Joe Maller.com

Simple, Simpler

This is the Simple Gumshoe from Simple Shoes. It’s a pretty good shoe, very minimal, highly flexible, thin, flat and cheap. The only problem is that it’s full of padding. So I gutted them.

This was a substantial improvement. It took maybe 15 minutes total, using a matte knife and pliers. There is a strange molded ridge under the toes, but it can be carefully removed with a razor blade in a few minutes.


Running around changing logins

If you’ve ever created an account at any Gawker Media site, it’s highly likely your password has been exposed. These sites include Gawker, Deadspin, Kotaku, Jezebel, Fleshbot, io9, Jalopnik, Gizmodo, Valleywag and Lifehacker. Most likely this also includes defunct sites Defamer and Sploid as well as formerly owned by Gawker sites Consumerist, Gridskipper, Oddjack, Screenhead and Wonkette (links intentionally omitted). These accounts go back nearly 10 years.

There’s more at Mediaite, BusinessInsider and HuffPo.

Inside the Gawker source/database torrent is a decrypted list of nearly 200,000 account details including plaintext passwords. Mine was in there, and the login was apparently used to post a spam event to my dormant Facebook account. Facebook deserves praise for proactively disabling my account.

I had better plans for my morning.

After reviewing the torrent files, my theory is that passwords before a certain point in time were hashed without salt. These are stored as encrypted strings in the database, but are easily revealed using a basic rainbow table. A lack of salting would also have made it easy to reveal the several thousand accounts using ‘password’ and ‘qwery’ as passwords.