Insufficient Passwords

I love computer security. Worked in the field for half a decade, but got out of it when I moved to Memphis. Would love to get back into it, if I had the opportunity. So when I see stories like this Register article about a Western Australia Auditor General report on poor password security, I like to pass it along in hopes that others will learn a little something from it. 

Among these [60,000 easily guess passwords], ‘Password123’ was in use by 1,464 accounts, ‘Project10’ by 994, ‘support’ by 866, ‘password1’ by 813, and ‘October2017’ by 226, to pick only the top five worst offenders in popularity order.

Folks, the most secure password is one you can’t remember. That’s why I recommend a password manager. Pick one really good password to protect your master database, then let the password manager generate all your passwords going forward. Periodically change your master database password. Lather, rinse, repeat. What password manager? Well, I personally use LastPass. If you don’t want to pay for one, try out KeePass. If you don’t want to take my word for what to use, I can also advise you to consider any of these recommendations from LifeHacker (spoiler alert: they recommend the same 2 I do, plus a few others).

But the important takeaway from this story should be that you can’t do this on your own. You’ll probably mess up. People are bad at generating random passwords. People are bad at remembering hard passwords. People are bad at keeping track of hundreds of passwords (that’s how many I have – others may not use as many as I do). But computers are really, really good at this stuff, so let them do the heavy lifting here.

Update on ISP Issue

Well, I had a visit today from a technician for my ISP. He found the outside splitter was made for indoor use, so replaced that. Then, he disconnected an indoor  splitter and gave me a new wireless DVR box. End result is slightly better performance:

I am most happy with my results. And when the kids aren’t on, I actually tested at nearly 120 Mbps. We pay for a 100 Mbps line. No complaints now.

More on Poor ISP Speed, Latency

Since I posted last night about my poor internet performance, I thought I’d post an update today. Although I just reset my modem on Monday, I did another modem reset this morning. Unplugged the router for 3 minutes. Plugged it in. Waited for my system to connect, and ran a few speed tests. Here are the results using 2 different speedtest options:

I got some worse numbers, but ignored those as the system not stable yet. I ran a couple more tests and got about the same results. My connection is currently so spotty, I can’t even connect to my ISP’s website to chat or get the support phone number just yet. Maybe it’s time to shop for a new ISP?

Why is my ‘net Speed in the Crapper?

So I recently called my ISP to complain about some service issues and billing disagreements. Since then, my internet speed has been noticeably worse. I used to get 70-80 Mbps throughput on my line, which I believe is supposed to be rated at 100 Mbps. My latency is typically in the 20-80 ms range. I can’t complain about those numbers. However, since my speed and latency has been so clearly worse than normal, I did another speed test tonight – the first I’ve done in months. Here’s what I get:

With later testing, the speed improved to single-digit Mbps, but latency still turns up in the mid-hundreds of milliseconds across repeated tests. And no, there are no downloads going on right now to slow things. I checked.

Horrific Experiments

Popular Science with a story on 7 psychological experiments that were ill-conceived, unethical, horrific, or all of the above.

Project MKUltra
From 1953 to 1973, the CIA funded covert research on mind control at dozens of reputable institutions, including universities and hospitals. A source of inspiration to horror-fueled shows like Stranger Things and films like Conspiracy Theory, the covert project is today recognized as torture. In the hopes of revealing strategies by which the government could deprogram and reprogram spies or prisoners of wars, unwitting civilians were drugged, hypnotized, submitted to electroshock therapy, and shut away, sometimes for months, in sensory deprivation tanks and isolation chambers.

A Laser, Aimed at Earth!

So apologies for nearly a week of silence – I’ve been in training all week and busy at night so I’ve been barely online lately. Today’s news brings us the update that ICEsat-2 will be launching next month. This satellite will be used for mapping the earth, doing so by firing 10,000 laser bursts per second at the planet.

Firing 10,000 pulses per second at the blue planet, ATLAS will pick up “more than 250 times as many height measurements as its predecessor” (ICEsat, which ended its mission in 2010), said NASA Goddard project manager Doug McLennan.

I love sharing laser news, as the very idea of shooting lasers to do productive things makes me happy.

The Skim Reaper – a Credit Card Skimmer Detector

If you have heard about credit card skimmers, you probably know the advice to tug on a credit-card scanner before using it. That’s not really that effective against more and more of the scanners, as they are getting smaller, and more easily hidden within or on top of real scanners in such a way that a sharp tug just won’t reveal them any more. Enter the Skim Reaper, a scanner that works instead by checking for multiple voltage spikes such as those caused by a hidden reader.

We have partnered with law enforcement agencies to comprehensively characterize skimmers, with the goal of designing and delivering strong tools to reduce this kind of crime. As a result, we created the Skim Reaper™, which specifically targets overlay and deep-insert skimmers.

A better  brief explanation can be found at Ars Technica, one of the finest geek sites on the web.


SkimReaper is aimed specifically at overlays and inserts. It uses a card-shaped sensor with a printed circuit that, when powered, can detect the voltage spikes created by coming in contact with magnetic reader heads. If it detects two or more, there’s a skimmer in play.

While I have found no information yet on how to build your own nor how to buy your own Skim Reaper to keep yourself safe, I am sure that both a DIY guide and a pre-made Reaper purchase option will happen before too long.

The World is Warming

One day of Summer 2018 heat showing huge areas of daily and all-time highs.
A single day from Washington Post’s animated image of summer 2018 heat and record highs.

Earth is warming. Slowly, and not noticeably so to most people, but nevertheless it is happening. More ways to see this are available in this Washington Post titled “Red hot planet: This summer’s punishing and historic heat in 7 maps and charts” and published Friday. I expect some people will read this and have something of a “OK, the planet is getting warmer, but we aren’t causing it to happen.” I really can’t do any more to convince those people than post Skeptoid’s “The Simple Proof of Man-Made Global Warming” for their reading or listening pleasure.

You might think that carbon is carbon, and that if we find there’s more CO2 in the atmosphere, its source can’t easily be proven. But chemistry is a bit more complicated than that; there are different kinds of carbon, as there are of most elements. They’re called isotopes. One isotope of carbon is carbon-14.

The science involved isn’t really that difficult to understand. The knowledge that we are doing this and possibly making the planet uninhabitable for ourselves isn’t hard to gain. But getting some people to believe it sure seems tough. As denialists become fewer in the United States, we are hopefully moving to a period where we can make progress on reducing our effect on the planet, but we still have a way to go before we become part of the solution. But the general population is catching up to the scientific consensus, I think, which is a good thing.

The most frustrating thing, though, is that some folks knew 40 years ago, and rather than work to prevent this and make sure everyone knew about the potential harm, they kept it silent and made sure to profit from the ignorance of others. I know that this is just how big corporations work, but it still sucks. And I realize they did do research on the topic, but they could have brought humanity’s knowledge of the problem much further along than it is know if they had made a big deal of it in the 70s. That’s just me being a hopeless romantic, though.

They found that the company’s knowledge of climate change dates back to July 1977, when its senior scientist James Black delivered a sobering message on the topic. “In the first place, there is general scientific agreement that the most likely manner in which mankind is influencing the global climate is through carbon dioxide release from the burning of fossil fuels,” Black told Exxon’s management committee. A year later he warned Exxon that doubling CO2 gases in the atmosphere would increase average global temperatures by two or three degrees—a number that is consistent with the scientific consensus today.

The Worst Asbestos-Laced Consumer Products Ever Made

While asbestos has been around for a long time, it really took off in the late 19th century as something of a wonder material given its light weight and fire/heat/electrical resistance. Of course, given how bad we later learned the material is for lungs, some of that luster has faded. So when I found a website which presented a list of the worst asbestos-laced products, I just had to share it. My favorite WTF product? Why, number 3:

Um, no more ciggarette [sic] burns? Just what the hell are you people doing with your babies in Australia?!?