Brian Jepson’s Weblog : Providence Geek Dinner-Wednesday February 28:
The Providence Geek Dinner is back at AS220 (115 Empire Street, Providence, RI) on Wednesday, February 28, 2007. The fun starts at 5:30pm. I hope to see you there. See the Providence Geeks blog for details and RSVP.
Yeah, I should start going to these.
Liz and I are currently working on a game to play while watching Fox’s “24”.
Current version of the document is Draft 6. It will hopefully be finalized with some assistance from you, the reader, or as we fine-tune the scores and add new events, eventually it will be reasonably complete.
The rules are simple, and examples are given. This can be used not only while watching the Season Six yawn-fest, but by going back and re-watching previous, excellent, seasons of 24.
:
via: shawn – thanks for this.
Read RSS, get hacked:
That’s because the growing use of Web feed readers and the proliferation of content-aggregation sites are giving hackers a really simple way to deliver keystroke loggers, Trojan horses and other malware onto their computers, security analysts warn.The feed-hacking threat is not particularly new. However, the severity of the problem could be rising as feed services begin moving into the mainstream, said Ray Dickenson, vice president of product management at Authentium Inc., a Palm Beach, Fla.-based security vendor. “Malware authors are just taking advantage of the interconnectedness of Web 2.0” to distribute their code more efficiently, he said.
That is a rather interesting thing to think about. All of the various re-blogging sites out there and feed-mixers have the potential to impact the output of those feeds, certainly. And usually the big problem with this type of behavior is reputation—people re-distribute content and represent it as their own, or even make it difficult to find out exactly where something originated.
Unprotected reputation makes it easier for someone to maliciously abuse that reputation, if you read something written by So-and-So, and So-and-So’s name is trustworthy, you may well be more inclined to download an enclosure, play a media file, read a document, or anything else that is made available to you.
And while people are getting smarter about this behavior, the content itself isn’t protected, and thus lends itself to being easily copied, pasted, reblogged, or fed into hybrid amalgam feeds through the various mechanisms out there to do so. Yahoo! Pipes, for example, is a fabulous tool for massaging the output of feeds and allowing you to customize the way they are viewed and consumed, and there are plenty of web-based applications out there that do exactly this.
And since the user has to subscribe to a specific feed in nearly every circumstance, there is some level of trust already established, they did, in fact, subscribe to this feed, and they couldn’t have been making a mistake or been so naive. But never-the-less, it happens.
Enclosures in feeds aren’t a bad idea in and of themselves, it allows for things like Podcasting, and premium content to be distributed via RSS and Atom—and that is a wonderful thing. But the browsers and readers and clients that accept this data are typically told to pull the enclosures and add them to your iTunes library, or to open up Windows Media Player upon receipt, and that abuse of reputation and trust is bringing out a whole new landscape of potential attack vectors.
Not to mention the most obvious one, having malicious javascript present in a feed and having the reader dutifully follow its instructions. Most readers that I’ve looked at over the years strive for compatibility over correctness, so the very design of these readers is to be very forgiving on the contents of a feed, instead of validating the contents and sanitizing it.
I think it will be interesting to see what exactly happens with this mode of attack, and what the implications are of trusting unsigned and invalid data in content syndication formats. It will certainly be interesting to see if anyone actually follows this with some real diligence in helping people avoid this type of an attack.
Suddenly I’m curious if I can plant malicious javascript into my del.icio.us RSS feed.
Most people would call me thin.
I’m 6’3” and around 170lbs most of the time. When I was 18 years old I was 210lbs and then had a massive anxiety-induced freak-out a few years later where I didn’t eat much except crackers for a couple of of months and dropped down to 160lbs.
So since that time, I’ve been pretty thin. And a lot of things lately have been reminding me that I’m not taking very good care of myself and the biggest component of this is that I recently had a birthday and have been feeling really anxious about my health and I’m very self-conscious about certain parts of my body and they’re things that can be changed.
I’ve been following Joi’s progress and he’s been making some rather nice changes for himself. So. Change them I shall! Bring it!
Liz keeps a lot of exercise gear around the house. She does all sorts of stuff that I don’t understand much that involve steps and sweating and wearing cute clothes.
However, I’ve started using her free weights and working on my arms and chest and then doing crunches and twists and adding some muscle in those two areas. My first day of doing this routine I did about thirty crunches before I felt like I was going to split like a pea-pod.
I did 2 pushups.
Once your mocking laughter subsides, I’ll continue.
»
Yeah, thanks for that.
So anyway, my capacity for all of my pushups and weights and crunches has been rapidly escalating. And for the first week I was like “ugh, I need to do that,” and now I kind of look forward to it, and will occasionally even grab some floor space while I’m watching TV or when I need to take a break from my laptop or my desk, and I’ve done crunches on the floor in my office @work, too, and my capacity for crunches has been increasing rapidly. I don’t know what the ceiling will be, but I’ve gone from doing 30 in a sitting to over 270, in the span of three weeks.
And really, seriously, I kind of like doing it. I’m trying to start walking more during the day, and I’m contemplating walking to work or bicycling more, and sometimes I get away from my desk when I’m in the office and just do brisk walks around the parking lot.
So I’m feeling a little inspired and happy for the progress I’ve made so far. My stomach appears to be getting some nice definition and my arms and chest are shaping up as well. I’m not saying I’ll be running for Governor of California or anything, but I just want to tone up a bit and feel better about myself and be more comfortable in my own skin. I’ve never been especially fond of myself in that way, and I don’t think I’ve ever looked at myself in the mirror and thought, “Emory, you look pretty awesome today,” or have been all that pleased with my physical condition. Which has had a measurable impact on my emotional and mental state as well, I’d imagine.
And so far this has had a pretty good impact on my emotional and mental health as well. Because it has real measurable progress, and because I feel good doing it, and I feel great when I do it better than I did last time, and because I look forward to doing it because of how it makes me feel? All the more encouraging.
I’ve also been dialing back on my smoking and trying to break my habits of doing so at certain locations or times, but that one has been harder than it sounds because I’m all stressed out about a lot of things lately and it is really a deadly form of self-medication, I’m aware of that. But that is a hard thing to break, really. I’m constantly thinking about my smoking habits though and how I can continue to make it more difficult for me to do so.
I think ultimately that what will happen is that I’ll hit a peak in my exercise routine where I can’t go any further because I’m short of breath, or just not feeling up to it, and this will be the indicator that I need to cease my smoking, and that I will actually see my smoking habit as a limitation to my health and happiness. Right now I smoke when I’m stressed, or depressed, or just need to walk away from my desk.
I have broken the biggest “location cravings” by not smoking at my desk, or in the living room, or even in the house unless it is in the pantry, which is the most inconvenient place to do it.
So yeah, I want to look better, but what I really want is to feel better. And so if you are thinking about trying to take better care of yourself physically or mentally, I highly recommend you start getting some exercise. It doesn’t have to be much. I’m just doing really basic exercises and it is making a difference. The biggest changes that it makes for me are in my head, and that makes it all the more worthwhile.
There is an interesting thread on BlackBerry Forums (which is an amazing resource every BlackBerry user should be reading now and then) about a Presence application for the BlackBerry (and other platforms) called Talk-Now. There are a couple of big problems with this, which I pointed out in the thread.
Simply put, I have zero interest in maintaining yet another set of relationships with people.
First of all, the mobile space already has two very viable and already deployed and operational systems for handling presence and messaging. XMPP/Jabber and WV/IMPS.
So far, Jabber/XMPP isn’t heavily integrated into handsets very well. It is very much a separate application in user-land that doesn’t have the tight integration you really need with presence application. The implementations of Wireless Village/IMPS I see today are much better for such things. For example:
On many Sony Ericsson and Nokia handsets you can actually see the availability of a contact in the address book. So as you’re getting ready to call someone, you can see their presence right then and there. And you can opt to send them a message instead of calling them if they’re busy.
I would really like to see better implementations of XMPP on S60 and other handsets, however. I think that even having it integrated into the S60 Messaging application would be far preferable. But on the BlackBerry that disconnect still exists, and having an entirely different architecture and non-open system (which they say will be rolled into XMPP eventually) makes it even less attractive. XMPP is everywhere. And it can be everywhere. And the fact that it is federated makes it even easier to deal with, since you’re able to deploy however you want and allow communications between organizations with ease.
Why iotum trumpets the lack of messaging as a feature is beyond me.
The one thing I will give them credit for is that they say that they can set this availability and presence based on the metadata of the end user. Time of day, calendar, free/busy status, and other bits that are glued together. That is nice, really. But to not use XMPP or WV for sharing this information out is remarkably shortsighted for a product that otherwise wins out on features in spite of requiring an MS Windows architecture to be effective.
The problem is, how are they going to be any better or different from open standards once they mature on the handset? The user experience for these existing standards is already quite good, and I don’t see how they can expect to monetize their offering against the services that are actually pre-installed on handsets and supported by Operators themselves.
PocketMac used to be this really responsive, fantastic company to deal with.
But lately they’ve been really a pain to deal with. The weird marketing emails, etc. And when I followed their instructions to unsubscribe from their spambot, I got a nice delivery failure.
This is an automatically generated Delivery Status Notification
Delivery to the following recipient failed permanently:
unsubscribe@pocketmac.net
Technical details of permanent failure:
TEMP_FAILURE: SMTP Error (state 9): 452 <unsubscribe@pocketmac.net> Mailbox
size limit exceeded
Nice. Way to go, guys. You got so many unsubscribes that your mail server started rejecting them.
iSync via SyncML on S60 handsets is broken.
Badly.
It used to be that iSync would push over a little binary that ran a daemon to negotiate iSync communication between your Mac and your S60 handset, which dutifully listened for iSync connections and did a sync.
Now, this process has been broken from the start, due to completely obliterating speed dials and contact groups on the handset. It also blows away custom ringers on contacts and groups because it completely trashes the database on the handset with each sync.
There are not many options to mitigate these problems, save the speed-dial problem. You can use a different handset (hah!) or some software for Windows PCs to manage the actual contacts and numbers on the SIM itself, and SIM-dial those contacts with ease.
Once you have your most important contacts put to positions on the SIM you can dial them easily from any S60 handset by dialing “(SIM position)#” which will then pull the number up for you, and then you just hit the Talk (green) button. Works well, it is just very difficult to manage the SIM contacts from the S60 handsets out there. I don’t know why Nokia doesn’t do something about that.
I’ve been suffering in near-silence with the way that iSync thrashes the contact database on S60 handsets for years. I would love to use contact groups to manage my interrupts depending on what profile is active on the handset—you can set the handset to allow people in the Family group to call you after 10pm, for example. But you can’t do that when every time you sync your handset to your Mac the Family group gets blown away. Thanks, Apple.
But once Apple started using SyncML natively from iSync direct to the S60 handsets we lost yet another feature that I was taking for granted:
All day appointments.
If you have an All-Day appointment in iCal, iSync now gets them into the handset as appointments from midnight to 11:59. Yes. And it totally sucks. Hard. Your only option is to stop syncing over All-Day appointments, which makes it awfully hard to check your calendar for vacations, holidays, and when you’re not going to be available for an appointment and you’re surfing your calendar at the Doctor’s office or something.
The handsets prior to S60 V3 can be configured to do things the old-fashioned way with the old iSync agent by changing some of the iSync plists, but the iSync application for the handset doesn’t work on V3 devices and will just crash out on my N73 and my E70. So here I am, with handsets I love except that Apple breaks them when Mac OS X touches them.
To recap:
It is absolutely infuriating. You’d think I was asking for a pony, but I’m not. I just want working synchronization to modern handsets.
RIM co-CEO sees no threat from iPhone | MacMinute News:
A story out of Reuters today reports that Research In Motion’s co-CEO said in an interview that Apple’s iPhone doesn’t pose any threat to the company’s consumer-geared BlackBerry Pearl.
This also in: Mercedes isn’t threatened by Porsche’s new Cayman.
Most of the time, these two devices couldn’t be more different. They are geared for completely different markets.
But I think it is very naive to think that the iPhone will not cannibalize the entire market that wants a media-rich device that is easy to use and elegant. The BlackBerry consumer line lacks the cachet of the iPhone, and always will without significant re-investment in a consumer line of devices, which RIM will not do or seems wisely unwilling to do. The Pearl line is supposed to be individual-friendly, and provide solid messaging for the masses. But their software is clumsy, their user interface passé and dull, or completely confusing depending on who you ask, and the complete lack of real media capabilities on the entire BlackBerry line will hamstring them in the consumer market.
To be more clear—I feel strongly that RIM knows full well that they cannot continue to make handsets forever. They know that need to get out of the hardware business, and focus instead of infrastructure and software to move email the way they do.
Every other competitor they have is going this route, and they are going to start winning with more variety in devices. If RIM plays this right, they can continue to dominate the mobile email space without lifting a single handset above their heads.
I really wanted to pick up a new handset while I wait for the Nokia N95 to come out. So I thought I’d give an E-Series handset a spin, to supplement my N73 as a general media device. The N73 is great, but it kind of sucks for email and messaging. I played around with Eric’s E70 and really liked it a lot, so I thought I’d give it a shot.
I shopped around and 3 stores I went to online said they were sold out. Must be some crazy E70 shortage or something.
I went to CellHut and saw that they had them in stock. I was quite pleased with myself for finding such a fine operation that carried the product I wanted and had it available.
I called them up to confirm. I spoke to a woman that said yes, in fact, they have them in stock and would be happy to sell me one. I started giving her my name and other important information but she couldn’t understand my last name. The “DBE” part kept freaking her out. Dee Bee Eee. “Dee Dee Bee”? “No, Dee Bee Eee.” “Bee Dee Bee”?
Ugh.
“Can I just place the order online?” “Of course!” she said, so I hung up and went to the webpage and clicked “buy me” and dutifully used Google Checkout to pay for the next day shipping, the handset, checked my address info, etc etc.
That night I got a notice from UPS. Yay! My handset is on its way. This morning I opened my MacBook and checked the UPS site and it still said Billing Information Received.
Well that’s weird.
I called CellHut up and asked them what gives? I got a tracking number, but no merch attached to it! They dig around a bit and tell me that they actually don’t have any E70s. I pointed out that it said on their site that they were in-stock. The fellow on the phone told me that they had a shipment come in Thursday, and that they thought it would have an E70 in it.
First of all, how you can run a business and not know what you’re getting from where is beyond me. Secondly, don’t tell me it is in-stock and ready to go if it isn’t. Insane.
So the dude said that someone would call me in the afternoon with the status update on my order, and so I wait. Eventually someone does in fact call and brings me the good news. Gratz! We just got some E70s in stock! We can ship your order! I ask to get my shipping bumped up to Saturday Delivery, and the dude on the phone takes my billing information again, and adds another 6 dollars to my order for Saturday delivery and then thanks me for my business and I think to myself, “Well, crisis averted. This will be a great weekend of fun and tinkering,”
Tonight I’m catching up on some email and such (hello, #joiito) and I glance over at my pine session and see something about an order being canceled. Canceled? I thought, surely they mean the first order, cuz they must have redone the sale to handle my shipping.
It doesn’t look like it. Because the reason in the email notice says “backordered.”
Backordered, eh?
I call up CellHut, again, and talk to a guy eventually who says that yes, they’re backordered, and don’t have any. At this point I’m incredulous. I just can’t believe that any company that runs a retail operation can really have no idea what they’re getting and sending out. I tell the guy on the phone flat out, that this is insane, and that I’ve been jerked around for the last two days and I’d like to really know what is going on. He puts me on hold and runs down to the warehouse.
Yup. Backordered. None in stock.
So I told him to cancel the order. Even if they were the last place on Earth that had an E70, I wouldn’t buy it from them. I just can’t stand being lied to over and over again. I don’t have the energy and patience to chase after people that need babysitting to sell me something!
So I went to MyWorldPhone, which can be hit-or-miss apparently, but I’ve never had a problem with them. I ordered the E70, with next day shipping (so I’ll get it, I guess Tuesday or Wednesday because of the holiday weekend) and still paid less than CellHut with Saturday Shipping for a handset they don’t even have. Twice.