Friday, October 25, 2013

Offline Password Attacks Getting Easier and Easier

Ars Technica describes how an updated cracking tool leverages the parallel-processing power of GPUs to attack long passwords. Given the amount of money being poured into "whole drive encryption" and other techniques that require the passwords' hashes to be stored with the encrypted data, advances in offline attacks have real relevance to those concerned about real security.

The Jaded Consumer advocates multiple-factor authentication for security.

Wednesday, October 9, 2013

New England Journal of Medicine: "Chicken" Nuggets A Misnomer

In a sample of two nuggets bought from national chains, neither nugget had chicken meat as the predominant ingredient. This is problematic, as chicken white meat is recommended to patients as a highly efficient source of protein, and patients who order faux-gets thinking they're following their physicians' advice are getting something very different than they and their physicians expect. A beautiful photo at io9 puts an entertaining spin on this consumer fraud by suggesting the faux "food" is the product of massive clone factories.

via Delilah S. Dawson's Twitter-tag #SoylentKindaChickenTM, in which she eats crow: nuggets aren't made of donisaurs, either.

Wednesday, October 2, 2013

Samsung's Performance Swindle

It's not like mobile device vendors haven't been caught BSing the public about their products' hardware performance before.  But this time, the problem isn't just something gone off the rails in the marketing department. 

Samsung's Note 3 phone games performance benchmarks.  Although Samsung denied intentionally rigging benchmarks, the Note 3 ships with software designed to detect when a performance benchmark is being run so that it can present a radically different performance profile to the benchmarking tool than it presents to any other application.  When triggered, it changes clock speed and denies all four processor cores any power-saving sleep.  Presumably, the benchmark Samsung is gaming isn't the battery life test.

Details at Ars Technica.

The next question: why lie about numbers nobody will bother with when they shop?