Latest post:

>> my rant on passwords

To illustrate the problems with authorization, we shall take the example of the Indiana Jones and the Raiders of the Lost Ark. To access the Ark of the Covenant, Indy has to fly to Nepal, engage in a gunfight, escape a burning tavern, retrieve the headpiece for the Staff of Ra, fly to Cairo, use the Staff of Ra to figure out the correct location, survive deadly snakes (he hates snakes) before even finding the Ark.

The subsequent part of the movie where the Ark is hijacked by Nazis will be covered in a later post entitled "Password Retrieval" ;)

As this example illustrates, such a complicated system still fails to protect the Ark from falling into the wrong hands (first the Nazis, later the U.S. government). While I feel that a snake pit would be quite effective in ensuring proper access to systems like email, the cost of snakes/snake feed, as well as replacing poisoned upper management would be too high.

For web applications, the widely accepted practice is for users to select their own "password", a sequence of alphabets, numbers and/or punctionation, in the hopes that the password is :

a) Unknown to anyone else
b) Not easily guessed
c) Remembered by the original user

Having had to reset countless passwords over the years, I know for a fact that this doesn't work because :

a) Sometimes you have to share passwords with other people
b) Complex passwords take too long to type
c) Good passwords are difficult to remember (i.e. "BCD31BD788A" instead of "apple")
d) Corporate policies which force users to select a new password every month
e) Users feel no shame in requesting multiple password resets

Being old and lazy myself, this is the current way I deal with having to remember passwords :

a) Pick a word via word association to use. For example, email would be "spam", the online banking page would be "debt" and my blog password would be "boring".

b) Covert the word using a cryptographic hash function into a string. Here I am using MD5 to convert the words into gobbledygook suitable for use as passwords :

"spam" becomes "e09f6a7593f8ae3994ea57e1117f67ec"
"debt" becomes "762f8817ab6af0971fe330dbf46a359a"
"boring" becomes "8c32b1f76c746d784f0c1fd005e2a220"

c) Profit!!!

I've whipped up a simple PHP page to do that here (it only returns 12 characters instead of the 32 characters of MD5, since I doubt most places would support a 32 character password) :

http://twofishy.net/hash/

Enjoy.

Sunday September 30, 2007 01:58 PM | Comments (1)

Older posts:

>> ...




This page intentionally left blank

Wednesday November 29, 2006 08:26 AM | Comments (5)

>> into the dark knight

I'm not what you call a fan of Batman, at least not in the generic sense of the word. I don't own any merchandising (T-shirts, toys, posters, candy, action figures or trading cards) in his likeness, I can't really remember all people that have been Robin (Dick Grayson, Jason Todd, Tim Drake, Stephanie Brown, arguably Carrie Kelley), but most of all...

I can't stand to watch Batman movies.

Unfortunately there's going to be another one, The Dark Knight is scheduled to appear sometime in 2008. To refresh your memory, there was "Batman", "Batman Returns", "Batman Forever", "Batman and Robin", "Batman Begins" and now "The Dark Knight"...yeah, I don't really see a pattern.

I feel a certain sadness because the Batman fights and triumphs against so many super-villains, but he is powerless to stop his own commericialism. Batman movies are terrible, except for the one with Val Kilmer. That one was okay.

There is a confusing lack of continuity between all the movies...different directors, different actors playing Batman, different villians...if you watched all the Batman movies in a row you'll probably not be any closer to understanding anything about Batman.

For the impatient, this is the short introduction to Batman. There won't be much discussion on why he does it, its pretty much accepted that one dedicates their lives to secretly fighting crime once your parents get murdered.

The tight outfits, large inheritance, loyal man-servant and teenage sidekick are just perks that come with the job.

So is striking fear the motivation for wearing the mantle of the bat? There are lots of scary things out there, he could have very well been named "Clownman" (Coulrophobia : fear of clowns), "Big Walk Man" (Ambulophobia : fear of walking), "Elevator Man" (Claustrophobia : fear of enclosed spaces) or "Naked Man" (Gymnophobia : fear of...nudity).

Some have argued that Batman is just nuts. Mental illness is a prevalent theme for Batman, from his inception, his villains, his methods and his social interactions (or lack of).

While he has no extraordinary powers to begin with, he is still a force to be reckon with with his investigative skills, physical prowess, technology and use of fear and intimidation.

With these has has been able to defeat Superman (The Dark Knight Returns), dared to love the daughter of his enemy (Talia al Ghul), helped out the Justice League, walked again after his back is broken (Knightfall), there is much more to Batman than just fighting bad guys.

You could do yourself more of a favour by enjoying what the real Batman has to offer. Essential reading would be : The Killing Joke, The Dark Knight Returns, Tales of the Demon, The Long Halloween, Year One. There's plenty more...but these would be a good place to start.

I'll probably still go watch the movie. I mean...how else can I complain about it? :p

Wednesday November 08, 2006 04:47 PM | Comments (1)

>> affordable solutions for better living


I haven't really bought a lot of stuff from IKEA, but I always end up picking up something cheap and random on my way to the cash register. This cup was one of those purchases, its the same kind they use in their cafeteria (free cappucino refills!).

Sadly, on my way to the pantry to make myself a morning cuppa, I bumped the cup on the side of my cubicle and the handle broke off.

Understandably I was a bit miffed at being so clumsy, but then I noticed that while the cup was aesthetically pleasing, it was a bit poorly designed to be entirely useful.


If you compare the previous cup with its boring (but functional) replacement, you'll notice that the handle is larger (for fat fingers like mine), the walls of the cup are thicker (keeps stuff warm for longer) and its shape holds more liquid than its predecessor.

Not too impressed with IKEA right now, as I suspect the poor design has more to do with planned obsolescence than better living.

Perhaps one of these days I will replace this humble vessel with one of these, for now the no-frills approach will just have to do.




I couldn't bear to just chuck away the IKEA mug, since I had paid a whopping RM1.50 for it. I've reassigned it to a more fitting task as a stationery holder.

Unfortunately its not entirely useful at even this simple task, the shallow bottom means that it tips over easily, and it doesn't really store that many pens and pencils. Perhaps I could make it into a plant pot, or a container for sweets.

But that, gentle readers, is a tale for another day...




Tuesday October 31, 2006 09:37 AM | Comments (6)

>> Tadika Seaport Concert 2006

P1000122-w.jpg P1000118-w.jpg
P1000146-w.jpg
P1000148-w.jpg

Thursday October 12, 2006 03:20 AM | Comments (0)

>> Open wide...

Sometimes, you just want to *$!@$@&)#($^@& someone real good.

Say ah.......

ah......

ahhhh...chhoo!

Wednesday August 09, 2006 08:55 PM | Comments (0)

 
the mundane adventures of joon

war of the worlds
Strangely, the computer generated aliens in this movie felt more believable than both Tom Cruise and Dakota Fanning, who spend most of the time looking shell shocked or screaming hysterically. The overall effect is a cold, clinical exercise in extermination, ending as suddenly as it began.


hitchhiker's guide to the galaxy
This movie reminds us that instead of using special effects to blow stuff up, we could use it to bring to life one of the wackiest sci-fi rides of all time. Brilliant use of Flash animation (for the guide itself) and Marvin is just...too cute to take seriously. Remember now, always carry a towel and whatever happens, don't panic.

So long Douglas, and thanks for all the fish.


batman begins
I guess you can say this is movie truly captures the spirit of Batman's beginnings, because it is as weak as Bruce Wayne was before his transformation into the world's greatest detective. In the end Christian Bale and his sidekicks Morgan Freeman and Michael Caine were just undone by Liam Neeson, Katie Holmes and the rest of the cast. Perhaps next time...


sarpinos
Didn't know anyone else delivered pizza, other than Pizza Hut and Dominos. Generous amount of toppings and cheese make it hard to pick up the phone and go back to dialing 1-300-PIZZA


just thai
Looks like just another Thai restaurant on the outside, but once you sit down, you'll notice that everything is done 'just right'. Wait staff were attentive and seemed genuinely happy to be there, and the food took 5 minutes to arrive (!). They didn't have any pandan chicken, so we settled for beef noodles (which tasted like real beef) and pineapple fried rice (flawless). Can't wait to go back and the other stuff.


anjappar
Never heard of Chettinad cooking, but RM15 for a set meal of rasam, lime juice, briyani, rice, fried chicken, two curries, yogurt, papadam and chapati is an incredible deal.


kopi time cafe
new take on the old-style kopi tiam, complete with modern pricings. porridge for seven bucks is pricey, but the curry noodles are okay. What exactly is a coffee cow?