Andy

This week, last week, Last month, I attended DebConf 20 Online. It was the first DebConf to be held entirely online, but it’s the 7th DebConf I’ve attended from home.

My first one was DebConf7. Initially I mostly started watching the videos because I wanted to learn more about packaging. I had just figured out how to create binary packages by hand, and have read through the new maintainers guide, but a lot of it was still a mystery. By the end of DebConf7 my grasp of source packages was still a bit thin, but other than that, I ended up learning a lot more about Debian during DebConf7 than I had hoped for, and over the years, the quality of online participation for each DebConf has varied a lot.

I think having a completely online DebConf, where everyone was remote, helped raise awareness about how important it is to make the remote experience work well, and I hope that it will make people who run sessions at physical events in the future consider those who are following remotely a bit more.

During some BoF sessions, it was clear that some teams haven’t talked to each other face to face in a while, and I heard at least 3 teams who said “This was nice, we should do more regular video calls!”. Our usual communication methods of e-mail lists and IRC serve us quite well, for the most part, but sometimes having an actual conversation with the whole team present at the same time can do wonders for dealing with many kind of issues that is just always hard to deal with in text based mediums.

There were three main languages used in this DebConf. We’ve had more than one language at a DebConf before, but as far as I know it’s the first time that we had multiple talks over 3 languages (English, Malayalam and Spanish).

It was also impressive how the DebConf team managed to send out DebConf t-shirts all around the world and in time before the conference! To my knowledge only 2 people didn’t get theirs in time due to customs.

I already posted about the new loop that we worked on for this DebConf. It was an unintended effect that we ended up having lots of shout-outs which ended up giving this online DebConf a much more warmer, personal feel to it than if we didn’t have it. I’m definitely planning to keep on improving on that for the future, for online and in-person events. There were also some other new stuff from the video team during this DebConf, we’ll try to co-ordinate a blog post about that once the dust settled.

Thanks to everyone for making this DebConf special, even though it was virtual!

The headset that came with my Xbox One was chewed by a dog. This Skullcandy SLYR is a fantastic step up!

Playing a networked FPS shooter with your friends requires good in-game chat. This Skullcandy set is a fantastic mic, and the sound is really impressive. Gaming and effects come through so clearly that I am using the headset as my single audio source when playing games. Clarity is wonderful and the soundstage works very well for identifying where threats are coming from. There is enough bass to make firing off a rocket launcher feel legitimate, as well.

The boom mic is a bit long for me, and I have to be sure to position the ear cups back as far as they can go, but overall fit is comfortable. The padding is high quality and just the right density to allow me to wear my thick, horn-rimmed glasses without problems or fear. Construction is great and I have no doubt this headset, Cavalier King Charles permitting, can outlast the Xbox One.

There are manual controls for in-game sound and voice chat, so you can balance the levels your self, on the fly. I found that setting the two options equally in side the Xbox' settings will allow for more fine control via the handset. If you set the levels wildly different in software, the hardware may do odd things.

Not cheap, at $90, but definitely a huge upgrade over the included headset. Skullcandy makes this model for PC gaming as well.

Skullcandy SLYR Xbox One via Amazon

The title is You Look Disgusting, but don't worry, they get to "Slut" and "False Advertising" when the make-up goes on.

Data from Spotify appear to confirm why your parents are so out of it: As people get older, they listen to less hot music of the moment, and instead just queue up the oldies.

This statistical crunch comes via Ajay Kalia, who calculated a popularity score for all songs that we streamed in 2014, and then examined who listened to them, and how old they were. The results, as he reports them:

What I found was that, on average ...

... while teens’ music taste is dominated by incredibly popular music, this proportion drops steadily through peoples’ 20s, before their tastes “mature” in their early 30s.

... men and women listen similarly in their their teens, but after that, men’s mainstream music listening decreases much faster than it does for women.

… at any age, people with children (inferred from listening habits) listen to a smaller amounts of currently-popular music than the average listener of that age.

Personified, “music was better in my day” is a battle being fought between 35-year old fathers and teen girls — with single men and moms in their 20s being pulled in both directions.

One that that really seems to kill one's desire to listen to zeitgeisty tunes? Having kids. Kalia also examined the listening habits of parents -- by identifying accounts that streamed a lot of kids' music. As he found:

Even when we account for potential account sharing, users at every age with kids listen to smaller amounts of popular music than the average listener. Put another way, becoming a parent has an equivalent impact on your “music relevancy” as aging about 4 years.

Pirated copies of two O'Reilly books on hacking, Hacking: The Next Generation and Inside Cyber Warfare: Mapping the Cyber Underworld were hosted on Sony's internal servers.

It's just one of the many juicy tidbits being mined from the Wikileaks-hosted archive of the massive dump of internal Sony documents allegedly masterminded by North Korea.

The irony is rich, as Sony has previously broken the law in its blind rage for revenge against copyright infringement.

Hacked Sony emails reveal that Sony had pirated books about hacking [Patrick Howell O'Neill/Daily Dot]

(via Slashdot)

So someone at @sony downloaded a pirated copy of my book. You guys couldn’t afford to buy a copy? https://t.co/KNT5ZvUdhU

— Jeffrey Carr (@jeffreycarr) April 17, 2015

When it comes to cyber security, even big organizations lack the basic knowledge of how to protect company’s data from the outside. Everyday businesses are facing the threat of phishing, ransomware, data breaches and malware attacks that not only results in millions of dollars losses, but also damaged the reputations. A new study shows that five out of six of the most serious IT

Orphan Black is one of my favorite shows on TV, mainly because of the star Tatiana Maslany, who plays at least a half dozen characters on the series. Lili Loofbourow profiled her for the New York Times.

She expressed some ambivalence about the way fame produces demand, especially in an age of social media. “People just want want want want stuff,” she said. There are awards shows, red carpets; she appreciates it all, but is careful not to let it control her. “You exist without this stuff,” she said. “This stuff doesn’t define you or anything.” Maslany has pointed out that her “Orphan Black” characters, too, must deal with the discovery that they are — in some sense — property and refuse to let it define them. “That always resonated for me as a woman,” she told Vanity Fair in an interview, “this idea of our bodies not being our own. That they’re owned by someone else. That the image of them is owned by someone else.”

After the whole Heartbleed fiasco, I’ve decided to continue my march towards improving my online security. I’d already begun the process of using LastPass to store my passwords and generate random passwords for each site, but I hadn’t completed the process, with some sites still using the same passwords, and some having less than ideal strength passwords, so I spent some time today improving my password position. Here’s some of the bad examples of password policy I’ve discovered today.

First up we have Live.com. A maximum of 16 characters from the Microsoft auth service. Seems to accept any character though.

 

This excellent example is from creditexpert.co.uk, one of the credit agencies here in the UK. They not only restrict to 20 characters, they restrict you to @, ., _ or |. So much for teaching people how to protect themselves online.

Here’s Tesco.com after attempting to change my password to ”QvHn#9#kDD%cdPAQ4&b&ACb4x%48#b”. If you can figure out how this violates their rules, I’d love to know. And before you ask, I tried without numbers and that still failed so it can’t be the “three and only three” thing. The only other idea might be that they meant “‘i.e.” rather than “e.g.”, but I didn’t test that.

Edit: Here is a response from Tesco on Twitter:

Here’s a poor choice from ft.com, refusing to accept non-alphanumeric characters. On the plus side they did allow the full 30 characters in the password.

 

The finest example of a poor security policy is a company who will remain nameless due to their utter lack of security. Not only did they not use HTTPS, they accepted a 30 character password and silently truncated it to 20 characters. The reason I know this is because when I logged out and tried to log in again and then used the “forgot my password” option, they emailed me the password in plain text.

I have also been setting up two-factor authentication where possible. Most sites use the Google Authenticator application on your mobile to give you a 6 digit code to type in in addition to your password. I highly recommend you set it up too. There’s a useful list of sites that implement 2FA and links to their documentation at http://twofactorauth.org/.

I realise that my choice LastPass requires me to trust them, but I think the advantages outweigh the disadvantages of having many sites using the same passwords and/or low strength passwords. I know various people cleverer than me have looked into their system and failed to find any obvious flaws.

Remember people, when you implement a password, allow the following things:

• Any length of password. You don’t have to worry about length in your database, because when you hash the password, it will be a fixed length. You are hashing your passwords aren’t you?
• Any character. The more possible characters that can be in your passwords, the harder it will be to brute force, as you are increasing the number of permutations a hacker needs to try.

If you are going to place restrictions, please make sure the documentation matches the implementation, provide a client-side implementation to match and provide quick feedback to the user, and make sure you explicitly say what is wrong with the password, rather than referring back to the incorrect documentation.

There are also many JS password strength meters available to show how secure the inputted passwords are. They are possibly a better way of providing feedback about security than having arbitrary policies that actually harm your security. As someone said to me on twitter, it’s not like “password is too strong” was ever a bad thing.

The post Bad Password Policies appeared first on David Pashley.com.

Proper grammar is important, whether you write for a living or only occasionally. It's especially important if you're looking for a job or trying to impress a new client. In this infographic, GrammarCheck has collected a list of some of the most common grammar errors people make and how to avoid them.

Read more...

We know electricity powers our computers, but that doesn't mean we can't pretend their insides are a whole lot cooler. Check out these awesome steampunk wallpapers and add the illusion of steam power to your desktop.

Steampunk

Download this wallpaper | *zy0rg on deviantART 1920x1080

Train

Download this wallpaper | The Paper Wall 1900x1343

I'll Catch You

Download this wallpaper | The Paper Wall 1920x1080

Remnants

Download this wallpaper | The Paper Wall 1600x1050

Rose

Download this wallpaper | The Paper Wall 1920x1080

Diver

Download this wallpaper | The Paper Wall 1920x1080

Hall

Download this wallpaper | The Paper Wall 2560x1440

Steam Punk Star Ward

Download this wallpaper | The Paper Wall 1920x1080

Giant

Download this wallpaper | The Paper Wall 1920x1080

Lightning

Download this wallpaper | The Paper Wall 1366x768

For more great wallpapers, check out our previous Wallpaper Wednesdays. Got any great wallpapers you'd like to share? Email me a link with "Wallpaper Wednesday" in the subject line. Submitting your own work is highly encouraged!

Unproductive days at work come in many forms. There are the days when you're tired (I probably shouldn’t have gone to that midnight movie last night), days when you’re distracted (How can I focus on work when my relationship is on the rocks?), and days when you can't get motivated (Can’t I do the monthly report next week?). And then, there are days when it just feels like your brain isn’t all the way there.

You stare blankly at the computer screen, your eyes glaze over, and no matter what you do, you can’t quite pull your head out of the fog. Ah, yes—the dreaded “fuzzy brain.” Its cause is unknown, but if left untreated, it can be quite detrimental to your productivity.

But, don’t give up on your workday and resign yourself to eight hours of Facebooking just yet. Depending on the severity of your fuzzy brain, there are a few strategies you can use to recover—or at least make this blur of a day worthwhile. Instead of staring into space while you wait for the clock to strike 5, try these tips.

Level 1: Fuzz-ish

Symptoms: Wandering thoughts, general sluggishness, and the occasional realization that you’ve been staring at the same piece of paper for five minutes but haven’t retained a bit of information.

Start With the Basics

Pour yourself a cup of coffee, nosh on a vitamin-packed snack, take a short walk to get your blood flowing, or listen to some energizing music. For low levels of fuzziness, these go-to remedies can quickly infuse a little more clarity into your day.

Enlist the Help of Your Co-Workers

Sometimes all it takes to get your head out of a fog is to interact with someone whose mind is currently clearer than yours. So, get with a co-worker to bounce ideas around—brainstorming is all about letting crazy ideas fly anyway, so even if your fuzzy brain produces some eyebrow-raising schemes, you may be able to later modify them into something actually useful.

Or, if you just want to talk through your plans for a specific project, your clear-headed co-worker will be able to point out any glaring flaws in your strategy—flaws that your fuzzy brain may have missed.

Level 2: Feeling Pretty Fuzzed

Symptoms: Difficulty focusing on any one task, aversion to all work that would require more than minimal brain power, and the surprising discovery of your stapler in the refrigerator and your lunch in your desk drawer.

Schedule Your Day

As soon as you realize your brain isn’t in prime work-mode, start scheduling out the rest of the day in solid increments and tasks. For the next hour, you’ll respond to emails, then after lunch you’ll spend 30 minutes preparing your presentation. By laying out exactly what needs to be done and when, you’ll prevent your foggy brain from getting in the way of your productivity.

Change Your Scenery

If possible (e.g., you have a laptop and a flexible boss), change your workspace. Ask your manager if you can escape to the 7th floor to the comfy chair by the big window instead of staying in your in your uninspiring cubicle, or head to a nearby coffee shop. You may not be able to make it into an everyday solution (you have an assigned workspace for a reason), but for those fuzzy days that are—hopefully—few and far between, a change of scenery could be just what you need.

Level 3: What the Fuzz?

Symptoms: Receiving curious stares from co-workers (probably because you’re trying to write with the wrong end of a pen), spending long and unintentional periods of your day daydreaming, and feeling absolutely no effects from a combination of a 5-Hour Energy shot and two Red Bulls. In short: It doesn’t look like you’re going to get anything productive done today.

Get Monotonous Tasks Out of the Way

You know the tasks you absolutely dread when you’re on your A-game at work? They’re typically repetitive and mindless (e.g., running an endless series of reports to get the numbers for your monthly marketing analysis or looking up contact information for the never-ending list of prospective clients)—which is why you’ve been putting them off. Well, those tasks are perfect for a day like this. Give your brain a rest by pushing your important tasks to tomorrow and giving in to a monotonous—but still productive—day today.

Meet and Delegate

If you have a meeting on today’s agenda, you might be tempted to postpone it until later in the week, when your brain has cleared a bit. And that’s totally OK—but, you also have another option: Send out an agenda of your talking points beforehand, and let the rest of the team know that the meeting will be a forum for discussion—where they can bring their ideas, suggestions, and issues. This meeting format will take the attention off of you (and your inability to form coherent sentences), and will put the focus on the attendees.

Then, delegate a note-taker to record the details of the meeting. When all is said and done, you’ll have a detailed record of what was discussed. Later, when your brain has cleared up a bit, you can look through those notes, address important issues, decide which ideas you’re going to pursue, and email out a copy of the notes and next steps. Even if you were a little fuzzy during the meeting, you’ll totally look like you’re on the ball.

A fuzzy brain doesn’t give you the go-ahead to waste the day. With some clever strategizing, you’ll still be able to get some work done. And when you come into the office tomorrow, you’ll be able to better focus on the more important tasks that demand your full attention.

In a Daze? Easy Ways to Defeat "Fuzzy Brain" at Work | The Daily Muse

---