Adobe was recently breached and 150,000,000 user accounts were stolen. Adobe was following the one of the worst practices of password storage — reversible encryption (rather than hashing with a salt using a good, slow algorithm like bcrypt). A very, very old throwaway password of mine was among those leaked.
XKCD has referred to this breach as The Greatest Crossword Puzzle in the History of the World!
With the help of LastPass’ Has Adobe Leaked My Password, let me illustrate why:
The following hints have been used by other people that share your password. This information could be used to determine your password as well.
- Life, Universe, Everything
- hitchiker’s guide to the galaxy
- the answer
- the question of life
- meaning of life
- the usual
- life the universe and everything
- the ultimate
- What’s the answer?
- Life the Uni and Every
- life meaning and flower
- douglas adams
- lotr no #
- Adams question
- Hitchhiker’s Guide
- Life Meaning
- life universe everything
- the number
- The Usual
- How many roads must a man walk down?
- Life, the universe, and everything
- What is the meaning of life, the universe and all?
Would you care to guess what password the naive, young me used for Adobe?
I ran into this error when running ec2-upload-bundle:The specified bucket is not S3 v2 safe (see S3 documentation for details)This was due to uppercase letters or underscores. Later I also ran into an issue with periods in bucket names which showed up as this error message:ERROR: Error talking to S3: Server.AccessDenied(403): Access DeniedHere is an easy command to sanitize the bucket names:
sanitized_name=$( echo $name | tr [:upper:] [:lower:] | tr [:punct:] - )
It will lowercase all letters and convert all punctuation to dashes.
On October 22, I’ll be climbing the CN Tower stairs for United Way. Any contribution is appreciated.
I’m teaching a hands-on lab at Information on Demand 2013. I will edit the post to include lab materials closer to the date.
Session: IBD-3475A Crunch Big Data in the Cloud with IBM BigInsights and Hadoop
Time: Thu, 7/Nov, 10:00 AM – 01:00 PM
Location: Mandalay Bay South Convention Center – Shorelines B Lab [Room 15]
Please request a lab environment. We will use a Hadoop environment hosted in the cloud. Each attendee will be provided with a personal environment.
By default, Bash treats uninitialized variables the same way as Perl — they are blank strings. If you want them treated more like Python, you can issue the following command in your bash script:
You will then start seeing warning messages like the following:
./my_script.sh: line 419: FOO_BAR: unbound variable
Note that this mean you can’t check for the non-existence of environment variables with a simple [[ -z "$ENVIRONMENT_VARIABLE" ]]. Instead, you could do something like the following:
[[ $( set | grep "ENVIRONMENT_VARIABLE=" | wc -l ) -lt 1 ]]
PuTTY or one of its forks is a standard tool for administering Unix and Linux machines from Windows. It provides SSH connectivity for command line access, as well as keypair management for compatible programs like WinSCP.
Unfortunately, PuTTY has some terrible defaults. For example, it limits itself to 200 lines of scrollback by default, which guarantees that you’ll lose some history in most SSH sessions.
There’s a way to fix this and other defaults.
First, load the “Default Settings” saved session: Then, configure the defaults as you like. For example, I’m increasing my lines of scrollback from 200 to 20,000:
Then, save the new default settings:
PuTTY will now have a sensible defaults whenever you’re connecting to a random server.