Tag Archives: Internet

Security and the Mobile Web

locks of age Today nearly every web site is an application of some sort, and requires a username & password.  That’s great but it’s difficult to remember many passwords so what to do?  Using the same password across all sites makes it easy to remember but is hardly secure; if your account on one site gets compromised you’re laying your accounts on all sites open to attack.  A better way is to use a different password for each account but how do you remember them?

One way is to use some kind of password scheme such as combining a standard secret code with a code derived from the site name to form the password for that site.  But again this is not totally secure as one password being compromised gives the attacker the secret part that is in all your other passwords and simplifies figuring out your scheme.

Another way; and the one I use is to use a password database application such as KeePass Password Safe to both manage your credentials.  I do this; allowing KeePass to generate passwords for me and automatically enter my credentials into login forms at the press of a hotkey.  This works very well and I have hundreds of passwords stored, most of which I’ve never even seen.  Not only are these passwords automatically generated but the fact that I don’t need to remember them means I can use nice secure passwords like “y. I&DSe%b”.

This is where problems arise with the mobile web.  Yesterday I was out and wanted to tweet from my phone so I opened Slandr in Opera Mini only to see the login page; must have been too long since I last used Slandr and the cookie expired.  So I was stuffed, being out and nowhere near my computer or access to my KeePass database to look up the password.  Even if I had a password database on my phone it would be tricky to type in a cryptic password without copy and paste.  So what’s the alternative?  Dumb down my password scheme again to the point where I can memorise passwords for entry on my phone?  I’m not keen on that.

Photograph courtesy of Tom Hensel.

Last Month’s Movies

I saw a promo for an upcoming run of classic movies on SABC3.  Some of them are ones that I don’t own and would love to see again so I went to the SABC3 web site to look them up.  Imagine my surprise when I found that their movie page contained links to subsections for movies in April, May and June.  Today is 21 June, so why on earth would I want to know what their movies for April and May were?  I either watched or missed them but that is no longer relevant.  There is no mention of the classic movies, which are presumably coming up in July, but perhaps we don’t need to know about those.

MOVIES

You would think that with all the organisation it takes to draw up schedules, and advertise them; that they would also keep on top of updating their web site.

New features in Google Reader

According to the latest post on the Official Google Reader Blog the feature I spotted yesterday is now live; new/unread message counts now go to 1000 instead of 100, so you will no longer see 100+ on your tags. If you see 1000+ on anything other than your All Items folder then you probably need to unsubscribe from some feeds or reconsider your strategy for reading feeds.

The other new feature that has been added is a search that you can use to search all your subscriptions. I know many have been asking for this and it should prove most useful.

The 100+ is back

Earlier at home I was seeing actual unread message counts in Google Reader but now I’m logged in at work and I’m seeing the familiar old 100+ for tags with more than a hundred new posts. “They’re coming to take me away, ha ha, hee, hee!”

Google Reader loses the 100+

Cool, I just noticed that Google Reader has had a little update and no longer displays 100+ when there are over a hundred new posts in a tag.  My All Items is currently showing 904 unread.

What a delightful advert

I was shown this lovely advert by Gmail early this morning. Needless to say, I didn’t click through; the mental image was bad enough.

Foreigners Not Welcome

Is the concept of the global village simply a myth? Looking at certain US based web sites one might think so; do the designers of these sites not realise that more potential internet users exist outside the US than within?

A little while ago I was catching up on one of my Flickr photo feeds when I came across a reference to a competition with a Leica M7 as first prize. I’d love to earn one of those so of course I visited the link. Turns out it is a promo for uber.com, a new photography site, apparently started by Chris Weeks, a photographer whose work I am familiar with from Flickr.

Having been through this kind of thing once or twice I immediately checked the rules to see if I was eligible and found that I wasn’t, as they say “Leica M7 Sweepstakes (the “Sweepstakes”) is open only to legal residents of the 50 United States and the District of Columbia who are at least sixteen (16) years old at the time of entry.” I don’t really have a problem with this as there are physical prizes involved, and with the cost of foreign shipping and other, possibly legal factors to consider, it is not unusual for web sites to restrict competition eligibility to the country of origin. Being a sucker for photographic web sites I decided to join anyway so clicked the link and got the registration form, which has a Zip Code field. Most of the world outside the US has postal codes, not zip codes, but web sites typically accept them along with US zip codes. Not this site though; when I submitted I got back a message saying “Please enter a valid US zip code”, and this is why I’m writing this post.

What is the deal with sites like this? Are the owners or designers ignorant and not realise they are excluding most of the world’s population? Do they deliberately exclude those outside the US for some reason? In which case why not go that little bit further and analyse visitor’s IP addresses so that they can block us from accessing the site completely, perhaps with a nice polite(?) “FOREIGNERS NOT WELCOME” message. I prefer to think that it is not malicious and in the case of uber.com, I still want to join, so thanks to Aaron Spelling for giving us Beverley Hills 90210, which not only provided us with entertainment but also provides foreigners with easy access to a US zip code that can be used to circumvent silly blocks like these.

Chris, if you should happen to read this post, I don’t really live in Beverley Hills, but in Cape Town, South Africa, where foreigners are welcome.