Week ending Sunday 2013/06/02

Monday 19:58 · The best choice in storing passwords is… don’t: arstechnica.com/security/2013/05/how-crackers-make-minced-meat-out-of-your-passwords/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+arstechnica%2Findex+(Ars+Technica+-+All+content) Time for federated identity. [Original.]

Monday 19:58 · @antonmc Fascinating to see if he can just stonewall it until it goes away. [Original, responding to @antonmc.]

Monday 21:22 · RT @jwz: Screenshots of Despair. "This is a poem we found on the internet." jwz.org/b/yhnX [Original.]

Monday 21:30 · @GreatDismal I pedantically object to your abbreviating WP as “Wiki”; that word has a technologically & culturally important meaning. [Original, responding to @GreatDismal.]

Monday 22:22 · @MrAlanCooper Squeaked past with www.geoguessr.com/#.UaQ3505h6cs.twitter … only missed that one in Russia by 1000km [Original, responding to @MrAlanCooper.]

Monday 22:48 · My best-ever geoguessr (but nothing very hard). Can you beat 30942? www.geoguessr.com/?s=eyJ0b3RhbFBvaW50cyI6MzA5NDIsInZlcnNpb24iOjEsInJvdW5kcyI6W1sicm91bmQiLCJsYXQiLCJsbmciLCJnTGF0IiwiZ0xuZyJdLFsxLDQ1LjI1NjU3MywzOC4xMTc2MTMwMDAwMDAwMDYsNDUuMjQzOTUzNDIyNjIzMjQsMzguMTMzNTQ0OTIxODc1XSxbMiwtMjguNTAyNDQsLTUwLjk1MjA0Njk5OTk5OTk5LC0yOC41MDA3MTU3NTAzMTI4NiwtNTAuOTUxMTk5NTMxNTU1MTc2XSxbMywtMzAuOTA1Mzk4LDMwLjMxNzI5NTk5OTk5OTk0MiwtMzAuOTM0NjIzNzE5MDIzNTg4LDMwLjMwODUzMjcxNDg0Mzc1XSxbNCw2Mi45NzQzNTksMjEuNjAxNDgyMDAwMDAwMDMzLDYzLjAyNTA3NDIxMDExNzI0NiwyMS44MTg4NDc2NTYyNV0sWzUsLTMxLjc5MjUzNCwxMzIuMjI0NjA5LC0zMS43ODQyMTY4ODQ0ODczODIsMTMyLjIzMTQ0NTMxMjVdXX0%3D [Original.]

Tuesday 00:32 · @GeeksHaveLanded I have my own space to write in and it suits me fine. Why is yours better? [Original, responding to @GeeksHaveLanded.]

Tuesday 08:44 · @lucaspanjer You mean trusting the Identity Provider is hard. Yep. Suggestion: Don’t rely on just one. [Original, responding to @lucaspanjer.]

Tuesday 09:49 · @pkedrosky Was startled not to recognize one of the English ones, “LWWEe”. Not hip enough to know the abbreviation I guess. [Original, responding to @pkedrosky.]

Tuesday 10:46 · Nice little end-passwords rant from @nelson: www.somebits.com/weblog/tech/bad/time-to-end-passwords.html What he said. [Original.]

Tuesday 12:32 · RT @omarelakkad: A short sci-fi story in the form of a Twitter bug report: twitter.bug.quietbabylon.com/ [Original.]

Tuesday 14:35 · I'm an emacser but've started to use mvim as a code explorer, poke around source & figure out how it works. Nice syntax color! Fast! [Original.]

Tuesday 14:48 · @ladyfox14 For actual serious editing, Emacs. [Original, responding to @ladyfox14.]

Tuesday 16:58 · RT @noirinp: Today was going so well, then culture clash, and now BOOM, all my fish are totally dead and I'm not sure if I can even get off… [Original.]

Wednesday 08:38 · Amazon getting into the IDP business (OAuth 2 based, they say): 9to5google.com/2013/05/29/amazon-launches-login-with-amazon-sign-in-service-for-android-ios-web/?utm_source=feedburner&utm_medium=twitter&utm_campaign=Feed%3A+9to5Google+(9to5+Google+-+Beyond+Good+and+Evil) Good! A lively IDP ecosystem is a win. [Original.]

Wednesday 09:37 · @bryantcutler Quick pointer to docs on OIDC? Obvious searches coming empty. [Original, responding to @bryantcutler.]

Wednesday 14:26 · Even technically-competent organizations can’t manage passwords safely: Start getting out of the password biz now! [Original.]

Wednesday 14:45 · @gravelpot The argument is that IDPs are hugely, dramatically less likely to get hacked than someone for whom identity is a sideline. [Original, responding to @gravelpot.]

Wednesday 14:45 · @jdriscoll Federated identity. Whitelist a few good IDPs you trust. [Original, responding to @jdriscoll.]

Wednesday 14:54 · @jdriscoll Yeah, that's a hard admin problem. sometimes they log in with FB & G with same address; then you have a chance. [Original, responding to @jdriscoll.]

Wednesday 14:55 · @jdriscoll AccountChooser is a really useful memory helper for that situation. [Original, responding to @jdriscoll.]

Wednesday 14:56 · @jdriscoll Not saying federation is easy. But passwords are heading for a brick wall at high speed. Gotta get started. [Original, responding to @jdriscoll.]

Wednesday 15:04 · @jdriscoll It’s the only plausible path I see that leads out the password meltdown. [Original, responding to @jdriscoll.]

Wednesday 15:08 · @jdriscoll Right. But those are immensely better managed/protected than by someone for whom identity is a sideline. [Original, responding to @jdriscoll.]

Wednesday 15:08 · @jdriscoll Remember, with federated login, the relying party never even sees the password. [Original, responding to @jdriscoll.]

Wednesday 15:09 · @jdriscoll And having 1 or 2 passwords, for FB & G, is immensely better than trying to manage/remember hundreds. [Original, responding to @jdriscoll.]

Wednesday 18:06 · @tenderlove You’re not an A-lister till @joeerl follows you. [Original, responding to @tenderlove.]

Wednesday 19:44 · Fujifilm is tearing up the track with lens glamor: photogenykstudios.com/2013/05/28/fuji-xf-55-200mm-3-5-4-8-lens-impressions/ & olafphotoblog.com/2013/05/28/get-wide-right-shooting-with-the-fujinon-xf-14mm-f2-8/ & www.thebigpicturegallery.com/blog/2013/5/meadows-buttercups-and-the-fuji-14mm [Original.]

Wednesday 19:47 · @dak3 Correct, thank heavens. [Original, responding to @dak3.]

Wednesday 22:20 · Spam that made me smile: "Promotion of your business with Indian Society of Oral Implantologists" [Original.]

Wednesday 23:25 · @joshtpm Canadians appreciate the great work you’re doing, but who’s taking care of America while you watch the Hogtown fun? [Original, responding to @joshtpm.]

Wednesday 23:27 · @GreatDismal Maybe even juicier things are happening in Winnipeg right now… nah, not possible. [Original, responding to @GreatDismal.]

Thursday 06:15 · @nossipova Federation, based on standardized protocols. [Original, responding to @nossipova.]

Thursday 06:16 · @benbelly Tough to get non-geeks using those password managers, especially on mobile [Original, responding to @benbelly.]

Thursday 09:03 · So, Muse is kinda derivative and pompous, but I still turn up the car radio when their songs come on. [Original.]

Friday 08:50 · How a dog drinks: Now you know. [Original.]

Friday 09:01 · @distobj Hm? We want people to use the APIs. We pay writers to write them. There’s a steady flow of bug reports. Sup? [Original, responding to @distobj.]

Friday 09:06 · Smart & hilarious finance writing: horse bites and sex-starved Jewish CompSci students: brontecapital.blogspot.ca/2013/05/spark-networks-and-strange-failure-of.html and brontecapital.blogspot.ca/2013/05/practical-lessons-in-assessing-exotic.html [Original.]

Friday 10:10 · IETF creates a JSON WG to write an official standards-track spec, which currently doesn’t exist: www.ietf.org/mail-archive/web/ietf-announce/current/msg11555.html [Original.]

Friday 10:51 · phonesreplacedwithsandwiches dot tumblr dot com: phonesreplacedwithsandwiches.tumblr.com/ [Original.]

Friday 11:33 · @acoyne You’re right on the power, but I think the bottom-line is BC govt smells broad&deep popular opposition/distrust. [Original, responding to @acoyne.]

Friday 11:40 · @dubek No breaking changes allowed in this work. [Original, responding to @dubek.]

Friday 13:29 · An afternoon without Rob Ford news feels unsatisfying. [Original.]

Friday 14:30 · Anyone who cares about programming languages needs to stop working and read this: joearms.github.io/2013/05/31/a-week-with-elixir.html Smart and funny! [Original.]

Friday 16:30 · @danielpunkass I’m OK with paying for access to a service. But have the creeps about losing access to my own creative work if I stop paying. [Original, responding to @danielpunkass.]

Saturday 08:21 · @loic @Scobleizer I bought a 3 network Sim in lhr from a vending machine, pretty cheap, tethered OK [Original, responding to @loic.]

Saturday 12:57 · @cstar @dizzyd Never! www.tbray.org/ongoing/When/200x/2009/05/03/Socks-and-Sandals [Original, responding to @cstar.]

Saturday 12:59 · RT @grahamsleight: Nothing about this headline can be improved. "Far-Right Extremists Chased Through London by Women Dressed as Badgers" ht… [Original.]

Saturday 13:31 · @DeirdreS good piece, but that’s a weird soundbite because it argues clear the problem is recruitment not exclusion. [Original, responding to @DeirdreS.]

Saturday 13:44 · @DeirdreS Lots of people working on the recruitment problem, but it seems to be hard. [Original, responding to @DeirdreS.]

Saturday 13:45 · @DeirdreS I think, actually, you're being a little hard on us. Many many insiders really really want more diversity. [Original, responding to @DeirdreS.]

Sunday 10:20 · The Scalzi/Amazon trap: www.tbray.org/ongoing/When/201x/2013/06/02/Book-Merchandising [Original.]

Sunday 15:39 · Imprisoned CIA Torture Whistleblower John Kiriakou Pens “Letter from Loretto”: dissenter.firedoglake.com/2013/05/29/imprisoned-cia-torture-whistleblower-john-kiriakou-pens-letter-from-loretto/ So sad. [Original.]

Sunday 16:33 · @anildash I think retweeting haters is good practice, if they are public personalities. [Original, responding to @anildash.]

Sunday 16:55 · 8 girls at a 7th-birthday party at Build-a-Bear is about the greatest concentration of excitement & happiness imaginable. [Original.]

Sunday 18:49 · RT @VikOlliver: Every society that can be destroyed by social media should be. [Original.]

author · Dad · software · colophon · rights
picture of the day
June 02, 2013
· Short-form (350 more)

By .

The opinions expressed here
are my own, and no other party
necessarily agrees with them.

A full disclosure of my
professional interests is
on the author page.