Verity's secret shame revealed

Password techniques and retrospective Daleks

  • alert
  • submit to reddit

Eight steps to building an HP BladeSystem

Stob I defrosted my ideas box, and found several morsels which wouldn't make a whole meal in themselves, but nonetheless needed eating.

Palmed off

Here you are: a free chance get to laugh at-not-with me.

I am a Palm Pre owner, pretty much the last one in the box. I hold this status in a work environment of iPeople. I feel my position deeply.

I was an enthusiast. In the bright early days of Pre ownership, I joined the developer programme, and actually wasted some time creating a noddy app or two, in anticipation of the fortune this skill would bring me once it all took off. I was excited when HP bought the company. I thought they would likely take a belt-and-braces approach to progressing WebOS.

So they did: carefully tying the braces around their middle, and knotting the belt around their metaphorical neck. When they dramatically and abruptly scrapped all their WebOS hardware, 1) I was not best pleased and 2) I received a circular email from one Richard Kerris, VP WebOS Developer Relations.

Dear webOS developer:

We have opened the next chapter for webOS, and we understand that you must have many questions. Yesterday we announced that we will focus on the future of webOS as a software platform but we will no longer be producing webOS devices. While this was a difficult decision, it's one that will strengthen our ability to focus on further innovating with webOS as we forge our path forward. [...]  We will continue to support, innovate and develop the webOS App Catalog. Our intent is to enhance our merchandising and presentation of your great products and to continue to build our webOS app ecosystem.

But without any hardware to run it on. Right.

The tone of this ridiculous email seemed familiar, but it took me a while to place it. At the end of the splendid video game Portal, after the player's character has defeated and apparently destroyed the deliciously malicious computer GlaDOS, she – GlaDOS – is restored from backup and returns in the credits sequence to sing:

This was a triumph.
I'm making a note here: HUGE SUCCESS.
It's hard to overstate my satisfaction.

Same logic, no?

Once this mapping was achieved, everything else fell into place. HP is of course channelling Aperture Science, the game's lunatic corporation ('we do what we must because we can') whose inventions – Aperture's, not HP's – include Douglas Adamsesque robot machine guns that apologise as they shoot you to bits. HP's boss Leo Apotheker is modelled on Aperture's Cave Johnson, whose robust approach to life's lemony gifts is justly famous.

Mr Apotheker certainly found the HP Touchpad had a citrus flavour. I have so far seen no evidence that he has implemented Cave's threat regarding their inflammatory engineering; on the other hand, you can't be too careful. Those "lucky few", who managed to catch one of the rare, cheap models might consider investing in a fire safe to keep it in.

Perhaps HP also makes fire safes. Which talk. And run WebOS. Perhaps you will soon be able to nab a cheap one in an HP fire safe fire sale.

OK, OK, I'll stop bitching. Just a word of calm and rational advice to Mr Apotheker, you Palm-killing monster. Don't surround yourself with sycophants: sooner or later you will inevitably slip up in their syc. This is Cave Johnson; we're done here.

Tone up, tone up your passwords

His worship xkcd recently filed a piece on password strength, which has been much commented on and admired. Our Toony Laureate's contention is that it would work much better if, instead of using 12-letter passwords rich in both cases, punctuation and numeric digits, we all selected four random common words and just used them.

That's all very well, but even allowing that I can accurately recall a short phrase – say "Remember the fifth of November" – the chances of me typing something that long and getting it right are not good. (Please do sit down again. This is not a real password. All passwords in this item are fakes, impersonated – badly – by actors.)

When I type


what do you think is going to come out?

Rembeer th efifth of nOvember

That's what, and there isn't a computer in the world that will accept the substitution.

The trouble is, xkcd's 40-character phrases do not fit in the 14 byte cache of finger memory which is where I must store passwords if I am to type them accurately.

And if I can't type them accurately then I am in big difficulties, because I will be deposited in Password Reminder Personalised Question Hell ("What was the name of your second-favourite Auntie's third cat?" "What was the motto of your stepmother's primary school?") without passing Go and collecting £200 to pay the gas bill.

Slasher's delight

Ever since – what, MS-DOS 2? – Microsoft OSes have used backslashes in their file paths. When writing in a C-ish programming language, this is a pain, as the backslash is the escape character and has to be doubled up in any string constants:

"C:\\App Path\\"

If you are rash enough to use UNC path names, which begin with a double backslash, you need to put four of them in a row:

"\\\\machinename\\share\\App Path\\"

Now regex's have finally arrived in C++, and we have the exciting prospect of using them to process and verify paths, just as Perl users have done for the past 150 years. Naturally enough, a regex needs an escape character. No marks for guessing which character was chosen, causing a further redoubling.

boost::regex unc_name(
    string("(\\\\\\\\(\\w+)\\\\(\\w+(\\W\\w+)*\\\\)?)") + ...

This is getting silly. And I haven't even considered the extended-length path prefix \\?\, which itself looks like a broken-off piece of regex even before you start escaping it.

So here is my proposal. To fix things, or at least make them slightly less frightful, Windows 8 paths should use forward slash throughout, and so fall in line with Unix and internet URLs. (Yes, I know they can already sometimes; but this should be the full production.) In all the excitement about Metro this and touchscreen that, I have seen no coverage of this important issue, but I notice the developers' conference was called //build/ (sic), so I live in hope.

Meanwhile, here is this week's code homework. Write a constant for a C++ regex that matches text containing a PHP regex assignment that matches text containing a JavaScript regex assignment that describes a Windows UNC path with extended length on a machine called 'minimum'. Only, to make it interesting, use the Tom Lehrer spelling of 'minimum'.

First person to break the \ key wins.

HP ProLiant Gen8: Integrated lifecycle automation

Next page: Doctor Renew

More from The Register

next story
Whoah! How many Google Play apps want to read your texts?
Google's app permissions far too lax – security firm survey
Chrome browser has been DRAINING PC batteries for YEARS
Google is only now fixing ancient, energy-sapping bug
Do YOU work at Microsoft? Um. Are you SURE about that?
Nokia and marketing types first to get the bullet, says report
Microsoft takes on Chromebook with low-cost Windows laptops
Redmond's chief salesman: We're taking 'hard' decisions
EU dons gloves, pokes Google's deals with Android mobe makers
El Reg cops a squint at investigatory letters
Big Blue Apple: IBM to sell iPads, iPhones to enterprises
iOS/2 gear loaded with apps for big biz ... uh oh BlackBerry
OpenWRT gets native IPv6 slurping in major refresh
Also faster init and a new packages system
Google shows off new Chrome OS look
Athena springs full-grown from Chromium project's head
prev story


Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Mobile application security vulnerability report
The alarming realities regarding the sheer number of applications vulnerable to attack, and the most common and easily addressable vulnerability errors.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.