A popular factoid used to illustrate the leaps forward taken by computers is that the processor used by Nasa for the moon landing was several orders of magnitude less powerful than the one in the cheapest mobile phone you can now buy in the UAE.
It's a throwaway quote designed to provoke a wry smile, but what was taxing a group of IT insiders who met in Abu Dhabi last month was that for all the advances in hardware, networks remain vulnerable because they all rely on a piece of software that missed out on that stratospheric pace of development: Human Nature version 1.0.
Nowhere is this better illustrated than in password selection. If the moon landing phone comparison illustrates hardware's evolution, passwords provide cogent proof that people have, in computing terms, barely gained opposable thumbs.
When the professional networking site LinkedIn.com was hacked a few months ago, it revealed a statistically robust sample of what passwords users chose for a serious website.
And the top three? Link, 1234 and work.
This is a generation after the use of passwords became routine and more than a decade after anyone with a pulse knows that cybernasties troll the internet looking for any weaknesses they can exploit.
Defending networks - be they government or corporate - was the purpose of the seminar in Abu Dhabi, where the speakers included John Nolan, a vice president of Mi-Token, a tech company that claims to obviate the vulnerability caused by Human Nature version 1.0.
"The issue is we're dealing with humans," he said.
"They haven't changed in the last 25 years and they're not going to change in the next 25 years.
"You all invest heavily in infrastructure to protect your organisation … but the weakest link is people. Their weakest link is the likelihood to use small, weak passwords.
"It doesn't matter what the policy is - they will take the line of least resistance."
Passwords weren't really needed 25 years ago because few people encountered computers in daily life.
This was 1987, Microsoft released Windows 2.0 and Apple unveiled the Macintosh SE, with the breakthrough ability to take two 3.5-inch floppy disks. (For the benefit of anyone under 35, this was when floppy disks had stopped being floppy. For the benefit of those under 25, floppy disks are like the unholy union of a flash drive and a drinks coaster.)
It wasn't just the computers and their ubiquity in modern life that changed. So too did the profile of hackers, which went from individuals who were after the thrill of bringing down a site to organised groups seeking either political or financial gain.
One of the organisers of the seminar, HelpAG's Nicolai Solling, said one corporate reaction was to mandate less hackable passwords by making them longer, including non-alphanumeric characters, and avoiding real words.
But Human Nature version 1.0 was not up to that challenge.
"The problem with [longer] passwords is either we record it in our brain - that's good - or we write it on a piece of paper, which makes it vulnerable," he explained.
And it's fair to say most of the sysadmins - systems administrators, or network overlords to you and me - listening to Solling nodded their heads at that.
Among them was Nolan. The higher up the management structure, he said, the more likely there will be a password-recovery request.
Even worse was using the same password across multiple uses. If you hack into Sony's website, there's an excellent chance that the password John Doe used there is the same one he used for his banking.
Beyond just the network vulnerabilities exposed by human nature, password selection is like the cyber equivalent of the Rorschach ink blot test, providing a glimpse into the human soul.
That goes well beyond just the sysadmin tormenting tendency towards laziness.
Passwords commonly reflect what each person deems important, and hackers have learnt to place highly in the rank of attempted passwords - the "password dictionary" utilised by hackers - examples like "god", "angel" or any word associated with the focus of the website, which is why "link" and "work" were such poor choices for LinkedIn members' passwords.
Troy Hunt, a software engineer specialising in security at Microsoft, penned a treatise on what he dubbed "the science of password selection" after millions of passwords were hacked from the Sony PlayStation network last year.
He compared the passwords against three databases: 26,000 commonly used first and last names, 26,000 names of places, cities and countries; and 190,000 words found in the average dictionary.
"The results were alarming; passwords were relatively short (usually six to 10 characters), simple (less than one per cent had a non-alphanumeric character) and predictable (more than a third were in a common password dictionary)," he stated.
"We now know that, structurally, passwords almost always adhere to what we would consider 'bad practices', but how are these passwords derived in the first place? What's the personal significance that causes someone to choose a particular password?
"It turns out there are some very recognisable patterns in the data. In fact the vast majority of passwords adhere to just a small handful of common selection practices. This is interesting research in that it begins to give a bit of insight into the thought process of the individuals who create passwords which conform to weak structural guidelines."
About 14 per cent of passwords involved commonly used names, usually not their own but of a spouse or pet. The more common the name, the more likely it was used, with the top three being Maggie, Michael and Jennifer.
More than half were just the name. Include the addition of numbers - "very, very frequently just a 1" - and you have an immediate shortlist for the passwords of about one in eight users.
Add in place names and you have another eight per cent of passwords, two-thirds of which are unbolstered by numbers or other symbols. As with people's names, overwhelmingly the only number used was "1" as a suffix.
Another one quarter of all passwords used a word found in the dictionary. "Top among the dictionary favourites are: password (oh dear), monkey and dragon," Hunt noted.
"The first one probably shouldn't be such a surprise but still, wow! My password source of several hundred thousand accounts had nearly 2,500 'password' passwords, which is not only a pretty poor choice, given it's clearly available in a dictionary, it's also an insanely obvious one."
Another 14 per cent of passwords are strings of numbers, with the top three being 123456, 12345678 and 123456789. For four-digit passwords comprising only of numerals, 1234 was used 10 times as frequently as any other combination. In The X Files, Fox Mulder's password was "trustno1". And when Hunt looked at the list of short phrases used as passwords, the most popular one was … yep.
Hunt's point is that with just a dictionary, an atlas and a phone book, hackers have the basis for 60 per cent of all passwords.
Of the relatively common passwords that were among the 31 per cent that did not fit into a pattern Hunt could identify, many came from popular culture and - more tellingly - were in hackers' password dictionaries.
"Typical examples include 'thx1138' (turns out this is a movie from 40 years back), 'gundam' (actually an anime series), and 'ncc1701' (the code name for the USS Enterprise in Star Trek)," he added.
"So there's a whole range of passwords out there which while they won't be picked up by any of the patterns discussed above, do in fact relate to popular culture. This is a fairly obvious source of inspiration, although one that's difficult to define in a set word list.
"Then of course, there are simply passwords which don't adhere to any discoverable pattern, for example 'mw818283' (although interestingly, a Google search does show this up in an online password dictionary). The thing is, though, these fall into the minority, and even if they are 'strong' (long, random, unique), they're now commonly available in password dictionaries to be used in future brute force attacks.
"Because my entire password database has come from compromised sites which are now readily available online, the reality is that none of these passwords should be used again. Ever."
When sysadmins lie awake at night, it's examples like this of Human Nature version 1.0 at work to blame.
John Henzell is a senior features writer for The National.
The specs
Engine: 2.7-litre 4-cylinder Turbomax
Power: 310hp
Torque: 583Nm
Transmission: 8-speed automatic
Price: From Dh192,500
On sale: Now
Results
Ashraf Ghani 50.64 per cent
Abdullah Abdullah 39.52 per cent
Gulbuddin Hekmatyar 3.85 per cent
Rahmatullah Nabil 1.8 per cent
Company%20Profile
%3Cp%3E%3Cstrong%3EName%3A%3C%2Fstrong%3E%20Ovasave%3Cbr%3E%3Cstrong%3EStarted%3A%3C%2Fstrong%3E%20November%202022%3Cbr%3E%3Cstrong%3EFounders%3A%3C%2Fstrong%3E%20Majd%20Abu%20Zant%20and%20Torkia%20Mahloul%3Cbr%3E%3Cstrong%3EBased%3A%3C%2Fstrong%3E%20Abu%20Dhabi%3Cbr%3E%3Cstrong%3ESector%3A%3C%2Fstrong%3E%20Healthtech%3Cbr%3E%3Cstrong%3ENumber%20of%20staff%3A%3C%2Fstrong%3E%20Three%20employees%3Cbr%3E%3Cstrong%3EInvestment%20stage%3A%3C%2Fstrong%3E%20Pre-seed%3Cbr%3E%3Cstrong%3EInvestment%3A%3C%2Fstrong%3E%20%24400%2C000%3C%2Fp%3E%0A
TRAP
Starring: Josh Hartnett, Saleka Shyamalan, Ariel Donaghue
Director: M Night Shyamalan
Rating: 3/5
'Morbius'
Director: Daniel Espinosa
Stars: Jared Leto, Matt Smith, Adria Arjona
Rating: 2/5
Teenage%20Mutant%20Ninja%20Turtles%3A%20Shredder's%20Revenge
%3Cp%3E%3Cstrong%3EDeveloper%3A%20%3C%2Fstrong%3ETribute%20Games%3Cbr%3E%3Cstrong%3EPublisher%3A%3C%2Fstrong%3E%20Dotemu%3Cbr%3E%3Cstrong%3EConsoles%3A%20%3C%2Fstrong%3ENintendo%20Switch%2C%20PlayStation%204%26amp%3B5%2C%20PC%20and%20Xbox%20One%3Cbr%3E%3Cstrong%3ERating%3A%3C%2Fstrong%3E%204%2F5%3C%2Fp%3E%0A
I Care A Lot
Directed by: J Blakeson
Starring: Rosamund Pike, Peter Dinklage
3/5 stars
MATCH INFO
Liverpool 0
Stoke City 0
Man of the Match: Erik Pieters (Stoke)
Profile box
Company name: baraka
Started: July 2020
Founders: Feras Jalbout and Kunal Taneja
Based: Dubai and Bahrain
Sector: FinTech
Initial investment: $150,000
Current staff: 12
Stage: Pre-seed capital raising of $1 million
Investors: Class 5 Global, FJ Labs, IMO Ventures, The Community Fund, VentureSouq, Fox Ventures, Dr Abdulla Elyas (private investment)
Company%20Profile
%3Cp%3E%3Cstrong%3ECompany%20name%3A%20%3C%2Fstrong%3ENamara%0D%3Cbr%3E%3Cstrong%3EStarted%3A%20%3C%2Fstrong%3EJune%202022%0D%3Cbr%3E%3Cstrong%3EFounder%3A%20%3C%2Fstrong%3EMohammed%20Alnamara%0D%3Cbr%3E%3Cstrong%3EBased%3A%20%3C%2Fstrong%3EDubai%20%0D%3Cbr%3E%3Cstrong%3ESector%3A%20%3C%2Fstrong%3EMicrofinance%0D%3Cbr%3E%3Cstrong%3ECurrent%20number%20of%20staff%3A%20%3C%2Fstrong%3E16%0D%3Cbr%3E%3Cstrong%3EInvestment%20stage%3A%20%3C%2Fstrong%3ESeries%20A%0D%3Cbr%3E%3Cstrong%3EInvestors%3A%20%3C%2Fstrong%3EFamily%20offices%0D%3Cbr%3E%3C%2Fp%3E%0A
SPEC%20SHEET%3A%20APPLE%20M3%20MACBOOK%20AIR%20(13%22)
%3Cp%3E%3Cstrong%3EProcessor%3A%3C%2Fstrong%3E%20Apple%20M3%2C%208-core%20CPU%2C%20up%20to%2010-core%20CPU%2C%2016-core%20Neural%20Engine%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EDisplay%3A%3C%2Fstrong%3E%2013.6-inch%20Liquid%20Retina%2C%202560%20x%201664%2C%20224ppi%2C%20500%20nits%2C%20True%20Tone%2C%20wide%20colour%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EMemory%3A%3C%2Fstrong%3E%208%2F16%2F24GB%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EStorage%3A%3C%2Fstrong%3E%20256%2F512GB%20%2F%201%2F2TB%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EI%2FO%3A%3C%2Fstrong%3E%20Thunderbolt%203%2FUSB-4%20(2)%2C%203.5mm%20audio%2C%20Touch%20ID%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EConnectivity%3A%3C%2Fstrong%3E%20Wi-Fi%206E%2C%20Bluetooth%205.3%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EBattery%3A%3C%2Fstrong%3E%2052.6Wh%20lithium-polymer%2C%20up%20to%2018%20hours%2C%20MagSafe%20charging%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3ECamera%3A%3C%2Fstrong%3E%201080p%20FaceTime%20HD%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EVideo%3A%3C%2Fstrong%3E%20Support%20for%20Apple%20ProRes%2C%20HDR%20with%20Dolby%20Vision%2C%20HDR10%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EAudio%3A%3C%2Fstrong%3E%204-speaker%20system%2C%20wide%20stereo%2C%20support%20for%20Dolby%20Atmos%2C%20Spatial%20Audio%20and%20dynamic%20head%20tracking%20(with%20AirPods)%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EColours%3A%3C%2Fstrong%3E%20Midnight%2C%20silver%2C%20space%20grey%2C%20starlight%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EIn%20the%20box%3A%3C%2Fstrong%3E%20MacBook%20Air%2C%2030W%2F35W%20dual-port%2F70w%20power%20adapter%2C%20USB-C-to-MagSafe%20cable%2C%202%20Apple%20stickers%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EPrice%3A%3C%2Fstrong%3E%20From%20Dh4%2C599%3C%2Fp%3E%0A
THE SPECS
Engine: 1.5-litre turbocharged four-cylinder
Transmission: Constant Variable (CVT)
Power: 141bhp
Torque: 250Nm
Price: Dh64,500
On sale: Now
Libya's Gold
UN Panel of Experts found regime secretly sold a fifth of the country's gold reserves.
The panel’s 2017 report followed a trail to West Africa where large sums of cash and gold were hidden by Abdullah Al Senussi, Qaddafi’s former intelligence chief, in 2011.
Cases filled with cash that was said to amount to $560m in 100 dollar notes, that was kept by a group of Libyans in Ouagadougou, Burkina Faso.
A second stash was said to have been held in Accra, Ghana, inside boxes at the local offices of an international human rights organisation based in France.
FROM%20THE%20ASHES
%3Cp%3EDirector%3A%20Khalid%20Fahad%3C%2Fp%3E%0A%3Cp%3EStarring%3A%20Shaima%20Al%20Tayeb%2C%20Wafa%20Muhamad%2C%20Hamss%20Bandar%3C%2Fp%3E%0A%3Cp%3ERating%3A%203%2F5%3C%2Fp%3E%0A
Naga
%3Cp%3E%3Cstrong%3EDirector%3A%C2%A0%3C%2Fstrong%3EMeshal%20Al%20Jaser%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EStarring%3A%C2%A0%3C%2Fstrong%3EAdwa%20Bader%2C%20Yazeed%20Almajyul%2C%20Khalid%20Bin%20Shaddad%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3ERating%3A%20%3C%2Fstrong%3E4%2F5%3C%2Fp%3E%0A
BORDERLANDS
Starring: Cate Blanchett, Kevin Hart, Jamie Lee Curtis
Director: Eli Roth
Rating: 0/5
In numbers
- Number of children under five will fall from 681 million in 2017 to 401m in 2100
- Over-80s will rise from 141m in 2017 to 866m in 2100
- Nigeria will become the world’s second most populous country with 791m by 2100, behind India
- China will fall dramatically from a peak of 2.4 billion in 2024 to 732 million by 2100
- an average of 2.1 children per woman is required to sustain population growth
THE BIO
Favourite holiday destination: Whenever I have any free time I always go back to see my family in Caltra, Galway, it’s the only place I can properly relax.
Favourite film: The Way, starring Martin Sheen. It’s about the Camino de Santiago walk from France to Spain.
Personal motto: If something’s meant for you it won’t pass you by.
Company%20Profile
%3Cp%3E%3Cstrong%3ECompany%20name%3A%3C%2Fstrong%3E%20Cargoz%3Cbr%3E%3Cstrong%3EDate%20started%3A%3C%2Fstrong%3E%20January%202022%3Cbr%3E%3Cstrong%3EFounders%3A%3C%2Fstrong%3E%20Premlal%20Pullisserry%20and%20Lijo%20Antony%3Cbr%3E%3Cstrong%3EBased%3A%3C%2Fstrong%3E%20Dubai%3Cbr%3E%3Cstrong%3ENumber%20of%20staff%3A%3C%2Fstrong%3E%2030%3Cbr%3E%3Cstrong%3EInvestment%20stage%3A%3C%2Fstrong%3E%20Seed%3C%2Fp%3E%0A
How to protect yourself when air quality drops
Install an air filter in your home.
Close your windows and turn on the AC.
Shower or bath after being outside.
Wear a face mask.
Stay indoors when conditions are particularly poor.
If driving, turn your engine off when stationary.
The specs
Engine: Long-range single or dual motor with 200kW or 400kW battery
Transmission: Single-speed automatic
Max touring range: 620km / 590km
Price: From Dh250,000 (estimated)
The Year Earth Changed
Directed by:Tom Beard
Narrated by: Sir David Attenborough
Stars: 4
SPECS%3A%20Polestar%203
%3Cp%3E%3Cstrong%3EEngine%3A%20%3C%2Fstrong%3ELong-range%20dual%20motor%20with%20400V%20battery%3Cbr%3E%3Cstrong%3EPower%3A%20%3C%2Fstrong%3E360kW%20%2F%20483bhp%3Cbr%3E%3Cstrong%3ETorque%3A%20%3C%2Fstrong%3E840Nm%3Cbr%3E%3Cstrong%3ETransmission%3A%20%3C%2Fstrong%3ESingle-speed%20automatic%3Cbr%3E%3Cstrong%3EMax%20touring%20range%3A%3C%2Fstrong%3E%20628km%3Cbr%3E%3Cstrong%3E0-100km%2Fh%3A%3C%2Fstrong%3E%204.7sec%3Cbr%3E%3Cstrong%3ETop%20speed%3A%3C%2Fstrong%3E%20210kph%20%3Cbr%3E%3Cstrong%3EPrice%3A%20%3C%2Fstrong%3EFrom%20Dh360%2C000%3Cbr%3E%3Cstrong%3EOn%20sale%3A%20%3C%2Fstrong%3ESeptember%3Cbr%3E%3C%2Fp%3E%0A
SPECS
%3Cp%3E%3Cstrong%3EEngine%3A%3C%2Fstrong%3E%20Two-litre%20four-cylinder%20turbo%3Cbr%3E%3Cstrong%3EPower%3A%20%3C%2Fstrong%3E235hp%3Cbr%3E%3Cstrong%3ETorque%3A%20%3C%2Fstrong%3E350Nm%3Cbr%3E%3Cstrong%3ETransmission%3A%3C%2Fstrong%3E%20Nine-speed%20automatic%3Cbr%3E%3Cstrong%3EPrice%3A%20%3C%2Fstrong%3EFrom%20Dh167%2C500%20(%2445%2C000)%3Cbr%3E%3Cstrong%3EOn%20sale%3A%20%3C%2Fstrong%3ENow%3C%2Fp%3E%0A
UAE currency: the story behind the money in your pockets
What is graphene?
Graphene is extracted from graphite and is made up of pure carbon.
It is 200 times more resistant than steel and five times lighter than aluminum.
It conducts electricity better than any other material at room temperature.
It is thought that graphene could boost the useful life of batteries by 10 per cent.
Graphene can also detect cancer cells in the early stages of the disease.
The material was first discovered when Andre Geim and Konstantin Novoselov were 'playing' with graphite at the University of Manchester in 2004.
Mercer, the investment consulting arm of US services company Marsh & McLennan, expects its wealth division to at least double its assets under management (AUM) in the Middle East as wealth in the region continues to grow despite economic headwinds, a company official said.
Mercer Wealth, which globally has $160 billion in AUM, plans to boost its AUM in the region to $2-$3bn in the next 2-3 years from the present $1bn, said Yasir AbuShaban, a Dubai-based principal with Mercer Wealth.
“Within the next two to three years, we are looking at reaching $2 to $3 billion as a conservative estimate and we do see an opportunity to do so,” said Mr AbuShaban.
Mercer does not directly make investments, but allocates clients’ money they have discretion to, to professional asset managers. They also provide advice to clients.
“We have buying power. We can negotiate on their (client’s) behalf with asset managers to provide them lower fees than they otherwise would have to get on their own,” he added.
Mercer Wealth’s clients include sovereign wealth funds, family offices, and insurance companies among others.
From its office in Dubai, Mercer also looks after Africa, India and Turkey, where they also see opportunity for growth.
Wealth creation in Middle East and Africa (MEA) grew 8.5 per cent to $8.1 trillion last year from $7.5tn in 2015, higher than last year’s global average of 6 per cent and the second-highest growth in a region after Asia-Pacific which grew 9.9 per cent, according to consultancy Boston Consulting Group (BCG). In the region, where wealth grew just 1.9 per cent in 2015 compared with 2014, a pickup in oil prices has helped in wealth generation.
BCG is forecasting MEA wealth will rise to $12tn by 2021, growing at an annual average of 8 per cent.
Drivers of wealth generation in the region will be split evenly between new wealth creation and growth of performance of existing assets, according to BCG.
Another general trend in the region is clients’ looking for a comprehensive approach to investing, according to Mr AbuShaban.
“Institutional investors or some of the families are seeing a slowdown in the available capital they have to invest and in that sense they are looking at optimizing the way they manage their portfolios and making sure they are not investing haphazardly and different parts of their investment are working together,” said Mr AbuShaban.
Some clients also have a higher appetite for risk, given the low interest-rate environment that does not provide enough yield for some institutional investors. These clients are keen to invest in illiquid assets, such as private equity and infrastructure.
“What we have seen is a desire for higher returns in what has been a low-return environment specifically in various fixed income or bonds,” he said.
“In this environment, we have seen a de facto increase in the risk that clients are taking in things like illiquid investments, private equity investments, infrastructure and private debt, those kind of investments were higher illiquidity results in incrementally higher returns.”
The Abu Dhabi Investment Authority, one of the largest sovereign wealth funds, said in its 2016 report that has gradually increased its exposure in direct private equity and private credit transactions, mainly in Asian markets and especially in China and India. The authority’s private equity department focused on structured equities owing to “their defensive characteristics.”
COMPANY%20PROFILE%20
%3Cp%3E%3Cstrong%3EName%3A%3C%2Fstrong%3E%20Haltia.ai%0D%3Cbr%3E%3Cstrong%3EStarted%3A%3C%2Fstrong%3E%202023%0D%3Cbr%3E%3Cstrong%3ECo-founders%3A%3C%2Fstrong%3E%20Arto%20Bendiken%20and%20Talal%20Thabet%0D%3Cbr%3E%3Cstrong%3EBased%3A%3C%2Fstrong%3E%20Dubai%2C%20UAE%0D%3Cbr%3E%3Cstrong%3EIndustry%3A%3C%2Fstrong%3E%20AI%0D%3Cbr%3E%3Cstrong%3ENumber%20of%20employees%3A%3C%2Fstrong%3E%2041%0D%3Cbr%3E%3Cstrong%3EFunding%3A%3C%2Fstrong%3E%20About%20%241.7%20million%0D%3Cbr%3E%3Cstrong%3EInvestors%3A%3C%2Fstrong%3E%20Self%2C%20family%20and%20friends%26nbsp%3B%3C%2Fp%3E%0A
