Ask Leo! #595 – When It All Just Works, Security Software Recommendations, Manure, and more…

Leo's Blog

If Everything Just Worked...

What would you do if you could count on technology always just working? What's stopping you? I'm honestly curious...

Continue Reading: If Everything Just Worked...


Stop Spreading Manure

It's an example of yet another brouhaha. A report a few years ago that Google blatantly admitted that you should have no expectation of privacy whatsoever when using their services. The internet went crazy. Many sources seemed to say, "How outrageous! We told you so! Google is evil!" Mainstream news outlets picked up stories from smaller publishers and they all seemed to confirm the entire sordid mess.

Except the internet was wrong. Manure, to use a polite term, was being spread far, wide, and fast.

That's where things get complicated.

Continue Reading: Stop Spreading Manure

What Security Software Do You Recommend?

What security software should I use? What anti-virus is the best? How about a firewall? And what about spyware? Should I use one of the all-in-one packages that claim to do everything? Is there anything else I need?

As you might imagine, I get questions like this all the time. As a result, I do have recommendations for security software and techniques to stay safe in various articles all over Ask Leo!

To make your life a little easier, here's a short version that sums it all up.

Continue Reading: What Security Software Do You Recommend?


Saved! Baking Up With EaseUS Todo

Previous Issue

Most recent forum posts

Questions recently posted at The Ask Leo! Forum. If you see "Answer Needed!", maybe you can help!

More: All forum questions in need of an answer.

Glossary Term

rainbow table

A rainbow table is a complete list of all possible passwords up to a given length, with their corresponding hash for a given hashing algorithm.

When implemented properly, passwords are never stored directly by software. Instead, a mathematical hash is stored instead. For example instead of storing the password "iforgot", software might store a value calculated from that password, such as "62072d95acb588c7ee9d6fa0c6c85155". When someone logs in using the password, the hash is calculated again, and if it matches the saved hash then the password must have been entered correctly.

This approach safeguards passwords themselves because the password cannot be recovered from the hash. Even if the hash were exposed, as is often the case in large scale data breaches, it would be of little value to a hacker as they would be unable to determine the corresponding password.

A rainbow table takes a brute force approach to this problem. For a given maximum password length the hash values for all possible passwords are calculated and stored in a table. If a hash is known it can simply be looked up in the table to determine the corresponding password with no further calculation required.

Rainbow tables have severe limitations that make them less useful than we might fear.

  1. Password length. A rainbow table for 8 character passwords might be on the order of 20 trillion entries in length – currently a somewhat manageable number. Tables for a 10 character password requires over 4 quadrillion entries, and for a 12 character password it approaches 9 quintillion. The time to create such large tables, as well as the space to store them, remains impractical.
  2. Algorithm-specific. There are several standard hashing algorithms, and which was used would have to be known. A rainbow table would need to be created for each different algorithm. In addition, some algorithms are designed specifically to be slow; while fast enough for single-password use, when applied to all possible passwords it becomes impractical.
  3. Easily invalidated. Hashing algorithms are now often applied not on the password alone, but on some modification of the password. For example rather than just hashing "password", an implementation might hash "accountname-password". This breaks the general purpose nature of rainbow tables.

Current best practice in password storage is to use all three: long passwords, a "slow" hashing algorithm, and a modified hash.

Glossary Terms are featured selections from The Ask Leo! Glossary.
Have a term you'd like defined? Submit it here.

Featured Comments

Stop Spreading Manure

Ray Smith writes:

While the "ham dog" incident was quite amusing....

.... it also served to prove an important point: namely, that some people are quick to believe even the most improbable stories. In the case of the "ham dog" story, that may not be too much of a problem; however, if it's a story about, say, vaccines causing babies to be born with chimp-like faces or a story about measles being completely harmless, then it becomes much more of a problem. Some people will believe it and base their actions/inactions on that belief.

On Aging and Being "Too Old"

Randee T. writes:

Right on Leo! I too get that from "old people" when I ask them if they have a Facebook account or are a member of some organization that posts on it's website.

I mention that Facebook is a great way to keep in touch with family members and share pictures etc. Plus I tell them being on the computer it good for their brains and dexterity. Poo Poo..they aren't interested. They worked on a computer at work and now want to stay away from them.

I tell them that the New Yorker cartoonist Hirschfield worked up until the day he died at 100 drawing for the magazine!

I love being on my computer and I have an Android phone. I know how to work on Adobe Photoshop and I love learning new stuff

from your FB page, BrainDrippings, Wired, Metal Floss, and other like pages and I love watching TED video's.

I am not afraid of Technology. I find it amazing and lots of time beyond me, but so what!

I like the homey background on this video instead of the blue background. Thanks Leo!

Alex writes:

I suppose what it boils down to is when I was younger I would be more willing to spend time on learning things that would be seldom utilised.

Advancing age becomes a barrier to that because you wish to make the best use of your more limited time. So I do feel to say you are too old is valid in the context of time left and desire of how to use that time and doesn't necessarily imply that you are saying you can't physically or mentally do something.

Leo writes:

Not wanting to spend the time has nothing (or at least little) to do with age. There are young people who don't want to spend the time, or don't see it as a priority. So ... don't hide behind age, just say you don't want to take the time....

Ask Leo! on Business

Recent posts...

Let's Get Mobile

Providing a good experience for visitors on mobile devices is important for a number of reasons. Fortunately, there are ways to make it relatively easy.

Read: Let's Get Mobile

On Writing: You're Now A Writer

A content marketing strategy implies that you have, and create, content for your audience. That means embracing the fact that you're a writer.

Read: On Writing: You're Now A Writer

Leo's Books

Backing Up 101 Saved! - Backing Up with Macrium Reflect - 2nd Edition Saved! Backing Up With EaseUS Todo
Saved! - Backing Up with Windows 7 Backup Saved! - Backing Up with Windows 8 Backup
Just Do This: Back Up! The Ask Leo! Guide to Internet Safety The Ask Leo! Guide to Routine Maintenance Maintaining Windows XP - A Practical Guide

More Ask Leo!

Facebook - YouTube - Google+ - Twitter
Amazon - GoodReads


Need more help with or have questions about the newsletter? Check out the newsletter administration page.

Help Ask Leo! Just forward this message, in its entirety (but without your unsubscribe link below) to your friends. Or, just point them at for their own FREE subscription!

Newsletter contents Copyright © 2016,
Leo A. Notenboom & Puget Sound Software, LLC.
Ask Leo! is a registered trademark ® of Puget Sound Software, LLC