Fortnightly Science News Digest - 31/10/12

Our nearest star has a planet: 

I still remember the times when the question of our loneliness in the universe was encircled by puzzling questions on the same train of thought about the solar system and its uniqueness. We saw many stars, as we always did, but no other planets other than the one in the solar system. That made us think we are a "special" one, and being (so far, at least) the only one with life in our solar system made us even more pretentious on being unique. There was no clear answer for why apparently only our sun had planets. There are trillions of sun in a galaxy and trillion of galaxies in the universe. Why didn't we see more planets around us? That made us feel astronomically lonely and misunderstood.

It was no more that two decades ago when the first confirmed planet outside the solar system was discovered. Since then, more than 800 extrasolar planets have been discovered. The planets were there, but our technology wasn't good enough to see them, next to the luminosity of stars, often many orders of magnitude brighter than ours. The science of looking for exoplantes has increasingly become a very hot topic in astronomy. Techniques are becoming finer and astonishingly precise.

This month, it has been announced that even our closest neighbor, Alpha Centauri, just 4.3 light years distant, has a planet. And it is a small and rocky one, even if too close to the star to be habitable and to even host water in liquid form. Nonetheless, it is an amazing discovery. Alpha Centauri - being the closest star - was heavily studied and it was the natural first place to look for another planet. Yet it was never found, because its planet is very close to the star and moving quickly.

This news not only is amazing for sci-fi lovers, for which Alpha Centauri has always been target of the creative fantasy of films and books writers, and still not only from a philosophical point of view, giving hints toward a more planet-populated universe, but also for scientists. The technique to make the discovery certain had to deal with measurements with precisions on the scales of half-a-meter per second. That is slower than walking speed. And remember that those measurements are from a source 40 millions of millions kilometers away from us.

From the uncertainty of having other planets at all in the universe to the certainty of having one on our closest star, it only took twenty years. How long will it take to discover the first one in the habitable zone and with life on it?


Dinosaur feathers 'developed for courtship'

Stunning nine gigapixel image is most detailed ever of our own galaxy

5 Passwords you should never pick

I wanted to write a post about which passwords are best and how to find a strategy to pick up a good password.
Then I realized that it would be pointless, as at the same moment you tell a strategy to form a good password, it becomes an information manual for crackers and might be implemented in bruteforce methods.

What I will tell you is what are the 5 passwords you should NEVER pick.

1. password, 123456, qwerty and hunter2.

The first two are between the most used passwords of all time. There have been many passwords leaks and the Yahoo leak which was storing unencrypted passwords and usernames (foolish, I know) made possible interesting statistics: on 450,000 passwords leaked, an astonishing 0.38% was 123456 and 0.18% was password. Figure why those are the first passwords a cracker would check.

2. Vocabulary words.

Bruteforcers have already implemented methods to quickly spot those words. Even a random, only-letter 3 characters word would be safer than a vocabulary word.

3. Passwords without numbers.

Using numbers increases the possible characters used from 26 to 36, which becomes hugely significant if combined with a long password.

4. Passwords without capitals.

Using capitals doubles the possible combinations of characters, so from 26 possible permutation we would have 56, which combined with numbers would give 66. Symbols might be used as well to give extra security for smaller words, but many websites do not accept symbols in passwords.

5. L33t speak.

Crackers already know leet speak (even before normal users). They are already used to bruteforce passwords. If you don't know what it is, it is a technique to exchange letters with numbers which look like letters:

O -> 0
I -> 1
Z -> 2
E -> 3
A -> 4
S -> 5
G -> 6
T -> 7
B -> 8

This methods bypasses the vocabulary word check and potentially makes a good encryption, but it has become too popular.

This is the reason for which it is not good to tell encryption methods to form passwords. They will be used in the future generations of bruteforce software. It is much safer to create your own encryption.


Still, I can tell you a common good method which will not spoil much to crackers:

use mnemonics!

Transforming a sentence only known to you into letters and numbers will be as good as a totally random sequence of characters and numbers. For example: 

I hate to wake up at 8 o'clock every Monday

will become:

Ihtwua8o'ceM

which will give ~79 bits of entropy, which is safe enough. It might seem hard to memorize but it's very easy to retrieve if you forget it and as safe as it can get. It would be one of 5.4036 x 10^23 possibilities and would take 1.7135 x 10^13 Years to discover with 1000 checks per second.

Even if this is an excellent method enough (the only problem occurs if someone manages to guess your initial sentence, which completely destroys the safety of this method, but if you did not pick up something common as the first lines of a popular song or poem, it will be safe enough) there are many other ways to create passwords which are easy to remember and require one (or more) encryption methods as the one used above. I will let you have fun with finding your own method.

But why using encryption?

It is a good method to have easy-to-remember but difficult-to-guess passwords. Of course the encryption method must be only known to you and should be memorable enough.

Another good suggestion would be not to use the same passwords for many websites. This is because some websites might not care to store passwords safely (even Yahoo, as we have seen before) and a leak will give your ultra-safe and encrypted password away, which you also accidentally use for your internet banking. Surveys say that around 60% of people use the same password for every service.

There are, of course, also methods to encrypt a memorable password for different websites and then have a set of different passwords with only one encryption method to remember. I will leave you the fun to find a good one.

Now, quickly go to change your password!

Fortnightly Science News Digest - 15/10/12

Skydiver breaks sound barrier:

it was a quite spectacular event, the one set up and performed by Felix Baumgartner, Austrian skydiver that pushed his passion a bit too far: farther than any of his colleagues before him, to be precise.

On 14 October, he jumped from a helium balloon at the height of  39,045m (breaking a world record) and reached the free-fall speed of 1,342.8km/h (breaking another world record).

With nothing on apart from his parachute and suit (which served a similar purpose to an astronaut suit), he fell freely for 93% of his 39km trip. It took less to fall for 36km (4'20") than to reach land with his parachute for 3km (4'43").

The skydiver claims he did the dive to collect scientific data on developments of high-altitude parachutes, but the event shook everyone for its spectacular altitudes.

It is fair to underline that the view from the stratosphere is not as fantastic as the one from the ISS. It is easy to be tricked by the high curvature of Earth in the pictures. Those are "fish-eye lens" picture which are distorted to include angles which would be otherwise left out. Nonetheless impressive, the height from which he jumped was still relatively very close to Earth, being only 0.6% of Earth's radius. At that height just a glimpse of curvature can be caught with perfect visibility.

In this picture, the height from which Felix jumped is exactly one pixel. I drew it on top, it might be visible with some zoom. This should give a good sense of the scales involved.

Physics Nobel goes to Serge Haroche and David Wineland

Planet with four suns discovered