We describe and analyze a variant of the traditional password scheme. This is designed to take advantage of standard error-correcting methods of the types used to facilitate text entry on handsets. We call the new approach fast- words to emphasize their primary feature compared to regular passwords. Compared with passwords, fastwords are approximately twice as fast to enter on mobile keyboards, and approximately three times as fast on full-size keyboards. This is supported by user studies reported on herein. Furthermore, these user studies show that fastwords also have considerably greater entropy than passwords, and that their recall rates are dramatically higher than that of passwords and PINs. The new structure permits a memory jogging technique in which a portion of the fastword is revealed to a user who has forgotten it. We show that this results in boosted recall rates, while maintaining a security above that of traditional passwords. We also introduce the notion of equivalence classes, whether based on semantics or pronunciation, and describe uses, including voice-based authentication. The new technology does not need any client-side modification.
It’s no surprise that schools in wealthy communities are better than those in poor communities, or that they better prepare their students for desirable jobs. It may be shocking, however, to learn how vast the differences in schools are – not so much in resources as in teaching methods and philosophies of education. Jean Anyon observed five elementary schools over the course of a full school year and concluded that fifth-graders of different economic backgrounds are already being prepared to occupy particular rungs on the social ladder. In a sense, some whole schools are on the vocational education track, while others are geared to produce future doctors, lawyers, and business leaders. Anyon’s main audience is professional educators, so you may find her style and vocabulary challenging, but, once you’ve read her descriptions of specific classroom activities, the more analytic parts of the essay should prove easier to understand.
<quote>On the other hand, the former executive at the Alexa top-ranking site said an Adblock Plus representative told him he had to pay even though Adblock Plus agreed that the publisher’s ads were acceptable and should not be blocked. “If we didn’t pay they would continue to block us. To me it seems like extortion,” he says.</quote>
Quoted for color, breadth & verisimilitude
Rob Beeler, vice president of content and media at AdMonsters LLC.
We examine critically the claims made by Fredrickson and Losada (2005) concerning the construct known as the “positivity ratio.” We find no theoretical or empirical justification for the use of differential equations drawn from fluid dynamics, a subfield of physics, to describe changes in human emotions over time; furthermore, we demonstrate that the purported application of these equations contains numerous fundamental conceptual and mathematical errors. The lack of relevance of these equations and their incorrect application lead us to conclude that Fredrickson and Losada’s claim to have demonstrated the existence of a critical minimum positivity ratio of 2.9013 is entirely unfounded. More generally, we urge future researchers to exercise caution in the use of advanced mathematical tools such as nonlinear dynamics and in particular to verify that the elementary conditions for their valid application have been met.
Page 21 <quote>They appear to assert that the predictive use of differential equations abstracted from a domain of the natural sciences to describe human interactions can be justified on the basis of the linguistic similarity between elements of the technical vocabulary of that scientific domain and the adjectives used metaphoric ally by a particular observer to describe those human interactions. If true, this would have remarkable implications for the social sciences. One could describe a team’s interactions as “sparky” and confidently predict that their emotions would be subject to the same laws that govern the dielectric breakdown of air under the influence of an electric field. Alternatively, the interactions of a team of researchers whose journal articles are characterized by “smoke and mirrors” could be modeled using the physics of airborne particulate combustion residues, combined in some way with classical optics.</quote>
Page 32 Citing Stanislav Andreski <quote>The recipe for authorship in this line of business is as simple as it is rewarding: just get hold of a textbook of mathematics, copy the less complicated parts, put in some references to the literature in one or two branches of the social studies without worrying unduly about whether the formulae which you wrote down have any bearing on the real human actions, and give your product a good-sounding title, which suggests that you have found a key to an exact science of collective behaviour.</quote> (Stanislav Andreski, Social sciences as sorcery, London, UK: Andre Deutsch. 1972, pp. 129–130)
Why do this? When the CD-ROM function is burned into the very firmware of the disk unit … That’s when. Very pesky. You crack the case on one of those things and it’s not really a sata disk inside, the pins are all different. Which means it does different things than a disk. <spooky>Different things.</spooky>
Preventing Western Digital SmartWare Virtual CD from automounting in your desktop; in /etc/fstab
<quote>As I mentioned in my last post, I recently picked up a Western Digital My Book Essential 1 TB external hard drive. Although it doesn’t as yet display the same problems that my Simpletech hard drive wa….</quote>
Managing passwords for online application accounts is a heavy responsibility for users. Using easily remembered passwords or repeatedly using the same password makes the account susceptible to brute force guessing. Furthermore, the password-protected accounts are vulnerable to attacks like phishing, keylogging, eavesdropping, and man-in-the-middle attacks, no matter how strong the passwords are. Hence the urgent need for an alternative to password system.
Stajano proposed a candidate known as Pico . This is an authentication hardware token utilizing mutual authentication with the application server to obtain access to users’ accounts. The credentials for the authentication are created and managed by Pico and are guaranteed to be secure and unique for each application. The Pico device is portable and easy to use, allowing users to login everywhere. Compared to other existing password alternatives, Pico has the advantage of providing protection against the attacks mentioned above and effortless access control device.
Although Stajano presents desirable functionalities in for the Pico, its practicality remains to be demonstrated. Toward this goal, this thesis proposes a set of specifications for the Pico device, and a prototype device to demonstrate the Pico functionalities. The specification defines authentication protocols, the underlying cryptographic algorithms, and the credentials. The protocols mutually authenticate Pico and the server, over an encrypted channel protected by mutual secret from key exchange algorithms. The servers are verified by credentials registered in Pico database, to prevent internet phishing. Moreover, out-of-band communication schemes and message structures for all the communication between Pico and servers are specified as well.
The technical specifications are implemented on a smartphone based Pico prototype. The algorithms are programmed in Java and executed on Android platform, using several Android libraries. This prototype is capable of performing cryptographic calculations, wireless communication, and providing a proper user interface. A demonstration server is also implemented to test the entire Pico system. As a result, users can log on to this server by pointing the Pico prototype to the QR code displayed on the web page, and the account can be accessed within few seconds.
From a usability viewpoint, passwords and PINs have reached the end of their useful life. Even though they are convenient for implementers, for users they are increasingly unmanageable. The demands placed on users (passwords that are unguessable, all different, regularly changed and never written down) are no longer reasonable now that each person has to manage dozens of passwords. Yet we can’t abandon passwords until we come up with an alternative method of user authentication that is both usable and secure. We present an alternative design based on a hardware token called Pico that relieves the user from having to remember passwords and PINs. Unlike most alternatives, Pico doesn’t merely address the case of web passwords: it also applies to all the other contexts in which users must at present remember passwords, passphrases and PINs. Besides relieving the user from memorization efforts, the Pico solution scales to thousands of credentials, provides “continuous authentication” and is resistant to brute force guessing, dictionary attacks, phishing and keylogging.