Password Management

Almost everybody has a plethora of usernames and passwords to keep track of for all the different sites, machines, and applications. A few years ago, I started using an algorithm instead of a memorized password or a slight variant when necessary. This worked nicely for most things. Another thing that I used for a period was chemical formula combined with some name variant of the chemical. Benzene ring compounds provided numerous combinations. I probably would have continued using this method, but I'm an electrical engineer and there is a reason I did not become a chemical engineer.

Today, I just tell my password manager to generate a random password and it takes a good part of a day for the new password to be stored in my overworked brain synapses. 

So what password manager can one use? I use one called 'pass' which is totally command line based on one of my Linux machines. It can be downloaded from https://www.passwordstore.org and took me about 10 minutes to get completely functional.

The https://www.passwordstore.org web site gives example usage. This seems to work for me, but it probably won't be for everybody. The one thing that is almost certain... Today, people have so many different usernames and passwords to maintain with different requirements that one definitely needs a safe place to store all their credentials.

Mail Server Access

There are probably not too many people that experience this issue, but if you have a mail server or even a web server on your LAN then you have probably encountered this issue.

You have a domain that allows you to connect from external locations via the WAN IP address. Now your device is on your LAN and you need to connect via a LAN IP instead of the resolved WAN IP. When you think about it, this becomes clear that the role of DNS needs to provide the answer. In my case, I simply added an entry for my domain to point to a LAN IP on my router. My router's IP is the first DNS entry for connected devices. Problem solved...

Yikes! My Apple ® Lightning Cable Failed

This past weekend, I was walking through the kitchen to make my morning coffee and I noticed a discoloration on the shroud of the USB cable we use to charge our Apple ® mobile devices.

I disconnected the cable from the wall outlet. Then I touched the cable approximately 1 inch from the short and it was quite hot to the touch. Approximately 30 seconds post disconnect, I touched the connector that a device would be connected to and it was still very hot to the touch.

Fortunately, no device was connected and nothing flammable was in proximity of the short. It is not known if there was enough heat produced to ignite a Lithium battery of a device, but I'm glad that a device was not connected for me to find out.

This is most likely the oldest and most used Apple lightning cable that we use. I suspect that the insulation surrounding Vcc and GND must have failed within the shroud, shorted producing the damaged cable. I would consider the usage for this cable to be quite normal. We do not bend it into acute angles or twist it. Simple angles and rotations to get connected to a device (iPod, iPad, or iPhone).

As an Electrical Engineer, I felt the responsibility to report this as an incident to UL since it is clearly a safety issue that could have resulted in a house fire. I'll be shipping the cable to UL in the morning for them to analyze.

If this is a failure mode that occurs after 2 to 3 years of usage, it would be very bad given the number of these cables in use with some of the first devices using these cable hitting this timeframe. If you notice a difference in the shape of the cable shroud, failure for devices to charge, or discoloration of the shroud, then stop using that cable and error on the side of safety.

iptables and denyhost

If you have a Linux server exposed to the Internet, then you may be aware of the constant authorization attempts from all over the world. If you are not aware, then you just have not looked at your log files to see all the failed attempts.

This is where denyhost comes into play. It will monitor these attempts and after a number of failed attempts add an iptables entry to block that IP. I typically allow 3 attempts before adding the IP to be blacklisted. This has worked nicely for me. I proactively block huge blocks of IP addresses with a simple script that gets all the IP addresses for certain countries and blocks them all. This has been the single most effective measure to eliminate a huge percentage of the auth guessing attempts.

Digital Noise

I used the term "digital noise" several years ago to describe people distracted by their cell phones or Blackberry. I just returned from a vacation with my family where we were completely disconnected from any "connected" devices. I had my iPad, but I literally used it to only read books as I lounged on the deck by the pool. I observed the behaviors of people throughout the week. I'd see an entire family or group of friends sitting in close proximity of each with their gaze constantly on their smartphone. On the cruise ship, it wasn't as common. I suspect that was due to the excessive prices that they'd be subject to for using the ship's data connection. However, traveling back through airports where people are connected via their data plan or free wifi the number of people gazing into their smartphone increased by at least an order of magnitude.

I'm not one to judge people for excessively using their smartphones, but it looks like there is some addictive strain driving people to be constantly checking social media.