Four short links: 5 February 2010
- The Public Domain Manifesto — eloquent argument in favour of the public domain. (via BoingBoing)
- Clear Climate Code — project to write and maintain software for climate science, with an emphasis on clarity and correctness. What a wonderful way for coders who aren’t scientists to contribute to open and better science. (via the interesting OKFN blog)
- Don’t Hash Secrets — One area of secure protocol development that seems to consistently yield poor design choices is the use of hash functions. What I’m going to say is not 100% correct, but it is on the conservative side of correct, so if you follow the rule, you (probably) can’t go wrong. You might be considered overly paranoid, but as they say, just because you’re paranoid doesn’t mean they’re not after you. So here it is: Don’t hash secrets. Never. No, sorry, I know you think your case is special but it’s not. No. Stop it. Just don’t do it. You’re making the cryptographers cry.