by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
GCN : January 2014
[BrieFing] 10 GCN JANUARY 2014 • GCN.COM Passwords remain the primary means for online authentication and must be protected when stored on a server. Encryption is an option, but it has an inherent weakness in this application because the server authenticating the password must have the key to decrypt it. An attacker who steals a le of encrypted passwords might also steal the key. Hashing is a better option, espe- cially with the judicious use of salt, according to mathematician Andrew Regenscheid and computer scientist John Kelsey of the National Institute of Standards and Technology's Computer Security Division. Encryption is a two-way function; what is encrypted can be decrypted with the proper key. Hashing, however, is a one-way function that scrambles plain text to produce a unique mes- sage digest. With a properly designed algorithm, there is no way to reverse the hashing process to reveal the origi- nal password. An attacker who steals a le of hashed passwords must then guess the password. Here's how it works: A user enters a password and an ID in a browser and sends it (preferably over a secure link) to the authentication server. The server uses the ID to look up the associated message digest. The password submit- ted by the user is then hashed with the same algorithm, and if the result- ing message digest matches the one stored on the server, it is authenticated. In this process the server does not store or need to see plain-text pass- words. Stealing hashed les does the attacker little good because the attacker cannot reverse the hashing process. But because people rarely use completely random passwords there is a trick that can be used to help guess the passwords in the le. An attacker can run a collection of a million or so commonly used passwords through a hashing algorithm and get a list --- called a rainbow table --- of associated message digests for these passwords. It is child's play for a computer to com- pare a le of stolen password hashes against a rainbow table. For every match, the table will show the pass- word for that hash. The protection against this is to salt the hash: Add a random number to each password before it is hashed. The resulting message digest is the product of both the password and the salt value and will not match anything on the rainbow table. Of course, the attacker can always try adding random values to common passwords to nd a matching hash, but now the dif culty of guessing the password makes it impractical. The return on investment of such a process is so low that a stolen le of properly hashed and salted passwords is es- sentially worthless. • How hashing (with a pinch of salt) is better than encryption BY WILLIAM JACKSON The Department of Defense manages a huge library of photographs and other media that has been declassi ed. But accessing that information, some of which dates back to World War II, isn't easy to do. That will change within the next ve years as T3Media uses its enterprise-scale video manage- ment platform to bring the entire library online. "By leveraging T3Media's enterprise- scale video management platform and T3 Library Manager product, we're able to open up the DOD archive for a wider range of uses and focus on our mission --- to serve as the of cial DOD visual information records center," said Michael Edrington, director of the Defense Imagery Management Opera- tions Center. DIMOC integrates and synchronizes DOD imagery and centrally manages its visual information media in support of the department and the National Archives and Records Administration. The DOD library comprises over a million photos, videos, audio logs and documents. The variety of me- dia ranges from wartime footage and photographs of personnel and military equipment to World War II audio com- munications and instructional military videos. The plan is to allow authorized users within government to be able to access the archives for free, with all the data safely stored in the cloud. Outside users, such as those working with production companies, will be able to license the footage stored there, pro- viding revenue back to the government. "Under this partnership, designated users within various government departments will be able to login to their T3 Library Manager accounts and search and download current and historic DOD multimedia with just a few clicks," said Frank Cardello, general manager, platform services at T3Media. "In addition to providing the government with enhanced access to the archive, we are looking forward to sharing DOD videos, photographs, and audio with the global production community." • DOD wants you --- to browse its visual library BY JOHN BREEDEN II