You shouldn’t use raw MD5 or SHA1 password hashes for storing authentication info, you should absolutely always use a randomized salt (bonus points for using something like Blowfish or PBKDF2 with a high number of iterations).I was playing with the BozoCrack utility, which mines Google for MD5 hashes, and found a list of the Top … Continue reading →
Enabling PHP Write Access on IIS
Unfortunately at work I’m stuck hosting PHP on various versions of Windows with IIS. For the most part things do just run (though I yearn for a nice Nginx + PHP-FPM setup that has decent URL rewriting), but figuring out what security settings to change so that PHP can write to a particular file or … Continue reading →
Validating File Uploads in Kohana 3.2
I don’t often have to deal with file uploads, but this morning I had to include one on a form I was developing for a project at work. I know Kohana has a decent Validation class and even provides an Upload helper for actually moving the file into place, but the examples were all spotty … Continue reading →
Bulging MacBook Pro Battery
A few months ago I had a rude surprise when I got up one morning… my several years old MacBook Pro was sitting at an angle. Upon inspection, the battery had peculiarly started to bulge out in the center. Over the proceeding several days it continued to bulge to the point that the battery didn’t … Continue reading →
B-Squares
I saw B-Squares posted on the Sparkfun blog. One of the neatest things I’ve seen in a long time, they’re magnetic so you can simply attach them to each other and build out your circuit.Amazing idea and I love that it’s being bootstrapped through Kickstarter. I’ve wanted to get into hardware hacking for a long … Continue reading →
