Cryptosmith

Back in the 1970s when many of us were struggling to free ourselves from mainframes, the mantra in the computing world was “Nobody ever got fired for choosing IBM.” No doubt Bill Gates was inspired by this to build his own empire. Today, people unblushingly swap “IBM” for “Microsoft” in that mantra.

Since converting back to the Macintosh I’ve been learning a lot about Microsoft-centric software. Several programs that ran on both systems have essentially withered, especially since the conversion to OS X. I’m most directly affected by Microsoft-centric teams at Intuit and at Adobe. Continue Reading »

Posted under Household Tech | No Comments »

I spent several hours trying to convert to Quicken on the Mac. Then I tried using some standard functions. Let me assure you, it’s not worth anyone else’s time and bother. I’m pretty committed to using my Mac when I can, as opposed to regularly switching to the PC to get the ‘real’ work done. I read other horror stories about Quicken on the Mac on the Internet, but really thought it couldn’t be so bad. I was wrong.

For the record, the latest version of Quicken for the Mac is the ‘2007′ edition, with some downloaded – and manually applied – updates. There are reports of a new program from Intuit to be called “Quicken Financial Life for Mac.” But according to fine print on the web site, this is actually “Quicken Lite.” So it would seem that Mac users are screwed as far as Quicken goes for the foreseeable future. Continue Reading »

Posted under Household Tech | 1 Comment »

Bruce Schneier’s blog commented recently on Teaching Risk Analysis in School. He linked to a London Times article on teaching risk. Actually, the article was more about teaching probability and statistics as a way to understand risk, which isn’t exactly the same thing as what we call risk analysis these days. In practice, risk analysis is a  qualitative process in which we apply numerical estimates to risk factors. If you look at even the most applied statistics work, you find very little that’s truly qualitative, except perhaps in the choice of survey questions, if you’re doing a survey.

I’ve been trying to teach risk analysis to undergraduates. It is a very tricky topic. Some risk elements fit into a formal mathematical model, but others don’t. Instead of ejecting the misfitting elements from the model, typical risk analyses incorporate estimates that try to match the structure and behavior of the formal elements. While it’s important in some fields (like security) to understand and apply this technique, there’s no way to prove the correctness of this type of model. It is, ultimately, an opinion. Continue Reading »

Posted under Security & Tech Teaching | No Comments »

I’ve been trying to get these two to play nicely together for a while, and it looks as if Will Norris may have finally slain this here dragon. Will is the principal author of the Wordpress OpenID plugin.

In an ideal world, people never, ever disclose passwords on unprotected Internet connections. In general this means the server has to provide SSL support. However, you can sort of sidestep the problem by using OpenID. It’s not perfect, but it addresses that particular vulnerability. (Revised 1/28) Continue Reading »

Posted under Security | No Comments »