How to create a powerful password
Say goodbye to those wimpy, eight-letter passwords.
The 12-character era of online security is upon us, according to a report published this week by the Georgia Institute of Technology.
The researchers used clusters of graphics cards to crack eight-character passwords in less than two hours.
But when the researchers applied that same processing power to 12-character passwords, they found it would take 17,134 years to make them snap.
"The length of your password in some cases can dictate the vulnerability," said Joshua Davis, a research scientist at the Georgia Tech Research Institute.
It's hard to say what will happen in the future, but for now, 12-character passwords should be the standard, said Richard Boyd, a senior research scientist who also worked on the project.
The researchers recommend 12-character passwords -- as opposed to those with 11 or, say, 13 characters -- because that number strikes a balance between "convenience and security."
They assumed a sophisticated hacker might be able to try 1 trillion password combinations per second. In that scenario, it takes 180 years to crack an 11-character password, but there's a big jump when you add just one more character -- 17,134 years.
Passwords have gotten longer over time, and security experts are already recommending that people use full sentences as passwords.
Here's one suggested password-sentence from Carnegie Mellon University:
"No, the capital of Wisconsin isn't Cheeseopolis!"
Or maybe something that's easier to remember, like this:
"I have two kids: Jack and Jill."
Even though advances in cheap computing power are making long, complicated passwords a necessity, not all websites will accommodate them, Boyd said.
It's best to use the longest and most complex password a site will allow, he said. For example, if a website will let you create a password with non-letter characters -- like "@y;}v%W$\5\" -- then you should do so.
There are only 26 letters in the English alphabet, but there are 95 letters and symbols on a standard keyboard. More characters means more permutations, and it soon becomes more difficult to for a computer to generate the correct password just by guessing.
Some websites allow for super-long passwords. The longest one Boyd has seen is at Fidelity.com, a financial site that lets users create 32-character passwords.
On a Microsoft website devoted to password security, the tech giant tells the password-creating public not to use real words or logical combinations of letters. That keeps you safer from a "dictionary attack," which uses a database of words and common character sequences to try to guess the code.
The Georgia Tech researchers carried out a "brute force" attack when they determined that passwords should be at least 12 characters long.
To do so, they deployed computer graphics cards, which are cheap and can be programmed to do basic computations very quickly.
The processors in those cards run simultaneously, trying to guess all of the possible password combinations. The more characters in a password, the more guesses are required.
But if your password has to be really long in order to keep up with this computational power -- and if you're supposed to have a new password for each website you frequent -- then how are you supposed to remember everything?
That's a real problem, the Georgia Tech researchers said.
There are a few solutions, however.
A website called Password Safe will store a list of passwords for you, but Boyd and Davis said it may still be possible for a hacker to obtain that list.
Other companies sell tokens that people carry around with them. These keychain-sized devices generate random numbers several times a minute, and users must enter those numbers and a shorter password to log in.
Some sites -- Facebook for example -- are marketing their log-ins and user names as a way to access sites all over the Web.
That's good for the user but is potentially dangerous because if hackers figure out a single password, they can access multiple banks of information, the researchers said.
The reason passwords have to keep getting longer is that computers and graphics cards are getting faster, the Georgia Tech researchers said.
"These things are really inexpensive -- just a few hundred dollars -- and they have a performance that's comparable to supercomputers of only just a few years ago," Boyd said of fast-processing graphics cards.
Maybe our brains will have to get bigger and faster, too. We'll need some way to remember these tome-like character strings.
DWHS installs new website Phish cracking system
Maybe more then any of the other degenerate methods used on the internet, Phishing is one of the lowest. These people try to prey on new Internet on-goers in hopes of getting there login information or credit card details. So in a ongoing process we made the first step with a website recognition system that scans server logs for the purpose of finding Phish scams and stopping the account instantly.
The scanner runs once a days at different times.
It searches for key methods used on phishing websites.
It suspends the account right away.
We also want to mention that the top importance was to not suspend a normal account on accident. Before launching the new software we have run hundreds of tests and have a 100% success rate. We cannot see even a single non-offending account getting effected by this.
Once we find a phish scam, we then get the logs, then the sign up details, remove the account, and report all the information to the FBI and phishing black lists.
We are very serious about cleaning up the internet from these low level thief's and we want you to know we have a zero tolerance and are very pro-active and helping keep the internet safe.
For more information please go here Phishing
Intel develops photonics-based 50Gbps chip
Intel provided a peek at the future of processors today by revealing the first instance of a chip using complete photonics to send data. Four lasers in the prototype convert light into data at about 50Gbps, or "many" times faster than wired connections. The rate, about 6.25GB per second, would be enough to send an entire 720p movie in one second.
The technology could improve chips themselves but could be particularly useful for when large amounts of data need to be spread over a similarly large area, such as video walls or supercomputers.
Intel bills the photonics chip as a "concept vehicle" that isn't directly related to future production hardware, but promises that the technology should advance and become more mainstream. Later developments should increase the number of lasers and speed up the light-to-data conversions to where terabit-plus data rates are possible. A modern computer's entire contents could be sent in a second by that stage, Intel said.
Optical data is seeing its first practical application in Light Peak, which tops out at just 10Gbps and is intended primarily to speed up peripherals.
What’s my IP?
You may not know this but DWHS has a easy way to get your current local computer IP.
The page is here: http://dwhs.net/ip
Or just click this link: What's my ip
What is a IP address?
An Internet Protocol (IP) address is a numerical label that is assigned to devices participating in a computer network that uses the Internet Protocol for communication between its nodes. An IP address serves two principal functions: host or network interface identification and location addressing. Its role has been characterized as follows: "A name indicates what we seek. An address indicates where it is. A route indicates how to get there."
The designers of TCP/IP defined an IP address as a 32-bit number[1] and this system, known as Internet Protocol Version 4 or IPv4, is still in use today. However, due to the enormous growth of the Internet and the resulting depletion of available addresses, a new addressing system (IPv6), using 128 bits for the address, was developed in 1995 and last standardized by RFC 2460 in 1998. Although IP addresses are stored as binary numbers, they are usually displayed in human-readable notations, such as 208.77.188.166 (for IPv4), and 2001:db8:0:1234:0:567:1:1 (for IPv6).
The Internet Protocol also routes data packets between networks; IP addresses specify the locations of the source and destination nodes in the topology of the routing system. For this purpose, some of the bits in an IP address are used to designate a subnetwork. The number of these bits is indicated in CIDR notation, appended to the IP address; e.g., 208.77.188.166/24.
As the development of private networks raised the threat of IPv4 address exhaustion, RFC 1918 set aside a group of private address spaces that may be used by anyone on private networks. They are often used with network address translators to connect to the global public Internet.
The Internet Assigned Numbers Authority (IANA), which manages the IP address space allocations globally, cooperates with five Regional Internet Registries (RIRs) to allocate IP address blocks to Local Internet Registries (Internet service providers) and other entities.
Mozilla likes HTML5 over Flash
Mozilla has joined the chorus in declaring HTML5 as the way of the future.
While Mozilla isn't going quite as far as Apple - Flash is still supported in Firefox - vice president of production Jay Sullivan told The Register the Adobe product will never be bundled with the browser.
It's not specifically Adobe that's the problem - it's that web standards, including HTML5 are where the industry is going. Anyone can install apps or scripts that enhance their browsing experience - that's part of being an open source browser. And, if someone already has Flash installed, Firefox may eventually auto-update the application (it doesn't right now, and Google's Chrome does - it's also bundled with Flash).
Just this week, in fact, Mozilla released Firefox 3.6.4, which offers crash protection for the browser if Flash (or QuickTime or Silverlight) crashes on a computer running Windows or Linux. Support for Mac or other operating systems will be included in a future release, Mozilla said.
That could be in Firefox 4.0, which has an imminent beta release and an official release date in November.
And it would be foolish for Mozilla to pretend Adobe doesn't exist. While more and more developers are embracing HTML5, Flash is still an industry standard in web video. But until recently, it seemed Mozilla was squarely in the Flash camp.
With Apple, Microsoft and now Mozilla leaning toward HTML5, could Adobe's Flash days be numbered? None is completely abandoning Flash, by any means. That would be short-sighted with the ubiquity of the application's online use for video and web animation.
But with three of the major browser developers giving the thumbs up to HTML5 over Flash, a tipping point could be reached that could make the iPhone/Flash debate seem minor.
HTML 5 will change the web
Many folks who are just tuning into the HTML5 saga because of the battle between Adobe and Apple are surprised to learn that the push to create a fifth official version of the HTML specification began six years ago. And that's just the first half of the story because the latest implementations, while nice, are far from standards. The HTML5 demos from Apple, for instance, are impressive, but they only run well on Safari.
That's how slowly committees can work. The browser creators and other stakeholders have a big collection of ideas for improving the browser and the Web, and these are gradually coalescing into a fifth generation for the standard. But agreement takes time. Many of the new tags and JavaScript functions exist already as experiments on some of the browsers, but interoperability and standardization are still to come. That's why the Flash groupies joke about HTML5 being a time machine to take you back to 2000.
While the jokes may sting and waiting for more general adoption is tiresome, it would be a mistake to simply ignore HTML5. There are not only powerful companies behind it, but there's also the standard process of technological development. The software -- both browsers and tools -- tends to absorb all of the orbiting extras, incorporating them into the main standard.
HTML5 will change many aspects of life on the Web. It will not displace Flash or Shockwave: One glance at the games on Miniclip.com, such as Jet Ski Racer, shows how much ground the HTML5 committee must cover. But HTML5 will still remake the Web and enable basic Websites to do much more -- from tracking our location to storing more of our data in the cloud. HTML5 tags will displace plug-ins for simpler jobs, at least some of the time, and it will open up advanced capabilities to a larger audience. It might even make the Web more secure, more efficient, and more adaptable.
To see where this new standard may take us, I collected the opinions from a number of developers, programmers, and designers. Here is an unordered list of ways that the Web may change as HTML5 is gradually adopted and standardized.
HTML5 will reduce the importance of plug-ins
HTML5 will enable more interactive graphics
HTML5 will allow applications to tap local file storage
HTML5 will simplify scraping with cyborg data
HTML5 will add location to the mix
HTML5 will smooth the way to Web video
HTML5 will produce chattier widgets
HTML5 will improve security (maybe)
HTML5 will simplify Web development
HTML5 will reduce the importance of plug-ins
Once upon a time the Web world liked the idea of a browser plug-in or add-on because it encouraged creativity and experimentation. Sounds, moving pictures, and other neat tricks appeared on the Web first through plug-ins built by Sun, Adobe, RealAudio, Microsoft, and many others. The plug-in interface was open to all, and everyone experimented with adding new features to the old, text-based world.
The battle over Flash may be the most famous skirmish, but the newer expanded powers of HTML5 also threaten other coding silos. JavaFX may be wonderful, but who wants to learn another syntax when JavaScript and the Canvas object will do the job? Who needs the Real ecosystem when the video tag will synchronize audio and video? Plug-ins like these are destined to be forgotten.
Will the idea of a plug-in disappear or fall into disfavor? Perhaps, but it depends on what you want to do. If drawing images is your goal, then the Canvas object may be powerful enough. But if you want to build specialized 3-D worlds like the ones found in the more sophisticated Flash and Shockwave games, you may be pining for the old days when a plug-in could get direct access to the video hardware or run a 3-D game world.
HTML5 will enable more interactive graphics
The old Web loaded images by downloading a GIF or a JPG file. The new Web can build an image on the fly in a Canvas object. A number of good graphing libraries have appeared, and all of them make a Website's graphics much more interactive.
Now the JavaScript layer can compute values and draw pictures with the data. Everything can become more alive and much less textual -- if the developer has the time and talent to create the solutions. Adobe is just beginning to make it simpler to develop sophisticated graphics for HTML5. The emergence of such tools will unlock additional capabilities, and the sophistication of the graphics will only improve as the tools mature.
There is a legitimate danger that all of this sophistication will overwhelm the poor client-side processors. In the past, some developers deliberately disabled the Flash plug-in to avoid the headaches and overhead of rendering heavy Flash content. That won't be an option in the future. Everyone who's been complaining about Flash may learn that the troubles had little to do with the technology itself -- the problems came from the designers battling for our attention.
HTML5 will allow applications to tap local file storage
Web programmers have always been able to store a surprisingly large amount of information in cookies (300 cookies of up to 4,096 bytes in IE), but to do real work you need more room. The early versions from the Dojo toolkit used the Flash plug-in to commandeer a section of the hard disk, but now the tools can simply use HTML5.
This storage can be used for anything the programmer wants, including undermining the entire cloud paradigm by storing data locally on the hard disk. This makes it possible to deliver and install applications that behave just like classic applications. Applications load their JavaScript code from the HTML5 offline application cache and start right up whether or not the Web connection is working.
The technique does not need to undermine the hard work of cloud proponents, though, because the local databases can act like smart caches. Game programmers might store descriptions and artwork locally, saving the time of downloading the information again and again.
On the downside, these databases are buried deeply in the system folder, so making backups may not be the simplest step. Users who may want to move their local data from machine to machine will pull out their hair. Or perhaps we'll just see a hybrid cloud/local approach appear where the local machine caches the data but the cloud maintains a definitive version that can be accessed from different machines.
HTML5 will simplify scraping with cyborg data
Anyone who's scraped data from Web pages knows that the structure offered by HTML does little except tell the browser where to place the information. There's no insight into the data itself, something that would help a programmer make sense of the information. The so-called microformats in HTML5 provide a mechanism to introduce more sophisticated markup into the HTML that makes it easier to analyze the data.
No one can predict just how much change the microformats will bring to the Web, but it's easy to see how they will empower programmers to whip together solutions. If there's one nice, standard way to represent dates and times, for example, then programmers can knit together the time-related information from Websites without bothering to write sophisticated parsers that guess at the format one person chose. Calendars, timelines, and schedules drawn from multiple sources become much simpler to craft.
HTML5 will add location to the mix
To the Web server, we were once just IP addresses, relatively anonymous numbers that had only a rough correspondence to the real world. The HTML5 standard now lets JavaScript ask the browser for the latitude and longitude of the user. It typically doesn't work with a desktop system (GPS or Wi-Fi required), but it works quite well with handheld smartphones.
No one knows what clever programmers will create with this location information, but it's bound to integrate cyberspace with meatspace in unpredictable and amazing ways.
HTML5 will smooth the way to Web video
The HTML5 video tag makes it easier for Web developers to integrate video with the information on the rest of the page, opening up the bag of tricks to jQuery and PHP developers, not just Flash, Silverlight, or JavaFX magicians.
Despite this vision, there's little coherence, as everyone wants to be the ones distributing the codecs for unpacking the moving images and the corresponding sound. The HTML5 standard is codec-neutral, which means that we're replacing the old world where the add-on software was called a plug-in with a new world where the add-on is called a codec. So there's a standard video tag, but the browser may or may not know how to interpret the data.
Erich Ocean, a HTML5 application development lecturer who teaches in Los Angeles, believes the codec wars are already won. "Computer programmers (and Mozilla) are fooling themselves if they think they can dictate video standards to video professionals," he said. "Google's new format will see some usage, for example in YouTube, but will never reach anywhere close to the ubiquity of H.264."
Despite the confusion and the lack of complete agreement, the new video tag will unlock more of the power of video and make HTML less and less of a textual jungle and more and more of a video playground. It's too soon to stop teaching our kids to read, but maybe the handwriting -- er, the Webcam video is projected on the wall.
HTML5 will produce chattier widgets
The widgets that run in IFrames have enabled sites to embed information from other sites for years, but they've always been limited by the security boundaries that keep each widget in a separate sandbox.
HTML5 offers a standard mechanism for these widgets to talk with each other. They still won't be able to reach into each other's sandbox, but they'll be able to send messages back and forth, coordinating their work and maybe even gossiping about the person typing at the keyboard.
Advertisers will drool at the chance to coordinate the behavior of disparate rectangles scattered across the page, and developers will surely find other practical uses. For instance, a tennis tournament might synchronize players on the left and the right of the page, an effect that may be so maddening that some will go running back to HTML 1.0.
However, this mechanism for sending messages is just a start. There's still a need to set standards for the information that's passed, so widgets stand a chance of speaking to each other even when they haven't been developed with a specific conversation in mind. In other words, they need more of a standard vocabulary.
HTML5 will improve security (maybe)
Each browser plug-in is a separate program built by a different team of programmers with different standards, different release schedules, and different models for security. Naturally, some plug-ins are more secure than others. And as plug-ins proliferate they increase the complexity of keeping track of the security faults. Was it the plug-in or the browser that had that nasty hole at the end of last year? Was it fixed by updating the browser but not the plug-in or vice versa? Who can remember?
Replacing many plug-ins with features baked into HTML5 removes the dangers that any of these groups will make a mistake, or worse, that someone will use a plug-in API to deliberately install malicious code. If the security team auditing Firefox, Chrome, or IE does the job -- granted, that's a big if -- then the dangers will be fewer.
This claim of better security, though, is a bit of a wild guess. The devious minds may use their malice aforethought to take advantage of the nice integration, perhaps drawing PayPal logos with the Canvas object from scratch to impersonate the PayPal site. No one can predict what the dangerous minds will discover in the new capabilities of HTML5.
HTML5 will simplify Web development
Bill Mill, a developer who works at Lookingglass Cyber Solutions, explains the change succinctly: "I mainly like HTML5 because it allows me to work in one unified environment, the browser plus JavaScript plus DOM, without having to switch back and forth between the Flash world and the HTML5 world. There is one language and one set of tools, not different ones for each plug-in."
He adds, "I think this is noticeable to the user too, where Flash blobs seem to exist in their own world within a Web page."
HTML5 offers one language (JavaScript), one data model (XML and DOM), and one set of layout rules (CSS) to bind text, audio, video, and graphics. The challenge of making something beautiful is still immense, but it's simpler to work with a unified standard.
BIOS may be dead in three years
It's the one major part of the PC that's still reminiscent of the PC's primordial, text-based beginnings, but the familiarly-clunky BIOS could soon be on its deathbed, according to MSI. The motherboard maker says it's now making a big shift towards point and click UEFI systems, and it's all going to kick off at the end of this year.
Speaking to THINQ, a spokesperson for the company in Taiwan who wished to remain anonymous said that "MSI will start to phase in UEFI starting from the end of this year, and we expect it will be widely adopted after three years."
According to the MSI mole, the first new UEFI products will be based on Intel's Sandy Bridge chipset, spanning the whole field from entry-level boards to high-end kit. The company says that it expects the boards to be introduced towards the end of this year, and into early 2011. "We won’t consider UEFI as an expensive premium feature," said the spokesperson, "but as a must-have for everyone!"
MSI plans to start introducing UEFI on its Sandy Bridge motherboards later this year
UEFI (universal extensible firmware interface) is a continuation of Intel's original EFI project, which was designed to replace the BIOS with a user-friendly point-and-click interface, as well as addressing many other troublesome areas of the PC's legacy.
MSI has previously dabbled in UEFI in 2008, when it introduced its Click BIOS on a few motherboards based on Intel's P45 chipsets. However, the move to UEFI is now starting to become much more important because of its implications for storage.
Last month, Seagate revealed to THINQ that a UEFI system would be an essential requirement in order for a PC to boot from a drive larger than 2TB.
MSI revealed its first UEFI Click BIOS system in 2008
MSI's spokesperson described this as a "big factor," explaining that the "default storage size for the general public is getting bigger and bigger." He predicts that "mainstream notebooks will use almost 1TB of storage next year, not to mention desktop systems, so we need to move forward to UEFI fast!"
Implementing a UEFI system isn't an easy job for motherboard manufacturers used to working with standard BIOS technology, though. Our source explained that motherboard manufacturers had held off moving to UEFI because of the "huge resources you have to throw at it."
Continued on next page
With regards to the old BIOS, he points out that there's an attitude of "if it isn’t broken; don’t need to fix it. Unless you have a strong determination to upgrade it, most manufactures will stick to a traditional, easy and familiar old solution."
There are a lot of issues to address here, not least the fact that a standard BIOS can't simply be flashed with a new UEFI system. "A UEFI system is generally bigger than a traditional BIOS," explains the MSI insider, "and most of the onboard ROM is not that big, so you can’t just flash UEFI into a traditional BIOS board."
A UEFI system replaces the text-based BIOS with a user-friendly point and click system
He also points out that "UEFI doesn’t support every board; you have to use certain code with certain motherboards."
Motherboard companies spend a lot of time developing their own features and technology that distinguish their motherboards from those of the competition. If these features are designed to interface with the code in a traditional BIOS, then they may not be able to communicate with a UEFI system.
"The main difference between a traditional BIOS and UEFI is programming," said our source, pointing out that "UEFI is written in C, rather than the assembly code used in a traditional BIOS." However, he points out that this means that there's much more flexibility with the code.
According to MSI, there's still a lot of work to be done on developing UEFI, but the company's spokesperson says that the cost of implementing the final systems should be minor. "We think this is trend for future," he said, adding that UEFI should be a "basic feature for all end-users."
New customer service phone number
DWHS has combined all of our numbers into one, the new number now is 213 984 HOST (4678). The old toll free numbers and direct numbers will phase out over the next couple weeks.
If you have any questions please let us know.
Easily Add Videos to Your WordPress Blogs
With the online video industry taking off, you may want to know some easy ways to add video to your WordPress sites. There are several great WordPress plugins for adding video content to your blogs. In this guide I’ll go over:
* Adding your own hosted .flv videos to WordPress
* How to embed videos from video sites such as YouTube
Start adding videos to your WordPress sites today and read on…
Playing hosted flash videos
If you can create your own .flv videos, and would rather not host them on a third-party site, there’s no better plugin than FLV Embed. With this plugin you can add your video to a post or page with a quick tag. First you need to get the plugin from WordPress.org at install it through OneClick or manually.
Once installed and activated, you’ll be able to configure the settings of the FLV player when it’s displayed on your blog.
In addition to setting options such as colors, you can also have your own logo embedded, have “Full Screen Mode” enabled, set the default volume, among other features you’d expect to see from a fully featured video plugin.
To display a video in a page or a post, you’d use a quick tag similar to the following:
The first option, currently your-video.flv, is obviously the name of the video in the path you set on the options page. You can also set it as a full URL. The optional-portrait.jpg is optional, and is what will show up as a “preview” before the video is played. The 2 numbers are width and height, respectively.
Embedding videos from other sites
Several popular video sites such as YouTube, Google Video, MetaCafe, IFILM, and others offer “embedding” code that will allow you to place a hosted video up for display on your own site, without sacrificing your own bandwidth resources. For WordPress, there is an easy plugin that you can use to embed videos in a similar “quick tag” format as above. It’s called Viper’s Video Quicktags.
Currently this plugin supports the following video sites:
* YouTube
* Google Video
* IFILM
* MetaCafe
* MySpace
These among other hosted video formats as well. You can get the plugin at WordPress.org. Once activated, you’ll see the options for the video sites on your post menu, which will prompt you for the video URL. It will generate the code in quick tag format to be displayed in your post.
As you can see, it’s a very simple format. All you need is the YouTube video URL. It’s a similar format for the other supported video sites as well.
Conclusion
If you post videos frequently on your blog I’d highly recommend these plugins, especially Viper’s for the quick tag post integration for all those video sites.
Green Data Center Management: The Hot New College Degree?
For more information on DWHS's green tech click here: Green Web Hosting
Degrees in environmental studies, environmental science, and environmental engineering are commonplace in most universities throughout the United States, but Metropolitan Community College (MCC) in Omaha, Nebraska is taking degree specificity to new levels with its 2-year associate's degree in green data center management.
Degree-seekers will use IBM hardware and software (thanks to a partnership with the company) in their quest to become green data center masters. That means plenty of hours logged in riveting classes like Virtualization, Remote Access, and Monitoring; Data Center Racks and Cabling; and Applied Data Center Management. The program culminates with an internship in the on-campus Information Technology Data Center, which is funded by $1.8 million Department of Labor grant.
So why did the Department of Labor and IBM choose to focus their energies on a community college in Nebraska? Omaha is at the intersection of east-west and north-south fiber optic networks, and as a result the city has become something of a hub for communications and information services companies. That, in turn, has led to a demand for data center employees in the area.
And since data centers are responsible for 1.5% of all power use in the United States, any employee who can offer expertise in keeping energy costs down is extremely valuable. With data center energy consumption expected to double in the coming years to 100 billion kilowatt hours--$7.4 billion in energy costs--those students who slave through the dry topics in the green data center management program will probably have better job prospects than most college graduates.