Kier Darby

Lots of systems that employ user authentication obscure users' passwords using a hashing routine such as MD5 or SHA1, which produce hash strings of 32 or 40 characters respectively. These hashing algorithms are one-way only, so although the MD5 of 'My Password' is '14ddb8585ddfc6c4670b9c18aed1fe8b', there is no way to return 'My Password' by running code against '14ddb8585ddfc6c4670b9c18aed1fe8b'. However, most users do not use particularly secure passwords, so if a cookie containing a hashed password is stolen, the thief may be able to bombard the hash with the MD5 hashes of dictionary words in order to find one that matches. MD5 runs extremely quickly, and a modern computer can perform millions of these comparisons every second. Rainbow Tables Even if users use secure passwords, it is possible to work out what the original password may have been by using a rainbow table . This is look-up table that store the hashed values of vast numbers of plain-...

Having had a few hours to digest the Apple iPad announcement, I thought I'd share a few of my thoughts. These points are based solely on the material released by Apple so far, so specifications may change before the hardware is released to the public. Initial Feeling Watching the video on Apple.com, the most compelling things for me were the web browsing and email experience. I already know how good it is to browse the web on the iPhone and iPod Touch, and the ~10" screen of the iPad can only make this better, so I'm inclined to agree with Apple that iPad may well be 'the best' way to surf the net, especially from the couch in front of the TV, so my initial feeling was along the lines of 'if the price point is good, I'll have one of those...'. Apple's shiny hardware, slick presentation and well-integrated software suite certainly did the job of making the iPad a desirable item for me. Rationality Kicks In The vast majority of my computing time is...

Having just read this article about The problem with self-service checkouts on the BBC News Magazine site, I started to pen a response but it soon grew beyond a simple comment, so I thought I'd publish it here instead. Let's look at two stores differing approach to self-service. Sainsbury's variant seems specifically designed to be as inconvenient as possible, with a tiny area allocated for you to tortuously scan all your shopping and then put-each-item-one-at-a-time-into-the-bagging-area. The system is a nightmare if you are trying to pay for a large grocery trip. To date, I have never had an experience with Sainsbury's self-service where the system didn't have a problem of some description requiring a staff member to meander over and enter a code to allow me to continue. It always falls over if I try to use my own bags rather than taking fistfuls of the orange plastic ones provided. I was in there last weekend and the ghastly thing allowed me to finish scanning...

As many will know, five weeks ago today, back on October 12th I had an episode of impactful tarmac interaction - as in I came off my bike. Of course, to say 'came off my bike' does not illuminate the context of the event, and lends itself to speculation of incompetent riding resulting in a self-inflicted tumble, or perhaps the other extreme of having been mowed down by an errant eighteen-wheeler. In the interest of illustration, I shall provide that required context in the form of... telling you what happened. View Larger Map I was pootling along Long Lane in Tilehurst, Reading (UK), which is near where I live. As I was approaching the junction with Orchard Close, I saw three boys (I'd say between 8-10 years old I think) on bicycles waiting on the pavement to cross the road. The first of them kicked off and was safely to the other side long before I was anywhere close. The second made a motion to go, but looked and saw me, and stopped. I made eye-contact to make sure he...

This particular blog is for Onimua, who asked me over Twitter how easy this kind of dish is to create. You must excuse the quality of the photography in this entry - with the exception of the image above, I just took snapshots with my iPhone, the camera on which is pants . The answer to Onimua's question is, 'very' - if you have the right ingredients. To start, you will need: Thai curry paste Coconut milk Creamed coconut Palm sugar Thai fish sauce Bamboo shoots Petits pois For the particular variant I am describing here, you will also need: Fresh galangal Baby corn ... and your curry paste will need to be yellow. There are five different kinds of Thai curry paste readily available in asian supermarkets and the occasional western supermarket. They are Red, Green, Yellow, Masman and Panang. Each have their own characteristics, between fiery hot (green) and gorgeously aromatic (masman). In this particualar instance, I'm using yellow curry paste. The curry paste you use is...

Yesterday, I wrote about the importance of the ability to have event callback functions reference this as the containing object of the method in which the event listener was created, and noted that with version 1.3.2, jQuery does not support this functionality. I also found that the latest version of jQuery (straight from SVN) supports scope assignment through the .bind() function. This seemed great, until I realised that it's necessary to have similar functionality for AJAX handlers too, and jQuery still lacks this. Therefore, after some fiddling around, the following workaround was devised: jQuery.extend({ scope: function(fn, scope) { return function() { return fn.apply(scope, arguments); } } }); Which allows us to do the following... myClass.prototype.addHandler = function(element) { $(element).click($.scope(this.handleClick, this)); } myClass.prototype.handleClick = function() { // this refers to the myClass object, yay! this.doStuff(); } The very nice thing ab...

During the development of vBulletin 3.x, much of our Javascript code started to take on a far more object-oriented style. With more widespread use of client-side scripting for features that would appear multiple times on a page, such as popup-menus vBMenu and collapsible elements vBCollapse , having encapsulated code made development much easier. With one exception - event handling. Let's take some very simple code to illustrate the problem. The purpose of this code is to force all links to be diverted through a different script. It's overkill, but it illustrates the problem. function linkRedirect(link_element) { this.redirect_base = "http://example.com/redirect?url="; this.link_element = link_element; this.link_element.addEventListener("click", this.handleClick, false); } linkRedirect.prototype.handleClick = function(e) { e.preventDefault(); // The following will not work window.location = this.redirect_base + escape(this.link_element.getAttribut...