Saturday, November 28, 2009
OpenID Repaired
After the server upgrade a few weeks ago, I busted the OpenID login system. I've spent a few hours fixing it and improving it, so if you use OpenID to login then it should work now. Feedback is always welcome!
Wednesday, December 24, 2008
New Server and Speed Increases
It's finally here and up and running!
I bought a new server. Did you know you can get slightly older computers, but still really powerful, for super cheap? People and businesses upgrade and then basically give their computers to discounters for nothing! I got this server for $144, with tax, shipping and an extra year's warranty. I'm very impressed.
Also, U.N.M (University of New Mexico) gave me a static IP address on their network, so we have a super-fast internet connection.
So, if you're used to this site being slow, get ready for serious changes! In general, moving to this new server on this new internet connection has increased the speed by an order of magnitude (from 300ms per request to 15ms per request). Wow!
But that's not all folks! I've also done some back-end coding to cache the results of morphology lookups. So now morphology lookups should increase by another order of magnitude (as long as a word is cached). If the word is not cached, the lookup will still be 2-3 times faster.
I apologize for geeking out a bit here, but I hope you notice the speed improvements.
As usual, I'm always developing The Latin Lexicon, but since I'm on winter break, expect to see some serious improvements for January!
Oh, one more thing. I also set up some bug-tracking software (BugZilla) to keep track of issues and improvements. So if you find all this technical stuff interesting, feel free to check it out!
Ok, one more thing! OpenID logins will be down for a day or two. Also, if you created an account or any flashcards between the 16th of December and today, I'm afraid that information is lost because I upgraded the database on the 16th and didn't get it moved until today. Sorry about that, if you're affected.
I bought a new server. Did you know you can get slightly older computers, but still really powerful, for super cheap? People and businesses upgrade and then basically give their computers to discounters for nothing! I got this server for $144, with tax, shipping and an extra year's warranty. I'm very impressed.
Also, U.N.M (University of New Mexico) gave me a static IP address on their network, so we have a super-fast internet connection.
So, if you're used to this site being slow, get ready for serious changes! In general, moving to this new server on this new internet connection has increased the speed by an order of magnitude (from 300ms per request to 15ms per request). Wow!
But that's not all folks! I've also done some back-end coding to cache the results of morphology lookups. So now morphology lookups should increase by another order of magnitude (as long as a word is cached). If the word is not cached, the lookup will still be 2-3 times faster.
I apologize for geeking out a bit here, but I hope you notice the speed improvements.
As usual, I'm always developing The Latin Lexicon, but since I'm on winter break, expect to see some serious improvements for January!
Oh, one more thing. I also set up some bug-tracking software (BugZilla) to keep track of issues and improvements. So if you find all this technical stuff interesting, feel free to check it out!
Ok, one more thing! OpenID logins will be down for a day or two. Also, if you created an account or any flashcards between the 16th of December and today, I'm afraid that information is lost because I upgraded the database on the 16th and didn't get it moved until today. Sorry about that, if you're affected.
Happy holidays! Happy Hannakwanzaamas!
Labels: bugs, development, features, flashcards, openid, slowness, UNM, web server
Sunday, August 3, 2008
Official OpenID Support
It's official! I've just completed the first phase of OpenID support. You no longer have to remember a username and password for this site.
How does it work? When you sign in simply type in your OpenID and you'll be taken to your provider which will validate your username and password. Depending on your provider, you might have to pass some tests (like captchas) or set an expiration date for your login.
OpenID is a fairly new and big concept for the Internet. Version 2.0 has just recently been ratified, so it's starting to get big exposure. In fact, Yahoo! now officially supports OpenID. For Yahoo! it's easy: just type in "yahoo.com" as your OpenID and they do the rest. Others who are known to offer support with a "special" URL are Blogger, AIM/AOL, LiveJournal, Verisign and Wordpress. For instance, my LiveJournal OpenID would be the same as my LiveJournal user page (efesar.livejournal.com). Others are jumping on the bandwagon as we speak. Myspace has officially announced support for OpenID, but when it will launch is unknown. In some cases, mine for instance, you can even "centralize" an OpenID on your own domain, a feature which works with many sites, but unfortunately not with Yahoo. But it does work with Verisign. For example, I set up my site efesar.com as a "relying party" for my Verisign OpenID. I have a Verisign OpenID, but I can also use "efesar.com" as my OpoenID, which then takes me to Verisign.com, which then validates my identification (username, password, fingerprints, security devices, pictures, captchas, etc). Once I'm signed in, it sends me back to the site where I was trying to login, and -- presto-change-o -- I'm logged in.
I'm excited about OpenID and I'm happy to offer it on this site. Personally, I hate having a username and password for every single site I visit. Sometimes my username is not available. Sometimes they have weird password rules. Some are longer, some are shorter, some want more numerals, more symbols and more uppercase letters. It gets to be a real hassle. Someday I hope to narrow my "password" list down to three logins total: a "throwaway" login, a "normal security level" login, and a "high security level" login. We should all be so lucky.
OpenID is very secure (using a lot of back-and-forth encryption and verification) but the "mental process" or "social engineering aspect" does present some security risks for you, but only if you're not careful. Always make sure that any site which accepts OpenID sends you to the real site. don't type in your password unless you're positive you're on the right site! Any hack can mockup a "fake" (but real-looking) Verisign or Yahoo! login page. It's up to you to make sure it's the real deal. Look at the address bar in your browser -- if it's real, it'll be at yahoo.com or verisign.com. If it's fake, you'll see sometihng stupid like loginsite.partner.yahoo.fakerussianpasswordstealingsite.cc). Never ever ever trust an OpenID in a "new window" or in a "new tab" or in a "popup." Those are almost surely fakes.
Sorry about the rant, but since OpenID is such a new technology, there are going to be a lot of losers out there trying to take advantage of this great technology. Now, back to our regularly scheduled update...
There are a few features that I still have to implement to make this site's OpenID implementation perfectly complete: allowing you to change your OpenID once you've started an account, remembering your OpenID between sessions, and merging multiple accounts. But those aren't big show stoppers, and anyway these features should be up and running shortly. Enjoy!
Labels: aim, aol, blogger, livejournal, myspace, openid, password, security, username, verisign, wordpress, yahoo