Making the Password Usable, But Yet Secure

XKCD 936 - Password Strength

One of the interesting parts of information security is that there are two extremes in regards to the spectrum. On one end you have Strong Security, the whole goal of securing data is making it as secure as possible: Crytography, Passwords, 2-Factor Authentication, Configuration, etc. At the complete other side of the spectrum is Strong Usability, we need to do our jobs after all and the more usable it is, the faster we can do it.

These two ends of the spectrum are directly disproportional to one another. It is very easy to have too much security, making the usability mind-numbing: carrying around hard-tokens with pin codes, 16 character passwords with 30 day expirations, 10 minute timeouts, and network policies where everything needs approval. But if you relax all of the policies to make them more usable, suddenly you are vulnerable to all of the threats involved with information security: hash rainbow tables, brute force attacks, denial of service (DOS) attacks, social engineering, etc.

A Game Called Ingress

A game has silently gripped the Android community for the past few months. A game that has people all over the entire planet tripping over shrubs and curbs as they stare at their android devices bee-lining and sometimes running around. That game I am referring to is called "Ingress", a currently in-beta android app by the smart people at Google. The game thus far has been invite only, turning people into angry chicks chirping for food, well an invite in this case. Everyone wants in on the magic, but the community thus far has been very closed with only a trickle of newbies enrolling each day.

Random Thoughts on Recent Products

Something got me thinking about products recently and how they have changed the world.  It's quite sad when you think of how much we as a society have changed in just the last 10 years with all our modern technology that feels so different than what we used to use.  The reason it's sad is because what really has changed about us?  I still see the same lifestyle before as after.  Nothing has really gripped us in a way that changed everything; the most grandiose and recent I can think of is the Internet itself.  Recent products come down to fads or stupid ways to do something slightly simpler or faster than before, but nothing that has really changed the world.  There is always a bottom line, so perhaps that has something to do with it; a quick way to make a buck and move on.

My First Year at WWDC - A Recap

Once every summer, Moscone West in San Francisco becomes the Apple Mecca for a week as people from all over the world attend the Apple World Wide Developer Conference (WWDC). For WWDC 2012, I managed to obtain one of the only 5000 available tickets; this is an unthinkable feat once you realize the event sold out in only two hours. Suddenly it was time to depart to SFO, and for a week I was in tech heaven. As Silicon Valley becomes more and more cramped, the overflow of tech companies and startups like Atlassian, Square, and Google began pouring into the city. The result is San Francisco has become young and techy; driving down the highway I saw billboards that proclaimed “Your CMS is in the cloud, why not your phones?” something that maybe 5% of Americans actually understand.