DISTRIBUTED COMPUTING, THE NEXT MONEY SAVING STEP?
A password breaking program called John the ripper has been modified to use the CPUShare pay-per-MIP parallel processing network as a test. This means that anyone with an MD5 hashed password can now look to rent enough machine power to take a serious shot at finding the original password. This is a step along the current path of technology which is leading us away from single expensive solutions and on to more organic systems which can adapt to changes in usage as neccessary.
BEWARE THE BAD SPEC........
I’ve recently been having an Email conversation with some the guys who wrote the technical specification RFC3920 about the language used and it’s left me wondering how many more times I will see the same mistake made. Specifications are suppose to aide clarity, they’re suppose to make it easy to produce compatible systems because a good specification will leave little room for ambiguity, but the big problem is the eagerness of specification writers to either make up terms or redefine words to fit their needs.
IF YOUR USING STRUTS 2, MAKE SURE YOU'RE USING 2.0.9
The struts guys were pretty swift in releasing a fix to the problem I blogged about before, so if you’re using Struts 2 you really should to 2.0.9.
BIG SECURITY HOLE FOUND IN STRUTS 2 AND POSSIBLY WEBWORK
In the programming world two of the most widely understood types of problems are cross site scripting (sometimes called XSS), and user command injection (e.g. SQL injection), so you can imagine my surprise when I found the Struts 2 framework which has only been considered suitable for production use suffers both. This serves as a good example of why any development team should have at least one person who has a background in application security and is tasked with checking for the common types of security problems which come from fundamental design mistakes.
WHY CD KEYS WILL BECOME PART OF HISTORY...
No matter how good you think a CD key generation scheme is there will always be legitimate users who encounter problems. You also have the problem that the key generation scheme will eventually be cracked, CD generators will be made, and you end up with the situation where even if you buy a new copy of the software from the primary distributor you still may not be able to use the software to it’s full potential.
OH PS3, WHY DO YOU LACK PSP FEATURES?
Sony have been selling the PS3 for some months now as a network enabled home entertainment device, yet it seems to be lacking at least one piece of functionality which is available on Apple TVs that has also been available on Sonys' own PSP for over a year. There is no doubt that the last firmware update was a big step up for the PS3 as an entertainment center. Upgrading the DVD playback software to do a decent job of upscaling was a good move, and adding the ability to be a DNLA client is also a great boot because it allows users to play movies and music stored on DNLA enabled PCs and storage devices around their network, but the PS3 still lacks the ability to subscribe to Podcasts which the PSP has been able to do for over a year, and it’s quite frankly stumped me as to why it’s not available.
LINUX, STILL NOT THERE YET
I’ve finally made the choice between OpenSuSE or Vista as my preferred OS for the next few years, and the decision went to Vista, and to my surprise it only took a couple of hours to decide. For the tests I installed both OpenSuSE 10.2 and Vista on my desktop to see how things went and within a couple of hours OpenSuSE had already lost the fight on an age old problem for Linux….
A STEP IN THE RIGHT DIRECTION FOR LINUX
I’ve used machines running Linux for well over a decade for various things, and a few times I’ve tried to use it as my the operating system for my desktop, but I’ve always reverted back to Windows because of usability and hardware compatibility issues. I’ve recently started to moved away from Linux as a server operating system for the same reason, but my main problem with Linux may now be addressed, and that’s making things just work.
BOTS AND SPAM
One of the major contributors to spam emails are computers which are called bots (or zombies). Bots are computers which have become infected with one or more programs which allow other people to control what the computer does (e.g. if a bot program is installed on your computer someone else could make your computer send out spam Emails all day long and you may not even notice). Sending spam is only one of a number of bad things that bot controllers can do with your computer, but it is one of the most visible.
WHATS A WII LIKE?
After a few days Wii-ing (I couldn’t resist it), I thought I’d pass on some thoughts for those wondering if the new console lives up to the hype… well…. for hard core gamers it’s not the thing to have as your main console. For everyone else is fantastic fun, and even hard core gamers may want one as a second console. The graphics won’t rival an Xbox 360, PS3, or a high-end gaming PC with a recent graphics cards, but thats something that Nintendo have not made a big secret.