Archive for July, 2008

Jul 31

Open source and donation

in Analysis and production, Internet and Software. Comments Printable version Printable version

If you go to the wikipedia site, you see the donation report. The funding handling is well organized, because wikipedia is a big project. As a matter of fact most big projects are handled by a foundation or supported by large company as written here.

Now what happen, when a little project get a big donation ? That’s the intersseting story related in the post : What Do Small Open Source Projects Do With Money Not MuchDOT.

This is a good question that haven’t cross my mind before,  and it makes me wonder, what would I do if one of my two open source projects get such donation ? Honestly I don’t know. The obvious thing is to spend the money for development purpose however this is clearly not easy because finding someone that is able to dig into the code and improve it is very hard. I guess that the best use would be to hire someone to improve the user experience. Something like a better documentation or an improved GUI and packaging.  It make me wonder if  creating a startup specialized in helping project using donation might be a good idea.

Jul 28

Password Generator

in Confidentiality, Security and Software. Comments Printable version Printable version

Generating a password is alway a tradeoff between complexity for security and easy to remember for user convenience.  One of the best trade off, is probably the idea of “pronounceable” passwords.  A “pronounceable” password is a password that is not a combination of know word but is still prounouceable. Being not a combination of know word make it non vulnerable to dictionary attack and being pronounceable make it rather easy to understand.

The idea was first described in the paper:

Gasser, M., A Random Word Generator for Pronouncable Passwords, MTR-3006, The MITRE Corporation, Bedford, MA 01730, ESD-TR-75-97, HQ Electronic Systems Division, Hanscom AFB, MA 01731. NTIS AD A 017676.

Since then many password generator have been using this idea. I came across a very good implementation available in many flavor (C, java) for english here:Password Generator. So next time you have to generate a password, take a look at it, it really a valuable tool.