3 posts tagged “university”

View other items tagged “university:” Photos, Audio, Videos, Books or Links. View “university” on Vox.

Uni place confirmed!

Uni place confirmed!

Post a comment Tags: personal, university

York University Interview

So I’m back and very tired after a 4½ hour car journey to York each way. Why? For an interview at the university no less.

My father and I arose at 5am to begin the long journey, which was about an hour shorter than expected on account of low traffic at such a ridiculous hour. I enjoy travelling with my father; we got to talk about all sorts, especially on the way home.

The university itself is very nice, a bit bare in the winter but by no means ugly. The department and course seem very impressive, receiving a 5/6* rating for research and “Excellent” rating for teaching. Even the graffiti in the toilets were maths based:

Geeky Joke
Geeky Joke

I’d really love to go there, if I get in. If I get in.

Part of the day was dedicated to interviews. As you can guess from my negativity, I don’t think it went terribly well.

First off, from my limited knowledge of names I was expecting a middle aged Asian woman, only to be confronted with an eastern European man. The accent barrier proved to be less pervasive than I had initially expected, however.

He asked me some questions, why I wanted to go to York, why Computer Science, which I answered...adequately. He then proceeded to ask what sort of programs I had previously written. I naively started from the beginning and listed the odd example as I went through. However, he stopped me before I had a chance to get to the more interesting projects I’m working on at the moment, which resemble much more the sort of things I will be doing at university.

He then gave me a couple of tasks to try and solve. The first was to swap around two numerical variables. My initial reaction, being the only way I have been taught and have ever known, was to use a temp variable. In fact, with numerical values, it is possible to do it without a temp variable. After a quick prompt I figured out the answer in about a minute or so (my nervousness making me doubt my answer, so spending about half that time double checking).

The second was a well known problem. In a theoretical situation, if you tie a piece of rope around the earth, and then slacken off about 3m and stretch the noose taught, will a person be able to walk underneath it?

A Rope Tied Around The Earth
A Rope Tied Around The Earth

The Rope Slackened
The Rope Slackened

If you’re interested, below is the solution. As you can see, you can eventually factor it out so you don’t actually need to know the radius of the earth. However, I completely blanked at this point and couldn’t remember, despite several hints, what you were meant to do next.

The Solution
The Solution

Still, it could be all right. I’ve got okay predicted grades, and I suppose the interview wasn’t that bad. One can only hope.

Post a comment Tags: personal, university

UCAS WTF

It's that time again...UCAS time! I applied last year, but due to illness I'm here all over again with their dire online application.

Why is it dire? It all seems nice and logical enough. Well, let's take a walk through shall we?

Firstly, finding a course. You search for the course, you find some courses you like and you go to bookmark them so you can come back later and have a closer look. Woops, no you can't! They use a cookie system, rather than encoding the searches into the URL, so that if you try and visit the page after a while, you can't. The cookie system is good for sensistive searches or pages, but for things like this where you really need to bookmark, it makes no sence at all.

Next, you sign up so you can fill in your details. This seems quite well thought out, sessions for security, saves your information and even let's you (for the most part!) save incomplete information so you can come back and finish it off.

However, I have a big, BIG problem with the way they store the passwords.

Normally secure passwords are stored in a one-way hash. This means you put the password the user submits through a hashing algorithm, and it comes out with apparent gibberish that is very difficult to convert back into the original password. But if you put the same input through again, you get the same output. So, when the user logs in you apply the hashing algorithm to the password the user entered, compare it to the stored hashed password, and if they are the same they got the right password (most of the time).

For example, let's make up a very simple hashing algorithm. Multiply all the numbers together. This will create a lot of what are called collisions, where different inputs make the same output, but lets ignore those for now (proper hashing algorithms minimise on collisions).
So I say my password is 54313.
Apply our hashing algorithm and you get 5*4*3*1*3 = 180
So I store 180 in my database as the hashed password.
Now someone naughty comes to try and login, and they try the password 64213.
Apply our hashing algorithm and you get 6*4*2*1*3 = 144
That's not the same as the hashed password stored in the database (180), so we know the passwor entered is wrong.
But I come back, and I login with my password, 54313.
Apply our hashing algorithm and you get 5*4*3*1*3 = 180
This is the same as the hash we have in our database, so the password is correct.

As you should be able to see from here, we never need to store the password. We store something that we can use to check if the password is correct, but if you just had the hash that's stored in the database, it's near impossible to get the password.

How do UCAS do it? With a two-way hash (I hope to dear God it's a two way hash and they're not just storing my password). This means when it's stored it looks a bit like gibberish, but they can still put it through a reverse algorithm and get my password. It's a bit like taking every letter and moving it to the letter above it (a becomes b, b becomes c etc.) Just looking at it, it looks crazy, but you can still get the origional message.

This alone is a big problem for me, my password is discoverable by anyone who can hack in, or anyone working there with access to the database. But it reaches beyond that, it's discoverable to anyone who can intercept my mail. For, you see, they print it on every letter they send me. And I like to file things, so I have lots and lots of pieces of paper with my password on it. As soon as they arrived, I had to go over them with a big black marker pen.

Some might say I'm overreacting, all people can really do is muck around a bit with my application (it has to go through college before it reaches the uni's, so I can easily stop it) and waste a bit of my time. But really, for a process I MUST go through in order to go to University, I find the lack of security considerations grossly distasteful.

So, a warning, if you are applying through UCAS, chose a DIFFERENT password to your usual one (you should be doing that anyway). If you need some help, visit this site [microsoft.com]

Post a comment Tags: rant, computing, university
[ICR]

About Me

[ICR]
United Kingdom
View my profile
Worlds Tallest Midget
Messaging:
Send
Skype:
aJanuary

Neighborhood

Explore friends, family, friends & family, or entire neighborhood.

View my neighbors

Tags

View my tags

Archives