Saturday, December 7, 2013

Two Passwords Are More Secure Than One

(I mean two passwords where either one can be used to log in.)

Most people know that they should change their passwords often. So why don’t they?

One reason is that it is easy to make a mistake while changing passwords. “password” fields which don’t show the characters entered invite mistakes. Password managers, such as LastPass, but also those of Chrome and Apple, plus two-factor authentication add levels of complexity and uncertainty. People who rarely change their password must spend time reviewing rules.

But the main reason is that there is a serious penalty for changing your password and not recording the new password properly: You can be locked out of an account. This is an urgent, critical problem on a key account.

Strategy: Reduce the penalty for making an error in changing a password. Specifically: websites should enable two passwords to be active at the same time on an account.

With this approach you can set a new password, then test it. If the new password works, then trash the old password. If testing the new password fails, then log in with the old password and trash the new password, and try again.

This approach reduces the fear associated with changing a password and the time penalty to correct an error while changing the password.

Having two passwords doubles the odds that a hacker can guess one of your password by brute force. So you are half as secure, right? Technically, on average, yes. But you are far, far more secure from password misappropriation.

Actually, you increase the odds of a successful brute force attack only if your passwords are taken while you have two passwords active. If you change your password monthly and have two passwords active for only a few minutes per month, then the real increase in risk is not a factor of 2.0 but is something like 1.0002.

Conclusion: enabling two active passwords per account improves security.

Sunday, April 22, 2012

2011 Nobel Prize in Chemistry awarded for Quasicrystals

The 2011 Nobel Prize in Chemistry was awarded for the discovery, in 1982, of Quasicrystals.

Normal crystals have a periodic structure in 3D space. This meant that if the crystal lattice was translated without rotation, so that one point of the moved lattice line was aligned with the position of a corresponding point of the old position, then every point of the new lattice would line up with some point of the old position. Quasicrystals have a non-periodic structure in 3D. This means that the stated condition is not true for the Quasicrystal. 

A standard method of analysing crystals involved bouncing electrons off of them and studying the resultant patterns. Such patterns did not result from bouncing electrons off of glass or liquids, only off of crystals. When this procedure was applied to Quasicrystals, it revealed sharp points characteristic of crystals.

Quasicrystals produce patterns of sharp points, as crystals do, but the symmetry of these points is forbidden in 3D space. It is known that there is a mathematical construction that takes a "six-dimensional hypercubic lattice" from six-dimensional Euclidean space and projects the lattice points to three-dimensions Euclidean space so that these points coincide with that of a Quasicrystal. (See en.wikipedia.org/wiki/Quasicrystal and search for "six-dimensional") 

Mainstream physicists do not attach any physical significance to this mathematical fact since our space is considered to be three-dimensional (or four-dimensional if relativistic space-time is considered). Nor does a six-dimensional Euclidean space have any connection to string theory with its compactified dimensions.

In my own theory, the mathematical fact of projection from six to three Euclidean dimensions translates directly to a physical arrangement of atomic centers in six dimensions. My theory is called A Unified Field Theory in 6 Euclidean Dimensions Plus Absolute Time (UFT6). It was conceived long before Quasicrystals were discovered. 

I consider Quasicrystals to be evidence in favor of a 6D space, and of UFT6. Such evidence, of course, is not proof that 6D space exists. But it is dramatically simpler than the lengths one must go to to explain Quasicrystals in only three dimensions.

(This post was updated and moved on 11/6/2014. -sz)

Saturday, February 18, 2012

Rapid Prototyping Mill and FreeD

About 15 years ago I built a milling machine to cut a part directly from a 3D design. It did this without the intermediate steps of G-code generation, without tool and spindle speed specification, and without starting with a piece of material with a known shape and size. I called this machine a Rapid Prototyping Mill (RPM). Rod Davidson sent me a YouTube link of a similar device in motion called FreeD that a team at MIT put together.

What is common between RPM and FreeD is:
  • A three-dimensional CAD model is prepared beforehand that details the surface of the desired part.
  • The cutting tool motion is controlled by hand.
  • The position of the cutting tool with respect to the material to be cut is monitored by a computer.
  • When the operator attempts to move the cutting tool cutting tool inside the surface of the designed part, the system stops the cutting process.
What is different between them is:
  • The RPM monitored the position of the tool versus workpiece in 2D. The FreeD monitored six dimensions, 3D of position and 3D of angular orientation.
    • On the RPM, the workpiece moved in 2D on a table top stage. Its position was monitored by X and Y linear encoders.
    • The position and orientation of the FreeD is apparently detected by sensors on the hand piece monitoring an electromagnetic field sourced below the workpiece.
  • The RPM prevents cutting by retracting the cutter upward, vertically. The FreeD prevents cutting by retracting the cutter backward through the hand piece, whichever way the hand piece is oriented.
    • Cutting into the side with the RPM required remounting and reregistering the workpiece. Cutting into the side with the FreeD required no extra operations.