Archives for Tom Medley

Sites should publish their password hashes

There’s a big problem with all sites that store a password to perform authentication – you have no idea what security measures are being taken to protect the stored passwords. How do you know how your password is ‘secure’ once it’s at the other end? How can you know? Sites should publish their password hashes continued »

Hangman Overkill

Following up on my previous post about optimal hangman strategy, I’ve run some more experiments, fixed up and tested my script, with some interesting results.

First of all, I tested the script in a game of hangman against every single word in a 70k word dictionary. I played with 10 lives before losing, which is probably on the conservative side, 12 seems like a common figure. The script lost on 469 words, of which 99 were 3 letters long. There were 20 words 7 letters long, all of which ended in ‘ing’. There were no words of 8 letters or longer.

Hangman Overkill continued »

Playing Hangman Optimally with pyngman

A post on DataGenetics did the rounds last week, applying the might of statistical analysis to the game Hangman to try and guess what an optimal strategy might be. Many techniques were leveled at the problem, from basic analysis of letter frequencies to conditional probability, all in order to try and generate the best sequence you should call the letters.

Having read it I was slightly perplexed, it seemed like massive overkill for something that can be calculated fairly simply, so I created pyngman, a python script that generates optimal next guesses for Hangman. Input the state of the game and the letters you’ve called and it will tell you what letter to call next.

You supply the information as a state, such as ..e.., where .’s are unknown letters, followed by a list of letters you’ve tried:

$ pyngman -state ..e.. est
> Your best next guess is: a

It does this by using a dictionary (you must supply the dictionary, so the results will change depending on what you supply!), and looking at all possible words that could be the solution, and working out the letter with the highest probability of being present. So far I have been unable to find a word which causes the program to lose a game of hangman!

Grab pyngman from github and have a go yourself

Playing Hangman Optimally with pyngman continued »

Why isn’t Airport Security Open?

I’m going to take two security stories from the last week, one of which I think illustrates how to do it well, and another which illustrates how to do it badly. They come from very different areas under the vast umbrella of ‘security’. One is very much physical, and the other very much not. These days however, the two are inseparably linked. Why isn’t Airport Security Open? continued »

New Site: Queens’ College Choir

Queens' College Choir

APN Settings for Android O2 UK

I recently set up my phone to O2, and had trouble finding the correct settings. They are as follows: APN Settings for Android O2 UK continued »

StegDroid wins 2nd prize at SBSeg

At the SBSeg conference, StegDroid won honours as the second best paper in the undergraduate track.

Dual Monitor Full Screen Fix for OSX Lion

I’ve found a way around the useless full screen implementation in OSX, thanks to Geet Duggal. Here’s a refined version of the procedure, where I’ll have Xcode full screen on one monitor, and terminal and Chrome open on my secondary monitor:

  1. Arrange the application windows you want to have on your second screen as you would like them. You will not be able to rearrange them once they are there.
  2. Completely quit the applications you wish to use on your second monitor, e.g. terminal, Chrome.
  3. Full screen your app (Xcode)
  4. Using the trackpad, swipe with three fingers a little bit, so that just the edge of the next space is visible (but it won’t switch when you let go)
  5. Keeping your fingers on the trackpad, hit cmd + space to open Spotlight and type in the name of the program you wish to launch on the second monitor (terminal)
  6. Hit enter to launch the program, wait for the window to display, then you can take your fingers off the trackpad.
  7. Repeat steps 4-6 for any other apps you wish to launch!
This solution is far from perfect, but it works reliably so it’s a usable workaround until Apple actually fix this.

Invited to present StegDroid at SBSeg 2011

I have been invited to present StegDroid at the WTICG – SBSeg 2011 workshop, which will take place in Brasília, Brazil.

[translation] The Brazilian Symposium on Information Security and Computer Systems (SBSeg) is a scientific event promoted annually by the Brazilian Computer Society (SBC). It represents the main forum in the country for the presentation of research and relevant activities related to information security and systems. The 11th symposium will be held between 06 and 11 November 2011 in Brasilia, DF, and is organised by the group of Network Engineering and the Department of Computer Science, both from the University of Brasilia.


The accepted version of the paper is available online at the SBSEG site.

Essential Tech for Travel

Tech for Travel

Having just spent over a month travelling, and having done a similar stint three years ago, two pieces of technology have changed the experience quite fundamentally. Frankly, if you’re planning a long trip anywhere, these two tools are indispensible:

Essential Tech for Travel continued »