How much do humans herd?

We can measure this.Choosing Ice-Creams: can we measure a lack of uniformity? There are 16 ice-creams at the parlour. If we witness the first 16 customers all choosing vanilla, predicting customer choice 17 is pretty straightforward; not so if those first 16 customers each choose a different flavour. This, in (vanilla) essence, is the problem […]

Another day, another hack.

Here’s a quick reminder for anyone who thinks it won’t happen to them: there are just over 3bn records below (and only 7bn or so of us on this planet).HCK = Hacked (2,200 mm records) LKD = Leaked (60 mm) INS = Inside Job (350 mm) PUB = Accidentally Published (72 mm) SCR = Poor […]

What is your password? A sneak preview.

So what do passwords look like?The short (overly crude) answer: they all look the same. RockYou The 2009 RockYou password database is perhaps the most famous, infamous rather, of breaches. It was substantial (32mm records) but what made it most distinctive, and extensively studied, was that the passwords were stored in cleartext (or plaintext). Let’s […]

What does personal data look like?

When thinking about personal data it can be useful to look to its physical storage on the database to build a good mental map. Give or take, for every account that you have the online provider will have a database record that looks something like that represented below.Companies used to have usernames, but these were […]

Nobody likes passwords…

…so why do they exist?For each of your online accounts there is a record in a database (just like a row in excel) at the company that reads like this: Database Row Email passwordHash Account Id 100 7a2ccf251ecb20b2b84ce0e3c3f72a29 #1000 No self-respecting company ever actually knows or stores your password. It hides that password – […]