How to Create Truly Obscure Passwords

Submitted by jbreland on Wed, 03/21/2007 - 17:09

I recently came across an interesting article on Irongeek.com (which itself is a pretty interesting security site that I'll probably add to my list of news feeds) entitled, "ALT+NUMPAD ASCII Key Combos: The α and Ω of Creating Obscure Passwords." The author suggests the idea of using non-standard (ie, not defined on standard keyboards) special characters as part of your password. It's common knowledge that adding special characters to your password greatly increases the difficulty of guessing or brute forcing the password. This extends the idea by adding normally hidden (and often unthought of) characters to the mix. So, while something like abCD1234%^&* might be a good example of using special characters in a password (though obviously you'd want something more random than that sequence), consider this password: äßÇн²¶╔¥¢. I'd love to see the password cracker that can crack that one. :-)

Of course, as the author mentions there are downsides to this. Increased complexity notwithstanding, its strength is also its main weakness; these are non-standard characters, and as such not all applications and operating support them in the same manner (or at all). While this may work great as a Windows user password, for example, it may not be possible to use it as a Linux user password.

Regardless, it's still an interesting concept that deserves some attention. Check out the article for more details on the subject, as well as a tutorial and reference charts for entering special characters. The Wikipedia article on Windows Alt keycodes (also referenced in the article) is another good resource.

Small update for Firefox Tips and Tricks

Submitted by jbreland on Tue, 03/20/2007 - 13:43

Update: 03/21/2007 14:41
In a rather ironic mistake, I accidentally specified a bad link to the Firefox Tips and Tricks page. Oops. :-) That's been corrected.

I just noticed that the links to several of my modified Greasemonkey scripts were not updated to reflect the new site layout. I fixed these links on the Mozilla Firefox Tips and Tricks page so that they now point to the correct location.

Sorry for the inconvenience.

LegRoom Changes, Part 2

Submitted by jbreland on Mon, 03/19/2007 - 16:51

My last post on this subject discussed the changes the most directly affect users. This post will discuss content changes.

With the exception of the previously mentioned Support Forum, there's that's truly new in terms of content. While everything has been reorganized and cleaned up, I haven't yet had the chance much new information to the site. I did, however, remove several sections that were available on the previous site. Here's a summary of what was not migrated:

  • Downloads - This was the native downloads module included with PostNuke. It was largely unused, aside from a couple of custom PostNuke modules I had uploaded long ago, so I'm dropping it for this site. All "downloads" are available directly from the application's web page.
  • E-Mail (Webmail)* - This is currently not available due to some changes on both the website and the LegRoom mail server. I'm working on a replacement, though, and will bring it back as soon as possible.
  • Photo Gallery - I setup my photo gallery back when LegRoom was just a small personal/test site. Since then it's become more of a development and news site, and I'm not sure that the photo gallery belongs on here anymore. I'm still trying to decide what I want to do with it, but I think it will eventually be moved to a separate site.
  • Powered By - This was something of a play page I setup with the initial version of LegRoom, and was largely ignored since then. There's no need for it on the current site.
  • Query Tools* - This was a cool PostNuke module that allows convenient access to various DNS and network diagnostic functions, but it's just not worth maintaining my own page when there are already lots of better services available.
  • Server Information - This information is now restricted to administrators.
  • Submit News* - I previously allowed any registered user to post news content; now, this is restricted to administrators. I may allow this again in the future, but I'd like this restricted while I get used to Drupal.
  • Topics - This page allowed browsing of archived news based on categories. Drupal doesn't appear to provide a similar capability, but I'm looking for a module that will enable this. It was a semi-useful feature that I'd like to bring back.
  • Website Statistics - This is one of the few areas that I find Drupal to be at a severe disadvantage compared to the previous site. It does provide statistics, but it's very limited compared to what PostNuke provided. It also seems more geared toward logging and diagnostics now, so I've restricted statistics access to administrators on the new site.
  • What is F/OSS? - This page just didn't get very much attention after it was first written. It may make a reappearance at some point on this site, but I'm not sure yet if and how so.
  • Zina* - This was a really nice web-based music library frontend. This may make a return as well, just not sure what I want to do with it at this time.

*Restricted to authorized users. Anonymous users couldn't see it.

That should cover it. If you have a questions or comments about these removed sections, please post a comment and let me know. I'll probably make one more post on this topic, covering overall site layout and design changes.

New Computer Specs

Submitted by jbreland on Thu, 03/15/2007 - 04:08

Update: 03/26/2007 05:03
I finally selected a data hard drive - the WD drive ended up beating out the Seagate based on some performance and acoustic reviews. I also changed my case selection from the Cooler Master Centurion 532 to the Gigabyte Poseidon GZ-XA1CA-STB. The Gigabyte seems to be a bit sturdier based on reviews, and also includes a rear 120mm fan (unlike the Cooler Master case). And with that, I'm done! Thanks to everyone that provided feedback. I'm going to unsticky this post as soon as I order the parts.

Update: 03/24/2007 15:05
I have nearly all components picked out. The only things left to do are decide on one of the three data hard drive choices and choose a rear cooling fan (which really shouldn't be too difficult). After that, it's time to spend some money! :-) Last call for comments if anyone has other suggestions...

I'm currently researching components for a new computer. Here's what I've decided on so far. Any comments or suggestions?

Motherboard
ASUS P5B Deluxe, based on Intel P965 chipset - Newegg

CPU
Intel Core 2 Duo E6600 - Newegg

Video Card
e-GeForce 8800GTS 320MB Superclocked - Newegg

Memory
G.SKILL F2-6400CL5D-2GBNQ, 2GB (2x1GB) DDR2-800 (PC2-6400) (x2) - Newegg

Hard Drive
System drive: Western Digital Raptor WD1500ADFD - Newegg
Data drive: Western Digital RE2 WD5000YS - Newegg

Optical Drive
Samsung SH-S183L SATA DVD/CD burner - Newegg

Power Supply
Corsair HX620W or HX520W (depends on power requirements) - Newegg

Case
Gigabyte Poseidon GZ-XA1CA-STB - Newegg

Network Switch
3com OfficeConnect Gigabit Switch 16 - Newegg

Monitors
Undecided if I will purchase new monitors
If reused - ViewSonic G220fb (x2)

Network Interface Card
Integrated Dual Gigabit LAN controllers, Marvell PCI-E and PCI

Sound Card
Reused - Creative Soundblaster Audigy 2, plus integrated ADI AD1988B 8ch HD Audio

Input Devices
Reused - Logitech Elite keyboard, Logitech MX1000 mouse

LegRoom Mail Server Going Down

Submitted by jbreland on Wed, 03/14/2007 - 08:09

I hate to do this again after the recent major changes, but I need to do some more testing. E-mail will be unavailable beginning 8:00am CDT. I'll update this post as soon as it's available again.

Update: The mail server is available again as of 11:00am CDT.

Firefox and Thunderbird Tips and Tricks pages updated

Submitted by jbreland on Wed, 03/14/2007 - 02:01

I've updated my Firefox and Thunderbird Tips and Tricks pages. I actually updated them a couple weeks ago during the website migration, but I was limiting myself to news posts only about the migration itself at the time. So, if you've already checked it out recently, there's no need to do so again.

For those of you that have not check it out recently, the main changes involved updating the extension and Greasemonkey script lists, as well as posting the latest copies of my user.js and prefs.js files. This update is current as of Firefox 2.0.0.2 and Thunderbird 1.5.0.10.

LegRoom Support Forum

Submitted by jbreland on Wed, 03/14/2007 - 00:57

In case you haven't yet explored the new site, I added an official Support Forum to LegRoom.net. I debated whether or not I wanted to do this, as I've never had one on my site in the past and, in general, I'm not really much of a fan of forums to begin with. However, given the relative popularity of my applications (particularly Universal Extractor and AutoFLAC), I decided that it would be easiest for both me and my users to have a centralized location for support and feedback.

Prior to this, all feedback for Universal Extractor was directed to the MSFN forums, AutoFLAC feedback was directed to the Hydrogenaudio forums, and all other feedback was handled via e-mail or website posts. This has worked fine, and I'm very grateful to the fine folks at both MSFN and Hydrogenaudio, but at this point I'd like to begin consolidating feedback and support into a single location. I'll continue to monitor those topics and post new release notices, but I ask that all future support requests be submitted via the LegRoom.net Support Forum.

I'm going to update my software pages shortly to reflect this change. If you have any problems with or questions about this change, please let me know (or better yet, post to the forum! :-).

Note: Only registered users can create new topics. Anonymous users can post comments to existing topics, but you must register to post a new topic.

LegRoom Changes, Part 1

Submitted by jbreland on Tue, 03/13/2007 - 04:26

This is the first post in what will probably be a series of two or three posts detailing what's new and different in this version of the site. I'm not trying to drag this out any longer than necessary, but it's (still) taking a whole lot of work to get everything "just right", so I want to make sure that I don't miss anything. Tonight's topic: major differences from previous site, particularly those that affect users. This will take a little while, so get comfy. :-)

Probably the biggest issue that will affect users is the fact that I did not migrate user accounts to the new site. This means that anyone that had a previous LegRoom.net website account will need to create a new one. There are actually several reasons for this (most involve technical challenges and limitations), but the primary reason I chose to do this is due to the very large number of old, unused, and spam accounts that had been created over a span of five years on the last site. Since we're moving to a completely new site, I felt this would be a great time to "clean the slate", so to speak. Any and all users are still welcome to register a new account, which can be done here. The main site content will continue to be publicly available, though some site features are restricted to registered users (just like the old site).

Now, let's talk about posts and comments. As you can see, I was able to migrate all prior news posts, including comments, to the new site. However, there are two limitations:

  • All posts appear to come from jbreland (my account)
  • All comments are properly attributed to the original poster, but they are no longer associated with a particular account

For the most part, this won't be an issue. With just a few exceptions, the vast majority of posts on the previous site were done by myself anyway; for those that weren't, I apologize to the original poster - I'm certainly not trying to take credit. As for the comments, the only issue this creates is that older comments are no longer associated with any current users. For example, if I search for all comments made by user jbreland, it won't show any of the older comments. Like I said, it's not really an issue, but something to keep in mind.

While on the topic of comments, one thing I'm happy to mention is that I've reenabled anonymous comments on news posts. As many of you are probably aware, I had major issues with comment spam on the previous site. Disabling anonymous helped greatly, but I still had to deal with massive comment spam from people who created accounts for the sole purpose of posting spam. Fortunately, Drupal offers a very nice anti-spam module that can detect and flag/delete comment spam. If this works as well as I'm hoping, I plan on leaving anonymous comments enabled. This should make it much easier for visitors to leave quick feedback on any particular news post.

That should pretty much cover user-related issues. One other related item is the new Support Forum, but I'll discuss that in its own post.

New LegRoom.net E-Mail Configuration

Submitted by jbreland on Mon, 03/12/2007 - 02:57

I made some significant changes to the LegRoom.net mail server this weekend. If you have a legroom.net e-mail account, be sure to follow these instructions exactly to ensure that you properly reconfigure your mail client.

Note: This assumes that you are using Mozilla Thunderbird for e-mail. If you are not, please read the instructions on this page for your specific mail client.

Note 2: Webmail is currently disabled. This is due to both the mail server changes mentioned above, as well as the recent website changes. I'm currently working on a new webmail system, and hope to have it ready within a couple days.

The first time you start Thunderbird it will appear that all of your mail folders have disappeared. That's normal. To get them back:

  1. Click Tools, Account Settings
  2. Select Server Settings
  3. Click the Advanced button
  4. Set "IMAP server directory" to "INBOX." (no quotes, but include the period)
  5. Uncheck "Show only subscribed folders"
  6. Click OK on Advanced Account Settings, then OK on Account Settings
  7. Close and restart Thunderbird

After restarting Thunderbird, all of your mail folders should be properly restored. If you encounter any problems, please let me know ASAP.

So, what changed? Primarily, I switched to Maildir-style mailboxes and am now using the Courier-IMAP server rather than UW-IMAP. What does that mean to you? Truthfully, not a whole lot. The maildir format allows for greater flexibility for administrators and power users, but normal users won't notice any changes. The switch to Courier was simply because UW-IMAP does not support maildir.

One other big change I'd like to mention is that all e-mail is now backed up hourly on a rotating schedule. If you accidentally delete an important e-mail, I can recover e-mail from the last:

  • 24 hourly periods
  • 7 daily periods
  • 2 weekly periods

I apologize for the inconvenience this may cause, but on the whole it's a Good Thing. Once again, let me know ASAP if you have any problems.

New Website Now Live!

Submitted by jbreland on Mon, 03/12/2007 - 01:01

To all of my visitors: I'd like to proudly present the new and vastly improved LegRoom.net v3.0! It was a long time coming, but I strongly feel that the result was well worth the effort. I'd like to thank my buddies Steve and Bill once again for their assistance with getting the site up and running, as well as everyone else that offered feedback and suggestions.

If you browse around the site for a bit, you'll quickly notice that a lot has changed on this site (aside from the obvious theme change). Over the next few days I'll be posting about these changes - what's new, what's different, what's been dropped, etc.

I still have a fairly hefty ToDo list, so I'll continue to make various changes and improvements over the next few days as well. If you notice anything broken or missing, please let me know. You can e-mail, or post a note to the new website support forum.

One last note: the old website will be available at http://old.legroom.net/. If you need access to something that happens to be missing from the new site, you can still access it for now via the old website. Once I'm completely finished with the migration, the old site will be retired. I should also mentioned that I only just created the DNS record for the old site, so it may take up to 24 hours before it's accessible. If you get a "site not found" error message, please try again in a few hours.