The New York Times has an article today about how the inauguration crowd will test cellphone networks. They wrote:
Sprint Nextel, which said it had been planning for the inauguration since April, has also increased capacity of its cell sites and terrestrial transmission lines to prepare the network to sustain 10 to 15 [...]
Reading the Wired writeup on the Twitter password hack, I’m incredulous to read that there was no rate limiting on failed authentication. Given Twitter’s stringent rate limiting for API requests, this seems surprising. Not to mention that online password attacks are practically older than time. Fortunately,
As for addressing the security [...]
Seen via High Scalability, this seems related to my Chord/DHash work — Ringo: Distributed key/value storage for immutable data. A cursory glance at the Erlang source (a language I don’t actually know), suggests that Ringo does simple successor only routing. I think it uses something like Merkle synchronization trees though there are also [...]
On Wednesday (12/17), Collin Jackson will be giving a talk at MIT titled, “Extracting Passwords from JavaScript Password Managers“. I can’t go due to scheduling conflicts but it seems worth considering if you are local and interested in my post about PassPack and Clipperz. I didn’t see any obvious papers from Collin’s website [...]
Continuing in the photography/lighting vein… Neil van Niekerk’s techniques are geared towards the time-limited on-the-go (wedding) shooter; David Hobby tends to prefer carefully constructed off-camera light. He’s been exploring on-axis fill recently and his “run and gun” post is where I’d like to go next with lighting: using a single off-camera light with on-camera [...]
Google is soon going to demonstrate Google Chrome: a ground-up re-written browser designed with security in mind. Wow, render each tab in a separate process (and more). Compare that to what we saw at SOSP 2007: MSR presented some improvements to deal with IFRAME within MSIE (MashupOS (PDF)) and how to track Ajax [...]
Hal Finney presents rough notes taken from a talk by Ron Rivest (1.5M PPT) about the MD6 hash function. MD6 will be a SHA-3 candidate and is tree-based and thus highly parallelizable (while remaining serializable). It appears to be designed to resist known forms of attack.
Wuala uses erasure codes and crypto over a p2p network (backed by managed servers) to provide “social” storage. The crypto builds on work by Kevin Fu and others. One nice idea is that you can trade local storage for remote storage. I wonder how good the latency is when reconstructing data fragmented across [...]
.
Recent Twitter Activity