Archive for the 'Hacking' Category

Keychain Password Search

Wednesday, June 6th, 2012

By now you have probably heard about the extremely embarrassing LinkedIn password breach. If you have a LinkedIn account (or possibly, if you have ever had one), there is a good chance that your password, in a weakly encrypted format, is in the hands of a hacker in Russia. He published as proof a massive, […]

Secure Password Storage

Tuesday, March 20th, 2012

Tony Arcieri urges developers storing user-sensitive data, such as a passwords, not to use bcrypt (via Michael Tsai) for deriving the encryption key: The first cipher I’d suggest you consider besides bcrypt is PBKDF2. It’s ubiquitous and time-tested with an academic pedigree from RSA Labs, you know, the guys who invented much of the cryptographic […]

QuickLogin Plugin For WordPress

Sunday, August 7th, 2011

This blog runs on WordPress, which has been a great solution for my needs. But as the developer of MarsEdit, you might guess I get the opportunity to see a whole heckuva lot of other systems, and sometimes find myself envious of their advantages, big and small. One such advantage I noticed is that Squarespace […]

The Power Of Plist

Wednesday, August 3rd, 2011

Most Mac and iOS developers know that when you build an application, you advertise a number of details about the application in the “Info.plist” file, located inside the application bundle. You can examine any application on your Mac and see what kind of information the developer has conveyed about it: Navigate to a .app file […]