Monday, January 26, 2009
Monday, January 19, 2009
Tuesday, January 13, 2009
- Asking: Amazingly the most common way to gain access to someone's password is simply to ask for it (often in relation with something else). People often tell their passwords to colleagues, friends and family. Having a complex password policy isn't going to change this.
- Guessing: This is the second most common method to access a person's account. It turns out that most people choose a password that is easy to remember, and the easiest ones are those that are related to you as a person. Passwords like: your last name, your wife's name, the name of your cat, the date of birth, your favorite flower etc. are all pretty common. This problem can only be solved by choosing a password with no relation to you as a person.
- Brute force attack: Very simple to do. A hacker simply attempts to sign-in using different passwords one at the time. If you password is "sun", he will attempt to sign-in using "aaa, aab, aac, aad ... sul, sum, sun (MATCH)". The only thing that stops a brute force attack is higher complexity and longer passwords (which is why IT people want you to use just that).
- Common word attacks: A simple form of brute-force attacks, where the hacker attempt to sign-in using a list of common words. Instead of trying different combination of letters, the hacker tries different words e.g. "sum, summer, summit, sump, sun (MATCH)".
- Dictionary attacks: Same concept as common word attacks - the only difference is that the hacker now uses the full dictionary of words (there are about 500,000 words in the English language).
- a password that can be hacked in 1 minute is far too riksy
- 10 minutes - still far too risky
- 1 hour - still not good enough
- 1 day - now we are getting somewhere. The probability that a person will have a program running just to hack your account for an entire day is very little. Still, it is plausible.
- 1 month - this is something that only a dedicated attacker would do.
- 1 year - now we are moving from practical risk to theoretical risk. If you are NASA or CIA then it is unacceptable. For the rest of us, well - you do not have that kind of enemies, nor is your company data that interesting.
- 10 years - Now we are talking purely theoretical.
- A lifetime: 100 years - this is really the limit for most people. Who cares about their password being hacked after they have died? Still it is nice to know that you use a password that is "secure for life"
Sunday, January 4, 2009
Since the dawn of electronics, we've had only three types of circuit components--resistors, inductors, and capacitors. But in 1971, UC Berkeley researcher Leon Chua theorized the possibility of a fourth type of component, one that would be able to measure the flow of electric current: the memristor. Now, just 37 years later, Hewlett-Packard has built one.
What is it? As its name implies, the memristor can "remember" how much current has passed through it. And by alternating the amount of current that passes through it, a memristor can also become a one-element circuit component with unique properties. Most notably, it can save its electronic state even when the current is turned off, making it a great candidate to replace today's flash memory.
Memristors will theoretically be cheaper and far faster than flash memory, and allow far greater memory densities. They could also replace RAM chips as we know them, so that, after you turn off your computer, it will remember exactly what it was doing when you turn it back on, and return to work instantly. This lowering of cost and consolidating of components may lead to affordable, solid-state computers that fit in your pocket and run many times faster than today's PCs.
Someday the memristor could spawn a whole new type of computer, thanks to its ability to remember a range of electrical states rather than the simplistic "on" and "off" states that today's digital processors recognize. By working with a dynamic range of data states in an analog mode, memristor-based computers could be capable of far more complex tasks than just shuttling ones and zeroes around.
When is it coming? Researchers say that no real barrier prevents implementing the memristor in circuitry immediately. But it's up to the business side to push products through to commercial reality. Memristors made to replace flash memory (at a lower cost and lower power consumption) will likely appear first; HP's goal is to offer them by 2012. Beyond that, memristors will likely replace both DRAM and hard disks in the 2014-to-2016 time frame. As for memristor-based analog computers, that step may take 20-plus years.
32-Core CPUs From Intel and AMD
If your CPU has only a single core, it's officially a dinosaur. In fact, quad-core computing is now commonplace; you can even get laptop computers with four cores today. But we're really just at the beginning of the core wars: Leadership in the CPU market will soon be decided by who has the most cores, not who has the fastest clock speed.
What is it? With the gigahertz race largely abandoned, both AMD and Intel are trying to pack more cores onto a die in order to continue to improve processing power and aid with multitasking operations. Miniaturizing chips further will be key to fitting these cores and other components into a limited space. Intel will roll out 32-nanometer processors (down from today's 45nm chips) in 2009.
When is it coming? Intel has been very good about sticking to its road map. A six-core CPU based on the Itanium design should be out imminently, when Intel then shifts focus to a brand-new architecture called Nehalem, to be marketed as Core i7. Core i7 will feature up to eight cores, with eight-core systems available in 2009 or 2010. (And an eight-core AMD project called Montreal is reportedly on tap for 2009.)
After that, the timeline gets fuzzy. Intel reportedly canceled a 32-core project called Keifer, slated for 2010, possibly because of its complexity (the company won't confirm this, though). That many cores requires a new way of dealing with memory; apparently you can't have 32 brains pulling out of one central pool of RAM. But we still expect cores to proliferate when the kinks are ironed out: 16 cores by 2011 or 2012 is plausible (when transistors are predicted to drop again in size to 22nm), with 32 cores by 2013 or 2014 easily within reach. Intel says "hundreds" of cores may come even farther down the line.
USB 3.0 Speeds Up Performance on External Devices
The USB connector has been one of the greatest success stories in the history of computing, with more than 2 billion USB-connected devices sold to date. But in an age of terabyte hard drives, the once-cool throughput of 480 megabits per second that a USB 2.0 device can realistically provide just doesn't cut it any longer.
What is it? USB 3.0 (aka "SuperSpeed USB") promises to increase performance by a factor of 10, pushing the theoretical maximum throughput of the connector all the way up to 4.8 gigabits per second, or processing roughly the equivalent of an entire CD-R disc every second. USB 3.0 devices will use a slightly different connector, but USB 3.0 ports are expected to be backward-compatible with current USB plugs, and vice versa. USB 3.0 should also greatly enhance the power efficiency of USB devices, while increasing the juice (nearly one full amp, up from 0.1 amps) available to them. That means faster charging times for your iPod--and probably even more bizarre USB-connected gear like the toy rocket launchers and beverage coolers that have been festooning people's desks.
When is it coming? The USB 3.0 spec is nearly finished, with consumer gear now predicted to come in 2010. Meanwhile, a host of competing high-speed plugs--DisplayPort, eSATA, and HDMI--will soon become commonplace on PCs, driven largely by the onset of high-def video. Even FireWire is looking at an imminent upgrade of up to 3.2 gbps performance. The port proliferation may make for a baffling landscape on the back of a new PC, but you will at least have plenty of high-performance options for hooking up peripherals.
Google's Desktop OS
In case you haven't noticed, Google now has its well-funded mitts on just about every aspect of computing. From Web browsers to cell phones, soon you'll be able to spend all day in the Googleverse and never have to leave. Will Google make the jump to building its own PC operating system next?
What is it? It's everything, or so it seems. Google Checkout provides an alternative to PayPal. Street View is well on its way to taking a picture of every house on every street in the United States. And the fun is just starting: Google's early-beta Chrome browser earned a 1 percent market share in the first 24 hours of its existence. Android, Google's cell phone operating system, is hitting handsets as you read this, becoming the first credible challenger to the iPhone among sophisticated customers.
When is it coming? Though Google seems to have covered everything, many observers believe that logically it will next attempt to attack one very big part of the software market: the operating system.
The Chrome browser is the first toe Google has dipped into these waters. While a browser is how users interact with most of Google's products, making the underlying operating system somewhat irrelevant, Chrome nevertheless needs an OS to operate.
To make Microsoft irrelevant, though, Google would have to work its way through a minefield of device drivers, and even then the result wouldn't be a good solution for people who have specialized application needs, particularly most business users. But a simple Google OS--perhaps one that's basically a customized Linux distribution--combined with cheap hardware could be something that changes the PC landscape in ways that smaller players who have toyed with open-source OSs so far haven't been quite able to do.
Check back in 2011, and take a look at the not-affiliated-with-Google gOS, thinkgos in the meantime.
And now, looking back....really back, far behind...
25 Years of our Predictions:
Our Greatest Hits
Predicting the future isn't easy. Sometimes PC World has been right on the money. At other times, we've missed it by a mile. Here are three predictions we made that were eerily prescient--and three where we may have been a bit too optimistic.
1983 What we said: "The mouse will bask in the computer world limelight... Like the joystick before it, though, the mouse will fade someday into familiarity."
We hit that one out of the park. Mice are so commonplace that they're practically disposable.
1984 What we said: "Microsoft Windows should have a lasting effect on the entire personal computer industry."
"Lasting" was an understatement. Windows has now amassed for Microsoft total revenues in the tens of billions of dollars and is so ubiquitous and influential that it has been almost perpetually embroiled in one lawsuit or another, usually involving charges of monopoly or of trademark and patent infringements.
1988 What we said:"In the future you'll have this little box containing all your files and programs... It's very likely that eventually people will always carry their data with them."
For most people, that little box is now also their MP3 player or cell phone.
And Biggest Misses
1987 What we said: "When you walk into an office in 1998, the PC will sense your presence, switch itself on, and promptly deliver your overnight e-mail, sorted in order of importance."
When we arrive in our office, the computer ignores us, slowly delivers the overnight e-mail, and puts all the spam on top.
1994 What we said: "Within five years... batteries that last a year, like watch batteries today, will power [PDAs]."
Perhaps our biggest whiff of all time. Not only do these superbatteries not exist (nor are they even remotely in sight), but PDAs are pretty much dead too.
2000 What we said: We wrote about future "computers that pay attention to you, sensing where you are, what you're doing, and even what your vital signs are... Products incorporating this kind of technology...could hit the market within a year."
While many devices now feature location-sensing hardware, such a PC has yet to come to pass. And frankly, we'd be glad to be wrong about this one.
That's it then!
I'm presently reading Golem's Eye, as I've mentioned in the reply-comment of my previous blog...and also listening to Viva La Vida, by Coldplay, which was a New Year's gift from my pal, Klaus. The guitar lessons are going on smoothly, only giving blisters on my fingertips...but its all in the game..!
Keep your comments pouring in,
Till my next post,
Templar AKA Sumanth