I mentioned the Yubikey as the ultimate solution stolen passwords on the excellent Yahoo Marx Train forum, and another member asked me to elaborate on it. Rather than take up a lot of space with some off-topic discussion, I decided it would be better to write about it here.
The Yubikey is the best solution I’ve seen yet for the problem of remembering passwords. I am a computer security professional by trade, but I will try to avoid as much techno-jargon as I can, and explain what I do use.
There’s been a fairly spirited discussion lately in the always excellent Yahoo Marx Train group about the merits of Marx tin trains versus plastic ones. Some people like them all, some people prefer one or the other, and almost everyone with a preference is apologizing to the people who prefer the other.
That’s part of what makes that group great–the lack of elitism and looking down on others whose preferences differ–but in my mind, there’s no apology necessary because very few hobbyists have the time, space, or budget to collect everything. Read more
For as long as I can remember, my home page has been about:blank. But for a good chunk of the 1990s, I would have done well to set it to altavista.digital.com. Here’s what happened to Altavista.
Most people remember Altavista as the thing people used before Google, if they remember it at all. But I remember it as the first great search engine, because I’ve done my best to forget what search was like before Altavista came along. So I was a little sad to see Yahoo shut down what was left of the first great search engine in the summer of 2013. Read more
Pricing collectibles is more art than science, and most guides have some errors in them, so large (or at least very vocal) numbers of people mistrust them.
I still use them, however. Knowing how they’re produced–or would be produced, in a perfect world with perfect data–helps someone to use them to maximum effect. The principles are the same for any guide, whether you’re talking trains or video games or baseball cards or any other collectible. Read more
Hackers are stealing Yahoo accounts by sending messages containing malicious web page links.
The message looks like a link to a web page on MSNBC. But if an unsuspecting user clicks on it, it redirects to another page that steals the e-mail account, allowing the hacker to use the account to send spam, or grab the account’s contact list.
He’s right. It works until someone steals your phone. Once someone steals your phone, you’re in a world of hurt. It’s just a compromise, until we find a way to do two-factor authentication the right way.
The right way is with a smartcard, issued by some sort of central authority. Read more
The plugin I was using, FT Facepress II, decided to quit working, so now I’m trying to get the official Facebook WordPress plugin working.
If it does all it says it does, Facebook comments about blog posts will also show up here (and not just on Facebook), which would be nice.
Update: It appears to have worked, but it also appears to have replaced the comments engine. I’m not sure if that’s a good thing or a bad thing. That option is easy enough to disable; I’ll give it a trial period and see. The new engine can authenticate against Facebook, AOL, Yahoo and Hotmail, so it does give some options for those who don’t have Facebook accounts.
The upside is that this may significantly reduce the spam comments. I have a good anti-spam engine, but the comments still clutter up my database.
I saw an assertion last week that Yahoo and Gmail accounts are less secure than an account that came straight from your ISP. Perhaps there was a time when this was true, but no longer. Today there are reasons to believe the exact opposite is true.
So, no, you don’t have to apologize for using a Yahoo or a Gmail account. Read more