Team Fortress 2 and Portal Trailers Released!

Gaming, Tech No Comments

This one is for the gamers out there.
Our long awaited Team Fortress 2 is finally nearing release!

It will be released with Half-Life 2: Episonde 2 along with a new Valve game: Portal.

This will certainly be a good deal for fans of Valve Software.

Valve has decided to use a cartoonish, cell shading technology for the graphics of Team Fortress 2, which I personally think looks awesome!

Portal, as the name suggests showcases Portal Technology similar to that used in 3dRealm’s Prey.

I loved Team Fortress Classic and can’t wait for Team Fortress 2.

Team Fortress 2:

Portal:


View the trailer of Team Fortress 2

View the trailer of Portal

Virtual PC 2004 is Now Free!

Microsoft, Tech No Comments

Microsoft Virtual PC

Microsoft has officially released Virtual PC 2004 SP1 to the public, FOR FREE!

This is an excellent tool to test new Operating Systems or beta software that may bork your box.
Anything that occurs in the Virtual PC will remain only in the Virtual PC and not cause harm to your main Operating System. Also, you can actually choose not to save the changes to the image, and return the system to the state it was in at the start of your session. It really is an excellent testing tool. I often use Virtual PC or VMWare for development using beta software.

I am really happy Microsoft has decided to offer this product for free.
Virtualization really is an excellent technology, and should take away the fears many users have about beta testing Windows Vista, Office2007, or other beta software and operating systems.

I might also recommend allowing guests to surf the web in a VirtualPC. If you have friends who frequently download and install spyware loaded applications on your machine, this will save you hours trying to undo their damage. Your box will thank you for it 🙂

Download Virtual PC 2004 SP1.

Software Bugs Getting You Down? Torture the Developer!

Humor, Microsoft, Tech No Comments

Software bugs causing you strife?

Wish you could find a way to express your frustration to the developer?

Microsoft has heard your call and has implemented a new feature they call WE-SYP:

If you do not see the video above, you may view video here.

Dave’s AV (Audio/Video) Screensaver v1.3.0 Released

Software, Tech No Comments

Dave’s AV Screensaver

Dave’s AV Screensaver 1.3.0 has been released!

Changes in v1.3.0:
-New Randomize option for playlist (Requested by a user)
-Cleaned up/Improved source code
-Other minor bug fixes and optimizations

Grab the Dave’s AV Screensaver v1.3.0 and Source Code here.

Just How Hard is it to Brute Force Attack Encrypted Keys?

Microsoft, Programming, Visual Studio No Comments

Hourglass
In today’s post Jeff Atwood from coding horror examines just how hard it is to brute force attack an encrypted key.

So how hard is it? Jeff quotes Jon Callas, the CTO of PGP corporation:

Imagine a computer that is the size of a grain of sand that can test
keys against some encrypted data. Also imagine that it can test a key
in the amount of time it takes light to cross it. Then consider a
cluster of these computers, so many that if you covered the earth with
them, they would cover the whole planet to the height of 1 meter. The
cluster of computers would crack a 128-bit key on average in 1,000
years.”

That is a staggering number. Imagine the difficulty of brute force attacking a 256-bit encrypted key!
He goes on to offer several other quotes, and analogies which really put the difficulty into perspective.

This leads me to another point I would like to make. Always encrypt passwords in a database. Except in extremely rare circumstances there is no reason to store user passwords in plain text. If the user forgets their password it is trivial to generate a new password for them, and store a 1-way hash of the new password in the database. When the user logs in, simply 1-way hash the password they entered (with the same algorithm) and compare the hash to the one stored in the database.

For security, user passwords should never be recoverable, even by administrators. This not only prevents a rouge employee from retrieving a list of all usernames and passwords in the system, but also protects against SQL injection attacks if you make a mistake securing you forms based authentication system.

Below is an example of a simple string in C#:

using System.Web.Security.FormsAuthentication;

private string HashPassword (string password2hash)
{
//hash password
string hashedpassword=
HashPasswordForStoringInConfigFile(
password2hash, “sha1”); return hashedpassword;
}

For a greater level of security, I recommend using a salted-hash, which
appends a number of random characters to a string prior to hashing.
This method will also prevent potential dictionary attacks. For those interested, David Hayden provides a simple method for adding a salt to hashes.

I highly recommend reading the blog posts by Jeff Atwood and David Hayden for more information of this subject.

An Important Reminder of Our Principles

Politics No Comments

U.S. Declaration of Independence

As we celebrate our nation’s Independence, it is important to remember the principles on which our nation was founded.United States Nation Archives has high-resolution images of the Declaration of Independence, the United States Constitution, and the Bill of Rights.

If you have not read these documents in a while, I highly recommend giving them a look.

In a world where Bi-Partisan politics consumes our government and media, it is important to remember the goals for our founding fathers as they separated from England to form our nation.

View the charters