As reported here recently, millions of LinkedIn password hashes have been leaked online. An anonymous reader writes “Now, Poul-Henning Kamp a developer known for work on various projects and the author of the md5crypt password scrambler asks everybody to migrate to a stronger password scrambler without undue delay. From the blog post: ‘New research has shown that it can be run at a rate close to 1 million checks per second on COTS GPU hardware, which means that it is as prone to brute-force attacks as the DES based UNIX crypt was back in 1995: Any 8 character password can be found in a couple of days. The default algorithm for storing password hashes in /etc/shadow is MD5. RHEL / CentOS / FreeBSD user can migrate to SHA-512 hashing algorithms.'” Reader Curseyoukhan was was one of several to also point out that dating site eHarmony got the same treatment as LinkedIn.

Read more of this story at Slashdot.

Read this article:
MD5crypt Password Scrambler Is No Longer Considered Safe

As you’ve no doubt heard, a large tranche of hashed LinkedIn passwords has been leaked onto the net. There’s no known way to turn the hash of a password back into the password itself, but you can make guesses about passwords, hash the guesses, and see if the hashed guess matches anything in the leaked database. Bunnie Huang has been making some educated guesses about the passwords, and he’s reported on his findings.

I thought it’d be fun to try to guess some passwords just based on intuition alone, using LeakedIn to check the guesses. Here’s some of the more entertaining passwords that are in the database: ‘obama2012′, ‘Obama2012′, ‘paladin’, ‘linkedinsucks’, ‘fuckyou’, ‘godsaveus’, ‘ihatemyjob’, ‘ihatejews’ (tsk tsk), ‘manson’, ‘starbucks’, ‘qwer1234′, ‘qwerty’, ‘aoeusnth’ (hello fellow dvorak user!), ‘bigtits’ (really?), ‘colbert’, ‘c0lbert’, ‘bieber’, ‘ilovejustin’, ’50cent’, ‘john316′, ‘john3:16′, ‘John3:16′, ’1cor13′, ‘psalm23′, ‘exodus20′, ‘isiah40′, ‘Matthew6:33′, ‘hebrews11′ (bible verses are quite popular passwords!).

Interestingly, there is no ‘romney2012′ or any variant thereof.

Leaked In

View article:
Preliminary analysis of LinkedIn user passwords

Following in the footsteps of USB flash drives that have shrunk to meer slivers of plastic, Eikon’s new Mini biometric fingerprint reader is barely noticeable as it hangs off your laptop. And the convenience of not having to remember passwords will cost you just $10. More »

View post:
World’s Smallest Fingerprint Reader Borders on Adorable [Security]

Between the Raspberry Pi and the new Chromebox, we’ve been spending more time than usual lately talking about miniature desktops. Until now, though, AMD hasn’t really entered the discussion; all of the models we’ve tested have featured either an ARM chip or Intel processor. So we were intrigued, then, when we found this mini PC hanging out at the company’s Computex booth. It’s called the LiveBox, and it runs one of AMD’s X86-based Fusion chips. Before we get into specifics, though, have a gander at our hands-on photos and check out that funky design. In addition to being tiny, it has a two-pronged power connector attached, allowing you to plug it directly into an outlet. We’re not sure individual consumers will prefer that cordless design, but we can see it translating well in businesses and schools — precisely the sorts of places where AMD thinks these boxes might find a home.

Again, the LiveBox is based on a Fusion APU (a 1GHz C-60 chip, to be exact), complemented by 1GB of RAM and Radeon HD 6200 graphics. As for storage, the unit on display had a Samsung-made 64GB SSD. Take a tour around the edges and you’ll find two USB 2.0 ports (no USB 3.0), a Gigabit Ethernet jack and an HDMI socket. There’s also a memory card reader, a SIM slot for quad-band 3G (WCDMA) and Bluetooth 4.0, in case you want to pair it with any wireless peripherals. As you can see in the video below, those modest internals are enough to output smooth 1080p video, which means this setup should suffice for basic things like email, web surfing and YouTube. Unfortunately, the machine on display was running Windows 7, not 8, which is a bummer. We also wish we knew more about the target price: AMD won’t say what brand will be selling this, or when it will be available. Until then, it’s tough to say where the LiveBox fits in. But hey, hands-on photos and video can’t hurt, right?

Continue reading AMD shows off LiveBox mini desktop based on one of its Fusion chips (video)

AMD shows off LiveBox mini desktop based on one of its Fusion chips (video) originally appeared on Engadget on Thu, 07 Jun 2012 04:01:00 EDT. Please see our terms for use of feeds.

Permalink | | Email this | Comments

View article:
AMD shows off LiveBox mini desktop based on one of its Fusion chips (video)

Photo: REUTERS/Youssef Boudlal

The Solar Impulse plane project president and pilot Bertrand Piccard lands after a 19-hour flight from Madrid at Rabat’s International airport, June 5, 2012. The plane landed in Morocco on Tuesday, completing the world’s first intercontinental flight powered by the sun to show the potential for pollution-free air travel.

More about the successful completion of the project here.

Photo: REUTERS/Youssef Boudlal

Crew members check the Solar Impulse plane after it landed following a 19-hour flight from Madrid at Rabat’s International airport, June 5, 2012.

Photo: REUTERS/Youssef Boudlal

The Solar Impulse plane’s project president and pilot, Bertrand Piccard (L) celebrates with co-founder and CEO Andre Borschberg (R) and Moroccan Agency for Solar Energy (MASEN) CEO Mustapha Bakkoury after the plane landed.

More:
Solar Impulse plane lands, completing world’s first intercontinental flight powered by the sun (photos)

First time accepted submitter bpkiwi writes “FBI agents, working with New Zealand police on the Megaupload case, took a copy of Kim Dotcom’s hard drives and then immediately sneaked out of the police facility and FedEx’ed them back to the USA. Despite the fact that removal of evidence in this manner without official approval (and a chance for the defendant to challenge it) appears to be illegal, the New Zealand government is now left arguing on a technicality — that the law only covers ‘physical’ items.” Things got slightly better for Megaupload users trying to get their files back today. In a court filing the MPAA said users can have their files back as long as access to copyrighted files is blocked. “The MPAA Members are sympathetic to legitimate users who may have relied on Megaupload to store their legitimately acquired or created data, although the Megaupload terms of use clearly disclaimed any guarantee of continued access to uploaded materials,” MPAA lawyers write.

Read more of this story at Slashdot.

Read the original post:
FBI Used FedEx To Sneak Dotcom's Hard Drives Out of NZ

We’ve already heard about broadcast plans for the 2012 London Olympics in the US on NBC and UK from BBC, but what about other areas of the world? YouTube, which is partnering with NBC on streaming in the US, has also struck a deal with the International Olympic Committee to stream 2,200 hours on 10 live high definition feeds to viewers in 64 territories across Asia and sub-Saharan Africa. That only extends to countries where the digital rights haven’t already been snapped up, but it does mean that in many regions people will have access to a level of coverage that has never been available at all before on computers, phones and tablets. The English language commentated feeds will be available daily depending on the competition schedule, plus a 24-hour broadcast of the Olympic News Channel. YouTube has already made a name for itself as a sports broadcaster to worldwide markets with events like Indian Premier League Cricket and now with the Olympics it’s taking another step forward. Check the press release after the break for the full list of countries as well as a video peek behind the scenes of producing such a large event.

Continue reading YouTube will live stream HD Olympics coverage to 64 territories in Asia, Africa

YouTube will live stream HD Olympics coverage to 64 territories in Asia, Africa originally appeared on Engadget on Wed, 06 Jun 2012 19:48:00 EDT. Please see our terms for use of feeds.

Permalink | YouTube Blog | Email this | Comments

Continue Reading:
YouTube will live stream HD Olympics coverage to 64 territories in Asia, Africa

A partial list of the 6.5 million passwords leaked by someone identified as dwdm. The list contains strong passwords that were unique to LinkedIn, leading to speculation that’s were the passwords originated.

Dan Goodin, Ars Technica

An unknown hacker has posted more than 8 million cryptographic hashes to the Internet that appear to belong to users of LinkedIn and a separate, popular dating website.

The massive dumps over the past three days came in postings to user forums dedicated to password cracking at insidepro.com. The bigger of the two lists contains almost 6.46 million passwords that have been converted into hashes using the SHA-1 cryptographic function. They use no cryptographic “salt,” making the job of cracking them considerably faster. Rick Redman, a security consultant who specializes in password cracking, said the list almost certainly belongs to LinkedIn because he found a password in it that was unique to the professional social networking site. Robert Graham, CEO of Errata Security said much the same thing, as did researchers from Sophos. Several Twitter users reported similar findings.

“My [LinkedIn] password was in it and mine was 20 plus characters and was random,” Redman told Ars. With LinkedIn counting more than 160 million registered users, the list is probably a small subset, most likely because the person who obtained it cracked the weakest ones and posted only those he needed help with.

Read more | Comments

Read More:
8 million leaked passwords connected to LinkedIn, dating website (updated)

Google is keeping the string of Maps launches going — it’s just rolling out very, very detailed 3D maps for technology like Google Earth, using a “new process” to get extra depth. In some areas, such as San Francisco, it models every building and delves down into the trees. The new fully textured, fully modeled imagery is coming both to Android and iOS in the “coming weeks,” and Google even made a point of showing the update running on an iPad. Just how deep this rabbit hole goes is an unknown right now, but it certainly ups the ante for Apple’s rumored giant iOS 6 Maps revamp and the 3D mapping it might be using from C3 Technologies.

Update: We just followed up with Peter Birch following the keynote regarding version compatibility for offline and 3D Maps, and were told that Google “has nothing to announce at this time,” but will do so in the coming weeks. We prodded a bit to see if 2.x devices would be in the mix, and all we got was a non-confirming reply about an “assumption” that if Google Maps Navigation is supported, offline and 3D would be as well.

Relive the memories in our liveblog… right here!

Continue reading Google Maps, Earth take on full 3D imagery

Google Maps, Earth take on full 3D imagery originally appeared on Engadget on Wed, 06 Jun 2012 13:20:00 EDT. Please see our terms for use of feeds.

Permalink | Google | Email this | Comments

Continue reading here:
Google Maps, Earth take on full 3D imagery