Tuesday, November 18, 2008

How Sarah Palin made my Yahoo id secure

Governor Sarah Palin's yahoo email id was hacked on Sep 17 2008. You can find more about the hacking here. This incident exposed the weakest form of password protection Yahoo practiced for years. The hacker used the reset the password option of Yahoo mail to reset Sarah Palin's email account to reset the password to a new password and then logged in using the new password.

Until this incident happened resetting password in yahoo was very simple. The three steps to hacking are as follows. Click on forgot password link on the mail.yahoo.com page after entering the username. Yahoo will ask you answer to a secret question. If you can guess the correct answer of this question then Yahoo will let you reset the password to a new password of your choice. How convenient!! As long as you know someone's pet's name or birth city or mom's maiden name this three steps will enable you to get into their yahoo mail account.

Unlike Yahoo, Gmail and other online accounts do not let anonymous users / hackers to reset your password. When password reset option is used in Gmail, Gmail sends a reset link to the users's secondary email account and Gmail requires the user to go to secondary email address to reset the password. This adds additional security to the system.

Within few days of Sarah Palin's password hacking incident I tried to reset my password in yahoo and found that it was a walk in the park for anyone who knew my first pets name, which includes almost every one of my friends!!! People at Yahoo must have been embarrassed by this incident that they finally decided to change the password reset option of Yahoo mail accounts. As the result of the change any reset attempt on my yahoo mail will result in sending a reset password link to my secondary email and thanks to Sarah Palin my email is more secure.

Although the governor couldn't convince enough people to vote for her she has certainly helped us in making our Yahoo email ids more secure.

Tuesday, November 11, 2008

The shrinking web

The launch of Apple iphone shook the smart phone market and has resulted in a fierce competition for dominance of smart phone market. On Monday Nov 10 2008 wireless research group NPD released a report revealing that Apple Incorporated’s iPhone 3G had become the top-selling handset throughout the United States amongst adult customers, thus having outrun the Motorola RAZR phone.

No matter who ends up being on top of this smart phone war, one thing is clear, consumers are getting a wide range of options accessing internet from their mobile devices and as a result almost all popular websites have developed mobile phone friendly web pages. The graph below published by Nelson shows the rapid growth in mobile access in US. If this trend of 30% growth in mobile users continues for 5 years, more than 150 million users would be accessing internet from web pages.

Currently all the top 10 websites in Alexa.com's most visited sites have a mobile version of their websites. As of Nov 2008 the top 10 sites are Google, Yahoo, Myspace, Youtube, Facebook, Live.com, msn, wikipedia, ebay and AOL. If this trend continues almost every website will have a smaller sized, mobile friendly webpage. Many of this websites will continue to have both wide screen and mobile webpages running in parallel so its not a complete shinking of all the pages of the web but if you consider the average size of all the webpages you will notice the shrinking.

If the last 5 or 10 years saw non-IT companies being aggressive in getting their web pages ready for the regular internet users and the next 5 years should see more and more non-IT companies developing mobile friendly pages not only because it is necessary for revenue generation but also for making their businesses visible to a wider population. It is also a good time for developer to finally have a compelling reason to use MVC ( model View Controller) and other architecture patterns which have the separation of visualization, business logic and data at its core.