Categories
Tips & How To's

How To: Hack Into OS X Lion

Yesterday one of two things happened, either a) I completely an entirely forgot my OS X login password or b) OS X refused to accept my password. I have no way of knowing which was the case, but regardless, I was unable to access my computer.

I almost had a major meltdown, until Google informed me that OS X Lion is horribly insecure! Horribly, horribly insecure.

You can gain access to (almost) anyone’s Lion account in 3 simple steps.

  1. Restart the machine in recovery mode by holding down cmd+r on reboot.
  2. Open terminal in the utilities menu.
  3. Type `resetpassword`.
Voila.
Am I missing something? Is this not as bad as I think it is?
Categories
Google Tips & How To's

How To: Tumblr Style Google+ Redirect

Tumblr just added a feature to redirect http://yourdomain.com/+ to your google plus account.

Neat idea.
You can do it yourself in .htaccess. Just add:
Redirect 301 /+ {insert your profile url here}

Check it: ohryan.ca/+

Thanks to Isaac Lewis

Categories
Tips & How To's

Assault on the Hash (or how to make secure your passwords)

In a recent episode of Build & Analyze Marco Armet (creator of Instapaper) explained that the standard practice of salting a hash is no longer a really good way to secure passwords. CPUs (and GPUs) are so fast that they can effectively guess your salt in a reasonable amount of time*.

The solution, use bcrypt. Essentially, it’s an extremely slow hashing algorithm.

To me this seems a little bit like security through obscurity, every once in awhile – as CPU speed increases – you’ll have to update your algorithm to generate hashes even slower.

See also.

*A modern server can calculate over 300MB of hash data per second!

Categories
Tips & How To's

How To: File Upload Progress Bar. No Flash. No PHP addons.

Upload progressbars are pretty common on the web these days, they add a touch of feedback to the long and mysterious process of uploading a file to a website. Unfortunately, the most common methods for doing so involve flash or baring that PHP addons that require a recompiling.

In this post I’m going to talk about creating an upload progress bar without the need for a clunky flash object. I’m going to do it with PHP, jQueryUI and a gracefully-degrading framework-independent library.

Categories
Random Tips & How To's

How To Use Your iPhone to Stalk Yourself

It looks like the privacy hippies were finally right about something, your mobile phone really is a pocket sized tracking device.

Turns out that as of iOS 4.0, iPhones have been tracking your physical movements and logging it along with the phone’s backups.

A small team of researchers have discovered these logs in iTune’s backup files, they’ve released a handy little app that collects all the data from your user folder and plots it on a map. iPhoneTracker.app and further information available here.

Here is the visualization of everywhere I’ve been since Sept 28, 2010:

You can see lots of activity in and around Winnipeg (including trips up to the Gimli and Victoria Beach), a flight to Toronto and subsequent travel around southern Ontario and a road trip to Minneapolis. It’s fascinating.

I’m not sure if this is a terrifying privacy hole or a neat little hidden feature. I’m leaning towards neat feature, since the data is stored locally on your computer and can be encrypted automatically by iTunes.

At this point in time a method for disabling the “feature” does not exist. I expect Apple will be responding in short order.