Cheap secure authentication

Verisign OTP from PayPal

These things can be had from Pay­Pal for about five bucks. Or $7.50 if you’re an Aussie. Verisign will flog them off to you for $30, if you’d like, but basi­cally Pay­Pal rocks for this kinda stuff. It’s a one-time pass­word token that effec­tively enhances your authen­ti­ca­tion by a mas­sive degree. It’s cool because it works with Pay­Pal and eBay. It’s cooler (and worth­while) because you can poten­tially use it with OpenID.

Essen­tially, it’s a ran­dom num­ber seeded with a unique key that gets appended to your reg­u­lar pass­word. This defeats key­log­gers and pretty much all kinds of phish­ing cur­rently out there. These kinds of devices have been used in cor­po­rate VPN/dial-in sce­nar­ios for years now (pre­dom­i­nantly, in the sit­u­a­tions I’m aware of, with tech­nol­ogy by RSA SecureID), but this is the first I’ve seen of it from Verisign.

And, sure, it’s only as secure as phys­i­cal secu­rity or the end­points them­selves are, but it’s a mas­sive step up from “what’s your cat’s name?” two-factor auth (though, unfor­tu­nately, I think PayPal/eBay offer that as a backup).

I’ve ordered mine and will prob­a­bly be hav­ing a play with OpenID imple­men­ta­tions of it (backed by Verisign’s PIP ser­vice, but not overly tied to it because of OpenID’s identity-delegation abil­ity) once it arrives (10 busi­ness days).

Can’t help but won­der what Verisign’s rates for these things are in a stand­alone sense. Nor­mally on 5 year con­tracts, but in terms of cost-per-token. Seems like a great way to defeat the idiot users who insist on hav­ing pass­words that are bla­tantly obvi­ous (argue all you like about strength poli­cies: it’s often not fea­si­ble when bal­anced against sup­port load for resul­tant for­got­ten passwords).

Also, to those who argue Pay­Pal = evil, if you’re in Aus­tralia then please… don’t. Unlike in the US, here they’ve basi­cally got the same finan­cial report­ing oblig­a­tions as any bank does, and cus­tomer ser­vice nec­es­sar­ily to match it. All the hor­ror sto­ries from the ‘States (not that I think them uni­ver­sally untrue!) pretty much couldn’t hap­pen here or they’d be chucked out of the coun­try. And, whilst they’re so heav­ily sub­si­dis­ing (or at least obtain­ing bulk dis­counts for) this kinda tech, that’s cool with me.

# by Josh on February 8th, 2008 Tags: , , , , , , ,
| 1 Comment »

New PSU and un-working fans

My old OCZ 520 died a few months back, sadly, and I’d been run­ning on a cheap and nasty power sup­ply ever since (mostly on account of it being all I could afford at the time, and that the power sup­ply conked out just when set­ting up for something!)

It was super nice and super shiny and under a super 5 year war­ranty, but only if I shipped it back to the US, at a cost of around $150. Crazy, huh? I’m sure there were cheaper options, but I couldn’t find them. And they prob­a­bly involved boats, which just take too long :P

Any­way, I went to buy a video cam­era yes­ter­day and sort-of-impulse-bought (coz I was at the store and had been think­ing I really should get a decent PSU before some­thing bad hap­pens for a few months) a Cor­sair HX-620W. It had great reviews and was meant to be super quiet which is mostly what attracted me to it — I mean, sure, reli­able power is great… but quiet PCs are bet­ter! I could’ve gone the Sea­sonic S12 but it’s not mod­u­lar, or the M12, but it’s louder (extra 6cm fan)… so the Cor­sair, despite prob­a­bly being man­u­fac­tured by the same com­pany and shar­ing a lot of iden­ti­cal design fea­tures, won.

It’s mod­u­lar, which the OCZ wasn’t. Not a mas­sive deal, but nice nonethe­less. Makes for a tidier case:

You can see the mod­u­lar con­nec­tors here:

I’m not using any of the SLI power at the minute (prob­a­bly ever) but, again, nice to have in a future-proofing kind of way.


It’s also got one par­tic­u­larly mas­sive fan. The OCZ had two 80mm fans that were super effi­cient and barely ever made any noise at all, but big­ger typ­i­cally means slower rota­tion & less whin­ing noises, so it has to be a good thing. My HSF is mas­sive enough and you can see even it’s small in comparison.

I also took advan­tage of the cleaning-up-the-insides to prop­erly attach a few CCFLs that’d been lying around. Finally, the UV-responsive moth­er­board can glow properly!

I know, IDE cables suck… I’ve only got one IDE drive left, and it’s actu­ally just there as a spare. Should take it out but haven’t had a chance just yet.

Any­way, whilst I was doing all this I realised my graph­ics card fan wasn’t spin­ning at all. It’d been mak­ing some funny noises when I’d done some stuff inside the case in the past, but I’d always dis­missed it because noth­ing was crash­ing and I hadn’t changed any­thing to do with the graph­ics card. Turns out it hadn’t actu­ally been spin­ning for ages and the fan had the dri­est bear­ings I’ve ever seen. The heatsink was plenty hot, but noth­ing was crash­ing. My sys­tem (CPU + mem­ory) runs about 15% above clock but I’ve had no real cause to over­clock the graph­ics card (Fury aside, but it needs more than just a faster clock!). So, con­sider this research that a cheap and nasty Palit GeForce 7600 GS can run with only pas­sive cooling!

Iron­i­cally, that fan has the newest bear­ing in the system.

After I’d put every­thing back together I realised the chipset fan could prob­a­bly do at the very least with a clean, but had rebooted by then and left it well enough alone.

Singer Oil is great, but I tried some spray Aquatec lubri­cant also which seems to be a lit­tle finer and would prob­a­bly work quite well. The graph­ics fan squeaked a lit­tle when it started up… not quite sure why! It was pretty well oiled, but maybe it was still just work­ing through the bear­ings completely.

Any­way… I think this computer’s nearly ready for summer’s soar­ing tem­per­a­tures and increased power instability.

# by Josh on November 13th, 2007 Tags: , , , , , , , ,
| No Comments »

Legal DRM-free music

I haven’t been this con­fused over a cool Inter­net ser­vice… prob­a­bly ever. AmazonMP3 is simul­ta­ne­ously one of the most excit­ing things to hap­pen in online music ever, and a source of great per­sonal confusion.

I want to use it (and will) because it’s freak­ing awesome. The bitrate thing doesn’t mas­sively con­cern me… gen­er­ally speak­ing, I can’t tell the dif­fer­ence (though I will con­tinue to rip my CDs as loss­less, mostly in case I lose them). What con­cerns me is the poten­tial under­min­ing of my CD-store perus­ing ways as a result! I haven’t had to con­sider this until now because main­stream music sim­ply hasn’t been avail­able in a rel­a­tively open (don’t give me crap about MP3 patents, any­one can read them), DRM-free format.

It ships with art­work but that so doesn’t count.

Oh, so appar­ently this post was a waste of time. Of course, it’s only licensed for US sales. I don’t know why that didn’t occur to me, but it didn’t. Now I’m grumpy. And irra­tionally crav­ing popcorn.

Well, if you’re in the US and using iTunes… stop. This is pretty cool for you guys, mean­while I’ll keep buy­ing my grey-market imported CDs (which is com­pletely legal in Aus­tralia and morally fine). All that’s stand­ing between me and Amazon’s MP3 music is a US ship­ping address for invoices, pre­sum­ably, so I totally could just make one up. Not break­ing any law that I’m under there. But what­ever, it’s all too messy.

Yeah, that’s right, record com­pa­nies screwed it up again.

We’ll get there, one day…

# by Josh on September 26th, 2007 Tags: , , , , ,
| 2 Comments »

Hitachi True Stories

Hitachi US have pro­duced a num­ber of par­tic­u­larly spec­tac­u­lar “true sto­ries” regard­ing their deploy­ment of var­i­ous tech­nolo­gies across the US. When I say spec­tac­u­lar, I’m not really refer­ring to the plot of these sto­ries, but just the pro­duc­tion qual­ity. It’s very well done. I think the tar­get medium is exclu­sively the web, though I’m not cer­tain — 5 minute pack­ages are too long for TV by far, and mar­gin­ally too long for cin­ema adver­tis­ing. It’s quite good fun, though it’s dif­fi­cult to iden­tify a par­tic­u­lar tar­get. I clicked an ad to get there which was some­thing to do with installing FTTN in some obscure US town (pro­cras­ti­nat­ing), but… really… that was mostly because I didn’t know Hitachi were a ser­vice provider (turns out, I think, they’re not… but the ad seemed that way)

What I want to know is, why do infra­struc­ture com­pa­nies need lots of pos­i­tive PR? Sure, they make CE prod­ucts, too, but that’s absolutely noth­ing to do with this tech­nol­ogy. We have a social con­science, buy our CE gear?

# by Josh on July 29th, 2007 Tags: , , ,
| No Comments »

Clarification: “Please don’t let it die :(“

This blog isn’t van­ish­ing off the face of the planet.

Quoth the con­cerned: “That’s like the only way I have of see­ing how you are most of the time now!” — which makes me almost as depressed as I was after my nos­tal­gia trip writ­ing the last post, because ‘the con­cerned’ is some­one who is also of fair sig­nif­i­cance to me. It’ll move, but not die.

I’ve got too many busi­ness cards with the address printed on it to let it die for another year or so ;-)

I spent a few hours today track­ing down a good web host after eval­u­at­ing DIY host­ing and decid­ing it almost cer­tainly wasn’t worth it, even with a sta­tic IP and remark­ably sta­ble ADSL2+ link (no, not just against 2003’s 256/64 PPPoE stan­dards!). I’ll be switch­ing this site across some­time in the next week or two, prob­a­bly at some arcane time of day that no-one will notice any­way because that’s just how I roll. It’s funny, because I’ll now be using the same host­ing my clients do… and I switched host­ing providers to do so. Seg­pub were great for a few months, but they’re just a lit­tle too expen­sive and inflex­i­ble for what they are — an Aussie com­pany doing good US host­ing. New provider is A Small Orange, who have a pos­i­tively yawn-inspiring web­site but get good press. I was so tempted by Site5 and Dreamhost’s absurd promises, but given none of this is going to come close to the reli­a­bil­ity of web host­ing on one server where the admin has an enor­mous vested inter­est in, it made sense to go with some­one smaller and more sen­si­ble. That, and I wanted to be con­fi­dent reselling it… now I might actu­ally start mak­ing some money out of my hand­ful of host­ing clients… just.

Host­ing for me is con­tin­u­ally about keep­ing peo­ple around to help them out with sup­port and pre­vent­ing them from wor­ry­ing about man­ag­ing the com­po­nent parts of their web ser­vices, more than any con­certed effort to make money. Even if I were to take it more seri­ously (i.e. actu­ally bill peo­ple on time, etc.) it would rarely amount to any­thing more than pocket money unless I really chased after a lot more clients than I care to single-handedly engage with… reselling host­ing is only prof­itable if you out­source sup­port to a bunch of geeky high school stu­dents with too much free time (that was me when I con­sid­ered reselling to be even slightly lucrative!) — ideally high school stu­dents who have never had a real job!

The biggest thing I’ll miss tech­ni­cally? Hav­ing a rel­a­tively local SSH box (low latency) with rel­a­tively per­mis­sive secu­rity (ever tried run­ning a text-mode browser on a Jail­rooted ter­mi­nal? Bad­Times™). But that barely affects pub­lish­ing so… noth­ing is dying.

# by Josh on May 28th, 2007 Tags: , , , ,
| 3 Comments »

Who gives a Cheney?

So some Amer­i­can rocks up and Syd­ney stops. There were more police than civil­ians in some parts of Syd­ney last night (Cir­cu­lar Quay), pub­lic trans­port is stopped, pri­vate vehi­cles are allowed in, and it must have cost an absolute for­tune in overtime.

All for some Amer­i­can power-behind-the-throne. If he’s going to be the key string-puller, he should at least stay invis­i­ble so we don’t need to con­cern our­selves with his (admit­tedly unwel­come) presence.

They were block­ing all use­ful traf­fic (but let­ting pri­vate cars through? Bizarre…), and claimed to have been using snif­fer dogs on the cars they were let­ting through. Yeah, right. I didn’t see a sin­gle dog last night. I was wear­ing a back­pack the whole evening. OH, LOOK, THERE GOES A TERRORIST!

No-one stopped me…

Then, after hav­ing blocked off half of the north­ern CBD, police stop a protest from going ahead on the grounds that it’s going to cause traf­fic chaos. Like that was a con­sid­er­a­tion a few nights back.

And, whilst I’m on this lit­tle soap­box, what on earth is a “law­ful protest” about? “Oh, here you go, protest in a nice lit­tle out –of-the-way place where no-one can see you, much less be seen by the per­son you’re protest­ing about/to. Just… stay away from the Rocks and everything’ll be okay.”

Because I’ve seen so many rabid gun-toting uni-students try­ing to blow up the US pup­pet­mas­ter. Nev­er­mind that Aus­tralia has far-more-sane gun-control leg­is­la­tion than the US does… John Howard isn’t the cen­tre of all this rub­bish when he trav­els to the US, even, and yet over here we’ve got to keep unarmed pro­tes­tors a good cou­ple of kilo­me­ters from their tar­get in case they pull out… well, something.

Mean­while, I don’t know whether I should be sat­is­fied or frus­trated that I was wear­ing a con­spic­u­ous black back­pack all evening around var­i­ous protest sites and didn’t get glanced at once.

Go home, Cheney. You’ve wasted enough of Sydney’s time and resources already.

# by Josh on February 23rd, 2007 Tags: , , , ,
| 4 Comments »

TPG weirdness

So it’s fast. But it’s not so fast dur­ing the day. And not so fast when deal­ing with Aus­tralian servers. By way of exam­ple, when deal­ing with AARNet’s server, I was get­ting a measly 30KB/s down­load. So I go and start grab­bing the same file off a US server and all of a sud­den I’m cruis­ing along at 500KB/s. Yeah, go figure.

Me, I blame the crappy web proxy they make every­one use. It’s so cheap, though, that I’m not too fussed about it.

Just in case you cared, I’m sync­ing at 16418/1021… it’s accept­ably snappy. The per­for­mance isn’t amaz­ing dur­ing the day (and you’ve really got to won­der why – it’s not like many busi­nesses use TPG, is it?) but it tends to behave itself more (i.e. with Aus­tralian servers) at night. I haven’t had a chance to hit up a bit of CS/Q3/UT/UT2k4/other net­work game for “test­ing pur­poses” yet… maybe this evening. Maybe.

In other news, I’ve dis­cov­ered I’m gen­er­ally more pro­duc­tive work­ing from home than in the city. Some­thing to do with a lit­tle more sleep, a lit­tle less air­con (it’s oppres­sively warm com­pared to super-chilled offices, but I pre­fer it that way), a lit­tle more mon­i­tors (I’ve only got one at work), a lit­tle faster Inter­net (afore­men­tioned speeds ver­sus a 4Mbps link shared between about 150 peo­ple, 20+ servers and chan­nelled through a crap­tac­u­lar proxy), and more nat­ural light. Perhaps.

Now the only prob­lem is jug­gling free­lanc­ing com­mit­ments with “employee” com­mit­ments… but I’m using a com­puter for one and tex­tas for the other at the minute, so it’s fairly clearly delin­eated right now.

It all dri­ves you slowly crazy, but I was never a huge fan of san­ity, anyway.

# by Josh on January 17th, 2007 Tags: , ,
| 3 Comments »
« Older Entries