Survivalism & Self Sufficiency Topics > Do It Yourself - Projects, Ideas and How To

Website/Computer Questions... I got answers

<< < (48/50) > >>

theBINKYhunter:

--- Quote from: archer on March 04, 2016, 11:48:41 AM ---study this also:
https://xkcd.com/936/

--- End quote ---

This is such a fantastic comic. I should read it more than I currently do.

Smurf Hunter:

--- Quote from: Docwatmo on March 04, 2016, 05:27:59 PM ---so a 7 character password is actually better than 10 character password. (Cracking algorithms break the longer password hash into 8 character chunks, so the algorithm only has the crack the 2nd chunk (only 2 characters) and then use the same algorithm on the first chunk of 8 characters).   

--- End quote ---

While that sounds theoretically accurate, I think it's not quite as bad as you make it sound.

e.g. my password is "chocolatey"

Suppose that MSFT hash first splits into two byte[8] strings


--- Code: ---part1 = "chocolat"
part2 = "ey"______"
--- End code ---
(I put 6 underscores to represent the absences of characters)

If I follow you, it generates a hash for each part.
Here's md5sum values just for a colorful example (I know it's a totally different algorithm)
 

--- Code: ---hash1 = d8729025d3be00402ed19188828f029c
hash2 = df89f053799f662e9c5d481e98aa4b4e

--- End code ---
How can you know if the source string contained 6 blank characters?


I really think that's the secret ingredient.  If you know the length of a given password in plain text, AND you have the hash, that information will be helpful in cracking the hash algorithm. 

To me, cracking an encryption algorithm is different than brute forcing Sally's personal password

Docwatmo:
You are absolutely correct.  My CEH class was 5 years ago so I'm getting a bit rusty.   ;D

GerrieRPh:
Website build questions. My business initially (first 1-4 years) will be local. After year 5, potential for national sales on a small scale. Think Etsy size.
1. Website domain: Check.  I'm leaning towards buying my domain (vs. free from hosting) because technology changes to fast. 
2. WordPress: I'm leaning towards using this for design. I'm a computer nerd in real life, so no fears. But I dont have alot of time. So, this seems to be the fastest, cost effective choice.
3. Hosting: Ok, this is where I need help. I want to post files, blog, be able to email, and later accept SSL transactions for products. I dont want spam ads to hit my website, nor those annoying ads when viewing sites on your phone.  I suspect my blog might be photo heavy. So which hosting company would work best for my wants?
4. Add ons: I'm not crazy about affiliate links, although I suspect I will want to use a few.  I would like my webpage to appear on the first pages of a google search. Which add ons should I be exploring
5. What questions haven't I asked? You dont know, what you dont know.

Thanks for all the help!

Smurf Hunter:

--- Quote from: GerrieRPh on June 02, 2016, 03:01:06 PM ---
and later accept SSL transactions for products

--- End quote ---

No.  With all due respect, I don't think you are ready for such a responsibility.  Payment processing involves tons of regulation and has a lot of risk to you as a business owner.  I highly recommend you outsource this portion of your website, at least initially.  Use PayPal, Spreedly, etc.

If you process and/or store payment details on your server - you are responsible for:

1) ensuring your code accesses PII and PCI details in a safe manner
2) ensuring your data is secure and accessible in appropriate ways
2a) this includes website security
2b) physical network security (can you guarantee the dudes at the hosting company can't login and query your DB for Credit Card #s?)
3) you also get into chain of custody issues for financial reporting, etc. etc.

On the one hand, you want as much direct control, but on the other you want to outsource the liability away from you and your business.

Navigation

[0] Message Index

[#] Next page

[*] Previous page

Go to full version