We’re doing passwords wrong!

You suspected it all along, and now it’s official: the “experts” have been forcing us to use passwords the wrong way. Among those practices that actually decrease security: adding weird characters to your text-based password, forcing people to change their password after a certain number of days or logins. The revelation comes from a recent document from NIST. Now there’s only hope that Government websites will start adopting the new guidelines (they’re the worst perpetrators).

In this article, I am repeating much of what I already said in this other article, but with less technical jargon and a few more months available for testing.

Read More

Page Cage released

Ever got a funny feeling when your password manager popped up offering to save a login that you thought was really, really confidential? Well, you should get it, because this is a sign that the app is able to see everything you’re doing. The developer of this app could get hacked (or the developer of any add-on or extension you’re using, for that matter), and then all your precious logins would be sent to some hacker’s computer without your noticing anything amiss. That is, until you look at your bank account and find that all your life’s savings have been sent to an account in Cayman Islands.

Page Cage is here to help you with that. It won’t work always, but it will work with a number of sites. Read More

Make an octave ukulele

An octave ukulele is a 4-string instrument tuned like a regular ukulele (gCEA, with the g being one octave higher than one would expect), but a whole octave lower. It is still played exactly like a ukulele but it sounds more like a guitar, with pretty deep bass. For those of you who actually want to accompany your singing and don’t want the instrument competing with your voice, yet are too lazy to learn a new instrument and set of chords. In this post, I tell you a simple way to make one starting from a baritone ukulele. Read More

Make a cuatrolele

A what?

Well, there is the ukulele, and then there is the cuatro. So the cuatrolele is their love child. Essentially a ukulele that sounds like a Venezuelan cuatro, but can still play along with other ukuleles. The good news is that building one requires less than one hour of your time, plus a two-dollar budget ($38, starting from scratch). The result is a sweet-sounding instrument that your friends will want to borrow constantly. Read More

Guitar vs. ukulele

I am the kind of guy who has a musical interest but not a whole lot of musical talent, or at least not a whole lot of musical training. I have begun to learn guitar many times, always to give up with some frustration or another. Sometimes it was the pain in my fingers, other times the inability to make any chords that sounded half decent, still other times said fingers getting tied up in knots as I attempted to move from one chord to another. But I think I’ve found a way to end this. If you have a similar history, you may want to read on. Read More

How to (almost) learn to play guitar

Perhaps your story is similar to mine. Having missed that crucial period in my teens when all my friends were learning to play guitar (because I was studying, or so I tell myself), I’ve tried many times to catch up and accompany my (arguably) good voice with a stringed instrument, and always failed, for different reasons. In this article I try to explain why, and how I got some traction eventually so that I finally (almost) succeeded. Read More

Make a banjo

Lately I’ve been quite taken by string instruments, and collected four ukuleles, of different kinds, in a very short time (they’re so inexpensive!). I was going to acquire a fifth one, a banjo ukulele or banjolele, when I realized that I would save a lot of money if I made it myself from Chinese parts ordered over the Internet. A lot of waiting for parts, but about two months later the instrument is ready and it sounds awesome. This article will tell you how I made it while hardly possessing any luthier skill, in case you want to do the same. Read More

Cryptanalyzing FibonaRNG

Sorry about the title. This post is motivated by Steven’s comments to the “What is Randomness?” post, where he describes a way that the current paper-and-pencil cipher champion, FibonaRNG, could be broken. Rather than responding with more comments, I thought a whole new post on the issue would make more sense, since it’s going to be rather long. For those who prefer the short version: yes, what Steven says would work, but not very well, although it looks like it should. Read on if you prefer the long version.
Read More