Categories
From The Archives Random

The Door

A few days ago I started a bit of a curfuffle about LeoLaporte on digg.com, see: Call For Help Tracker.. GreatTorrents… As you can see if you read the thread, I said that I thought L LaP was “the biggest puppet ever,” based on his performance on Call For Help Canada. If you haven’t had the chance to watch the show, don’t waste the time and bandwidth. The show is generally an hour of Mr TheDoor (apparently) having a hard time answering caller’s extremely banal questions and more or less being a knob – with even more unintelligent cohosts. I don’t have a problem with the show per se, it fills a niche and probably teaches a lot things the did not know. I do have a problem with are the people who revere Leo. I really don’t understand it why these extremely tech savvy individual see him as some sort of tech god. gah…it’s too unbelievable for words. After watching CFH(ca) for a few weeks, I began to notice Leo clearly listening to an earpiece on some of the more “difficult” questions. It strikes me as extremely odd for a supposed computer genius to need any additional help for the types of questions he’s asked on this show. Leo’s resume is impressive, he really should know things, but on CFH he really does not appear to know much of anything.And why is his website so bad?!

Speaking of websites, fixed a couple of things around here: finally worked out the bugs in the email post code, added a much needed background image and fixed the links in the rss feed.

Thanks all for now folks.peace out.

Categories
From The Archives Websites

Mutton Button

The old adage about wolves in sheep’s clothes is probably applicable to my new favorite interweb site, start.com/1/. Start.com is essentially a really simple web based rss reader (really simple really simple syndication?) combined with the recently improved MSN search engine. I like the page so much that i’ve made it my homepage, causing me to feel a little dirty every time I load up firefox. I’ve always been a really big fan of RSS, but I’ve never really been able to justify running another application just to check RSS feeds. Things like konfabulator widgets and the firefox ‘live bookmarks’ (or whatever) are ok, but they lack the ‘description’ contents. Unlike most other web-based RSS readers, start.com is completely cookie based, no login required. blah, blah, blah, i love microsoft, send me to hell.

[a few site updates, and probably a news update later.]

Categories
From The Archives Web Development

Eureka!

I am presently writing this post from Mozilla Thunderbird. The latest behind the scenes addition to my awesome website. Inspired by my recent adventures in moblogging, I wrote a script to check a specific (supersecret) email box for new mail. The mail is then parsed for relevant data (thanks to Ian for pointing pointing out php’s imap functionality). This little script should hypothetically allow me to post from my phone via text message to email, and obviously any other email enabled device. I am teh r0x0r. Additionally, I have not had the time or energy to create a proper administration panel for my content management system, allowing me to compose posts in an email client is a lot less tedious than manually updating the database.

Next up. While at work today something dawned on me. The windows bug discussed in this post, might actually be a feature of 802.11. When setting up a large wireless network – over say a university campus, or a metropolitan area – this feature allows clients to seamlessly move from one physical AP to another. Since wifi (evidentially) connects entirely based on SSID the client will never loss it’s connection. I totally knew this.

I’ve also added NotIan’s litebrite, right below my digg’s where people can ignore if it’s offensive. Speaking of digg, it’s not to late to digg the litebrite, come onnnn.

Time for bed.

Categories
From The Archives Google Site News

Notres Langues Nous Trompent

Gmaps. It’s taken google too bring satellite imagery to the geek masses. I recall mapquest using microsoft’s terraserver maps a few years ago. Evidently that didn’t pan out, at present I can’t seem to find a satellite map anywhere on mapquest. Gmaps is a blog compiling interesting sites as seen by “google’s” satellite.

Two minor site improvements.
First, I’ve fixed a bug in the comments form and increased the textbox size – now you can see what you’re typing as you’re typing it.
Second, I’ve added a couple of links. If you’d like your site linked please email me. As you’ll note by the third link, i’ve jumped on the www. deprecation bandwagon. I added some url rewrite to my .htaccess file causing all traffic headed for www.ohryan.ca to be silently redirected to ohryan.ca. Essentially, the no-www movement feels that www. is no longer relevant and completely redundant. Check the website for further info. No it’s not chaining myself to old growth timbers, but it’s something.

Categories
From The Archives

Internet Security

There has been a lot of talk recently about online password security. It seems that a lot of people are still using really easy passwords and even more people write down their passwords. This is apparently a major problem. As a solution,”experts” are tossing around some “new” ideas like passphrases and multiple security keys. [i’ve been meaning to write this update for a few weeks now and can no longer find the articles was reading. you’ll have to take my word for this – it’s been all over the internet, seriously] Passphrases, essentially passwords with greater minimum length requirement, are the next logical step up from passwords. Passphrases are a good idea. They’re longer and therefore much harder to crack using brute force (is brute force even a legitimate concern anymore?). Also, users would generally have an easier time remembering a phrase like “go go gadget,” than “98xgE!z” or other cryptic combinations of characters required for a secure password. If it’s easier to remember, maybe people won’t write it down, or so the theory goes.

The idea of multiple security keys is probably already in use by the military and security conscious banks. This authentication method requires a static key, and a rotating key. The static key could be a standard password, biometrics or whatnot. The rotating key is securely transmitted to the users. Also a very good idea. One major issue is the transmission of the rotating key. How do you ensure the key is not being requested by a fraudulent party? Probably by asking for more verification information. For instance, a bank website could employ this method. They could require you to call a phone line requesting further information (bank account #, SIN, etc) before releasing the rotating key. I doubt that something like this will ever be launched, or at least not until 100% of the population is “computer literate.”

All that said, the signal most overlooked security hole on the internets today has got to be “secret” questions. Probably popularized by hotmail (at least this is the first place i recall seeing them) a number of years ago, they are now even used by some ISPs. The questions are always something like “mother’s maiden name,” “favorite pet,” “shoe size.” In theory, secret questions are reasonably secure, they are not supposed to be common knowledge. “Secret” is really a euphemism for “difficult to know.”

In practice, most every secret question is something that could easily come up in conversation and/or a fairly common question that someone – even a stranger – might ask out of the blue. Making secret questions extremely ridiculously easy to “social engineer” out of people.

In conclusion, don’t use services that require secret questions, if you have to fill the answer with gibberish.

I started writing this post a week ago, and I don’t recall exactly where i was going with this…