Published on May 13, 2013
The worst passwords are the ones everybody else is using.
I’ve been meaning to write more about computer security, but all the topics are complicated. That makes it time-consuming to write about, and potentially dry and confusing to a reader. So I’ve decided to try something new: to write short, narrow posts that address a smaller subset of the topic. In doing this, I realize I am becoming the thing I hate: most blogs annoy me because bloggers write short articles of 500 words or less not because that’s an appropriate length for the topic, but because that’s what’s easy to write
in an hour or two.
Part of this short series will be titled “Security Myths and Realities.” My idea is to break through all the outdated and plain false information about computer security and help the regular user get up to date on how experts think.
Myth: Choose a Password That is Easy to Remember
Reality: Totally FALSE! If you are trying to remember all your passwords, you are doing it wrong.
2012 was a watershed year for the venerable password. Last year was the year when the mainstream technology press — periodicals like Wired and Ars Technica — began to publish opinion pieces suggesting that the whole concept of passwords is obsolete, ineffective, and wrong. I happen to agree, but in the near term, it’s irrelevant: passwords are not going away any time soon. To fully explore what’s wrong with passwords as a concept, and why the very idea of passwords is coming under fire, would be another entire article. I can point out the most obvious problem with passwords, though: everyone has too many of them.
For something as complicated to remember as a reasonably-strong password, “too many” is about four. The last I counted, I had 103 different passwords. Since I work as a programmer and I maintain a blog and a couple of other Web sites as a hobby, I admit I am kind of special. I have more passwords than the average user. If you take into account all the unique accounts a modern person has for online shopping, communities like forums and blogs, gaming accounts, banking accounts, and so on, I would not be surprised if the mythical “average user” had need for 20 different passwords. I wouldn’t even be surprised to hear a number like 50.
Don’t even bother to try remembering all your passwords. It’s infeasible, any anyone who tells you otherwise seriously misunderstands the security risks of today’s Internet.
Security Myths and Realities: Easy-to-Remember Passwords continued »
Published on May 6, 2013
The cover of Crusader Kings II makes it look like just another war game, but there is a lot more to it than that.
Lately I’ve been playing a lot of the PC game, Crusader Kings II. Besides being a whole lot of fun, this game is a breath of fresh air in the strategy genre. It’s a game not just about war and conquest, but about alliances, betrayal, marriages, assassination plots, corruption, and medieval law. It’s the most original gameplay experience since … well, probably since Crusader Kings I.
In Crusader Kings II (hereafter, CK2), you play the leader of a medieval dynasty. When that leader dies, his heir becomes your character. The game covers a time span from 1066 to 1453 (corresponding to the historical period bracketed by the Norman Conquest of England and the Ottoman conquest of Constantinople), so you’ll pass through many generations of rulers as you play. The fortunes of your dynasty may rise and fall: it’s not uncommon to start as a lowly count, to climb to a duchy and then a throne through might and guile, and then see the kingdom crumble in a succession war or rebellion until you’re back down to one county again. Along the way, marriages and succession law are every bit as important as castles and armies.
I’ve read a number of great articles about this game that made me want to try it, and I’m very happy that I did. I’d recommend Why Crusader Kings II Should Be Game of the Year and How to Lose at Crusader Kings II. I would love to explain why this game is so great, but it’s better to show you than to tell you. Here’s what’s going on in my latest game.
Crusader Kings 2: Lawyers, Swords, and Money continued »
Published on May 3, 2013
It’s late in the day as I post this, but today is the International Day Against DRM!
So what’s DRM? It stands for “digital rights management,” and refers to technology that forces users to have a license in order to play a movie, read an e-book, or run a computer program. Big companies claim that DRM prevents “piracy.”
The truth is that DRM is not only about piracy. It’s about control. DRM is used to:
- prevent you lending e-books, computer games, and digital movies to your friends (which is perfectly legal to do for a paper book or DRM-free game)
- prevent you from selling your used e-book, movie, or game when you’re done with it
- ensure that media you buy for one device, such as a Kindle, won’t be usable on a competitor’s device, like a Nook
- track your reading and viewing habits for sale to marketers
- in some cases, stop you from using content you’ve paid for
- in some cases, erase books you’ve bought and paid for from your device
As Cory Doctorow put it,
No one woke up this morning and thought, “gee, I wish there was a way I could do less with my music, maybe someone’s offering that product today.”
He explains DRM better than I can.
So if DRM sounds like something you’d be better off without, please join me in supporting the International Day Against DRM. You can learn more about anti-DRM campaigns from Defective By Design and the Electronic Frontier Foundation.
Published on December 25, 2012
This year, my lovely wife and I moved to a beautiful new house. In contrast with our “city-sized” (read, small) condo, we have a lot more space: enough space to set up a full-sized Christmas tree. We had some reservations about this. We’ve had the cats for five years now but we’ve never had cats and a Christmas tree at the same time.
Real Christmas trees are not good for pets. The needles are mildly toxic and the water is a potential biohazard due to bacteria. They’re also a pain to dispose of: the town or city wants to collect them on a specific weekend and I may not want to take it down quite yet. Last year, in Cambridge, tree collection happened before the twelve days of Christmas were even over! Don’t they remember that song? So for reasons of pet safety and convenience, primarily the former, we bought a new artificial tree.
Now, Merlin and Morgana are indoor cats. That’s another safety choice: indoor cats live a lot longer in my experience. But indoor cats are deranged — even more deranged than regular domestic indoor/outdoor cats. Our cats have a bit of an obsession with green things. Specifically, eating them. I buy them pet grass but their herbivorous impulses are not constrained by human taxonomy. If it’s green, they want to eat it. It’s that simple. Five years ago, at Merlin and Morgana’s first Christmas, we had another artificial tree and before we even had it out of the box, they were climbing all over the box of branches and nibbling at the plastic needles. At that time, we decided to skip the Christmas tree that year till our kittens had grown up a bit more, but then we moved to a smaller place where the tree didn’t fit anyway (we sold it in a moving sale). We never did buy an apartment-sized tree, so this year, in the new house, this was the cats’ next Christmas tree.
We decided to set up the tree without ornaments for starters, to give them a couple of days to get used to having it in the house before we covered with with dangly, shiny, irresistible cat toys. We were expecting trouble. Merlin and Morgana didn’t disappoint.
Christmas Trees are for Cats continued »
Merlin and Morgana check out the exciting new box.
Published on July 7, 2012
About two months ago, I decided to find out what the tablet computing craze was all about. Mainly out of professional interest as a software developer, I bought an Android tablet: specifically, a 10″ Toshiba Thrive, which runs the Android operating system. The trouble is, as soon as I turned the device on, I was filled with a feeling of revulsion and loathing. That visceral hatred has faded only a little bit since.
The Fundamental Problem
Fundamentally, it’s not the Toshiba brand or the Android OS that I hate. It’s the entire concept of a computing tablet. What I expected when I shelled out 500 bucks for this device was a streamlined computer. What it really is, is an oversized phone. Literally the only things it is good for are checking e-mail and playing games.
I don’t recommend anyone buy a tablet unless all they care about is e-mail. Read on for a list of what I hate about tablets.
Android Tablet and Buyer’s Remorse continued »