Christmas day, as usual, has been a busy and productive day for me. I seem to be getting in the habit of coding up random stuff when I get a week to myself, and Christmas 2008 was no exception. I was sitting around this evening working on a project, when I got side-tracked…and then side-tracked again. I realized that through a (intentional?) quirk of how Twitter stores it’s relationship data, the first person you ever followed could be determined very easily. A few hours later and I tossed up My First Follow, an application that shows who your first friend on Twitter was. Ah, memories.

You’ll notice I also updated my blog design. Much more copacetic, in my opinion.

I hope everybody had a good Christmas, I sure enjoyed mine. :)

Despite working myself like a horse recently, I still somehow find the time to hack on TweetStats every once in a while. I’m not really sure what motivates me so much to work on a site that generates zero revenue and has little practical use…but it’s fun and it distracts me from all those other things I should be doing.

Well TweetStats was mentioned in an article about Twitter tools that was on the front page of Digg recently. Fortunately, I moved the background processes that do a lot of the heavy lifting to a better server a couple months ago and TweetStats handled the 400% increase in usage like a champ. While perusing all the new users, I saw one guy that created a Wordle from his TweetCloud.

This was something I’ve been wanting to do for a while, and with that little motivation and new knowledge of Wordle’s advanced tools page … I tossed in some extra code, and added a link to create your own Wordle from your TweetCloud. Fun stuff. Here’s mine.

Yea, I haven’t been around much, have I? Sorry about that. Officially starting my business (security consulting, process automation and tool development) a couple months ago has made me busier than I could imagine. Days are filled with work and trying to find more work, and nights are filled with all the little tasks that accompany that - process development, invoicing, and trying to keep my little side projects (TweetStats and RateMyTalk) up and running as well.

Despite that, I still found a little bit of time to go see my family out east. We did a little vacation in Maine and I had some fun with night-time exposures. This is the beach at night with a nearly full moon shining down from above.

I had a great time, but it sure did make me miss my little niece and nephews who are growing at a very fast clip. I feel like they need to see their Uncle D more often to show them the ways of computer security. ;)

Life out here in Seattle isn’t all that exciting - I’ve put most of my other activities on hold while I commit to building a business. Fortunately, I recently inked a deal that will keep me local for at least a couple months and I’m very excited about that. There are only two months so far this year that I haven’t been traveling so it will be nice to get into a routine again. I’m also looking forward to the Express Bus to one of the local ski/snowboard areas. I didn’t do any boarding last year due to my travel and I’ve missed that as well.

For now, it’s time for a little Friday night relaxation at home. A weekend awaits and I’ve got to rest up so I can stay busy!

In other news, I started a new site today called Startup Security. You can read the Welcome post, but I mainly created the site because I’ve come across several security issues at startups in the past few months and I want to spread awareness about integrating security into the development life-cycle early on.

In coming days and weeks, I’ll post about different vulnerabilities I’ve come across as well as things to look for if you’re a startup and aren’t familiar with security. The point I’m trying to get across is that security doesn’t have to be a $50,000 investment to be effective. Heck, I could probably spend half-a-day talking to devs and know whether or not they understand security enough to not build a reasonably secure site…

In any case, Check it out at StartupSecurity.info. I hope it becomes a useful resource. :)

In another I Hate series, I hate Belkin. I already posted this review on Amazon, but I figured I’d re-post it here just for the fun of the Google juice. Belkin tech support seems to think otherwise, but my assumption is that the Belkin USB Network Hub just corrupted my external hard drive.

This may very well be an isolated case, but I happily unpacked my Belkin Network USB HUB after 2 months of it sitting in the packaging. I successfully plugged in a USB scanner and did some remote scanning. Taking it to the next level of wireless, I moved my hard drive over. I plugged it in. Everything worked (kind of) fine. I could access the disk, but playing files in iTunes resulted in some skipping. Finally frustrated with the skipping, I went to plug the external hard drive directly into my computer. It didn’t show up. I plugged it back into the USB Hub. It still didn’t show up. I opened Disk Utility only to have it tell me the entire drive was corrupt. I called Belkin support and after being escalated to Level 2 support, I was told that “The drive is corrupted, sorry”. That was it. No trying to troubleshoot. No offers of goodwill to recover the data on the drive. Just a flat-out tough luck. Like I said, this may very well be an isolated incident… But I’ll never, ever plug anything into that Belkin Network USB Hub again.

Sigh. So much for awesome wireless capabilities. Time for a beer.

Last night, around 6pm EST, I started asking around Twitter to see what people were doing to help out with Gustav efforts. What I found were a lot of links to how people could find information about Gustav, but not very much in the way of active efforts to provide a means for disseminating actual requests for help.

As an example, Twitter is a pretty big echo chamber and a simple request can get lost, even in targeted searches. As I couldn’t find anything else and my cohort was having trouble finding an official means of SMS communication via the Red Cross, GustavTracker was born.

I don’t know if this is the right way to address this problem, but I’m trying to do what little my nimble keyboard fingers can. This morning, I also came across a Gustav Information Center Wiki and it seems they’re doing some similar work. I’m currently in the process of trying to collaborate with them.

In the end, I fear it’s simply too late to get the necessary information made available. However, if you would like to help, please pass on the information about GustavTracker for those in need of something that the web community might be able to assist with.

It should be noted that the Red Cross has the @safeandwell Twitter account that ties in to the official Red Cross Safe & Well List, but trying to find information relative to this channel was an exercise in futility.

Well it’s been far too long since I’ve posted here, so I thought I should let my vast world of blog subscribers know what I’m up to (Hi, Mom).

Living in Germany put a lot of different things in focus for me, as did the last time I spent an extended amount of time in a foreign place and ended up moving to Seattle. No, I’m not moving to Germany, although I did definitely consider it.

I’ve been a professional security consultant for over six years now. While I’ve loved doing that and all the great experiences I’ve had (awesome people, doing work for top companies), I’ve always felt something was missing. I’ve always felt that there was a little more I could contribute. Ever since three months into doing this job, I’ve wanted to change how some things are done. At the heart of everything I do is a little voice that’s always trying figure out the best and most efficient ways to get things done. A little voice that asks me how and why something works that led me to disassemble numerous watches as a child. This same voice (perhaps not of reason) convinced me that I should leave my job in July when I returned from Germany and pursue some of those things in life that I feel I can make better. I usually don’t post much about my professional life since this is a personal blog, but this time my personal life is very heavily affected as I will be trying to go into business for myself.

For numerous reasons this was not an easy decision to make, but I feel the time in my life has come when I need to make this change or risk wondering for too long what I’m doing with my life. One of the other reasons is simply having more control of my life, with the ability to make decisions on my personal and business goals and desires. This constantly makes me think of one person - my father. He still to this day talks of how he would never work for anybody but himself - the freedom it allows, both to be ornery and independent, is something that can’t be matched. I’ve always admired him and for very long as a child felt that I should somehow follow in his footsteps. I always felt an unexplainable bit of guilt at not carrying on his profession, but I feel that by going out on my own I am somehow fulfilling that desire to proudly carry on in his footsteps.

The effects of this decision can already be felt. On a bit of a whim, I attended Gnomedex 8.0 this weekend - a local Seattle Tech conference. Though only partially related to my professional life, I was often frustrated by a lack of a good means to provide feedback to speakers at conferences. I’m sorry, but filling out a paper form and mailing it in after the fact does not cut it in this day and age. Thus was born an all-nighter on Thursday preparing Rate My Talk, a new service allowing for instant speaker feedback through the use of a Twitter bot. In what I feel was I surprisingly successful beta launch, I pimped my service at Gnomedex to provide to useful feedback for Gnomedex speakers. Though I am far from a marketing person, people seemed to like it and though there’s still a lot of work to be done, the choice and capacity to do that is something I would very likely not be able to do were I not newly self-employed.

And that’s where I am. A little life reboot to keep things interesting. Now, excuse me while I decide what interesting thing I want to work on this afternoon. :)

I got caught by a bit of a bug today when I was trying to add a custom wallet item in 1Password. I was in the process of copying one of their templates after realizing they were just simple json, but couldn’t find the file where the description strings were stored. The file, Localizable.strings, that the above article eventually led me to turned out to be UTF-16, which grep cannot … grep through. After a little bit of googling, I came up with the following solution, which does a recursive case-insensitive grep in UTF-16 files on OS X.

1
2
3
4
5
6

<div class='bogus-wrapper'><notextile><figure class='code'><div class="highlight"><table><tr><td class="gutter"><pre class="line-numbers"><span class='line-number'>1</span>
<span class='line-number'>2</span>
<span class='line-number'>3</span>
</pre></td><td class='code'><pre><code class=''><span class='line'>for f in `find . -type f | xargs -I {} file {} | grep UTF-16 | cut -f1 -d\:`
</span><span class='line'>        do iconv -f UTF-16 -t UTF-8 $f | grep -iH --label=$f ${GREP_FOR}
</span><span class='line'>done</span></code></pre></td></tr></table></div></figure></notextile></div>

Update: I also put an accompanying shell script on github (ugrep.git) in the event that I need to make it a bit more flexible.

My del.icio.us tags tell quite a bit about me. Wonder if I could integrate this with TweetStats somehow…

For whatever reason, there aren’t many examples on the net of Python code that can be used with the Google AJAX Search API. I’m not really sure why this is and perhaps I’m missing something, but for future reference here’s some sample python code.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24

<div class='bogus-wrapper'><notextile><figure class='code'><div class="highlight"><table><tr><td class="gutter"><pre class="line-numbers"><span class='line-number'>1</span>
<span class='line-number'>2</span>
<span class='line-number'>3</span>
<span class='line-number'>4</span>
<span class='line-number'>5</span>
<span class='line-number'>6</span>
<span class='line-number'>7</span>
<span class='line-number'>8</span>
<span class='line-number'>9</span>
<span class='line-number'>10</span>
<span class='line-number'>11</span>
<span class='line-number'>12</span>
</pre></td><td class='code'><pre><code class=''><span class='line'>#!/usr/bin/python
</span><span class='line'>import urllib
</span><span class='line'>import simplejson
</span><span class='line'>
</span><span class='line'>query = urllib.urlencode({'q' : 'damon cortesi'})
</span><span class='line'>url = 'http://ajax.googleapis.com/ajax/services/search/web?v=1.0&%s' \
</span><span class='line'>  % (query)
</span><span class='line'>search_results = urllib.urlopen(url)
</span><span class='line'>json = simplejson.loads(search_results.read())
</span><span class='line'>results = json['responseData']['results']
</span><span class='line'>for i in results:
</span><span class='line'>  print i['title'] + ": " + i['url']</span></code></pre></td></tr></table></div></figure></notextile></div>