What does "random" mean in the context of password creation?

Disclaimer: as you will see from my question I'm a total outsider in this subject, just very curious.

I was wondering how easy it would be to crack a password-protected RAR5 file, and I found many answers along the lines of "a truly random password would be much more difficult to crack than a password based on real words". Also, a lot of answers refer to password randomness.

I know that passwords based on real words are easily cracked by dictionary attacks and probably this is what those answers refer to, but I'm still not clear about what "random" means in the context of password creation, for the following reason.

Even if I generate a sequence of characters using the best "randomizer" ever, the chances that I get "HelloWorld" and the chances that I get f.ex. "gkwwpBnePU" are in my understanding exactly the same, so does "random" in this context mean "as distant as possible from any real word" ? But if yes, doesn't this make the password not-so-random after all ?

The thought that started my doubt - which I believe is the same concept but I'm not sure - is: if I choose a password which is a real word but from an obscure dialect of a very uncommon language whose dictionary no attackers would feed to their cracking tools, would such password still be more crackable than "gkwwpBnePU" ? (assuming of course that "gkwwpBnePU" isn't actually a real word in any language, see what I mean ? ).

encrypting chip data and accessing from other platforms

i have a similar, yet somewhat differing question. I am not so interested in encrypting the phone per se, but the chip and data within it. I am interested in knowing if the bundled or downloadable Android encryption app will read cross-platform encryption schemes.?? can I encrypt the chip,(not the system), and access the encrypted data on platforms such as MAC OSX, Windows, etc?

In DNSSec, are Delegation Signer Records always SHA-1?

I'm creating a RSA/SHA-512 Zone Signing Key and Key Signing Key at Dynect Managed DNS (corporate offering)

The Delegation Signer Record that was created is SHA1. Should I be concerned about this?

How to remove yellow tracking dots from a document?

Assume I have a document which I supspect to have yellow tracking dots. How can I remove them while keeping the actual information on the document? Is making a b&w copy enough? Is the copy machine adding its own tracking?

Would JPEG compression of the scanned document be sufficient to remove the dots? But would the scanner sensor leave its finger print in the scan?

OCR might be an option but only for text. Bonus: How about removing image watermarks while keeping the foto motive?

understanding the vulnerability to write a snort rule

I'm trying to write a snort rule for this vulnerability; http://ift.tt/1EN92nP however for me to be able to write a good snort rule I need to understand how the software is actually vulnerable so I can write my rule around this. However I am struggling to understand where to look for the vulnerability within the network packets. Any help would be appreciated.

How to add certificate pinning for a certain domain to my web browser?

There is HPKP (HTTP Public Key Pinning) which servers use to tell the client's web browser which certificates to trust (in the future) for the domain that is being contacted.

Google's Chrome and Mozilla's FireFox bring their own lists of websites that are pinned to certain certificates. (Google calls an entry in this list "a pinset".)

How can I add certificate pinning for other domains to my web browser (e.g. FireFox)?

Is there a reason why there is no option to "Pin this certificate to this URI" when viewing the details of a certificate in a web browser? Would it undermine the concept of CAs, or is it just not implemented?

Security risk: Digitally sign communications for SMB

I have a computer (Windows) on a network where an industrial process is controlled. There is an option in Local Security Policy >> Local Policies >> Security Options >> "Microsoft network client: Digitally sign communications (always)".

By default, this option should be Disabled on Windows machines but all computers that we receive from the vendor has this feature Enabled, so I can only assume that it is intentional. In order to backup to a NAS, I had to disable this feature.

My question is what might the security concerns be considering that this machine is on a local network where an industrial process is being controlled. From Microsoft's website, I get the impression that it prevents man-in-the-middle attacks that modify SMB packets. Is this the full story?