Thursday, August 23, 2012

Linkedin Password goofup

LinkedIn gave up password hashes for around 8 million passwords. The leaks for the data don’t seem to include usernames, but the holders of the information state they have it.When news sites say someone  lost “encrypted passwords”, understand that Encryption allows to reverse the algorithm to get the plaintext. But with hashing algorithm, it is not possible.
The way LinkedIn stored passwords was insecure. Hashing the same data with the same algorithm produces the same result always.  It is common for security groups (blackhats, whitehats, and grayhats) to spend a lot of time computing hashes of what they believe would be common passwords and storing these in a Rainbow Table.
If I see the hash for the password “password1234” in a password dump, I know that 1) either your password is "password1234", or 2) password1234 will also work as your password. The secure way to store a password is to concatenate a “salt” to the password to make the hash entirely different before doing the hashing (and multiple rounds), and store this salt with the hash so that rainbow tables are not effective, and so brute force is required to get the password. (There are even more secure ways by keeping additional salt material outside the database, but that’s beside the point).
So out of the millions of stolen passwords, attackers have already gotten the plaintext for 60-80% of them.
So what’s the lesson? Use a password database. There are a few benefits to this: 1) Your password will likely be more secure than one you would come up with on your own, and less likely to appear in a rainbow table, and less likely to be brute-forced soon 2) When something like this happens, you don’t have to devise a new password “scheme” or just “add 1” or something - you just generate a brand new password and call it a day. 3) You can use a different password for every single thing you need a password for. So if the attackers get your email address, they don’t also have your email password (or the user ID and password you use for ebay or paypal)
 

Monday, January 30, 2012

How to be happy at Work Place!

If you're unhappy at work--or anywhere else, for that matter--it's because you've made yourself unhappy. There's an easy way to change that.

Let me start off with a little story.
I once knew a saleswoman–young, divorced–who got a diagnosis of breast cancer. She had to work and raise two kids while fighting the cancer. Even so, she managed to be happy at work, noticeably happier than her co-workers. In fact, she not only won her battle with cancer but subsequently became one of the top salespeople at Bristol Myers.
She was not, as it happens, naturally cheerful. Quite the contrary. When she started full-time work, she was frequently depressed. But she turned it around, using the techniques I'm going to provide you in this column.
That saleswoman once told me: When you're unhappy, it's because you've decided to be unhappy.
Maybe it wasn't a conscious decision; maybe it crept up on you while you weren't looking–but it was a decision nonetheless. And that's good news, because you can decide instead to be happy. You just need to understand how and why you make the decisions.
What Are Your Rules?
Happiness and unhappiness (in work and in life) result entirely from the rules in your head that you use to evaluate events. Those rules determine what's worth focusing on, and how you react to what you focus on.
Many people have rules that make it very difficult for them to happy and very easy for them to be miserable.
I once worked with a sales guy who was always angry at the people he worked with. The moment anything didn't go the way he thought it should go, he'd be screaming in somebody's face. He was making everyone around him miserable–but just as importantly, he was making himself miserable, because just about anything set him off.
For this guy, the everyday nonsense that goes on in every workplace was not just important, but crazy-making important.
I once asked him what made him happy. His answer: "The only thing that makes this !$%$#! job worthwhile is when I win a $1 million account." I asked him how often that happened. His response: "About once a year."
In other words, this guy had internal rules that guaranteed he'd be miserable on a day-to-day basis, but only happy once a year.
One of the other sales guys at that firm had the exact opposite set of rules. His philosophy was "every day above ground is a good day." When he encountered setbacks, he shrugged them off–because, according to his internal rules, they just weren't that important. When I asked him what made him miserable, his answer was: "Not much." When I pressed him for a real answer, he said: "When somebody I love dies."
In other words, the second sales guy had rules that made it easy for him to be happy but difficult to be miserable.
I'd like to be able to write that Mr. Positivity regularly outsold Mr. Negativity, but in fact their sales results were similar. Even so, I think Mr. Negativity was a loser, because he lived each day in a state of misery. His colleague was always happy. He was winning at life. He was happy at work.
Make Yourself Happier: 3 Steps
The saleswoman who had breast cancer was happy, too, and this is the method she used to make herself happy:
1. Document Your Current Rules
Set aside a half-hour of alone time and, being as honest as you can, write down the answers to these two questions:
  • What has to happen for me to be happy?
  • What has to happen for me to be unhappy?
Now examine those rules. Have you made it easier to miserable than to be happy? If so, your plan is probably working.
2. Create a Better Set of Rules
Using your imagination, create and record a new set of rules that would make it easy for you to be happy and difficult to be miserable. Examples:
  • "I enjoy seeing the people I work with each day."
  • "I really hate it when natural disasters destroy my home."
Don't worry whether or not these new rules seem "realistic"–that's not the point. All internal rules are arbitrary, anyway. Just write rules that would make you happier if you really believed them.
3. Post the New Rules Where You'll See Them
When you've completed your set of "new" rules, print out them out and post copies in three places: your bathroom mirror, the dashboard of your car, and the side of your computer screen. Leave them up, even after you've memorized them.
Having those new rules visible when you're doing other things gradually re-programs your mind to believe the new rules. You will be happy at work. It's really that simple.

(adapted)

Thursday, December 1, 2011

Mullapperiyar Dam Issue - Bluff of a Nation

Mullapperiyar Dam Issue – Bluff of a Nation

Quite often people call politicians a bluff.
But lately what is happening in the case of Mullapperiyar Dam issue is that Politicians have made the whole nation of Kerala a Bluff.
Mullapperiyar Dam – A time Bomb”!!!  Nonsense, for that matter any dam is a Bomb if it caves! Why not Bhakranamkal  in north India and Aswan in Egypty and Idukki Dam again in Kerala  do not become bombs?
In the media you can see Kerala politicians standing right on the top of the dam and saying it may cave in at  any moment. Our politicians will risk their lives, no no my friend, they will be the last to die!

Saddest part is that, the trick of the politicians has tricked the masses and they are repeating the choruses of the politicians en-masse .
Tremors can bring Mullapperiyar Dam down any moment”!!! – Why Mullapperiyar Dam only? Termors and Earth Quakes and Tsunamis can bring anything down. Idukki dam may come down before mullapperiyar.

For all this, reason is that the so called intelligent masses of kerala has understood the intelligence of 999 years of Mullapperiyar Dam Agreement with Tamilnadu now only. That also at a lease cost of one Indian Rupee. Looks IT techies of Kerala have told the politicians that 999 is 1K and too large a number.
Although the first agreement was in the pre-independence era and became null and void after independence, Kerala Chief Minister Mr. Achuthamenon graciously  ratified it in 1970 without thinking of 999.

“Dam 999”, it is a good entertainment movie and a good animation like Star Wars and Jurasic Park.
See it and enjoy. Nothing more.
Mullepperiyar Dam will stand for 999 years and no need of  crying hoarse.

Thursday, October 6, 2011

Adieu to Steve Jobs - Apple Co-founder

Apple co-founder Steve Jobs died last night after a two-year battle with cancer. He was 56. The news came just a day after his successor, Tim Cook, hosted his first product announcement, unveiling the iPhone 4S.

In an e-mail to Apple's employees, Cook said Apple "has lost a visionary and creative genius, and the world has lost an amazing human being." Most of the time, such words have a hollow ring, but no one who's followed technology and consumer products can argue with the impact Steve Jobs had on computing, communications, design, and using technology in ways that affected not only how people worked, but how they lived. Last night, as word of his passing spread, plaudits came in from all quarters. "The world rarely sees someone who has had the profound impact Steve has had, the effects of which will be felt for many generations to come," said Microsoft's founder Bill Gates, at one time Jobs' arch-rival. "For those of us lucky enough to get to work with him, it?s been an insanely great honor. I will miss Steve immensely."
Apple now faces a huge challenge. When Jobs stepped down, analysts pointed out that the iPod, iPhone and iPad weren?t simply the products of one man's efforts. This is true. But Jobs wasn't just a visionary. He was an advocate who pushed technology to provide products that were simple, consistent, and fit neatly into the lives of consumers. People like him come along once in a generation. Apple has his legacy to build on, but now they have to do it on their own. It's not a small task, but Jobs was smart enough to develop executive bench strength and a strong culture of innovation. As Gartner analyst Michael Gartenberg said: "This is a tremendous loss of an icon for the tech community, but it?s not the time to dismiss Apple."
You can see coverage of Steve Jobs here

Wednesday, September 28, 2011

Every Third Child should be Killed???!!!

Kerala's famous Juriprudist Justice V R Krsihna Iyer in a recent report to the Kerala Govt recommended that every thrid child to parents should be killed in the womb for a welfare society!!
Alas, the right to live exists only for two children.
Mr Krsihna Iyer due to his old memory (He is 95 now) forgot that his parents had 7 children, and all born after him - Ranganayaki, Vijayalakshmi, Meenakshi, Ramachandran and Lakshinarayanan would not have seen sunlight if he had made the recommendation immediately after his birth.!!!

Today in the secular world Human Capital is the biggest Capital.
Indian Software Indsutry thrives on Intelligent Human Capital.

Many of the famous personalities would not have been alive today, If Krsihna Iyer's policy was implemented.

Krishna Iyer thinks that He is lucky beacuse he is the second child of his parent!!!

Tuesday, August 9, 2011

Malware

Malware is the biggest threat to Cyber Security especially in th E-Commerce World, because Malware can steal your credentials / password and steal your money from Banks and Credit cards without your knowledge.

According to Wikipedia:-
Malware, short for malicious software, consists of programming (code, scripts, active content, and other software) designed to disrupt or deny operation, gather information that leads to loss of privacy or exploitation, gain unauthorized access to system resources, and other abusive behavior.
The expression is a general term used by computer professionals to mean a variety of forms of hostile, intrusive, or annoying software or program code.
Software is considered to be malware based on the perceived intent of the creator rather than any particular features.
Malware includes computer viruses, worms, trojan horses, spyware, dishonest adware, scareware, crimeware, most rootkits, and other malicious and unwanted software or program. In law, malware is sometimes known as a computer contaminant

Malware is planted on your computer through internet by cyber-criminals and it sends secret information from your computer to them. Once the malware is there on your computer, when you do an internet transaction using your credit card or bank account, all the informations like user-id, password, account number etc are sent to the cyber-criminal.

Lesson is: Do not use your computer through which you do internet transactions,  for Chatting with unknown people or visiting dangerous un-secure sites.