# Monday, 06 November 2006

Overheard from the head of a certain high education instituition to the lecturers who are teaching there.

"Now your annual review will be based on the passing rate of your students, cause if you're doing your job properly your students won't fail!"

Oh great.. just what we needed more lecturers who are afraid to flunk students who are not up to par!

Monday, 06 November 2006 23:16:26 (Malay Peninsula Standard Time, UTC+08:00)  #    Comments [1]  | 

Today I was going to login to the Citibank website to check out my credit card activity and I was told to create a username instead of using the credit card number to login. Cool I thought, at least I don't need to remember the credit card number when going in anymore. So I followed the steps to create a username and password.

So I punched in a username, then I entered the password using their virtual keyboard (to stop the spoofing attacks) and I pressed continue.. then I was greeted with the message the USERNAME you have chosen is not strong, please follow the security guidelines.

So I took a closer look at the fields to see what they mean by a strong USERNAME... then I noticed it's the SAME guideline for the password.. which are..

• 6 characters or more, with at least 1 alphabet and 1 number
• May contain the following special characters @, . and _
• Cannot contain 3 identical characters in a row (e.g. alpha111 or aaa125)
• Cannot contain 3 consecutive alphabets or numbers in a row (e.g. abc269 or alpha123)

Which just made me go... WHAT THE HELL? Instead of a simple username like weiminchanz and then followed by a complex password of l3t1tb3th3w4y I have to make a complex USERNAME as well?!?!? w31min8i8v7 don't they know if you make the user have to remember more complex stuff then they're gonna have more of a reason to stick it under their keyboard?

It seems that in their blur of thinking that complex=secure the people behind the design of the security system forgot WHY passwords get leaked in the first place. Which is mainly... people have bad memory!

Monday, 06 November 2006 22:20:34 (Malay Peninsula Standard Time, UTC+08:00)  #    Comments [0]  | 
# Thursday, 02 November 2006

So.. here I go again, I just got myself a Leatherman Squirt P4. Which like all other Leatherman tools is basically a pair of pliers.

And like all good multitools, the Squirt has a few other things tucked away in it's handles.

A knife, a file, the 2 types of screwdrivers, a small screwdriver and finally an awl (what the heck is an awl for anyway?) Now for you people who are familiar with multitools, you might be wondering why it seems like that there's only a few items on the thing.

Well, that's because the Squirt is a SMALL multitool, QUITE small and pocketable when closed.

It's just a little bit longer than a AA battery! This ensures that I can carry it with me all everywhere I got and ready for me to use when I need it!

Thursday, 02 November 2006 23:17:33 (Malay Peninsula Standard Time, UTC+08:00)  #    Comments [0]  | 
# Monday, 30 October 2006

There are certain times where the job as an ISV just makes you want to rip your hair out and strangle the customer for their inadequet understanding of their IT systems. And here's one of them.

So... we made this Flash heavy website for a client, and recently after we changed the content of one of the files, the client came back to us and said we hadn't perform our changes. Upon closer inspection we realized something... the client's proxy server was CACHING the Flash file, and upon seeing that the filename was the same decided that the file was unchanged and thus didn't load the new file from the server.

So we tell the client about this and.... they blame it on us!!! They say that we need to solve this problem cause they don't expect all their other users behind proxies to have to clear their proxies whenever there are file changes.

I have yet to take a close look at the server settings (the client is running a JSP server not a MS server) But if nothing can be done on the server side, then the problem is the proxy server and well... they're current still holding that there's nothing wrong with their proxy server.

Well I guess I understand why they'd say that, there is technically nothing wrong with their proxy server. I'd think that a typical proxy/cache server would classify Flash files as uncommonly updated files and thus would cache them down for a longer period if no ChangedDate was supplied to the server for a given file.

Problems problems...

Monday, 30 October 2006 22:43:24 (Malay Peninsula Standard Time, UTC+08:00)  #    Comments [2]  | 

The problem with video is that... how do you deliver it to your friends to watch? Video is inherently bigger... and requires more space to be stored. YouTube is a solution but requires that everyone who wants to watch it to have a YouTube account so you can limit the private access.

I guess a direct upload to your personal website works better, that is IF you have one. Then you need to properly tweak the encoder profile so you still have some detail and the file isn't too big. Then you end up with something like this.

No.. that is not my baby.. mine still in the wife. :P Note the complete lack of knowledge about my camera's specifications in the video clip the background noise was loud and deafening hence the "There's no way I can record any audio here" quote. I forgot I was testing the reduced mic sensitivity mode. :P

Monday, 30 October 2006 09:52:35 (Malay Peninsula Standard Time, UTC+08:00)  #    Comments [1]  |