Josh's Blog - Comments

John Poelstra: I am an Infinite Monkey

nospam@example.com (John Poelstra) — Wed, 17 Feb 2010 12:12:48 -0500

I knew you could come up with a more articulate response than me! Great job.

loupgaroublond: I am an Infinite Monkey

nospam@example.com (loupgaroublond) — Wed, 17 Feb 2010 12:07:51 -0500

The Hacking At Random guys made a special tshirt of an ifnite number of monkeys typing for donors. The logo is ou there and it glows in the dark too. I can show mine at the next fudcon

Brian Burns: How Long Does a Flash Drive Last?

nospam@example.com (Brian Burns) — Fri, 05 Feb 2010 14:30:30 -0500

This is great, thank you. I had recently read about the finite lifetime of flash drives and was starting to worry about using it for my school programming projects - I do all the compilation etc on the flash drive. This gives me more confidence in using it.

Michael: Password Security

nospam@example.com (Michael) — Thu, 04 Feb 2010 11:39:59 -0500

One solution is to have a random password ( let's say aaaaaaa ) that you prefix or suffix with a context dependent letters ( let's say the two first letter of the website, and the first of the tld ).

So to log on example.org, the password will be aaaaaaaaexo.

The benefit are simple, we only need to remember the first password, and the scheme we use to generate the password. This is perfectly doable for most people, as this doesn't requires much long term memory. Yet this provides differents passwords for differents services, and the scheme can add enough complexity ( ie here, we take a 8 letters password and get a 11 letter one ) to protect against brute force attack.

There is some problems however, if someone get one password, and figure the scheme, you are screwed. And if you need to change the password somewhere, you will have to add a exception , and that's bad.

But I think the risk are quite low, the scheme can be made easy to remember but complex to figure. As you say, good enough is the goal.

Juanjo: Password Security

nospam@example.com (Juanjo) — Thu, 04 Feb 2010 11:35:11 -0500

Yep, password reuse is evil!

That's why I love to use OpenID when available

Josh Bressers: Password Security

nospam@example.com (Josh Bressers) — Thu, 04 Feb 2010 06:47:22 -0500

I'm personally not a fan of password maker. I think it's a suitable solution for some people, but I'm not willing to use it, I wouldn't sleep at night. My problem is that in the event a bad guy comes to have your default password maker settings, they have access to all your current and FUTURE passwords.

pingou: Password Security

nospam@example.com (pingou) — Thu, 04 Feb 2010 04:14:06 -0500

I'm quite a big fan of revelation in en encrypted partition of a usb stick.

Aurélien Bompard: Password Security

nospam@example.com (Aurélien Bompard) — Thu, 04 Feb 2010 02:51:20 -0500

I've been using http://passwordmaker.org/ for a few years to fix this password problem. It works great for me, there's even a firefox extension. I think you should have a look at it.

Harry: How Long Does a Flash Drive Last?

nospam@example.com (Harry) — Wed, 03 Feb 2010 13:37:05 -0500

Not yet true, Fred. External floppy drives are readily available. I recently bought a Memorex USB single/double sided external floppy drive part# 3202 3239 (at, I believe, Office Depot.)

Anonymous: Virtualization liveCD Fedora spin?

nospam@example.com () — Thu, 21 Jan 2010 23:52:21 -0500

Isn't that what http://ovirt.org was about?

Jesse Keating: Virtualization liveCD Fedora spin?

nospam@example.com (Jesse Keating) — Thu, 21 Jan 2010 19:25:49 -0500

That's probably something we'd offer in kickstart form, but not media to download, but with the KS it would be very simple to build one yourself and toss it on media.

I wouldn't mind having something like that myself.

Josh Bressers: Virtualization liveCD Fedora spin?

nospam@example.com (Josh Bressers) — Thu, 21 Jan 2010 19:04:18 -0500

Mostly, yes that would work. Given the very limited use case though, I'd basically want this thing to boot up to a text console only (no X, it eats RAM), running nothing but libvirtd listening for TLS connections.

It won't be hard to do, I'm just lazy and hope someone else has already done it

Jesse Keating: Virtualization liveCD Fedora spin?

nospam@example.com (Jesse Keating) — Thu, 21 Jan 2010 18:55:57 -0500

So all you need is the desktop spin + virt-manager right?

Security Alarm: Attention Burglars: Here is the alarm

nospam@example.com (Security Alarm) — Mon, 18 Jan 2010 17:29:08 -0500

LOL too rich.
Typically it would be the name of a fire and or security larm manufacturer. Fci-Gamewell, Cooper, Simplex and so on.
When they say "burglar alarm on the side of them... they are fake.

How's that for Sanity ?

zingbot: How Long Does a Flash Drive Last?

nospam@example.com (zingbot) — Mon, 11 Jan 2010 04:47:17 -0500

That said, I can still remember when people were fascinated by CDroms and how long would they last etc. I heard some funny estimates like a CD should be re-written every 3 to 5 years because they'd fade etc. I know have some CD's going back to 1996. They still read just fine. My point is how long this lasts in storage is speculation. It could be 5 to 10 years. Or maybe someone will find a USB stick in 50 years and it will still have data on it. Who knows.....