site and onion-mobile site, helped standardise the “.onion” domain name, and implemented Tor connectivity for our Android mobile app by enabling connections through Orbot.

Over this period the number of people who access Facebook over Tor has increased. In June 2015, over a typical 30 day period, about 525,000 people would access Facebook over Tor e.g.: by using Tor Browser to access www.facebook.com or the Facebook Onion site, or by using Orbot on Android. This number has grown – roughly linearly – and this month, for the first time, we saw this “30 day” figure exceed 1 million people. 

This growth is a reflection of the choices that people make to use Facebook over Tor, and the value that it provides them. We hope they will continue to provide feedback and help us keep improving.

Alec Muffett is a Software Engineer for Security Infrastructure at Facebook in London

viernes, 22 de abril de 2016

How much money you need to live comfortably in the 50 biggest cities?

By Elyssa Kirkham Via GO BANKING RATES

Unless you're tracking expenses carefully, it can be hard to tell whether your city's cost of living or your own spending habits are the cause of your financial troubles. Using the 50-30-20 budgeting rule, for example ― in which 50 percent of income covers necessities, 30 percent is for discretionary items and 20 percent is saved ― you can quickly determine whether your income is sufficient to cover expenses for living in your city. If it isn't, you might have to cut costs or maybe even move.

GOBankingRates conducted a cost-of-living comparison of the 75 most populous U.S. cities, surveying dollar amounts of living expenses including rent, groceries, utilities, transportation and healthcare. This total, which accounts for necessities, was then doubled to find how much money a single person needs to earn in that city to follow a 50-30-20 budget. This study also compares the total amount of income needed to the actual median household income in each city to see if differences in cost of living are matched by differences in pay.

Click through to see how much money you'd need to earn to live comfortably in the biggest cities across the U.S. The cities are listed in order of population from smallest to largest.

Read more about this article in GO BANKING RATES

jueves, 21 de abril de 2016

The Silicon Valley Hustle

Photographs and text by Laura Morton

Tales of enormous fortunes created by the technology industry brought a gold rush in recent years that has gripped San Francisco and the Silicon Valley. Many young dreamers – entrepreneurs, geniuses, idealists – flocked to the area with the hope of starting a successful start-up or striking it rich by joining the right company at the right time.

The tech boom has contributed to growing income inequality in the area. And many of the young transplants profiled below are not among the area’s elite, at least not yet. They often live on the cheap while working on their companies, a process known as bootstrapping.

They work long hours with hopes to build empires. And their lives are intertwined: They live with each other, network with one another in co-working spaces, compete with everyone and party together.

Over the last few months, the headlines have changed, amid gyrating tech stocks and questions over the broader economy. For every success story, there will be many more failures. Yet most of these dreamers believe that the industry remains a true meritocracy: that those who deserve to succeed will do so.