Here are a couple of interesting articles from the last few days on Slashdot.
First, comes in a very non-surprising survey saying that “40 percent of organizations store admin passwords in Word documents“. Judging from my personal experiences in different companies, I’d say this number is much higher if you extend the Word documents to Excel spreadsheets and plain text files. I think pretty much every single company I’ve worked at used such common files for admin password storage (at least at some point).
“Why or why?!!!”, the security concerned among you might scream. Well, I think there are two reasons for this. The first one is that password management is complicated. There are tools that help with this, but even those are rarely easy to use. Storing the passwords in a secure, encrypted storage is one thing. But, how do you share them with just the right people? How do you trust the tool? What happens if the file gets corrupted, the software updates, the license expires, or the master password is lost? The risk of losing admin access to all your equipment and accounts is scary. On top of that, there is the issue of changing passwords (especially when people leave the company) – not a simple job if you have a variety of accounts (hardware, software, services, etc) and a lot of people who have a varying degree of access. Or automation scripts that need access to perform large scale operations. Personally, I don’t think this problem has been solved yet.
The second reason is in this other Slashdot post – “Sad Reality: It’s Cheaper To Get Hacked Than Build Strong IT Defenses“. This is very true as well. A simple firewall and a strong password policy is often more than enough for many organizations. The risks of compromise are low. In those cases where it does happen, you’d often get some script kiddie consequence like a Bitcoin mining app or affiliate links spread across your website. Both are quite easy to detect and fix. Is it worth investing hundreds of thousands in equipment and personnel to prevent this? For many companies it is not.
The fact of the matter is that a lot of people don’t really care about security or privacy on the personal level, and that then translates into the organizational mentality as well.
Just think about people leaving in all those high crime areas. Some of them think the risk is worth it – maybe then can make more money there or have a more exciting life. Some of them simply can’t afford to move anywhere. That’s very similar to the digital security, I think. Some don’t care and prefer to run the risk, saving the money on protection. Some simply can’t afford to have a decent level of security.
On a more technical note, I think this is also related to the explosion of editors and IDEs in the recent years, which, as good as they are, aren’t as good as Vim. Vim allows for a very flexible configuration, where your code can be formatted and re-formatted any way you like, making tabs or spaces a non-issue at all.
Regardless of the results of the study, what’s more interesting is the method and tools used. I’ve had my eye on the Google Big Query for a while now, but I’m too busy these days to give it a try. The article gives a few insights, into how awesome the tool is. 1.6 terabytes of data processed in 864.6 seconds:
That query took a relative long time since it involved joining a 190 million rows table with a 70 million rows one, and over 1.6 terabytes of contents. But don’t worry about having to run it, since I left the result publicly available at [fh-bigquery:github_extracts.contents_top_repos_top_langs].
Analyzing each line of 133 GBs of code in 16 seconds? That’s why I love BigQuery.
If you enjoyed this article, also have a look at “Analyzing GitHub issues and comments with BigQuery“, which works with a similar-sized data, trying to figure out how to write bug reports and pull request comments, so that they would be acted upon faster.
National Cancer Institute has an interesting update on cannabis … Basically, marijuana is not yet universally approved as a medical treatment for cancer (only in a few states for now), but quite a few large studies suggest that not only it’s not harmful, but quite helpful for both cancer treatment and post-treatment relief.
I think this is a good step in the direction of “the world is not black and white”. We’ve been tagging everything as just good or bad for way too long. It’s time to start looking at benefits and side effects in a bit more detail.
Even obscure variables such as how frequently a user recharges the phone’s battery, how many incoming text messages they receive, how many miles they travel in a given day or how they enter contacts into their phone — the decision to add last name correlates with creditworthiness — can bear on a decision to extend credit.
The test subjects used their phones more than five hours a day, on average. Much of that usage went on unconsciously, the researchers found. When the subjects were asked to estimate how often they checked their phone during a day, the average answer was 37 times. The tracking data revealed, however, that the subjects actually used their phones 85 times a day on average, more than twice as often as they thought.
It’s an interesting read, though not too surprising.
It’s been said many times that you can’t buy happiness with money. The Washington Post runs the article about the research that begs to differ:
Not only did the extra income appear to lower the instance of behavioral and emotional disorders among the children, but, perhaps even more important, it also boosted two key personality traits that tend to go hand in hand with long-term positive life outcomes.
The first is conscientiousness. People who lack it tend to lie, break rules and have trouble paying attention. The second is agreeableness, which leads to a comfort around people and aptness for teamwork. And both are strongly correlated with various forms of later life success and happiness.
Congratulations, gamer girls—you’re officially at the top of the food chain when it comes to games. A new study released by the Entertainment Software Association has revealed that adult women now occupy the largest demographic in the gaming industry. Women over 18 made up a whopping 36 percent of the gaming population, followed by adult men at 35 percent.
Teenage boys, who are often stereotyped as the biggest gamers, now lag far behind their older female counterparts, making up just 17 percent of the gaming demographic.