The 500,000 bug was reported yesterday. Compare this with the rather lacklustre performance of the KDE bugzilla on only ~150,000.

It seems the WordPress developers have made some wrong decisions in their use of MD5. Full details are in this announcement. In summary, the hash in the cookie for authentication contains MD5(MD5(password)) and the database MD5(password). This means that anyone with access to the hash from the database can pretend to be this user. Whoops. This shows that once again that security is hard as people consistently make the same mistakes.

More details and background on the Security Group blog.

My friend Martin has started a blog on usability, Yes, No, Cancel? (or in German, Ja, Nein, Abbrechen). He appears to have stalled after a good start so perhaps this mention will get him going again. He offers usability consulting through his company, Ept Computing.

Martin, an early victim of the new camera

Howies have an excellent range of ethical and ecologicaly sound clothes. Whilst I was in their shop on Carnaby St I bought a bright orange Nalgene, They sell them to encourage people to use one bottle rather than hundreds or thousands of plastic bottles, to encourage this further they have a tap in their store where you can fill up your purchase. Smart thinking. Their blog is a little bit crazy though.

On the way back from Carnaby St I got a bit lost and ended up at Playlounge which sells the cool vinyl toys that adorn OH cental. Whilst I was there I couldn’t resist buying a copy of Clutter Magazine.