Blog‎ > ‎

Distributed Transactions, Password Cracking, Amazon Glacier, eBooks, Integrations & Product Development

posted Aug 21, 2012, 8:36 AM by Sami Lehtinen   [ updated Jan 13, 2013, 12:24 AM ]

Some little happy tuning and also digging up old memories.

  • Studied Distributed Transactions (DT) method for NoSQL databases which do not allow cross group (XG) / document transactions. With MongoDB it's possible to use two phase commit. Yes, I did read whole document, it was interesting. Especially the part where they proved it's reliable. It's way too easy to say that X works well, without making sure it really does.
  • Studied Amazon Glacier service API's and generic concept, FAQ etc. - It's excellent data store, if you just store data and (very) rarely read it. Which is the case with backups, many logs etc.
  • Optimized my Code 128 barcode encoder. Encoder analyzed code content and used only one type without shifts based on content. Now it analyzes content and selects optimum primary encoding and also uses code type shifts to minimize barcode length. If code is A102312931 only A1 will be encoded using A type and then rest of numbers are encoded with C type after shifting.
  • Very nice article about passwords.  - Yeah, it didn't contain anything new. And they didn't even mention scrypt in it. But yes, all the essential parts which we all should be well aware were there.
    This reminds me from the case when we about 20 years ago used John the ripper to crack tons of uni-passowrds. Would you believe that user account madonna had password secret1. We didn't even use existing dictionary, we just wrote up about 200 passwords and bam, we cracked more than 200 accounts with those. Any name with some numbers, that's it, several accounts cracked again. We only logged in with about five accounts to confirm that cracked passwords really worked. Passwd file contained over 4k user accounts. We also got two admin account passwords cracked. It's another interesting story, how we got that passwd file in first place, because that service didn't provide accounts for regular users. But I don't want to tell more about it. As we all know, passwords have been bad solution in history and will be bad solution in future too. There will be always users who use bad passwords and everyone who's dealing with passwords should know it way too well. It was year 1994, because Madonna's Secret was a big hit. Would you believe if I would tell you that user account madonna had password "secret1", without quotes of course. Nowadays I recommend people to use 12 char random strings (passwords) with special chars. Like: PM€wh¤eBÖY4x - P.S. I hate sites which do not accept UTF-8 / Unicode passwords.
  • Added two books to Kindle: Added to Kindle O'Reilly - The Litte Book on CoffeeScript (Alex MacCaw) and Smooth CoffeeScript.
  • I'm also working with several ERP integrations at work, for multiple different projects as well as working with one (software) product development project, which I unfortunately can't tell you more about. I really would like to.

That's all folks!