Disqus - Latest Comments for topperge

Re: Sudoku anyone?

topperge — Thu, 01 Oct 2009 20:22:46 -0000

Pick me pick me

Re: Taking a Break

topperge — Wed, 09 Sep 2009 18:10:38 -0000

Ah hell, now I'm getting called out publicly. Maybe I can find a bill code to put this under. I haven't filled out last quarter's TPS report yet...I'll get to it, hopefully this weekend!

Re: Geek or Nerd?

topperge — Thu, 30 Jul 2009 22:55:15 -0000

Sadly Chris and I have actually debated this for hours. We'll throw out a topic and debate its geek / nerdiness.

Re: The Race for Your Identity: Twitter vs Facebook

topperge — Mon, 15 Jun 2009 00:51:20 -0000

I don't know that I trust either of them to hold my identity. Personally I like the wordpress add-ons that allow me to make my personal blog my own provider. It's a domain that I control and own. I just don't think I have the capital to enable all the strong authentication mechanisms I would want in such a service ;-)

I always find it interesting that people in the US have a different perspective on the government that people in Europe. We're very untrusting of what they do with us and our data. I'm not sure where that comes from but based on my work they have our best interest in mind and are the only "company" with the capital to do it safely.

I believe that the US government should provide an OpenID identity provider for their employees. Who needs a "twitter verified" account for the government users, if they can log in with a government provided OpenID service and it shows a symbol that they are government verified I tend to believe them. I think this is critical in the government 2.0 mission to reach out to citizens and gain trust.

Maybe after a few years of a public OpenID provider to employees they can extend it to citizens. Personally I don't care if a government OpenID provider knows what site I log into. I'd prefer it when buying products online or dealing with the IRS / other government sites. The centralized strong authentication would give me a much better piece of mind. It wouldn't prevent me from adding my additional providers and using them for my primary authentication mechanism, but would give me a backup in the cases like Vidoop going belly up and leaving me high and dry from logging into my sites.

I agree with the browser authentication proposition, however, I need it to be synchronized across all my browsers / devices like a XMarks / DropBox. Maybe something could be put together with Gears. I haven't looked into the persistent storage of HTML5 to see if there is any encryption as part of the spec. Obviously something could be implemented in javascript.

Oh, did anyone else notice the new "Hardware Encryption" in the iPhone 3G[S]? I'm still trying to find out what exactly that means, could be something interesting for a portable strong authentication device.

Re: OraTweet Ready for Flight

topperge — Thu, 04 Jun 2009 01:52:41 -0000

Nope, I'm keeping it for myself, tough crap. Give me a couple days and I'll get it out there. Going on vacation next week just to catch up on a whole bunch of this stuff.

Re: OraTweet Ready for Flight

topperge — Tue, 02 Jun 2009 23:20:30 -0000

I can confirm that XE works I've built a couple VMs with it already. The only trick is that you need a script to load the images into the database. I just downloaded the files tonight hopefully I can swing back and write the scripts real quick.

Congrats Noel for getting this out, looking forward to helping out with the adoption.

Re: Oracle People iPhone App Metrics

topperge — Tue, 24 Feb 2009 20:10:28 -0000

Use it, love it, want some more of it. The only thing I can think of that I would add is a quick way to look up the daily guest wireless password. It would be really handy for meetings sometimes.

Re: Going rogue inside a big company

topperge — Wed, 11 Feb 2009 23:32:50 -0000

Why do you need a DBA to install APEX? Go grab Oracle XE, install it on your desktop and start from there. If its a laptop build something cool, release it to people and they'll get mad that its only online 9-5 the company will be forced to give you a desktop ;-)

Re: Zombies Attack Austin

topperge — Tue, 03 Feb 2009 19:32:55 -0000

I'm pretty sure its a microprocessor that doesn't really need an OS to run it, but either way easily hackable.

What scares me is the huge overhead signs you see going down the highway that are permanently fixed. Most of those have a cell or hard wire modem in them. I would bet that 90% of them are using default passwords as well.

I remember the days of running through phone numbers to try and find open BBSes and fax machines. You can bet the numbers are in the same range as the employees of your local DOT ;-)

<tinfoil hat>
I'm just waiting for someone to hack onstar to activate the limp mode (aka we slow your car down to 20 mph for you on the highway) functionality from afar. Imagine doing that to all the GM vehicles with onstar activated on them nice a big metropolitan area during rush hour.
</tinfoil hat>

Re: Zombies Attack Austin

topperge — Tue, 03 Feb 2009 18:57:24 -0000

I saw the original Make or Lifehacker post on this and thought how ridiculous that the company designed them this way. 90% of the municipalities don't have locks on the boxes that are attached and think the password will be enough. These are the same orgs that don't change it from the default 'DOTS' password. If thats not enough there is a simple three key reset option in case you forgot what the password is.

Now if only I could figure out how to tweet messages to one of those signs. That would make it fun. Have you seen the articles on how to replicate RFID passports / credit cards with $250 in hardware? Thats the one that should scare everyone.

Re: kthxbai, I just deleted 99 of your twitter friends

topperge — Fri, 16 Jan 2009 13:17:51 -0000

The twitter and OAuth discussions heat up:
http://simonwillison.net/2009/Jan/2/adactio/
Alex Payne is the chief architect for Twitter.

Re: What’s Your Next Project?

topperge — Tue, 13 Jan 2009 00:58:56 -0000

Agreed that would be an easy solution, but then I'd have to have a machine with iTunes running for my music. I'm also looking at hooking up an LCD display with some minimal buttons to it for local access if the iPhone is on the charger. Along with a local router for my machines in the media cabinet.

Re: What’s Your Next Project?

topperge — Thu, 08 Jan 2009 19:04:19 -0000

I've got a list and no time to do them in.
#1 finishing my workshop in the basement, I framed the entire room over Thanksgiving and haven't put enough time back in it. Full sound proofing and wiring so that when I get tired of the woodshop and the wife runs out of projects it'll become the home theater
#2 The live USB stick I owe you
#3 I have an RFID reader that I want to make a firefox plugin for to authenticate me to site
#4 A Asus openwrt based router to play music that I can control with my iPhone (much cheaper than the soundbridge and sonos solutions)
#5 Finally getting sports scores to appear on my 42"x8" dot matrix LED display (think train station sign)
#6 ...alright never mind the list is too long already

I love mating the physical world with the interwebs, things like the plants that tweet actually interest me, I'm thinking the Arduino and Xbee aren't too far off in my future. Needless to say my ADD brain has way too many things running through it

Re: kthxbai, I just deleted 99 of your twitter friends

topperge — Thu, 08 Jan 2009 15:32:26 -0000

It's really getting interesting in the online authentication space. The Commission for Cybersecurity just released an interesting "Recommendations for the 44th Presidency" found here: http://www.csis.org/component/option,com_csis_p...

Some of the things they call for is a national online authentication system either public or private and companies who don't comply will have to assume a higher level of risk (i.e. be charged more for transactions) online.

One of the best demos I've seen for OpenID had a one time use SMS message tied to authenticating a new account. The use case was that you could use your username and password over and over again for sites you've authenticated to in the past, but as soon as you try and authenticate to a new site they sent a text message to your phone with a unique password to make sure it was you. They also profiled where you logged in from i.e. an OSX machine through Firefox in Portland between 7am and 12pm. When you fell outside your normal range through a configurable set of factors it would send you a one time use password again to authenticate that new machine / profile to your account.

They also gave you other less secure means if you didn't have a cell, or it was dead that you could use to override the system. Really cool stuff.

(OK, enough IdM geekery)

Re: kthxbai, I just deleted 99 of your twitter friends

topperge — Thu, 08 Jan 2009 15:25:29 -0000

I can do a post on a JSON request through jQuery pretty easily. You're right that I can't do it with XMLHTTPRequest and missed that point in my slumber last night.

I agree that OAuth helps the problem because it'll prompt me to agree to authenticate the site to use the different pieces of the API, but the average user is going to check all the boxes and not think. If I decide to be a malicious developer I already have the authorization to modify your account privs.

There has been some big discussions on the Twitter developer group about adding OAuth which they don't think will really solve the problems. As with anything security related its always a cat and mouse game and the standards are ever evolving. The next step in the process is going to be risk and pattern based profiling presenting people with secondary forms of authentication when they fall out of the box.

Re: Did Someone You Know Get Facebook for Christmas?

topperge — Wed, 07 Jan 2009 01:38:09 -0000

Facebook is way beyond the mainstream path. My inlaws are both on FB now and there was a conversation with one of the grandmas talking about making her an account.

One things I noticed is that the live feed doesn't capture all my friends anymore. It's filtering by the people I've sent messages back and forth with recently. Kinda disappointing when trying to keep up loose connections.

Re: I Heart TripIt

topperge — Thu, 13 Nov 2008 15:36:09 -0000

Guess what? I just tried TripIt again today with the Oracle corporate travel email and low and behold it worked! A++++ Would do business with again! More love for simple apps.

Re: I Am Now Intrepid

topperge — Sat, 01 Nov 2008 23:15:52 -0000

I think it might a AMD64 problem, probably should have just stuck with 32bit. Same reason my AIR install is still funky. Everything is working fine now except the fonts with dual monitors. Hopefully I'll get some time to play with it tomorrow. Right now I have 8 holes in the ceiling of my family room so I doubt it.

Re: I Am Now Intrepid

topperge — Sat, 01 Nov 2008 00:20:50 -0000

I just got done upgrading tonight, other than pulling from a slow mirror I've got a couple issues. Firefox-3.0.3 was regularly freezing with the flash/shockwave plug-ins installed. Disabled them and its working fine. Others have reported the same issue.

Dual monitor is working for the first time with my Dell D630. It works, but for some reason after a few minutes the fonts go crazy. I'll have to dig into that some more tomorrow.

Lastly my wireless card stopped working, driver issue that I'll have to fix. Not really a big deal, just annoying that it wouldn't come back after a reboot.

Not to reinstall the vpn and virtualbox kernel mods.

Re: LinkedIn Launches OpenSocial Apps

topperge — Thu, 30 Oct 2008 21:37:41 -0000

LinkedIn doesn't have a developer community site (at least its not public). The only way to get access to their APIs / container is to email them at developers@linkedin.com and wait for them to get back to you. I asked to be part of their beta a while ago and haven't heard a thing. I even emailed the guys in charge of the program directly. I know they're trying to make sure they aren't facebook slinging sheep, but you'd think an @oracle.com email address would warrant a reply. Heres to hoping!

Re: Collok.com Manages Your OpenWorld Schedule

topperge — Tue, 14 Oct 2008 01:40:04 -0000

Glad I could help guys, for now work has stopped on it due to a lack of time. But know knows maybe Marius can hire me to replace the schedule builder next year ;-)

Re: Why Social Networking is Good, Reason 61

topperge — Fri, 10 Oct 2008 15:36:48 -0000

Yeah, looking at it now that was a blog post in it and of itself. We'll call it an extra bonus for the comment readers.

Re: Why Social Networking is Good, Reason 61

topperge — Thu, 09 Oct 2008 23:41:28 -0000

One of the things I always find interesting about going to these tech events is when I tell someone I work for Oracle. I usually get two reactions. Either they look at me like I have 8 heads and wonder why anyone would want to work for the behemoth or they say they want to grow up some day and work on the big (technical) problems a company like Oracle solves.

I can normally break down the first group to understand that you really are solving the biggest software problems in the world and the acquisition strategy isn't all evil. The second group provides a great chance at recruiting opportunities. If they're attending tech events they're likely to be the type of person I like on my team. ;-)

Re: Why Social Networking is Good, Reason 61

topperge — Thu, 09 Oct 2008 23:33:28 -0000

With an outro like that how can I keep my mouth shut. Personally I find all my upcoming dc events at http://www.dctechevents.com/. Ross owns the DC event market and does a great job keeping the calendar up to date. The nice thing is that because he implemented it in Google Calendar I can easily subscribe and it appears on top of my own calendar. Pretty much any night of the week I'm able to attend something interesting.

The local startup scene has been a great way for me to get plugged into the DC tech scene. I migrated to the DC area from Detroit and being a consultant on the road for 2 years I never got a chance to meet the locals. These events got me plugged in quick and people who actually understand and listen to my babbling.

Anyways, Startup Rockstars was great. Five of the local startups presented, all at different stages of the process. Three of the five really interested me.

GamerVixens.com is a social network focused on women gamers. Did you know 40% of gamers (online and console) are women? And only 17% of all gamers are under 18? It surprised me too. Great ideas, untapped market, its going to come down to their execution and their community leaders.

BrandClick.com provides an interesting way to monetize ad clicks. The idea is solid, but to be honest I don't see anything that Google couldn't add into AdSense within a few weeks.

Lastly is the great group at CreateDebate.com, being in DC they've used the upcoming elections as their initial platform for the launch. The group started as part of a entrepreneur class at a local college and they've really taken off. A very cool social network centered around ideas, discussion and democracy. They've opened up their APIs and also have a SaaS model for businesses to vote on things within an org. I'm really impressed by these guys and look forward to seeing them grow.

One of the things that struck me odd was that 3 of the 5 startups were building their platforms on the latest .NET architecture. It almost makes me want to spend some time looking into it, almost.

You'd never think it, but DC has over 200 startups listed with Crunchbase within 100 miles of my house.

Re: Location, location, location. It’s all about location..

topperge — Wed, 08 Oct 2008 09:41:46 -0000

Interesting, I don't think I know a single person who uses Loopt in the DC area. Out of 250+ contacts in my phone there was only one person who has Loopt on their phone. However, the local auto repair place is offering a transflush special through Loopt.