Passphrases That You Can Memorize — But That Even the NSA Can’t Guess

This is sort of a re-tweet, but having studied a bit of the science behind cryptography over the years (I once ‘invented’ an encryption algorithm and even presented it to a cryptography expert (being ignorant can have amazing payoffs if you are lucky); only later did I realize how cheeky I was and later still after doing some entropy analysis did I realize that my algorithm sucked massively) I have a very good feeling about this. Diceware is a very simple, yet elegant and effective way to produce passphrases that have a useful amount of entropy (the article does a decent job of explaining this) yet are feasible to remember. While unnecessary, throwing capitalization and/or punctuation adds a few more bits of entropy against those performing an attack.

A note to reinforce the comments regarding using this technique for websites/cloud authentication: it is not feasible to test a trillion passphrases a second across the Internet against a busy server so it isn’t necessary to have the same level of entropy. Also, there are plenty of attacks that make having the best passphrase irrelevant anyway. This Diceware approach is for securing things you have physical control over (though, a note to you paranoid types: physical control is not total control if the device can ever be accessed via a device that has ever been connected in any way to any network that has ever been connected to the Internet at any time).

Posted in Infosec, Society | Leave a comment

Processing is the problem

Your microwave dinner is making you obese: What the food industry doesn’t want you to know
New research indicates processed foods are even more harmful to our health than previously thought

A bit of a misnomer, the microwave has nothing to do with making you obese, it is the processing of the processed foods. I talk about how processed food can lead to metabolic syndrome but in that post it was about eating too many calories (made easy because processed food is so energy dense). This article is saying that the processed products themselves are the problem due to the compounds used during the processing. I have been eating less processed food lately, but that is for financial reasons (we are spending so much on the greenhouse/pool that we have to spend less thus cook more). I don’t feel any less fat, but then again, if my microbiome has been distorted too much it might require intervention in order to put me in a better state.

Anyway, processed food is a problem! Eat more unrefined foods!

Posted in Business, Healthcare, Science | Leave a comment

Compact Fusion

Lockheed is claiming it can solve the world’s energy problems:


I think it is hubris that makes a claim that they can go from nothing to a working prototype in 5 years when collectively the world’s best research scientists have spent 5+ decades and likely 100+ billion bucks with next to nothing to show for it. There is no doubt that having access to piles of money and eliminating the bureaucracy will speed things up (think Manhattan Project, but is Lockheed going to piss that much away on spec?), but I have no reason to think that just because a team was once great in the past on a totally different subject (aeronautics of the U2 and Blackbird) that that team can just switch over to something completely different. It smells like an attempt to jack up their stock price to me.

Now if they were claiming they already had a breakthrough and had something that was already showing enough positive net energy to mathematically pay for the start up energy given that converting to steam and twirling turbines results in a 60% loss and they had ‘only’ to work out how to effectively capture the neutronic energy at high efficiency, then I might be less pessimistic. Not optimistic, because that is still a non-trivial problem, less pessimistic.

When a web page advertising a scientific breakthrough of the magnitude Lockheed is suggesting reads like an infomercial with all the content removed, it really raises my skeptic’s hackles. Show me the science!

Posted in Business, Science | Leave a comment

Big Data Analysis to find Nuclear Submarines?

Are Submarines About to Become Obsolete?

I got to admit I was skeptical when I first read the title. People have been trying for decades to find a way to easily locate submarines with little to show for it, but the idea as described sounds more plausible. I found this article via a post at Schneier’s blog and the comments (as is quite typical) are very interesting. Several pointed out that simply knowing where something is doesn’t necessarily provide much utility, essentially all of our bombers and missile silos are known to the inch, yet they largely remain ‘safe’ because to take them on is to start a full-scale war. However, as I have attempted to show before, if we are to be involved in a war with a sophisticated adversary, we are not likely to be attacked in any conventional sense, so conventional weapons/systems are likely to be totally useless and represent an incredibly expensive drag on our economy.

Anyway, I thought my reader(s) might find this interesting. Computer hardware is getting so cheap today (they are just about ready to come out with computers with close to 100 cores (assuming quad CPU) likely for under $50K) that doing this sort of analysis just requires the willingness to commit to hiring a few people like me for a year or two…

Posted in Government, Science | Leave a comment

AA for Obesity

Diet and exercise not enough, obesity experts say

There is increasing evidenced that many chronically obese people are that way because of the gut flora (e.g.), so if this is a medically treatable condition, what distinguishes it from any other disease? If it is a disease, why not treat it that way instead of shaming people and blaming their size on their lack of impulse control?

Of course, we in America like to blame people for things largely outside of their control, so naturally we won’t stop blaming fatties for being so.

Posted in Healthcare, Psychology, Science, Society | Leave a comment

Common detergent causes birth defects in mice!

Missing Mouse Mojo
Cracking the case of laboratory mice that suddenly stopped reproducing involved a little chemical sleuthing

The abstract from the article:

Quaternary ammonium compounds (QACs) are antimicrobial disinfectants commonly used in commercial and household settings. Extensive use of QACs results in ubiquitous human exposure, yet reproductive toxicity has not been evaluated. Decreased reproductive performance in laboratory mice coincided with the introduction of a disinfectant containing both alkyl dimethyl benzyl ammonium chloride (ADBAC) and didecyl dimethyl ammonium chloride (DDAC). QACs were detected in caging material over a period of several months following cessation of disinfectant use. Breeding pairs exposed for six months to a QAC disinfectant exhibited decreases in fertility and fecundity: increased time to first litter, longer pregnancy intervals, fewer pups per litter and fewer pregnancies. Significant morbidity in near term dams was also observed. In summary, exposure to a common QAC disinfectant mixture significantly impaired reproductive health in mice. This study illustrates the importance of assessing mixture toxicity of commonly used products whose components have only been evaluated individually.

Since these things are ubiquitous in our environment this should be a huge wakeup call. While I am not totally convinced on the BPA issue, at least with respect to adults (I believe there is enough evidence it should be kept away from infants and children), I think that the QAC results with the mouse study above should warrant a close look at the effects in humans.

While it is possible this is much ado about nothing (meaning the effects on humans are negligible (something only known through specific studies)) the effect in mice is dramatic enough that I would want to assume there is a problem until evidence is shown to the contrary.

Posted in Healthcare, Science, Society | Leave a comment

Our ‘Justice’ system is even more corrupt than I thought!

Will HSBC Deal Come Back to Haunt Loretta Lynch?
Deal to save HSBC’s American office looks very bad in retrospect

Got to be read to be believed, but the gist of the matter is the ‘punishment’ that our so-called Justice system meted out to HSBC for laundering money for drug cartels (!), a joke at the time, is even more inexplicable given that our government already knew that HSBC was also acting as an illegal tax haven for the wealthy.

And oh, by the way, our soon-to-be new Attorney General Loretta Lynch was instrumental behind it. No question she is a perfect for for Obama, she clearly knows where all sorts of bodies are buried.

So NICE to be an American!

Posted in Business, Economics, Government, Law, Politics, Society | Leave a comment

Watchdogs watch in private

’22 fraudulent clinical trials’ on FDA radar ‘hidden from journals and public’

A trawl of internal documents held by the US Food and Drug Administration (FDA) has revealed official action due to “significant departures from good clinical practice” against a total of 57 clinical trials, including 22 affected by “falsification” – yet a parallel search of the published study reports finds no mention of these grave concerns being made public.

This is an incredibly important issue that you likely will never hear about anywhere else. It just shows how beholden the FDA is to industry: they not only keep this stuff private, but even when forced to release it they make every effort to make it difficult to associate the studies with published results.

Your tax dollars at work!

Posted in Healthcare, Politics, Science | Leave a comment

Shhh! Your TV is listening…

Samsung Privacy Policy: Watch What You Say Around Your Smart TV

Not terribly surprising to me given that with the proper malware installed on your phone anyone can listen to any nearby conversation and that people can also turn on your video camera on your computers to see what there is to see (increasingly, TVs are also coming with cameras!). ‘Tis the new world order, us paranoid people just have to adjust…

Posted in InformationTechnology, Infosec, Society | Leave a comment

Wow! Email encryption relies on just ONE guy!

The World’s Email Encryption Software Relies on One Guy, Who is Going Broke
Werner Koch’s code powers the email encryption programs around the world. If only somebody would pay him for the work.

Also interesting comments here.

It is amazing how many fundamental pieces of open source software are dependent on a handful (or just one) person. There are a few that are supported by large groups, for instance Linux, Apache, gcc, but so many are hanging by a thread. It would be nice to see some process whereby these people could be compensated, but I am not holding my breath.

Posted in Business, Economics, Government, InformationTechnology, Infosec, Society | Leave a comment