Myles Braithwaite

How To Safely Store A Password

After Gawker passwords were compromised it might be a good idea to look at how you are storing your passwords. Considering:

A modern server can calculate the MD5 hash of about 330MB every second. If your users have passwords which are lowercase, alphanumeric, and 6 characters long, you can try every single possible password of that size in around 40 seconds.

You will have to use a third party library to use bcrypt in Python called Bcryptor. It has a simple enough API:

```python >>> import bcryptor >>> >>> hasher = bcryptor.Bcrypt() >>> hash = haser.create('password') >>> >>> haser.valid('password', hash) True >>> haser.valid('Password', hash) False ```

Yeti Highway

In close proximity to this road is Bhutan’s Sakteng Wildlife Sanctuary — a 650 sq km reserve created specifically to protect the habitat of the Yeti or Abominable Snowman, known in Bhutan as the Migoi, or strong man.


How to Run Redis Natively on Xen

In this post we will investigate how Redis, a popular key-value storage, can be run natively on Xen, i.e., without the support of a conventional operating system such as Linux, and what implication this has on the performance.



Denial of service attacks against PayPal, Amazon, Visa, Mastercard, and other corporations and entities have been underway for the last few days, as widely reported in the mainstream media. Each of these targets had previously taken some sort of action against the whistleblower website wikileaks.org and its affiliates. The media reports almost invariably refer to "hackers" as being behind these actions. While there is great sympathy in the hacker world for what Wikileaks is doing, this type of activity is no better than the strong-arm tactics we are fighting against.