Researchers solve a less popular subset of Texas Hold’Em, state that the real thing is much harder.

Limit Texas Hold’Em is a variety of poker which is less popular than the standard unlimited Texas Hold’Em. But also easier to solve. Researchers have figured out a program which plays better on average than anyone else. If your definition doesn’t include winning as much money as possible.

Calling it solved means that they accomplished this by basically playing through every single possible game and always choosing the best play, regardless of opponent.

An amusing headline from Slashdot: Researchers “Solve” Texas Hold’Em, Create Perfect Robotic Player. A better rewrite: “Researchers solve a less popular subset of Texas Hold’Em, state that the real thing is much harder.”

How browsers store passwords

RaiderSec has an older article on how major browsers store passwords.

Before anyone pontificates about how terrible of a job these browsers did, I’d like to point out the impossibility of encrypting something when all encryption keys are on disk. Firefox allows you to set a master password, at which point your passwords are stored fairly securely.

Alternately, I use LastPass and highly recommend it. The UI is weird, but once you get used to it, it is quite powerful.

WhatsApp rolls out end-to-end encryption

Open Whisper systems has partnered with WhatsApp to roll out end-to-end encrypted messaging!

I’m tempted to start using this once I hear more confirmation from security experts that it is actually fairly well done.

If you aren’t familiar with encryption, this means that your device encrypts the message before passing it to the receiver. Since this is done at the device level, WhatsApp is unable to decrypt your messages even if they wanted to. This completely foils the NSA’s automated data gathering and many kinds of search warrants. It still allows the government to require that WhatsApp introduce a backdoor, but hopefully they have a canary for that.

Let’s Encrypt: A free and open CA

The EFF strikes again. They are working on an open Certificate Authority which they hope starts to get all websites encrypted by default.

I’m looking forward to this coming out! I have been using StartSSL for my personal sites (including this blog), but they have restrictions on using their certs for sites which accept payment and such.

In combination with the free SSL enabled CloudFlare options, this could be really cool!