We have been using passwords for too long

Every time I have to register to a website using a password, I grow more annoyed. Passwords were fine when you only had one, to log in to your corporate mainframe. But these days, computers are better at cracking passwords than humans at remembering them.

It only gets worse with the more sites you maintain profiles. You shouldn’t use the same password all over. If it was hacked, your entire online identity could be compromised. And nobody can remember good strong passwords for every site he visits. Password managers are no solution. You need to have them with you all the time. They are protected by a master password. So if an attacker can get hold of your database and your master password, which is easily attainable with a trojan, then good luck. He even gets a list of sites to visit.

OpenId and OAuth are a step in the right direction. In theory, you could maintain your identity with a central entity, and use it as a proxy to authenticate you. You have to choose that central entity that manages your identity well, as is can now track your every move. Hence, It would be best, if you could host it yourself. But it is usually still only protected by a password. Since you now only have to remember one, it’s easier to choose a strong one. But again, if an attacker gets hold of your password, he can impersonate you.

So, we need hardware based two factor authentication (something you have and something you know). For about one and a half years I’ve been using a CryptoStick for said two factor authentication. It works great for email, files, ssh, package signing, full disk and disk image encryption, but I couldn’t figure out so far how to use it for web authentication. They mention a service for a SmartCard backed OpenId. That would be just what I want, but I couldn’t figure out how to make it happen. Continue reading “We have been using passwords for too long”

an ultrabook for developers

My old netbook still runs, but it shows signs of senility. I have been thinking of a replacement for a while, but as it still worked, that was constantly postponed. When I first read about project sputnik, I thought this is great news and I want one. The device that followed looked very nice, but was a little bit over my budget. Only when the value of BitCoin rised to new hights, I ordered a Dell XPS13 developer edition. The dell representative told me that they don’t YET accept BitCoin for payment, but he was well aware of what it is. Apparently the device shipped from Asia. Since I didn’t know that, I waited eagerly and checked the status every day. After it was in delivery already three days after ordering, I didn’t understand why UPS didn’t even receive the box more than two weeks after that.

The device is really slick. I had no issues so far, not even with the graphics driver. That is also why I wanted this device that comes with ubuntu, and fully supports it. All the drivers are in the vanilla kernel. The graphics card drivers were always the culprit with my previous netbooks. They both had binary drivers when they came out, no 3D acceleration, and the situation degraded gradually. After the second OS upgrade I usually even lost 2D acceleration. Now that I have an ultrabook with a GPU that is apparently fully supported, I wanted to see how well the GPU performed. So I grabbed my very first OpenCL program to give it a try. I was glad to see, that the intel OpenCL driver was already packaged in the ubuntu repository, and that the 4400 GPU support was recently added. This situation is much better than when I started with OpenCL. But I soon realized that this GPU or it’s driver doesn’t support the kind of memory sharing that I used in the example. So, I had to slightly rewrite the host program, no big deal. On the other hand, it would support double precision floats which my geforce in the workstation doesn’t. But after that, I found out that this tiny ultrabook outperforms my five year old workstation by a big margin on CPU and GPU. And that is by using only a fraction of the power. Then I applied the same changes to my GPU accelerated ray tracer. The ultrabook ran the homework image in 15 minutes. So this one was a bit slower than the workstation.

In general, the experience with the XPS13DE is just great. Everything is so responsive, totally different than with the Atom based netbook. The only thing I would have ordered differently if I had a choice was a bigger SSD. Although I was lucky already, If I had ordered a month earlier, It would have come with 128 instead of the 256GB SSD.

The setup was about as follows:

  • OS install with smart card backed full disk encryption
  • setup smart card authentication for ssh
  • checkout of my git home repo.
  • software install with my setup script that adds ppa repositories and apt-get installs everything I need
  • Checking out all source repositores (git and hg) that I usually work with that are not already submodules of my home repo
  • integrate the plasma-desktop into unity so that I could still use the bitcoin plasmoids. But the experience with this integration was not so good, so I reverted that. I will look into writing a screenlet for gnome.
  • syncing the git repos for photos and music. They are why I would have wished for a bigger SSD.
  • syncing the BitCoin block chain

I’m grateful that the BitCoin price surge gave me the opportunity to “vote with my wallet“. Otherwise I would maybe ended up doing the same as last time: buying a cheaper model with a mediocre operating system that I don’t want. That would send the wrong signals, and reinforce the vicious circle. At least Dell has realized that people want good hardware with good linux support. Yes, people are willing to pay a premium for good hardware support for a free and open operating system.