Free Shipping | Hammerhead Lightning Flat Cable

Emily has been down here in Key West working with our team and taking conference calls by the pool. Actually, she has been working really hard, but we are taking her up to Bahai Honda state park this afternoon for a swim in the ocean.

Thank you so much for reading this issue of Kibbles & Bytes. We know it is really you, our most loyal customers, who make our business viable!

Your Kibbles & Bytes Team,
_Don, Kali & Stephanie_

*Hurry! Our trade-in promotion is ends Monday!*

Have an old computer that’s just not working for you anymore? Don’t go crazy — trade it in!

*From 4/7 – 4/21, you’ll get an extra $100 in trade-in credit on your old Mac or PC when you purchase a new Mac!* That’s right — you’ll receive at least $100 for your old computer, and in most cases, much more. Just bring your computer in, and we’ll get you a competitive trade-in value. See an associate for details!

Plus, if you buy any new Mac along with AppleCare (same invoice), we will transfer the data from your old Mac to your new one for *FREE*! There’s no need to stress, fret, or worry about how you’ll get all of your important documents and pictures to your brand new Mac.

??*Transfer promo requires a working Mac with OS X 10.5+.??

The new Beats Studio is lighter, sexier, stronger, and more comfortable, with precision sound, Adaptive Noise Canceling, a 20-hour rechargeable battery, and RemoteTalk. It has all the energy and excitement you expect from Beats, plus a powerful, reengineered sound. Available in black, red and white.

*Purchase Beats Studio 2.0 and Receive a $50 Small Dog Gift Card!*

Give your iPod, iPhone or iPad some juice while your on the road! Equipped with a LED power indicator
and sleek and compact design! Does not include a power cable so be sure to grab one of those. And check out our Lightning cable’s below!

Enjoy *free shipping* for the next week!

Hopefully by now, most people have heard about Heartbleed. No need to panic (“*click here*”:http://blog.smalldog.com/article/heartbroken-about-heartbleed/ for steps to take if you haven’t already), but it was a serious issue in the tech world. If nothing else, it’s really shone a light on all sorts of computing security practice vulnerabilities. Many experts have suggested now is a great time to update passwords you use online.

When I started studying computer science in college, the older students often talked about this “hacking challenge” that one of the professors liked to do in his course on operating systems. It didn’t seem real…a challenge where the goal was to hack into a system? When I finally found myself in the operating systems course, I discovered just how real the hacking challenge was.

There were two parts: In the first part, we students took on the role of the defenders. In real life, most of us are defenders trying to keep hackers away from our private data. For this challenge, we were defending a system from attacks by the professor. In the second part, we assumed the role of the attackers. We were the bad guys trying to get into a system that the professor was defending.

In the defending role, the only thing at stake was pride and bragging rights. In the attacker role, in addition to pride and bragging rights, a hefty number of bonus points were offered up as added incentive. We were successfully able to defend the system against the professor’s attacks, but only barely. We underestimated his deviousness, and a key logger was nearly our undoing.

The more interesting part was when we assumed the ‘attackers’ role. As in love and war, nothing (within the rule of law) was off limits. There were a number of “checkpoints” we could reach in compromising the system, and we received points for each unencrypted password we were able to successfully identify. Each identification was met with exasperated groans from the professor as we called him to report it. The ultimate prize was an encrypted file that we needed to find and decrypt. Ultimately, we were able to compromise the entire system including the root password, and given more time, we were on our way to recovering and decrypting the encrypted file.

What did I learn from this challenge? I was taken by complete surprise how devious and clever we all became trying to break into that system. I also learned just how easy it was to break reasonable length passwords. Dictionary words? Might as well just hand your data to us on a silver platter. Proper nouns? No problem. Numbers added in? No problem. Weird characters? Slight inconvenience, but still doable. In many cases, we didn’t even bother being clever at all. Computational power and speed has become so ubiquitous and cheap, “lazy” brute force attacks on some more common hash and encryption algorithms are almost trivial. Just three or four of us requisitioning about 15 computers in a lab to do our bidding for a few hours was all it took.

Full disclosure: We had physical access to the machine in this situation. No one wanted to be responsible for us picking locks or otherwise trying to get into a locked office. Physical access allows attackers to bypass many of the network security speed bumps. The machine was also running a version of Linux, which uses similar security features and technologies to OSX. Windows is (or was) theoretically even easier to compromise. I expect newer versions don’t use the easily breakable hash algorithms of versions past.

*So what would I recommend?* Good complex passwords are important, but if it’s so complex you’re just going to write it on a post-it and stick it to your monitor, it’s too complex. There are tools to help keep track of your passwords, and I’ve used things like Keychain Access to help with that, but ultimately, the longest, or most complex password you can memorize is the best policy. Many companies and organizations use a password expiration policy, but these policies are somewhat outdated. They cause frustration for users and admins, and discourage people from memorizing passwords (more post-its on monitors). Nowadays if someone gets your password, they aren’t going to wait. They’re going to start looking for where it will work immediately. I know I would.

My personal recommendation is to go for the longest password you can, as that’s what I do. The web comic XKCD had a great strip about “*long passwords*”:http://xkcd.com/936/ a while back. Another good idea is to check if your favorite password shows up in any “*password leak*”:http://www.darkreading.com/risk/phpbb-password-analysis/d/d-id/1130335 or “*common passwords lists*”:http://gizmodo.com/the-25-most-popular-passwords-of-2013-god-help-us-1504852434.

??Disclaimer: The hacking exercise described here is an example of “*white hat hacking*”:http://en.wikipedia.org/wiki/White_hat_(computer_security). We were authorized to hack into the system as part of a learning exercise. You should never willfully hack into any system or attempt to steal passwords from anyone. For one, it’s highly unethical, and in many cases, it’s also illegal and could result in heavy fines or jail time. Even “*grey hat*”:http://en.wikipedia.org/wiki/Grey_hat or activist hackers often find themselves on the “*wrong side of the law*”:http://www.theguardian.com/technology/2013/nov/15/jeremy-hammond-anonymous-hacker-sentenced.??

_Dear Friends,_

They say that winter is not really over until the April snowstorm has hit Vermont, and we had that this week with a reported five inches up at my house on Prickly Mountain. Hopefully, the roads will now dry out and the rivers get back in their banks!

Hapy, who has been waiting very patiently for his new “*Mac Pro,*”:http://www.smalldog.com/product/84464 is now sporting the diminutive powerhouse on his desk. I really do not know what he will do with all that freed up desk space, but I am sure it will be covered soon. I hope I can twist his arm to write a review next week for Kibbles!

Normally, this time of the year Jason and/or I are in China for the trade shows, but we decided to skip the spring shows this year as there were no compelling new products for us to source. I have heard, however, that some of the manufacturers over there are already showing cases for future, unannounced products. That is always risky as specifications (and more importantly, dimensions) frequently change at the last minute.

We have three job requirements of all Small Dog employees that help us to manage the business. Each employee writes a weekly report to their manager and copies Hapy and myself. In these reports we are looking for a report of work accomplished, work planned for the next week, obstacles encountered, resources needed and any general commentary. With sixty employees, sometimes it takes me awhile to read them all but I find them incredibly valuable.

The second job requirement is that each employee, whether they are sales people, shippers or accountants, takes the series of Apple online training modules and achieve the designation of Apple Product Professional. We may be the only company that has 100% of our staff with this designation. I really want whomever answers your call or email to be very well-versed on the products we sell.

The third job requirement is that employees take a paid day off each year to perform community service. The only requirement here is that they send me an email describing their work. Community service has run the gamete from helping with the clean-up from hurricane Irene to working the Special Olympics or helping a neighbor stack wood.

My Kibbles & Bytes special for this week is the MacBook Air 11-inch model featuring a 1.3GHz Intel i5 processor, 4GB of RAM and 256GB of solid state storage. This is the ultimate in portable Macs! Weighing in at only 2.38 pounds, it is the lightest Mac you can buy. I am bundling this MacBook Air with AppleCare, of course, so that you have the protection for three years instead of just one, and three years of technical support from Apple instead of just 90 days. Two more items in this bundle provide more protection for you. The Hammerhead 11-inch Leather Envelope is a great case for this Mac and you need backups (yes, you NEED backups!) so I am including a Seagate 500GB Backup Plus Slim drive that will make it easy with Time Machine to have all of your data backed up! This lightweight portable bundle is available exclusively to Kibbles & Bytes readers for only $1,449 for this week (while supplies last).

“*Purchase this bundle here!*”:http://www.smalldog.com/wag900001372