Today’s Thoughts and Links

Today’s post covers the following:

  • Security
  • iPads
  • Finances



A lot of my time awake lately has been dealing with Information Security. Some ponderings:

Privacy 2.0. You’re only as secure as your friends allow you to be. [link]

Interesting and very scary thought. Especially with what I’m seeing with Google’s Social Search. This is fairly disturbing to me. Friends: Please let me know if you see anything from my account on this and I’ll work on getting it removed.

The more interesting part of this is the derivation attacks that can occur with something like Google Social Search or Facebook.  In the 2008 election, Sarah Palin’s email account was hacked. From a Wired article:

As detailed in the postings, the Palin hack didn’t require any real skill. Instead, the hacker simply reset Palin’s password using her birthdate, ZIP code and information about where she met her spouse — the security question on her Yahoo account, which was answered (Wasilla High) by a simple Google search.

With regards to secret question/secret answer and sharing of gobs of data, according to how “friendly” I am with someone on Facebook, this is worrisome.

  • What was the first school you attended?
  • What’s the name of your first manager?
  • What’s your first born nephew’s name?

With a little bit of elbow grease, some reasonable attempts could be made on almost every one of these answers. The problem is that Social APIs enable programmatic gathering of this data and focused attempts. Solution: Put in complete BS for secret questions & social networking; hope that you remember the BS and still have friends.

Long time readers should know that I was a fan of the tablet form factor six years ago. Pics here. It’s nice in niche environments but doesn’t really fit into everyday use.  The major change is that they’re using a touchscreen UI. All of the other “innovations” are just normal evolutions of software / hardware that happen over time (e.g., screen resolution, usability, better software).
See, in order for a device to be worth something it has to add more value than cost. Not just a status symbol or a cult mentality, but actually make life better without breaking the bank. Just like the already existent Windows based tablet PCs, the iPad is not going to be a value added experience for most people.
Things that a iPad/Kindle/eReader will have to do to REALLY add value:

For about a year, the iPad should bring some good competition to the tablet industry for user experience and price. That’s A Good Thing™.  After the first year, the industry’s competitive reaction will depend if they’re making money.

I wanted to get tax out of the way. What are the readers using for taxes? I’ve been a Turbo Tax customer for many many years, I was wondering if there were any better choices out there.

Sync Google Calendar and Facebook Events

Step 1: Go to Events on Facebook.

Step 2: Click to ‘Export Events’ at the top and Copy the URL.

Step 3: Log in to Google Calendar, Select Add, and Add by URL.

Step 4: Paste the URL into the Public Calendar Address Box and Press Add.


Google Video Uploader Needs Proxy Auth Support


I want to use Google Video pretty extensively at work. I went back and forth with their support, and still nothing. So, why not whine about it on my blog?

Google Video Uploader does not offer me a way to upload my videos because I work in Government. We want to add City Commission Meetings to the web, but… since I cannot connect (our connection requires Proxy Authentication) no dice.

How hard is it to add Proxy Auth to a friggin program? Really… I have a SOCKS 5 proxy that requires username and password auth on a specific port. Maybe I should post a list of programs out there that are made on shoestring budgets that offer Proxy authentication.

Here’s a screenshot of the implementation in Google Talk, in case you’re interested:




Longest GMail Thread

What’s the longest GMail thread you’ve ever seen?

Mine’s currently at 58.

Backing up your Gmail

TechCrunch reported a Gmail Disaster—and while it only happened for a nominal number of people the reaches of the problem could be catastrophic.

I put myself in the shoes of one of the users that lost their email and I made a choice to never be there.

You will need one copy of Thunderbird to export your email and an application called GML Loader to import it back into Gmail. They’re both cross platform and free.

From Gmail, you’ll need to click “Settings” in the top right, then the “Forwarding and POP” tab. [click thumbnail to enlarge]


Google has instructions for setting up Thunderbird.

I have a local copy of Thunderbird running on my home box checking the email at least daily. Thunderbird automatically creates a .mbx file of the email which GML Loader read and send to your Gmail account.

The GML Loader page has instructions on sending messages back to Gmail

Regardless, the mbx file(s) are the most valuable. I’ve burned mine to DVD and I’m planning on encrypting them (with Defygo =) ) and placing them on this server, too.

Good week for Web Apps

It’s been a pretty good week for web apps being released.

Gallery 2 is an outstanding overhaul to the Gallery script. It’s showing PHP is ready for some complex OOP.

Google Blog Search and Meebo are too early in release phase (Google’s is in Beta, Meebo is in public alpha) but they both show so much promise.

It’s a great time to be a web developer.

GMail for the Win


While signing up for a new Gmail account, I wanted to register my first/last name for an account. GMail yet again utilizes XMLHttpRequest to make the ‘check for availability’ button NOT require a reload of the page. Brilliant!

And as noted on [37svn], GMail keeps its users moving without requiring a page reload for replying to e-mails. This is done so many ways – mostly with some DHTML and XMLHttpRequest.

Oh, the little things.