software Archives - Page 4 of 6

January 31, 2013

1Password alleviates the horrors of password management

I come to you today a recovering password management hypocrite.

I have over 190 accounts and logins for which a password or PIN is a part of my access: website tools, online banking, social media, email, internal company tools at Summersault, and so on. I used to pretend that I was maintaining the security of these accounts by having a reasonably strong set of passwords that I re-used across multiple sites, sometimes with variations that I thought made them less likely to be broken into if someone did happen to compromise one of my accounts.

But as I prepared to give a talk in December about email privacy and security issues, and really stepped back to look at my own password management scheme, I realized just how much pretending I'd been doing, and just how vulnerable I was making myself to the increasingly well-equipped and highly-automated attempts at compromising accounts, stealing identities and stealing funds that are being launched every day. I went and tested some of my passwords at the Password Strength Checker, and I was ashamed. The potential impact of this really hit home as I read Mat Honan's personal tale of woe and his follow-up piece Kill the Password in Wired magazine. Add in Passwords Under Assault from ArsTechnica and you'll be shaking in your boots.

So I decided that I was not going to be that guy who goes around telling people about how vulnerable they are with their simplistic password schemes while quietly living a lie in my own password management scheme. I might still be hacked some day, but I would not be found giving some teary-eyed interview to Oprah where I whined about how the pressure of the 190 accounts to manage just got to be too much and how I knew using a simple dictionary word plus a series of sequential numbers was wrong but I still didn't do the right thing.

That's when I found 1Password from AgileBits, a password management tool that alleviates the horrors of password management.

Continue reading "1Password alleviates the horrors of password management" →

December 28, 2012

Replacing Notifo with Pushover

Two years ago I compared Notifo and Prowl as tools for sending custom push notifications to your mobile devices. I ended up relying on Notifo quite a bit to send me mobile alerts about certain kinds of events that I might not otherwise notice right away - email messages from certain people, some kinds of calls or voicemails at my office, certain messages meant for me in the office chat room, etc.

(You might think all that alerting would get obnoxious, but having these notifications sent to me according to my preferences has meant I'm less likely to obsessively check email or other digital inboxes for something important I might be missing. The good/important stuff gets to me fast, the rest waits for me to view it at my convenience.)

In September 2011, the creator of Notifo announced that he would be shutting down the service. It's continued to mostly work since then without his intervention (a testament to the self-sufficient nature of what he created), but in the last few weeks I've seen increasing errors or delays in getting messages through, so I went in search of alternatives to Notifo.

Today I found Pushover, a really simple but elegantly done service that offers all the features I want.

Continue reading "Replacing Notifo with Pushover" →

October 31, 2012October 31, 2012

Are Wayne County's voting machines trustworthy?

Early voting is underway in Wayne County, Indiana. Voters showing up at the polling stations will find themselves directed to the Hart InterCivic voting machines.

A 2007 study of these machines, initiated by the Ohio Secretary of State and conducted by Pennsylvania State University, the University of Pennsylvania, and WebWise Security, Inc. found that:

the Hart system lacks the technical protections necessary to guarantee
a trustworthy election under operational conditions...Virtually every
ballot, vote, election result, and audit log is forgeable or otherwise
manipulatable by an attacker with even brief access to the voting systems.

You can read a summary of the study or read the full 335-page report.

August 4, 2010February 18, 2020

iPhone iOS4 IMAP mail syncing problems

I offer this account of trying to address a known (and I would say, severe) bug in the iPhone 4 mail software, in case it's helpful to others:

Ever since I upgraded my iPhone to IOS4 (the latest version of the phone's operating system), the Mail application has been flaky when it comes to syncing mail messages via IMAP. Duplicate messages, empty/blank messages, messages dated 12/31/1969, messages that are deleted and then re-appear, and so on.

At first I thought it might be my phone hardware, which had been cursed from the beginning (a story for another time), but after that phone died and Apple replaced it with a brand new one with fresh firmware and settings, and it STILL happened, I was convinced it's the software on the phone. Other people are having the same issue all over the place. But it can be hard to make Apple believe this - said the Apple Genius Bar worker at the Apple Store in Chicago, "they're probably all just using the phone wrong." Wha?

Continue reading "iPhone iOS4 IMAP mail syncing problems" →

February 10, 2009February 10, 2009

Local opportunities to benefit from technology alternatives

Lest we not forget the times when using expensive proprietary hardware and software without exploring more open alternatives comes back around to bite us in the rear, I thought I'd highlight two issues currently being mentioned in the local press.

1) The Pal-Item reports on a meeting happening today about technology in schools:

Continue reading "Local opportunities to benefit from technology alternatives" →

January 3, 2009January 3, 2009

Using the iPhoneOS SDK on older PPC Macs

I'm just getting started with developing applications for the iPhone / iPod Touch, and one of the first real hurdles I encountered was that Apple didn't make it easy by default to use their iPhoneOS SDK on non-Intel Macs. With some Googling around I was was able to find a variety of articles that mentioned workarounds, but the comprehensive solution was spread across lots of blog post comments, forum postings, etc. So, for my own reference and hopefully as assistance to anyone else who might be in the same boat, I'm consolidating the steps here.

Continue reading "Using the iPhoneOS SDK on older PPC Macs" →

December 8, 2008December 8, 2008

Security FAIL

Two stories of security failure for this blustery day:

1) Apparently, all you have to do to throw off the facial recognition software that protects us from identity theft or worse, is smile:

The Indiana Bureau of Motor Vehicles is restricting glasses, hats, scarves -- and even smiles -- in driver's license photographs. The new rules imposed last month were deemed necessary so that facial recognition software can spot fraudulent license applications, said BMV spokesman Dennis Rosebrough.

And then he had the gall to spin it as an improvement, since it would be horrible to admit that humans had done a better job:

The new technology represents an advancement of what the BMV already was doing, Rosebrough said. BMV employees always have looked at the old photo of a person to see if it looked like the person seeking a new license.

FAIL.

2) I was at a local video store yesterday, trying to rent a video using Anna Lisa's account. I gave the cashier her phone number and name, and he said he'd have to call her to verify that it was okay for me to rent on her account. When she didn't pick up, I offered to call her on my cell phone (in case she wasn't picking up the call from an unknown number), and the cashier said, "okay, yeah, just ask her if it's okay and then you can tell me what she said."

FAIL.

June 1, 2008June 1, 2008

Solution for Google Treasure Hunt "zipfile" question

You may or may not have been following the Google Treasure Hunt competition, a puzzle contest designed to test your knowledge of Computer Science, networking, and low-level UNIX trivia (as described on the Google blog). It's also a way for them to find potential engineers to be assimilated --er, hired. I took one of the questions for a spin today, and thought I'd post my methodology to solve it. It probably wasn't the fastest way, but it worked for me; if anyone has suggestions for improvements, let me know! Here's the puzzle:
Continue reading "Solution for Google Treasure Hunt "zipfile" question" →

May 28, 2008May 28, 2008

E-mail messages I delete without reading

Life's too short. E-mail messages I tend to delete without reading (other than obvious spam):

Messages with a blank subject line
Messages with a blank body, with only a mysterious attachment that's supposed to explain everything when I open it
Pretty much anything from Network Solutions / Verisign
Anything that asks me to forward it to 11 of my friends for good luck
Messages that start out by declaring that "this is not spam"
Messages with more than three (3) consecutively-placed exclamation points in the subject line or greeting

What about you?

April 28, 2008April 28, 2008

Links for the Week - April 28, 2008

The "pros and cons of a global distributed network" edition:

Do you depend on Gmail or Google Calendar? Did you know they're not ready for production use yet?
The Rockridge Institute, a progressive think tank (THE progressive think tank for many) abruptly closes its doors because there wasn't enough money coming in. But as a part of their exit, the description of "The Big Job" to be done is compelling, and so life goes on.
I love a good idea I've never heard of before, and this place has lots of them
Can you survive for 24 hours without your computer? I didn't think so.
One of the best YouTube videos I've seen in a long time: An Engineer's Guide to Cats
The Palladium-Item will be updating its website this week - and once again wiping out any archive of past reader discussions in their forums. I can't decide if this is a blessing or a shame, and it's probably both. I hope the new beginning represents a new mode of conversation, but I won't hold my breath.