November 2007 Archives

There has been a couple of memes circulating in Facebook recently. They consist of a warning that a certain Facebook user is actually a hacker and should they gain access to you - or your friends' Facebook profile they will hack it and your email account. Of course, these are almost certainly vindictive japes against specific individuals who aren't but are claimed to be hackers: just kids making it up for kicks.

See, these "hackers" can only access your accounts by using a username and password - like you do - to get in. So providing they don't know both they can't get in. Assuming any of these warnings of hackers trying to befriend you is true, they can find out your username (your email address for many accounts) and then start guessing your password, normally by trying commonly used passwords then dictionary attacks then sheer brute force attacks. There are other techniques that aid our hacker friend, but I'll leave that for now.

What you need to do to protect your email / Facebook / whatever accounts is:

1. Use different passwords for each account. If you use one for everything and someone finds that password they can access all your accounts.
2. Use strong passwords. These are typically a mixture of letters and numbers (and no, "password1" doesn't count) and not based on words.
3. Use KeePass (freeware) to keep your passwords safe and secure and prevent you from losing them.
4. Set yourself up a "public" free email account (gmail, hotmail, yahoo) that you use for very public use such as in your Facebook profile while keeping your normal email address for friends, business and family.
5. If you can't be bothered to use KeePass and strong passwords (maybe you use a fair few computers to access your accounts) then at least try making your passwords stronger by doing something like this:
1. pick a prefix - let's say "b1ue"
2. pick a suffix - "90" for example
3. now make your passwords start with the prefix and end with the suffix, and put something in the middle (probably something related to the account you are using it for) so "b1uemail90" "b1ueface90" and so on. This is not a strong password system, but it's better than "password", "letmein", "123456789" and so on.

Get into the habit of using strong passwords. You wouldn't use a simple bolt on your front door; you go for the Yale key, don't you?

I came into a bit of money and wanted to pay off some debts with it. So I called Welcome Finance to ask how much I owed and how much would they accept as full and final settlement. It took them two days to come back with two different figures: the amount owed - and that would be paid if I continued with the monthly instalments - and an early settlement figure, which was a full £200 more. It would cost me £200 to pay them 6 months prematurely.

You'd think a provider of "ugly duckling" loans like Welcome Finance would be desperate to get their money back as soon as possible to lend it to someone else. Given the current market situation I'd be surprised if they could raise any capital at all. No-one will commit to risky lending with the credit crunch and all.

There were a couple of interesting things that came out of the exercise: First, Welcome Finance front-load their loans. That is to say, they add the interest at the very beginning of a loan. If you were to pay back on the very same day you take it out you'll have to pay all the interest (which was roughly the same as the principal amount borrowed in my case.) Bear that in mind if you ever need to borrow from them.

Second, there's a great site called saynoto0870.com that gives you the direct, normal land line numbers for numerous companies. Given that most mobiles and land lines give you free minutes for normal land line numbers but not 0870 numbers this is a good way to save money. It also gives you the satisfaction in knowing you aren't paying the company at the other end for being held on hold for 20 minutes (0870 numbers pay the recipient for inward calls.)

So, anyway, the money I was willing to give them up front, now, in their hand, safe, is going to go and sit in an ISA and give me interest instead of them. Go figure.

We've all seen web sites that try dismally to protect their content by disabling the right-click driven context menu appearing. However, you might have a use for using the right-click as a prompt to do something useful. If you do, here's a quick solution:

None of these are verified: feel free to shoot them down, or use them in your defence as you wish.

1. The entire World population could be squeezed onto the Isle of Wight.
2. Bill Oddie's religion forbids him from eating glass.
3. Some people think there really is a place called, "Llanfairpwllgwyngyllgogerychwerndrobwllllantisiliogogogoch"
4. You need a 13 mm spanner to undo an M8 bolt.
5. The circumference of the rim of a standard pint glass is just less than twice its height.
6. There are more water molecules in a glass of water than there are glasses of water on earth
7. An elephant's penis weighs half a hundredweight.
8. Pacific Standard Time began last Sunday
9. 50 kilograms = 110.2311 pounds

Heaven knows why, but most chip shops in southern England make appalling chips. Saggy, sodden, sorry things. We all want crisp on the outside and fluffy on the inside. Anyway, how to make the perfect chip:

• Peel and chip your potatoes. Some swear by Maris Piper. I like Vivaldi.
• Now boil your chips until they are flaky and about to fall apart.
• Empty your soft boiled chips onto a baking tray and give them a shake to get the edges roughend up
• Place in fridge to cool down and let the starch bond again
• Meanwhile heat your oil to 220° C (or as hot as your deep fat fryer will go. You do have a deep fat fryer, right?)
• Once the boiled chips are cool to room temperature, put them in the hot oil
• Shake occasionally. Should take about 5-10 minutes to get a nice golden brown around the edges
• Serve with salt and vinegar.

Had an interesting problem this week with a hostile legacy codebase. There is a "config" module in the codebase that opens a file and creates methods for each of the variables to give you a config object. You can then get your config values by calling the appropriate method. This works fine but in some places in the code base someone has decided to ignore the methods and access the variables directly. Turns out the package stores the variables in a hash called "config" in the object. Accessing the variables directly is therefore possible by doing something along the lines of:

Curry queen is a good, solid, old fashioned, cramped, wall-to-wall carpeted curry house. There are two floors and more often than not they are full, which says something about the place. The poppadom and condiments have always been excellent and the main dishes very good indeed, with enough bite in the jalfrezi without an indecent amount of chilli peppers. The only disappointment was the paratha, which were overdone last time I went there. Not burnt, and still totally edible, but a high quality paratha is light and pulls apart into flaky, stringy pieces (the Kerala restaurant on Castle Street does cracking ones, btw). The dhal has always been good, not shying on the essential salt needed to make it tasty.

A good middle of the road choice.