Avid Insight

• Home
• About
• Projects
• Tools

Allow secure passwords!

Posted by Peter | Filed under Websites

A brief rant here…

If you use the Internet much, then you are almost definitely going to encounter passwords. Lots of people use very insecure passwords, like “password01″. But those of us who actually don’t want our identity stolen use more creative ones. Unfortunately, many companies out there seem to have incompetent web-developers.

Here are a couple of examples of sites which could be major opportunities for identity theft if an account gets hacked:

• British Gas — customer login for paying gas/electricity bills — doesn’t allow special characters
• Virgin Media — customer login for broadband, email, personal webspace, and telephone / TV billing — passwords must be 10 characters or less

These are ridiculous. Ask any security expert. Special characters are a major boost to password security, and it is preposterous to limit a person’s ability to use a pass-phrase consisting of multiple words.

Part of me really hopes that the web-developers responsible for these get their identities stolen online and lose all their money. Poetic justice.

Posted in: Websites Comments(0) 25 January 2010

SLOODLE is breaching the GPL

Posted by Peter | Filed under SLOODLE

As SLOODLE is a GPL project, we are required to make source code available for everything we produce. This allows users to look at how things work, and it allows other developers to work on tools and contribute to the project and so on. Withholding this means we are breaching our own licence and damaging the future of SLOODLE.

However, since September 2009, SLOODLE has been breaching the GPL in exactly this way. I have made many repeated attempts since then via the issues tracker, forums, IMs, emails, and community meetings to have this resolved, but I have been ignored. Random other development sidetracks have been happily pursued while the responsibility for what we already have has been cast aside.

The problem is related to permissions on the SLOODLE in-world tools and scripts. Up to and including the latest “SLOODLE 1.0 Set revision 13″ the following issues exist:

• The Vending Machine script is no-copy/no-mod, and it is not clear whether an up-to-date copy is in the repository.
• The “Toolbar Giver” script is no-copy/no-mod and it is not in the repository.
• The error message handler script in the LoginZone is no-copy/no-mod.

I know that in themselves, these are quite minor. And some of these issues can be worked around. However, there is a FOSS principle to be upheld, and there is the future of the project to consider.

I appreciate that it is sometimes difficult to identify every little detail of SL perms, and that it is often time-consuming. However, these issues have been explicitly identified (mostly by me) but consciously neglected for 4 months now. If I could have fixed them myself I would have done, but the perms issues mean that even I am prevented from doing so. (They also mean I am prevented from releasing SLOODLE Set updates myself, even if there is a critical bug to be resolved.)

So I ask yet again, please let’s get this sorted.

Posted in: SLOODLE Comments(0) 25 January 2010

ADOdb function: GetUpdateSQL

Posted by Peter | Filed under Programming

I have been getting myself familiar with ADOdb by using it in a personal web-development project. I ran across this (rather poorly documented) member function in the database connection class: GetUpdateSQL. In principle, it looks like a very useful function. Given a recordset (which you’ve previously retrieved in a query) and some desired changes, it will generate a nice compatible UPDATE query string for you. However, I have found it to be a little disappointing for my needs.

Read the rest of this entry »

Posted in: Programming Comments(0) 21 January 2010

Zotero premium service

Posted by Peter | Filed under Academia, Software

The team behind the open source Zotero citation management software has been actively developing “sync” functionality for quite some time now. It allows you to work with your references collection from multiple computers by storing the latest copy of your collection on the Zotero servers.

An optional part of the sync system allows you to store PDF files and such like in your collection (full-text copies of papers etc.). Zotero provides 100MB of storage free to everyone, but towards the end of 2009 they introduced an optional premium service, in conjuction with Digital Scholar.

Read the rest of this entry »

Posted in: Academia, Software Comments(0) 11 January 2010

What is Standard Deviation?

Posted by Peter | Filed under Academia, Maths

The term “Standard Deviation” comes up quite a lot in certain types of research papers where statistics are mentioned. As a result, I have to wonder exactly what it tells us, why it is interesting, and how it works.

Thankfully the basic idea is fairly simple, so I don’t need extensive training in statistics to understand what it means. In fact, I just picked up an old copy of a statistics textbook at a second-hand book shop, and it tells me everything I need to know. (And a lot more that I probably don’t!)
Read the rest of this entry »

Posted in: Academia, Maths Comments(0) 07 January 2010

Categories

• Academia
• Education
• Games
• Interface and Usability
• Maths
• Programming
• SLOODLE
• Software
• Uncategorized
• Virtual Worlds
• Websites

Meta

• Log in
• Main Entries Rss
• Comments Rss

Blogroll

• Learning Games - My boss’ blog
• My Avatar’s Site - A microsite for my Second Life avatar (don’t worry, it’s not toooo cheesy!)
• My Flickr Stream - My pictures on Flickr
• My Website - My personal website
• My YouTube Channel - A collection of videos I have made, often about my work in SLOODLE or development of other tools.
• quizHUD - A Second Life tool I helped developed, alongside Sloodle
• Sloodle Blog - Official blog of the open source Sloodle project
• Sloodle Project - Official website for the open source Sloodle project which I’m involved in

Search Box

RSS Feed

subscribe to the rss feed