Photos: Food, Bikes, Sunsets and Stars

0 minutes, 16 seconds

The other night we made fried okra. Tasty! This past Sunday I went for another sunseterific MTB ride in Tilden and Wildcat parks. Since taking some initial photos, I’ve since figured how to take long 60 second photos. We got stars on film; this is a first for me since back in my analog film days. Enjoy!

On theft, privacy and data loss

4 minutes, 58 seconds

I’ve recently taken a serious look at the reality of theft of computers as well as ensuring privacy and reducing data loss should such a theft occur. Take a moment and and take inventory of where you store you data and how accessible and backed up it is. What would happen if:

    • You dropped your cell phone in the toilet? (data loss)
    • Your cell phone got stolen? (data loss & theft)
    • What about that ‘it will never be stolen’ desktop computer at home? What if some one stole that? Do you have a password on login, do you have your email password saved and your browser remember all your passwords? Do you file your taxes online and store copies? Do have resume with references, previous address and social security number? (Data loss, theft, and loss of privacy)

With the sheer number of accounts we create at every new site we register with, we’ve become lazy and no longer want to remember passwords. Most folks either check ‘remember password’ in their browser of choice, use the same password for every site, write down the password or all three. Further, most folks don’t password protect their smart phones. Compliment with all personal data stored on a laptop or a desktop, this creates a recipe for catastrophic data loss, serious violation of privacy potentially leading to identity theft.

In this post, I’m going to outline a number of suggestions to help fight data loss and identity theft while protecting your privacy. I’ll give each suggestion a PITA rating of how hard and how long it will take to implement. A PITA of 1 is easy a PITA of 10 is, well a real PITA!

Master Passwords

PITA: 1
If there’s one thing you actually do, do this one. I use both Thunderbird and Firefox. As I said, most folks are lazy and want all their passwords stored and remembered for them as needed. This is all fine and dandy until your laptop walks an the thief can use all your accounts with out ever touching the keyboard. Both Firefox and Thunderbird offer the ability to set a master password. Every time you open your browser or mail client and a password is needed, you will be prompted for a your master password once. Then all other passwords will be filled in for as normal. Note: close your browser and mail client often ; )

OS Level Passwords

PITA: 1
A no brainer. Both Windows and OS X (video) have it.

Set a phone password

PITA: 9, then less
When I first set a password on my phone it was a real pain in the ass. I had to enter it every time I wanted to make a call or check my email. I have a Palm OS phone (not a Web OS phone), so it’s not that sophisticated. I know that Android based phones have a quick pattern you can trace which is quite easy. The iphone has a number pad you can use. Any which way, over time, this becomes second nature, so the PITA rating will fade from 9 to a lower number.

Remote Backup

PITA: 7
I’ll explain my backup technique in a sec, but take this one seriously. If your house were to burn down while you were out of town, how much data would you loose? I hate to be all doom and gloom here, but most folks don’t shoot analog any more, so all photos are digital. Maybe you upload to flickr or the like, but there’s nothing like have all your photos organized just so. I strongly suggest you look at commercial providers for this.

Our household has both local and off site backup. We start by backing up all devices (two laptops and a desktop) to our local qnap server via robocopy (think rsync for windows). The qnap is just linux, so it runs all sorts of great things like rsync and secure copy (scp). A friend has a qnap as well. We first connected an external drive to our own qnaps and made a backup of all our backups. We then swapped external drives and connected them to our respective qnaps. We now have a remote backup that we can rsync our data to over ssh and the initial gigs of data are already there.

Remote, Secure Backup

PITA: 10
I have a subset of my data that is hundreds of PDFs. I generate them via my trusty and some what spendy sheet feed scanner. This guy creates searchable PDFs that have the OCR text embedded in them. Genius. In comes a bill, tax return or sensitive document, out comes a PDF and some shredded paper to recycle. Cross cut, of course.

This data set is a treasure trove. Should my desktop with hundreds of megs of PDFs walk out my front door one sunny afternoon in a thief’s hands I’d be up you know what creek with out a paddle. Data loss aside, it would be little effort to apply for a credit card after a little address change. Bad times indeed.

Enter Drop Box. This is an excellent free service (for the first 2 gigs) that allows you to do what I would call very rich man’s rsync. Store all your PDFs in this folder, and now they’re not only backed up, but remotely accessible!

Wait – what about the stolen desktop? The default behavior of Drop Box is to remember your password. Should someone take your computer and gain access to it, the PDFs on Drop Box are good as local on the drive.

Now enter the second layer: TrueCrypt. TrueCrypt is the no-joke way to store data securely. They support both an encrypted boot drive as well as the spook spy stuff: plausible deniability. Ignoring the more advanced features, TrueCrypt’s quick start guide will walk you through creating an encrypted volume that’s encapsulated in a single file. This file can be any size, thus the drive can be any size. You could then store you hundreds of PDFs in a TrueCrypt volume in a file on Drop Box. True secure offsite backup.

I’ve even gone so far as to create a small TrueCrypt volume that has all my passwords. It’s the keys to the kingdom, but I’m going to be vigilant about protecting this file and only the one closest to my heart knows how to get in there.

Caveat emptor

I’m not a security expert, take my advice with a big grain of salt. There are ways of hacking the master password for firefox and thunderbird. OS Level passwords are trivial to bypass for a skilled IT professional or evil intentioned googlist. Even TrueCrypt can be accessed via social engineering or a sloppy operator who writes down their password.

Good luck and happy securing!

reCAPTCHA now Google reCAPTCHA, will help Google Books

0 minutes, 23 seconds

Having read the recent post about using reCAPTCHA, our friends over at twtitw sent over this breaking news: Google acquires reCAPTCHA. Google is going to put reCAPTCHA word deciphering foo towards helping digitize books going into Google’s Books project (aka GB) .

Doing some digging around, I turned up an existing side discussion about GB that I thought was interesting. Have a read if you’re the type who likes reading books and is interested in their metadata. Be sure to drop down to a comment from a GB employee.

Two loves: CSS & Recaptcha

0 minutes, 56 seconds

I just spent some time trying to outrun my cobbler’s child-dom by using mod_rewrite to make the old URLs for contact, about and projects pages to drop the oh so late 90’s “.phtml” suffix. They turned out pretty great I think! mod_rewrite is worthy of a whole separate post, I’d say.

http://plip.com/contact

Along they way, I remembered that my contact page, simple as it is, was actually a target for spammers a couple times a week. Do they think I just fell off the radish truck? Silly geese. The solution of course is to use a captcha. There’s a number of them out there, but a while ago I stopped rolling my own and started using Recaptcha. Aside from being super easy to install and deploy, you’re helping their worthy cause. Sweet.

Now that you have your captcha stopping those geese from spamming you, you need to make it look like your site. Hours of hacking? Nope! Minutes of CSS stylings. Recaptcha is highly structured DOM with easy to reach classes for CSS. In just a few minutes I turned the the vanilla captcha into the the, well, even more vanilla plip captcha. OK, yes, I’m a geek who loves CSS. That’s me.

Stir Fry Dinner

0 minutes, 8 seconds

Here’s some photos I took of tonight’s meal. I love it when the sweets cooks for me, but I also enjoy honing my ad hoc stir fry skills.

Tasty comfort food

0 minutes, 21 seconds

I’m a lucky man. Not only do I get to learn about a new comfort foods from my partner, she’s a phenomenal cook too. Last night we had fishcakes, mac and cheese and green beans. Admittedly the mac and cheese was from a box, but it at least it was organic. We got a new camera, so I’ve been a bit trigger happy with it. Enjoy some macros of the three dishes all plated up!

iTunes iMovie on Lenovo’s new Media Center PC

0 minutes, 22 seconds

Flipping through a recent blog post, I clicked through to Lenovo’s new media center PC, the Q700. Ho hum, another small form factor desktop. Wait…those icons on the features page look familure. Hey! Those are the iTunes (slight color tweak) and iMovie icons (verbatim)!

Here’s the two icons followed by a screenshot with blow up of the icons on the page:
imovie_iconitunes_icon

q700webpage

I’m not getting into any sort of “Apple is better than Windows” or “Linus Rulez”. However, this is just sloppy!

Don’t just commit, commit intelligently

1 minute, 33 seconds

If you’re a developer, you probably use a revision control software. For both work and personal projects, I use SVN, which is great. At work we use SVN as a way of releasing new features and bug fixes to our web site. We can push a specific a revision as well as roll back to a previous revision, thus leveraging revision control to be our release software for a 4 server load balanced site. SVN + rsync + shell scripting = : )

Recently at work we were doing a bunch of little changes all over the site, including having the designers do a bunch of css and DOM tweak as well. The time came to commit all of the changes. Instead of doing the commit at the root of the repository and stuff all the changed files in at once, I enforced a multiple granular commits of the functionally changed files. Each commit had a relevant comment.

Enter a week later. We hadn’t done sufficient regression testing and a visual element was broken in ie6. Which of the thousands of new lines we committed and pushed was the culprit? Had we done one massive commit we would have been screwed. However, we were able to cull over the commites via our trac instance (awesome!) and review the comments. In this case we couldn’t actually find the exact commit that caused ie6 to break, but we were able to step through our dev instance of the site, slowly adding each revision to it until it broke in ie6.

The moral of the story is that, much like backup, revision software is only as good as it’s end user. Think of every commit as chunk of functional related code. Think of every comment for these commits needing to solve the problem for another developer who has no idea what the code was and they’re up at 2am trying to figure WTF is up with the site. For every commit, where possible, you should also site a bug number so that should the bug crop up again, it’s easy to cross reference the “fix” with the code.

Happy revising!