Skip to main content


Atoms in The Universe

Computer scientists like to talk about the number of atoms in the universe when talking about computational complexity. If you have 10**100 nodes to evaluate, and there are only 10**86 atoms in the universe, then there is no way to compute your node tree.

10**86 atoms? Where does that number come from? Who made this up. In [1] the claim is that there are 10**86 hydrogen atoms out there. That seems like alot, right? Remember Avogadro? He came up with a number too [2]. His number is 6.022 x 10**23 atoms per mole. That's alot of atoms too, right?


If you had one cubic mole of something, how many atoms are in there? Well, that's (10**23)**3, or about 10**69. That's not 10**86, but it's close. How many cubic moles are 10**86 atoms then? Well, about 86/69, or about 1.25 cubic moles.

So the total sum of all atoms in the universe is just 1.25 cubic moles? Or rather, let's topsy turvy this. There are more atoms in 1.3 cubic moles of water than the universe.

Ah snap. I b…
Recent posts

HTML Core Obfuscator

It's time for HTML of the future to give us the ability to obfuscate data in-memory. If password fields were stored as obfuscated values, then there would be a very low chance of a password recovery by any person or any exemplary skill. Plus, we wouldn't have to rely upon client-side JS to do hash obfuscation.

I suggest a simple extension to the input form element:

[ input type='password' obfuscator='sha512;salt=FooFooFoo' ]

We would define our own salt, or no salt, to keep the hash consistent (homomorphic) across creation and challenge.

This can be done with JS but it doesn't prevent malicious adware JS from exploring the DOM and getting the "value()" property of an input element that is named "password".

Pretty please?

Not So Safe Safelinks

Today I got a phishing email for my gatech account. It was nothing special and easy to identify as phishing. So why blog about it? Because today I decided to test out safelinks. Why not, right? It's Microsoft, and they make a habit of telling me that I should use Edge because it is safer than Chrome and Firefox.

I clicked on the safelink that was hosted on and it opened in Edge. Wait, why did I have to hit a European safelink server Microsoft, if I am in the USA? I don't remember authorizing you to do that, but then again, who cares about us in the US.

The safelink redirected successfully to which is a shameless phishing site. It pulls resources from but has a self hosted JS file that has the same URL path as the one in the buzzport login page. It's a clever phish and it would likely defeat most users.

So that made me mad. I put on my Cyber cape and started to dig. The IP is hosted on AWS:

Name:    login.g…

HP Web Site Failure

The HP site for buying stuff on their Labor Day Sale is broken. I tried it on other computers and each had the same result. Not sure if HP was able to sell anything on their big sale weekend, but I couldn't buy anything.
Funny part was the feedback widget that didn't work. Not only could I not buy anything from HP but I couldn't report the problem I was having.
Maybe someone at HP could run this through QA again.

Gonna Get You Sucka

So my 3rd grade daughter writes a note at the beginning of the year (last year). It says "I am coming to get you," and it's just a joke note as a group of the kids are doing this. They're young, 2nd graders, and they do dumb things. Zero tolerance is the policy at the school so she has to write an apology and go visit the principal's office and I had to pick her up from school. She's scared and crying. Another kid also writes a note, a boy, and he gets the third degree too. I looked at her cohort and he was mortified. He was 8.

Today, Alfonso Nevarez a Democrat legislator from Texas [1] makes a similar verbal claim that he is going to "get you" to a fellow legislator. What happens? He gets on CNN and denies it [2].

Apparently we hold our grade school children to a higher standard of behavior? Maybe the standards of behavior are lower in Texas. I won't speak for Texans, but if he were a California rep we'd be asking for his removal.

[1] https…

TLS 1.2 and PCI

As you may know, the payment card industry is moving quickly to adopt TLS 1.2 and get rid of less secure protocols.[1] To this end, Authorizet.Net has turned off TLS.1.2 on its sandbox environment as of April 30, 2017. [2]

The curious part about this change is how it impacts the developer world. We have some older projects built using VS2010 (msbuild) and old web deploy projects. Up until April 30, we could build those with .NET 4 and VS2010. So we happily and blindly did that, until May 1.

Starting May 1 we started to see those pesky communication disconnection errors. Darn, what is that? Well, that's the TLS 1.2 requirement in sandbox. So we apply the fix and discover that .NET 4 does not have the TLS 1.2 enum SecurityProtocolType. Well, double bummer.

When we move on to .NET 4.5.1 to get that SecurityProtocolType.Tls12 we discover that we can no longer use VS2010 msbuild. Why? Because that old VisualStudios can't build .NET 4.5.1. [3] How fun is that?

With one change from a…


Looking at a picture of my mother laying in her hospital chair taking her chemo medication makes me think about cyber. Our bodies are a network of connected computers. Blood and lymph are the communication channels that relay information between these computers. The mainframe, of course, is your brain, which is another highly connected network of computers.

When cancer invades it starts by infiltrating a system. The system is homomophic usually, which makes it easier for the cancer (cyber infiltrator) to gain its foothold. Sometimes the infiltrator moves fast and runs through multiple systems wrecking havoc. Yet there are those infiltrators who move slow, learning each system as it goes slowly through the entire system. Nonhodgkins Lymphoma is that slow hacker. That's what my mother has. She's had this for a very long time. Mostly ignored by her "doctors" 8, 12, maybe 30 years ago, finally they see the infiltration and recognize the need to respond.

Once the cancer b…

EzLynx Splunk regex

Looking to extract the EzLynx app and quote IDs from those referrer URLs in splunk?

Use this regex:


I still take coffee as payment.