ER

Cracking party

Dear Reader,

Among the many parties happening around the world, there is a big one on cracking. Cracking passwords that is.

Do you have an account with LinkedIn.com? The “business social network”?

If you do, I highly recommend you delete it. And if you used the password from there at any other website or internet service, please change that immediately.

LinkedIn got cracked in 2012. And they kept pretty silent about it. At the time they admitted only, some 6.5 million passwords had been taken. This week we learned here, it was more like 117 million passwords. Or precisely:

164,590,819 unique email addresses
177,500,189 unsalted SHA1 password hashes

And as of now > 90 % of the passwords have been cracked already. Just 14 million to go.

Why does that matter? It means, those passwords are not save anymore. And never will be again. The algorithms used for password cracking have been trained. And whoever uses one of those passwords anywhere, is wide open.

Granted, the most popular passwords at LinkedIn were the usual bad ones: 123456, linkedin, password, 123456789, 12345678, 111111 and qwerty. And those are easily cracked. But eventually well over 95% of those passwords will be cracked. It is just a matter of time and computing power.

LinkedIn is one of the more popular websites. According to WikiPedia.:

LinkedIn is a business-oriented social networking service. Founded in December 14, 2002 and launched on May 5, 2003, it is mainly used for professional networking. As of 2015, most of the site’s revenue came from selling access to information about its users to recruiters and sales professionals.
As of October 2015, LinkedIn reported more than 400 million acquired users in more than 200 countries and territories.
LinkedIn filed for an initial public offering in January 2011 and traded its first shares on May 19, 2011, under the NYSE symbol “LNKD”.

So, here is a publicly traded company, not some small garage firm, that did not care about its users and their safety. All they care about is selling the user data. And in the process they made the internet less save for everybody.

The somewhat famous founder and current chairman Reid Hoffman, usually quite outspoken, has been very silent about the matter. Nothing on his website, nothing on his twitter account. For that he deserves our Idiot of the Day medal.

And that is why you should delete your account there. Unless we, the users, make those companies and the people feel pain, unless they lose money or go bust, security will not improve.

Stay safe,

Engine Room

ER

Al-Qaeda, Al-Aqsa, Al-Gebra

Dear Reader,

We have a new terror organization. Time to fear for your life, this time for real.

After Al-Qaeda and Al-Aqsa, we know give you Al-Gebra.

This group is so dangerous, it has been hiding in plain sight for hundreds of years.

And they are strong. Strong as in they have hundreds of millions of followers.

They have infiltrated diablog already. Yes, I am willing to come out as a follower. Shocking, I know.

Why now? One of us got caught. This guy:

You can read about it here:

http://www.trendingmail.com/2016/05/american-airlines-flight-delayed-due-to.html

If there ever was a plea for more education, there you have it.

Our Idiot of the Day medal goes to that airline passenger, obviously obsessed with “If you see something, say something”. I hope she does not reproduce.

And I still request a zero-security-check-airline. I’d sign up right away. I fly at my own risk. With all those dangerous things like water bottles, pocket knifes, tweezers, shoes, tooth picks, etc.

Stay sane,

Engine Room

ER

Amazing times

Dear Reader,

Do you feel like you are living in exciting times?

If you are a bit older, if you can remember the days prior to fax machines, you must agree. In this interesting article here, a professor of Artificial Intelligence, AI, puts it nicely:

If you went back and you said to an early thinker about AI, 50 or 60 years ago, “You’re going to have with you at all times a device, and essentially it can answer any question that you’d like to answer across a huge range of topics; it can understand your voice and provide a view on any place in the world, tell you how to get from point A to point B”—if you explained in the abstract what your smartphone is capable of doing via Google and various kinds of mapping tools and Siri—I think that person would say, “That’s AI.”

The smart guy also mentions the risks involved:

One thing I do worry about is that I think we’re on the cusp of having the ability (with machine learning and AI) to synthesize media to create something that’s very difficult to distinguish from the real thing. These are very dangerous tools to have in a society that depends increasingly on things like video to represent truth.

And for exactly that reason I dislike (near-) monopolies as much as too mach data in the hands of government (agencies).

Stay curious,

Engine Room

 

ER

English, bend over a bit more

Dear Reader,

When it comes to surveillance and spying on normal people. the USA and the NSA take center stage. Largely, because we are bigger, Snowden was part of the NSA, and lately some American internet/software companies starting fighting the surveillance state a bit. All that keeps us in the news.

Mostly ignored is, that the British GCHQ is far worse than the NSA and that the English government is far ahead, when it comes to creating the perfect surveillance state.

Point in case, the latest law initiative, as reported by ZDNet here:

UK surveillance bill will force tech companies to disclose new products before they launch
The government will force companies operating in the UK to declare “products and services in advance of their launch” to ensure police can still intercept data.

I said it before, my image of England and the English has changed drastically over the last five years.

What happened to magna carta? You gave up all your freedoms. What happened to “my home is my castle”, to friendly and polite and unarmed bobbies? It seems, the Nazis lost World War II, but fascism won it in England.

Your government fucks you over and you don’t seem to care about it at all. Instead you bend over a bit more, while dreaming of some old glory days and think you would do better outside the EU. As if anybody in the world would care about doing more business with you then.

If the above mentioned bill passes, you will lose all the American IT companies. Or do you honestly think, Apple, Google, Facebook, et al. will give their trade secrets to your government? Do you think, the UK with its mere 64 million people will get, what China with its 1.4 billion could not get?

From the outside it looks, you are adamant to ruin your country.

Puzzled and slightly worried,

Engine Room

ER

Beware of monopolies

Dear Reader,I have a very strong dislike for monopolies. They don’t work, except for the owner. Today’s point in case: youtube.

Yes, I know, there are other websites for video hosting, vimeo.com for instance. But youtube is in fact a monopoly.

Almost all publishers are hosting their videos on youtube. In our early days of diablog we used them too. Youtube is the first destination for people looking for videos. And Google. which owns youtube, throws all its weight behind it. Youtube links are always prominently displayed on Google search results.

And how does Google make money? Through advertising. So it comes to no surprise, that Google is tempted to abuse its near monopoly. And force you, to pay them through advertising. And they do.

How can one tell?

Yesterday I was looking for a video for this post. And youtube did not work. It was broken. I could not see any videos. The site did not display much at all. After trying a couple of things and spending more than an hour, eventually I found the root of the problem.

To prevent tracking, one can use an add-on called Ghostery. That disconnects from trackers. And currently Ghostery breaks Youtube. Or rather, youtube does not allow you to use its website, unless you allow youtube to track you. Which means, youtube requires, that you let them spy on you, and sell your data to advertisers. All the while claiming that their service is “free”. Remember when their slogan was “Don’t be evil”?

My dislike for Google as a near monopoly is growing every day. They have a near monopoly on searching the internet. And they have a near monopoly on videos. And contrary to popular believe, Google is abusing its monopoly.

A few days ago the story broke, that Google executives contacted the US State department offering to abuse their powers and secretly manipulate Syrian people. Do you want to be governed by Google?

Please, avoid Google, today’s recipient of our Idiot of The Day medal.

Google is neither your friend, nor is it neutral. In my humble opinion, Google needs to be broken up.

Stay tuned,

Engine Room

ER

Has reddit been served?

Dear Reader,

Sadly, this isn’t an April Fools Day joke. According to Reuters, reddit.com deleted its warrant canary.

Its what? In case you forgot, we have one too. You can read about it here.

Reuters quotes:

“I’ve been advised not to say anything one way or the other,” a reddit administrator named “spez,” who made the update, said in a thread discussing the change. “Even with the canaries, we’re treading a fine line.”

This is a bad day for the internet. It means, either reddit has been served a National Security Letter. Or the current reddit management does not care anymore. There was a time, when reddit was a main supporter of freedom.

And as a reminder, Apple took its warrant canary down in 2014. In 2016 they reconsidered and decided to fight government spying on all people.

Update: In this post on Reddit, the former CEO of Reddit explains the whole issue. He also claims, that the above mentioned “reddit administrator named spez,” is the current boss (see third line “to /u/spez’s reign”).

Stay free,

Engine Room

ER

How did I miss that?

Dear Reader,

If you are with us for a while, and your memory still works, you’d remember me mentioning Bill Bryson. And if you don’t, the search function of diablog on top of the right column will lead you to this post, and this one.

The posts are from 2010 and 2011. And somehow I forgot to check, what Bill Bryson had been up to. Apparently he wrote two more books. And one of his older ones, A Walk in the Woods, was turned into a movie with the same title:

A Walk in the Woods

awitw-1

With Robert Redford, Nick Nolte, and Emma Thompson, could you go wrong?

This is a very nice movie. It isn’t a blockbuster comedy. More an escape of an hour and half, that will have you smiling all along. And sometimes laughing out loud. I like it a lot.

And I write “like” instead of liked, because today a movie is available, whenever you want. Not like in the past, when you either saw it at the cinema, or missed it.

Somehow I missed that little movie in 2015. And I am glad I saw it now. And that we have the technique to do so.

Stay tuned,

Engine Room