October 8th, 2012Top StoryYour Giant Engagement Ring Looks Fucking Stupid, Jennifer Aniston
By Drew Magary
Oh hey, here's a picture of Jennifer Aniston rocking a zillion-carat engagement ring that her fiance, Justin Theroux, "gave" her. Though I assume Aniston bought the ring herself six years ago and stashed it in a safety deposit box until the day she finally found a man who could properly pull off being dressed like a 1930s fighter pilot. This is a big rock. A huge rock. A very expensive, obnoxious, stupid fucking rock.
When it comes to engagement rings, there is a fine threshold between beautiful and gaudy, and Aniston just hopped inside an IROC and made skid marks on that threshold. Take a look at Kim Kardashian's old rock and see if you disagree. It's just as tacky. When you wear a diamond that big, you're essentially announcing to everyone that A) You have no sense of subtlety when it comes to flaunting your wealth and B) You enjoy blinding small children. A ring that big tells people that you're willing to throw your spine out of alignment just so that people can see you toting a fucking crystalline boulder around on your hand.
Plenty of people have argued against the very notion of engagement rings. They're a needless expense, they come from African mining monopolies that fix prices and pay their workers in severed limbs, they exist strictly as a means of generating hateful envy amongst friends, canary diamonds look like they've been stained with urine, etc. But even if you're like me and you still see some value in the custom, there's nothing about a nine-pound engagement ring that makes sense. It's just a shitty way of trying to have your love upstage the love of other, poorer human beings. And it looks stupid, just like Super Bowl rings do. Accessories are attractive on people when some sense of proportion is involved. It's not simply about the ring, but its relationship to the finger it rests on. And having a diamond that is literally WIDER than your finger is like walking around with bedazzled balloon animal jammed between your tits.
It also perpetuates the idea that ALL women need big rings, which means some poor schmuck out there is gonna have to pony up an extra month's salary just because his ladyfriend saw this ring while reading US Weekly while changing tampons and just had to have Jen's ring. Get a smaller ring, people. Use the difference to make a car payment or feed an AIDS baby. You don't need a neutron star hanging off your body.
[People. Photo: Getty.]
|
|
A destination on the Interweb to brighten your day (now get back to work!)
Monday, October 8, 2012
Your Giant Engagement Ring Looks Fucking Stupid, Jennifer Aniston
Fans Cheer for QB's Injury -- College QB's Home Vandalized -- Tebow Girlfriend Rumors -- WAGs of MLB Playoffs
| ||||
|
Weighing Security Against Convenience: What Works, What Doesn't, and What's Best for You
October 8th, 2012Top StoryWeighing Security Against Convenience: What Works, What Doesn't, and What's Best for YouEveryone and their mother has a password security strategy, some better than others. Choosing the right one means weighing security against convenience so you can stay safe without losing your mind. But what's the best balance? Is it the same for everyone? With the help of a security expert, I decided to find out. Over the years, we've posted several password security tips, tricks and techniques ranging from the simply memorable to the perfectly paranoid. Although I've always used strong passwords, many of my coworkers went through great lengths to heighten their security far beyond mine. I knew my passwords needed an audit, but the security measures put forth by my colleagues seemed so frustrating and inconvenient. I wanted safety but without all the hassle. To find out the best combination of security and convenience, I decided to audit all the methods we recommend with the help of security and investigations expert Brandon Gregg. Before we can get started, however, we need to know what makes our passwords vulnerable. The Three Variables That Contribute to Weak PasswordsBrandon explained that weak passwords have three variables, and each makes them more vulnerable:
*GPUs or graphics cards are used to brute force passwords due to how they tackle parallel calculations. One GPU or clusters of GPUs can be made fairly cheaply and are multiple times faster at guessing passwords than their CPU brothers. Eliminating one or two of the three variables doesn't require much effort, but removing all three causes the higher level of inconvenience I, and many people, hope to avoid. While no security strategy lacks vulnerabilities, in this post we'll audit several types of passwords, from weak and strong and methods of managing them to find out what's the best for convenience and what's the best for security. The Four Levels of Password SecurityLeast Secure: Simple Alphanumeric PasswordsThe weakest type of password involves combinations of numbers and letters, or just one of each. It may be easy to remember a word, your phone number, or both, but these passwords are easy to crack. Existing software has no trouble guessing dictionary words, phone numbers, or even combinations of both—especially when the password is under eight characters. That said, you won't forget a simple password. If you use it for every account you own, you won't have to remember much at all. Of course, this is extremely insecure. If using a simple and short password, especially across many accounts, you're not far off from using no password at all. For more on why weak passwords are easy to crack, read this. Examples: charlie, hotstuff, 8675309, mary212 Somewhat Secure: Complex 8+ Character PasswordsComplex passwords require more effort to type, but they also require far more effort to hack. A complex password consists of at least eight characters. You should include capital and lowercase letters, at least one number, and at least one symbol (e.g. !, ?, @, etc.). You should also avoid a single dictionary word (e.g. pantomime → p@nt0m!me). Using a phrase as a starting point is better, but again, not perfect (e.g. "I love goats → iLuVg0@ts). This method fails when you use a unique password for every site because you have to remember many, many complex strings of letters, numbers, and symbols. Examples: t@lk4Ev3r!, iLuVg0@ts, b3stFr13ndS4eVer?! Very Secure: A Common Complex Base Password with Unique IdentifiersYou can't easily remember a lengthy, complex password, so utilizing different ones for every account just doesn't work (unless you're also using a password manager, but we'll get to that later). Remembering just one, however, makes things much easier. It also makes your password less secure unless you add a unique identifier. That unique identifier can relate to the site so you won't forget it. For example, if you used iLuVg0@ts as your common base password and you wanted to create a password for Gmail, you could use iLuVg0@ts-gmail. Brandon prefers this method over others:
Examples: iLuVg0@ts-gmail, iLuVg0@ts-linkedin, iLuVg0@ts-facebook Of course, if a savvy hacker managed to crack one password they might figure out the others. Brandon suggests:
Examples: iLuVg0@ts-email, iLuVg0@ts-resume, iLuVg0@ts-friends With common basename passwords, you have another secure option: using a three word phrase with spaces (e.g. "goats love gmail"). This method may seem less secure because it includes simple dictionary words, but it works because spaces are in play. (You can read more about the three word method here.) Brandon notes that this method sometimes fails because of how sites and applications restrict your password options:
Examples: goats love gmail, goats@love@facebook, goats!love!pinterist As mentioned, neither solution comes without vulnerabilities. If all your sites allow spaces or don't restrict special characters, the three word method offers greater simplicity. Either way, a common base password and a unique identifier offers both security and convenience. Extremely Secure: Two-Factor Authentication and Passwords Even You Don't KnowNo password is more secure than a lengthy, complex string of characters that nobody knows. The obvious problem? You can't enter a password you don't know. Password managers like LastPass solve this problem by storing all your passwords in a single database, unlocked by one unique password of your choosing. Of course, as Brandon points out, this comes with one major flaw:
Using a password manager suffers from a similar vulnerability to using the same password for every site: you crack one, you crack them all. While LastPass, in particular, makes great efforts to keep your passwords safe, you're putting yourself at risk by using one password to rule them all. The solution? Two-factor authentication, something you may have heard about recently. Brandon explains how it works:
When using a password manager like LastPass, you should enable two-factor authentication or you are, as Brandon puts it, potentially offering up your passwords as a nicely wrapped present. While we often argue this method secures your accounts better than any method, it also creates the most inconvenience. You'll need to decided whether that inconvenience matters to you or not. How Do I Choose the Best Password Security for Me?Securing your accounts means choosing a balance between convenience and protection. If you're willing to tolerate regular security checks and use randomly-generated passwords you don't know, you can put your paranoia to rest. Most Lifehacker writers and editors use this level of password security because they don't want to assume the risk and find little inconvenience in the extra effort. In fact, many adjusted to the new methods and haven't found two-factor authentication to be inconvenient at all. You may feel the same way. Personally, I find this method excessive and too much of a burden. As a result, I've opted for our third level of security ("Very Secure") described above for two reasons. First, using a method that requires a password manager involves trusting someone else with your data. When you give someone else your data you take a risk that they may lose it or share it (whether intentionally or not). If you've ever told a friend a secret, you understand the potential risk. The only well-kept secret is the one you keep yourself. While you can't avoid sharing your information entirely, as that would lead to a horribly insulated life, I believe in keeping how much you share that information to a minimum. Second, I want reasonably easy access to my data and I'm okay with assuming some risk. As someone who's had his fair share of hardships, I don't believe in trying to live life risk-free. Bad things happen. We should take reasonable measures to prevent them, but sometimes they still happen. To me, a tiny bit of added security isn't worth the inconvenience. What should you choose? Brandon sums up the decision-making process nicely:
The level of risk you want to take depends on your personal needs and the level of risk you're willing to take. Just remember—while you can implement extreme security protocols, nothing prevents the possibility of a hack. Everything is vulnerable. Back up your data. Keep a close eye on your accounts. Security involves more than locking everything down with good passwords. You should prepare yourself for the worst. In the meantime, however, lock down your accounts in a way that's secure enough for you and fits well into your life. Special thanks to Brandon Gregg for his expert advice. Brandon has worked investigations for numerous Fortune 500 companies over the last 12 years investigating theft, fraud, organized crime, corporate espionage, and many high profile cases as well as being an educator, published author, and featured speaker on surveillance, computer forensics, complex investigations, and ethical hacking. You can find out more about him here. Photos by edel (Shutterstock) andStock Elements (Shutterstock). |
|