@davejthorp the RSS feeds at dave-thorp.me.uk (e.g. for posts and comments, presumably among others) are broken
Notes
Text-based short-form content without individual titles.
2004 called, @virginmedia. They asked me to remind you that maximum password lengths and prohibiting pasting makes your security worse, not better. @PWTooStrong
In more detail:
- Why would you set an upper limit on security? It can’t be for space/capacity reasons because you’re hashing my password anyway in accordance with best security practice, right? (Right?)
- Why would you exclude spaces, punctuation, and other “special” characters? If you’re afraid of injection attacks, you’re doing escaping wrong (and again: aren’t you hashing anyway?). Or are you just afraid that one of your users might pick a strong password? Same for the “starts with a letter” limitation.
- Composition rules like “doesn’t contain the same character twice in a row” reflects wooly thinking on that part of your IT team: you’re saying for example that “abababab” is more-secure than “abccefgh”. Consider using exclusion lists/blacklists for known-compromised/common passwords e.g. with HaveIBeenPwned and/or use entropy-based rather than composition-based rules e.g. with zxcvbn.
- Disallowing pasting into password fields does nothing to prevent brute-force/automated attacks but frustrates users who use password managers (by forcing them to retype their passwords, you may actually be reducing their security as well as increasing the likelihood of mistakes) and can have an impact on accessibility too.
- Counterarguments I anticipate: (a) it’s for your security – no it’s not; go read any of the literature from the last decade and a half, (b) it’s necessary for integration with a legacy system – that doesn’t fill me with confidence: if your legacy system is reducing your security, you need to update or replace your legacy system or else you’re setting yourself up to be the next Marriott, Equifax, or Friend Finder Network.
- It’s definitely not the first time you’ve been told. Get your act together.
“All #boardgames can be legacy games if you want it enough!” – @fleeblewidget, after drunkenly stumbling upon @thegodzillagirl’s label maker.
Summit of Ben Nevis with Robin (on almost the shortest day of the year) to finish off his 52 Reflect project.
How did our parents cope with just I-spy and 99 green bottles on -hour journeys? This is definitely the way to hypnotise kids in the car!
No, @NetflixUK, I don’t want you to WhatsApp me. I never want you WhatsApp me. Why do you ask me every time? No means no.
We need a movement of developers and enthusiasts who loudly, proudly, use @mozilla @firefox as their primary browser. On our desktops and our laptops. We test in it, extend it, contribute to it. But we never, ever, take it for granted.
The moment I came to this conclusion. Background: 1, 2, 3, 4, 5, 6, and with thanks to Jeremy Keith for helping me see it.
See the @NYTimes story about how Dutch church @BethelDenHaag has been holding a non-stop six-week service in order to prevent the deportation of a family taking refuge within?
Story: https://www.nytimes.com/2018/12/10/world/europe/migrants-dutch-church-service.html
My take: https://danq.me/2018/12/15/to-protect-migrants-from-police-a-dutch-church-service-never-ends/
Playing Pong at the @bodleianlibs for #WDPD2018 #dp0c.
The Prime Minister’s New Bill
With apologies to Hans Christian Andersen and thanks to JTA, both of whom deserve the credit for this more than I.
Once there lived a Prime Minister, and she loved to wear clothes made of strong international relations. One day a Swindler came to the Prime Minister and he promised that he could equip her with clothes of the best and strongest international relations. The Swindler claimed that all the people of the realm loved the new material he was producing, and the Prime Minister was delighted. She appointed a man to be in charge of ensuring that the Swindler did the job he had promised, and then she got back to her important work.
Her man soon reported to her a most alarming fact: the Swindler wasn’t at his loom. He was just sitting in the pub, sipping distinctly-English beers and seemingly making no progress on the bill at all. The Prime Minister was alarmed, but didn’t say anything: after all, she would soon be on the way to wearing clothes of the most beautiful and strong international relations. Besides, she’d been promised that all the people loved the new material that the Swindler worked with. So she appointed a second man and asked him to keep an eye on the Swindler, instead.
The second man checked in on the Swindler, and then reported that the Swindler still wasn’t weaving. The Prime Minister challenged the Swindler, but he claimed that he’d had car trouble while returning from France, where he’d been acquiring supplies, and would be getting back to his work soon. Clearly the second man had been too hasty in his judgement, so the Prime Minister appointed a third, who’d surely be less-judgemental as he saw the job through.
The third man checked on the Swindler, and discovered that while he was at his loom, he didn’t seem to be working at all and the loom stood bare. “The Prime Minister is concerned,” said the man “That no progress has been made whatsoever on her new clothes of strong international relations.”
“But progress has been made,” said the Swindler, “Can’t you see? I promised the Prime Minister that I would weave, and weave means weave! I am making clothes of the finest international relations; they’re made out of a Bill so lightweight and flimsy that it’s almost invisible. Only the cleverest of people can see it.” The Swindler reached into the loom and scooped his arm under the place where the fabric should appear, and raised it to show the third man.
“Ah yes,” said the third man, “I can see it.” But the third man could not see the Prime Minister’s new strong international relations.
Soon the clothes were ready, and the Swindler brought them to the Prime Minister to try on. She seemed confused at first: where were the clothes? But then the swindler explained: “These clothes are made of the finest international relations, in the fashion that is most-popular with the people,” he said. “Only the most-intelligent of people can see how beautiful, how elegant, how economically-viable they are!”
“Oh!” said the Prime Minister, and examined her new clothes. “I… um… see you’ve put a lot of work into stitching the hem: these borders will surely be well-protected.”
The Prime Minister tried on her new clothes, and observed that they were so light that she might as well have been wearing nothing at all. She wasn’t sure that she wanted to be seen wearing these new clothes because they made her feel naked and vulnerable, but she didn’t want people to think that she was stupid by confessing that she couldn’t see them. She resolved to show them to everybody she could find.
First she went to her Cabinet. “Do you like my beautiful new clothes?” she asked, “They’re made of strong international relations, and only the cleverest of people can see them!” And her Cabinet all nodded and said that yes, of course they liked them. But they could not see the beautiful new clothes. (It’s worth noting that half a dozen of them walked out at this point without saying a word.)
The Prime Minister went to see the Old People, and she said, “Do you like my beautiful new clothes? They’re made of strong international relations, but only clever people can see them.”
“Yes, they’re wonderful,” said the Old People. But they could not see the strong international relations.
The Prime Minister went to talk to the Emperor of America, and she said “Do you like my beautiful new clothes? They’re made of strong international relations, but only clever people can see them.”
The Emperor of America looked the Prime Minister up and down, and made a strange face that made the Prime Minister suspect that the Emperor didn’t even WANT to see the strong international relations, but he said: “Yes, they’re great clothes. The best clothes.” But the Emperor of America could not see the strong international relations.
The Prime Minister went to talk to the Racists, and she said “Do you like my beautiful new clothes? They’re made of strong international relations, but only clever people can see them.”
“Yes, they’re fantastic,” said the Racists, and they genuinely meant it, because they’d already persuaded themselves that because the new clothes had been made in their own country they were inherently superior to any clothes that might have been made by foreigners. But still, they had to admit, they couldn’t actually see any strong international relations nor did they want to.
The Prime Minister went to talk to the Under Thirties, and she said “Do you like my beautiful new clothes? They’re made of strong international relations, but only clever people can see them.”
The Under Thirties stared at Prime Minister, and then looked at each other, and then looked back at the Prime Minister. “You’re not WEARING any clothes,” they said. And the Prime Minister knew that they were right.
Some days my job… isn’t like other people’s jobs. Lately, I’ve been reimplementing Pong in Javascript for the @bodleianlibs’ video wall for an event on Thursday.
When I watched @Sir_RidleyScott’s #BrainDead (@BrainDeadCBS) in 2016, it was a dark comedy about alien brain parasites driving US political extremism.
When I watched it in 2018 it was a plausible explanation.
When I watch it in 2020 I’m worried it will be a documentary.
Hey @aqldotcom: why must my password for your enterprise telecommunications platform be no longer than 12 characters? Are you worried my #passwordistoostrong? CC @pwtoostrong
#challengerobin continues unexpectedly into a new day as I bet Robin a tenner that he can’t jump a river without getting his feet wet.
All geopoints collected by The Gadget during #challengerobin:
