Wednesday 12 October 2005

, , ,

Google launches bootleg search engine

Three and a half seconds ago (if you could arrange for your jaw to drop in awe of my finger-on-the-pulseness it would be much appreciated, thanks) search engine monolith, Google, unveiled the latest widget in their web-taming repertoire.

Google Swag Bag (TM) allows users to locate no-nonsense index listings of illegal booty such as MP3 music files and movies. The service operates by tapping into Google's traditional search engine technology while excluding common web site documents with the extensions html, htm, php, asp and so on to return results consisting only of binary content, aka just the juicy stuff.

To those of you apt to perusing Google's search modifier cheat sheet, this is old news; this feat has previously been accomplished by entering little known combinations of operator strings into the standard Google search box. What's new is the user-friendly, streamlined interface which takes the hassle out of digging for multimedia content.

By default Swag Bag forages for MP3 files while filtering out distracting text documents of various formats and keyword red herrings. To re-focus its search beam you can click on the 'toggle advanced settings' link and check/uncheck the boxes adjacent to the media type(s) you would like Google to ferret out.

Disclaimer: Kookosity does not endorse piratey shenanigans. If, as a direct consequence of reading this post, your soul is irreparably corrupted leading to eternal damnation (and singed eyebrows), it's not my fault. God made me do it. Hey, if it's good enough for George W., it's good enough for me.

Sunday 9 October 2005

You what?

I'd hazard a guess that you know at least one person who responds to everything you say with "what?", "huh?" or "eh?". In each case they heard you perfectly well the first time, though still insist you repeat yourself before commenting or answering a question. They know it and you know it.
I could cheerfully strangle them to death when I start to repeat myself and become tongue-tied, stutter or get my words back to front because I'm so preoccupied with mulling over how irritating it is to be repeating myself at all. More often than not after you've echoed yourself, the oaf you're speaking to will reply "oh" or "mmm" and then go on their way, or even worse, they'll ask a handful of irrelevant questions and then reply with "oh" or "mmm" and go on their way.

My theory is that they do this to buy themselves some extra time to respond. They seem to think that if they comment right after you've repeated yourself they'll appear sharp or 'on the ball', that they can think on their feet without 'umming' and 'errring'. I'd take half a dozen 'umms' and 'errs' over a "what?" every time. A few seconds of silence would do just as well; this isn't radio, we don't have to revere the 'dead air' taboo.

If you get riled, insist "you heard me the first time" and refuse to repeat yourself, they become defensive, reasserting that they definitely hadn't. They'll actually go so far as to appear insulted at the accusation. Well they're not likely to admit, "yes you're right, I did hear you, but can't shake this ridiculous habit of feigning deafness".

Try this instead: whenever someone responds to something you've said with "what?", pretend you haven't heard them and wait a few seconds. It's very likely they'll answer your question or pick up the conversation as though no 'whating' had occurred. They'll assume their "what?" hasn't registered and so won't feel obliged to wait for the repetition, or get caught up in a "yes, you BLOODY WELL did hear me", "no I didn't" battle of wills.

Turning the tables to wind them up can be more fun still. Pick a topic that you know is close to their heart and broach it with them. For instance, if you know they're waiting anxiously for an important call from their partner or potential boss-to-be (if they've been for a job interview recently), try opening with "so-and-so called earlier". When they reply with "huh?" as though they'd just woken up from a hundred-year slumber, hastily glance at your watch and tell them you're late for a meeting of some sort. As you dash out of the door, turn back and shout, "I'll tell you all about it later".

Wednesday 5 October 2005

, ,

Personal Password Policies

With phishing, social engineering scams and hacking on the rise, it has never been more important to give serious thought to how you generate and manage passwords for your online accounts.

The system I use involves using an online gibberish generator to create lengthy alphanumeric character strings and saving these in an Excel spreadsheet, which is subsequently password protected. I've memorised the ludicrously long password for my Gmail account so I can check it from work, but wouldn't dare attempting to commit the rest to memory - there are simply too many of them, and they're all entirely random and therefore difficult to turn into mnemonics. So not an ideal solution by a long stretch then.

Passwords that are easy to recall are also easy for others to guess or hack, while highly secure ones can be so secure you can end up locking yourself out of your own accounts. Using the 'one password to rule them all' technique isn't the solution - if someone managed to get hold of it they'd have the master key to your kingdom and you'd be up the Dry Creek Quarry without your invisibility ring, bank balance and identity.

Security expert Steve Gibson believes the answer could be to devise your own algorithm, which, when applied to web site domain names, can be used to generate unique, easily retrieved passwords.
Don't run away just yet; this sounds more geeky than it really is, trust me. For example, you could take the URL ebay.com, turn the letters into numeric values (using the formula a = 1, b = 2 and so on), shift 3 places up the scale and convert the numbers back to letters. The result is a seemingly random string of letters. You don't have to remember what they are in each case, just make sure you know how they were generated so they can be reproduced at will.

To ramp up the security rating of your passwords you could employ a second algorithm to generate a series of numbers or punctuation marks and intersperse these with your letters.
For a more thorough illustration of the way in which personal password policies can be implemented, listen to episodes 4 and 5 of Steve's Security Now podcast.