Loading ...
Sorry, an error occurred while loading the content.

Re: [xr3car] Re: Off Topic

Expand Messages
  • Khouri Giordano
    Only 3 more weeks until Formula1 starts. http://www.formula1.com/races/calendar.html  Technically, these are gas/[electric, mechanical or hydraulic] parallel
    Message 1 of 24 , Feb 24, 2012
    View Source
    • 0 Attachment
      Only 3 more weeks until Formula1 starts.


      Technically, these are gas/[electric, mechanical or hydraulic] parallel hybrid vehicles even though they get 3 or 4 miles per gallon.



      From: Bob Scoville <scovilleb@...>
      To: "xr3car@yahoogroups.com" <xr3car@yahoogroups.com>
      Sent: Friday, February 24, 2012 10:39 AM
      Subject: RE: [xr3car] Re: Off Topic

       
      The reason I say that is that the Budweiser Shootout this week had a halftime break. I thought it was an interesting concept. There would be enough time to swap out the batteries.
       
      From: xr3car@yahoogroups.com [mailto:xr3car@yahoogroups.com] On Behalf Of Bob Scoville
      Sent: Friday, February 24, 2012 8:35 AM
      To: xr3car@yahoogroups.com
      Subject: RE: [xr3car] Re: Off Topic
       



      Are there any electric cars in it yet?
       
       
      Bob Scoville
      Drafter
      Rocky Mountain Prestress
      scovilleb@...
      Direct 303-964-7053
      Cell
      This e-mail transmission may contain information that is proprietary, privileged and/or confidential and is intended exclusively for the person(s) to whom it is addressed. Any use, copying, retention or disclosure by any person other than the intended recipient or the intended recipient's designees is strictly prohibited. If you are not the intended recipient or their designee, please notify the sender immediately by return e-mail and delete all copies. Rocky Mountain Prestress may, at its sole discretion, monitor, review, retain and/or disclose the content of all email communications.
      From: xr3car@yahoogroups.com [mailto:xr3car@yahoogroups.com] On Behalf Of pat riepl
      Sent: Friday, February 24, 2012 8:29 AM
      To: xr3car@yahoogroups.com
      Subject: Re: [xr3car] Re: Off Topic
       


      So how about the indy 500 this weekend!  That is where the metal meets the meat.right?
       
      From: "talon@..." <talon@...>
      To: xr3car@yahoogroups.com
      Sent: Wednesday, February 22, 2012 3:12 PM
      Subject: Re: [xr3car] Re: Off Topic
       
       
      As an exercise,  the math is fun, but something not mentioned is the fact that the resulting number is to crack all permutations.  If a brute force cracker is employed, it will stop when the crack is complete, so the average time to crack is exactly half of the calculated time to crack every combination.  Still a long time though. 

      If your calculated time-to-crack is, say, a year, divide that in half and you get 6 months.  Simply change your password every quarter and you will be fairly safe.  Quite frankly, using the same password for more than one account is a lot bigger issue.  If one is cracked, they all are at risk, and people tend to keep the same passwords longer on social media sites, or forget they have signed up and never change the password.

      A good source of pretty good, easily remembered passwords are automotive vanity plates.

      Just my two cents worth. . .

      TALON

      Connected by DROID on Verizon Wireless


      -----Original message-----
      From: DavidH <dsh1001@...>
      To:
      xr3car@yahoogroups.com
      Sent:
      Wed, Feb 22, 2012 20:44:05 GMT+00:00
      Subject:
      [xr3car] Re: Off Topic
       
      Entertaining and informative I'd say. It gives me something to do when I am not out campaigning for the communist party. (because they are so much better and smarter than Democrats or Republicans) ;-)

      I agree that it may be just as hard to "guess" a password of several words in a row but computers are not guessing.

      I was basing my math on the 62 characters you mentioned and 16 "friendly" punctuation characters. So called because they will work with almost any password system. Some of the punctuation marks are not allowed on some sites for use in passwords. I forget which are the "friendly" ones but i think it is all of the ones above the numbers plus the tilde and all the brackets. (I did say 76 characters but I should have said 78)

      They methodically go through every possible combination of whatever characters they are set to use. words are characters and no matter what words you use or how many, that combination of characters will come up in a search of all possible combinations.

      ilovecookies will pop up in that search and so will ilovespoons, spoonsloveme, catseatmice and every other combination of words you can possibly string together. All things being equal, it would be just as hard to crack a password with words in them as it would be to crack a password of similar length that is random but all lower case.

      Unfortunately, all things are not equal in this case. Most people have a vocabulary of about 10,000 words but only use about 1000 of them or less on a regular basis.This makes it easy to crack a code like ilovecookies because they are all common words.

      If you throw in words like desideratum or eleemosynary then you are almost on par with a password of random letters.

      BTW my dictionary has 300,000 words (or so it says) but I have been told that I have a big dic tionary. http://www.oed.com/ claims to have over 600,000 words which just goes to show that no matter how big you think your dic tionary is, someone, somewhere has a bigger one.

      --- In xr3car@yahoogroups.com, Khouri Giordano <khourig@...> wrote:
      >
      > This is getting further off topic, but I haven't seen any complaints yet, so maybe it's entertaining anyway.
      >
      > Either your math is wrong or I'm not understanding you correctly.
      >
      > A random password uses a set of characters: 26 lower case, 26 upper case, 10 digits and a few symbols. Ignoring the symbols and just using letters and numbers, there are 26+26+10 = 62 possibilities for each character. Most of the time, there is an eight character minimum length for passwords. That would be 62^8 = 2.18 x 10^14 (~47 bits) possibilities. If the upper limit is 16 characters, then it's 62^8 + 62^9 + 62^10 .. + 62^16 = 4.84 x 10^28 (~95 bits) possibilities.
      >
      > This page mentions there are about 200,000 English words, but let's just use 1,000 = 10^3 (~10 bits) common ones as an example. Four random words would give 10^12 (~40 bits) possibilities. Assuming this fits into the above mentioned 16 character limit, a brute force attack that does not know you chose four English words in lower case, still would have 4.84 x 10^28 (~95 bits) combinations to consider. In this view, both "password" and "1Wz522GdCKd715Vw" are equally valid.
      >
      > With all of that out of the way, attackers have a list of things they try first: "password", hobbies and common names. If they know something about you, they can try dates relevant to your life. If they know that you chose four random words in all lower case from a list of 1,000 specific words, then they've reduced their combination space to 10^12 (~40 bits), which, admittedly is less than eight random characters with 62^8 = 2.18 x 10^14 (~47 bits) possibilities.
      >
      > My point was that four words will be more memorable to you and just as hard to guess. Security is a chain which is only as strong as its weakest link. The first historic cracker that I know used social engineering to get into systems. 
      >
      >
      >
      > >________________________________
      > > From: DavidH <dsh1001@...>
      > >To: xr3car@yahoogroups.com
      > >Sent: Tuesday, February 21, 2012 10:02 PM
      > >Subject: [xr3car] Re: Off Topic
      > >
      > >
      > > 
      > ><<"= quoted text">>
      > ><<" In short, use the password that fits what you're trying to protect.">>
      > >
      > >I agree completely. a lot of applications don't need super strong passwords. But if you don't want your friends getting spammed because they are in your address book and your account gets hacked, then at least follow a couple of simple guidelines. Make your password at least 8 characters long and throw a couple of capital letters in there.
      > >
      > ><<"Being able to try 30,000 passwords in an hour could in many cases be dropped to 5 tries every few hours.">>
      > >
      > >This is sort of right except the pros use hijacked computers so they have more like 30,000 computers trying 30,000 passwords every few minutes for each email server they are trying to hack.
      > >
      > ><<"Having a larger selection of characters to choose from may make it take longer, but extending the length of the password to 4 words would do the same.">>
      > >
      > >I think that may be a bit of an understaement. My scenario was based on the two different types of passwords described being of equal length.
      > >
      > >A password with upper/lowercase, numbers and only the 16 "friendly"38 punctuation marks has a possibility of 76 characters for each space used in the password. ilovecookies only has 3.67034449 Ã 10^15 possibilities wheres an alphanumeric as described of equal length would have 6.50190515 Ã 10^20 possibilities.
      > >
      > >That means that even though ilovecookies seems to have a pretty big number attached to it, an alphanumeric/symbol password of that same 11 character length would have 177,147 TIMES the 3.67034449 Ã 10^15 provided by the eleven digit password ilovecookies. "Making it take longer" is the whole point of creating a unique password. A fully random password as described would not make it take just a little longer to crack the fully random password, it would take a Loooot longer. Even if they had an unrealistically super fast setup that could crack ilovecookies in an hour, it would take them (177 147 / 24) / 365.25 = 20.2084189 years to crack the alphanumeric.
      > >
      > >If it is something important to be password protected, I would rather it take them 20 years rather than an hour.
      > >
      > >As a final thought about beefing up your password, Consider this; ilovecookies or any password with all lowercase letters can be improved significantly by adding a single capitol letter. Just change it to ilovEcookies and your password is almost three times more secure by adding 7.05835481 Ã 10^15 more unique combinations for a total of 1.07286993 Ã 10^16 possible combinations.
      > >
      > >
      > >
      > >
      > >
      >
       


       





    • Tony Cortez
      Indy 500???? It s the Daytona 500!! ... From: pat riepl To: xr3car@yahoogroups.com Sent: Friday, February 24, 2012 7:29 AM Subject: Re: [xr3car] Re: Off Topic
      Message 2 of 24 , Feb 24, 2012
      View Source
      • 0 Attachment
        
        Indy 500????  It's the Daytona 500!!
         
        ----- Original Message -----
        From: pat riepl
        Sent: Friday, February 24, 2012 7:29 AM
        Subject: Re: [xr3car] Re: Off Topic

         

        So how about the indy 500 this weekend!  That is where the metal meets the meat.right?

        From: "talon@..." <talon@...>
        To: xr3car@yahoogroups.com
        Sent: Wednesday, February 22, 2012 3:12 PM
        Subject: Re: [xr3car] Re: Off Topic

         
        As an exercise,  the math is fun, but something not mentioned is the fact that the resulting number is to crack all permutations.  If a brute force cracker is employed, it will stop when the crack is complete, so the average time to crack is exactly half of the calculated time to crack every combination.  Still a long time though. 

        If your calculated time-to-crack is, say, a year, divide that in half and you get 6 months.  Simply change your password every quarter and you will be fairly safe.  Quite frankly, using the same password for more than one account is a lot bigger issue.  If one is cracked, they all are at risk, and people tend to keep the same passwords longer on social media sites, or forget they have signed up and never change the password.

        A good source of pretty good, easily remembered passwords are automotive vanity plates.

        Just my two cents worth. . .

        TALON

        Connected by DROID on Verizon Wireless


        -----Original message-----
        From: DavidH <dsh1001@...>
        To:
        xr3car@yahoogroups.com
        Sent:
        Wed, Feb 22, 2012 20:44:05 GMT+00:00
        Subject:
        [xr3car] Re: Off Topic

         
        Entertaining and informative I'd say. It gives me something to do when I am not out campaigning for the communist party. (because they are so much better and smarter than Democrats or Republicans) ;-)

        I agree that it may be just as hard to "guess" a password of several words in a row but computers are not guessing.

        I was basing my math on the 62 characters you mentioned and 16 "friendly" punctuation characters. So called because they will work with almost any password system. Some of the punctuation marks are not allowed on some sites for use in passwords. I forget which are the "friendly" ones but i think it is all of the ones above the numbers plus the tilde and all the brackets. (I did say 76 characters but I should have said 78)

        They methodically go through every possible combination of whatever characters they are set to use. words are characters and no matter what words you use or how many, that combination of characters will come up in a search of all possible combinations.

        ilovecookies will pop up in that search and so will ilovespoons, spoonsloveme, catseatmice and every other combination of words you can possibly string together. All things being equal, it would be just as hard to crack a password with words in them as it would be to crack a password of similar length that is random but all lower case.

        Unfortunately, all things are not equal in this case. Most people have a vocabulary of about 10,000 words but only use about 1000 of them or less on a regular basis.This makes it easy to crack a code like ilovecookies because they are all common words.

        If you throw in words like desideratum or eleemosynary then you are almost on par with a password of random letters.

        BTW my dictionary has 300,000 words (or so it says) but I have been told that I have a big dic tionary. http://www.oed.com/ claims to have over 600,000 words which just goes to show that no matter how big you think your dic tionary is, someone, somewhere has a bigger one.

        --- In xr3car@yahoogroups.com, Khouri Giordano <khourig@...> wrote:
        >
        > This is getting further off topic, but I haven't seen any complaints yet, so maybe it's entertaining anyway.
        >
        > Either your math is wrong or I'm not understanding you correctly.
        >
        > A random password uses a set of characters: 26 lower case, 26 upper case, 10 digits and a few symbols. Ignoring the symbols and just using letters and numbers, there are 26+26+10 = 62 possibilities for each character. Most of the time, there is an eight character minimum length for passwords. That would be 62^8 = 2.18 x 10^14 (~47 bits) possibilities. If the upper limit is 16 characters, then it's 62^8 + 62^9 + 62^10 .. + 62^16 = 4.84 x 10^28 (~95 bits) possibilities.
        >
        > This page mentions there are about 200,000 English words, but let's just use 1,000 = 10^3 (~10 bits) common ones as an example. Four random words would give 10^12 (~40 bits) possibilities. Assuming this fits into the above mentioned 16 character limit, a brute force attack that does not know you chose four English words in lower case, still would have 4.84 x 10^28 (~95 bits) combinations to consider. In this view, both "password" and "1Wz522GdCKd715Vw" are equally valid.
        >
        > With all of that out of the way, attackers have a list of things they try first: "password", hobbies and common names. If they know something about you, they can try dates relevant to your life. If they know that you chose four random words in all lower case from a list of 1,000 specific words, then they've reduced their combination space to 10^12 (~40 bits), which, admittedly is less than eight random characters with 62^8 = 2.18 x 10^14 (~47 bits) possibilities.
        >
        > My point was that four words will be more memorable to you and just as hard to guess. Security is a chain which is only as strong as its weakest link. The first historic cracker that I know used social engineering to get into systems. 
        >
        >
        >
        > >________________________________
        > > From: DavidH <dsh1001@...>
        > >To: xr3car@yahoogroups.com
        > >Sent: Tuesday, February 21, 2012 10:02 PM
        > >Subject: [xr3car] Re: Off Topic
        > >
        > >
        > > 
        > ><<"= quoted text">>
        > ><<" In short, use the password that fits what you're trying to protect.">>
        > >
        > >I agree completely. a lot of applications don't need super strong passwords. But if you don't want your friends getting spammed because they are in your address book and your account gets hacked, then at least follow a couple of simple guidelines. Make your password at least 8 characters long and throw a couple of capital letters in there.
        > >
        > ><<"Being able to try 30,000 passwords in an hour could in many cases be dropped to 5 tries every few hours.">>
        > >
        > >This is sort of right except the pros use hijacked computers so they have more like 30,000 computers trying 30,000 passwords every few minutes for each email server they are trying to hack.
        > >
        > ><<"Having a larger selection of characters to choose from may make it take longer, but extending the length of the password to 4 words would do the same.">>
        > >
        > >I think that may be a bit of an understaement. My scenario was based on the two different types of passwords described being of equal length.
        > >
        > >A password with upper/lowercase, numbers and only the 16 "friendly"38 punctuation marks has a possibility of 76 characters for each space used in the password. ilovecookies only has 3.67034449 Ã 10^15 possibilities wheres an alphanumeric as described of equal length would have 6.50190515 Ã 10^20 possibilities.
        > >
        > >That means that even though ilovecookies seems to have a pretty big number attached to it, an alphanumeric/symbol password of that same 11 character length would have 177,147 TIMES the 3.67034449 Ã 10^15 provided by the eleven digit password ilovecookies. "Making it take longer" is the whole point of creating a unique password. A fully random password as described would not make it take just a little longer to crack the fully random password, it would take a Loooot longer. Even if they had an unrealistically super fast setup that could crack ilovecookies in an hour, it would take them (177 147 / 24) / 365.25 = 20.2084189 years to crack the alphanumeric.
        > >
        > >If it is something important to be password protected, I would rather it take them 20 years rather than an hour.
        > >
        > >As a final thought about beefing up your password, Consider this; ilovecookies or any password with all lowercase letters can be improved significantly by adding a single capitol letter. Just change it to ilovEcookies and your password is almost three times more secure by adding 7.05835481 Ã 10^15 more unique combinations for a total of 1.07286993 Ã 10^16 possible combinations.
        > >
        > >
        > >
        > >
        > >
        >



      • pat riepl
        electric cars in a nascar race would definitly help in battery and electric motor developement.    ________________________________ From: Bob Scoville
        Message 3 of 24 , Feb 26, 2012
        View Source
        • 0 Attachment
          electric cars in a nascar race would definitly help in battery and electric motor developement. 
           

          From: Bob Scoville <scovilleb@...>
          To: "xr3car@yahoogroups.com" <xr3car@yahoogroups.com>
          Sent: Friday, February 24, 2012 9:39 AM
          Subject: RE: [xr3car] Re: Off Topic

           
          The reason I say that is that the Budweiser Shootout this week had a halftime break. I thought it was an interesting concept. There would be enough time to swap out the batteries.
           
          From: xr3car@yahoogroups.com [mailto:xr3car@yahoogroups.com] On Behalf Of Bob Scoville
          Sent: Friday, February 24, 2012 8:35 AM
          To: xr3car@yahoogroups.com
          Subject: RE: [xr3car] Re: Off Topic
           



          Are there any electric cars in it yet?
           
           
          Bob Scoville
          Drafter
          Rocky Mountain Prestress
          scovilleb@...
          Direct 303-964-7053
          Cell
          This e-mail transmission may contain information that is proprietary, privileged and/or confidential and is intended exclusively for the person(s) to whom it is addressed. Any use, copying, retention or disclosure by any person other than the intended recipient or the intended recipient's designees is strictly prohibited. If you are not the intended recipient or their designee, please notify the sender immediately by return e-mail and delete all copies. Rocky Mountain Prestress may, at its sole discretion, monitor, review, retain and/or disclose the content of all email communications.
          From: xr3car@yahoogroups.com [mailto:xr3car@yahoogroups.com] On Behalf Of pat riepl
          Sent: Friday, February 24, 2012 8:29 AM
          To: xr3car@yahoogroups.com
          Subject: Re: [xr3car] Re: Off Topic
           


          So how about the indy 500 this weekend!  That is where the metal meets the meat.right?
           
          From: "talon@..." <talon@...>
          To: xr3car@yahoogroups.com
          Sent: Wednesday, February 22, 2012 3:12 PM
          Subject: Re: [xr3car] Re: Off Topic
           
           
          As an exercise,  the math is fun, but something not mentioned is the fact that the resulting number is to crack all permutations.  If a brute force cracker is employed, it will stop when the crack is complete, so the average time to crack is exactly half of the calculated time to crack every combination.  Still a long time though. 

          If your calculated time-to-crack is, say, a year, divide that in half and you get 6 months.  Simply change your password every quarter and you will be fairly safe.  Quite frankly, using the same password for more than one account is a lot bigger issue.  If one is cracked, they all are at risk, and people tend to keep the same passwords longer on social media sites, or forget they have signed up and never change the password.

          A good source of pretty good, easily remembered passwords are automotive vanity plates.

          Just my two cents worth. . .

          TALON

          Connected by DROID on Verizon Wireless


          -----Original message-----
          From: DavidH <dsh1001@...>
          To:
          xr3car@yahoogroups.com
          Sent:
          Wed, Feb 22, 2012 20:44:05 GMT+00:00
          Subject:
          [xr3car] Re: Off Topic
           
          Entertaining and informative I'd say. It gives me something to do when I am not out campaigning for the communist party. (because they are so much better and smarter than Democrats or Republicans) ;-)

          I agree that it may be just as hard to "guess" a password of several words in a row but computers are not guessing.

          I was basing my math on the 62 characters you mentioned and 16 "friendly" punctuation characters. So called because they will work with almost any password system. Some of the punctuation marks are not allowed on some sites for use in passwords. I forget which are the "friendly" ones but i think it is all of the ones above the numbers plus the tilde and all the brackets. (I did say 76 characters but I should have said 78)

          They methodically go through every possible combination of whatever characters they are set to use. words are characters and no matter what words you use or how many, that combination of characters will come up in a search of all possible combinations.

          ilovecookies will pop up in that search and so will ilovespoons, spoonsloveme, catseatmice and every other combination of words you can possibly string together. All things being equal, it would be just as hard to crack a password with words in them as it would be to crack a password of similar length that is random but all lower case.

          Unfortunately, all things are not equal in this case. Most people have a vocabulary of about 10,000 words but only use about 1000 of them or less on a regular basis.This makes it easy to crack a code like ilovecookies because they are all common words.

          If you throw in words like desideratum or eleemosynary then you are almost on par with a password of random letters.

          BTW my dictionary has 300,000 words (or so it says) but I have been told that I have a big dic tionary. http://www.oed.com/ claims to have over 600,000 words which just goes to show that no matter how big you think your dic tionary is, someone, somewhere has a bigger one.

          --- In xr3car@yahoogroups.com, Khouri Giordano <khourig@...> wrote:
          >
          > This is getting further off topic, but I haven't seen any complaints yet, so maybe it's entertaining anyway.
          >
          > Either your math is wrong or I'm not understanding you correctly.
          >
          > A random password uses a set of characters: 26 lower case, 26 upper case, 10 digits and a few symbols. Ignoring the symbols and just using letters and numbers, there are 26+26+10 = 62 possibilities for each character. Most of the time, there is an eight character minimum length for passwords. That would be 62^8 = 2.18 x 10^14 (~47 bits) possibilities. If the upper limit is 16 characters, then it's 62^8 + 62^9 + 62^10 .. + 62^16 = 4.84 x 10^28 (~95 bits) possibilities.
          >
          > This page mentions there are about 200,000 English words, but let's just use 1,000 = 10^3 (~10 bits) common ones as an example. Four random words would give 10^12 (~40 bits) possibilities. Assuming this fits into the above mentioned 16 character limit, a brute force attack that does not know you chose four English words in lower case, still would have 4.84 x 10^28 (~95 bits) combinations to consider. In this view, both "password" and "1Wz522GdCKd715Vw" are equally valid.
          >
          > With all of that out of the way, attackers have a list of things they try first: "password", hobbies and common names. If they know something about you, they can try dates relevant to your life. If they know that you chose four random words in all lower case from a list of 1,000 specific words, then they've reduced their combination space to 10^12 (~40 bits), which, admittedly is less than eight random characters with 62^8 = 2.18 x 10^14 (~47 bits) possibilities.
          >
          > My point was that four words will be more memorable to you and just as hard to guess. Security is a chain which is only as strong as its weakest link. The first historic cracker that I know used social engineering to get into systems. 
          >
          >
          >
          > >________________________________
          > > From: DavidH <dsh1001@...>
          > >To: xr3car@yahoogroups.com
          > >Sent: Tuesday, February 21, 2012 10:02 PM
          > >Subject: [xr3car] Re: Off Topic
          > >
          > >
          > > 
          > ><<"= quoted text">>
          > ><<" In short, use the password that fits what you're trying to protect.">>
          > >
          > >I agree completely. a lot of applications don't need super strong passwords. But if you don't want your friends getting spammed because they are in your address book and your account gets hacked, then at least follow a couple of simple guidelines. Make your password at least 8 characters long and throw a couple of capital letters in there.
          > >
          > ><<"Being able to try 30,000 passwords in an hour could in many cases be dropped to 5 tries every few hours.">>
          > >
          > >This is sort of right except the pros use hijacked computers so they have more like 30,000 computers trying 30,000 passwords every few minutes for each email server they are trying to hack.
          > >
          > ><<"Having a larger selection of characters to choose from may make it take longer, but extending the length of the password to 4 words would do the same.">>
          > >
          > >I think that may be a bit of an understaement. My scenario was based on the two different types of passwords described being of equal length.
          > >
          > >A password with upper/lowercase, numbers and only the 16 "friendly"38 punctuation marks has a possibility of 76 characters for each space used in the password. ilovecookies only has 3.67034449 Ã 10^15 possibilities wheres an alphanumeric as described of equal length would have 6.50190515 Ã 10^20 possibilities.
          > >
          > >That means that even though ilovecookies seems to have a pretty big number attached to it, an alphanumeric/symbol password of that same 11 character length would have 177,147 TIMES the 3.67034449 Ã 10^15 provided by the eleven digit password ilovecookies. "Making it take longer" is the whole point of creating a unique password. A fully random password as described would not make it take just a little longer to crack the fully random password, it would take a Loooot longer. Even if they had an unrealistically super fast setup that could crack ilovecookies in an hour, it would take them (177 147 / 24) / 365.25 = 20.2084189 years to crack the alphanumeric.
          > >
          > >If it is something important to be password protected, I would rather it take them 20 years rather than an hour.
          > >
          > >As a final thought about beefing up your password, Consider this; ilovecookies or any password with all lowercase letters can be improved significantly by adding a single capitol letter. Just change it to ilovEcookies and your password is almost three times more secure by adding 7.05835481 Ã 10^15 more unique combinations for a total of 1.07286993 Ã 10^16 possible combinations.
          > >
          > >
          > >
          > >
          > >
          >
           


           





        • pat riepl
          my bad.....I think I had Danica on my mind... ________________________________ From: Tony Cortez To: xr3car@yahoogroups.com Sent: Friday,
          Message 4 of 24 , Feb 26, 2012
          View Source
          • 0 Attachment
            my bad.....I think I had Danica on my mind...

            From: Tony Cortez <tonico222@...>
            To: xr3car@yahoogroups.com
            Sent: Friday, February 24, 2012 3:49 PM
            Subject: Re: [xr3car] Re: Off Topic

             
            
            Indy 500????  It's the Daytona 500!!
             
            ----- Original Message -----
            From: pat riepl
            Sent: Friday, February 24, 2012 7:29 AM
            Subject: Re: [xr3car] Re: Off Topic

             
            So how about the indy 500 this weekend!  That is where the metal meets the meat.right?

            From: "talon@..." <talon@...>
            To: xr3car@yahoogroups.com
            Sent: Wednesday, February 22, 2012 3:12 PM
            Subject: Re: [xr3car] Re: Off Topic

             
            As an exercise,  the math is fun, but something not mentioned is the fact that the resulting number is to crack all permutations.  If a brute force cracker is employed, it will stop when the crack is complete, so the average time to crack is exactly half of the calculated time to crack every combination.  Still a long time though. 

            If your calculated time-to-crack is, say, a year, divide that in half and you get 6 months.  Simply change your password every quarter and you will be fairly safe.  Quite frankly, using the same password for more than one account is a lot bigger issue.  If one is cracked, they all are at risk, and people tend to keep the same passwords longer on social media sites, or forget they have signed up and never change the password.

            A good source of pretty good, easily remembered passwords are automotive vanity plates.

            Just my two cents worth. . .

            TALON

            Connected by DROID on Verizon Wireless


            -----Original message-----
            From: DavidH <dsh1001@...>
            To:
            xr3car@yahoogroups.com
            Sent:
            Wed, Feb 22, 2012 20:44:05 GMT+00:00
            Subject:
            [xr3car] Re: Off Topic

             
            Entertaining and informative I'd say. It gives me something to do when I am not out campaigning for the communist party. (because they are so much better and smarter than Democrats or Republicans) ;-)

            I agree that it may be just as hard to "guess" a password of several words in a row but computers are not guessing.

            I was basing my math on the 62 characters you mentioned and 16 "friendly" punctuation characters. So called because they will work with almost any password system. Some of the punctuation marks are not allowed on some sites for use in passwords. I forget which are the "friendly" ones but i think it is all of the ones above the numbers plus the tilde and all the brackets. (I did say 76 characters but I should have said 78)

            They methodically go through every possible combination of whatever characters they are set to use. words are characters and no matter what words you use or how many, that combination of characters will come up in a search of all possible combinations.

            ilovecookies will pop up in that search and so will ilovespoons, spoonsloveme, catseatmice and every other combination of words you can possibly string together. All things being equal, it would be just as hard to crack a password with words in them as it would be to crack a password of similar length that is random but all lower case.

            Unfortunately, all things are not equal in this case. Most people have a vocabulary of about 10,000 words but only use about 1000 of them or less on a regular basis.This makes it easy to crack a code like ilovecookies because they are all common words.

            If you throw in words like desideratum or eleemosynary then you are almost on par with a password of random letters.

            BTW my dictionary has 300,000 words (or so it says) but I have been told that I have a big dic tionary. http://www.oed.com/ claims to have over 600,000 words which just goes to show that no matter how big you think your dic tionary is, someone, somewhere has a bigger one.

            --- In xr3car@yahoogroups.com, Khouri Giordano <khourig@...> wrote:
            >
            > This is getting further off topic, but I haven't seen any complaints yet, so maybe it's entertaining anyway.
            >
            > Either your math is wrong or I'm not understanding you correctly.
            >
            > A random password uses a set of characters: 26 lower case, 26 upper case, 10 digits and a few symbols. Ignoring the symbols and just using letters and numbers, there are 26+26+10 = 62 possibilities for each character. Most of the time, there is an eight character minimum length for passwords. That would be 62^8 = 2.18 x 10^14 (~47 bits) possibilities. If the upper limit is 16 characters, then it's 62^8 + 62^9 + 62^10 .. + 62^16 = 4.84 x 10^28 (~95 bits) possibilities.
            >
            > This page mentions there are about 200,000 English words, but let's just use 1,000 = 10^3 (~10 bits) common ones as an example. Four random words would give 10^12 (~40 bits) possibilities. Assuming this fits into the above mentioned 16 character limit, a brute force attack that does not know you chose four English words in lower case, still would have 4.84 x 10^28 (~95 bits) combinations to consider. In this view, both "password" and "1Wz522GdCKd715Vw" are equally valid.
            >
            > With all of that out of the way, attackers have a list of things they try first: "password", hobbies and common names. If they know something about you, they can try dates relevant to your life. If they know that you chose four random words in all lower case from a list of 1,000 specific words, then they've reduced their combination space to 10^12 (~40 bits), which, admittedly is less than eight random characters with 62^8 = 2.18 x 10^14 (~47 bits) possibilities.
            >
            > My point was that four words will be more memorable to you and just as hard to guess. Security is a chain which is only as strong as its weakest link. The first historic cracker that I know used social engineering to get into systems. 
            >
            >
            >
            > >________________________________
            > > From: DavidH <dsh1001@...>
            > >To: xr3car@yahoogroups.com
            > >Sent: Tuesday, February 21, 2012 10:02 PM
            > >Subject: [xr3car] Re: Off Topic
            > >
            > >
            > > 
            > ><<"= quoted text">>
            > ><<" In short, use the password that fits what you're trying to protect.">>
            > >
            > >I agree completely. a lot of applications don't need super strong passwords. But if you don't want your friends getting spammed because they are in your address book and your account gets hacked, then at least follow a couple of simple guidelines. Make your password at least 8 characters long and throw a couple of capital letters in there.
            > >
            > ><<"Being able to try 30,000 passwords in an hour could in many cases be dropped to 5 tries every few hours.">>
            > >
            > >This is sort of right except the pros use hijacked computers so they have more like 30,000 computers trying 30,000 passwords every few minutes for each email server they are trying to hack.
            > >
            > ><<"Having a larger selection of characters to choose from may make it take longer, but extending the length of the password to 4 words would do the same.">>
            > >
            > >I think that may be a bit of an understaement. My scenario was based on the two different types of passwords described being of equal length.
            > >
            > >A password with upper/lowercase, numbers and only the 16 "friendly"38 punctuation marks has a possibility of 76 characters for each space used in the password. ilovecookies only has 3.67034449 Ã 10^15 possibilities wheres an alphanumeric as described of equal length would have 6.50190515 Ã 10^20 possibilities.
            > >
            > >That means that even though ilovecookies seems to have a pretty big number attached to it, an alphanumeric/symbol password of that same 11 character length would have 177,147 TIMES the 3.67034449 Ã 10^15 provided by the eleven digit password ilovecookies. "Making it take longer" is the whole point of creating a unique password. A fully random password as described would not make it take just a little longer to crack the fully random password, it would take a Loooot longer. Even if they had an unrealistically super fast setup that could crack ilovecookies in an hour, it would take them (177 147 / 24) / 365.25 = 20.2084189 years to crack the alphanumeric.
            > >
            > >If it is something important to be password protected, I would rather it take them 20 years rather than an hour.
            > >
            > >As a final thought about beefing up your password, Consider this; ilovecookies or any password with all lowercase letters can be improved significantly by adding a single capitol letter. Just change it to ilovEcookies and your password is almost three times more secure by adding 7.05835481 Ã 10^15 more unique combinations for a total of 1.07286993 Ã 10^16 possible combinations.
            > >
            > >
            > >
            > >
            > >
            >





          • Hospodkas3
            Very good point, Pat! There are many talented folks that make a living in that sport/industry. John H. in Omaha ________________________________ From:pat riepl
            Message 5 of 24 , Feb 27, 2012
            View Source
            • 0 Attachment
              Very good point, Pat! There are many talented folks that make a living in that sport/industry.

              John H. in Omaha



              From: pat riepl <rieplrocket@...>
              To: "xr3car@yahoogroups.com" <xr3car@yahoogroups.com>
              Sent: Sunday, February 26, 2012 10:32 AM
              Subject: Re: [xr3car] Re: Off Topic

               
              electric cars in a nascar race would definitly help in battery and electric motor developement. 
               

              From: Bob Scoville <scovilleb@...>
              To: "xr3car@yahoogroups.com" <xr3car@yahoogroups.com>
              Sent: Friday, February 24, 2012 9:39 AM
              Subject: RE: [xr3car] Re: Off Topic

               
              The reason I say that is that the Budweiser Shootout this week had a halftime break. I thought it was an interesting concept. There would be enough time to swap out the batteries.
               
              From: xr3car@yahoogroups.com [mailto:xr3car@yahoogroups.com] On Behalf Of Bob Scoville
              Sent: Friday, February 24, 2012 8:35 AM
              To: xr3car@yahoogroups.com
              Subject: RE: [xr3car] Re: Off Topic
               



              Are there any electric cars in it yet?
               
               
              Bob Scoville
              Drafter
              Rocky Mountain Prestress
              scovilleb@...
              Direct 303-964-7053
              Cell
              This e-mail transmission may contain information that is proprietary, privileged and/or confidential and is intended exclusively for the person(s) to whom it is addressed. Any use, copying, retention or disclosure by any person other than the intended recipient or the intended recipient's designees is strictly prohibited. If you are not the intended recipient or their designee, please notify the sender immediately by return e-mail and delete all copies. Rocky Mountain Prestress may, at its sole discretion, monitor, review, retain and/or disclose the content of all email communications.
              From: xr3car@yahoogroups.com [mailto:xr3car@yahoogroups.com] On Behalf Of pat riepl
              Sent: Friday, February 24, 2012 8:29 AM
              To: xr3car@yahoogroups.com
              Subject: Re: [xr3car] Re: Off Topic
               


              So how about the indy 500 this weekend!  That is where the metal meets the meat.right?
               
              From: "talon@..." <talon@...>
              To: xr3car@yahoogroups.com
              Sent: Wednesday, February 22, 2012 3:12 PM
              Subject: Re: [xr3car] Re: Off Topic
               
               
              As an exercise,  the math is fun, but something not mentioned is the fact that the resulting number is to crack all permutations.  If a brute force cracker is employed, it will stop when the crack is complete, so the average time to crack is exactly half of the calculated time to crack every combination.  Still a long time though. 

              If your calculated time-to-crack is, say, a year, divide that in half and you get 6 months.  Simply change your password every quarter and you will be fairly safe.  Quite frankly, using the same password for more than one account is a lot bigger issue.  If one is cracked, they all are at risk, and people tend to keep the same passwords longer on social media sites, or forget they have signed up and never change the password.

              A good source of pretty good, easily remembered passwords are automotive vanity plates.

              Just my two cents worth. . .

              TALON

              Connected by DROID on Verizon Wireless


              -----Original message-----
              From: DavidH <dsh1001@...>
              To:
              xr3car@yahoogroups.com
              Sent:
              Wed, Feb 22, 2012 20:44:05 GMT+00:00
              Subject:
              [xr3car] Re: Off Topic
               
              Entertaining and informative I'd say. It gives me something to do when I am not out campaigning for the communist party. (because they are so much better and smarter than Democrats or Republicans) ;-)

              I agree that it may be just as hard to "guess" a password of several words in a row but computers are not guessing.

              I was basing my math on the 62 characters you mentioned and 16 "friendly" punctuation characters. So called because they will work with almost any password system. Some of the punctuation marks are not allowed on some sites for use in passwords. I forget which are the "friendly" ones but i think it is all of the ones above the numbers plus the tilde and all the brackets. (I did say 76 characters but I should have said 78)

              They methodically go through every possible combination of whatever characters they are set to use. words are characters and no matter what words you use or how many, that combination of characters will come up in a search of all possible combinations.

              ilovecookies will pop up in that search and so will ilovespoons, spoonsloveme, catseatmice and every other combination of words you can possibly string together. All things being equal, it would be just as hard to crack a password with words in them as it would be to crack a password of similar length that is random but all lower case.

              Unfortunately, all things are not equal in this case. Most people have a vocabulary of about 10,000 words but only use about 1000 of them or less on a regular basis.This makes it easy to crack a code like ilovecookies because they are all common words.

              If you throw in words like desideratum or eleemosynary then you are almost on par with a password of random letters.

              BTW my dictionary has 300,000 words (or so it says) but I have been told that I have a big dic tionary. http://www.oed.com/ claims to have over 600,000 words which just goes to show that no matter how big you think your dic tionary is, someone, somewhere has a bigger one.

              --- In xr3car@yahoogroups.com, Khouri Giordano <khourig@...> wrote:
              >
              > This is getting further off topic, but I haven't seen any complaints yet, so maybe it's entertaining anyway.
              >
              > Either your math is wrong or I'm not understanding you correctly.
              >
              > A random password uses a set of characters: 26 lower case, 26 upper case, 10 digits and a few symbols. Ignoring the symbols and just using letters and numbers, there are 26+26+10 = 62 possibilities for each character. Most of the time, there is an eight character minimum length for passwords. That would be 62^8 = 2.18 x 10^14 (~47 bits) possibilities. If the upper limit is 16 characters, then it's 62^8 + 62^9 + 62^10 .. + 62^16 = 4.84 x 10^28 (~95 bits) possibilities.
              >
              > This page mentions there are about 200,000 English words, but let's just use 1,000 = 10^3 (~10 bits) common ones as an example. Four random words would give 10^12 (~40 bits) possibilities. Assuming this fits into the above mentioned 16 character limit, a brute force attack that does not know you chose four English words in lower case, still would have 4.84 x 10^28 (~95 bits) combinations to consider. In this view, both "password" and "1Wz522GdCKd715Vw" are equally valid.
              >
              > With all of that out of the way, attackers have a list of things they try first: "password", hobbies and common names. If they know something about you, they can try dates relevant to your life. If they know that you chose four random words in all lower case from a list of 1,000 specific words, then they've reduced their combination space to 10^12 (~40 bits), which, admittedly is less than eight random characters with 62^8 = 2.18 x 10^14 (~47 bits) possibilities.
              >
              > My point was that four words will be more memorable to you and just as hard to guess. Security is a chain which is only as strong as its weakest link. The first historic cracker that I know used social engineering to get into systems. 
              >
              >
              >
              > >________________________________
              > > From: DavidH <dsh1001@...>
              > >To: xr3car@yahoogroups.com
              > >Sent: Tuesday, February 21, 2012 10:02 PM
              > >Subject: [xr3car] Re: Off Topic
              > >
              > >
              > > 
              > ><<"= quoted text">>
              > ><<" In short, use the password that fits what you're trying to protect.">>
              > >
              > >I agree completely. a lot of applications don't need super strong passwords. But if you don't want your friends getting spammed because they are in your address book and your account gets hacked, then at least follow a couple of simple guidelines. Make your password at least 8 characters long and throw a couple of capital letters in there.
              > >
              > ><<"Being able to try 30,000 passwords in an hour could in many cases be dropped to 5 tries every few hours.">>
              > >
              > >This is sort of right except the pros use hijacked computers so they have more like 30,000 computers trying 30,000 passwords every few minutes for each email server they are trying to hack.
              > >
              > ><<"Having a larger selection of characters to choose from may make it take longer, but extending the length of the password to 4 words would do the same.">>
              > >
              > >I think that may be a bit of an understaement. My scenario was based on the two different types of passwords described being of equal length.
              > >
              > >A password with upper/lowercase, numbers and only the 16 "friendly"38 punctuation marks has a possibility of 76 characters for each space used in the password. ilovecookies only has 3.67034449 Ã 10^15 possibilities wheres an alphanumeric as described of equal length would have 6.50190515 Ã 10^20 possibilities.
              > >
              > >That means that even though ilovecookies seems to have a pretty big number attached to it, an alphanumeric/symbol password of that same 11 character length would have 177,147 TIMES the 3.67034449 Ã 10^15 provided by the eleven digit password ilovecookies. "Making it take longer" is the whole point of creating a unique password. A fully random password as described would not make it take just a little longer to crack the fully random password, it would take a Loooot longer. Even if they had an unrealistically super fast setup that could crack ilovecookies in an hour, it would take them (177 147 / 24) / 365.25 = 20.2084189 years to crack the alphanumeric.
              > >
              > >If it is something important to be password protected, I would rather it take them 20 years rather than an hour.
              > >
              > >As a final thought about beefing up your password, Consider this; ilovecookies or any password with all lowercase letters can be improved significantly by adding a single capitol letter. Just change it to ilovEcookies and your password is almost three times more secure by adding 7.05835481 Ã 10^15 more unique combinations for a total of 1.07286993 Ã 10^16 possible combinations.
              > >
              > >
              > >
              > >
              > >
              >
               


               







            Your message has been successfully submitted and would be delivered to recipients shortly.