Report back from SHDH22

Since moving to Camarillo for college in August, I missed both SHDH20 and SHDH21 due to the increased distance between the Bay Area and where I live. However, since I’m back in San Luis Obispo for winter break, I was able to attend SHDH22. Instead of spending my time socializing and learning, I actually came with an agenda of things to do.

A few months back I registered the domain http://picturesofpeopletakingpictures.net because my friends thought it would be funny. (Alcohol was also involved and it seemed like a good idea at the time). I still don’t know what I want to do with it, but I put wrote up a small script using Rails that queries flickr and displays a random picture tagged “picturesofpeopletakingpictures.” It turned out to actually be a huge pain in the ass because the flickr gem I used had their own API key built in. Once I hacked together a fix for using my own, I got it working pretty quickly. When I uploaded it to my web server, nothing worked. Duh I forgot to freeze the flickr gem! Nope that wasn’t the problem. Apparently you have to use a folder structure like ~/flickr-ver_num/lib/flickr.rb. The library had ~/flickr-ver_num/flickr.rb. After struggling with that for at least 45 minutes, I had it up and running. Anyways, if anyone has suggestions of something better, leave a comment.

I started on a project that could turn into a DevHouse competition. More on this later if it actually happens.

Lastly, I started looking at the Android Java Framework by Google for Cell Phones. I mean why not? Google has some pretty good documentation and tutorials that I was able to follow and I end up writing a Hello World program!

Protecting Your Data with SSH – Background (Part 1)

While using either an open wireless network at a coffee shop, an untrusted network, or virtually any open network, your data is exposed. Data passed around on a network is normally unencrypted which means anyone can read it. Imagine the type of data you send over the network: passwords, private messages, more passwords! Have you ever used FTP to update your site? Everytime you do your password is sent in plain text. What about checking your POP email? Again, your password is sent in plain text!
While at SuperHappyDevHouse we have many people on the same unencrypted wireless network. At SHDH13 someone was passively sniffing the network; This person posted a list of collected email address/passwords on the SHDH wiki. The post was quickly taken down and the people were immediately notified; This was a wake up call for for people using unencrypted networks. How can we prevent this from happening again? The solution to this problem is obvious: encrypt! The question is how can we easily do this?

First let’s get some background on something called public key encryption (PKE). PKE consists of two parts: the public key and the private key. The public key can be used by anyone; The function of this key is to encrypt data that is meant for your eyes only. The private key on the other hand should be protected as it decrypts any messages encrypted by your public key. So let’s say Person A, Alice, wants to send a message to person B, Bob. Alice doesn’t want a third party, Eve, to read the message so she wants it encrypted. For simplicity’s sake, let’s pretend Alice and Bob already have established trust and have each others public key (otherwise we are still open to man-in-middle attacks). Alice will encrypt her message with Bob’s public key and then send it. When Bob receives it he will decrypt it with his private key; his response will be encrypted with Alice’s public key and Alice will decrypt it with her private key. That’s the jist of PKE; we could go more in depth and look at digital signatures, but that would be beyond the scope of this article.

So now that we have some background on PKE, let’s talk about SSH. SSH or Secure SHell is meant to replace insecure protocols such as Telnet, FTP, and RCP (SSH, SFTP, and SCP respectively). SSH uses PKE to encrypt its data that is sent over the network. A problem we can see is that SSH seems to be limited in it’s scope. What about POP3 email or regular HTTP traffic? How do we encrypt that? With SSH we can setup a proxy server that will allow us to to send our data through an encrypted “tunnel.” In the next part of this series, we will look at setting up these tunnels and configuring our applications to use them.

SHDH15 and OpenID

This DevHouse I spent working on an idea that has begun to taken shape in the blogosphere. The idea was to merge OpenID and microformats to manage your online identity. OpenID has a registration extension that stores commonly asked personal information such as full name, email address, date of birth, and time zone. I feel this information could also be used to consolidate your online identity in the form of an hCard on any OpenID-enabled site. Further, if you choose to update any of your personal information, you can change it in one location (your OpenID provider) and it can propagate to all OpenID consumer sites you use (depending on how those OpenID consumer sites are setup).

The problem is that some sites on the internet that implement hCards may contain inconsistent data. This proposed solution will allow sites to retrieve your information from one source. If someone wants to find your personal information, they can go to any site that has your hCard instead of having to find your authoritative hCard (this will be a topic of another blog post I’m sure).

Let’s take the OpenID-enabled site ma.gnolia for example. You can sign-in with OpenID and upon successful login, ma.gnolia can retrieve your personal information from your OpenID identity provider. From there it can turn the resulting information into an hCard microformat. Of course there would have to be some sort of control panel to determine which information gets displayed and which information to hide (such as email).

Now, essentially all I am doing is applying an existing protocol, but I wanted to bring awareness to the idea of using OpenID with the hCard microformat. I also wanted to bring attention to the idea of using OpenID as a way to centralize your personal identity so you have consistent personal information among sites.

The first step I took was to actually learn the entire OpenID protocol. I ended up not learning all of the protocol because I felt the documentation was insufficient. This brings up another project idea: document the OpenID protocol in plain English. It was fun learning as much as I did and learning how to implement it myself in PHP. It also gave a chance to learn/use the cURL library in PHP. Perhaps after I learn the protocol, I’ll use a library to make further development easier.

I spent the rest of my time socializing and meeting new people and talking to people met at previous DevHouses. Highlights include talking to Konstantin Koll about his OS that implements a WinFS-like file system, Jesse Andrews of Flock about the next big release of flock (which I eagerly await!), and Chris Moak about his new sleeping schedule and duct tape accessories.

The night was ended by going out to Dennys where we discussed what made this DevHouse a success and what can be done to improve it for next time.

Pictures can be found at: http://www.flickr.com/photos/tags/shdh15

Just a General Update – SHDH14 (Part 1)

So I’m pretty sure I’m done with my transition from godaddy to Bluehost. I just need to wait for the DNS changes for nickpeters.net to propagate across the internets. Anyways, GoDaddy was slow, didn’t allow SSH access, and just not cutting it for me in terms of features, thus the switch.
So here’s a recap of the past few days.
On Saturday I attended SuperHappyDevHouse14 at David Weekly’s (CEO of PBWiki) house in Hillsborough, CA. It was about a 3 hour drive, and felt even longer by myself! I arrived at around 2:00 to the filming of a segment of a documentary on the history of the internet for the discovery channel. It involved David Walking out of his house, inserting a tape into a walkman and putting on his headphones. I later learned this footage was for a segment on MP3s.
My time at DevHouse was spent on a greasemonkey script called I named “Social xFolk.” This script adds two buttons below bookmarks with the xFolk microformat. The buttons allow you to bookmark the URL in either ma.gnola or del.icio.us with ease. I was excited that I made my first greasemonkey script and that I also was able to contribute to the microformat community.
My time was also spent conversing with some of the attendees. Highlights include Jeff Lindsay, David Weekly, Tantek Çelik, and Tom Harrison.
I talked to Jeff Lindsay about systems theory and its application to programming and business management. I even plan on picking up a book he recommended called “Ackoff’s Best” that talks about the subject matter and it’s application to business management. I spent most of the time listening, but it was a damn good conversation.
I casually talked to David Weekly while he was BBQing some hot dogs, but he had some thought provoking things to say nonetheless. Two of the things I found most interesting is his take on SVG and measuring how much of the internet visits your site. First off, SVG is an XML vector-based graphical format. Because it’s XML and vector based, they are lightweight and scale very easily. However, who cares if the majority (IE users) of your potential visitors don’t support it. Even with the release of version 7, Internet Explorer DOES NOT support SVG. Firefox on the other hand does have native support. When designing websites, you need to think about your entire visitor-base and take into considerations of what works on what browsers and what does not. This discussion led to his idea of measuring how much of the internet is visiting your site. If you look at statistics and see most of your visitors are using firefox, what does that say? Most of the internet is using Firefox? No…according to W3Schools, around only 20-30% of the internet is using firefox, thus less than 20-30% of the users on the internet is visiting your site. Once your visitor-browser ratio closely reflects actual browser usage is when you know you are getting a larger portion of the internet visiting your site.
I talked to Tantek about…you guessed it…Microformats! I brought up some issues I had with hCard that could extend to Microformats in general (which I might leave for another post) and the project I was working on. He inspired me to contribute to the microformat wiki and check out the IRC channel, which I plan on doing in the near future. Also, while talking to him I learned about this really cool Firefox plugin called “Operator.” I actually plan on writing a very positive review of the plugin (maybe with the hReview microformat!), so look for it soon!
Tom Harrison, among David Weekly and Jeff Lindsay, is one of the planners of DevHouse and also held the first DevHouse I attended at his parents house in Los Gatos. One of the things he did for this DevHouse was he made a linux-based gateway that prompted you for your name email address, and zip code when you first went online. On his end he could see a list of attendees and their corresponding Mac Addresses. This information was used in the past to see the distribution of machine types at DevHouse. In addition, this time he plans on making some sort of graphical representation of where everyone comes from (using the provided zip code). In the near future Tom plans on making n Linux ISO that can be used to aid in setting up your very own DevHouse. The ISO will be a Linux distro that has the above stated features as well as Squid (for caching) and some more features that I’m currently not aware of. Besides the ISO, Tom plans on providing information on marketing your very own DevHouse, how to setup and tips he has learned from his own personal experiences. This project has been dubbed DevHouse.org. I’m personally excited about this because Joel has talked about wanting to setup a DevHouse in San Luis Obispo. Now that I won’t be leaving the area anytime soon, I’ll be here to help facilitate this idea if it ever does indeed get kicked off.
As always, DevHouse was an educational experience and well worth my time. I plan on attending many more DevHouses in the future and working on more projects.

Social xFolk

Social xFolk is my first Greasemonkey script that looks for xFolk microformatted bookmarks and adds two buttons for easy bookmarking for del.icio.us and ma.gnolia. It was developed at SuperHappyDevHouse14 and inspired by the greasemonkey script Google hCalendar.
Anyways, get the script here. Be sure to leave any feedback and let me know what you think.

Test it here:
If it works you should see two buttons below the bookmark.

nickpeters.net: Mah blawg!

Dev House 13

This past weekend I experienced my first Super Happy Dev-House convention/get together. I must say that never before have I met so many people that put me to shame. With this said however, I have learned more about online technologies from this than I have from any online tutorial or book. One of the biggest eye-openers for me was that I felt I was investing too much of my time learning PHP when instead I should be concentrating on learning Javascript-based technologies (most notably AJAX) and maybe Ruby/Ruby on Rails. Being around so many developers at once opened my eyes as to what is possible and how to get there.

With everyone working on their projects, it gave me the opportunity to begin filling in the gaps of my knowledge. I began researching new (to me at least) concepts, ideas, etc. Some examples are microformats, JQuery, and JSON. On top of that, I began going through AJAX tutorials, something I should’ve started a long time ago.

One of the unique things about being around this many people with similar interests are the conversations had throughout the night. Most of my conversations focused on web technologies: something I never have the opportunity to talk about at home. Topics included Ruby on Rails, the manageability of PHP in large projects, peoples’ current projects (including personal and business related). Most of all, I was able to network with people in the industry. There were a variety of people including CTOs, bloggers, and even someone from google. Hollywood has celebrities, but the bay area has eCelebrities.

This event has inspired me to form this sort of community back at home, but will it really be worth it? If I plan on moving in January (oh please make it happen), my efforts will be wasted in San Luis Obispo. I feel I should instead wait till I move to Camarillo for this sort of thing.

Anyways, can’t wait for Dev House 14!