On being secure

With all the recent news about the US government collecting and analyzing everything we do online and in our daily lives, we’ve all been looking for ways to increase our privacy.

Today, an article was posted on Hacker News about Google Analytics not being served over https. After reading this, I remembered that I use it and questioned whether or not I should keep it on this blog. Google Analytics has been installed on this blog for years, but today I found it hard to answer exactly why. It provides no real value to me other than satisfying my curiosity.

In the end, I decided to remove it. Not only because it is not served over https, but because the only real parties it benefits are Google and the NSA. My site is not large or popular, but it’s just one less site on the network being tracked through that channel.

I believe, in life, we should lead by example. I believe the web should be secure by default. I believe web servers should only function when using encryption (Supporting http was a design flaw, https should have been the only option. Even a self-signed certificate is safer than plaintext http.)

To that end, I’ve come up with a short list of simple things us website owners can do in order to hinder attacks or snooping by third parties. I’ll compare my own site against this post and update as I move toward compliance (red means failure):

  1. Serve content only when encrypted by perfect forward secrecy.
  2. Serve content entirely from web hosts and CDNs under your control.
  3. Encourage others to do the same.

It’s amazing how quickly my view on this has changed. If you would have asked me a year ago whether or not it was important to self-host images and scripts used on your site (or whether you should even be hosting your blog yourself versus using a third-party service like Tumblr), I would have answered an emphatic no and provided many reasons why letting a bigger, better player handle that is much better.  As a site operator, I want my site to be as fast as possible. As a web user, I want to be as secure as possible. Which is more important?

With the way things are now, it’s worth being a second or two slower to serve knowing that your stuff is your own.

An open response to Anthony re: The Problem with Parking

This is an email response I sent to Anthony Reinhart, who wrote a fantastic article on parking lots in the Innovation District in Kitchener.

I’d love to get your feedback on my ideas and hear what you have to say on the subject.

Hi Anthony,

Thanks so much for writing your “Problem with Parking” article on View From The Loo. I’ve seen you around the hub; I work with Ivan on Will Pwn 4 Food.

It’s an issue that’s dear to my heart, especially since I spent 5 years in walkable, lovely downtown Guelph. After getting the gig with Ivan, I knew that I’d have to move here, so I found a spot to rent across the street from Communitech on Victoria (I’m right across from Oak St., near the green Vidyard home).

I use my car to go a few blocks, just as you said, and I hate it. I would never have done such a thing in Guelph. After living here for 10 months, there are certain things that make being a pedestrian almost impossible.

We need a pedestrian-first mindset in this city. Here’s what I think needs to change to support that:

  • 40km/h speed limit in the Innovation District, rather than the 50km/h default, strictly enforced
  • All intersections default to crosswalks on. Currently, if you don’t press the crosswalk button on the corner of Victoria and Joseph (Communitech’s location), you are not allowed to walk across the street even when the light turns green (and lasts < 10 seconds I might add)
  • Pedestrian crossing light on Joseph for people who park in the stone parking lots behind Communitech. Currently, everyone j-walks and it’s very dangerous, especially in bad weather
  • A “scramble” crosswalk at the corner of Charles and Francis, giving us tech workers quick and easy access to food downtown without fear of being run over (I see many people crossing diagonally already)

To help support the discussion on this topic and keep the ball rolling, I’m going to CC this email to my blog. Is there a forum I can link to, as well, in case people have responses?

Best,

Don’t always listen to advice

When showing someone your start-up/product/service, it’s easy to let them guide your thinking unconsciously. It feels like there’s an inverse proportion of weight given to feedback to sample size, especially if it’s the first time taking the cover off.

Here’s a really great example of why one should always take every bit of advice as advice and not gospel:

advice

 

 

 

How to disable mailto links in your browser

Outside of accidentally opening Internet Explorer the biggest annoyance on the web is mailto links. These are usually masqueraded as a ‘Contact Us’ link which you’d expect to forward to a web form. What ends up happening is either your operating system attempts to open a mail program (who still uses those, seriously?) or it forwards you to Gmail (less annoying but still annoying as hell).

Here’s how to disable mailto links in Firefox and Chrome.

My Car Makes a Nice Office But…

While I wait patiently for Canada to adopt a comprehensive high-speed rail line and commuter service, the next best thing is a car for working on the go. Though I’m the primary driver these days, there have been times when I’ve been the passenger. I write this now from a very comfortable position next to Exhibition Park in Guelph. I’m doing work on the laptop in the passenger seat (using a 3G USB adapter from Wind mobile).

Rail is my favourite mode of transport because:

  1. You face people. Seats are positioned in a way that fosters communication, unlike cars, in which everyone faces the same direction and it’s hard (and sometimes impossible) for people sitting less than a metre away in the back seat to hear conversation in the front seat.
  2. Free Wifi.
  3. Work while you travel. When you’re driving, you can’t do anything but drive. It’s dead time; a complete waste of human existence. If you travel by rail, you can accomplish work, read, think, relax, read.
  4. It’s fast. Even current rail service in Canada, specifically between Guelph and Toronto, isn’t that bad in terms of speed. My GPS reported that we reached 140km/h at one point. With some proper funding and planning, that could be the average speed, not the top speed.
  5. It’s safe. Rail is a very safe method of travel, especially compared to the car.
  6. You can pee. Every car has a washroom built right in. You don’t have to stop transport to pee.

Still, for times when I need a third place and cafes are closed, I use my car. It’s a 2001 Chrysler 300m. Here are a few things that could have been done better.

  1. Built-in inverter. My car has two access points to DC electricity: One in the front and one in the centre console. It uses the traditional cigarette lighter type adapter, to which I plug in an inverter which gives me AC electricity for my laptop.  (An even better solution would be to buy laptops that include a DC plug as well as an AC plug so I could just plug straight into DC since that’s what laptops use natively).
  2. Auxiliary input for the car stereo. I won a free car stereo and had the installers provide access to an AUX IN jack so I could plug my laptop audio in but it would be awesome if this came included out of the box. I have all of my mp3s, oggs, and music modules on my laptop.
  3. DC Access point for the back seat. Currently there is no way to access DC power in the back seat except through the centre console, which, when left open, is uncomfortable for the driver.
  4. Better fuel economy. While I’d love to have a fully electric car (such as the Ford Focus Electric), I realize that in 2001 the technology wasn’t close to being ready. My car gets an average of 11L/100KM in town and 7L/100KM highway. It would have been nice to have the ability to switch the engine between performance mode and economy mode whilst in the city.

Spending Less Time At Facebook These Days

Facebook has recently changed the way it handles my news feed. Because of this, it’s likely that I’ll be reading it less and keeping it around just to post things and check up on to make sure I haven’t missed a message.

Here’s why: I don’t equate friendship with following.

When I’m your friend, I want to keep in touch, maybe hang out, and share something with you directly. I don’t want to see your thought stream.

Don’t take it personally because it isn’t personal. When I read stuff online, it’s usually news. I want to learn something new about the fields in which I am excited, not in which you are excited. If it’s not news, it’s an editorial on said fields. If it’s not an editorial, it’s a tweet from someone who might be generating the previous two examples.

I had spent the last 6-12 months whittling down my Facebook news feed to weed out most people’s/most page’s posts from showing up.  The little down arrow icon with the “Hide all from xyz” was my best friend.

Then, a week or so ago, all those settings got wiped in favour of a new “acquaintences” system where you specifically select which group you want to read from.

Here’s why it doesn’t work: I have no clue what people are going to say before they say it, so I have no idea who I would like to follow. But, once they’ve said it, I sure as hell know who I would like to unsubscribe from.

This doesn’t mean I don’t want to be their friend, it just means I don’t want to mix their stuff in with mine is all.

Awesome Vegetarian Restaurants in Downtown Toronto

Staying at the Hotel Victoria in downtown Toronto for the last week with my girlfriend Amy has opened us to a ton of new, fantastic vegetarian and vegan restaurants. Google has helped us find them all, but I wanted to take a second to put together a small list in case you’re downtown Toronto for a while and are looking for great places to eat.

I’ll separate them by category.

Pizza

Pizzaiolo
http://www.pizzaiolo.ca/
There are probably 15 to 20 of these around Toronto, but the one we went to was just a few doors down from our hotel on Yonge St. It was amazing. In fact, it was so amazing, we ordered pizzas there two days in a row. They have a ton of vegetarian and vegan choices and each are made fresh right in front of you. It’s amazing.

Take-Away and Fast Food

Urban Herbivore
http://www.torontoeatoncentre.com/EN/Directory/Stores/Pages/UrbanHerbivore_F018.aspx
Like most food places in Toronto, there are a few locations. The one we went to was in the Eaton Centre, and it was fantastic. I ate the BBQ Tofu sandwich and loved it even though I’m not normally a huge fan of tofu. It was quick and cheap. Like all great vegetarian food, if you didn’t know it was vegetarian you wouldn’t be able to tell.

Sit Down

Fresh Toronto Vegetarian FoodFresh
http://www.freshrestaurants.ca/our_history.asp
Fresh was, without a doubt, our favourite. It’s got great style, it’s busy, it’s fast, and the food tastes fantastic. Amy loved it so much she bought one of the recipe books they offer on sale.

King’s Cafe (Kensington Market)
http://www.kingscafe.com/
This is the sister restaurant to our favourite vegetarian restaurant in Guelph, Zen Garden. Great food and amazing Lychee Black tea.

Dropbox For Teams?

Anyone who knows me knows that I’m a huge fan of Dropbox and have been using it for years. I learned about a new service that they’re offering called Dropbox Teams. One would assume that this version of the software would offer tighter integration with teams or some other features to justify the $795 cost which includes 5 seats.

Looking over the FAQ offered a lot of technical questions and answers but not what I was looking for: Why would anyone choose this option over the free or $10/month 50GB option?

Is there anyone out there using Dropbox Teams that can shed some light on why they went that route versus the regular service?

Edit: I see now. It’s basically a huge jump in the amount of storage capacity with some support thrown in that one will likely never use.

Wireless in Welland, Ontario, Canada

Over the holidays this year I’m in Niagara staying at my parents’ place. Used to working at the Red Brick Cafe in Guelph, I was worried heading back to an area without a focus on tech would mean staying in the basement to do work. I searched for a few hours online and talked to some folks to figure out where the wireless hotspots in Welland are.

I couldn’t find much.

So, I figured I would list wireless hotspots I had found in the area to let those who come after me to know where they can get some work done in a comfortable environment.

The List So Far

Cafe on Main

Where: 91 East Main Street.

Hours: Mon-Fri – 8am to 5pm, Sat – 9am to 3pm, Sun – Closed.

The best cafe experience in Welland, bar none. Take the #9 or #10 bus to the downtown terminal and walk a block toward the historic bridge. Located directly across from the courthouse, it offers a quiet and comfortable atmosphere and includes a fireplace. If you’re in the area and are looking for a place to get a good latte, this is it!

Seaway Mall Food Court

Where: 800 Niagara St., Welland, Ontario, Canada (view map)

Hours: Mon-Fri – 10am to 9pm, Sat – 9:30am to 5:30pm, Sun – 12pm to 5pm

Seaway Mall’s food court has several wireless hotspots and some work better than others. I had great experience with SSID SeawayMallA but almost none with SSID SeawayMallE.

Cafe Mochaccino in Seaway Mall

Where: 800 Niagara St., Welland, Ontario, Canada (view map)

Hours: Mon-Fri – 10am to 9pm, Sat – 9:30am to 5:30pm, Sun – 12pm to 5pm

Great (and inexpensive!) cappuccino but no in-house wireless. Using Seaway Mall’s wireless required me to sit at one of their tables just outside of the cafe.

That’s it, for now. Expect this post to grow as time goes on and more wireless hotspots are discovered. And, by all means, if you find your own wireless hotspots in Welland please list them in the comments!

Windows Azure is Windows 8

I sat in my office last night trying to identify what Microsoft is doing to combat upstart thin-client operating systems like Google Chrome OS, continue making money with its very popular offline Office suite and offline Windows platform, and compete against Amazon for data and web services now that the world is moving into cloud services.

They will have a lot of competition in the next 3 to 5 years against their core, money-making software products and I believe their plan is to leverage the millions of existing .NET developers and all of the skills they’ve spent years developing to change Windows from a boxed product to a subscription-based “Windows-As-A-Service” service.

I’ve been working with the Windows Azure platform for a few weeks now and I have to say I’m quite impressed. Launching apps is pretty easy once you have the required software installed and there are plenty of projects already listed at CodePlex to get you started. Moving from .NET development to Azure development is a piece of cake. They also appear to be much more open to supporting non-Microsoft development languages such as Ruby and PHP. As a Linux guy, I have to admit they’ve put this together pretty damn well.

Currently, the industry has only paid attention to the web application deployment features of Azure. I believe the true power of Azure is not just deploying scaling web applications but in its ability to launch virtualized desktops from the cloud. Let me explain what I envision Microsoft’s plans to be for the future of the entire software lineup.

The Home PC Market

Imagine you’re a standard, nuclear family buying a home PC in the year 2015. You go to Staples (or whatever your big box store of choice is) and look at what they offer. They have a number of PCs for sale but because by this time most computers have enough horsepower for the home user, the hardware statistics are subdued or even missing. Instead, the software features are prominently displayed.

Available for sale is a home PC that will give you Windows Azure (includes 5 users, Internet Explorer, Office Home, Zune music and PC game marketplace). There are three prices, depending on how long your contract term is, similar to a mobile phone.

  • 3-year contract: $249 hardware cost + $99.99 / year Windows Azure subscription
  • 2-year contract: $499 hardware cost + $99.99 / year Windows Azure subscription
  • No contract: $599 hardware cost + $99.99 / year Windows Azure subscription

You bring the PC home after buying the 3-year contract (who replaces a home PC within 3 years anyway, right?) and turn the machine on. The default software on the machine is a thin-client that simply facilitates the connection to Windows Azure. You create the users for each of your family members and in behind the scenes each of them gets a virtualized desktop (probably Windows 7 renamed to be Azure Home or something of the sort), hosted in the cloud. Instantly all activation, piracy, and product key woes are a thing of the past.

Because the virtualizations are hosted in the cloud, all of the annoyances that current operating systems have would be minimized or eliminated. Consider: All updates to the operating system could happen while the PC is, effectively, off. If Microsoft chose to solidify the hardware requirements for manufacturers, the platform would no longer need drivers after a fresh install and driver updates would happen transparently.

On the each virtualized desktop is an icon for the Zune marketplace where users can purchase Windows apps like iPhone subscribers can: from their app store. Clicking purchase would instantly make available the software you’ve purchased.

The benefit of all this is that of every cloud: You don’t always need to be on the same PC to do your work. You could sit at any computer in an airport, school, library, cafe, or your home and access your desktop from anywhere. Truly this is the stuff of the future.

SMB Market

Because the virtualized desktops will be running the Windows everyone already knows, application development will remain just as easy as it ever has. Developers who are out there, making applications on the Windows platform will only need to learn “What’s new” instead of “What’s changed?”

Businesses will be sold on cost reduction since the Windows Azure platform removes almost all administration and IT support requirements from the business. If you can plug a PC in, you’re pretty much good to go. No more crazy Windows product keys or version incompatibilities. All apps on your virtualization would be incrementally updated over time. Since everyone on the service is paying yearly, this would cover the cost to Microsoft normally attributed to upgrading.

The Windows Azure Business option would also include an SLA.

Corporation / Government Market

For this market, Microsoft would take the SMB Market platform and simply multiply it to handle thousands of PCs. Likely they would offer additional support, a better SLA, and decreased per-unit cost due to bulk sales and contracts.

All of this is really magical stuff and I really hope the future turns out to be something similar. The other exciting part of Azure is what most people focus on: the fact that it offers nearly unlimited storage, computation, and development possibilities for developers and businesses. And that’s where Microsoft needs to cut the mustard. Or else, this whole thing is for nothing.

In order to get businesses and users to adopt the new platform, there has to be killer applications available on it. New stuff, not just Office and IE. Fun stuff like Google Goggles or Twitter. And that can only come from a completely open and available system to let the minds of developers take their crazy dreams and put them into code.

If I could make an impassioned plea to Microsoft, from a developer, please offer us an Azure development option at no cost. We’re not asking you to host our million hits per day website for free, just something we can log into, put up and app and see if it gets some traction. If it’s good and generates some revenue, give us a call and we’ll sell it or start paying.

What do all of you think of the possibilities of this new service? Are you excited about Azure? Let me know in the comments!

Google Chrome for Linux Now Available

The world’s fastest web browser, Google Chrome, has recently been released on the Linux platform. This is big news since it will greatly improve the web browsing performance of many of the world’s netbooks.

I’ve been a huge fan of Google Chrome since it appeared in the summer of last year, but haven’t used it heavily simply because of the lack of Linux support. It is installed on my Windows 7 virtualization, however.

Word on the street is that Google Chrome is also available for Macs, so if that’s your platform, take a look!

One thing that I think is important to note that I haven’t seen anyone pick up on is this line on the Official Google Blog post about Chrome being available for Linux and Mac:

“At Google, most engineers use Linux machines …”

Hmm.. No wonder they’re winning! ;)

Go for it -> Download Google Chrome for Linux

I Met The Woz!

This past week, I met Steve Wozniak at the Communitech breakfast event in Kitchener. He was there to speak about his past at Apple as well as a new company he’s a part of called Fusion-io. The CTO of Fusion-io was on-hand as well to describe the company from a technical perspective. I really think the things they’re doing there will take the industry in the right direction. I’ve been a fan of SSD / Flash memory technology for years and they’re basically re-writing the book on it.

 

Me and The Woz :)
Me and The Woz :)

Put simply, they are offering Flash memory storage directly through a high-bandwidth PCIe card vs. using hard disks or trying to force SSDs through standard SATA controllers (which each have their own controllers, and those have controllers as well, and so on). By simplifying the process they are able to achieve incredible results.

If you’re in need of high-speed data access, take a look at some of Fusion-io‘s services. You won’t be disappointed.

A Month With Mandriva

Well, it’s been just over a month since I made the switch to Linux from Windows. My distribution of choice for desktop PCs has always been the fantastic Mandriva Linux. Available for free with plenty of included software (Open Office suite, the Firefox web browser, Kopete messenger, Amarok media player, and much more), it’s always done the trick and looks wonderful doing so.

I have two physical hard drives in my PC. The first one is mounted ‘/’ for all my system files and programs. The second drive is my ‘/home’ directory, where all of my documents are kept. All of the system files are kept entirely separate from my documents.This sort of division is done even with one single hard drive automatically by Mandriva so that if I ever need to format or upgrade the operating system I don’t lose any of my pictures, movies, or music, ever.

Me playing Morrowind in Linux
Me playing Morrowind in Linux

Life without Windows is certainly possible. I’m living proof. And the stuff I use my computer for is likely more intense than your average Joe since I’m a web developer. All of the required software that I use on a daily basis is available and runs great in Linux.

All of my games worked out-of-the-box using the Windows games and software emulator* (Read more about the Wine project). I’ve included a screenshot of me playing Morrowind. It runs great. My girlfriend and I played through Max Payne on this PC, as well, and we’re a quarter of the way through the Quest for Glory 2 remake (which is a lot of fun, by the way) on my other Mandriva Linux PC (our media center).

If you’re considering running Linux or if you’ve heard about it and are curious, give Mandriva Linux One a try. It’s pretty simple: You download it and burn it onto a blank CDR. Reboot with the disc in the drive and you can use it right off the disc without actually installing it. If you like it, go ahead and install it. Otherwise, just take the disc out and reboot — nothing has been changed on your computer.

For more information about Linux, try reading some of these sites:

* I realize Wine is technically not an emulator, but when explaining what it does it helps to use that term.

Coffee and Code in Guelph

If you’re a developer looking for something to do on Tuesday nights, look no further: Coffee and Code has come to Guelph. We meet between 7:30pm and 9:30pm to network, discuss relevant programming topics, and get some work done. It’s a great opportunity to meet some like-minded individuals and work in a setting other than your usual lair. Bring your laptop and whatever else you’ll need to do your thing.

Cory Fowler began the Coffee and Code event in Guelph a few weeks ago and has been diligently building up some momentum with it. I think it’s been going for 5 weeks now. I started going on the third week.

Next meeting place: The Albion on Gordon St. Hopefully we’ll see you there!

DemoCampGuelph9 – May 13, 2009 – Be there!

Coming up fast is the next DemoCamp in Guelph. It’s scheduled for May 13th and this time it will be at the eBar on Quebec St. Attending the DemoCamp is completely free and definitely recommended if you’re into programming, new technology, servers, hardware, software, games, or anything else with computers. Usually there are drinks and food included, so come and have fun!

I’ve blogged about previous DemoCamps before, namely the 6th and 7th events here in Guelph. At the 6th event, I presented Jack of All Links.

For more details on the upcoming DemoCampGuelph9 event, check out the DemoCampGuelph homepage.

Know What? GameCube is $39 Canadian, new.

Go to Zellers and buy a GameCube. It comes with Paper Mario 2. If you’ve already got one, pick one up for your parents and get them WarioWare used for $15. It’s what I did this weekend and it’s been hella fun at the Rockefeller household this Thanksgiving :) You don’t even need a memory card if your parents are new to games since they’re just getting started anyway.

https://www.youtube.com/watch?v=r7z5QjrAbQg