夢: 鎖不了的心

我和家人似乎是逃難到了某間有四間房的屋,我一向最重視的是屋的門鎖,其他人似乎沒有我的在乎,甚至不當是在逃難,他們各自回房睡,我就負責鎖門,但此間屋有兩道門,一道我們進來的正門,另一道是某君睡房旁的一道門,他這兒的旁門有道短短的樓梯,盡頭有另一道通常都被人忽略了的門,可以進出垃圾房。我的建議是在此木門加一道電子密碼鎖,類似老虎鎖的東西,這鎖的特色是它從內面開只要四個數字的密碼,從外面會極之複雜和困難,不過我同時又想到可能出現最壞的情況就是只有我一人才記得這個密碼,其他不懂的人就會無路可逃而被活活困死,特別是當中某女性因為家中變故而要逃出,她不記得密碼,就會死狀悽慘,既嚇死又被殺死。
我後來進了他的房間,這裏感覺就像邁亞美海灣的舊居中自己的睡房,說是要保密/安全他卻打開了側窗,似乎是他已經妥協了,本來他是打算打開前窗的,這下子我又好像滿意了,而他似乎極之渴望和對面同一類型的屋面對他的房間中的住客溝通,而他們好像也溝通了一會兒,他把書及其他東西放在兩間房的中間,另一個人也有回應,這裏儼然就好像是他們的共同空間一樣。這令我納悶,因為夢的劇情是我們一家人剛剛搬進來,何以他似乎已經和另一個人交往了一段時間?

同命鴛鴦

(您當時指冰漓，之後很難說代表誰。)

前晚,夢中是一對男女被一班人追殺,其實男不能肯定是我, 女不能肯定是您,所謂追殺,就是由地下一直被人追到樓上, 對方有槍,好像我們也有,一追在跑樓梯, 對方在樓梯中的空間向我們射子彈,子彈被樓梯的金屬扶手反彈, 好幾次幾乎射中,我們不只兩個人,似乎是一大班人在保護我們, 所以這群保護我們的人也有還擊,一邊跑一邊向他們放槍, 不過整個過程一直看不清對手的面貌, 只是聽到他們亦步亦趨的腳步聲,人影都不見。後來, 快要到頂層時,腳步聲好像停了。以為是追殺停了,想真一點, 原來不是,而是追兵都換上了避彈衣,我們有槍都傷不了他們, 令我們頓感絕望,士氣低落,更差的情況是外面有一架直升機,不是在等待接我們離開, 而是裝上是機槍,準備掃射我們,他們是一個方法不成, 再用第二個方法,下面的追兵好像真的停了, 而我們也差不多抵達天台,但到了又如何,不是等着被人射殺嗎? 因此不上天台了,亦下不了樓。前無退路,後雖看來像是無追兵, 還不是一樣?

昨晚,都是被人追我,而且男的肯定是我,女肯定是您, 不過似到處遊歷多於被人追殺,今次似乎走到一個回教國家, 剛好踫到有一班穿阿拉伯衣服的人在沙灘跳舞, 我只是在沙旁邊經過,但是說也奇怪,為什麼他們跳的是「無聲」 舞,真是一點聲都沒有,亦沒有任何音樂助興? 我因此也不打擾他們的「派對」, 我們原來和他們同住在一個營幕裏,原來他們都是十分酷愛清潔的, 清潔似乎是回教信仰的一部份,既然和他們同住,只好入鄉隨俗, 不過,有一件十分荒謬的事,就是他們怕每晚都睡在一個位置,隱形的敵人經過, 會認得每一個人及他的位置而把他殺掉,但是, 我們每人的地毯都是每晚不變的用同一張,而在營幕裏, 我雖然想每晚都改一改佈置,最後發覺部份是因為它們大小的原因, 另外可能是習慣的關係,所以所謂變,根本變不了, 只有我一個人去變,其他人都因循,如何求變? 因此他們都該死,因為他們虛偽, 自己的規律自己不去想辨法去遵守,只拘泥於習慣, 等如是自找死的,如果我們因此被殺,亦是他們害的, 幸好我似乎不信他們的神和傳說,我們是在一個困境中,入鄉隨俗, 就等如相信自己最後會被殺,不入鄉隨俗,為何又跟隨他們流浪?

被人追殺,要開門進屋,為了安全,門有七層, 每一層都要用銷鑰去開,十分焦急,但不得不開, 屋內是唯一可以躲避的地方,雖云是追殺, 卻看不到身後有任何人影,只是感到有人在追殺我, 幸好我開銷也相當快,沒有亂, 最後還是在人還沒有追來的時侯進了屋, 不過我卻懶於把一層層的門再重新銷上, 只是大力最外面的一層門拉回來,同時把最內面的一層門推出去, 門感覺上是不可以用手銷的,在門附近找到按妞,一拉, 則全部門同時被銷上,總算是安全了。 因為內面五層的門都是被夾在中間,所以我銷不銷也不是有大關係, 更重要的是外,最外面的一層門好像是部份透明的, 我不可以讓來追殺我的人知道我在哪兒。把門銷好, 他只有瞎猜我在哪一間屋。

夢中的新屋

我和爸似乎是來了一間新屋，這感覺似龍騰閣的舊居，但是觀乎樓下的設備卻好像在另一個夢時去過，據說是幸運抽獎所得，不是普普通通的人可得的，這裏佔的面積很大，而似乎一入伙時已經裝修好了。我似乎是罕有的以女性的身份來做這個夢，而素來最重視的是門鎖和密碼，這裏據說是當時最先進的，一共有三組或者是三十個字的密碼，就是自己人十分容易明白，其他人就難說了，頭兩組/或其中兩組似乎是媽的身份證號碼，有意思的爸好像嫌我會不記得自己母親的身份證號碼，還特意大聲在夢中說了出來，然後/中間好像是在天水圍住在嘉湖海逸酒店時的電話號碼，這號碼在當時是全間酒店都是同一個，不知在夢是不是全屋苑或者是全幢用同一個。我記得是我先上一層去看看似乎是廁所的地方，這又令我感覺似屯門的恒順苑，它令我印象最深刻的地方是名稱Handsome Court的意譯有英俊的意思，好像說我天生英俊似的，而一次我和媽就因為忘記帶門鑰而被困在上層，皆因我用望遠鏡在觀看一對似乎是情侶在麥理浩徑的座椅似乎是在做愛之故。
這廁所也是頗先進的，當中好像有電視，又要用密碼，說來又感覺像在奧威斯酒店，奇就奇在廁所和睡房好像是分開的，下一層好像沒有廁所，而上上落落要用密碼來開鎖也夠麻煩的。而當我走到樓下的睡房時，又聽看不見樣子的爸說兩個不同的密碼本來又各自有其他的用途，好像一個是門鎖另一個又不知是什麼，我就嫌它太短了，要猜難度不夠高。這時我走出房間，才發覺這裏竟然有兩道門的，前門在左邊是我們進來的，而後門在右邊不知是不是讓我們出去的，這不是普通香港住屋的設計，而且爸為人似乎像大哥一樣粗心大意，這是我想像不到的，一向他是全家最小心僅慎的人，我隨手就推開了內門及外門，有趣的是不但它們沒有鎖，好像是我們第一次來參觀示範單位就住下來似的，而是內門由左右三條橫門或者是客家人常用的木所組成，不過客家人的用法是把木條由左右合攏，而這裏就是可以像宮廷的門一樣向外打開，就是各自向外轉，似乎是不能向內轉，這就是所謂的保安設計，只可以由屋內開門而不可以由外面開門，是簡單又聰明的設計，就是在外面的人根本無處下手去開門。而外門感覺頗似在兩姨丈家或者是大哥家中中用的鐵闡，而且是只有下半而沒有上半的，如果不是內門，外人一把屋內的春光/風光一覽無遺，我打開它們時看到另一邊居然也有兩伙住戶，她正在關門離家，這裏不單是單位的面積巨大，而且住戶衆多，就是左門前有另外兩伙，右門外也有。我鎖好門就回到家中。

另一種不用加密也可保護你密碼的方法

之前有人提出了一個令黑客就算完全知道你密碼也無法進入你戶口/帳戶的方法,就算黑客用暴力破解法,因為每次系統要求的資料不同,所以此破解法也會失效。其實,發明者忽略了保護密碼在之前還有一個步驟,就是輸入密碼,只要黑客不是親身在場去抄低你的密碼,我就有辦令這些專記錄使用者所有鍵入的資料的木馬程式失效。
我的思路是針對此類記錄程式最大的弱點,它把所有鍵入的資料以順序來儲存, 好像是假設使用者只會同時使用一個程序,然後依順序先輸入戶口名稱及密碼,用者只要打破這個最方便使用者的腦神經運作的輸入名稱及密碼順序,由於此類記錄程式不能知道使用者是在什麼樣的情況下輸入它所記錄的資料,只能假設使用者的使用模式再從資料中反推出名稱和密碼,例如從name[enter]password[enter]中的name得知它為戶口的登入名稱,之後輸入的就一定是它的密碼。假如使用者不依此規則來輸入戶口名稱和密碼,如n[Tab]pa[mouse click]a[Tab]ss[mouse click]m[Tab]wo[mouse click]e[Tab]rd[return],由於黑客無法事先知道使用者是以悔花間竹式輸入戶口名稱及密碼,所以得到了鍵入的資料也無法重新組合出戶口名稱及密碼,甚至不能得知使用者輸入資料用來做什麼,破解戶口名稱及密碼無從談起(除非使用者長期都是用同一組模式來輸入戶口名稱及密碼,這時黑客會留意到有一些不斷重複出現的資料模式)。
我現在只是用了最簡單的方式去實現我此一針對記錄程式的弱點,實際上可以用不只用此一方法,例如不一定要依上列順序先戶口名稱再密碼不斷重複,使用者大可以隨自己喜歡的順序來把戶口名稱及密碼拆來輸入,同時亦沒有規定每次輸入戶口名稱一定要每次1字,然後夾2字密碼,因此,使用者大可以用n[Tab]p[mouse click]a[Tab]as[mouse click]m[Tab]swo[mouse click]e[Tab]rd[return],一共有38種組合(假設一定是把戶口名稱及密碼各拆成4組),而此類軟件不能讀使用者的心,所以變成有資料也無法破解戶口名稱及密碼。聰明的讀者還可以想到因為有[Backspace]一鍵,使用者甚至可以故意加入戶口名稱及密碼中不存在的字元來混淆黑客,只要此類記錄程式無法得知使用者用[Backspace]一鍵消去了什麼多餘的字元時,黑客同樣是得物無所用;我還沒有提及當使用者在同時登入數個戶口時,故意把各戶口名稱搭上不是該戶口的密碼的組合呢!

Tao and Democracy

I admit my understanding and interpretation of Taoist may not be standard, that is the best I could get. I try to be as faithful to the original meaning of the text in this blog as possible.

One of the Taoist classic has the name ‘The name of Change’, so Tao is about change occur in nature. Tao is about how change take place and how to adapt to the change and how to led the change. Therefore I concluded that Chinese Communist Party is acting against Tao when it is turning Republican system into dictatorship which is not structurally different than other Chinese dynasties. Thus it is destinate to have result as other dynasties as dictated by its internal logic.

The reason that I consider Chinese Communist Party is against Tao is due to its general altitude toward Democracy in China and in Hong Kong. As every Hong Kong citizen understand, it is not that we are not ready to have universal suffrage, since similar proposal was already in place as early as 1985; it is that Beijing is not ready to see fully democracy happened in its country. While it can’t turn the clock back, it is doing its best to slow down the process as much as possible.

Why Democracy is more compatible with Tao than Dictatorship? Because Democracy is an unchangeable system that allow change to happen in an orderly and efficient manner which minimize the social cost associated with it. The purpose of Democracy is keep the governorship updated according to the will of people and the current situation, thus ensure that the country as a whole could adapt to the change take place internally and externally. Democracy is a way to give change an unchangeable structure. Thus change and unchanged in harmony, the change(of government) is possible due to the unchanged(political system/culture/spirit/economic), and unchanged is maintained by the change. Instead of fighting the change in names of harmony and stability like Chinese Communist Party, Democracy absorb the change to better itself. It is unchangeable in the sense that it promote change, it live with change; it is anything other than fighting against change.

However, Chinese Communist Party can’t tolerate any change that outside its scope of its control. The idea that it can control everything, and everything must be under its control for the best of itself (forcible intentionality) is the exact opposite of the naturalism spirit contained in Taoism. As Democracy allow change, permit change or promote change; it understand change in the sense that it tolerate a sense of uncertainty (in which law is being adopted, the result of each election, demonstration/social movement, decision of court on interpretation of law). That scope of uncertainty is how the society as a whole could grow and develop. As Taoism asserts, Plants and animals are best developed without unnecessary hindrance from human being imposing their intention on them. Thus country as a whole is best developed when nobody/group on the top imposing his/her idea on the people, guiding every aspect of their lives; that corresponding to the idea of freedom. Thus Taoist text implicate the importance of Freedom and Democracy over five thousand years.

Yet Another Method to secure your password without encrpytion

Some has devised a pretty sophisticated method to defeat the Brute Force method in breaking in computer accounts, that method could also defeat the infamous key-logging method. Because both methods relies on systematic nature of the password-entering process, if it is not systematic and well-organized, that certainly increase the computational cost of accessing the account without knowing the password. What then we see is to how that method is implemented, and what computational constraint we have in that method.

My method here is never intended as a competition because is too simple and straight-forward. To break the security risk associated with key-logging program and brute force method, we only need to increase the level of ‘disorder’ of the information collected by them. That method is taking advantage of the cracker that has no idea of what consist of the targeted password. Now the method I provide here also use that idea but in a slightly different way.

My ideas are:
A. Instead of asking for the password in its original sequence, the program would ask for the password in an arbitrary order formed at the moment (which is displayed as a picture). Now if the password contain 5 digits, there are altogether 120 combinations even if the crack know all the digits; and if the password has 10 digits, there are altogether 10! of combination to guess. If we program the machine so that any three invalid guess require a break of 15 minutes between next input. Former cases require 10 hours to crack, and the later case require 30 years to crack.

B. To further increase the difficult of the cases, the program would add random character to the password for entrance. The user is required to enter also the generated-on-site character, that is to confuse the key-logging program. Moreover, that added into the time required for brute-force method to work, excluding symbols, adding one digit would increase their average succeed time by about 40 times. Bear in mind that both key-logging software and brute-force program is unable to know those generated-on-site characters.

C. In the same vein of B and A, sometimes the program would NOT ask for the whole password. Instead it may just ask for the digits in the random sequence it just created, for instance, in the order of 3456, 253, 421. As a whole, every digits of the password is asked. However, that added to the confusion of brute-force and key-logging software since they don’t have any information of the order of the sequence (Nobody including the programmer of the program would know). They have information but it is not very useful to them.

*D. Now to make this method unbreakable, the password would be updated according to a formula that is either given before the operation or a formula that is generated on-site in random interval. It maybe that in next time, the fifth digit is increased by 1, or the fourth character is ‘decreased’ by 3… etc. The information is again useless to the cracker since s/he doesn’t know the original password.

Presumably, cracker could break this method by taking snapshot of the screen which the password is entered. However, in some case it is impossible to do so; and in other cases it would require Artificial Intelligence program to identify the digits in the picture, then analysis the data inputed. That would increase the difficulties of cracker by at least thousand-fold compare to existing method.

Who would like to write such a program?