SourceForge.net Community Choice Awards 2009 Voting. BEGIN!

There are so many choices that I have not voted yet. There are many of my favorites in the same category. What I did notice is that portableApps (one of my favorite things i use when i am on campus) is on there for multiple categories. There are projects like TortoiseSVN, PhpMyAdmin, FreeNAS, PortableApps, WinMerge, Notepad++ on there that are some I use quite a bit. There are also some i haven't heard of before, but they too sound interesting to me.

Voting Ends July 20th.
http://sourceforge.net/community/cca09/

I Should Really Park My Car In The Garage More Oftern, No Joke.

So about every year I've had this car, i seem to be going to the body shop and getting something fixed. Last year it was a dent on the rear quarter panel. And Now Last night on my driveway someone hit the side of my car. I included the links to some images. Photo 1 Photo 2 Photo 3 . It's difficult keeping a new car new.

On The 11th Day. A Miracle Happened, Well Not Really

At The End Of May I Applied For An APT (Abandoned Project Takeover) On SF.Net . In A Day Or So, It Was Approved. The Journey Doesn't End There Though, Since It Takes 2-3 Weeks To Process. So Everyday I Would Log in and Check On Its' Status. But On The 11th Day I Couldn't Find It But Then I Noticed I Became A Project Admin Of The xoopsmy Project.
Why Did I Request An APT?
- SMD Had Issues With Retrieving His Password And This Was The Next Best Thing To Do.

Should You Expect A Release Of XM-Spotlight Soon?
- No. Cause I Have No Clue On What To Number It, But I'm Thinking Maybe 1.04 Alpha. I Also Got a Feature Request Thread On Bandit-X.Net
- That Doesn't Solve The Issue With Current Users With No Download Of XM-Spotlight, So I Will Have To Release a 1.02 Final, But I Think I Used That Release Already. And Also Version Numbers That Extends Farther Then The Hundreths Place Do Not Show Up In The Admin.

Oh And I Need To Make A New Changelog, The Current One Is Missing.

Oh Where Did Bandit Go?

Hi Hi, I've been away for a while and quite busy also. Final exams have been over for about a week now. They were quite difficult. So what have I been doing since then? I have been taking it easy, i went to spectate a drifting event. Speedrift 14 on May 3rd (the image on the right is from Speedrift). And the rest of the week was me doing yard work or fixing my lawn mower. i also joined a tractor forum, i don't own a tractor but there are quite a few lawn boy fans on there. Lawn-Boy 20+ years FTW!

I'm not going to jump in and start coding stuff, right now i have to get my stuff organized. my room is a mess. my computer is a mess, there are so many random files and folders taking up space and cluttering up things.

A dash of salt, Keeping the intruders away.

(lol a semi cool title i got there)

So the topic is password security and strength. as you know, many sites have passwords stored as md5 hashes. as you also know there are ways to figure out what the value of that hash was. so adding a salt to the password and then hashing it would be beneficial, in the event that the hash was disclosed, but with a hash of a salted password there is not as big of a chance that the value of the password would be found.

So the question arises. what should the salt be? should it be just one salt for the whole group of users, or should they all have their own.

The existence of only one salt makes it easier for the attempt to create the original password.

Then if there was more than one, but how do we get different salts for each person? we could examine the unique characteristics of an individual account. (registration date, email address, time zone, gender?, username, real name, the password itself?) there are so many possibilies, many i haven't thought up of.

Even if it is one or many salts, the question for both is where should it be stored? database? in a file? I'm no security expert, but for me I would do both. No matter what the salt is i would want the password put through hell before storing its hash in the database, gotta make them crackers work for it.

.In conclusion, What I was wanting to post in this entry is that I am attempting a different password storage method for XOOPS. It may not be new or revolutionary in the world of IT, especially in the CMS field, where many competitors are attempting different password hashing algorithms.

Ternary Operator ( A Shorter Version Of IF)

I don't know about anyone else, but I never really knew the name of this.

PHP.Net|language.operators.comparison.ternary

//php
//condition ? whenTrue : whenFalse;
$result = ($a == $b ? "Yes" : "No" );

//Equivalent to
if($a == $b){
$result = "Yes";
}else{
$result = "No";
}

Friday Feb 27, 2009 Update

So I forgot to mention this. that my site is online again (well if you are reading this.. then duhhh)

also.. blogger in draft changes. they now have this 'automatic date and time' thing now. which means that when you publish a post it wont be from the date where you first created it but when you published it. that was one of the things that really annoyed me. i would write something for an upcoming day and then i publish it. for it to only be posted in the past. and then i had to find it and edit the date. http://bloggerindraft.blogspot.com/2009/02/autosave-and-automatic-date-and-time.html

another google application related item. is that gmail now has progress bars of the of when you are uploading an item for an attachment.Updates to attachments: multi-select and progress bars

update on publisher. using sf.net svn now.
http://sourceforge.net/projects/xuups

i think that was it.