Year: 2017

Yubico FIDO U2F key quick review

A few days ago I ordered some Yubico FIDO U2F security keys, after reading that they are a useful way to help secure various online accounts and keep intruders out. These cost US$18 each, either singly or in 50-unit bulk packaging.  They arrived, packaged inconspicously, promptly after I placed my order. They’re cheap enough that they can be used for… Read more →

Should I encrypt columns in my web application’s database?

Somebody asked whether it’s a good idea to encrypt database columns in a web application. My answer: “It probably won’t help much.” Why? Figure out your threat model Best practice: figure out your threat model before you spend time and money securing your system. If you build complex security measures without a clear idea of your threat model, you’ll trick… Read more →

Cybercrooks stole my data from Equifax! What now? Credit freezes.

On September 7th, 2017, the credit bureau Equifax announced that cybercriminals broke in to its company servers sometime in mid-May 2017 and stole copies of information like Social Security Numbers, driver’s license numbers, birth dates, and home addresses for as many as 143 million residents of the US. The total population is about 329 million, counting children, so there’s a… Read more →

Social media and René Girard’s memetics

OK, among people who’ve heard of Dr. Girard, I’m probably the last guy to realize this. But the big social media outfits (FB, Twitter, Instagram, the usual suspects) make their money by exploiting the “I’ll have what he’s having” streak in human nature. The old joke: Russian waiter: What would you like, sir? Diner: Tilting his head at a fellow… Read more →

Time Zones in MySQL

Suppose you’re working on a web application to support users in multiple time zones. How do you handle dates and times? If your users all live in one time zone, it’s easy. Simply store important date and time data in DATETIME or TIMESTAMP columns, and be done with it. But, what application has users in just one time zone? Maybe a municipal… Read more →

Mondo Bizarro … FBI Director uses Pastor Niebuhr’s name for a twitter name

An investigative reporter at Gizmodo has found the FBI director’s twitter account.  He’s using the pseudonym Reinhold Niebuhr. Pastor Niebuhr was a twentieth-century theologian and ethicist.  Among his many books is The Irony of American History, analyzing how USA exceptionalism is a tremendous temptation to arrogance and contains the seeds of its own destruction. That title pretty much sums up… Read more →