Tag Archive: security


I don’t get nearly that much done on the weekend with The Project. Sadly my back went out today so I found myself enjoying the comfort of my home office chair.

I managed to finish up the last of my API calls that allow me to start crawling back up the stack. As a reminder, I started on the end client with hard coded data. Then I went down and created an SQL based relational database to hold the data. Then I realised I needed an app to enter data. Then I realised I needed an API for the Apps to use.

So, thus began my love-hate relationship with Java and Tomcat. Both of which I knew next to nothing about.

Fast forward about 3 weeks.

The first version of the APIs are done. However, in checking the logs for the Tomcat server, I discovered some sites had been snooping around. I had hits from Wichita  Kansas, Brooklyn NY, and several hits from places in China. Needless to say, this made me just a little cranky.

So today, I got up close and personal with two technologies. Tomcat Addr Valves (which is like a Tomcat Firewall) and VPN. After a bunch of minor testing, I can say with (unlearned and naive) assurance; the net-facing service is now accessible by VPN only.

I wish I had more of a choice here; but I don’t. Until I’m ready to open the floodgates, I need to have access for people helping me who aren’t on my internal network while still having the resource accessible remotely. This seems to be the best approach.

Where does this put me? On Monday the first thing I do is gut the old client’s APIs in favor of the new ones. Then I start fixing up the data entry program. Then I start entering about two month of newer data.

Then we can start pushing on that client full speed again. Whee!

Edit: Corrected the link.

Here’s an interesting take on security. Inkblot passwords.

The mechanism works this way:
You are shown 5-10 inkblots. You have to figure out what they look like. (Elephant, Sex turnip, insane marshmallow, etc.)

with each inkblot you assign two letters. The first and last of your description:
Elephant = Et
Sex Turnip = Sp
insane marshmallow = iw

The idea being:
1) no two people will see the same thing in 5+ inkblots
2) you can now devise complex gibberish passwords with an easy reminder that only you will get.

Nifty thing.. it’s open ID. Which means you can log into sites like LJ with your credentials from the site. (It’d be an additional acct on LJ… but you could use it to track accts and see filtered posts.

Give it a shot over at the test site: http://www.inkblotpassword.com

It’ll ask for a user name (make one up)… and you ‘can’ add an email.. but it’s not required.

See if you can remember the password after a few days.