Welcome the 25 worst passwords of 2012

SplashData, which makes password management applications, has released its annual “Worst Passwords” list compiled from common passwords that are posted by hackers. The top three — “password,” “123456,” and “12345678″ — have not changed since last year. New ones include “jesus,” “ninja,” “mustang,” “password1,” and “welcome.” Other passwords have moved up and down on the list.

The most surprising addition is probably “welcome.”

“That means people are not even changing default passwords,” CEO Morgan Slain told TIME Tech. “It doesn’t take that much time to make a new password.”


Here’s the full list:

1. password

2, 123456

3. 12345678

4. abc123

5. qwerty

6. monkey

7. letmein

8. dragon

9. 111111

10. baseball

11. iloveyou

12. trustno1

13. 1234567

14. sunshine

15. master

16. 123123

17. welcome

18. shadow

19. ashley

20. football

21. jesus

22. michael

23. ninja

24. mustang

25. password1

Forbes World’s Most Innovative Companies


Forbes just publish its list of the World’s Most Innovative Companies



Rank Company Country 12-Month Sales Growth (%) 5-Year Annualized Total Return (%) Innovation Premium* (%)
1 Salesforce.com


United States 37.7 29.7 73.0
2 Alexion Pharmaceuticals

Alexion Pharmaceuticals

United States 46.5 47.6 72.3
3 Amazon.com


United States 34.9 26.3 58.3
4 Red Hat

Red Hat

United States 22.6 23.9 58.1
5 Baidu


China 73.9 50.0 57.6
6 Intuitive Surgical

Intuitive Surgical

United States 27.6 20.8 54.0
7 Rakuten


Japan 18.3 25.8 51.5
8 Edwards Lifesciences

Edwards Lifesciences

United States 13.1 33.7 46.9
9 Larsen & Toubro

Larsen & Toubro

India 19.0 -0.5 46.1
10 ARM Holdings

ARM Holdings

United Kingdom 16.9 27.3 45.4

2012 Big Data Forecasts and Market Estimates

Forbes recently post a great analysis about 2012’s Big Data Forecasts and Market Estimates



The potential of big data to bring insights and intelligence into enterprises is a strong motivator, where managers are constantly looking for the competitive edge to win in their chosen  markets.  With so much potential to provide enterprises with enhanced analytics, insights and intelligence, it is understandable why this area has such high expectations – and hype – associated with it.

Given the potential big data has to reorder an enterprise and make it more competitive and profitable, it’s understandable why there are so many forecasts and market analyses being done today.  The following is a roundup of the latest big data forecasts and market estimates recently published:

  • As of last month, Gartner had received 12,000 searches over the last twelve months for the term “big data” with the pace increasing.
  • In Hype Cycle for Big Data, 2012, Gartner states that Column-Store DBMS, Cloud Computing, In-Memory Database Management Systems will be the three most transformational technologies in the next five years.  Gartner goes on to predict that Complex Event Processing, Content Analytics, Context-Enriched Services, Hybrid Cloud Computing, Information Capabilities Framework and Telematics round out the technologies the research firm considers transformational.  The Hype Cycle for Big Data is shown below:

  • Predictive modeling is gaining momentum with property and casualty (P&C) companies who are using them to support claims analysis, CRM, risk management, pricing and actuarial workflows, quoting, and underwriting. Web-based quoting systems and pricing optimization strategies are benefiting from investments in predictive modeling as well.   The Priority Matrix for Big Data, 2012 is shown below:

  •  Social content is the fastest growing category of new content in the enterprise and will eventually attain 20% market penetration.   Gartner defines social content as unstructured data created, edited and published on corporate blogs, communication and collaboration platforms, in addition to external platforms including Facebook, LinkedIn, Twitter, YouTube and a myriad of others.
  • Gartner reports that 45% as sales management teams identify sales analytics as a priority to help them understand sales performance, market conditions and opportunities.


  • Over 80% of Web Analytics solutions are delivered via Software-as-a-Service (SaaS).  Gartner goes on to estimate that over 90% of the total available market for Web Analytics are already using some form of tools and thatGoogle reported 10 million registrations for Google Analytics alone.  Google also reports 200,000 active users of their free Analytics application.  Gartner also states that the majority of the customers for these systems use two or more Web analytics applications, and less than 50% use the advanced functions including data warehousing, advanced reporting and higher-end customer segmentation features.


  • In the report Market Trends: Big Data Opportunities in Vertical Industries, the following heat map by industry shows that from a volume of data perspective, Banking and Securities, Communications, Media and Services, Government, and Manufacturing and Natural Resources have the greatest potential opportunity for Big Data.



  • Big data: The next frontier for innovation, competition, and productivity is available for download from the McKinsey Global Institute for free.  This is 156 page document authored by McKinsey researchers is excellent.  While it was published last year (June, 2011), if you’re following big data, download a copy as much of the research is still relevant.  McKinsey includes extensive analysis of how big data can deliver value in manufacturing value chains for example, which is shown below:

Prediction on Big Data acquisitions come true

Follow up on our 2011 prediction, One single NoSQL prediction for 2012 , the consolidation’s prediction already come true.

2012 started with a big wave of big data acquisitions.With the third quarter of 2012 not even halfway through, we’ve seen unprecedented big data purchases already this year.

Log Insight

The buzz for the last week has been about VMware’s latest big data acquisition of Log Insight. This makes them a veritable juggernaut in the field of real-time data analysis, following as it does VMware’s recent purchase of Nicira for $1.2 billion.

In a blog statement by Log Insight’s Spiros Xanthos, he states of the acquisition, “We anticipate that the potential of the Log Insight technology will be maximized through this acquisition. VMware is ideally positioned in the middle of two of the most important shifts in IT in the recent years, virtualization and Cloud Computing.”


IBM, that most familiar name in computing, is making strides in big data these days. In April of this year, IBM acquired enterprise search optimizer Vivisimo. In May they picked up Varicent, a data analytics company that provides comprehensive data throughout finance, sales, human resources and operations. Varicent’s customer base includes Starwood Hotels, Manpower, Hertz and Office Depot. Most recently, in June, IBM finalized their acquisition of Tea Leaf, a leader in customer behavior analysis.


In May, Cisco finalized their acquisition of Truviso. In Cisco’s blog announcement of intent to purchase, Hilton Romanski wrote, “Truviso’s continuous query technology allows companies to get detailed information and visibility of network use and services in real-time, with its analyze-first, store-later capability.”


Jive Software purchased Proximal in April in an effort to analyze social networks. Proximal’s ability to mine the happenings on Twitter and get that information out to potentially interested parties means real-time consumer targeting. It was a comprehensive acquisition that will see the Proximal team moved to Palo Alto and completely folded into Jive’s workings. In his blog post, Brian Roddy explained, “The Proximal technology will be immediately leveraged in multiple areas of the Jive product, including supercharging our recommender, analytics, search and the Jive Social Media Engagement.”


Social media powerhouse and Wall Street disaster Facebook acquired Instagram for $1 billion in April of this year. What appears to the user as merely a photo sharing service is in fact a potential goldmine for Facebook. Their already overarching ability to track users’ every moves means that a person uploading a photo to Facebook from a mobile device can be tracked, their location pinpointed, and interest-specific ads placed on the margins of their Facebook page.

"Flame" one of the most complex threats ever discovered

A complex targeted cyber-attack that collected private data from countries such as Israel and Iran has been uncovered, researchers have said.

Russian security firm Kaspersky Labs told the BBC they believed the malware, known as Flame, had been operating since August 2010.

The company said it believed the attack was state-sponsored, but could not be sure of its exact origins.

They described Flame as “one of the most complex threats ever discovered”.

Research into the attack was carried out in conjunction with the UN’s International Telecommunication Union.

They had been investigating another malware threat, known as Wiper, which was reportedly deleting data on machines in western Asia.

In the past, targeted malware – such as Stuxnet – has targeted nuclear infrastructure in Iran.

Others like Duqu have sought to infiltrate networks in order to steal data.

This new threat appears not to cause physical damage, but to collect huge amounts of sensitive information, said Kaspersky’s chief malware expert Vitaly Kamluk.

“Once a system is infected, Flame begins a complex set of operations, including sniffing the network traffic, taking screenshots, recording audio conversations, intercepting the keyboard, and so on,” he said.

More than 600 specific targets were hit, Mr Kamluk said, ranging from individuals, businesses, academic institutions and government systems.

Iran’s National Computer Emergency Response Team posted a security alert stating that it believed Flame was responsible for “recent incidents of mass data loss” in the country.

The malware code itself is 20MB in size – making it some 20 times larger than the Stuxnet virus. The researchers said it could take several years to analyse.

Iran and Israel

Mr Kamluk said the size and sophistication of Flame suggested it was not the work of independent cybercriminals, and more likely to be government-backed.

He explained: “Currently there are three known classes of players who develop malware and spyware: hacktivists, cybercriminals and nation states.

“Flame is not designed to steal money from bank accounts. It is also different from rather simple hack tools and malware used by the hacktivists. So by excluding cybercriminals and hacktivists, we come to conclusion that it most likely belongs to the third group.”

Among the countries affected by the attack are Iran, Israel, Sudan, Syria, Lebanon, Saudi Arabia and Egypt.

“The geography of the targets and also the complexity of the threat leaves no doubt about it being a nation-state that sponsored the research that went into it,” Mr Kamluk said.

The malware is capable of recording audio via a microphone, before compressing it and sending it back to the attacker.

It is also able to take screenshots of on-screen activity, automatically detecting when “interesting” programs – such as email or instant messaging – were open.

‘Industrial vacuum cleaner’

Kaspersky’s first recorded instance of Flame is in August 2010, although it said it is highly likely to have been operating earlier.

Prof Alan Woodward, from the Department of Computing at the University of Surrey said the attack is very significant.

“This is basically an industrial vacuum cleaner for sensitive information,” he told the BBC.

He explained that unlike Stuxnet, which was designed with one specific task in mind, Flame was much more sophisticated.

“Whereas Stuxnet just had one purpose in life, Flame is a toolkit, so they can go after just about everything they can get their hands on.”

Once the initial Flame malware has infected a machine, additional modules can be added to perform specific tasks – almost in the same manner as adding apps to a smartphone.


By Dave Lee


Bitcoinica hacked close to $100k USD stolen

Bitcoinica has been shutdown until further notice, following a theft of 18,000 BTC.News of the hack was posted this morning by Bitcoinica’s founder, Zhoutong:

“Today, we have discovered a suspicious Bitcoin transaction that doesn’t seem to be initiated by any one of the company owners. Some of them are not online at the moment so this is not conclusive.

Suspicious transaction:

“account” : “”,
“address” : “182tGyiczhXSSCTciVujNRkkMw1zQxUVhp”,
“category” : “send”,
“amount” : -18547.66867623,
“fee” : 0.00000000,
“blockhash” : “00000000000003f6bfd3e2fcbf76091853b28be234b5473a67f89b9d5bee019c”,
“blockindex” : 1,
“txid” : “7a22917744aa9ed740faf3068a2f895424ed816ed1a04012b47df7a493f056e8″,
“time” : 1336738723

We have contacted Rackspace to suspend all our servers and lock down our accounts. All your trading and financial data is safe (as far as I know), apart from the Bitcoin loss. Thank you for your patience and understanding while we investigate this issue in detail.”

And in a follow-up post:

“Our data is kept inact. Any order placed before the shutdown will still be valid. However, no order execution will happen (no zhoutonging either).
If the market moves significantly, we will come up with a proposal to compensate disadvantaged customers once the investigation is complete.”

Bitcoinica was also the victim of a 43,000 BTC ($215,000 USD) heist back on March 1st.

It will be interesting to see how the market is affected by the inability of traders to take leveraged positions in either direction. Also, you should not surf to Bitcoinica.com, as the site has been redirected to a porn site.

Hack.lu 2012 8th edition

Call for Papers for hack.lu 2012 is now out! – You can register and submit your paper via the CFP website.

Hack.lu is an open convention /conference where people can discuss about computer security, privacy, information technology and its cultural/technical implication on society. The aim of the convention…


The conference will take place in Luxembourg (that’s the 8th edition) the 23-25 October 2012 and everyone is welcome to submit a talk/paper to the conference on interesting security topics.



Couchbase Survey Shows Accelerated Adoption of NoSQL in 2012

Couchbase today announced the results of an industry survey conducted in December that shows growing adoption of NoSQL in 2012. According to the survey, the majority of the more than 1,300 respondents will fund NoSQL projects in the coming year, saying the technology is becoming more important or critical to their company’s daily operations. Respondents also indicated that the lack of flexibility/rigid schemas associated with relational technology was a primary driver toward NoSQL adoption.

You can read the result of the survey here as well as some surprises in the survey at this page

NoSQL 2012 Survey Highlights

Key data points from the Couchbase NoSQL survey include:

  • Nearly half of the more than 1,300 respondents indicated they have funded NoSQL projects in the first half of this year. In companies with more than 250 developers, nearly 70% will fund NoSQL projects over the course of 2012.
  • 49% cited rigid schemas as the primary driver for their migration from relational to NoSQL database technology. Lack of scalability and high latency/low performance also ranked highly among the reasons given for migrating to NoSQL  (see chart below for more details).
  • 40% overall say that NoSQL is very important or critical to their daily operations, with another 37% indicating it is becoming more important.



Surprises from the Survey

Language mix. A common theme in the results was what one could interpret as the “mainstreaming” of NoSQL database technology. The languages being used to build applications atop NoSQL database technology, while they include a variety of more progressive choices, are dominated by the mundane: Java and C#. And while we’ve had a lot of anecdotal interest in a pure C driver for Couchbase (which we now have, by the way), only 2.1% of the respondents indicated it was the “most widely used” language for application development in their environment, behind Java, C#, PHP, Ruby, Python and Perl (in order).

Schema management is the #1 pain driving NoSQL adoption. So I’ll admit that I wasn’t actually surprised by this one, because I’d already been surprised by it earlier. Two years ago if you had asked me what the biggest need we were addressing was, I would have said it was the need for a “scale-out” solution at the data layer versus the “scale-up” nature of the relational model. That users wanted a database that scaled like their application tier – just throw more cheap servers behind a load balancer as capacity needs increase. While that is still clearly important, the survey results confirmed what I’d been hearing (to my initial surprise) from users: the flexibility to store whatever you want in the database and to change your mind, without the requirement to declare or manage a schema, is more important.

One single NoSQL prediction for 2012

Its cheap and easy, and probably safer, one single prediction for the NoSQL markets in 2012.

For sure everyone has been jumping on the big data and nosql trends the last two years. And it was not just the web tech companies so 2012 is gonna  be the year that big data comes to the enterprise.  All of this big data will drive more NoSQL in the cloud, in the enterprise and everywhere in between.  All the companies selling NoSQL solution should get high benefits from this rising adoption.

This growth will bring one single, as obvious as inevitable, prediction for 2012 : consolidation.

In 2012 the NoSQL markets will probably be full of acquisition and if some big players such as Facebook,Google or Oracle Oracle follow their own internal path, some others big name won’t and  then will buy one of the leaders in the market.


Hadoop Twelve Predictions for 2012

The past year was punctuated by significant advancements in Apache Hadoop and increasingly wider adoption of Hadoop technology across the enterprise. Companies are continuing to use Hadoop in exciting new ways to better serve their customers, inform product development and drive operational efficiency like never before. Join Mike Olson, founder and CEO of Cloudera, as he shares his twelve major predictions for Hadoop in 2012. He will also unveil predictions from key industry analysts.

Olson will discuss predictions for:

– Where new opportunities for Hadoop will be found within the enterprise
– How new projects being developed for and on Apache Hadoop will expand data analysis capabilities
– Ways that Apache Hadoop will help companies solve short term and long term business challenges

The  Twelve Predictions for 2012 by  Mike Olson