A New Jersey garbage truck driver almost saw his life slip away from him over 26 cents.
You’ve been laid off, pay for COBRA coverage, and suddenly you need a
$500K bone marrow transplant. Thank goodness for health insurance … or
maybe not. Photo by Alex Remnick for the (NJ) Star Ledger via NJ.com.
Thirty-three-year-old Sergio Branco took a three month leave of
absence (thanks to the Family and Medical Leave Act) from his job with
Russell Reid, a waste management company, after finding out that he had
fast-spreading type of leukemia. Soon, his doctors informed him that he
would need a bone marrow transplant to save his life. Luckily, they were
able to find him a donor with a perfect match and scheduled the
transplant for August 16th.
A $500,000 transplant. Thank goodness for health insurance.
Or maybe not.
After Sergio’s three month leave of absence was up, his company fired
him. Unsurprised, his family at least took heart in the knowledge that
they could continue their health insurance coverage through COBRA
(Consolidated Omnibus Reconciliation Act). They’d have to pay the whole
premium, but it was better than paying the full $500,000 for the
transplant.
Soon after Sergio was fired, a letter arrived letting them know they
had until June 30 to decide whether or not they wanted the coverage. Of
course they did, so on May 24, Sergio’s wife Mara sent in her check for
$518 to pay for the first month of coverage for Sergio.
But she forgot the 26 cents.
Whatever the reason–she was preoccupied with the kids, her sick
husband, supporting the family, etc–the bill for $518.26 wasn’t paid in
full. So, despite the fact that they were still within the time allowed
to pay before the option for coverage was gone, and despite the fact
that the check Mara sent in was cashed, Sergio’s coverage was
terminated, leaving him unable to pay for the transplant. It wasn’t
until the hospital notified them that the Branco family found out about
the cancellation.
When Mara contacted the company handling the insurance coverage,
Paychex, to find out what happened, they told her about the 26 cents.
When she tried to pay it, Paychex wouldn’t accept payment, saying that
Russell Reid, Sergio’s old company, told them to accept no more payments
from them. Mara called Russell Reid, and they denied the accusation.
She was soon left with no choice but to get the Department of Labor
involved, who also got the run-around from both companies involved–all
while a man’s life hung in the balance. Finally, at the beginning of
July, they received written notification that Sergio’s insurance was
cancelled. Their payment of $518 was sent back to them.
Finally, the Branco’s had no choice but to get a lawyer.
The lawyer changed everything. The law says insurance coverage cannot
be cancelled over a “de minimis amount,” not to mention that Paychex
never sent the appropriate notices under the law. Soon, Paychex and
Russell Reid had no choice but to reinstate Sergio Branco’s insurance
coverage.
His transplant is still on track for August 16.
What’s worrisome about Sergio’s case, while there are a few things
that aren’t right here, is that even after the Department of Labor was
involved, they were still unable to really get anything fixed until they
employed an attorney. Considering their situation, attorney’s fees are
likely a hardship on the family that they should never have had to
incur.
Further, with everything else in their lives, with all of the
stress involved in raising children while dealing with a terminal
illness, the ultimate insult is to pull their coverage over an amount
that can be found at the bottom of the dryer.
The lesson here seems to be: ‘Don’t get sick, and don’t stress out if you do.’
WinCo is an Idaho-based grocery chain that
frequently beats Walmart on price while providing health care benefits for
any employee working over 24 hours a week as well as an annual pension.
While all of these factors help WinCo compete with Walmart on price, what
really might scare the world's largest retailer is how WinCo treats its
employees.
In sharp contrast to Walmart, which regularly comes under fire for
practices like understaffing stores to keep costs down and hiring tons of
temporary workers as a means to avoid paying full-time worker benefits, WinCo
has a reputation for doing right by employees.
It provides health benefits to
all staffers who work at least 24 hours per week. The company also has a
pension, with employees getting an amount equal to 20% of their annual salary
put in a plan that's paid for by WinCo; a company spokesperson told the Idaho
Statesman that more than 400 nonexecutive workers (cashiers, produce clerks, and
such) currently have pensions worth over $1 million apiece.
Michelle Obama credited her signature “Let’s Move” campaign–which encourages
healthy eating and exercise–for helping to decrease childhood obesity rates in
the U.S. The first lady spoke on Tuesday after the Centers for Disease Control
and Prevention reported
that 19 states and territories saw obesity rates among low-income
preschoolers decline.
“Today’s announcement reaffirms my belief that together, we are making a real
difference in helping kids across the country get a healthier start to life,”
the first lady said in a statement. “We
know how essential it is to set our youngest children on a path towards a
lifetime of healthy eating and physical activity, and more than 10,000 childcare
programs participating in the Let’s Move! Child Care initiative are doing
vitally important work on this front. Yet, while this announcement reflects
important progress, we also know that there is tremendous work still to be done
to support healthy futures for all our children.”
When Obama launched her initiative more than two and a half years ago,
conservatives mocked the first lady’s commitment to ending childhood obesity.
Sarah Palin accused
Michelle Obama of using big government to take control of parenting
decisions.
“Take her anti-obesity thing that she’s on,” Palin said on The Laura
Ingraham Show.
“She’s on this kick, right? What she is telling us is she cannot trust
parents to make decisions for their own children, for their own families and
what we should eat. And I know I’m going to be again criticized for bringing
this up, but instead of government thinking that they need to take over [and]
make decisions for us according to some politician or politician’s wife’s
priorities, just leave us alone, get off our back, and allow us as individuals
to exercise our own God-given rights to make our own decisions and then our
country gets back on the right track.”
The former vice presidential candidate even took a shot at the first lady on
her short-lived reality TV show. ”Where’s
the s’mores ingredients,” Palin jokingly asked. “This is in honor of Michelle
Obama, who said the other day we should not have dessert.”
Rush Limbaugh jumped on the right-wing bandwagon, attacking Michelle Obama
for eating ribs at a meal when “she is demanding that everybody basically eat
cardboard and tofu.”
“Michelle My Belle, minus the husband, took the kids out to Vail on a ski
vacation, and they were spotted eating and they were feasting on ribs,” Limbaugh
said. “Ribs that were 1,575 calories per serving with 141 grams of fat per
serving. Now I’m sure some of you members of the new castrati:
‘This is typical
of what you do Mr. Limbaugh, you take an isolated, once in a lifetime
experience, and try to say that she’s a hypocrite.’ She is a hypocrite. Leaders
are supposed to be leaders. If we’re supposed to go out and eat nothing–if we’re
supposed to eat roots, and berries and tree bark and so show us how. And if it’s
supposed to make us fit, if it’s supposed to make us healthier, show us
how.”
While the right continued their attacks, the first lady campaigned for an
active lifestyle and healthier eating habits, and the message seemed to
resonate. She visited Sesame
Street and exercised with Elmo. She showed off her exercise routine by
doing push-ups with Ellen DeGeneres
(and mom-dancing with Late
Night host Jimmy Fallon). She invited schoolchildren from across the
country to help her garden and cook meals at the White House, and even enlisted
Beyonce’s help with the “Move Your Body” music
video for the initiative.
“Together, we’re making a real difference in helping kids across the country
get a healthier start to life.” -FLOTUS http://t.co/L27uGm0yuF
— FLOTUS (@FLOTUS) August 6,
2013
CDC
research shows that about one in eight preschoolers is obese and that
suchchildren are five times more likely to be overweight later
in childhood and adolescence. Obesity rates among preschoolers are improving,
but the research states that there is still more work to be done. Among
low-income children ages 2-4 years, between 2008 – 2011, obesity rates
decreased slightly in 19 of the 43 states and territories studied, and
obesity rates increased slightly in 3 of the 43 states and
territories.
By
News Desk | Gold Star Smoked Fish Corp.
of Brooklyn, N.Y., is recalling Baltic Treasures, Norwegian Style
Matjes, Marinella “Delicatessnaya,” Jewish Style Matjes, Traditional
Russian Matjes, and Rybacka Wies Matjes Brands of Herring Fillets in Oil
due to contamination or possible contamination with Listeria
monocytogenes.
In addition, Zip International Group LLC of Edison, N.J., is recalling Baltic Sprats in Spicy Brine Net Wt. 15.8 Oz (450g) in plastic packaging, also because of the potential Listeria contamination.
The recalled Gold Star products are packaged in 10.5 oz/300 gram,
17.64oz/500 gram, and 35.5oz/1 kg vacuum packed plastic packages and
have sell by dates 103113, 113013, 123113, or 13114 stamped on the back
of the container.
The products were sold nationwide. They are products of the USA.
Zip International’s recalled sprats were packaged with a best by date
of October 12, 2013 (UPC: 4750217602547). The best by date is located
on the top of the packaging and was sold to distributors and retail
grocery stores in New York State beginning on May 31, 2013 and ending on
June 6, 2013.
It is a product of Latvia..
All recalls were initiated after routine testing by the New York
State Department of Agriculture found the Listeria contamination.
No illnesses have been connected to the products. However, given the
time involved in tracing an illness back to a food item, it is
impossible to say whether or not anyone has fallen ill.
“I like my women like I like my gas–natural” is just one example.
A computer designed to tell witty one-liners has
been criticised for being sexist and un-PC.
Scientists at the University of Edinburgh created
the software to tell one-line jokes using a simple set of rules in which a
statement is followed up with an amusing punchline, such as ‘I like my coffee
like I like my war…cold’.
However, some of the lines the computer has
produced have been criticised for being sexist or in bad taste including ‘I like
my men like I like my acorns…buried’ and ‘I like my women like I like my
gas…natural.’
…the computer most commonly creates jokes that
compare men or women to objects.
As Congress heads out on a five-week vacation, the Republican threat of a
shutdown over President Barack Obama’s health care law looms. Karen Finney,
Michael Eric Dyson and Bob Shrum join Ed Schultz to discuss.
After being attacked as everything from a “race hustler” to “dishonest,” Rev.
Al Sharpton responded Tuesday to Fox News host Bill O’Reilly recent insults.
Representing what O’Reilly called “the grievance industry” on his Monday
program, Sharpton laid out other “grievances” in the history of America, noting
that the First Amendment literally gives Americans the right to assemble and
petition for the “redress of grievances.”
He pointed to Seneca Falls and to the famous “Letter from a Birmingham Jail”
in which Dr. Martin Luther King Jr. wrote that he hoped white clergy would
“serve as the channel through which our just grievances could reach the power
structure.”
“Sharpton and others are attacking me because I am a threat to them,”
O’Reilly said on Monday’s program, accusing the civil rights leaders of
profiting by “promoting racial division.”
“The grievances we face in America have changed over time–just as the country
has changed,” Sharpton said in his response. “But today, there are still deep
injustices that we must address. Our criminal justice system too often treats
millions of Americans differently because of the color of their skin.”
“We’re always striving to form a more perfect union. We’ve long moved past
unfair tariffs and three-fifths of a person, beyond denying women the right to
vote and beyond the control of Jim Crow,” he said. “Now we fight against
criminal injustice and economic equality. We fight for equal rights for all
Americans, for gays, for new immigrants, for women to earn equal pay for equal
work.”
“Sure, it makes some people uncomfortable, but this country has always
evolved because people stood up, addressed the problems of their time and fought
to change them.”
"Why don't you respect their different perspective on life and try to come to some common ground?"
This was a reply I received on another thread regarding morons who vote against their interests over and over again.
I'm a liberal, and this shit drives me nuts!!!!
You want to know why "liberals lose so God damn always" (to quote Will McAvoy)?
THIS IS WHY.
Liberals constantly make the fatal error of assuming the other side
is intelligent and reasonable. That if we are nice and present the data,
people will come around.
WHERE THE FUCK HAVE YOU BEEN THE LAST 30 YEARS???????
President Obama, easily one of the most intelligent, reasoned,
articulate, honest, well intentioned presidential candidates in our
history took this approach...and Sarah FUCKING PALIN's ticket still got
47% of the vote...and that was AFTER Republicans launched an illegal war
on lies, sanctioned torture, and created the biggest financial disaster
since the GREAT DEPRESSION!
47% people!!! Know what that means? It means that just about half
the country, now devastated by 8 years of republican rule, would take
Sarah FUCKING Palin rather then a Democrat...even one as amazing as
Obama.
It means in 2008, after 8 years of Bush, half the country thought
the problem was that our leader wasn't MORE of a right wing ideological
nut.
Many of my liberal friends were patting themselves on their back
that day. I was naturally thrilled Obama won, but I was also well aware
of the fact that instead of what should have been a landslide...he could
have easily lost.
And for me, that brought a horrifying realization that our country
was even more insanely misinformed and fucked then I thought.
Obama also took this typical liberal "kill them with kindness" and
"compromise" approach with governing...how's that worked out for
progressive legislation, for the progressive movement as a whole?
Let's see, Obama's only signature piece of legislation is a right
wing Heritage Foundation healthcare plan that is a giant handout to big
pharma and insurance agencies.
Meanwhile, we've had draconian cuts to everything from education to life saving social programs for the poor and elderly.
We've bailed out Wall Street and the banks, but told homeowners, the
unemployed, students, the needy, and even entire cities like Detroit to
go fuck themselves sideways.
We've had a continuation (even an expansion) of Bush national security policies and right wing economic policies.
More free trade policies, more corporate welfare, and the continued
assault on the middle class, the poor, and our social contract.
Yet do you see mass protests in the streets? Rioting? Are the
Republicans facing backlash? Do most people even know what's causing
all of this or who's responsible?
Nope.
In fact, Nate Silver is now saying there is a 50% chance Republicans
will take the Senate in 2016...and no chance they will lose the house.
Deny it all you want, but it's perfectly theoretical that Republicans could own the entire government come January 2017.
The fact that this is even plausible right now, let alone a real
possibility, should serve as a splash of ice water in the face of
liberals.
What you are doing ISN'T working!
It's time to wake the fuck up and realize that this noble, above it
all approach of messaging HAS BEEN FAILING MISERABLY FOR 30 FUCKING
YEARS...to the point where the oligarchy now has so much power that it
may now be irreversible.
By now everyone should know that Americans are largely simple,
ignorant, fearful folk. They trust the confident assuredness of a leader
above things like facts. Like Bush, "Wrong but strong".
You want to make Americans understand and come around to your side?
Then quit acting like fucking pussies sitting in a circle on the grass
at your college quad!
Stand up and denounce the other side for the sick twisted fascist pukes that they are.
STOP acting like there are 2 sides to common decency, to moral
truths, to policies that serve only the purpose of enslaving the
citizens while empowering the ruling elite.
CALL PEOPLE THE FUCK OUT in every setting, in every situation.
Minimize them, make them a mockery, paint them as immoral parasites.
I don't care if it's you kids teacher, your priest, or your fucking dying Aunt.
When possible, do so politely, if that's not possible, then FUCK THEM.
Think this is harsh? Well you ever wonder why social issues like gay
marriage and discrimination are the ONE area where liberals win
CONSISTENTLY?
Because they use this tactic!!!! Because they shame people into
doing the right thing. They make it socially UNACCEPTABLE to not agree.
This is why those issues drive conservatives nuts more then anything - because that's THEIR tactic!
To question capitalism means you are a commie pinko. To question a
war means you don't support the troops. To question torture means you
are a terrorist lover. Conservatives have mastered the tactic of forced
conformity.
So sorry for the rant, but I've fucking had it. This isn't 1970,
where the other side is made up of at least some intelligent, well
meaning people with legitimate alternative views and we all agree on the
basic principles of America.
THIS IS A FUCKING WAR against a soulless, immoral, ruthless
oligarchy hell bent on permanently enslaving the people of this
country...and they are winning, they are kicking our asses into
oblivion.
Liberals are the only reason America became the great shining beacon
of hope and justice and equality and prosperity for all that it once
was.
Well it's time for liberals to get dirty again, or you can kiss this country goodbye.
America isn't the last great hope for the world...liberals are.
In a major shakeup for the radio industry, Cumulus Media, the
second-biggest broadcaster in the country, is planning to drop both Rush
Limbaugh and Sean Hannity from its stations at the end of the year, an
industry source told POLITICO on Sunday.
Cumulus has decided that it will not renew its contracts with either
host, the source said, a move that would remove the two most highly
rated conservative talk personalities from more than 40 Cumulus channels
in major markets.
The decision comes after negotiations between Cumulus and Premiere
Networks, the division of Clear Channel that distributes Limbaugh and
Hannity's shows, broke down due to disagreements over the cost of the
distribution rights, the source said. Cumulus is known to drive a hard
bargain on costs, and Clear Channel is known to seek top dollar for big
names.
As industry insiders caution, Cumulus and Clear Channel have come to
the brink before during contract negotiations only to resume talks. But
the source told POLITICO that Clear Channel was unlikely to reduce the
cost for distribution rights to a level that would satisfy Cumulus.
Cumulus declined to comment for this story: "Cumulus is not in a
position to comment about negotiations with talent under contract, no
matter what the rumor of the day might be," a spokesperson told
POLITICO.
But in recent weeks, Cumulus has been quietly reaching out to radio
talent agents and political insiders about new local and regional
station hosts to fill some of the airtime that will be left vacant by
Limbaugh and Hannity, industry sources said. Cumulus is also expected to
move some of its existing talent -- which includes Mike Huckabee, Mark
Levin, and Michael Savage - into one of the slots.
Premiere, which did not immediately respond to a request for comment
on Sunday night, is expected to carry Limbaugh and Hannity on stations
in many of the markets where they are currently signed with Cumulus,
should the negotiations not go through. A spokesperson for Limbaugh was
not immediately available for comment; Hannity did not immediately
respond to a request for comment.
Back in May, a source close to Limbaugh told POLITICO that
the host was considering ending his affiliation agreement with
Cumulus because CEO Lew Dickey was blaming the company's advertising
losses on Limbaugh's controversial remarks about Sandra Fluke, the
Georgetown law student. On an earnings call two days later, Dickey reported a
$2.4 million first-quarter decline in revenue related to talk
programming, which he attributed, indirectly, to Limbaugh's remarks
about Fluke.
Dickey is expected to hold another earnings call this week, though it is unclear if he will address the contract negotiations.
The mother of Trayvon Martin reacted Thursday to an interview a
juror in the George Zimmerman trial gave to ABC News, in which she admitted that
she ultimately, she didn’t hold out for a conviction.
The Juror, known only as B29, or “Maddy,” since she revealed herself —
including showing her face — to ABC’s Robin Roberts, said Zimmerman “got
away with murder” in the shooting death of Trayvon Martin, but that Florida
law, as understood by the jury, made it impossible to convict.
“I was the juror that was going to give them the hung jury. I fought to the
end,” she said during the interview, for which ABC News aired clips on Thursday.
“That’s where I felt confused, where if a person kills someone, then you get
charged for it. But as the law was read to me, if you have no proof that he
killed him intentionally, you can’t say he’s guilty.”
Zimmerman was acquitted on second degree murder and manslaughter charges July
14th.
Maddy, a nurse’s aide and the lone non-white juror on the panel, said she is
having trouble sleeping after the verdict.
“It’s hard for me to sleep,” she told ABC. “It’s hard for me to eat because I
feel I was forcefully included in Trayvon Martin’s death. And as I carry him on
my back, I’m hurting as much Trayvon’s Martin’s mother because there’s no way
that any mother should feel that pain,” she said.
Martin’s mother, Sybrina Fulton issued the following statement Thursday night
on behalf of herself and Tracy Martin:
It is devastating for my family to hear the comments from juror B29, comments
which we already knew in our hearts to be true. That George Zimmerman literally
got away with murder.
Secret demands mark escalation in Internet surveillance by the federal
government through gaining access to user passwords, which are typically
stored in encrypted form.
The U.S. government has demanded that major Internet companies divulge
users' stored passwords, according to two industry sources familiar with
these orders, which represent an escalation in surveillance techniques
that has not previously been disclosed.
If the government is able to determine a person's password, which is
typically stored in encrypted form, the credential could be used to log
in to an account to peruse confidential correspondence or even
impersonate the user. Obtaining it also would aid in deciphering
encrypted devices in situations where passwords are reused.
"I've certainly seen them ask for passwords," said one Internet industry
source who spoke on condition of anonymity. "We push back."
A second person who has worked at a large Silicon Valley company
confirmed that it received legal requests from the federal government
for stored passwords. Companies "really heavily scrutinize" these
requests, the person said. "There's a lot of 'over my dead body.'"
Some of the government orders demand not only a user's password but also
the encryption algorithm and the so-called salt, according to a person
familiar with the requests. A salt is a random string of letters or
numbers used to make it more difficult to reverse the encryption process
and determine the original password. Other orders demand the secret
question codes often associated with user accounts.
"This is one of those unanswered legal questions: Is there any circumstance under which they could get password information?" --Jennifer Granick, Stanford University
A Microsoft spokesperson would not say whether the company has received
such requests from the government. But when asked whether Microsoft
would divulge passwords, salts, or algorithms, the spokesperson replied:
"No, we don't, and we can't see a circumstance in which we would
provide it."
Google also declined to disclose whether it had received requests for
those types of data. But a spokesperson said the company has "never"
turned over a user's encrypted password, and that it has a legal team
that frequently pushes back against requests that are fishing
expeditions or are otherwise problematic. "We take the privacy and
security of our users very seriously," the spokesperson said.
A Yahoo spokeswoman would not say whether the company had received such
requests. The spokeswoman said: "If we receive a request from law
enforcement for a user's password, we deny such requests on the grounds
that they would allow overly broad access to our users' private
information. If we are required to provide information, we do so only in
the strictest interpretation of what is required by law."
Apple, Facebook, AOL, Verizon, AT&T, Time Warner Cable, and Comcast
did not respond to queries about whether they have received requests for
users' passwords and how they would respond to them.
Richard Lovejoy, a director of the Opera Software subsidiary that operates FastMail,
said he doesn't recall receiving any such requests but that the company
still has a relatively small number of users compared with its larger
rivals. Because of that, he said, "we don't get a high volume" of U.S.
government demands.
The FBI declined to comment.
Some details remain unclear, including when the requests began and
whether the government demands are always targeted at individuals or
seek entire password database dumps. The Patriot Act has been used to demand entire database dumps
of phone call logs, and critics have suggested its use is broader. "The
authority of the government is essentially limitless" under that law,
Sen. Ron Wyden, an Oregon Democrat who serves on the Senate Intelligence
committee, said at a Washington event this week.
Large Internet companies have resisted the government's requests by
arguing that "you don't have the right to operate the account as a
person," according to a person familiar with the issue. "I don't know
what happens when the government goes to smaller providers and demands
user passwords," the person said.
An attorney who represents Internet companies said he has not fielded
government password requests, but "we've certainly had reset requests --
if you have the device in your possession, than a password reset is the
easier way."
Source code to a C implementation of bcrypt, a popular algorithm used for password hashing.
(Credit:
Photo by Declan McCullagh)
Cracking the codes
Even if the National Security Agency or
the FBI successfully obtains an encrypted password, salt, and details
about the algorithm used, unearthing a user's original password is
hardly guaranteed. The odds of success depend in large part on two
factors: the type of algorithm and the complexity of the password.
Algorithms, known as hash functions, that are viewed as suitable for
scrambling stored passwords are designed to be difficult to reverse. One
popular hash function called MD5, for instance, transforms the phrase
"National Security Agency" into this string of seemingly random
characters: 84bd1c27b26f7be85b2742817bb8d43b. Computer scientists
believe that, if a hash function is well-designed, the original phrase
cannot be derived from the output.
But modern computers, especially ones equipped with high-performance
video cards, can test passwords scrambled with MD5 and other well-known
hash algorithms at the rate of billions a second. One system using 25 Radeon-powered GPUs that was demonstrated
at a conference last December tested 348 billion hashes per second,
meaning it would crack a 14-character Windows XP password in six
minutes.
The best practice among Silicon Valley companies is to adopt far slower
hash algorithms -- designed to take a large fraction of a second to
scramble a password -- that have been intentionally crafted to make it
more difficult and expensive for the NSA and other attackers to test
every possible combination.
One popular algorithm, used by Twitter and LinkedIn, is called bcrypt. A 2009 paper (PDF) by computer scientist Colin Percival
estimated that it would cost a mere $4 to crack, in an average of one
year, an 8-character bcrypt password composed only of letters. To do it
in an average of one day, the hardware cost would jump to approximately
$1,500.
But if a password of the same length included numbers, asterisks,
punctuation marks, and other special characters, the cost-per-year leaps
to $130,000. Increasing the length to any 10 characters, Percival
estimated in 2009, brings the estimated cracking cost to a staggering
$1.2 billion.
As computers have become more powerful, the cost of cracking bcrypt
passwords has decreased. "I'd say as a rough ballpark, the current cost
would be around 1/20th of the numbers I have in my paper," said
Percival, who founded a company called Tarsnap Backup,
which offers "online backups for the truly paranoid." Percival added
that a government agency would likely use ASICs -- application-specific
integrated circuits -- for password cracking because it's "the most
cost-efficient -- at large scale -- approach."
While developing Tarsnap, Percival devised an algorithm called scrypt,
which he estimates can make the "cost of a hardware brute-force attack"
against a hashed password as much as 4,000 times greater than bcrypt.
Bcrypt was introduced (PDF) at a 1999 Usenix conference by Niels Provos, currently a distinguished engineer in Google's infrastructure group, and David Mazières, an associate professor of computer science at Stanford University.
With the computers available today, "bcrypt won't pipeline very well in
hardware," Mazières said, so it would "still be very expensive to do
widespread cracking."
Even if "the NSA is asking for access to hashed bcrypt passwords,"
Mazières said, "that doesn't necessarily mean they are cracking them."
Easier approaches, he said, include an order to extract them from the
server or network when the user logs in -- which has been done before -- or installing a keylogger at the client.
Sen. Ron Wyden, who warned this week that "the
authority of the government is essentially limitless" under the Patriot
Act's business records provision.
(Credit:
Getty Images)
Questions of law
Whether the National Security Agency or FBI
has the legal authority to demand that an Internet company divulge a
hashed password, salt, and algorithm remains murky.
"This is one of those unanswered legal questions: Is there any
circumstance under which they could get password information?" said Jennifer Granick, director of civil liberties at Stanford University's Center for Internet and Society. "I don't know."
Granick said she's not aware of any precedent for an Internet company
"to provide passwords, encrypted or otherwise, or password algorithms to
the government -- for the government to crack passwords and use them
unsupervised." If the password will be used to log in to the account,
she said, that's "prospective surveillance," which would require a
wiretap order or Foreign Intelligence Surveillance Act order.
If the government can subsequently determine the password, "there's a
concern that the provider is enabling unauthorized access to the user's
account if they do that," Granick said. That could, she said, raise
legal issues under the Stored Communications Act and the Computer Fraud
and Abuse Act.
The Justice Department has argued in court proceedings before that it
has broad legal authority to obtain passwords. In 2011, for instance,
federal prosecutors sent a grand jury subpoena demanding the password
that would unlock files encrypted with the TrueCrypt utility.
The Florida man who received the subpoena claimed the Fifth Amendment,
which protects his right to avoid self-incrimination, allowed him to
refuse the prosecutors' demand. In February 2012, the U.S. Court of
Appeals for the Eleventh Circuit agreed, saying that because prosecutors
could bring a criminal prosecution against him based on the contents of
the decrypted files, the man "could not be compelled to decrypt the
drives."
In January 2012, a federal district judge in Colorado reached the
opposite conclusion, ruling that a criminal defendant could be compelled
under the All Writs Act to type in the password that would unlock a
Toshiba Satellite laptop.
Both of those cases, however, deal with criminal proceedings when the
password holder is the target of an investigation -- and don't address
when a hashed password is stored on the servers of a company that's an
innocent third party.
"If you can figure out someone's password, you have the ability to reuse
the account," which raises significant privacy concerns, said Seth Schoen, a senior staff technologist at the Electronic Frontier Foundation.
Last updated at 8:00 p.m. PT with comment from Yahoo, which responded after this article was published.
Disclosure: McCullagh is married to a Google employee not involved with this issue.
Cenk Uygur talks to Ana Kasparian, Jayar Jackson, and TYT producer and legal analyst
Robin Sax about the latest aftermath from the George Zimmerman trial.
On
Thursday, Juror B-29, the jury’s sole minority member, gave an interview with
ABC News in which she said that Zimmerman “got away with murder” and that she
“fought to the end” for a second-degree murder conviction, nearly causing a hung
jury.
“Think about it, if you are a white person living in this area in Florida,
you have a very different experience than a black person living in this area in
Florida,” Kasparian says.
The panel agrees that lack of racial diversity on the
jury was one of many problems. “This woman is a mom to eight children,” Sax
points out. “Juror B-37 has no children. Maybe it’s not about race, maybe it’s
being a parent.”
Republican Congressman Steve King of Iowa recently said of Latino immigrants to the conservative site Newsmax: “They aren’t all valedictorians. They weren’t all brought in by their parents. For everyone who’s a valedictorian, there’s another 100 out there that weigh 130 pounds and they’ve got calves the size of cantaloupes because they’re hauling 75 pounds of marijuana across the desert.”
MSNBC's Chris Hayes called King’s statement “hideous” on Wednesday’s All In. “The GOP can try to spin this. They can condemn these remarks and claim Steve King doesn’t speak for the party. But, really, until proven otherwise by actions, he does. He’s the GOP immigration id, without the filter. And the id continues to run the party,” said Hayes.
Watch Telemundo’s Jose Diaz-Balart discuss King’s comments on Wednesday’s All In with Chris Hayes.
At some point, the full story of Anthony Weiner and his sexual
relationships and texting habits will finally be told. In the meantime,
the serially evasive Mr. Weiner should take his marital troubles and
personal compulsions out of the public eye, away from cameras, off the
Web and out of the race for mayor of New York City.
Mr. Weiner, who resigned from Congress two years ago after sending lewd messages and photos of his crotch to women he had not met, was forced to revisit the issue
on Tuesday, and so were we all. A Web site called The Dirty had another
woman’s story, another round of sex texts, and another picture of Mr.
Weiner’s penis. The startling news was that this new episode apparently
took place last summer, only a few months before Mr. Weiner was to begin
another run at public office. The marital trauma that Mr. Weiner and
his wife, Huma Abedin, had said was behind them was not as far behind as
we thought.
When the first texts were revealed two years ago, Mr. Weiner lied about
it, saying he had been the victim of hackers. Then he owned up,
tearfully abandoned his office and retreated into private life.
Then he
was back, telling the world that therapy and his wife’s forgiveness had
turned him around and that he was ready to begin a new chapter. That
turned out to be the mayor’s race, which he entered in May. What he did
not say then, and what voters did not realize until Tuesday, was that
his resignation had not been the end of his sexual misconduct.
The timing here matters, as it would for any politician who violates the
public’s trust and then asks to have it back. Things are different now,
he insists. “This behavior is behind me,” he said again on Tuesday. He
suggested that people should have known that his sexting was an
unresolved problem well into 2012.
That’s ridiculous and speaks to a familiar but repellent pattern of
misleading and evasion. It’s up to Mr. Weiner if he wants to keep
running, to count on voters to forgive and forget and hand him the keys
to City Hall. But he has already disqualified himself.
It’s difficult not to feel for Ms. Abedin. The couple deserved privacy
as they worked through their problems — and they had it, until they
re-emerged in public life and Mr. Weiner decided he was a good fit to
run New York City. Mr. Weiner and Ms. Abedin have been saying that his
sexual behavior is not the public’s business. Well, it isn’t, until they
make it our business by plunging into a political campaign.
Mr. Weiner says he is staying in the mayoral race. To those who know his
arrogance and have grown tired of the tawdry saga he has dragged the
city into, this is not surprising.
Why is U.S. Sen. Mitch McConnell sitting in the back of the room,
twiddling his thumbs, as the Senate pushes for bipartisan compromise on
difficult issues? When the heat was on last week for an agreement
between the GOP and Democrats to avoid the end of the filibuster,
McConnell was nowhere to be seen–and it was thanks to the Tea Party.
McConnell faces a race for re-election next year and, until
recently, thought he could focus his efforts on the likely Democratic
challenger, Kentucky Secretary of State Alison Lundergan Grimes. On
Tuesday, however, Tea Party member Matt Bevins–an investment adviser who
has never held public office–sent out a media advisory stating
his intention to challenge the incumbent senator in the 2014 primary.
Bevins will be making appearances around Kentucky for the rest of the
week to create visibility for his campaign.
In what must be an ominous sign for McConnell, 15 local tea party
groups appealed to national tea party groups to withdraw endorsements of
the senator that they’ve already made. In a letter, the groups wrote:
Senator McConnell’s Progressive Liberal voting record,
his absolute iron fisted rule over the Republican Party in Kentucky and
his willingness to roll over and cede power to President Obama and the
Liberals in Washington, prove that he is no friend to the American
people or the citizens of the Commonwealth of Kentucky.
Your endorsement undermines the work of the real grassroots Tea Party
organizations all over Kentucky. Had you taken the time to reach out to
us, you would have learned that the Tea Parties in Kentucky do NOT
support Senator McConnell’s campaign.
Uh-oh, McConnell. There’s more. Senator Rand Paul, who has also pledged his support to the minority leader, refused to discourage Bevins from making the challenge by saying:
I’m not giving (Bevin) encouragement or discouragement. It’s a free country and anybody who wants to run, can.
Still, there’s a silver lining to Bevin’s challenge–maybe not for
McConnell, but certainly for the Democratic opposition. The fact that
the Senate’s minority leader has been endorsed by two national TeaParty
groups, TeaParty.net and Tea Party Nation, but not by the local groups,
indicates a split in their movement. In May, Judson Phillips of Tea Party Nation made the case that the movement needs to “grow up” and “pick our fights”, writing on the group’s website:
For those who scream that McConnell isn’t ‘Tea Party’ enough, would you prefer Harry Reid?
So expect McConnell to continue twiddling his thumbs as others–like
John McCain, who is not up for reelection–step in to fill the GOP
leadership gap on issues requiring bipartisan cooperation, like
immigration reform and the budget ceiling. By avoiding any further
erosion of his position as a conservative, McConnell seeks to inoculate
himself from further Tea Party accusations–and opens himself up to
vulnerability from the probable Democratic candidate.
Alison Lundergan Grimes announced
her candidacy on July 1st, hoping to take advantage of both McConnell’s
deep unpopularity and her own status as underdog. In 2011, she won the
office of Secretary of State by first defeating the Democratic incumbent
and then the Republican who had Tea Party backing. She won the most
votes of any Democratic candidate statewide.
After her announcement for the Senate race, Guy Cecil, head of the
Democratic Senatorial Campaign Committee, pointed out a poll showing
that over 60 percent of Kentucky voters disapprove of McConnell’s job
performance. Cecil had this to say about Lundergran Grimes’ prospects:
The Kentucky Senate race is now a toss up. Mitch
McConnell is the most unpopular incumbent in the entire country. He is a
relic of the past and a symbol of everything that is wrong with
Washington. Kentuckians want a change.
McConnell is starting the race with a huge war chest of over $8.6
million. However, Lundergan Grimes comes from a political family with
extensive connections and the possibility of raising large amounts of
cash herself. She lost no time in framing the race from the perspective of a younger, fresher face, saying:
The question never was, is Mitch McConnell vulnerable?
The question never was, does Kentucky deserve a change? The answer to
both of those questions remains and is, yes.
I agree with thousands of Kentuckians that Kentucky is tired of 28
years of obstruction. That Kentucky is tired of someone who has voted
against raising the minimum wage while all the while quadrupling his own
net worth.
So, here’s McConnell’s dilemma: stop the obstructionism and face the
wrath of the Tea Party, or continue with that course and face the wrath
of voters who want to see progress on the issues that most affect their
daily lives.
Whatever the outcome, the nation is already reaping the benefits of
the race: no more Mitch McConnell in their faces until at least after
the primary season is over.
Republicans have given up on the city of Detroit, they want to wipe the slate
clean and start privatizing city assets, and in the process, city workers are in
danger of losing their pensions.
Ed Schultz outlines his four step plan to save Detroit. Lansing,
Michigan Mayor Virg Bernero and Michael Eric Dyson join Ed to discuss.
Much like airplanes, more and more cars have black boxes to help determine
details of crashes, and the National Highway Safety Administration would like all cars to have them by 2014.
The boxes have long been used by car companies to
assess the performance of their vehicles. But data stored in the devices is
increasingly being used to identify safety problems in cars and as evidence in
traffic accidents and criminal cases. And the trove of data inside the boxes has
raised privacy concerns, including questions about who owns the information, and
what it can be used for, even as critics have raised questions about its
reliability.
To federal regulators, law enforcement
authorities and insurance companies, the data is an indispensable tool to
investigate crashes.
Bill Maher bemoaned the resurgence of the "smart stupid person" during his New Rules segment on Real Time
this Friday evening. After explaining that this is nothing new, Maher
ran down the recent list which includes the like of Dr. Ben Carson, who
is a brilliant surgeon, but also believes the earth is 6000 years old, likened homosexuality to bestiality and said the Bible calls for a flat tax.
And then there's Antonin Scalia, Ted Cruz and Bobby Jindal, who are
all, as Maher described them, accomplished scholars on the outside, and a
creamy layer of Michele Bachmann on the inside.
Maher wrapped things up by going after the "know-nothing" doctors like Scott DesJarlais, Paul Broun
and Tom Coburn, who as Maher noted, are OBGYN's but "know nothing about
reproduction."
He wasn't through with the list of wingnut OBGYN's yet
though. He went on to go after Ron Paul, Michael Burgess, and last but not least, Phil Gingrey.
MAHER: Let's ask the more important question. Why are we
electing so many gynecologists to Congress? If having your head between a
woman's legs is a qualification for public office, then why not
Congressman Michael Douglas?
I don't think the problem with those clowns is having their heads between women's legs. It's having it up their own posteriors.
