Among other topics, Cryptography and data ciphering always fascinated me. Beyond their mathematical perspective, most of the time it is a matter of putting them in practice with developed solutions: dealing with data only visible between the transmitter and the receiver. As it happens, the Xojo framework makes it really easy to deal with ciphered data.
World Password Day brings attention to some simple steps everyone can take to secure their digital life: 1. Create Strong Passwords, 2. Use a different password for each account, and 3. Get a password manager, no, not a post-it note in your desk drawer!
The best password is one that is diffcult to guess. But difficult to guess takes on a new meaning when hackers use computers to do the guessing. Hence, the best password becomes one that would take a computer so long to guess that it’s not practical to do so. That means a long series of random characters and the longer and more random, the better, and a different password for every site you use.
A few years ago it was reported that Russian hackers had stolen 1.2 billion usernames and passwords from a variety of websites. This was only possible because those websites were storing the actual password. Because it’s World Password Day and because this is web security 101, let’s discuss why there’s really no excuse for a website to store your password – ever.
Last year with iOS 9, Apple announced a new security requirement for your iOS and OS X apps: App Transport Security. From Apple’s docs: Starting in…
In the blog post Smartphone Encryption is a Red Herring, I pointed out the folly of requiring an encryption back door for the Good Guys to use. So the question arises- “What can be done? If we don’t want a global encryption back door that can be used by anyone, can we still track the Bad Guys?”
The answer is yes. There are plenty of options that don’t require a global back door. I’m not passing judgment on whether these are inherently good or bad options, just that they are available when there is a reason to track a Bad Guy.
As the Founder and CEO of a software company that makes a development tool for mobile platforms, as well as for desktop and web, I have a lot of experience with encryption. The current controversy over encryption is really important to me. During World War II, the Germans created a way of sending encrypted messages to commanders in the field. The device came to be known as an Engima machine. It looked like a typewriter but had an encryption key that changed a message into unreadable noise. That message could only be decoded if you knew the key used to encrypt it. The Allies worked very hard to get their hands on one of these devices so they could learn how it works and be able to decrypt the messages and know what the German military plans. Ultimately the Allies figured it out and it helped them win the war. If this has peaked your curiosity, check out the movie U-571 (a fictional account of the effort to obtain an Enigma machine) and The Imitation Game about the team that figured out the encryption key.
Xojo Cloud has always taken the headaches out of setting up, securing, maintaining and deploying servers for web apps. Now Xojo Cloud servers are better, stronger and faster- all for the same great price!
I was up hours later than I should have been last night reading The Martian when, after discussing in detail how to hack some really old software in some really old equipment located about 54.6 million kilometers away, I read this line: “âJesus, what a complicated process,â Venkat said. âTry updating a Linux server sometime,â Jack said.”
And my first thought was, “Oh!, that’s why we offer Xojo Cloud!”
Passwords are a problem, as we frequently see in the news when databases containing password and login information are hacked and exposed.
Though too much security is never enough, as developers, there are things we can do to keep our users’ passwords secure.