Help Me Out By Doing Something You Were Probably Going To Do Anyway

25 October 2006 — dan

Firefox version 2 is going to be officially released in, I don't know, ten minutes or something. There've been a couple of Release Candidates that haven't been drive-formatting nightmares, so it's pretty safe to say that the official release is going to be safe to run, and I bet a bunch of you dorks are going to join me in installing it as soon as you possibly can.

Google have a "Referrals" deal that lets those of us who have an AdSense account benefit, in the crass financial sense, when people follow a referral link and then download and install Firefox and the perfectly acceptable Google Toolbar.


So, you know, go ahead and click this button and do that, if you feel like it.

I'll only actually get paid for this if you weren't running Firefox before (I suppose you could uninstall Firefox 1.5 before you install 2.0, or something, but that's just ridiculous). I might get a buck or three anyway. It's a perfectly good link for you to use even if it doesn't bring me any money; go for your life, cobber.

While I'm at it, here are some other Google Referral things you might like to investigate. None of them will cost you any money (except for the one at the end, and that's entirely voluntary), but all of them will make me some money if you have the intestinal fortitude to go all the way and install, sign up, donate blood, or whatever.


The Google Pack is only for WinXP, but genuinely does contain useful cool free stuff. Picasa, Google Earth, all that jazz.

Do you only want Picasa?


No problem.


You really can make money with AdSense, if your site gets a bit of traffic. I do. Lots of people with low-traffic sites do, too; they put the AdSense code on their site, they forget about it, a year and a half later they get $57 they weren't expecting. You won't find that kind of money down the side of the couch.

And the ads aren't hideous, and people click on them for various reasons, and Google are even hip enough that they can handle electronic funds transfer to bank accounts in weird Third World countries like Australia. (Most other ad networks *cough* insist on sending US dollar cheques.)


Oh, and there's AdWords as well, but I'll be pretty bloody surprised if anybody signs up from this link. Not because AdWords suXX0rZ, or anything, but because people who want to use it probably already are.

I mainly included this one because I wanted to use another one of Google's button shapes.

If you're drunk generous enough that you just want to send me some money directly, though, I refer you to this page.

NOTE: This post was messed up in most non-Firefox browsers, until the Blogsome support people kindly installed the WP Unformatted plugin for me.

It turns out that WordPress automatically screws up Javascript by inserting helpful <BR /> tags at the end of every line, and Firefox seems to be the only popular browser that's able to ignore that. You'd think there'd be a <unformatted> tag or something that you could use but no, you have to install a plugin or something. "WP Unformatted" lets you do your own darn formatting if you want to.

Posted in Affiliate pimpage, Nerdery. 2 Comments »

See also

25 October 2006 — dan

Minimalist Lego sulphur-crested cockatoos.

More.

Also - here's every way two standard two by four bricks can be combined. It's a sort of Lego mantra. And it won't cost you a penny.

Posted in Nerdery, Toys. Leave a Comment »

Super-Fun-Pack Comix

24 October 2006 — dan

The chap who's doing DM Of The Rings, which I've linked to a couple of times recently, is really pumping 'em out at the moment - one every day or so. The comics are just posts on his blog at the moment with no index, but the Next and Previous links will get you through.

Some other amusing art you may have overlooked:

Ursula Vernon's Metal and Magic (How can so many fantasy artists take themselves so seriously?)

Mike Reed's A Netizen's Guide to Flame Warriors (I am several of these people)

Jorge Rivas and Dave Trischuk's Under Power (which has been in placeholder-art mode for a while now, but which has lots of beautifully drawn ultra-violence waiting for those who read from the beginning)

Tim Kreider's The Pain - When Will It End? (probably not James Lileks' favourite place)

This post's title is, of course, a Tom the Dancing Bug reference.

Tom's one of the Salon comics; if you're not one of Salon's uncountable multitudes of subscribers, remember that the magic-cookie URL to persuade the Salon site that you've already sat through their ad-of-the-day has for some time now been this.

You can't just direct-link to the Salon comic image files any more, but the old ones are still live because Salon are not a bunch of link-breaking jackwads. Here's an index page for those old TTDBs, including several editions of the always-good Comix.

Posted in Humour, Nerdery. Leave a Comment »

Nonsense passwords

22 October 2006 — dan

I'm finally shifting my password collection out of my previous ultra-secure unencrypted text file and into KeePass. KeePass is a mature open-source password storer which seems quite easy to use, and makes no doghouse-worthy security claims.

Plus, it's nifty.

Bad password. Bad, BAD password!

Here, KeePass is showing me that a line of identical characters may be a long password, but it's not a good password.

You get this little dynamically-updating bits-of-entropy graph whenever you enter a password - for the KeePass "vault" itself, or for one of the sites/devices/whatever whose passwords you're keeping safe in KeePass.

This is a really neat way of illustrating the idea of password complexity. It doesn't take into account dictionary attacks, though, which in the modern world are not slowed down much by brilliant tricks l1k3 the u5e of 1337-sp34k. If your password is a dictionary word, then even if you obfuscate it with letter-to-number swaps, it's probably still crackable in minutes, not weeks.

A string of three dictionary words with a few digits on the end, though, is reasonably secure...

Better password.

...so what KeePass is telling me here (click the image to see the larger-filed original) is fair enough.

To avoid the dictionary-word trap, you can either do this sort of thing - a lot of dictionary words in a "passphrase", or a few words and some numbers - or you can use one of those ludicrous more-or-less genuinely random "T\:;9+jrF:y4+@cf#6'w7z" or "Suy7JOvd" kinds of passwords.

Or you can make up nonsense words. That's what I often do.

If you're trying to crack a password and a dictionary lookup won't help, the length of time it'll take to guess is directly related to the amount of information entropy the password contains. Information entropy is, in brief, an objective measurement of the amount of information something contains.

"Suy7JOvd" is higly memorable, by the standards of true random passwords, but it has only 48 bits of entropy. It is, therefore, feasibly crackable by brute force on a single modern PC in a usefully short time.

"T\:;9+jrF:y4+@cf#6'w7z", on the other hand, has 132 bits, which pushes it well into the "cubic kilometres of sci-fi nanotech" category. For all practical intents and purposes, a password like this one can't be brute-forced. The only way you can hope to crack it (as opposed to just steal it from someone who knows it) is by exploiting some weakness in the cryptographic system being used (to hash the password, or to protect the data to which the password allows access).

Which is all very well, but even "Suy7JOvd" is pretty bloody hard to remember. "T\:;9+jrF:y4+@cf#6"w7z" is ridiculous. Everybody knows that people who're given such passwords just write them down, usually on Post-It notes which they stick to their monitor. Or - if they're especially devious, and very proud of their intelligence - they stick them to the underside of a desk drawer.

Steel door two feet thick, lock utterly unpickable and unforceable... key hidden under the doormat. (Or, if you prefer, trap-door in the floor.)

So - nonsense words.

"Slobodongoo" is a 48 bit password, appears in no dictionary, and is quite easy to remember.

"Grobbynolofroidicality" is 85 bits, which is quite enough for pretty much any purpose. And it's also reasonably memorable, though I recommend you not wander around the office muttering something like that. It's bad security practice to speak your password aloud, and it may also cause your coworkers to take action.

If you're determined to go to 128-bit password strength, which is ample for every single purpose on the planet Earth (unless it's important to you that God not be able to crack your password), then "Seglifromobulgradistalibilitegumentsic" manages it. Inserting capital letters and/or spaces can get the length down - "GorgoBrindyFerguBolishSkuziPlen" and "Mali Colu Snobo Limby Tij WoB" are each 128 bits, too. Punctuation can help a lot - "Eeble frong? Zoiby. Nyoj!" is 128 bits as well.

None of those are, I grant you, particularly easy to remember. But they're easier than "j3JBRGjxYCllgW2s2xccLZB9ww".

And you don't need 128 bits, anyway. 70 or so will do just fine.

"Nerbolica grib" and "Ib? Galoomb!" are both 71.

(If you don't have the kind of brain that comes up with nonsense words easily, or if you're paranoid about some subconscious bias that'll make the nonsense words you make up guessable, there are online nonsense-word - and nonsense-passage - generators that'll do it for you. There's also JabberWordy and NameStation, which make up nonsense-word domain names and sees if they're registered - but you can of course use the words for something else. True Security-Mindset paranoids can make a sentence, each word of which is from a different generator!)

It's not very hard to remember a few of these kinds of passwords. Look at all the people who can remember "Supercallifragilisticexpialidocious", after all. That's a 112-bit word right there - though it's probably in lots of password cracking dictionary files, along with several spelling variations, and is therefore not actually very useful. But you get the idea.

Passphrases can be just as good. The only real problem with them is that they're always significantly longer than an equally secure nonsense-word password, since dictionary attacks mean that a "70-bit" passphrase is not actually as secure as a 70-bit nonsense word, unless your nonsense word turns out to actually be a dictionary word in some language you don't know.

Long passwords also, of course, take longer to type, especially since password boxes that sensibly display asterisks while you're typing make it impossible to tell if you've made a typo until you hit return, get an error, and use some of your profanity allowance.

So go ahead and use passphrases, if you like.

Personally, I'm going to stick with the Flobadob-speak.

Posted in Language, Nerdery. 9 Comments »

I don't know whether he's said it yet

19 October 2006 — dan

I could almost certainly have spent five minutes doing something more productive than this.

But it was, as usual, fun.

The original image was this one:

Sparkler bomb

Posted in Nerdery, Shop talk. 2 Comments »

Erroring out

18 October 2006 — dan

I found this page, about a diligent attempt to turn Internet Explorer 7 into a completely unusable mess, quite entertaining.

(Note Slashdot discussion, with many +5 Insightful comments about how this doesn't prove anything and it's all stupid and OH MY GOD WE'RE ARGUING IN FAVOUR OF INTERNET EXPLORER AHHH AHHH NOOOOOOOO. I did like the term "Typhoid User", though; the concept has occured to others.)

Anyhoo, the screenshot at the beginning of that piece, of IE6 clogged into postage-stamp-itude by umpteen toolbars and search boxes and juggling monkeys, reminded me of this classic screenshot. Which, in turn, reminded me of what NoteTab looked like when I had every file on my site open, for some reason, a while ago.

(Yes, Dan's Data is a flat-file site. I change something on every page, I upload 30Mb. Uphill both ways, in the snow.)

I love goofy screenshots. The old "Windows 95-NT horror gallery.." (yes, with two .s) was a favourite of mine; The Internet Archive has a partial copy of that long-dead page. [UPDATE: It lives again, here!)

Fortunately, after something of a drought, The Most Excellent Daily WTF has well and truly picked up the sill-screenshot baton (click the "Previous article" links for many more editions of Pop-Up Potpourri).

Bonus: Doncha all love the inability of (recent versions of) Microsoft Word to save a plain text file without popping up a warning every time? And I do mean every time.

Bonus bonus: One that I just discovered while optimising images for this post. In Photoshop's ImageReady-"Powered" Save For Web dialog, if you're in PNG-save mode and select "Auto" in the "Colors" box, then click one of the little arrows next to it, you get this:

Some kind of Not A Number error would seem to be more appropriate.

Awesome.

Posted in Nerdery, Shop talk. 1 Comment »

Essential viewing

18 October 2006 — dan

From series 2, episode 1

Tim Hunkin is something of a legend.

I could crap on about why I think he's a legend, but you'd do better to look at his site, and The Rudiments of Wisdom, which is unquestionably the finest collection of pictorially presented facts ever assembled by a man who can't actually draw worth beans.

I bought the book.

In conjunction with Sheddi Knight Rex Garrod (the uk.rec.sheds FAQ spells neither Rex's name nor, I suspect, his title correctly; they're not really into spelling), Hunkin produced a series of documentaries called The Secret Life Of Machines (SLOM). There were two six-episode series of SLOM, followed by a six-episode series called The Secret Life of the Office. Hunkin's own site for the series, with accompanying, um, documentation, is here.

The SLO-whatever documentaries were all made pretty much when Tim and Rex had a spare moment and shot on small format film with few to no re-takes, so they look a lot older than they are. They also contain some of the ropiest animation ever committed to film, and large chunks of archival footage that I fervently hope Tim got for free. Parts of them are also a bit outdated now, but never mind; the innards of VCRs are still interesting.

All three series are, if you're any kind of self-respecting nerd, completely fascinating.

I would go so far as to say delightful.

Why are old washing machines so heavy? What the hell actually happens in a sewing machine, anyway? Can you really record sound using sticky tape and rust? What happens if you stand on a car's accelerator and brake at the same time? Will either Tim or Rex survive the demonstrations they do in the "Electric Light" episode?

All this and more, as they say.

Here's Tim's page for Series 1, here's Series 2, here's Series 3.

All three series are now available on DVD, from Team Video Pacific, who used to sell them only on sticky tape and rust VHS.

Back then, I pitched in with some friends and bought the first two series.

We all needed to pitch in, because Team Video charge through the freakin' nose. The two-series set cost $AU236.25, ex postage.

You got six tapes with two episodes per tape, but the episodes are only 25 minutes each. The high tape count is because Team Video expect to be selling to schools, who don't like to put all of their video eggs in one basket.

The price I paid then is the same as the price you'll pay today for the DVD version of those same first two series. You're looking at another $AU198.45 for the third series. The whole lot together, including shipping, will cost an American buyer more than $US400.

You could get seven LOTR boxed sets for that kind of money.

And yet my friends and I still bought the first couple of series. One of us even made DVDs out of 'em.

SLOM is that good, or we are that mad. Take your pick.

Anyway, if you read the pages I linked to above, you'll have noticed that Tim is not exactly clamouring for people to pay the hefty Team Video prices.

In fact, he's openly inviting anybody who's interested to download his work for free.

He provides handy-dandy BitTorrent links for that purpose.

(...although they're currently broken - when I posted this, the optimal links for the three series were here, here and here, and Tim updated his pages accordingly, but now they've moved on again.)

So, you know what? Go ahead and do that, with Tim's blessing and with mine.

The rips in the downloadable versions are not great. Video and audio glitches, aspect ratio problems (so you'll want to use a player like Media Player Classic or VLC that lets you fix that), and one of the filenames invents a thing called the "Internal Bustion Engine".

But they are free. And the guy who made them wants them to be free. And they are totally excellent. And if you do not like them, then I do not like you.

Go to it, people. I'll help seed, and I wanna see those "Peer" numbers rise.

Those download links again:

Series 1

Series 2

Series 3

Try this link now.

OK, this time for sure. This (magnet link) is my very own torrent of a good-quality rip; if nobody else is seeding it to you, I will.

Posted in Hacks, Nerdery, Science. 12 Comments »
Newer posts »