Archive for June 6, 2012

Wednesday, June 6, 2012

LinkedIn Password Breach

Lex Friedman:

LinkedIn said on Twitter that it’s investigating the potential password hack. In the meantime, it's another good reminder to use a different password for each of your different Web services; if you have a LinkedIn account and use the same password elsewhere, you may want to start changing some of those passwords now.

Daniel Jalkut:

What if I committed the foolish move of using the same password on LinkedIn as I did on another, more important site? Now a hacker with possession of my username and password for LinkedIn can make some very good guesses about my username and password on other sites.

He’s written an app and an AppleScript to help.

Update (2012-06-08): Poul-Henning Kamp (via Graham Lee):

LinkedIn is learning fast right now, according to their damage control missives, they have now implemented salting and “better hashing.” But we have yet to find out why nobody objected to them protecting 150+ million user passwords with 1970s methods .

And everybody else should take notice too: Even if you use md5crypt, you should upgrade your password scrambling algorithm. As a rule of thumb: If it does not take a full second to calculate the password hash, it is too weak.

The Inside Story of the Death of Palm and webOS

Chris Ziegler:

The following is an account of Palm’s ascent prior to the launch of the Pre, the subsequent decline, and eventual end, assembled through interviews with a number of current and former employees.

Ray Bradbury, RIP

Andy Ihnatko:

The first time, it was Douglas Adams, and the surprise came because he was just so damned young. Bradbury’s death took me by surprise because…well, it’s weird, but it seemed like Ray Bradbury was never going to go away, you know?

Fish Shell

Peter Ammon:

The new fish is a POSIX command line shell with delightful, intuitive features like autosuggestions, 256 color syntax highlighting, web based configuration, and lots more. Best of all, these features just work, out of the box. No arcane syntax, no twiddling obscure knobs.

It runs inside your favorite terminal emulator, such as Terminal.app, xterm, or iTerm. You’ll feel right at home with its familiar syntax, and its new features will make you instantly more productive, without getting in your way.

Migrate From App Store Witch to Direct Witch

Rob Griffiths:

Unfortunately, with the rules that are presently in place, Witch is not sandboxable, which means that today’s release of Witch 3.9.1 is the last with any new features in the App Store—unless Apple changes their mind, which has been known to happen if enough users let them know how they feel about things (hint hint!). We fully intend to continue updating Witch with new functionality, but all such updates will only be applicable to the direct sales version.

Their direct version can recognize Mac App Store licenses, but unfortunately they are not allowed to mention in the Mac App Store description that the direct version exists. So customers who have not signed up for an e-mail list or RSS feed are likely to see the updates stop, with no explanation. It is possible to have an in-app “news” feature that displays information to the user, but Apple will reject apps that use it to mention updates or versions outside the Mac App Store.

Script Debugger 5

Looks like a solid update to one of my favorite apps. Already, I see that loading dictionaries is much faster.