A Thought on Email Security and Password Reuse
Today it was revealed that dating site Plenty of Fish’s databases have been severely compromised. All their data user data has been stolen, probably many times from the sounds of it. It also seems that Plenty of Fish was – let’s be generous – naive enough to keep their user’s passwords stored in the database in plaintext. That is, unencrypted, readable by anyone with access.
This is a big deal on a number of levels, not the least of which is because people have a tendency to reuse their passwords for multiple sites. It’s no small leap to imagine that most users on PoF who signed up with their Gmail account also used the same password for PoF that they used for Gmail. To put it another way, anyone who did that has now also had their Gmail account compromised, and for many people their email account is the gateway to all their accounts.
It got me thinking: what small steps could be taken on the user’s behalf to help cut down on the number of people reusing their passwords? How about something like this?
Obviously it won’t stop anyone if they’re adamant enough, but it just might get them thinking.
for() Loops and IE 8
Everything was going smoothly until we got to testing in IE 8, at which point we started seeing errors inside loops.
Turns out IE 8 doesn’t like for() loops written like so:
for( var idx in items ) {
Instead, use the ol’ fashioned way:
for ( var i = 0; i < items.length; i++ ) {
Maybe in IE 9?
Z-index and Positioning
Having trouble getting your z-index-specified DOM elements to behave properly? One of them not layering like it ought to? Evidently z-index settings are only applied to elements that also have an explicitly-defined position attribute, like the following:
position:absolute, position:relative, or position:fixed
A Better Search in Safari
Duck Duck Go, a relatively new player in the search engine market currently dominated by Google, recently put up Don’t Track.us, a site that describes how Google methodically tracks and allegedly sells information about it’s users whereas DDG does not. It’s very interesting to read and got me thinking about how I use Google, and that is: really quite frequently. I’d hazard to guess that my Google search usage might average out to a couple times every hour every single day for the past ten years or so.
In the past I’d used Duck Duck Go a few times but the fact that it couldn’t be set as the default search within Safari was a real impediment. It appears that Apple has hard-coded the Big Three allowed search engines into the Safari binary, those being Google, Bing, and Yahoo (Yahoo? Does anyone really use Yahoo?).
So I figured today was a good day to try and change that and discovered that on DDG’s site there’s a link to a Safari extension that places a Duck Duck Go search bar right into the browser. Great! Except that the result is aesthetically terrible. It looks like something one would have found in IE 6. Really, just don’t bother installing it.
Saddened by this I emailed DDG this morning to bitch about it and almost immediately received back a reply from Gabriel Weinberg, DDG’s founder. Graciously he suggested I try an alternate solution provided at the bottom of that page, the one coyly hinted at via:
Safari – To add to search box (as opposed to above extension), first install Glims. Then add DDG as a custom search engine like this and then this.
Frankly, that should be linked at the top of the Tools page and the Safari extension removed. That solution is awesome. It puts DDG into the search bar as the default, Glims adds some fantastic extra functionality to Safari that I’m thoroughly enjoying, and I find DDG’s search results are just more pleasing to me than Google’s overall. Basically, switching to DDG from Google has been a pretty nice win.
If you’re on a Mac and you’re using Safari, I urge you to give it a try.