It's definitely Galaxies time...
Some weird problem causes my PHP/SQL setup to freak out and duplicate data. Someday I'll have the time to figure it out and fix it.
Back to our story:
My solution is fairly elegant, and pretty safe.
First, I create user/password pairs and encrypt the passwords with the blowfish algorithm and my special key. When a user connects (via the web anyway), I authenticate them by encrypting their password and then comparing it to the value I hard-coded into the program, on a match, they are given an ID. I hard code the encrypted passwords for 2 reasons: nobody can fake them without direct access to the source code (or a hex editor I guess); and to make it hard for someone with a hex editor to see somebody's plain-text password/username combination. The ID has a certain number of bytes that serve two functions: serve as the key to decode the ID; and determine the validity of the ID (so you can't just copy the source of an HTML page and use the ID that was in there to continue to access the system). These key bytes are combined with some random bytes, then replicated and used as a key to encrypt user-specific information, which are then compared against what the server generates. If they don't jive, I don't allow their commands to be executed.
Cool, eh?
Okay here's the scoop: the company I work for needs an updated version of our security management too. We have diverging products that both need support, and right now I know of 4 separate branches of the same files, and keeping them up to date is such a pain. MP and I coded our original tool, I did the back end (server-side) and MP did the windows client. Well, he hacked it together anyway. It's not entirely his fault (read: yes it is, but I'm being nice..) because we were originally going to have it integrated with some new CRM software - a project which went tango uniform pretty much just after it was started.
Anyway, we need a new tool. Since I'm the best man for the job (why is this always true??) I get to write it. This is good, really, because I can design it and code it the way it should be done. My main goals are:
Since we've used cgi-bin programs in the past for this sort of thing, I decided that it would be a good thing to continue (especially since some networks use proxy servers and connecting to strange port numbers can fail). But the main problem with HTTP (and HTTPS for that matter) is that it's a stateless protocol (which is why cookies were invented - well, HTTP cookies anyway). So I needed not only to authenticate users, but also needed to have a way to keep them authenticated (without cookies) throughout the work-day.
--continued in next blog--
I got home about 2 hours ago and worked in the garage (Mr. Pookies is howling right now, a nightly thing lately). I'm putting my corner shelf together, everything is fitting together nicely, but pine is soft wood, and usually somewhat bent. Excuses. Okay, one of my shelves is a little funny looking. Aw, it just looks home-made. It's straight, just slanted. Can it be both? This shelf is. I layed the face frames on top and bottom (they have decorative arches) and it'll look nice when it's fully assembled. It's about 80% assembled now.
Decorative arches, heh. Nobody ever says "It is a decorative square cut". It's always a decorative arch or something like that.
Anyway, busted out some slick code today, too bad I was so busy I didn't have enough time to finish out the whole project at work. I'll explain this in another blog. It's complicated and technical. But I have a (somewhat) elegant solution. Sure, it's not perfect, but ah, well, neither am I...
Five is sprawled over the back of the futon, momentarily unmolested by Mr. Pookies. She straddles it and cocks her head to the side so she can see where Mr. Pookies is.
It's almost Galaxies time...
I have this theory about computer viruses. I think (at least some of them) are written by anti-virus companies.
There aren't a whole lot of industries where you could exercise this kind of control, and actually create business for yourself. All they have to do is write a bad virus and send it out. Put a fix for the virus in their software, and voila, sales.
Just finished cleaning up after W32Sobig.F@mm here in the office. I wish people would not run attachments to emails, even from people they know. Unless, of course, they are expecting them. Luckily, I got it stopped before it hit a 3rd computer. I asked MS about the virus doll and he said it got thrown away. GW bought this nasty gross trollish doll on Ebay for the express purpose of putting on desks when a person is responsible for bringing a virus in to the network. The girls in shipping and TB especially hated it, MS told me that she was so vehemently against displaying it on her desk that she threw it away so it would never happen. hehe
Resumes are little stained-glass windows into peoples' lives. We've been advertising for an open position at work lately, and I filter resumes out to whomever should receive them (depends on department).
Why stained-glass windows and not normal windows, doors, or other miscellaneous wall openings? Because they distort the image behind them. Everybody knows that resumes are for making you look good, even when you're not. You don't see resumes with "I don't work well with other people" or "I like to take lots of sick time off when I'm not really sick" on them. I've seen resumes of all sorts, mostly serious, some are just plain jokes.