Jeff Atwood uses a complaint about how computers have ruined chess forever to make an important point about security:
What's not clear in this table [of exponentially decreasing dollars per gigaflop] is that after 2007, all the big advances in FLOPS came from gaming video cards designed for high speed real time 3D rendering, and as an incredibly beneficial side effect, they also turn out to be crazily fast at machine learning tasks.
Let's consider a related case of highly parallel computation. How much faster is a GPU at password hashing?
Only 155 times faster right out of the gate. No big deal. On top of that, CPU performance has largely stalled in the last decade.
I'd like to emphasize how much it sucks to be an 8 character password in today's world. If your password is only 8 characters, that's perilously close to no password at all. That's also why why your password is (probably) too damn short. In fact, we just raised the minimum allowed password length on Discourse to 10 characters, because annoying password complexity rules are much less effective in reality than simply requiring longer passwords.
Talk about burying the lede. But Atwood is correct; unless you're in the habit (as I am) of using a strong, unique password for every single website, use a set of strong passphrases instead. (The Ars Technica article Atwood cited is pretty good.)
Also, I'm looking for a really good video card now...
I've been running around all day and only have a couple of minutes to list some things I've read on my phone while running around. All day.
There were a few other things in there, but these were the ones I paid most attention to.
Stuff to read later:
OK, conference call is ending. Time to perambulate the pooch.
Hillary Clinton and Donald Trump won their respective Illinois primary elections yesterday. And in other news:
- Turns out, a strong social safety net leads to lower mortality, and because poor, mostly-white areas in the U.S. voted theirs down to minuscule levels, poor, white people are not doing well.
- When you vote against your own party in a hot battle with the opposition governor, and the governor wins that battle, that's a career-limiting move. Illinois representative Ken Dunkin (D-Chicago) got spanked hard for doing that last night. Good.
- A guy got charged with a misdemeanor for allegedly jamming cell phones on the CTA Red Line.
- President Obama nominated an old white guy to the Supreme Court this morning, flummoxing Senate Republicans who want to stonewall the process.
- For no reason anyone can determine, the city seems to be waging a war against valet parking companies. Businesses are annoyed.
- The Daily WTF thought President Obama sounded like an idiot boss on the subject of cell-phone encryption. Even John Oliver thought so.
- London is using pigeons with tiny backpacks to measure air pollution. No, really.
- Marco Rubio's friends say he's a lazy, devious little twerp—on the record. He's also dropped out of the 2016 race, and will probably be out of politics for a couple elections.
- Donald Trump's butler probably thought he was helping his boss by giving an interview to the Times, but...well...
- The Chicago Comic and Entertainment Expo (C2E2) is this weekend. Here's what to see.
Time to write some documentation. Whee.
While I'm going through a boring cycle of NuGet updates, unit tests, and inexplicable app-publishing failures related to the above, I'm piling up a crapload of articles to read on my flight tomorrow:
Back to work. At least my build is succeeding now.
U.S. Magistrate Judge Sheri Pym yesterday ordered Apple, Inc., to bypass security on the iPhone 5c owned by the San Bernadino shooters. Apple said no:
In his statement, [Apple CEO Tim] Cook called the court order an “unprecedented step” by the federal government. “We oppose this order, which has implications far beyond the legal case at hand,” he wrote.
“The F.B.I. may use different words to describe this tool, but make no mistake: Building a version of iOS that bypasses security in this way would undeniably create a back door,” Mr. Cook wrote. “And while the government may argue that its use would be limited to this case, there is no way to guarantee such control.”
The Electronic Frontier Foundation, a nonprofit organization that defends digital rights, said it was siding with Apple.
“The government is asking Apple to create a master key so that it can open a single phone,” it said Tuesday evening. “And once that master key is created, we’re certain that our government will ask for it again and again, for other phones, and turn this power against any software or device that has the audacity to offer strong security.”
This reminds me of the incremental logic of Joss Whedon's Dollhouse, where every choice the characters make along the way seems like the right thing to do at the time, if you skip the inconvenient implications of it.
President Obama and I have the same fitness tracker. His, however, has some customizations:
What counts as must-have features for many people — high-definition cameras, powerful microphones, cloud-connected wireless radios and precise GPS location transmitters — are potential threats when the leader of the free world wants to carry them around.
And so using the latest devices means more than merely ordering one on Amazon for delivery to 1600 Pennsylvania Avenue. It means accepting the compromises imposed by White House technology experts, whose mission is to secure the president’s communications, and by the Secret Service agents who protect him.
He has not given up, though. Mr. Obama is the first commander in chief to regularly carry a specially secured BlackBerry. He reads briefings and checks scores from ESPN on an iPad (the first of which was given to him by Steve Jobs before its public release). And recently he has been seen wearing the Fitbit Surge, a fitness band packed with all the latest technology, on his left wrist.
The article goes on to speculate (because neither the Secret Service nor Fitbit will comment on presidential security) just which features, exactly, they've removed. And my friend request has so far gone unanswered...
The Dept of Homeland Security says we can still use our drivers licenses at airports until 2018:
The shift gives breathing room to Illinois, which had expected its driver's licenses and IDs to be inadequate for air travel, including domestic flights, as early as this spring.
The U.S. Department of Homeland Security last fall declined to give Illinois a third deadline extension for meeting the Real ID Act standards put into place in 2005. As a result, it was expected that Illinois travelers by the middle of this year would need to present a passport or be subject to extra security checks unless Illinois was able to get another extension for compliance.
Illinois Secretary of State Jesse White still plans to seek another compliance extension, said spokesman David Druker. Also, White's staff is talking with members of the General Assembly about potential legislation to fund the changes necessary to bring the state's ID cards up to the federal standards.
The cost for that effort is estimated at $50 million to $60 million. The costs, as well as concerns about protecting individual privacy, have been stumbling blocks so far.
Meanwhile, the Secretary of State's office can't even mail out reminders to drivers to renew their vehicle registrations, because governor Bruce Rauner doesn't want to pay taxes.
And it's -10°C today. Moan moan moan.
The New York Times Magazine has an in-depth analysis of the daily fantasy sports (DFS) industry. I'm not that interested in fantasy sports, but this article had me riveted:
Here’s how it works: Let’s say you run D.F.S. Site A, and D.F.S Site B has just announced a weekly megacontest in which first place will take home $1 million. Now you have to find a way to host a comparable contest, or all your customers will flee to Site B to chase that seven-figure jackpot. The problem is that you have only 25,000 users, and the most you can charge them to enter is $20 per game (anything higher is prohibitively expensive). And you’ll need $2 million or even $3 million in a prize pool if first prize is valued at $1 million (remember, you still have to pay second place, third place and beyond). So you need to somehow quadruple the number of entries. But how? You’re already paying high cost-per-acquisition fees to sites like RotoGrinders, which charge, according to Harber, anywhere between $100 and $200 per person they refer to your site, and you’ve already put your logo on every bus, trash can and ESPN screaming-heads show out there. You’ve also kicked in some of your own money (known as “overlay”) to spice up the pot.
The solution is simple: You let each contestant enter hundreds of times. But even given this freedom, a majority of people will enter only a few more times, which will help but probably won’t get you all you need. If, however, you can attract a few high rollers who are willing to book several hundred or even several thousand entries apiece, the path to the $1 million first prize becomes a lot more manageable. And as long as you can make sure those players keep pouring in their thousands of entries, you can keep posting the $1 million first prize all over your ads.
In the game lobbies of DraftKings and FanDuel, however, sharks are free to flood the marketplace with thousands of entries every day, luring inexperienced, bad players into games in which they are at a sizable disadvantage. The imbalanced winnings in D.F.S. have been an open secret since this past September, when Bloomberg Businessweek published an exposé on the habits of high-volume players. The numbers are damning. According to DraftKings data obtained by the New York State attorney general’s office, between 2013 and 2014, 89.3 percent of players had a negative return on investment. A recent McKinsey study showed that in the first half of the 2015 Major League Baseball season, 91 percent of the prize money was won by a mere 1.3 percent of the players.
So, how is this at all fun to casual players? Someone explain it to me.
Since my company is closed today, and I have no obligations until late this afternoon, I'm taking my time fixing a bug and deploying a software package. So I actually have the bandwidth to read these articles right now, as opposed to "someday:"
- Citylab has a list of terms and myths they'd like to retire, including "Artisinal" and "Wider roads = less traffic." (They also have a list of traffic myths that need retiring too.)
- Back in November, Paris' Orly airport couldn't give pilots runway visual range because of a Windows 3.1 glitch. You read that right. (And notice that PC Mag's site still uses classic ASP. That, right there, is irony.)
- Cory Doctorow points out the security and legal problems with self-driving cars, from which one should draw more general lessons about the intersections of law, ethics, and code.
- Anita Sarkeesian reviews "The Force Awakens" positively. (If you're familiar with Feminist Frequency, you know why this is noteworthy.)
- Talking Points Memo has announced the 2015 Golden Duke Awards. Winners include Dennis Hastert, Kim Davis, and other people deserving ridicule.
I do have to fix this bug, though. Better get back to it now.