A Pair of AIs Have Become Very Good at Guessing Your Passwords

• Updated on: 2019-06-27
• Read original article here

\n","length":179}">
A Pair of AIs Have Become Very Good at Guessing Your Passwords
Two neural networks can guess a quarter of the passwords in use on a website. At least that's according to new research by a team from the Stevens Institute of Technology, who have built a so-called generative adversarial network that can make educated guesses at what your password might be.
The underlying idea is simple enough: have one neural network build something, then use another to determine its quality. It's a concept masterminded by Ian Goodfellow, one of our 35 Innovators Under 35 for 2017 , who isn't part of this research project.
What the Stevens Institute team has done with that idea is have one AI chomp through tens of millions of leaked passwords to learn how to generate new ones, while the other learned how to judge whether a newly created one was compelling. Comparing their efforts to a LinkedIn credentials leak, the AI-generated passwords matched 12 percent of the real ones. When the researchers also rolled in some human-created rules from a software tool known as hashCat, they were able to guess 27 percent of passwords—as much as 24 percent more than hashCat can achieve alone.
It is, obviously, still a technique in its infancy, and it's unclear if a 24 percent boost really warrants the weight of such advanced machine learning. But this appears to be the first time that a generative adversarial network has been used to help crack passwords, and it seems likely that the technique will improve faster than conventional approaches as it chews on more data.
At any rate, it may not be all bad news. As Thomas Ristenpart, a computer scientist from Cornell Tech in New York City, tells Science : “The new technique could also potentially be used to generate decoy passwords to help detect breaches.”
Source:
\n \t\n\t\n\t
\n
\n","length":179}">
A Pair of AIs Have Become Very Good at Guessing Your Passwords
Two neural networks can guess a quarter of the passwords in use on a website. At least that's according to new research by a team from the Stevens Institute of Technology, who have built a so-called generative adversarial network that can make educated… Read more
Two neural networks can guess a quarter of the passwords in use on a website. At least that's according to new research by a team from the Stevens Institute of Technology, who have built a so-called generative adversarial network that can make educated guesses at what your password might be.
The underlying idea is simple enough: have one neural network build something, then use another to determine its quality. It's a concept masterminded by Ian Goodfellow, one of our 35 Innovators Under 35 for 2017 , who isn't part of this research project.
What the Stevens Institute team has done with that idea is have one AI chomp through tens of millions of leaked passwords to learn how to generate new ones, while the other learned how to judge whether a newly created one was compelling. Comparing their efforts to a LinkedIn credentials leak, the AI-generated passwords matched 12 percent of the real ones. When the researchers also rolled in some human-created rules from a software tool known as hashCat, they were able to guess 27 percent of passwords—as much as 24 percent more than hashCat can achieve alone.
It is, obviously, still a technique in its infancy, and it's unclear if a 24 percent boost really warrants the weight of such advanced machine learning. But this appears to be the first time that a generative adversarial network has been used to help crack passwords, and it seems likely that the technique will improve faster than conventional approaches as it chews on more data.
At any rate, it may not be all bad news. As Thomas Ristenpart, a computer scientist from Cornell Tech in New York City, tells Science : “The new technique could also potentially be used to generate decoy passwords to help detect breaches.”
Source:
\n \t\n\t\n\t
\n
\n","length":173}">
Google’s New Mobile Payment System Sends Money via Sound
The company's new digital payment app, called Tez , allows people in India to use a phone to pay for goods in physical stores and online, or make payments to other bank accounts. It’s different from the (already incredibly popular) Indian service PayTM… Read more
The company's new digital payment app, called Tez , allows people in India to use a phone to pay for goods in physical stores and online, or make payments to other bank accounts. It’s different from the (already incredibly popular) Indian service PayTM in that it links a phone directly with a bank account, rather than having the user top up a digital wallet with money.
The Financial Times reports ($) that , unlike many other mobile payment systems that rely on NFC to make payments, Google offers users the ability to make use of a technology called AudioQR to transfer funds. The approach allows any two phones with mics and speakers to communicate with each other using ultrasound, above the range of human hearing, to arrange a transaction. That will be particularly useful in a country where not everyone has a high-spec device.
Google has also trademarked the name Tez in other Asian countries, including Indonesia and the Philippines, according to TechCrunch . That suggests that, in the longer term, it has bigger ambitions for the service.
India has been on a push to become a cashless economy since late last year , but the transition hasn’t been going too smoothly so far. At one point, the nation even started slashing prices for online purchases in a bid to encourage people to ditch paper money. Google will be hoping that its relatively universal approach could help win over remaining skeptics.
Source:
\n","length":333}">
Might America Stay in the Paris Climate Pact After All?
Some members of Trump’s administration appear not to be ruling it out. Over the weekend, off the back of a climate meeting in Montreal, secretary of state Rex Tillerson  told CBS that the government is “open to finding … conditions where we can remain… Read more
Some members of Trump’s administration appear not to be ruling it out. Over the weekend, off the back of a climate meeting in Montreal, secretary of state Rex Tillerson  told CBS that the government is “open to finding … conditions where we can remain engaged with others on what we all agree is still a challenging issue.” National security adviser H.R. McMaster also  told ABC that America could re-enter the international climate pact if  “there’s an agreement that benefits the American people.”
Meanwhile, the Wall Street Journal also says ($)  that White House economic chief Gary Cohn will hold meetings with foreign officials today to clarify Trump’s climate commitments, as world leaders arrive in New York for a UN meeting. According to Tillerson, Cohn is tasked with considering “other ways in which we can work with partners in the Paris climate accord.” For its part, the White House says that “there has been no change in the U.S.’s position on the Paris agreement ... the U.S. is withdrawing unless we can re-enter on terms that are more favorable to our country.”
At the heart of all this is a belief within the Trump administration that the Paris climate agreement is unfairly weighted against the U.S. But rather than a complete withdrawal—which no country that signed the accord can start until 2019 , and which would then take until after the next presidential election in 2020 to complete—some officials may be considering how things could be rejiggered rather than totally scrapped. The Wall Street Journal also explains in another report ($)  that European Commissioner for Climate Action and Energy, Miguel Arias Cañete, believes that the U.S. “will not renegotiate the Paris accord, but they will try to review the terms on which they could be engaged under this agreement.”
Trump announced in June that he would withdraw America from the pact. Some kind of alternative arrangement that doesn’t see America exit from the agreement completely could be beneficial: as we’ve argued before, Trump's withdrawal could cede economic opportunities to other nations .
 
\n","length":188}">
A Carbon-Fiber Cage Could Crash-Proof Drone Delivery
For those worried about the fragility of the items shipped through the air, there may be a solution. Researchers at École Polytechnique Fédérale de Lausanne in Switzerland have developed a giant carbon-fiber cage that sits around a drone to protect… Read more
For those worried about the fragility of the items shipped through the air, there may be a solution. Researchers at École Polytechnique Fédérale de Lausanne in Switzerland have developed a giant carbon-fiber cage that sits around a drone to protect it—and its cargo —by providing "an all-round protective structure that physically separates the propellers from the environment."
It also, says the team, provides a human something safe to grab onto if there's no suitable place for the drone to land—but, as IEEE Spectrum notes, you may want to ensure your fingers don't go too far through the cage and hit those spinning rotors. It's also worth noting that the cage itself weighs about two pounds, which means that the load-carrying capacity of the drone is cut by the same amount. But last-minute Amazon orders of crystal glassware are now somewhere in your future, if you want them.
Source: