Jul 30

From Dean Kamen (the guy who invented the Segway scooter) comes the Slingshot, a water purifying machine that turns anything wet (sewage, water from a polluted well, sea water) into drinking water. Countless people die each year from lack of access to potable water. Check out Kamen’s interview on the Colbert Report.

From Adam Grosser of Foundation Capital, the “Intermittent Absorption Refrigerator.” The idea is that millions of people die from disease and malnourishment because they can’t keep food preserved. Using the heat exchange from something that is commonly available (a cooking fire) Adam’s sustainable, portable 8-lb device can chill a normal refrigerator-sized container to just above freezing for 24 hrs at a time. Watch his brief TED talk.

Hands-down these are the two inventions that have the most potential to change the quality of life for the most number of people on the planet right now. Unfortunately inventing the prototypes is only half the battle- they now have to commercialize them successfully. Good luck fellas, these devices have amazing potential if you do.

Jul 29

If you’re a Scrabble fan and you’re on Facebook, odds are you have the Scrabulous app installed. It’s really the only reason to even log onto Facebook anymore. Game play is slick – it blows away the EA version they just launched (actually I tried to play a friend using their beta and it paired me with a complete stranger). Anyways, if you’ve followed the hoopla around this game then you know Hasbro has recently issued a DMCA takedown notice and Facebook just tonight complied taking the app offline. Sucks.

Now the good news: it’s still possible to play if you don’t mind going through a few extra steps. Basically they’re using IP address geocoding to determine your location – not the location you specify in your profile. All you need to do is proxy through an IP outside the US or Canada and you’ll get the Scrabulous application back. You will have to link to it directly using this link as they disable it in your application menu. There’s lists of anonymous proxies available via Google but they’re generally crap. The easiest way to find a remote proxy is using Tor. Follow the instructions on their site to get running with it. Keep the Scrabulous dream alive!

Jul 19

Linux.com did a great write-up on JumpBox yesterday.

They pretty much explained it better than we do. Big thanks to Mayank Sharma for authoring a great review.

LinuxComArticle.png

As a sidenote, I’ll be in Portland this week Wed/Thurs for OSCON. Drop me a line if you’re there and you want to meetup. I’ll be on Twitter with thoughts on the interesting companies on the exhibit floor.

Tagged with:
Jul 16

So I had my carpets cleaned today. A lot of these services won’t give you and exact time but instead give you a window of time and a phone call when they’re on their way. Anyways I was late meeting them and for 20min there was an unmarked white van idling infront of my house (why it was unmarked instead of advertising the carpet cleaning services, I have no idea). The short of it is that my neighbor was looking out for me and placed a call to the police about a suspicious van idling in front of my house for a long time seemingly “casing the place.” By the time the police arrived I had already met them, walked the carpet cleaners around, paid them and left telling them to exit on their own via the garage. Now here’s where it gets interesting. The dialogue that occurred moments later went something like:


CARPET GUY (calling me from his phone): "Hi Sean, can you talk to a police officer and let him know we're supposed to be at your house?"

OFFICER: "Hi I'm officer so-and-so, can you verify your address?"

ME: "Yes, it's xxxxx. How can I help you?"

OFFICER: Are these two men here supposed to be in your house? We had a call from your neighbor of a suspicious van idling for 20 min in front."

ME: "Oh yes, I was late blah blah, they're authorized to be there. Thanks for the call."

Now what’s interesting about this and what someone like Bruce Schneier would instantly point out is the faultiness of the authentication process used in this situation- at no point was there a reliable way to establish me as the true occupant. Think about it: if you were a wouldbe burglar trying to in this situation, all you’d need is to have a confederate on speed-dial that had been given the address you intended to rob ahead of time. The only true way to authenticate in this scenario is to either:

  1. reach me via a verified means that is already associated with the house (ie. officer looks up the phone number on record with the house and calls it) or
  2. have me come back and produce a key that unlocks the house or repeat the code over the phone that unlocks the garage (ie. something private that only the real occupant has access to) and then dismiss the alarm.

Having a random voice on the phone (from a call that the alleged perpetrator initiated) repeat back their present address doesn’t prove anything and yet doing just that gave me the ability to dismiss the officer.

And at the end of the day, I’m happy that my neighbor went out of his way to make the call. I’m happy the cop went out of his way to stop by and check with me over the phone. But I would point out that this is a highly flawed authentication scheme that can be exploited. Anyone authenticating something over the phone like this needs to think about the chain of certainty here. A very similar situation to this occurred to me recently where my bank called and asked me to verify account credentials to them over the phone- before doing anything I asked how I could know they were in fact my bank and not someone trying to get my account credentials? The lady thought I was crazy and couldn’t understand my concern. I made her give me a bank telephone number which I could verify on the contact page of their site and call back. And while, yeah it took a little longer, it’s the only sure way to authenticate in that situation. With identity theft as rampant as it is, people need to begin thinking this way.

Jul 08

Place your bets: has Apple implemented the location-aware feature in iPhone OS 2.0 in such a way that the apps will work on the older iPhones? Perhaps this answer is already available but I just dug around and couldn’t find it. Ideally there’s a concept within the iPhone of location that’s independent of how the location is obtained so that whether your position is determined via GPS or cell tower triangulation, the apps don’t care. Anyone know the answer or care to bet on how this is implemented?

preload preload preload