Why you never store passwords.

So earlier someone wrote this The whole “never store plaintext passwords” really means “never store more than you need.” The sad truth is, that it doesn’t mean that. 1st, no system is absolutely secure. Any developer who tells you otherwise is either 1) an idiot, or 2) a damn big idiot. 2nd, for alot of people, emails are their life. With access to their email, one can do ALOT of things. For example, take over their lives. Storing their passwords that have a chance of being the same as their email ones is putting them at risk of losing control … Continue reading Why you never store passwords.

Response to Dropmyemail’s response

Wrote another article for SGE on why using Dropmyemail may not be the best idea around and here’s my response to their response. In truth, there is nothing different from what Dropmyemail does and when Amazon stores credit card information along with the CSC. … Certainly one can do more damage with a credit card than someone’s email credentials. In addition, Dropmyemail’s privacy policy is standard like all e-commerce websites that require personal information to complete transactions or services. Also, their privacy and security policy will also state that they are not held liable for any loss of information – … Continue reading Response to Dropmyemail’s response

Blackberry DevCon Asia

DevCon Asia was one of the best developer events I’ve been to. Serious. Aside from the free Playbook, which I’ll do a review on some other day, DevCon was really well organised, and as one of the guys behind GeekcampSG 2011, I have to say I was blown away by the event, especially the party (that said, i think the geekcamp guys did a great. i’m guessing DevCon Asia had a budget hundreds of times more than ours, hence they could pull off a real party. regardless, they’ve set a new bar for developer parties, and conferences in the region … Continue reading Blackberry DevCon Asia