Digg: The geek link feed

When you’re feeling bored and in the mood for something highly technical, why not jump over to Digg.com and be presented with links to interesting news, websites and pages that contain technical information, news and cool stuff to know.  

Digg entries

The community consists of fellow geeks and it’s rather interesting to watch and participate in.  And of course, like any good community it allows you to contribute as well by submitting your own interesting links and participating in discussion about diggs.

Skrifað í Technology. 3 ummæli »

Pastebin: A collaborative debugging tool

Pastebin is a debugging tool which allows developers to paste code on the Internet and get corrections by other people.

An example of pastebin

This is great if you are developing and talking to someone using AIM, MSN Messenger or Skype and you can’t paste code properly, and you haven’t got the syntax formatting.

When you’ve posted a code snippet and someone submits a correction, you are also able to see the corrections made, tracking changes and allowing you to learn from your mistakes.

In addition, PHP functions are linked up to the appropriate page on PHP.net. A magnificent Internet application and it’s without doubt great for group projects.

Internet passwords less safe

Internet passwords are becoming less safe. As crackers are finding out that encryption methods, such as SHA-1 and MD5 have both been cracked using mathematical expressions. Unfortunately, a far worse thing is happening now, this process is being reversed.

The MD5 algorithm is a commonly used method for storing passwords on Internet databases. Almost every time you register on a properly trustworthy website, and when you sign up to services such as phpBB forums and WordPress, the password is encrypted on the database.

How password encryption works
When you sign up on a web page using database password encryption the password you enter in the registration field is converted automatically using an encryption algorithm, such as MD5. For example, if you registered on such a web site, with the password password what would be put into the database would be it’s MD5 converted string, in this case 5f4dcc3b5aa765d61d8327deb882cf99.

Graphical explanation of registration and logins on a web page with encryption.

One or two years ago this would have taken a huge amount of time to crack, because the user would have to have a computer that attempts to convert this string back, listing possible passwords by comparing the passwords with a dictionary, leaving good upper- and lowercase passwords with numbers fairly safe.

To crack such a password, you do still need to either be the administrator of the server to see the MD5 value in the database or you must crack the MySQL database and access it somehow. This is often not very hard because novice web developers and administrators sometimes don’t have the skill, or do not find it important to make sure their website is secure.

Cracks available for anyone
Now the process has been reversed. Certain Internet users are now offering people access to tables which contain MD5 strings, for passwords up to 14 characters. This takes a huge amount of time to do, but once it’s ready (now) getting passwords from just knowing the MD5 hash takes as long as it takes for the server to search for this string in its tables, which is usually not very long.

Online MD5 crackers:

To make these tables, all they have to do is to take strings and turn them into MD5 hashes and make it into a table. So, for example, they begin converting one character, starting with a into an MD5 hash, then b, then c and so they complete the alphabet and digits from 0-9 and start with two characters; aa, ab, ac. The worst thing is that RainbowCrack allows users to do this themselves, at home; make their own tables and search them for much faster results.

It is also worth mentioning that Windows XP passwords can be cracked using a similar way.

Can be prevented
For people who use the same password on all websites, this could be a huge problem, for example if only one of them gets cracked, the cracker might have access to all of your accounts. This is why I suggest that you use a few passwords, one for secure websites that you must not lose (bank account, PayPal etc.), one for your e-mail account (if it gets cracked it’s easy to take over accounts by resetting the password) and one for forums and communication where you haven’t got much to lose if something happens.

I wish you happy and secure Internet surfing, and I hope that this knowledge will help you protect yourself better on the Internet.

Skrifað í Security. 5 ummæli »

A mouse without buttons?

Without the mouse buttons using the mouse is pretty odd. We are used to clicking when we surf the internet, browse our documents and work in word processors. But what if we didn’t have a mouse button?

One of the most of interesting projects I have found on the Internet is the “Don’t Click It” project, which is an interface where you are not allowed to click. You should browse the interface just by moving the mouse around. It’s pretty well designed and a curious study.

Link: DontClick.it

What The Font?

Has it ever happened to you that when you were surfing the Internet you saw this really cool ad, and you liked its style, and wanted to know which font they are using? Believe it or not, now you can see what font is being used.

The WhatTheFont service on MyFonts.com allows you to detect which font is being used in a logo. I find it quite amazing technology and must have taken a lot of long nights and patience to develop.

Link: Visit WhatTheFont

Security Now!

I wanted to discuss my favourite podcast now, although it difficult to compare it with a podcast such as TWiT (This Week in Tech) I think this one gets to be my favourite.

Security Now! with Steve Gibson and Leo Laporte. Yes, the Steve Gibson who invented the term ‘spyware’. Yes, the Leo Laporte who’s hosting most of the top technology podcasts today including TWiT, and performing in radio and TV shows in the U.S.

Through their area of interest they make this great podcast updated once a week where they talk about the latest security dangers, if there are any, and usually a topic such as passwords, VPN, Wireless Security or Rootkits.

They discuss topics and give you the appropriate information about certain security-related topics, give you information about what can be done in specific circumstances and leave it up to you how level of paranoia you would like to use on this one.

I like everything concerning encryption and useless security measures that will never be put to the test, the great world of technology that helps get me secure, (and insecure for that matter) passwords and proxies and not getting unpleasant surprises.

If you happen to like some of that stuff to, then I suggest you go to their Security Now! page where you can subscribe to their podcast via iTunes, iPodderX, Odeo or podnova.

I wrote this post to celebrate Security Now!’s 17th podcast, which isn’t really a very special number, although it happens to also be the number of Wallpaper Groups in math.

Bunny suicides

Today I found this page with a lot of cartoons of suicidal bunnies. Although suicide isn’t generally an amusing thing at all the author manages, with the help of his imagination, to make a great set of laughable ways to suicide as a bunny. If suicide humour disturbs you, please consider not viewing this page.

Link: Suicidal bunnies

I’m convinced no bunnies were hurt in the making of this comic strip.

Skrifað í Humour. 1 ummæli »

Get every new post delivered to your Inbox.