Archive for April, 2010

More Salty Thoughts – Protecting Weak Passwords

Start by assuming a very bad situation – a copy of your database has been obtained by the bad guys, to attack off-line at their leisure. How safe are we? For those accounts with strong passwords, SHA is great and our user’s password data is well protected. Weak passwords are another story.

Salting SHA in MySql

Encrypting user’s information like their passwords needs to be easy. All the old MySql functions like PASSWORD() and ENCRYPT() still exist but are considered not secure enough anymore. These days only MD5 and SHA1 are strong enough to withstand an attack, but even so, both by themselves have vulnerabilities that can be exploited requiring some […]

Apple’s Own Medicine

Apple’s iconic 1984 commercial may have only aired once, but its impact was huge. They became the technology choice of freedom from the tyranny of Microsoft. These days the Apple vs. Microsoft juxtaposition has been recast as one of closed vs. open ecosystem, and the Google vs. Apple/Microsoft distinction has developed into “Don’t Be Evil” […]

Prescription 3D Glasses

Everyone is selling expensive shutter glasses and cheap red/cyan glasses, and a few are selling polarized glasses that don’t look quite as dorky as the ones in the theaters.  The traditional prescription companies will sell you all sorts of sunglass tints and various coatings, but none are selling prescription 3D glasses. Why can’t I buy […]

Fixing GoDaddy MySql Performance, Part II

After probing two MySql databases every 10 minutes for 12 hours I can safely say there is a major difference in the lag time between the GoDaddy MySql database servers.

Fixing GoDaddy MySql Performance, Part I

Almost everyone who owns a website starts out on GoDaddy and quickly learns to move to another host. Apparently I’m just thick.  I still have some stuff with GoDaddy, including my family’s site, this blog, and some of my apps that my company hosts for clients. I’ve got an interesting performance problem this time and […]

Fixing Campaign Finance Reform

The Supreme Court decided that corporations are constitutionally protected by the first amendment. Everyone in Washington says they are upset about this and vow to fix it, even if many are secretly happy. I find this situation particularly disturbing. The unofficial “4th branch of government” used to be the press, which was a good checks-and-balances […]

Evil Business Plan, Part V: Future Gifts

There is an ad running these days for an identity protection service with a promotion offer of the first month free plus a free crappy shredder. I’ll bet most people interested in identity protection already have a decent shredder either at home or at the office. Taking it a step further, a free physical item […]

JooJoo a GoGo!

Finally, after 26 days of trying, I’ve been able to place an order of a JooJoo. They have cut over to standard credit card processing from the ill-fated PayPal-only solution. Now I just need to wait another 26 days for it to arrive, assuming there aren’t any delays. I’m expecting it to be more like […]