Ncsc 2015 16 Topics For Persuasive Essays

Sixteen ideas from the State that best fulfilled the brief of ‘Energy: exploration, consumption and conservation’ during the 21st National Children’s Science Congress (Kerala) will be presented at the National Children’s Science Congress in Bhopal on December 27.

Chief Minister Oommen Chandy said during his valedictory address at the congress here on Wednesday that the government would push for hosting the final competition in the State next year.

He awarded the 16 team leaders with a trophy and certificate during the second and final day of the congress held at Mar Gregorias Renewal Centre here.

The 16 were chosen from 77 candidates who qualified from the district stages.

Mr. Chandy praised the Kerala State Council for Science, Technology and Environment (KSCSTE) for prioritising conservation of energy this year.

In the junior category, Ashwin Raj, group leader from Government Upper Primary School (UPS) Thavidessery, Payyannur, Kannur, received the award for first place.

Agna Kurien of Government UPS, Mallam, Kottayam, was placed second; Tom Gladin Jose of St. Thomas High School, Thudanganadu, Idukki, came third; M.P. Navneeth of Government Higher Secondary School (HSS), Munderi, Kannur, was placed fourth; Aleena Elizabeth of GKM High School, Kannyapuram, Wayanad, was fifth; and R.S. Hari Krishnan of Government HSS, Kilimanoor, here was sixth.

Ashwin’s team explored the impact that gutters had in terms of reducing the fuel efficiency of vehicle. The project submitted by students of classes 5 and 6 is illustrated through clear figures and interviews with drivers and mechanics.

Among the seniors, Amritha Suresh, group leader from of NRPM HSS, Kayamkulam, Alappuzha, was first; Sneha Ganga of SKMJ High School, Kalpetta was second; A.J. Gayathri from DVNM HSS Maranalloor, Koovalassery, came third; Anagha Varma of SMV HSS, Poonjar, Kottayam, was fourth; A. Anjana of GHSS Meenangadi, Wayanad, came fifth; C.P. Aparna of GWHS, Cherukunnu, Kannur, was placed sixth; K.A. Sainul Abid of GHSS Meenangadi, Wayanad, was seventh; U. Aparna of CBHSS, Vallikunnu, Malappuram, was eighth; Parvathy Ravindran of GHSS Udinur, Kasaragod, was ninth; and P.R. Aparna from Memunda HSS, Kozhikode, was 10th.

KSCSTE member secretary K.K. Ramachandran told The Hindu that all the presentations, especially in the junior category, were novel and had a practical purpose.

He said that he would speak to Director of Public Instruction (DPI) Biju Prabhakar, who was present during the function, on how to support the talent and potential that so many students had.

Mr. Prabhakar, during his address, urged parents and teachers to use resources available online and allow students to adopt self-learning methods.

“Is the project SMART? This acronym defines what we look for when the students make their 10-minute presentations,” chairman of the State organising committee of the conference C.P. Aravindakshan told The Hindu .

It must be specific, measurable, appropriate, realistic and time-bound, he said.

More In

One of the things people often tweet to us @ncsc are examples of websites which prevent you pasting in a password. Why do websites do this? The debate has raged - with most commentators raging how annoying it is.

So why do organisations do this? Often no reason is given, but when one is, that reason is 'security'. The NCSC don't think the reasons add up. We think that stopping password pasting (or SPP) is a bad thing that reduces security. We think customers should be allowed to paste their passwords into forms, and that it improves security.

 

No one knows where it came from

It is a mystery where SPP came from. No one has pointed to a paper, a rule, an RFC (a technical standards document to plan how the Internet should work) or anything else that started it off. If you know of one, let us know using the comments form below. We believe it's one of those 'best practice' ideas that has a common sense instant appeal that may have made sense once. Considering the bigger picture today, it really doesn't make sense. 

 

So why is password pasting a good thing?

The main reason why password pasting improves security is because it helps to reduce password overload, something that we cover in our Password Guidance. Allowing the pasting of passwords makes web forms work well with password managers. Password managers are software (or services) that choose, store and enter passwords into online forms for you. Password managers are very useful because they:

  • make it much easier to have different passwords for each website site you use
  • improve your productivity and reduce frustration by preventing typing errors during logins
  • make it simple to use long, complex passwords

Disclaimer: although password managers can offer better protection than - for example - keeping your passwords in a normal (and so unprotected) document on your computer, they are not a silver bullet to solve all of an organisation's password problems. We'll write more in a future blogpost about things to consider when picking a password manager.

Imagine if you didn't have a password manager, or even that unprotected document on your computer with your passwords in it. Without password managers, it would be pretty much impossible to remember all your passwords. To cope without them you'd have to do some of these bad things:

  • re-use the same passwords on different websites
  • choose very simple (and so easy to guess) passwords
  • write passwords down in places that are easy to find (like post-it notes next to the screen)

This is why we think SPP is bad, and allowing password pasting is good. The pros outweigh the cons, and by a lot.

 

Why stopping password pasting (SPP) is wrong

There are other reasons that are used to justify SPP. The small and misleading grain of truth in these reasons can sound very persuasive. Here's why they're wrong.

 

Justification 1: 'Password pasting allows brute force attacks'

If password pasting is allowed, that represents a vulnerability where malicious software or web pages could repeatedly paste password guesses into the password box until they break your password.

This is true, but it's also true that there are other ways to make guesses (for example through an API) that are just as easy for attackers to set up, but are much faster at guessing. The risk of brute force attacks using copy and paste is very small. 

 

Justification 2: 'Pasting passwords makes them easier to forget, because you have fewer chances to practise them'.

It's true  - in principle - that the more times you recall something, the easier it is next time.

In the real world though, people are made to have passwords for things that they hardly ever use. This means there isn't enough time to practise, and therefore little chance of remembering. This whole justification only works if you assume, to begin with, that users should always have to try and remember their passwords - and that's not always true.

People are also made to have passwords for things they use so often they couldn't forget the password even if they wanted to (which is quite inconvenient if you're forced to change the password regularly), and typing in the rotten thing again and again eats into their day. Password managers are a stick these people lean on, and SPP kicks it away.

 

Justification 3: 'Passwords would hang around in the clipboard'

When anyone copies and pastes, the copied content is kept in a 'clipboard' where it can be pasted as many times as they want. Any software installed on the computer (or any person operating it) has access to the clipboard, and can see what's in there.  Copying anything usually writes over what was already in the clipboard and destroys it. 

Many password managers copy your password to the clipboard so they can paste it into the password box on websites. The possible risk is that an attacker (or malware) will steal your password before it's erased from the clipboard.

Passwords remaining in the clipboard might be more of an issue if you're manually copying and pasting your passwords from a document you have on your computer. You might forget to clear the clipboard. However it's not much of a risk because:

  • Most password managers erase the clipboard as soon as they have pasted your password into the website, and some avoid the clipboard completely by typing in the password with a 'virtual keyboard' instead.
  • The web browser 'Internet Explorer 6' allows evil web pages to copy the clipboard; but very few people in the UK still use IE6 to browse the web.
  • Viruses installed on your computer can have clipboard copiers on them, and grab your pasted passwords. That's still not a good reason for SPP though; when your computer gets infected you can't trust it at all. Viruses and other malware that copy the clipboard nearly always also copy every letter, number and symbol typed on your computer, including your passwords. They would steal your password whether or not it was in the clipboard, so you're not really gaining much by SPP.

Rather than stopping password pasting, help your computers to avoid catching viruses in the first place by following our guidance on securing enterprise IT. And install software updates - the IT version of eating your fruit and veg. It's one of the very best ways of securing your computer.

 

Don't just take our word for it

You don't have to take our word for it that stopping password pasting is bad.  See Troy Hunt's blog (with a History lesson for us all), or this article in Wired. 

Improve your security by supporting your users.  Let them paste passwords.

 

Sacha B

Sociotechnical Security Researcher

43 comments

Was this blog post helpful?

We need your feedback to improve this content.

YesNo

0 Replies to “Ncsc 2015 16 Topics For Persuasive Essays”

Lascia un Commento

L'indirizzo email non verrà pubblicato. I campi obbligatori sono contrassegnati *