This article appeared on the BBC news web site and I thought I would share it with you.
Power beamed to camera via ambient wi-fi signals
My Bank asked me to set up an 8-character password. So I chose Snow White and the 7 Dwarves.
I can’t remember whose line that is. Tim Vine, maybe.
Anyway, IAP President, David Morgan, recently raised the password issue in a LinkedIn post. That’s prompted me to describe the system I’ve been using for several years now.
First, I select an alphanumeric sequence of half a dozen or so characters that’s meaningful to me but impervious to a dictionary attack. Let’s suppose I choose the initials and birth date of a relative, which generate:
Now I perform some simple arithmetic on the date component to avoid attacks that expect a date to be present. Adding 30 to each of the day and month components will do:
That now forms the root of all my passwords. Then I add a component that reflects the account I’m setting up. Let’s take a shopping site, Not On The High Street, as an example. Suppose that I extract the last letter of each word:
Now I divide the keyboard into two roughly equal groups. Let’s say the top row (Q – P) and the rest (A – M). Letters that appear in the top row are upper case, the rest lower case. We now have:
for the whole password, unique to Not On The High Street.
Finally I add a couple of special characters, choosing a pair that appear on the same key (for a reason that will become clear in a moment). Let’s choose ‘?’ and ‘/’. Now I adopt the rule “the rightmost lower case character is followed by ‘/’ and the rightmost upper case character is followed by ‘?’”. This gives:
Finally, I add month and year data at some arbitrary place in the string so that I can change the password every month:
which would be my password for December 2014.
So I end up with a password that’s around 20 characters long, contains upper and lower case characters, digits and special characters and has no components that have dictionary or similar vulnerabilities. To save me the bother of remembering a password string, I maintain a spreadsheet that generates it automatically from my set of rules (which, it goes without saying, aren’t the ones I’ve listed here). The spreadsheet is, of course, itself password protected. I can log into a site by copying the relevant cell and pasting its text to the password field. That frustrates any attempt at keylogging.
After 5 great years, the Software Alliance Wales project comes to an end on 30th June. To go out with a bang, we are supporting the second run of the RUCK (Really Useful Computer Knowledge) tutorials and workshops being held at Aberystwyth University on the 24th & 25th June.
RUCK tutorials are two days of in-depth technical experience for developers of all abilities and interests – register here http://www.ruckworkshops.com/ and come and learn something new.
Sometimes a half hour talk is not enough – you really need to get into a subject and try stuff out. RUCK tutorials give you the opportunity to explore two or three subjects in depth over the space of two days.
Last summer was the first time we ran RUCK tutorials. About 90 people came along over two days to attend tutorials in a variety of areas such as automated testing, Arduino programming, mobile web development, HTML5, and marketing a software company. Each tutorial lasted either a half day or a full day, and attendees were enthusiastic about what they learned.
This year, we have a whole new set of subjects for you to learn, and are charging just £20 for two days to cover refreshments for the event.
On Wednesday 24th June we have 4 full-day tutorials for you to choose from…
Python for Beginners
This tutorial is designed to introduce you to the world of Python programming. Python is a general-purpose object-oriented language that can be applied to a wide variety of tasks for standalone applications or as part of a script.
The tutorial will teach about Programming concepts and Python as a language, what makes it stand out from the other choices? The tutorial is suitable for anyone who wants to learn programming from scratch or brush up on the basics. Python is open source and cross-platform designed to work at a high-level with no need to worry about annoying memory management. The primary method for learning will be practical application supported by presentations discussing attributes of the Python programming language.
Ruby on Rails
This workshop will be split between exploring the features of Ruby, and trying out the Rails framework for building commercial websites. Ruby on Rails has been fantastically successful in this field, powering over half a million commercial websites.
The workshop is suitable for anyone with programming experience. Attendees will need to bring their own laptops with Ruby and Rails installed. Installation instructions for OS X, Linux and Windows will be provided later.
Programming in SWIFT
SWIFT is a new language from Apple, designed to be safe, fast and and powerful. It is becoming the default way to build Apps for Macs, iPhones and iPads.
This all day workshop will take you through the features of SWIFT and how Playgrounds let you explore them in an interactive way. It will also briefly cover how those features are used in building iOS Apps in Swift.
The workshop is suitable for anyone with programming experience. Attendees will need to bring their own Apple Mac running Xcode to get the most from this workshop.
Maybe you have been to a talk on business security that has got you worried about threats to your systems, but are unsure what to do next.
This workshop should be the next step you take. It will help you evaluate who might be trying to break into your systems and what motivates them to do so. It will then guide you through the top 10 practical actions that you should be carrying out in order to make sure that your systems are secure.
On Thursday 25th June we have 6 half-day tutorials (3 in the morning and 3 in the afternoon),or 1 full-day tutorial for you to choose from…
Affordable Usability Testing (half-day am)
Usability testing is the best way of ensuring you develop software that people find easy to use. In the eighties the cost of usability testing meant that it was the preserve of large organisations. Nowadays things have changed; usability testing is not as expensive to conduct as you might think.
This workshop will provide you with the knowledge and skills to conduct usability testing using traditional and modern methods. You will learn what usability is, how to apply usability testing during the early stages of development to avoid the unnecessary costs associated with identifying problems once you have coded and deployed your product, and how to ensure you have met your usability goals once you have coded a product.
Applewatch Tutorial (half-day am)
Apple’s newest Watch device sold 2 million units on preorder within the first day of preorders. Simple applications can be run on it as extensions of Apps on an iPhone or iPad.
This tutorial will explain:
The first half hour of this talk might be of interest to non-programmers, but the main thrust of the workshop will be on getting an Apple Watch working with with your App, and attendees will need the following to get the most from the workshop:
Computer vision with OpenCV (half-day am)
Computer vision used to be really difficult, The OpenCV package toolkit packages vision tasks in such a way that your software can recognise the important features of a scene with just a few simple calls.
This workshop will get you started on computer vision with OpenCV and enable you to understand how to go about using computer vision in practical situations.
Introduction to Cloud Computing (half-day pm)
Cloud computing holds the prospect of making information or services widely available within organisations at low cost. However, it comes with risks and dangers, and demands a new set of skills from developers.
This session will look at trends and tools in cloud computing, and highlight some of the ways that companies can get the benefits of cloud computing, without being exposed to more risk than is needed.
Arduino Smart Stuff (half-day pm)
Small, cheap, easily programmable computers such as the Arduino present great opportunities. They allow prototyping of smart devices that would not have been commercially feasible or economically practical in the past. Connecting them with smartphones can enable you to monitor situations remotely.
This workshop will teach you how to program the Arduino to gather data and to accept electronic commands to turn things on and off.
We will give a range of examples of smart devices that can be built using these abilities.
Photography for Websites (half-day pm)
Thanks to the digital revolution it has never been easier to take good photos – and to have a camera with you wherever you go. So why are so many of our images still rubbish? This workshop is a beginners guide which takes you through the basic life-cycle of photography for the web including choice of equipment, techniques for getting the picture you want, a load of things you may want to avoid and how to prepare the image for use on different digital platforms.
The presenter (John Gilbey) has many years experience as a professional photographer using both film and digital – and has the scars to prove it.
Building Android Apps Made Easy (full-day)
Android is the most popular mobile operating system with nearly 80% of the smartphone market share. Throughout this course, you will learn about the Android architecture and develop mobile applications.
Handheld devices running Android are becoming ever more popular with near 80% of all smartphones running the OS. This course will cover the theory and practical implementations of mobile applications. The course is highly interactive focusing on implementation more so than theory. Everyone who attends the course will be able to create reasonably complex applications through the Java based SDK. Full of tutorials that allow you to create a variety of applications including a range of techniques, Such as Controls, Sensors, touch gestures and much more.
Register now using the EventBrite link at http://www.rucktutorials.com/ and come along toAberystwyth on the 24th & 25th June to learn some great stuff.
Business Liaison Officer | Swyddog Cyswllt Busnes
Software Alliance Wales | Cynghrair Meddalwedd Cymru
Department of Computer Science | Yr Adran Gyfrifiadureg
Aberystwyth University | Prifysgol Aberystwyth
|Copyright © 2015 Institution of Analysts and Programmers - All Rights Reserved|