Creating Effective Passwords

It’s like a recurring nightmare—the whole issue of passwords simply won’t go away. People continue to use really awful passwords like secret and password because they’re easy to remember and they view passwords as a pain. A user will rely on the same password for everything, so once a hacker figures the password out, every resource the user can access is wide open. To make sure everyone can access the user’s account, the password often appears on post-it notes and in other obvious places. Of course, the user never, ever changes the password so once a hacker gains access, the accounts will remain open forever. This is just the tip of the password complaint iceberg.

Microsoft and other vendors are trying to remedy the situation by using biometric data or smart cards. The problems with smart cards are that they’re easily copied and even easier to lose. A lot of organizations have tried smart cards and found them to be less than ideal. Biometric data is just as bad. There are ways of easily thwarting fingerprint scanners today. Of course, once a fingerprint is hacked, you can’t change it. Fingerprints are unique, but using just a fingerprint means that everyplace you log in effectively uses the same password. So, once someone does hack your fingerprint, they can access absolutely everything you can. To overcome the issues with a single biometric, some researchers are now suggesting the use of a Multi-Biometric Authentication System (MBAS), which is also called a Multimodal Biometric Authentication System. So, how you have a really expensive, overly complex system that is bound to have a high failure rate.

The problem with all the various lines of thought out there now is what I call the magic bullet syndrome. Someone thinks that there is a solution that will somehow thwart the bad guys. Unfortunately, history proves that the bad guys always come up with a way to storm the gates and that any wall you build will prove too low at some point. I’ve advocated the passphase system for years because you can create passwords that are both strong and easy to remember. Passphrases can be quite long, complex, and still make it easy for someone to enter correctly nearly every time. In addition, you can change passphrases with the same ease that you can a password. Changing your password or passphrase relatively often means that even if hacker does gain access to an account, it’s unlikely to remain open to them. Still, no solution is perfect, which is why security monitoring is an essential part of any security solution.

Of course, whether you use a password or a passphrase, you need to know that it’s strong enough to keep hackers at bay, at least for a while. Therein lies another problem. According a recent ComputerWorld article, many of the password strength meters out there are giving users a false sense of security. They really don’t tell you that your password or passphrase is strong enough to withstand easy attack. When creating a password or passphrase, avoid using words that are spelled precisely the same as they are in the dictionary. For example, you could replace the letter E with the number 3. Make sure the passphrase is relatively long and complex. It should include spaces (when allowed) and special characters (such as the ampersand, &). Use a combination of uppercase and lowercase letters. Include numbers. Misspell a word or two, such as “MiG00dPassphras3”. The point is that you want to make things hard on your attacker, but still easy to remember.

When all is said and done, your best defense against hackers is vigilance. It doesn’t matter whether you use passwords, passphrases, smart cards, or biometrics. If someone really wants to gain access to your account, you have to assume they’ll be successful. Don’t believe in magic bullet solutions because they really don’t exist no matter what someone might try to tell you. Make sure you change your login information on a regular basis and keep an eye on the resources you use. Report any suspicious activities that you find. In short, don’t assume that you’re safe because you really aren’t. Let me know your thoughts about passwords, passphrases, smart cards, and biometrics at John@JohnMuellerBooks.com.

 

 

Cloud Computing and Privacy Rights

A number of the science fiction books on my shelf view the earth as having a single government. Countries no longer exist. Of course, we have still have countries. In fact, if anything, we have more countries today than we did thirty years ago. However, the Internet has reduced the impact of borders. The presence of global trade and other globe girdling changes have reduce the impact of borders even more. Still, countries exist partly because tradition demands it and partly because different groups have their own ideas of what a country should look like.

Most of my book shy away from any sort of legal discussion, mostly because I’m not a lawyer, but also the discussion of technology doesn’t apply to any particular country or its laws. When readers write to me, it doesn’t matter what country the reader is from, I can usually answer the question in precisely the same way. Variables work the same in Germany as they do in Spain, Japan, and America. It doesn’t mean that I’m unaware of potential legal issues surrounding technology. For example, I’ve written about privacy (or the lack thereof) a number of times.

Legal requirements, privacy needs, and the problems with borders are about to become more and more important because of one current technology and likely a host of others at some point. Storing data in the cloud means that users could create a situation where even the smallest company is in for a nasty surprise should the user work with data in other countries. Actually, the mere storage of data in the cloud could cause problems. Let’s say that the user in America chooses a storage facility in Mexico because it provides the least expensive service. Theoretically, the user’s data is subject to the laws of both Mexico (because that’s where the data is located) and America (because that’s where the user is located). If the user then travels to another country, such as Iraq, the data becomes subject (at least in theory) to the laws of Iraq as well.

In reading the views of several industry pundits on the topic, I can see where the legal issues could become quite vexing indeed—taxing even the best lawyer’s ability to untie the Gordian knot of legal consequences. So far, I can’t find anyone really trying to apply these multiple jurisdictions to a single user’s data, but I imagine it’s only a matter of time. As more and more technologies become global, however, and we begin to explore the stars with a greater sense of urgency, I begin to wonder just how long countries will continue to exist. It makes me wonder whether there will be a point at which the legal burden alone will make it a lot easier to have a single set of laws worldwide.

A number of people I’ve approached on the topic have presented perfectly valid arguments against a one world government. The most reasonable argument is that administering a single country is hard—trying to administer the entire world from a single place might well prove impossible. Still, I see more and more arguments about this whole issue of legal requirements, porous borders, global economies, and the like and it does make me wonder.

How do you feel about the legal issues regarding cloud computing? Is this simply the beginning of a much larger trend where legal requirements start to eat away at the need for countries? Does our future really involve a single world government? Let me know your thoughts on the issue at John@JohnMuellerBooks.com.

 

Contemplating the Future of Prosthetic Devices

I keep up with the technology used to help people live fuller lives when they have a special need in as much as is possible. Of course, even if I devoted full time to the task, keeping up with every innovation would be impossible. Still, I try to find articles and other resources that go along with some of the concepts I originally discussed as part of Accessibility for Everybody: Understanding the Section 508 Accessibility Requirements. I recently read a Smithsonian article that helped me better understand precisely where prosthetic technology will be going in the future. Hugh Herr has turned a terrible life experience into something incredibly positive by creating prosthetic devices that work more like the flesh and blood counterparts they’re designed to replace.

The technology described in the article is simply amazing. However, the article also underscores some of the underlying issues that anyone with a special need faces. People automatically think that anyone with a special need is somehow deficient or requires special treatment. Given the resources, training, and devices available today, most special needs people can live as if they don’t have a special need. In fact, as far as they’re concerned, they don’t have one. So, while the article does describe really cool technology and tells of the heroic battle fought by several people to live normal lives, it also tells of a society that just isn’t ready to understand how technology can level the playing field and what a desirable response to special needs people should be.

Which brings me back to my book. When readers write me about my book, they often miss the point. Yes, my book is designed to help developers create really cool applications. It’s also designed to help people understand their legal and moral responsibilities in helping people with special needs. A few readers even get the idea that they’re likely to require special aids at some point in their lives. However, almost everyone misses the the point that I wrote my book to help people, all people, feel acceptance for who they are—no matter who they might be or what their requirements are.

Forward thinking people like Hugh Herr really are important today because technology such as bionics have the potential to change how we view humans as a species. A recent MIT Technology Review article highlights where Dr. Herr is going and where he wants to take us. If he can realize his vision, the things we’ll be able to do boggles the imagination. More importantly, the loss of a limb will no longer be an impediment to doing anything at all. Perhaps the makers of The Six Million Dollar Man had it right all along.

Where do you think we’re going with technology designed to overcome special needs in a way that makes them all but invisible? More importantly, what do you feel are the changes society needs to make with regard to treatment of special needs people? Let me know your thoughts at John@JohnMuellerBooks.com.

 

Selecting a Computer Book

Readers contact me on a regular basis about selecting a computer book. I often think they want a precise recommendation from me (and some do ask me to provide a specific recommendation). However, I can’t choose a book for you or any other reader for a number of reasons. Most important of all, I don’t know how you learn. There are other issues too. For example, I can’t always guess from the e-mail precisely how you intend to use the book or what sort of information you need from it. In short, my best guess probably won’t be good enough.

Originally, I tried to handle the situation by providing a blog post entitled, “Techniques for Choosing a Technical Book.” The blog post worked well for a while, but it still doesn’t really answer reader needs. For example, readers would often act oddly if I didn’t recommend one of my own books, even though I knew from the reader query that my book would only solve part of their need and there was a better option out there. (Part of creating a book proposal is to look at the competition in depth and determine how your book will fill a niche that the competition doesn’t. I try to be honest with readers in this regard so that when they do buy a book, they’re happy with the purchase.) With this in mind, I wrote a series of three articles that examines the whole question of selecting a computer book in significantly more detail:

The goal of these three articles is to provide you with the best possible information about selecting and using a computer book. The thing I’ve noticed most often when I receive complaint e-mails is that even when a reader does select a truly usable computer book, sometimes they don’t get the most out of it. A purchase is only as good as the value you receive from it. These articles are designed to increase your satisfaction by helping you use the books more effectively.

Choosing and then using a computer book effectively will help you gain new marketable skills and insights into the computer industry. Overall, it’s my goal to help you earn more money or live a better life when I write a computer book. In other words, my goal is to help you gain something of value—something that you can later say improved your life in some way. Of course, I’m always refining my skills and choosing new techniques based on reader needs at any given time. That’s why I always want to hear from you at John@JohnMuellerBooks.com.

 

Self-driving Cars in the News

I remember reading about self-driving cars in science fiction novels. Science fiction has provided me with all sorts of interesting ideas to pursue as I’ve gotten older. Many things I thought would be impossible, have become reality over the years and things that I thought I’d never see five years ago, I’m seeing in reality today. I discussed some of the technology behind self-driving cars in my Learning as a Human post. The article was fine as it went, but readers have taken me to task more than a few times for becoming enamored with the technology and not discussing the reality of the technology.

The fact of the matter is that self-driving cars are already here to some extent. Ford has introduced cars that can park themselves. The Ford view of cars is the one that most people can accept. It’s an anticipated next step in the evolution of driving. People tend to favor small changes in technology. Changes that are too large tend to shock them and aren’t readily accepted.

Google’s new self-driving car might be licensed in Nevada, but don’t plan on seeing it in your city anytime soon (unless you just happen to live in Nevada, of course). A more realistic approach to self-driving cars will probably come in the form of conveyances used in specific locations. For example, you might see self-driving cars used at theme parks and college campuses where the controlled environment will make it easier for them to navigate. More importantly, these strictly controlled situations will help people get used to the idea of seeing and using self-driven vehicles. The point is to build trust in them in a manner that people can accept.

Of course, the heart of the matter is what self-driving cars can actually provide in the way of a payback. According to a number of sources, they can actually reduce driving costs by $190 billion dollars per year in health and accident savings. That’s quite a savings. Money talks, but people have ignored monetary benefits in the past to ensure they remain independent. It will take time to discover whether the potential cost savings actually make people more inclined to use self-driving cars. My guess is that people will refuse to give up their cars unless there is something more than monetary and health benefits.

Even though no one has really talked about it much, self-driving cars have the potential to provide all sorts of other benefits. For example, because self-driving cars will obey the speed laws and run at the most efficient speeds possible in a given situation, cars will become more fuel efficient and produce less pollution. The software provided with the vehicle will probably allow the car to choose the most efficient route to a destination possible and provide the means for the car to automatically navigate around obstructions, such as accidents (which will be notably fewer). People could probably be more assured of getting to their destination on time because they won’t get lost either. Working on the way to work will allow people to spend more quality time with family. It’s the intangible benefits that will eventually make the self-driving car seem like a good way to do things.

The self-driving car is available today. It won’t be long and you’ll be able to buy one. You can already get a self-parking Ford, so the next step really isn’t that far away. The question is whether you really want to take that step. Let me know your thoughts on self-driving cars, their potential to save lives, reduce costs, create a cleaner environment, and make life generally more pleasant at John@JohnMuellerBooks.com.

Renewable Energy Inroads

I’m all for making the planet less dependent on fossil fuels, if for no other reason than they represent a finite resource. Renewable energy offers to replace the finite resources we use now with something we can harvest forever. The problem is that many renewable energy sources are really quite dirty. For example, the solar cell that adorns your roof may be killing people in China. In my opinion, we really don’t need to clean up our part of the planet by making China’s part of the planet even dirtier. In the long run, we won’t benefit by that strategy. Just think of all the really interesting poisoned toys China will send our way—toys poisoned by our own toxic waste. The toxins we generate in other countries tend to come back to haunt us.

It was with mixed feelings that I recently read that solar energy will become a major energy source within 15 years. The reasons for the increase in usage are many, but the basic reason is that solar is becoming less expensive to install and maintain. The costs of the solar panels and their installation has gone down considerably, so it’s possible that solar power might actually become less expensive than using fossil fuels at some point. Of course, the savings assume that you’re not storing excess power in batteries. Adding batteries to the picture greatly increases costs and makes solar quite expensive indeed.

There is one benefit to solar energy that many people don’t think about. If the solar panels appear on people’s rooftops in a decentralized configuration, the ability of terrorists to disrupt the electrical system is greatly diminished. A decentralized setup also reduces costs associated with power transmission and could actually do things like reduce cooling costs in summer. Of course, the utilities aren’t crazy about decentralized solar because it cuts into their profits, but the fact of the matter is that we need a better setup than the one we do now. Our system is so fragile right now that I’m often surprised a storm or other simply cause doesn’t knock out major sections of the country.

The bottom line for me is that we really do need to reduce our power usage and embrace renewable energy sources. However, we need non-polluting renewable energy sources or at least sources that pollute less than the ones we have now. I last tackled this topic in More People Noticing that Green Technology Really Isn’t. The fact is, nothing has changed in the technology, but the need to address the technology shortfalls has just become greater. Before a technology that pollutes our planet quite a lot becomes entrenched, we need to come up with answers to deal with the pollution—preferably a better technology.

What are your thoughts on renewable energy? What forms do you feel pollute the least and provide the greatest benefit to people as a whole? Do you see renewable energy becoming the only power source at some point? Let me know your thoughts on these and other energy concerns at John@JohnMuellerBooks.com.

 

Understanding the Effects of Net Neutrality on Web Programmers

There has been a lot of hubbub about net neutrality. I even saw not one, but two articles about the topic in my local newspaper the other day. Of course the discussion has been going on for a while now and will continue to go on—eventually ending up in the courts. My initial interest in the topic is different from almost every other account you read. While everyone else seems to be concerned about how fast their app will run, I’m more concerned about getting new applications out and allowing them to run correctly on a wide range of systems.

Both HTML5 Programming with JavaScript for Dummies and CSS3 for Dummies speak to the need of performance testing. Neither book covers the topic in detail or uses exotic techniques, but it’s an issue every good programming book should cover. Of course, I had no idea at the time I wrote these books that something like net neutrality would become fact. The developer now has something new to worry about. Given that no one else is talking much about developer needs, I decided to write Considering Net Neutrality and API Access. The article considers just how developers are affected by net neutrality.

If net neutrality remains the law of the land, developers of all types will eventually have to rethink strategies for accessing data online as a minimum. However, the effects will manifest themselves in even more ways. For example, consider how net neutrality could affect specialty groups such as data scientists. It will also affect people in situations they never expected. For example, what happens when net neutrality assures equal access speeds for the x-ray needed to save your life and that online game the kid is playing next to you? Will people die in order to assure precisely equal access. So far, I haven’t found anyone talking about these issues. There just seems to be this nebulous idea of what net neutrality might mean.

My thought is that we need a clearer definition of precisely what the FCC means by equal access. It’s also important to define exceptions to the rule, such as medical needs or real time applications, such as self-driving cars. The rules need to spell out what fair really means. As things sit right now, I have to wonder whether net neutrality will end up being another potentially good idea gone really bad because of a lack of planning and foresight. What are your ideas about net neutrality? Let me know at John@JohnMuellerBooks.com.

 

C++ All-in-One for Dummies, 3rd Edition, Error

It seems to be my week for reporting errors! Just yesterday I reported one in Beginning Programming with Python For Dummies. Today I’m reporting an error in C++ All-In-One for Dummies, 3rd Edition. If you look in Book I Chapter 3 on page 67, you see Listing 3-6. The listing title tells you that this example uses brackets to access an individual character in a string, which is precisely what it does. However, what the example is supposed to do is show you how to create the string in the first place. Look at Listing 3-7 on page 68 and you see an example that performs this task. The two listings are switched. As you go through the book, please use Listing 3-7 first and Listing 3-6 second. I’m sorry about any confusion caused by the error. Please contact me at John@JohnMuellerBooks.com if you have any questions about this or any other error in the book. I’ll be only too happy to help.

 

Beginning Python for Dummies Chapter 13 Error

Even with the most carefully crafted book, errors do creep in (see Errors in Writing). There is an error in Chapter 13 of Beginning Programming with Python For Dummies on page 247. In Step 8 you are supposed to, “Type MyTuple[4] and press Enter.” The output information for that step is wrong. Instead of seeing Orange, as specified in the book, you see Yellow. The value Yellow was added to the tuple in Step 7 as the fifth value, which you access using MyTuple[4]. I’m sincerely sorry about any problems that the error may have caused in using the book. Please let me know if you have any questions about this issue at John@JohnMuellerBooks.com.

 

Review of Mastering VBA

A lot of people have asked about the next book to read after reading VBA for Dummies. Yes, the current 5th edition of VBA for Dummies still works fine as a starting point, even with issues such as dealing with the Ribbon to consider. In fact, you can find some great updates to VBA for Dummies on my blog. However, the fact of the matter is that readers have been asking for more, which is where Mastering VBA by Richard Mansfield comes into play. This is the next book you should get if you want to move on from what VBA for Dummies shows you to writing applications with greater functionality. For example, a lot of you have requested more information about creating forms and Chapters 13 through 15 will help you in this regard. Richard has done an outstanding job of moving you to the next step of creating the complex forms required for robust applications.

Another common request that Mastering VBA addresses is the need for security. While VBA for Dummies helps you understand the need for basic security, Mastering VBA takes the process several steps further and could help prevent breaches given the modern computing environment (one that didn’t exist when I wrote VBA for Dummies). Chapter 18 begins the process by emphasizing the need to build well-behaved code. After all, if your code doesn’t behave, there isn’t any set of security measures that will protect it from harm. Chapter 19 goes on to help you understand the essentials of good security, especially with all the modern threats that cause problems for developers today.

At 924 pages (versus 412 for VBA for Dummies), Richard is also able cover some topics in detail that would have been nice to have in my own book. Readers have complained about having to go online to view object model details for the various Office applications in my book. Mastering VBA provides coverage of the object model as part of the book so you can work through it without having to go anywhere else. It’s a convenience issue—readers really shouldn’t have to look for essentials like the object model online, but every author has to face space limitations when putting a book together. The object model material is spread out across the book, but there really isn’t any way to organize it so that it all appears together. This is one time when you’ll need to actually use the table of contents and index to find the material you need.

As with all the books in the Mastering series, this one has questions at the end of each chapter. These questions are designed to help you master the skills learned in the chapter. You find the answers for each of the questions in the back of the book. This makes Mastering VBA an excellent option for the classroom. More importantly, it gives you another way to learn the material in the book. The longer I write books, the more I come to realize that one or two methods of learning simply won’t do the job. This book usually provides three or four ways to learn each task, which means that you have a higher probability of actually mastering the material (as defined by the title).

For all of you who have been asking for the next book after VBA for Dummies, Mastering VBA is the one that gets my recommendation. Until I actually have time to write a book that specifically addresses the concerns in the reader e-mails I’ve received, this book is your best option. No, it doesn’t address every e-mail request that I’ve received, especially with regard to form creation, but it does answer a considerable number of them. Of course, I’ll look forward to your continued interest in my book and I hope you keep those e-mails coming my way!