Let’s hurry, Sam. We only have 14 minutes and 55 seconds of fame left!
More circumlocutory mayham as Episode 2 of the new Sam and Max series lands and fortunately it seems my fears about its online delivery were misplaced. Situation: Comedy lampoons the full range of dire daytime television staples as the feisty duo work their way through a studio earning their 15 minutes of fame. Although the game lasts a little longer than that, it’s not much longer — again a couple of hours. This is largely due to the ease with which you’ll likely solve the game’s puzzles, although they remain as creative as ever albeit with less lateral thinking than their last outing. The storytelling and presentation is top notch and as one of six episodes included under the single price tag of just over £20, it’s hard to complain about another amusingly diverting adventure. Bring on episode three!
I came across an interesting NSA document on network security. It includes various notes on strong password selection that should be obvious, but has a few interesting ideas too. Arguably too invasive for the home user with its strict rules, it’s still interesting to see how the alleged professionals handle things.
7 January 2007 at 12:39 am
I wondered how long it would be before you posted about the new Sam and Max, but finishing it first – you clearly don’t have enough essays to write!
8 January 2007 at 4:21 pm
More interesting (and relevant) are considerations that actually bother to deal with the real issues in security, such as motiviation and attention cost. The NSA’s treat model is chronically inappropiate for most people, therefore deploying such requirements have been shown to damage security in most systems.
If you’re interested in passwords, as far as I’m concerned the last interesting thing that was published that I’ve seen is:
The Memorability and Security of Passwords — Some Empirical Results:
http://www.cl.cam.ac.uk/TechReports/UCAM-CL-TR-500.pdf
And this time it was actually done by someone who understands psychology, a plesant change for the HCI-SEC community which seems to talk about nothing else but password and authentication usability. Not bad considering that many of the security problems they proport to be dealing with are on machines that have their passwords disabled to start with.
Sorry, password obsession is a slight bug-bear at the moment….
9 January 2007 at 12:36 pm
Very interesting article, thanks for that.