This was based on research on the hashed versions of 70 million Yahoo users, in which a Cambridge research tried to determine the strength of all of the passwords, and see how different groups did. Some of the other findings:
People with a credit card stored on their account do little to increase their security other than avoiding very weak passwords such as "123456". Unsurprisingly, people who change their password from time to time tend to select the strongest ones.
In terms of more specifics:
Password strength is measured in bits, where cracking one bit is equivalent to the chance of correctly calling a fair coin toss, and each additional bit doubles the password's strength. On average, Bonneau found that user-chosen passwords offer less than 10 bits of security against online attacks, meaning it would only take around 1000 attempts to try every possible password, and around 20 bits of security against offline attacks.
That's surprising, because even a randomly chosen six-character password composed of digits and upper and lower case letters should offer 32 bits of security. Bonneau says the discrepancy is due to people picking much easier passwords than those theoretically allowed. He suggests assigning people randomly chosen nine-digit numbers instead, which would offer 30 bits of security against every type of attack – a 1000-fold increase in security on average. "I think it's reasonable to expect people to have the capacity to remember that, because they do it for phone numbers," he says.
Of course, this reminds me (like so much does) of an xkcd comic on how we've all been trained into selecting weak passwords that are hard to remember, on the false belief that they're strong.
from the you-been-reported-to-the-cyberpolice dept
If you happen to keep up with the latest internet memes (you know who you are), you almost certainly have heard about the whole "ya dun goofed"/Jessi Slaughter saga. If you (lucky you) aren't aware of this, and wish to find out (and, I warn you, you may be better off not knowing about this), all the details are at that link. Frankly, after watching the key videos, embedded below, the whole thing really feels faked for the sake of attention. The whole thing is so over the top that it feels like a calculated attempt to get viral YouTube fame.
As Kenyatta notes:
What's more interesting to me is the fact that just after her very public breakdown, she went back on Stickam a few hours later, completely unfazed by the insults being hurled at her.... The chat is filled with the kind of stuff that parents would call 'bullying,' however, she's totally ignoring it all. Clearly the internet has created a new kind of teenager, able to filter out the kind of noise that would "ruin" the life of folks like Star Wars Kid just years before.
That seemed interesting to me, though, I'm not sure I buy that. First of all, it's a single anecdote involving a single person and (again), I'm still not convinced this is real.
After reading that interview earlier, I had considered doing a post about that claim of the "new kind of teenager," but figured that the "evidence" was so weak, it wasn't worth it. However, I was then amused to look at the submissions for Techdirt, and find a note from reader athe pointing to a professor in Australia who is using the saga as evidence of why the internet should be censored. In other words, he looks at the same videos and comes to the exact opposite conclusion as Kenyatta did.
Where Kenyatta sees a teenager who can filter out bullying and get on with her life, Professor Matt Warren, looks at it and sees a horrible, out of control internet that needs to be censored.
Professor Matt Warren, the head of Deakin University's School of Information Systems, said as long as parents who don't understand the internet kept giving their children access to it, there needed to be ways to control its use.
"You simply can't have free access to the internet," he said.
"It has to be controlled, censored and people have to be held accountable for their actions on it.
"We punish people who drink, we punish people who speed and we have to implement laws to that effect when it comes to the internet."
Thankfully, people are taking professor Warren to task in the comments on that article, noting that censoring Jessi wouldn't have helped. The Australian internet filters certainly wouldn't have stopped the ability of a girl to go online and make some videos. The real issue (if this story is actually real -- but it would apply to others as well), is that this is yet another example of where better parenting, rather than Big Brother governing, would probably help out. And, no, that doesn't mean spying on everything a kid does, but getting parents to at least talk to their kids about what happens online, and what their kids are doing online, along with the risks associated with being online.
We've seen a bunch of stories lately about schools handing out discipline for activities done online, and conflicting court cases on the subject make it fairly unclear where a school's authority to discipline students ends. In the latest case, two sophomore high school girls posted private photos to their MySpace accounts from a sleepover. The photos are described as "racy." While they were set to private, someone copied them, and eventually school administrators saw them and banned the girls from extracurricular activities for a while and also required that the two girls apologize to the (all male) coaches' board. It also required the girls to undergo therapy sessions. All this because they posted some silly photos online? Beyond the question of whether or not the school even has the right to discipline these students for events that had nothing (at all) to do with the school, the punishment also seems to go well beyond the "crime." Kids do silly/stupid things all the time. And, yes, these days there are cameraphones and social networks that make these things easier to record and distribute, but it doesn't change the fact that kids are kids. I doubt there are many adults out there today who didn't do something silly or stupid as a teen. For those of you who are a bit older, imagine if cameraphones and social networks had been around then? Would you have wanted to have been suspended from school activities? The whole thing seems like a huge overreaction.
A recent study reports that while most teenagers describe their online experiences on YouTube as a "treat," most classify their online news experiences as stressful or a "reminder of the world's dangers." Furthermore, most of the teenagers in the study do not actively keep up with the news. Rarely, if ever, do they go directly to the news websites, but rather end up there from portals and news aggregators, and only then if something catches their eye. The report recommends that news organizations help allay teen angst by making their sites better springboards for conversations and being more focused on solutions and problem-solvers. That said, is this really a problem with online news? Perhaps the way traditional news organizations approach the news is actually the problem. How many teenagers regularly watch the evening news? Perhaps news organizations should study why The Daily Show and Digg are so popular, since both present news in a more relevant, palatable, and oftentimes, more humorous fashion. Maybe it's not the online-ness of the news that is the cause of their waning popularity, but rather, the fact that they are at risk of becoming irrelevant to a new generation of news consumers.
from the gotta-learn-financial-planning-somehow dept
Textually points us to a report in Australia claiming that more teenagers these days are declaring bankruptcy and it's because they're racking up huge mobile phone bills that they weren't expecting. It's the type of story that certainly sounds plausible -- after all, we know that mobile phones are popular with kids, and every once in a while you hear about ridiculous phone bills. It isn't hard to put it together and think that there are some irresponsible or careless kids who need to declare bankruptcy because of these bills. However, the article doesn't provide any evidence that this is really happening. The single source providing the info is a gov't bureaucrat, talking about a study done by the government, which found that many young people didn't know how to deal with high bills -- which is quite different from proof that they're declaring bankruptcy. She does claim that financial counseling services are seeing an increase in young people seeking to declare bankruptcy, but the article doesn't talk to any such service or get any numbers on bankruptcies among young people (or even seek to find out that, if there are such bankruptcy, how many are due to high mobile phone bills). That's not to say it's not happening. After all, the story sounds like one that is plausible to many people. It just would have been nice to have seen a little more concrete evidence, rather than offhand conjecture reported as fact.
When I was growing up, it was drilled into my elementary school brain to "don't talk to strangers" -- it instilled so much fear in me that whenever I did see a stranger, I would burst into a cold sweat and my pulse would quicken a bit, in anticipation of being kidnapped or offered candy. Luckily, my fears were unfounded, but the "don't talk to strangers" lessons are still vivid memories from my childhood. Apparently, kids these days don't share my childhood fears. In a recent study conducted by the Pew Internet and the American Life Project, only about 5 to 10 percent teenagers contacted online by strangers felt scared or uncomfortable by the experience. The study also found that 44 percent of teenagers with online profiles on sites like Facebook and MySpace were contacted by strangers, as compared to only 16 percent of those without profiles. Obviously, as more and more teens increase their digital footprint, the possibility that they may come in contact with a stranger increases in likelihood. And, since safe, positive interactions with strangers take place every day online, it makes sense that these teenagers don't really see it as creepy or scary. That said, hopefully they do understand how to deal with people they don't know online -- not that they should shut off all contact with people, but rather approach them with caution and only reveal personal information when they are sure that the new acquaintance is trusted. In any case, it's only a matter of time before some legislator gets their hands on this study and uses it as "proof" that teenagers are lax in their fear of strangers online.
Jay: Hmmm... Gonna have to hack my PSP... silverscarcat: I need a new battery for my PSP. :( It keeps shutting off if it's unplugged for more than 2-3 minutes, even on a full charge. Mike Masnick: green bars are back, and hopefully functioning better than before. :) silverscarcat: Oh look, AJ's having a cow and the internet tough guy is trying to be a stereotypical high school bully. *Rolls eyes* Hey, Mike, I know it's not in your nature to ban someone, but, damn, something needs to be done about this sometimes I think. Rikuo: unfortunately, nothing can be done. IP address block? Useless since either AJ is on a dynamic IP or he's on a static but using someone else's equipment. Username block? That would only add fuel to the "CENSORSHP" fire silverscarcat: Well, I think I'm going to leave for the day. That troll that plays the internet tough guy really should get laid, I think. It might help him think straight. Rikuo: holy fucking shit...I want to be this man http://arstechnica.com/information-technology/2013/05/fios-customer-discovers-the-limits-of-unlimited-data-77-tb-in-month/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+arstechnica%2Findex+%28Ars+Technica+-+All+content%29 Warning - Home Server pornz on that link BentFranklin: in that article, where it describes his rack, what does 1u, 2u, 4u etc mean? Jeff: @Bent - 1U, 2U, 4U are units of measurement for server racks. http://en.wikipedia.org/wiki/Rack_unit Dark Helmet: Hell, I"m just a silly tech services sales guy and I knew that... yaga: DH you should have just stopped at silly. dennis deems: Holy Cow http://arstechnica.com/information-technology/2013/05/doctors-save-babys-life-with-3d-printed-tracheal-implant/ http://www.fairphone.com/ -- I wonder why they don't use kickstarter. does this make sense to anyone? is kickstarter not available in europe? Rikuo: There is for UK. You have to be a UK resident http://www.kickstarter.com/help/faq/creator+questions#GettStar of course that's just for the one company, called Kickstarter. There are other crowd-sourcing companies