I have been using Mashed Life for a while now and it is very handy. It works like a dream on most websites. I have also purchased a Yubikey to provide stronger authentication for Mashed Life.
The Yubikey is also a very slick device with lots of open source software to support it. It is a little inconvenient having to plug in the Yubikey before I can log in but it does add a layer of security in the most convenient way I have seen. It provides a very strong one-time password without having to type it in.
I am still uncomfortable with trusting important passwords to Mashed Life and it is scary having all my eggs in one basket. I would be pretty upset if they had a security breach even though I don't keep banking or PayPal passwords on it. The Internet is making the TNO (Trust No One) philosophy increasingly difficult.
Monday, May 26, 2008
Get the Crap of your new PC
One problem with new PCs, especially HPs, is all the unwanted software that comes preinstalled. Well, here is a solution, PC Decrapifier removes most of this stuff. It is best to run it on a new PC but will also work on an older on. I am going to give this a try on my wifes Vista HP laptop and will report back later.
Tuesday, April 29, 2008
MashedLife.com
Now here is an interesting idea: MashedLife.com will manage all your web user names and passwords. Of course, there is a lot of trust here and all your eggs are in one basket, but this is a neat idea that may bridge the gap until OpenID, or something like it, takes over the web. I have about 50 user name/passwords to keep track of! That is nuts! Most of them are for low security things like Blogger. I am going to try it and see how it goes. I don't think I will give my bank or credit card logins to them, though...
Friday, March 28, 2008
Microsoft DreamSpark
Microsoft is giving development software (including Expression Web software) to students. They are calling it the DreamSpark program. This is a very good idea on the part of MS. Students are notorious for "not paying" for software. It has long been known that software piracy actually benefits a company since the pirates are usually young people who could/would not buy expensive software just to play around and learn on. On the other hand, once you learn a product, it takes quite an event to make you change to something else. Therefore, if the young, budding, developers use your product, they are very likely to recommend it when they get a job doing that task. Then the company will (usually) buy the software since companies have a lot to loose by using pirate software and they want support, anyway. This program is a win win.
Of course there is a possible looser - Open Source. If people get started with free (of cost) products, they might not try the free (as in freedom) products out there. In a stroke of stupidity, MS has limited this program to post-secondary students. There are lots of budding developers in high school and even grade school. They don't qualify. Oh well, they will just have to use Open Source.
Of course there is a possible looser - Open Source. If people get started with free (of cost) products, they might not try the free (as in freedom) products out there. In a stroke of stupidity, MS has limited this program to post-secondary students. There are lots of budding developers in high school and even grade school. They don't qualify. Oh well, they will just have to use Open Source.
Friday, August 24, 2007
Verisign supports PayPal Security Key for OpenID
VeriSign now supports the PayPal security key (and their own) for logging into their PIP OpenID server. So now you can have an OpenID login that uses two factor authentication. Oddly enough, if you buy Verisign's own security token (identical to the PayPal token) they make you create an account that does not support OpenID!
OpenID is the great promise that just won't happen. Maybe I am impatient. The most useful site that I have found that uses OpenID is Hampr, which is a bookmark site like del.icio.us but without the social stuff. Just a private bookmark repository. I have used OpenID on LiveJournal as well but unfortunately I am already using Blogger so I am not eager to change. My bookmarks are hardly worthy of a security token. If only my bank would use OpenID...
OpenID is the great promise that just won't happen. Maybe I am impatient. The most useful site that I have found that uses OpenID is Hampr, which is a bookmark site like del.icio.us but without the social stuff. Just a private bookmark repository. I have used OpenID on LiveJournal as well but unfortunately I am already using Blogger so I am not eager to change. My bookmarks are hardly worthy of a security token. If only my bank would use OpenID...
Monday, July 23, 2007
PayPal Security Key
PayPal has introduced a security key that members can get for only $5. Unfortunately, it is only available in the US, Germany, and Australia. I guess those of us in other countries don't have security problems. Actually, they do say that it will be available in other countries later. They are still testing it to see if it is worthwhile. They would not have to reduce fraud very much to pay for it, though, PayPal fraud is currently over $35 million a year! (This is actually a very small percentage, so don't worry too much.) The key can also be used to log into eBay.
What the key does is provide a constantly changing number that you type in after your password. This number uses strong encryption and a good clock to prove that you have the key. This provides two factor authentication - something you know, your password, and something you have, the security key. Even if someone gets your password and the number on the key it is only good for a couple of minutes.
I eagerly await this to be offered to Canadian customers. Now, if PayPal were to provide an OpenID service life would really be good!
What the key does is provide a constantly changing number that you type in after your password. This number uses strong encryption and a good clock to prove that you have the key. This provides two factor authentication - something you know, your password, and something you have, the security key. Even if someone gets your password and the number on the key it is only good for a couple of minutes.
I eagerly await this to be offered to Canadian customers. Now, if PayPal were to provide an OpenID service life would really be good!
Thursday, July 19, 2007
Internationalization for Smarty (PHP Templating)
I am working with Smarty on a new PHP project (Smarty is a templating system for PHP). I like Smarty so far but this add-on really is impressive. It is called IntSmarty. It adds the ability to internationalize your web site very easily. Of course, you still have to translate the text, but it does what it does very well. What you do is mark up your template like this: {l}what to translate{/l}. (Smarty uses those curly tags in its templates). Then when you run it, it will save the strings to a file that you can then copy and translate. Blam, you now have a new language for your web site. Get someone to translate to a new language and you instantly support that language. It even uses the browsers language preferences so it is automatic and transparent to your audience.
The one feature it has over the smarty-gettext plugin (The only other option I have found) is that it has a function for PHP variables so that they can be translated, too.
I am not sure how active the development is, so that might be a downside. smarty-gettext is a Sourceforge project which gives it more credibility but I think IntSmarty is a better implementation.
The one feature it has over the smarty-gettext plugin (The only other option I have found) is that it has a function for PHP variables so that they can be translated, too.
I am not sure how active the development is, so that might be a downside. smarty-gettext is a Sourceforge project which gives it more credibility but I think IntSmarty is a better implementation.
Subscribe to:
Posts (Atom)