Somewhere out there!

Simon Willison discusses a neat method for dealing with the internet password problem: The bookmarklet solution to the password problem.

Personally I’ve have a small set of passwords I use for many of my internet accounts. Its hard to tell at the start of use whether an internet account might become important. Then laziness dictates that I don’t replace them at a later stage.

This method for generating a “unique password” which is easy to remember for each site is an excellent method for increasing overall security.

New kdm (3.3) in unstable fails source /etc/X11/Xsession and thus ssh-agent. Here’s the bug report with a work around:
Debian Bug report logs – #265865 – kdm doesn’t use common modular Xsession from xfree86-common.

LCD monitor prices are finally coming back to sanity. So its time to make an investment in my eyes. I find after a day looking at my Philips 109P that my eyes can often be quite tired. Conversely when back when I used my Toshiba Tecra 8100 everyday I found the 14″ LCD screen very easy to look at.

There are a few choices out there. The many thing is getting something with a fast response time, so if I want I can fire up Half-Life 2 or whatever and have an enjoyable game. The other thing to decided is monitor size, 19″ or 20″? That of course is a cost decision, certainly the price difference between the 17″ and 19″ is such now that the 19″ is the better buy. I’m used though to using 1600×1200 with a large font on my CRT monitor and of the that I’d need a 20.1″ LCD. Question is, should I pay the 1K more for that 1″?

Read the rest of this entry »

Don’t you hate it when you have to download a 50Mb openoffice.org deb, just because the developer has changed one line in debian/*. I think someone some work on a binary patch system not just for security releases but for all updates.

Work on the principle subversion uses. DIskspace is cheap and bandwidth is expensive.

While we are at it the other thing Debian needs is mastermerge.

I’m in the process of developing a small application for stock purchase management. Basically logistics handling for purchasing containers from an overseas supplier, dealing with some forecasting for supply cycles. Few basic things.

I haven’t really done much development work a very long time, so I’m a bit rusty. I decided that I’m going to write it in python, as after looking at some of my old perl programs I realise how important it is to be able to maintain your applications even six months down the track. So I think its probably a good change to learn some python and see if its works for me. I’m quite interested in the statement I constantly have heard: “I sat down to try test some ideas and had my application written over the weekend.”

The question I’m now faced with though what UI to use. Should it be web based or maybe wxPython? Problem is when you are writing something not for yourself to use, but other users that you have to make sure that its robust and finding debugs is not going to make you hair go grey.

I gave SPE a try last week and quite liked it. I was almost ready to buy wingware, but SPE seems somewhat better. I had a play in the windows version with its interface to wxGlade. It looked very powerful, I’m figuring it might take me about a couple learning how to put basic single window applications together and maybe another ten or so, put it all together in a multi-window application.

On the web side, as many people know that are a lot of different choices for python web applications frameworks. I still have to write the data model and I’ll probably try wxPython out, but a web application is easier to deploy and upgrade, and I’m a lazy admin.

I’ve been compiling a list of references:

• PyWebOff Blog:- start of the best comparison I’ve seen so far.
• Template Systems:- nice article and discussion about different templating methods in python
• Nevow
• PyCon DC 2004:- some stuff about Atop and Nevow
• [Quixote-users] Re: A toy Nevow implementatio
• ATOP – Simple but Powerful Persistence using Python and BSDDB
• ZODB beginners guide. Very good.
• [ZODB-Dev] experimental Debian package for 3.3a3
• Clearsilver
• [Pyweb] Information about high-performance python web kits:- Some info about Clearsilver
• RubyGem of the Month – Rails:- Several comments have suggested this is much better than anything on Python at present.
• Python on Rails?
• The right tool for the job

Still a bit of work to do.

Nice tale about designing two sites, one with tables vs the other with css layouts.

Interesting commentry afterwards with a reference to a nice quick introduction to Developing With Web Standards.

Planning to move to a centralised logging system using a database. Mainly so I can keep log entries around for at least 6 months, plus to make it easier to find and sort entries with one of the php based log-display systems.

Couple of methods avaliable that look interesting: Syslog Logging with PostgreSQL HOWTO and Centralized syslog-ng to Mysql.

Will have to investigate further.

Using kprinter directly would often bring on a whole pile of warning messages like “kdecore (KIconLoader): WARNING: Icon directory /usr/share/icons/hicolor/ group 48×48/stock/media not valid” for empty directories. Annoying to say the least.

Final forced myself google for a solution. I must say the KDE has some real nice flexibilities in configuration.

I’m not sure I trust Sony, but the Sony U-70 sure looks sexy. Small nootbooks and PDAs are rapidly converging on each other. Another interesting unit is the Pocket Loox 720 by Fujitsu. Particular since it can “operate as a USB 1.1 host”.

Last year I almost bought a Fujitsu P-1120. In the end I decided both that it didn’t have USB2 and that I could wait. Although it could fit in a pocket, it just didn’t quite seem to have enough modern features.

Now that I’m off the beast-master system upgrade horse, having replaced my gaming platform with the XBox, and in the process saving myself a lot of cash. My remaining goal is too thin-client myself. With a combination of Win4Lin, Crossover, KDE and NX running on top of UML, I can set myself up almost anywhere running almost anything.

These pocket based systems combined with WiFi and GPRS certainly seem like a good step along that way. Your front end becomes nearly throw-away.

Remebering passwords is a chore, its becoming more important with the ready increase in cracking power. I can just see some windows worm being designed right now to provide more distributed horse-power to crack passwords and distributed disk space to create massive password dictionaries. Combined with a little more cunning, these beasts are going to start automatically cracking passwords on systems they compromise.

There was a recent discussion on debian-user with some clever ideas for generating passwords.

Personally I agree with Karsten M. Self. Eventually the best way to secure our systems is going to be with tokens.