My Weblog

Safe computing

gemvekar — Sat, 27 Sep 2008 09:38:42 +0000

Are passwords safe?

Click Here!
Click Here!
Click Here!
Click Here!
Click Here!

They may soon be, with other ways of authentication and identity protection making their presence felt.

The fact that passwords are not the securest of authentication techniques is well known. Most of us use passwords that are easy to remember, and therefore, easy to crack. Phishing threats and a lot of malware are focused on stealing your online identity—your usernames and passwords.

Security experts think that protecting your online identity is far easier if the ‘human’ element in remembering that identity is minimized. The time, it seems, has come for moving beyond passwords to other authentication techniques that are easier to use and provide adequate protection against identity theft.

Two initiatives here are gaining importance—the OpenID initiative and Information Cards. Some experts state that both can work in tandem, while others are of the opinion that they represent two distinct approaches to authentication.

OpenID

OpenID satisfies the condition of being easy to use. It involves creating a single ID for a user, which can be used to log on to different sites. Thus, you can use the same ID, for instance, for your email account, blog site, and social networking site. Several service providers, such as Microsoft, AOL, Yahoo, Google, IBM, MySpace and others, support OpenID logins. This means that if you use any of their services, you already have an OpenID.

OpenID works as follows. The OpenID identity provider (OP) is the entity that provides you with an OpenID, in the form of a URL. Services like AOL, Yahoo, or Google enable you to use your account details as your OpenID. Independent providers like myOpenID (www.myopenid.com) and myID.net (www.myid.net) also provide a similar service. Other OPs, such as VeriSign provide an OpenID along with stronger authentication than passwords, such as security tokens.

When you go to a site that supports OpenID logins (you can make that out from the OpenID logo near the login form), you can use your OpenID instead of creating a fresh username and password. However, not all sites support OpenIDs from all OPs. You may, therefore, require a set of OpenIDs, each of which works on a group of websites.

The advantage with OpenID, of course, is that it is less time-consuming than registering yourself with each site you visit, and creating a username or password each time. It also saves you the trouble of remembering so many passwords. The loophole is that if your OpenID is stolen, it would give access to that much more confidential data about you. And OpenID is as vulnerable to phishing attacks as the passwords themselves.

However, OpenID is in its nascent stages yet, and a lot of development is still going on. Further development could result in a scenario where a few trusted OPs generate OpenIDs with stronger authentication mechanisms than passwords, and websites support OpenIDs from one or more of such OPs. That stage, if it comes about, is definitely some years away.

Information Cards

Information Cards, supported by the Information Card Foundation (ICF), rely on cryptography for authentication and do away with usernames and passwords altogether. There has been a lot of conceptual development and discussion about information cards, and practical applications have now begun.

An identity provider would issue you an Information Card, which would reside on your PC as a desktop icon. To authenticate yourself to a site, you will need to click the desktop icon. This works as a digital identity for you; your authentication works by exchanging cryptographic information with the site that would need to support Information Cards. It is possible to envisage a set of Information Cards, each of which can be used for authentication on several websites.

The advantage here is that in a single stroke, authentication moves beyond usernames and passwords, thus negating any threats of password theft. You also don’t need to remember anything, so that the days of not being able to login because you’ve forgotten your password can be left behind. Since authentication is based on encryption, it is difficult to hack.

On the other hand, this system could take years to be implemented, because websites have to begin to use it instead of the current login process. Also, the process of generating encryption keys for creating Information Cards will be carried out by computers; and many computers today don’t have the requisite software to do this on a large scale.

Moreover, one issue with the Information Card is that since the information is stored on your desktop, you will not be able to authenticate yourself from any other machine. Remote logins to certain websites will not be possible, unless you store your Information Card on every machine that you use, which, again, undermines security.

Some security experts also suggest that Information Cards should be used for authentication along with OpenIDs. Since both authentication technologies are fairly new and still under development; the future of their adoption and implementation is quite fluid. In the near future, it seems, a strong, tough-to-crack password is the best bet.

Technology

gemvekar — Sat, 27 Sep 2008 09:35:01 +0000

Mind reading scanner!

The Department of Homeland Security in the US is testing a new security system, which is actually a body scanner that can read the mind.

Dubbed Malintent, this scanner searches the human body for non-verbal cues to determine if said body intends to harm fellow bodies.

Malintent is equipped with a series of sensors and imagers that can read body temperature, heart rate, and respiration for unconscious tells invisible to the naked eye — signals terrorists and criminals may display in advance of an attack. These sensors work without any actual physical contact (read: freedom from cavity searches).

And if you’ve just jogged to the airport on a hot summer day because you were late to your flight… well, let’s just say there will be much snapping of surgical gloves in your future.

Deepika Padukone

gemvekar — Sat, 27 Sep 2008 07:39:30 +0000

Qualities you look for in your man?
Honesty, good natured, helpfulness and a nice sense of humour are the ‘must haves’.

Do ‘good looks’ also find place in your list? And how high in the order?
‘Good looks’ is obviously there in my list, but it does not figure that high in the pecking order.

If you like a guy, would you make the first move?
No, I am too traditional in that the sense. If he likes me, he will have to make the first move.

Would you ‘dress to kill’ on the first date?
No, I would wear something I would be comfortable in rather than something which might attract him, but make me look like a complete fool.

Would you offer to foot half the bill on your first date?
Yes, I would definitely, but it would be up to him to accept.

What would be your reaction if girls made a pass at your guy?
I would not lose my cool for sure because if we are together, then the trust factor has to be there.

Would you like him dictating what you should wear and what not?
If he likes me, he will have to accept me as I am. So definitely, he would have no right to dictate to me.

If you and your guy had to go away from the busy life, where would you be heading out to?
We would go to Rishikesh for some serious mountaineering and river rafting. I love adventure sports.

One general trait of men you dislike?
That it’s not manly enough to cry.

Among the current Bollywood hunks, who comes nearest to your man?
That a tough question, I think I better give it a pass.

Protected: Entertainment

gemvekar — Sat, 16 Aug 2008 11:10:16 +0000

This post is password protected. You must visit the website and enter the password to continue reading.

What is Asp.net?

gemvekar — Mon, 04 Aug 2008 06:29:27 +0000

Hi i am vekariya gulam mohayuddin.I am a software engineer.

What is ASP.net?

This tutorial written and contributed by Mitchell Harper. Please see footnote for more info.

You’ve probably heard the word ASP.net fairly often these days, especially on developer sites and news. This article will explain what the fuss is all about. ASP.NET is not just the next version of ASP; it is the next era of web development. ASP.NET allows you to use a full featured programming language such as C# (pronounced C-Sharp) or VB.NET to build web applications easily.

ASP.NET still renders HTML

Unfortunately, the Internet still has bandwidth limitations and not every person is running the same web browser. These issues make it necessary to stick with HTML as our mark-up language of choice. This means that web pages won’t look quite as amazing as a fully fledged application running under Windows, but with a bit of skill and creative flair, you can make some rather amazing web applications with ASP.NET. ASP.NET processes all code on the server (in a similar way to a normal application). When the ASP.NET code has been processed, the server returns the resultant HTML to the client. If the client supports JavaScript, then the server will use it to make the clients browser experience quicker and easier. Even with HTML being the limiting factor here, ASP.NET still manages to bring true OOP (Object Oriented Programming) to the Internet.

OOP on the Internet

Object Oriented Programming makes it possible to build extremely large applications, while still keeping your code clean and structured. Now with ASP.NET, we can do the same on the web. Traditional ASP uses HTML and VBScript (or Jscript) to process and render pages, but because VBScript is a scripting language, you were forced to write spaghetti code (VBScript was entwined in the HTML and ended up rather messy in larger applications). ASP.NET separates code from display, and you can even have pages with no ASP.NET code in them at all. By adding references in your HTML (called controls), you can tell ASP.NET that you want a button here, some text there, and then in your code, you can manipulate what these controls look like, what they display, how big they are, etc. Controls can do more than just display information. You can add events to controls, so that when a visitor clicks on a button, for example, ASP.NET executes a function of your choice.

Web Services

One great feature of ASP.NET is Web Services. Web services mean that you can literally have several pieces of your application on different servers all around the world, and the entire application will work perfectly and seamlessly. Web services can even work with normal .NET Windows applications. For example: A lot of people would like to have a stock ticker on their web site, but not many people want to manually type in all changes to the prices. If one company (a stock broker) creates a web service and updates the stock prices periodically, then all of those people wanting the prices can use this web service to log in, run a function which grabs the current price for a chosen company, and return it. Web services can be used for so many things: news, currency exchange, login verification.. the ways in which they can be used are limited to your imagination!

Great XML Support

ASP.NET makes it simple to use XML for data storage, configuration and manipulation. The tools which are built into ASP.NET for working with XML are very easy to use. XML is excellent for storing information that rarely changes, because you can just cache that information in the computers memory after it has been initially extracted.

Class Library

ASP.NET includes an enormous class library which was built by Microsoft. Because this class library is so large, it encapsulates a a huge number of common functions. For example, if you wanted to retrieve data from a database and display that data in a simple grid control through classic ASP, then you’d have to write quite a lot of code.

In ASP.NET, you don’t write any code to display the data: you just write the code to bind the data to an object called a DataGrid (which can be done in just a couple of lines). Then, you just have to create a reference on your page to where that DataGrid should go. The DataGrid will be rendered as a table, and will contain all of the data extracted from the database.

Microsoft has created an amazingly well designed MSDN library for ASP.NET and all of the other .NET languages. It includes a full class library containing information and examples on every class, function, method, and property accessible through ASP.NET.

The MSDN library also includes some tutorials and examples to get you started. It may take you a while to get used to the format and layout of the MSDN ASP.NET library, however, once you do, you will find it’s an invaluable resource to aid you throughout your ASP.NET learning experience. The .NET MSDN library can be found at http://msdn.microsoft.com/net/

Complete Compatibility

One of the most important goals of .NET was to allow developers to write an ASP.NET application using multiple programming languages. As long as each ASP.NET page contains only one programming language, you can mix and match different pages using different languages and they will work together seamlessly. This means you can now have a team of developers with half programming in C#, and the other half in VB.NET, with no need to worry about language incompatibilities, etc.

A cool little side-affect of all this is that all the programming languages look very similar, and differ only by their language syntax.

Take the following code snippets for example. They both do exactly the same thing but the first is written in C#, and the second in VB.NET.

The C# version:
void Page_Load(Object S, EventArgs E) { myLabel.Text = "Hello world!!";

The VB.NET version:
Sub Page_Load(S As Object, E As EventArgs) myLabel.Text = "Hello world!!"
End Sub

If you take either of the code examples shown above and add the following HTML to them, then they would both run perfectly inside of an ASP.NET page:


"Hello World" example!

Hello world!

gemvekar — Wed, 30 Jul 2008 12:32:22 +0000

Welcome to WordPress.com. This is your first post. Edit or delete it and start blogging!