Manage Passwords for Multiple Accounts with Checksums

It is often hard to manage different passwords across many accounts: complicated passwords are hard to memorize but simple passwords are not safe. A cloud password manager such as LastPass is not a safe option either: cloud password managers often suffer from various security issues. Besides that, it is not cool to expose your passwords to a cloud password manager company. With checksums, the management can be easily done by ourselves, while still maintaining "good" passwords.

Checksums are small-size strings which can be computed from other strings by specific checksum algorithms. Using the most popular checksum algorithms, such as MD5, SHA-1, etc. the checksums usually look very different from the original string, and changing even a single bit of the original string usually leads to very different checksums. For example, the MD5 checksums of the two similar words "bird" and "birds" are completely different (you can use this website to compute the checksum of a string, or use the md5sum or sha1sum command line utility if you are on GNU/Linux or Max OS X):

string MD5 checksum
bird 87d28160e9215b17645c734ba7170ba1
birds ea5f5a5293a7d404e091c04939ba2ad8

Here the basic strategy to manage passwords is to have the password for each account to follow the "prefix+checksum" scheme. The prefix is the same across all accounts and is similar to the usual passwords, e.g., it can be one of your current passwords -- this is what you need to memorize. The checksum part is unique for each account: it can be part of the MD5/SHA-1/SHA-2 checksum of something related to the host, such as the domain of the website, or the name of the company which hosts the account, etc. In this way, only one global prefix is needed to memorize which brings easy management, and the checksum part of each account is unique which brings security. For example, as shown in the figure below, for your account at quitter.se, you can use the MD5 checksum of the string "quitter.se", which is 00b34f415b15dbea2e9d0611d2cc90f8. Then, with a prefix such as my-password, follow the "prefix+checksum" scheme, the password for quitter.se would be my-password00b34f415b15dbea2e9d0611d2cc90f8. If only part of the checksum is used, e.g., the first 10 characters of the checksum, then the password is my-password00b34f415b.

The "prefix+checksum" scheme.

The "prefix+checksum" scheme.

Configure Proxy Using PAC Files on Firefox for Android

Firefox for Android does not provide a UI option for users to to configure Firefox to use PAC file for proxy settings, but we can use the about:config page to achieve this goal.

Type about:config into your Firefox address bar, and you'll see a list of options below. In the search box, type proxy to list all options related to proxy. There are two notable options listed here: network.proxy.type and network.proxy.autoconfig_url. Change network.proxy.type to 2 and network.proxy.autoconfig_url to the URL of the PAC file (Tap on the edit box below the configuration option twice to start edit the option). Close the about:config page and now Firefox should use the PAC file for proxy.

/images/configure-proxy-using-pac-files-on-firefox-for-android/1.thumbnail.png /images/configure-proxy-using-pac-files-on-firefox-for-android/2.thumbnail.png

To configure the proxy of Firefox on Android using a given proxy server and port, please see this article.

Control the LED on a USB WiFi Adapter on Linux

First, find the corresponding directory of this LED device in /sys/class/leds, such as /sys/class/leds/device_name, and switch your working directory to this directory. The device_name may be similar to the device driver of your wifi adapter. You should have a file named trigger and a file named brightness in this directory. cat trigger shows you available triggers to trigger the LED light, with the current trigger surrounded by brackets. Different triggers will turn on and off the LED in different cases. Use echo new-trigger > trigger to change trigger. cat brightness shows the current brightness of the LED. Use echo N > brightness to change brightness, where N is an integer.

For example, I have a USB wifi adapter with an Atheros AR9271 chip, which is powered by the driver ath9k_htc on Linux. When I plug in the device, I have a new directory /sys/class/leds/ath9k_htc-phy0 created on my system. cat trigger outputs

none cpu0 cpu1 cpu2 cpu3 usb-gadget usb-host rfkill0 phy0rx phy0tx phy0assoc phy0radio [phy0tpt]

Read more…

How to Insert 1 Bit Into An Integer

Inserting a bit into an integer, means to insert a bit into a specific position of an integer, with the highest bit removed. For example, for a one byte integer 11001010, if I insert a 1 at digit position 4, which is marked here 1100|1010 as |, the most significant bit, which is the left most 1, would be eliminated and the rest of the 3 bits on the left side of | would be shifted to the left for 1 bit.

This is not hard to implement, but surprisingly I cannot find any existing code snippet for such a simple job.

Here is the code snippet I wrote for C++ (which should also work for C with slight modification), and it can be easily translated into most other languages. Here, T is any integer type.

#include <stddef.h> // for size_t
template <typename T> // if used in C, remove this line and replace T with an integer type
T insert_bit(T n,   // The integer we are going to insert into
             size_t position, // position is the position of the new bit to be inserted
             bool new_bit) // whether the newly inserted bit is true or false
{
    T x = n;
    T y = x;
    x <<= 1;
    if (new_bit)
        x |= (((T) 1) << position);
    else
        x &= ~(((T) 1) << position);
    x &= ((~((T) 0)) << position);
    y &= ~((~((T) 0)) << position);
    x |= y;
    return x;
}

Don't hesitate to comment if you think there is a better (more elegant or faster) way.

Install PHP Extensions on Shared Hosts

In this post, I will show you a workaround to install additional PHP extensions which are not available on your Linux/BSD shared host. Before you proceed, you should ask whether your shared hosting company has an official way to install or whether they can include the extension you need on their system, as this method is really only a workaround: it probably works, but there is no guarantee of stability, especially your shared hosting company upgrades PHP version.

I'll assume you have the basic knowledge of how to use a UNIX shell.

Read more…