WingNews logo WingNews GitHub [2]

petejansson's comments

petejansson | 2 years ago | on: DKIM: Rotate and publish your keys

> every time this article pops up

I don't think this is the same article of which you're thinking. This is a tool to rotate DKIM keys and publish the old ones (in a sense, a scheme that replaces revocation).

petejansson | 2 years ago | on: Philips sets €575M aside for respirator lawsuits

A few years ago, there were a number of devices that came on the market that essentially blew ozone through the airflow pathways in PAP devices, and this was supposed to be a substitute for disassembly and scrubbing (which is a lot less convenient). While nobody has said these devices and the ozone methods actually damaged the foam, replacement PAP units all are not warranted if ozone cleaning devices are used. I don't know if this is the only "cleaning material" to which the article refers.

petejansson | 3 years ago | on: The Child Is the Teacher: A Life of Maria Montessori

Turns out Montessori education runs in 3-year cycles (ages 2-3-4, and 5-6-7, for example). Not all schools make that clear, and, if you put a kid in in the middle of a cycle, there is orientation material they will miss. Without that grounding, Montessori can turn out to be a really ineffective experience. (Source: Was a parent who realized this and had to compensate for it. The 5-6-7 cycle was much more effective.)

petejansson | 3 years ago | on: Ask HN: Why is Microsoft Teams still so bad?

JIRA implementations I've seen don't help people see what's ahead; they focus on what's been done to date. If you're on a single, small team that has minimal dependencies on other teams, that can work, but if the project has any significant dependencies on other teams, it becomes very hard for anyone to understand how things are going.

petejansson | 9 years ago | on: Send and receive money with Gmail

How do you move money among the accounts? I like the idea of using multiple bank accounts as financial firewalls for my money, but it seems difficult or expensive to move the funds, especially if the accounts are not all at the same institution.

petejansson | 9 years ago | on: YubiKey for Windows Hello – Protect your Windows 10 login with your YubiKey

A serious problem with biometrics is credential revocation. The best answer I've seen to this is using the biometric to locally unlock some other credential like a certificate that can be revoked. There are other problems that are flashier, like spoofing and liveness, but revocation is a real show-stopper that is frequently ignored.

petejansson | 9 years ago | on: Two Factor Auth List of Websites

It's great that this exists. Many typical users are still befuddled by multifactor authentication, and the one thing that helps is practice. Unfortunately, by having all these islands of identity, the frequency of interaction for many of them ends up being low, resulting in users forgetting they enabled MFA and the associated recovery costs.

There have been technologies to try to bridge the identity islands -- social login (which previously created trust issues through OAuth abuse - many resolved, but trust is hard to win back), Mozilla persona and others. But, at the end, the hostility of end user identity is still a problem that needs to be solved in such a way that end users have good authentication choices (no more bad security questions, for example) with good security attributes (low replay, discoverability and guessability, for example) with good usability. Ideally, an end user should be able to choose an identity provider, trust them, and then use that identity provider across multiple services. I know that some companies are working on this, but it still tends to be in islands, rather than an industry group, for example, dedicated to making it work. At this point, a de facto standard may be the best thing.

I've been in meetings with IAM architects at large banks who scoff at social login because they don't want to trust social login security, yet their own end user security is marginal. Some honest conversations need to happen in this space to help move things forward.

Better identity infrastructure for end users will help service providers.

petejansson | 10 years ago | on: Knuth versus Email (1999)

While I agree with your premise about different types of work, and while I agree there's some level of clerical work required to interact with a computer, computers can do far more than clerical work, and can provide intellectual leverage when used properly. Banning a high-level executive from using something that gives them intellectual leverage holds the organization back.

petejansson | 10 years ago | on: Alan Rickman, Harry Potter and Die Hard Actor, Dies Aged 69

The article seems to say that the estimate of all who have lived is about 106 billion, so the number of currently-alive is estimated at about 6% of those who have ever lived.

Arthur C. Clarke wrote "Behind every man now alive stand thirty ghosts, for that is the ratio by which the dead outnumber the living." I wondered if that ratio needed updating. It does, but not, it seems, in the direction I expected.

petejansson | 10 years ago | on: Web Security – Client side certs

One approach is to issue one certificate per device per subject. The subject identifier could remain the same. If this approach is taken, revocation checking is critical -- you end up having a bunch of certificates that all claim to be the same subject, so you need to make sure any presented certificate is valid. However, while revocation checking is often problematic for clients, some of those issues are more easily managed on a sessile server.

petejansson | 10 years ago | on: Launching a Mac App and Becoming the Top Paid App Globally

Purely from a user's perspective, the Mac app store has a considerable advantage in centrally managing updates. Non-MAS apps each have their own eclectic ways of updating. Some support automatic update checks, while users have to explicitly check others. For the ones with automatic updates, there are a number of ways it's handled. Users don't generally want scores of update daemons running, and the whole business of "On launch, check for update, notify the user and let them choose whether to update now" really feels like the web page pop-ups that are so popular. ("I launched the app to do work, not to see if there was an update. The update prompt is in my way.") This cries out for a better user experience.

petejansson | 10 years ago | on: The geography of American left-handedness

I had years of mechanical drawing in high school, and it wasn't until my junior year that the teacher noticed I am left-handed. He started having me create drawings from the lower-right corner to the upper-left, while the right-handed kids drew from upper-left to lower-right. When I switched, I stopped having smudged drawings caused by dragging my hand across the completed parts of the drawings.

Little things.

page 1
more