Archive for July, 2012

Password Protocol

Thursday, July 12th, 2012 Mike Ficco

It seems there was recently a security breach at Yahoo that exposed more than 400,000 login credentials.  When this is reported, it seems to always be accompanied by advice on making high quality passwords.

Well, I have a password question that challenges conventional password wisdom.   I know some of the readers of this site are experts in this sort of thing, so hopefully someone will answer my question.

 

OK…

Not using passwords that contain your dog’s name or the names of your kids or wife I understand.

Not using the word “password” or “pa$$word” in the password I understand.

I even understand not using ncc1701, klaatu, or clownq.

Yep, I get all that… but what I don’t get is the recommendation to change the password regularly.  Here is the way I see this.  You have a really good password that nobody has been able to hack and then you change it and change it again.  Effectively, you are saying, “OK you failed to hack that one, now try this one”.  Eventually you will produce a password that somebody will hack.  Indeed, by using multiple passwords you are saying – here, guess ANY of these.

One argument is that if you change your password regularly, say every 30 days, that limits the amount of damage that can be done.  Ummm, bull****.  A bad guy having a password can do all the damage that needs to be done in less than an hour.

So, experts, why are we supposed to regularly change our passwords?

 

Engineering Safer and More Efficient Stoplights

Wednesday, July 11th, 2012 Mike Ficco

I read in the paper that, due to the persistently slow economy, QE3 is now a definite possibility.  In case you’ve been living under a rock for the last few years, QE is Quantitative Easing – and we’ve already had two of them.  This is where the government gives money to banks (well, technically they buy financial things like bad loans from the banks… look it up).  Anyway, they give money to banks in the hope that the banks use that money to make loans to build new things thereby creating jobs.

How’s that been working?  Well, the bank executives are getting swell bonuses…

Looks Clear

 

I have an alternative idea.  Lets give money directly to engineers so they can build cool stuff.  One desperately needed project is improved traffic control.

The problem with the picture shown on this page is that I’m stopped and burning imported oil/gasoline although I have a perfect view of oncoming traffic and the only thing dangerous about making a left turn would be the risk of getting a ticket.  I’m certain engineers with a little funding can improve traffic flow and reduce gasoline consumption and the accompanying pollution.

Do any of you have any “shovel ready” engineering projects that a couple of dump trucks full of cash would help?  Imagine the good that would come to the world if the government became a gigantic venture capital money trough into which regular engineers could dip to fund their development projects?