Security

Writing for Wired, Vijith Assar raises some excellent points on how bad actors with capital are the most dangerous threat to any system. Capital can kill code. Capital can kill anything.

OMG, a workflow post! Apps, tools, productivity, oh my! Listen, we all know that no app can make you more productive by itself. Your methods are always more important than your tools.

These days, encryption is more important than ever. You don’t need to look any farther than the national news for reasons why. Even small sites that don’t provide user accounts should consider it.

Great article from Cory Doctorow on the conversations he’s had with his six year old daughter about mass surveillance. What’s particularly revealing is which concepts she intuitively grasps from her own experience with technology, and how that aligns with research done on the online habits of children.

Bleach is a rather clever Python module for sanitizing HTML input and auto-linking URLs. It uses a whitelist for the allowed elements and attributes (thank God), and will avoid trying to “linkify” URLs that are already within an anchor element.

This is an enormous win for OpenID, but it is also a huge risk if anything goes wrong with such a high-profile project. Obviously, it will all depend on the implementation, and if all goes well it will give OpenID the push it needs to increase the number of consumers as opposed to providers, which is a ratio that is sorely lopsided at the moment.

Okay, if you still have your box configured to allow remote logins as "root", then you deserve anything you get. Otherwise, start using strong passphrases (not a password, those are too easy), or if you can swing it with your work flow, use an ssh key rather than a text-based login.

Via Boing Boing: This is definitely not good. Don’t leave your encrypted laptop in on/suspended in public kids! Also, if you aren’t at least encrypting your /home directory (or wherever you keep your personal files), congrats on earning the EPIC FAIL.