Andreas Blixt

Howdy!

Andreas Blixt

Pleased to meet you! My name is Andreas and I'm a 22-year-old guy currently living in Malmö, Sweden.

Besides enjoying what most people do – such as hanging out with family and friends – I am quite the geek when it comes to computers, so it should come as no surprise that I work as a system developer.

Hobbies include developing small, mostly pointless projects, such as my MoNKey! game. I'm also into photography, and currently use a Canon EOS 450D. I usually upload my most interesting photos to my Flickr page.

If you for any reason want to get in touch with me, you can reach me at andreas@blixt.org.

Oh, and if you think all the Flickr updates in the list are annoying, you can filter them out by going to /tagged/-photo/.

External sites you may find me on:

Subscribe to the Blixt.org feed!

Flickr: Feb 1, 2009

Sunday, February 1st 2009 — Photography4 comments

Copenhagen

Copenhagen

Dig It?

Dig It?

March

March

Passwords in Databases

Thursday, January 29th 2009 — Programming2 comments

Why? Two or three times now, I've gotten an e-mail from the admin of a site that I was registered to:

"Something terrible has happened. Hackers have managed to get access to our databases..." Well, that's not too terrible is it? It only had my name, some information that was public anyways and maybe a list of people I was connected to on the site. "...we recommend that you change your password wherever you used it, and have generated new, random passwords for you." Wait... what?!

Why would my password be stored in their database in a form that could be usable by the hackers? These things happen to big sites. People see it as a sport to hack these kinds of sites. And no matter how much security you've got, you need to make sure that once they do get through, they get as little information as possible.

Securing the passwords of your users is very easy, and there's no reason not to do it. Even if you have a completely impenetrable security setup, all it takes is for an administrator to go rogue and the worst things could happen. So, how would you secure the passwords?

Hashes! Hashes are good for a lot of things, and they're great for user authentication. A hash is basically the result of a very complex algorithm that takes a string as its input. It's a "lossy" conversion, so to speak, because you can't get the original string by reversing the algorithm. You can't even figure out the length of the original string (and these hashes are always the same length, no matter if you make one from an eight-character password or from a 1 GB file.) Which means mr. Hacker wouldn't be able to do much with the hashes of the passwords.

The next thing to do would be the authentication. It's very easy. The user enters their username and password, then on the server you make a hash from the password and compare this hash with the one in the database. If they match, let the user in.

There are several algorithms to choose from. Some of the most common ones are MD5 and SHA-1, but I generally use SHA-256, as there are computers holding so-called "rainbow tables" that consist of several terabytes of hash→value mappings. SHA-256 is better because it's much harder to make these tables for it. Partly because it's bigger and partly because the algorithm is more secure.

So there you have it. Spread the word and let's make the internet a more secure place!

If you still want more security, there is one more thing you could do. Adding a random string (known as a "salt") to the password before hashing it ensures that even if there is a rainbow table for the algorithm you used, it will most likely not work for your hashes. Let the salt be pretty long because rainbow tables generally have the hashes for all alphanumeric combinations up to eight characters long. Adding a salt to a password that is already eight characters long will dramatically improve the chances that it's not included in the rainbow table.

Fountain of Youth

Wednesday, January 28th 2009 — Random Stuff11 comments

Here's an interesting article: 'Immortal' jellyfish swarming across the world

If they could just figure out how the squids "reset" their age, maybe we'll see this on humans some time in the future! Let's just hope we have started populating other planets by then, because otherwise we'll have serious population problems...

New Stuff!

Tuesday, January 13th 2009 — Programming3 comments

The last few days I've been doing a few design adjustments and code improvements to the site. Every now and then weird stuff might happen, but it's nothing to worry about!

The company where I was hosting my old site, mezane.org (just as poorly updated as this one), has gone bankrupt which means I'll be moving all its content here. And by all its content I pretty much mean my popular web design article about tabbed navigation. I'll be rewriting the article a bit to make it work better in all modern browsers, and to make it a part of blixt.org rather than being stand-alone as it is now.

In the coming months I'll try to write more articles and make this site a bit more active than it is now.

Flickr: Dec 14, 2008

Sunday, December 14th 2008 — Photography5 comments

China Box

China Box

Crowded Malmö

Crowded Malmö

Shoe

Shoe

Santa

Santa

Mocha Latte

Mocha Latte