I believe that the salt is able to prevent rainbow tables because of storage capacity, as rainbow tables are quite large.
That makes the pre-generation of these rainbow tables quite impossible, especially with how long many salts are.
Now of course you can start generation when you have the salt but that doesn't really make any difference between just cracking the passwords as you go.
Whether or not it would have helped LinkedIN I can't really say but it probably would have been a bit better as people woulnd't have been able to compare the list to known passwords as quickly (but probably not much of a difference there if they knew the salt).
I see xkcd's passphrase is correcthorsebatterystaple and think that it is the wrong way to do it.
The memorization of that password would work much better than a simple passphrase like that.
I.E. the actual password would be:
"That's a battery staple. Correct!"
And I don't believe that people will easily be able to crack that even with the minimal randomness that has been put in with current techniques. Sure if natural language cracking becomes popular you may have to become a little more creative like using a made up word or name or a number but even your example if no one knows what your password is:
"My Phone number is (123) 546-8794."
should be sufficient for a very hard to crack password. And again is many times better than a simple dictionary passphrase with a few words combined.
Yeah, mostly because it is proprietary and crashes often (Mathematica 8 especially).
The vast majority of students in my program are non-programmers. The only 'programming language' they know is mathematica which I think is a real shame.
Worse than that is that most of them have developed a dependence on Mathematica; without it they are severely limited in what they can do.
We are provided with free copies (student version), but once we graduate will have to pay the full price if we want to continue using it.
I guess I just don't like having my abilities to solve problems tied to an expensive, closed source program. I do admit, it is very powerful.
> The only 'programming language' they know is mathematica which I think is a real shame.
Mathematica is a real functional programming language. It's a lisp with CamelCase builtins and consistent naming. And that's without any of its math goodness. It has superb documentation and a huge standard library. If you master it, you can master any lisp with a simple translator. matlab is a toy by comparison.
At university in the "signal processing" lecture, I solved all exercises in Python while most students used MatLab (which was recommended by the lecturer). I just did it because I like Python, and expected my solutions to be clumsier and more "lowlevel". But when we compared our programs, I was surprised that MatLab didn't offer any more useful building blocks (libraries/functions) than Python, at least for our tasks at hand. And the Python code was quite clear, but that's probably a matter of taste.
If it's about programming and math, Python really plays its strengths: Clean syntax, functional programming features, numpy, sympy, linalg, etc.
I really don't understand this kind of aversion to proprietary programs. Mathematica is a high quality program with excellent documentation (I cannot comment on crashes - it never crashed on my but I'm not using it that extensively). Maintaining and improving such product takes a lot of effort that should be paid for. Student version is really inexpensive at $139 - most books cost comparable sums of money. Once you get a job with real income, you can either ask your employer to buy it for you or can afford to buy it yourself.
As author(s) of Mathics will surely discover very soon, the devil is in details. There are lots of corner cases and improvement opportunities that takes many man-years to implement. It may seem easy to get 50% of functionality quickly; getting the other half is much trickier.
The general problem with proprietary software in sciences (not just math) is that it cuts the chain of replicability and confirmability. Unless you have the source (in a human-readable form) and have the right to compile it on your own, this is a shaky ground to rely scientifiy results on.
This is not an issue if you use that software for dicovering stuff. But it is a huge problem for e.g. mathematical proofs, or statistical analysis in other fields.
Note that I'm not saying that proprietary software has more bugs. But it's a problem if your result depends on using a black-box whose creators hide their implementation from you. Also, even if your may read their code, this is worthless unless you are allowed to compile your own version from that.
Also note that the same issue exists with hardware, but the question whether your processor adds and multiplies correctly is on a totally different level than whether complex algorithms have been implemented correctly.
Do you think the world would be better off if Mathematica, Matlab, SPSS etc didn't exist?
In reality, they make experiments more repeatable, not less. The real offender is the in-house, proprietary software developed by individual research groups. It is almost never open sourced. And it is far more likely to be riddled with bugs.
Computer experiments are just that: experiments. Any real researcher employs multiple methods to confirm their results.
> Do you think the world would be better off if Mathematica, Matlab, SPSS etc didn't exist?
No, but I will celebrate a decent open source alternative, which is what the root was probably suggesting as well. Mathematica is great as an entry software - much like MS Word for word processing. But having LibreOffice is good.
> The real problem isn't reproducibility, it is extensibility
I think its both. Extensibility is obviously an issue. But so is extensibility, I will give two reasons for it:
1. Easy reproducibility is necessary for extensibility. Firstly, academia is not very good at publishing their tools or their codebases. We have given so much weight to the concept behind the implementations and not the implementations themselves, that most people skip publishing implementations. What it means is that the next research group now has to start from scratch in implementing the concepts before they can think of extending the work. Reproducibility is not only to verify previously reported results, but also to create a starting point for further work. Secondly, given that the tools that the researcher is using is proprietary, the trend is to make it closed source. It may be because the tool is not ubiquitous and hence the researcher sees no point in distributing his/her implementations - or because he had not followed any guidelines (or in case of Matlab and Mathematica - they didn't exist/were-not-popular). He might not be sure about his implementations, and hence cannot publish them.
2. Reproducibility has always been the base for science. I don't need to trust the work a random researcher that I don't personally know. I can just verify his/her findings myself. The requirement of commercial software creates a huge monetary barrier in this. It is wasteful of me to buy a licence for a simple verification that I am not planning to extend. Given that non-academic licenses of most of these softwares are insanely expensive, it makes this verification to be confined to researchers from big research groups in large companies.
I can't run Mathematica code at home without paying a licence. I can't run it at work without convincing my employer to pay the licence. Actually, I can't run a single line of Mathematica code right now. I can't share it with my friends (to edit, modify, etc).
One of Mathematica's authors offers an unexpected non-solution to that:
"But we're still trying to figure out the best ways to make Mathematica as a language be as fully open as possible"
When given the tradeoff between keeping their company running and risk losing language integrity, they rather keep the company running. That's fine for me, but that means that in the meantime I'd use something else. Mathics might change that.
They did try to solve that with the Home edition version, it is a bit more than 2x more expensive than the student version but it does solve running mathematica for cheaper as long as you aren't using it for work.
I have tried open-source (octave,mathics) and closed-source (matlab, mathematica, maple) and I can say that nothing comes close to mathematica. In our physics lab, mathematica has truly changed our entire workflow, making it a lot simpler to focus on the real crux of the problem; instead of dawdling around in symbolic manipulation.
I'm not sure what they are using in undergraduate courses, but I think the toolchain by Wolfram has really advanced the way scientists work. It's far from perfect, but it is an amazing tool.
That seems kind of shady, I mean sure it sucks that it happens and it is kind of bad to have it as your top post but publishing just because you don't want it to be the latest post kinda downplays the publicity factor of being honest about what happened.
I'm sure j_s's comment was meant as tongue-in-cheek and not as an actual criticism. I have every confidence that eastdakota's response (http://news.ycombinator.com/item?id=4066982) indicating that it was just a coincidence is true.
Well then you get other problems such as dirty oil (unless you have a good seal). The biggest problem I see is that it lasts as long as the shortest lifespan of all the components then you get to go through buying a new one or the mess of replacing that part.