Look, it was clearly just a stupid mistake. That was the only meter they had available at Tepco, and the AC wasn't there to explain to them about the different type of meters. By the time they found out that stronger meters were available, and they waited for it to arrive with free shipping from amazon, it was already too late -- the press release already went out with the reading from the first meter. You can't expect them to know all of these details.. it isn't like they are nuclear engineers or anything.

very funny slashdot.. you got me again.. apparently, everyday is april fools day.

You're right.. the hash is appended to the password hash (not prepended). Carelessness on my part.. good catch.

"Still - there are two md5 hashes with a salt added "

No, even that part was done improperly. Since they hashed the password, then added the salt, then hashed the result.. it's actually just (# of users) + 1 md5 hashes.

1) hash password
2) concat hash + salt
3) hash result
4) repeat 2 & 3 for each user

the salt is random.. so each user's password would need to be cracked individually.

that doesn't make it 52min though..

You could speed this up by hashing the password you want to try, then hashing it with each user's salt. So instead of 2x hashes, you would have (# of users) + 1 md5 calcs for each password attempt.

And the average time would be 1/2 of the max time.

Also... most of those passwords are probably dictionary words.

MD5 is just not computationally intensive by todays standards. You can easily calculate several BILLION MD5 hashes per second on a modern GPU. It's fast enough that you can simply bruteforce it.. you can rent an EC2 cluster for a few dollars if you don't want to spend the money on the GPUs.

There's a reason why at a minimum stretching is used (this is when you hash a password + salt, then hash the hash typically a few 10000 times)... this is standard practice BTW if you're going to use hashes (or better, use bcrypt or pbkdf)

The only thing the salt does is prevent them from cracking all of the passwords at once.. they'll have to crack each user individually.

They use vBulletin.. the passwords are salted.. but it's just md5(salt+md5(password)). The salt is in the db, and it's just 2 md5 hashes -- NO stretching, PBKDF2, bcrypt, or anything else. It's literally one step up from plaintext. You can recover those passwords in very little time. You SHOULD assume the passwords are compromised.

http://www.vbulletin.org/forum/showthread.php?t=178091

Why are you such a troll? First, the quote is from the article. So it's the writers fault, not slashdot's.

Second, you should try reading TFA. You say, "A quack is someone who doesn't use the right process, who avoids peer review, who insists they can't be wrong.".

Guess what? If you read the fucking article, you would know that he did exactly that.

He tried to publish articles in a journal he had input into that would not scientifically valid just because they pushed his pro-vitamin agenda. He refused to believe studies that were published proving him wrong, and said they were personal attacks against him.

So please, STFU. You clearly didn't read the article. You go off on some rant that literally makes no sense at all,

Softlayer was founded by Lance Crosby, the COO for The Planet.. They forced him out of the company, so he left and started Softlayer. Shortly after The Planet merged with EV1, and then about 5 years later Softlayer and The Planet merged and kept the Softlayer name.

I had servers at The Planet the entire time.. it's a good company.. and they have the revenue and profits to actually be worth $2B.. unlike some other recent acquisitions.

there's another corporate scam: sending fake compliance notices that look like they are from the state w/ an official looking seal, citing some state law, and demanding $X for compliance. I've received 3 of them over the past few years.

If I'm willing to risk tossing a state notice in the trash, then the trolls letter has no chance.

This guy posted an image of one on his blog:
http://parasec.files.wordpress.com/2013/04/screen-shot-2013-04-05-at-9-23-41-am.png

Q1 2013 - cars sold
    BMW Group (BMW + Mini + Rolls Royce): 448,200
    Audi: 369,500
    Mercedes: 341,511
    Tesla: 4,750

http://beta.fool.com/sarfarazis/2013/05/08/audi-vs-mercedes-who-is-winning/33384/
http://www.bmwblog.com/2013/05/02/bmw-group-reports-first-quarter-revenues/

GIMP an alternative to Photoshop? Don't make me laugh. I used to believe that.. then I bought a copy of Photoshop... GIMP is not even close.

you fail at reading comprehension. 1) the facility is being EXPANDED by 300000sqft to total 1.4m sqft. 2) a data center is obviously more complex and has more power and cooling requirements than an office tower.. and 3) the article mentions apple's 500k sq ft datacenter that cost 1billion... so this facility is not more expensive than other data centers.

That made me laugh a little.. but seriously.. I don't think that would do it. There's no place on earth that comes close to the conditions on Mars (for example).. even if an asteroid hit earth, it would still be the best place for us to survive.

I wish you were right.. but the answer is no. What those rockets are used for has not changed. The missions are still the same; the customers are still the same.

We have to discover something valuable in space.. then the space age will begin as everyone capable goes into space to claim their share of whatever it is.