Press "Enter" to skip to content

Category: Life: Work and Techy

Techy: Token Authentication instead of passwords

I’ve been spending quite a bit of time recently creating a login system (coping with OpenID, Facebook Connect and Microsoft LiveID/Passport) and, of course, the “common and/or garden” email address and password system.

Whilst we do deal with credit card and payment details on the system, it doesn’t need to be “that secure” relating to user authentication (hence we haven’t need to consider proper two-factor logins: where you login with one password and then need to login again using something else). However, recently security snafus (such as the WebHostingTalk database exploit) is making me think that perhaps we should consider offering an alternative to the standard password system.

There are a hardware one-time password tokens out there such as MyPW (which is very similar in looks to the token used by HSBC Bank) and YubiKey (as used by Tom at Nominet) along with Verisign’s VIP Authentication system for iPhones: however, all these OTP (One Time Passwords) systems are designed to be used in conjunction with an existing username and password (i.e. two-factor logins): but has anyone actually implemented a login system which uses the OTP as the SOLE password?

Any pluses/minuses or thoughts about it? Even if you haven’t implemented it, but just think it’s a good or bad idea – please let me know!

Snippet: Adding ISOs to XenCenter

Here’s just a reminder incase I forget/lose how to add ISO (DVD/CD images) to Citrix’s/XenSource’s XenCenter/Xen virtualisation software. Do NOT copy (from XenSource 5.0+ above) the ISOs to /opt/xensource/packages/iso as this directory is now reserved for “built-in ISO” images – you’ll need to follow these steps instead:

From Xensource.com:

To use local ISO storage from the control domain
1. Log onto the host console.
2. Create a directory to copy the local ISOs into:
mkdir -p /var/opt/xen/iso_import
3. Create an ISO storage repository by:
xe sr-create name-label=isos type=iso device-config:location=/var/opt/xen/iso_import/ device-config:legacy_mode=true content-type=iso
4. Copy the ISO images into this directory, taking care not to fill up the control domain filesystem.
5. Verify that the ISO image is available for use by xe vdi-list, or checking the CD drop-down box in XenCenter.

Call costs to 056 VoIP numbers

I’m just relooking at the various Voice Over IP (VoIP) services on offer and I’ve found quite a number offering 056 numbers. Telephone numbers starting 056 are officially classed by Ofcom as “Location Independent Electronic Communications Service” (in the Ofcom National Telephone Numbering Plan) and have been allocated by Ofcom since September 2004 (so they aren’t exactly new!) and are mainly used for VoIP. However, trying to find out how much it costs to actually call these numbers is quite difficult – here’s a list of the call charges I’ve found for UK 056 VoIP numbers: and they vary quite a bit (and sometimes, it’s very difficult to find out how much they actually cost to call from the different telephone networks):

Where the tariff/plan may alter the call costs, I’ve included details:

BT: Call band “g21” (the same band as 03 numbers). 4.784p per minute daytime/1.955p per minute evening/1.150p per minute weekend
o2 iPhone 35 Pay Month: 20p per minute at all times (found via telephone customer services: they had to call back!)
Orange: Pricing unavailable (live chat)
Virgin Media Land Lines: Call band PG21. 7.82p connection fee and 4.79p per minute daytime/1.96p evening Price guide
T-Mobile (Combi plan): 40p per minute t all times (according to telephone customer services)
Tesco Land Line: 6p setup charge, 5p per minute daytime, 2p per minute evening, 1p per minute weekend
Gradwell: 1.36p per minute peak, 0.85p per minute offpeak and weekends
Vonage: 1p per minute at all times

Congratulations to Virgin, Tesco, Gradwell and Vonage for having the most easiest to find price guide (bonus points to Gradwell for having a simple “Telephone number lookup” section), BT next (slightly more difficult) and thumbs down to Orange being unable to find any pricing!

iPhone: Jail broke, now what?

By following the very simple guide on Gizmodo on jail breaking by Apple iPhone using QuickPwn on Windows (combined with the list of IPSW firmware for the iPhone 3G from Hackint0sh), I now have a fully jail broken Apple iPhone with Cydia and Installer.

The jail breaking was extremely simple and afterwards, all my data and media remained in tack, however I’m now thinking “Why did I bother?”. Ok, I’ve managed to find a “turn-by-turn” navigational GPS system with speech (xGPS on Cydia) and it’s tempting to use it as a modem (however, now I’ve finished moving house, there is now very little need for me to have this functionality:hence I haven’t even bothered doing that yet).

So, have you Jail Broken your apple iPhone and if so why, how and which apps have you found worth while? At the moment, when Apple release the next iPhone firmware update via iTunes, I’m not going to bother re-jailbreaking…