you sadist!

For the C and relatives, you could do something very similar to Python (or at least you can in php):

if (a==b)
        do_something();

Sounds great in theory but having been bitten twice now by companies incorrectly double or treble billing me I no longer allow anyone to automatically debit from my account. Much safer to log on to a suppliers payment portal every month and manually make a payment using my debit card.

I wrote "an algorithm you apply to your password before it gets hashed" which could of course mean appending random string data. My mistake was to assume that appending the same randomly generated string to all passwords would be sufficient salt. I didn't consider users who used the same password.

Nice explanation, I stand corrected :) I hadn't considered the (obvious now you point it out to me) fact that lots of users would likely have the same password.
Unique salts obviously help in that regard.

I'm not a crypto expert but my understanding of salt is that it is simply an algorithm you apply to your password before it gets hashed. In order to verify a password, the system obviously needs to know the salting algorithm in order to compute the correct hash. If your password hashes have been stolen, it is reasonably likely that your salting algorithm has too. Therefore, whether or not each hash has it's own unique salt becomes largely irrelevant as the attacker will likely know how to produce each salt.

Of course if the authentication box and the hash database are on separate machines and only the hash database gets hacked, then it might be slightly useful. But then, even if you only used one salt for all the hashes, your passwords would still be safe from rainbow tables assuming your auth box was not hacked.

That sucks :(

Yep it ain't pretty in France :/ I am originally from the UK and really miss the packages I used to get there (although looking at your package it seems Austria is even more competitive than the UK).

I don't know which country you're in but in Europe you would simply opt for a "sim only" contract. I'm in France (not the most competitive country for mobile rates) and use this: http://www.virginmobile.fr/nos-offres/forfaits-liberty-sim-et-plus.htm (EUR 29.90/month for 5 hours call time any network any time, unlimited sms and 500MB of internet usage per month with no minimum contract period).

Avast, Ad-aware and Google Earth all come with chrome (or did when I last installed them)

Apparently Frederic Mitterrand is in to having extra-marital sex with asian boys according to this Bloomberg piece: http://www.bloomberg.com/news/2011-05-23/strauss-kahn-new-york-case-may-curb-libertine-ways-of-powerful-french-men.html

I'm not surprised he doesn't have a problem with Roman Polanski.

It claims to be modular but is effectively monolithic due to myriad cross dependencies (some of which are poorly documented) and a terrible thread management system.

As a current Asterisk 1.6 user, I can attest that it is a piece of junk. It's monolithic, buggy, poorly documented and unwieldy to install from source (witness the number of ISO based all in one installation solutions).

I'm in the process of reading up on FreeSwitch with a view to shifting to it.

Have a read of: http://www.freeswitch.org/node/117

That's the short term fix. Near term: initiate "Streisand effect" and hope that's enough to get Mediacom to change their ways. Long term: agitate for net neutrality laws!

I use and wholeheartedly recommend www.dyndns.com

I've never had to deal with a DMCA takedown request but I'm pretty confident that the guys at Dyn would talk to me first before doing anything rash.