This is Dpmeyer's Typepad Profile.
Join Typepad and start following Dpmeyer's activity
Join Now!
Already a member? Sign In
Dpmeyer
Recent Activity
Henrik was the first person to get this right. Ripping lossless isn't really about audio quality, but rather generational quality. If I convert my CD collection to 192kbps MP3 format, I'll be very happy to listen to it... for as long as MP3 remains a viable format. Given that (a)it's patent-encumbered, and (b)technology very rarely regresses, I can imaging wanting all my music in a different format at some point in the future. Transcoding a 192kbps MP3 to something else causes *another* round of loss -- one you can definitely notice. Transcoding the new file to a third formation would be yet another round of loss; and the quality degrades rapidly with each generation. As you yourself point out (https://www.google.com/search?q=site:codinghorror.com+hard+drives+cheap), hardware is cheap; including storage. Why would you not make yourself a lossless copy of your collection somewhere, and then carry around your lossy files for listening to?
Toggle Commented Jun 22, 2012 on The Great MP3 Bitrate Experiment at Coding Horror
All this is some pretty good advice, but a couple of points to tweak (since I'm an application security professional): Terminology nit: hash functions produce digests. It doesn't matter most of the time, but when talking about both algorithms and what they produce, it's helpful to use the formal term -- hash for algorithm/function and digest for its output. If you use a good enough hash algorithm (SHA2, Bcrypt, etc.) and a long enough random salt per-user, you are still in good shape against rainbow-table attacks. Adding salt effectively increases the password length for the purposes of hash-table attacks; so an 8-char password with a 10-char salt is effectively 18 chars. Note that this does not substitute for long passwords for any other type of guessing attack. The best thing you can do in your password policy is require long passwords. Complexity requirements only matter if the system is limited to short passwords for some reason. Increasing length increases the complexity of a brute-force attack exponentially, while complexity rules increase it linearly. The short version: as a developer, the best things you can do are allow/encourage long passwords, choose a good hash algorithm, and use long and random salts per-user. (And you're right, you don't need to hide the salts -- that adds a lot of complexity for essentially no security value).
Toggle Commented Apr 6, 2012 on Speed Hashing at Coding Horror
You thought one kid was terrifying? LOL! I'm a father of identical twin girls who are 15 months old. You have *no idea* what you're signing up for. It's amazingly awesome, mind you -- but stunningly hard. The best gift you can get for your wife is a membership to your local Mothers of Multiples group. There are *so many* unique things about raising twins, it really helps to have the support network.
Toggle Commented Nov 1, 2011 on On Parenthood at Coding Horror
Dpmeyer is now following The Typepad Team
Nov 1, 2011