Monthly Archives: August 2010

Lifehacker on Passwords

1 minute, 34 seconds

As a fan of security and strong passwords, I read with interest Lifehacker’s article about how easy it is to hack passwords. In general the article is right on the money and I agree with it’s message. However, I took issue with the article on two points.

The first point they’re talking about how easy it is to either guess or brute force your passwords. Guessing and forcing passwords can be done over the Internet with out needing to compromise your (the victim’s) computer. However, the last step is “simply” to get at the cookies on your local machine:

But wait… How do I know which bank you use and what your login ID is for the sites you frequent? All those cookies are simply stored, unencrypted and nicely named, in your Web browser’s cache. (Read this post to remedy that problem.)
– Lifehacker Mar 30, 2010

For me this is crossing the line from informative into fear mongering. Yes, once you have logged into some one’s computer as the user they surf the internet as, it is indeed trivial to read cookies. No, this can not be done over the Internet. No this is not a simple step to make.

The second point (now that I’m not drafting this on my phone and am using a real computer) I see that the original article was published in 2007! Just about all the info in the original article still holds true 3 years later, but I find awkward when the article on Lifehacker has items like this in the article:

EDIT: You might also want to listen to my interview on Connecticut Public Radio about password security.

Which made me think it was a Lifehacker edit in 2010, but was in fact an edit from John Pozadzides in 2007. Speaking of Pozadzides, his blog looks pretty right on and I don’t really have any beef with him (in that totally anonymous Internet beef kind of way), but I mainly take issue with fear mongering, especially when in comes to cookies.

Update: This article seems to be making the rounds on a lot of sites.

Update 2: There’s a great comment from Wangston below.

Old Tools, Loved Tools

0 minutes, 43 seconds

Though I’m trying to be less and less attached to my material possessions, I do have some that I love having. Two that come to mind are some of the first tools I ever got. They’re nothing fancy, they’re beat up, but I love them and every time I use them I think of all the things I’ve fixed, built and destroyed with them. I also like that the screwdriver is a bit melted from the time I learned about electricity. Pow! There goes the fuse and a chunk of my screwdriver. A few singed eyebrow hairs and I was fine. I think my fave are the dikes.

The sun was setting the other day and I had just used these two guys. I threw them down on the cement and did an ad hock photo shoot. You can see I used the screwdriver as a third leg to get a close up of the jaws of the pliers.