28 Jun 2005
I was actually chatting with a co-worker today about the threat posed by one of us (or for that matter, anyone travelling) losing a laptop. Just getting caught up on my blog reading duties and came across this ArsTechnica post on the subject.
Sounds like Seagate will start shipping drives next year with native hardware-level Triple DES encryption. There is no performance penalty for this at-the-core encryption which could help address the problem, at least it’s better than nothing. I’m not really a security buff so I won’t comment on the actual viability of preventing access to 3DES-encrypted data from a very determined individual. It does have a 168bit key length which should prevent a strictly bruteforce attack.
Recently I wrote a little encryption utility that used AES (actually supported all standard encryption mechanisms but AES was the default) which WikiPedia mentions as being the successor to 3DES (as determined after a public competition). AES has a fairly efficiently algorithm implementable in software that offers the same or better encryption strength than triple des. The same article goes on to say that 3DES has not yet been broken but suffers from algorithm slowness when implemented in software. The Seagate solution will implement it in hardware which should negate this drawback.
26 Jun 2005
Anyone have experience with the tool FireStorm/DAO ?
FireStorm/DAO makes Java software developers more productive by automatically generating Java source code for accessing relational databases. The benefits provided by CodeFutures Java code generation approach are higher developer productivity, better software quality, reduced complexity, and lower maintenance costs.
Basically it helps ease ones pain associated with creating a DAO tier off an already existing database. It supports generating hibernate .hbm models which is interesting, anyone actually using it or has used it successfully (or unsuccessfully) in the past?
I’m wondering how it stacks up to the regular DB reverse engineering tools (inc. the new hibernate tools, middlegen?, etc.). The automated DAO tier would be nice but it’s not that terribly difficult to build a generic crud dao tier.
21 Jun 2005
Well tonight I finished hacking together my first attempt at a Ruby on Rails-based application.
Basically what I built was a clone of the *wars (ala kittenwars) site where you put images head to head and allow the viewer to vote. Not to be shy about ripping off ideas, I also borrowed the CC-licenced theme for wordpress.
It’s called FlickrWars! and the twist is that it uses Flickr as the image store allowing me to change the photosets/tags/user photos on the fly. Could be interesting if it ever goes live but it is really just a simple proof of concept.
What it supports:
– voting
– viewing of last X photos
– list of top ranked photos
– list of bottom ranked photos
– most viewed photos
Images are currently randomly placed against each other. Could easily just grab photos from a particular tag. Already thinking about a tag interface where the user could add tags to the system and a new tag would be chosen every X minutes.
All in all the project satisfied my short-term goal of building something with RoR and briefly touching the Flickr API. I didn’t really have much exposure to Ruby previously but I’ll be digging into it more moving forward.
I’ll attach a couple of screenshots to this post. The code is pretty rough and I’ll be cleaning it up over the next few days. Perhaps when its a little more polished I’ll find somewhere to put it online.
