Tag: strength

CTP Ep. 83 – August 21, 2016: Driving Miss Daisy

CTP Ep. 83 – August 21, 2016: Driving Miss Daisy

Sponsored by Olio Digital Labs.olio-square

Hosts & Guests

  • Stuart Clark
  • Derek Silva

Thanks to techdoz.ca for the loan of the snowball mic.

Topics

  • Canadian cops want to know your passwords
    • http://www.macleans.ca/news/canadian-cops-want-to-know-your-passwords/
    • This past week the Canadian Association of Chiefs of Police passed a resolution calling for a legal measure to unlock digital evidence. The CACP is saying that criminals increasingly use encryption to hide illicit activities, but at the moment there is not a law in Canada that would compel someone to provide their password to police during an investigation.
    • The RCMP complains criminals are operating online almost entirely anonymously with the help of tools that obscure identities and messages, which is a phenomenon we’ve discussed before called “going dark.” On the other hand, OpenMedia calls the request from the Chiefs “wildly disproportionate” because of how much data would actually be provided in the case of a laptop computer, for example, and adds that “On the face of it, this seems like it’s clearly unconstitutional.”
  • Canadian government launches public forum on cyber security
    • http://mobilesyrup.com/2016/08/17/canadian-government-launches-public-forum-on-cyber-security/
    • On Wednesday, the Canadian government announced they are launching a public forum on Canada’s cyber security landscape, and they are inviting members of the public to share their views. The forum is open now until October 15, 2016, and some of the topics covered include the evolution of cyber threats, the increasing economic significance of cyber security, the expanding frontiers of cyber security, and moving forward on cyber security.
    • Minister of National Defence Harjit Sajjan said the government has a responsibility to be on the forefront of cyber security and online privacy. And there is a link to access the forum and provide your input here:
    • http://www.publicsafety.gc.ca/cnt/cnslttns/cbr-scrt/index-en.aspx
  • Open365 – Clouding with style
    • http://www.ocsmag.com/2016/08/17/open365/
    • Open365 is made up of LibreOffice, Seafile, and KDE, and is produced by the same team that brought us eyeOS back in 2007. You get an @open365.io username and email address, access to all of LibreOffice’s applications online, similar to Google Docs and Microsoft Office Online or Office 365, along with GIMP – the open source alternative to Photoshop.
    • For the most part the reviewer is pleased with the current state of Open365. A few notable issues are that the entire directory of users is searchable when sharing a file, making it far too easy to determine who has Open365 accounts; the versioning feature contributes to your storage usage, but 20GB is a bigger quota than what Google Drive provides at 15GB; things can still be a bit slow at times in this beta stage, and of course there is the classic issue of LibreOffice simply being ugly.
  • Password strength meters fail to spot easy-to-crack examples
    • https://www.theguardian.com/technology/2016/aug/19/password-strength-meters-security
    • You should be seeing password strength meters more and more as you use the web. They are supposed to tell you when you’ve entered enough different characters to make a secure password when you’re signing up for a new site, but it turns out they may be next to useless according to a one security consultant.
    • These meters often appear as a bar that goes from red to green, and they rank passwords using measures like complexity, length and character use. Unfortunately, it turns out most of them fail to spot easy to guess or predictable passwords, which results in them giving users a false sense of security, or worse, downright terrible advice.
    • Compound Eye web consultants said that, in their testing, most password strength meters don’t actually measure password strength at all, and the only good way to the strength of a password is to try and crack it. So, that’s what they did! Compound Eye tested five popular password strength meters like jQuery Password Strength Meter for Twitter Bootstrap, Strength.js, Mato Ilic’s PWStrength, FormGet’s jQuery Password Strength Checker and Paulund’s jQuery password strength demo.
    • When tested with five of the worst passwords possible that are on a list of the 10,000 most common passwords, those popular password meters failed to spot that all five tested passwords were terrible, while another cool called ‘zxcvbn,’ which is used by Dropbox, WordPress and others, identified them as very weak. One of the meters even ranked strings like trustno1, iloveyou! and primetime21 as “good.”
  • Ford and Volvo both set to mass-produce a completely self-driving car within five years
    • http://arstechnica.com/cars/2016/08/ford-to-mass-produce-a-completely-self-driving-car-within-five-years/
    • http://arstechnica.com/cars/2016/08/uber-and-volvo-partner-up-robot-ride-sharing-starts-this-summer/
    • Ford and Volvo are both aiming to put level 4 autonomous vehicles, as defined by SAE, on the road by 2021. To put that in context, the definition of level 4 automation is ‘high automation’ and states, “the driving mode-specific performance by an automated driving system of all aspects of the dynamic driving task, even if a human driver does not respond appropriately to a request to intervene.” It’s the second highest level of automation currently defined.
    • Ford made the announcement at their Silicon Valley Research and Innovation Center, and to help it along it has toward their self-imposed 2021 deadline, Ford has invested in lidar sensor-maker Velodyne, 3D mapping company Civil Maps, it has acquired the machine vision company SAIPS, and also entered into a licensing agreement with Nirenberg Neuroscience.
    • And while Ford intends to sell these to taxi or shuttle bus companies to start, saying that the economics don’t make sense, it is essentially going it alone. On the flipside, Uber and Volvo are testing modified XC90 SUVs on the streets of Pittsburgh at random. Customers hailing Uber cabs will occasionally see the XC90 arrive, and will be given the option to take a free ride if they agree to use the autonomous vehicle. There will be a driver in the XC90, as is currently required by law, but Uber and Volvo are going to be able to get plenty of real-life feedback in a terrain very different from where autonomous vehicles are normally tested, out in Nevada and California. Volvo also says they’ll have a level 4 autonomous vehicle for sale in 2021, likely targeted at fleets as well, and it’s expected BMW will also be announcing a similar goal shortly.
  • Google will phase out Chrome apps for Windows, Mac and Linux
    • http://blog.chromium.org/2016/08/from-chrome-apps-to-web.html
    • Three years ago, Google’s Chromium team acknowledged there were certain experiences the web couldn’t provide, like working offline, sending notifications, and connecting to hardware, so they launched Chrome apps to help bridge this gap. And while hundreds, if not thousands of Chrome apps are now available across Linux, Mac, Windows, and Chrome OS, Google has decided that it’s time to begin evolving away from the Chrome apps platform, including both packaged and hosted apps, where hosted apps were almost exclusively just links to the website for that app.
    • All types of Chrome apps will remain supported and maintained on Chrome OS for now, and future enhancements to the Chrome apps platform will only be released for Chrome OS devices, and developers can continue to build Chrome apps (or Android apps) for Chrome OS, though they probably won’t.
    • So starting in late 2016, new Chrome apps will only be available to users on Chrome OS. Existing Chrome apps will remain accessible on all platforms, and developers can continue to update them. In the second half of 2017, the Chrome Web Store will no longer show Chrome apps on Windows, Mac, and Linux, but will continue to surface extensions and themes. In early 2018, users on these platforms will no longer be able to load Chrome apps.
    • Chrome app examples:

Quick Hits

Local Story

Stuff We Like

What are you up to lately?

  • Stuart – Patching and upgrades of websites. Starting to play with Kodi. More unpacking, more training. Doing some more model kit YouTube Videos.
  • Derek – I finally picked up the Izon Stem this week, which I ordered last fall but couldn’t pick up in Port Huron because of expired passport. Also got the FreeHMD VR headset from Tek Gear, which is proving to be very good for the price of $0. Probably giving up on The IT Dept; my heart just isn’t in it. However, going to push to get new CleverHost site up this week, helping Kathleen with a new venture of hers, and then will be pushing forward to launch SSLcheap and a new venture of my own after vacation.

Don’t forget to review us on iTunes, Google Play, or wherever else you get your podcasts. Please retweet us when we tweet about new episodes on Twitter, share them on Facebook and Google+, or tell a friend!

You can also follow and like our page on Facebook. Or send us an email to let us know what you think!

Music Credit:

  • “District Four” Kevin MacLeod (incompetech.com)
  • Licensed under Creative Commons: By Attribution 3.0 License
  • http://creativecommons.org/licenses/by/3.0