Chris Hardie

Blog, Tech, Business and Community Building

software

March 7, 2014

How I became a computer geek

chris-geekOccasionally people ask me how I got started working in the world of computers and Internet technology. There were a lot of different factors - from my own curiosity to the learning and discovering my parents and teachers encouraged to the timing of what tools/tech became available as I grew up. I don't think I can hold one particular decision or moment up over another as key, but I thought I'd try to hit some of the highlights.

As a kid I was apparently very, very curious about how things worked, especially appliances and other mechanical things. I would take them apart to understand the innards, and then try to put them back together again more or less in the same working order. I was fortunate to have parents who let me do this exploring, and where they might have had good reason to be exasperated by having household fixtures disassembled and strewn about, they instead were supportive.

- Read More -

June 21, 2013

Use the cloud, keep control of your data

Balloons in the Rose GardenAfter ranting recently about the choices we make to give "big data" companies access to our private information in ways that might be abused or exploited by government eavesdroppers, I thought it would be worth sharing some of the options I've found for using "the cloud" while also retaining a reasonable level of control over access to the data stored there.

This post has information about tools and software you can deploy yourself to approximate some of the functionality that third party services might provide, but that might also make you vulnerable to privacy and security vulnerabilities.  It's based on my experiences designing and implementing solutions for my own company, so it's mostly applicable to the interests of businesses and organizations, but may also be useful for personal projects.

A few important disclaimers: any time you make your personal or corporate data available on Internet-connected devices, you're creating a potential privacy and security vulnerability; if you need to keep something truly protected from unauthorized access, think hard first about whether it belongs online at all.  Also, the tools and services I'm listing here are harder to setup and configure than just signing up for one of the more well-known third party services, and may require ongoing maintenance and updates that take time and specialized knowledge.  In some cases, it requires advanced technical skills to deploy these tools at all, which is the reason most people don't or can't go this route.  Hosting and maintaining your own tools can often have a higher initial and/or ongoing cost, depending on what financial value you assign to data privacy.  Sometimes the privacy and security tradeoffs that come with using a third-party service are well worth it.

Still interested in options for using the cloud without giving up control over your data?  Read on.

Email and Calendar Sharing

Need a powerful, free email account?  Need robust calendar management and sharing capabilities? Everybody uses Gmail and Google Calendar, so just sign up for an account there, right?  Unless you don't want Google having access to all of your email communications and usage patterns, and potentially sharing that information with advertisers, government agencies or other entities.

- Read More -

February 23, 2013

Recovering ASUS router firmware without Windows

Shark at the National AquariumIf you own an ASUS router and you brick it while trying to upgrade the firmware or some other action, you'll probably find documentation saying you need to run a Windows-only firmware restoration program to undo this damage.

While this is apparently the only officially supported method for restoring firmware (the alternative being to ship the router to ASUS for repair, a 10+ day process), I found with some exploring that the Windows program is likely just a glorified tftp client, and that you can restore firmware using some more standard, non-Windows tools.

I'm listing below the steps I had to use today after trying to upgrade my RT-AC66U device from firmware version 3.0.0.4.266 to 3.0.0.4.270.  (The release notes for the latter indicate a fix for a "live update related bug" which is what I suspect I encountered when I first tried to do the upgrade via the web GUI.)

I'm a Mac user, but these steps should work for other non-Windows operating systems such as Linux. It hopefully goes without saying that you should follow these steps at your own risk, and I make no claims or warranty about the outcome; you could end up worse off than you are now.  You could set your router on fire. You could end up killing another version of yourself living in an alternate universe.  Be careful.

- Read More -

January 31, 2013

1Password alleviates the horrors of password management

1PMainWindowI come to you today a recovering password management hypocrite.

I have over 190 accounts and logins for which a password or PIN is a part of my access: website tools, online banking, social media, email, internal company tools at Summersault, and so on.  I used to pretend that I was maintaining the security of these accounts by having a reasonably strong set of passwords that I re-used across multiple sites, sometimes with variations that I thought made them less likely to be broken into if someone did happen to compromise one of my accounts.

But as I prepared to give a talk in December about email privacy and security issues, and really stepped back to look at my own password management scheme, I realized just how much pretending I'd been doing, and just how vulnerable I was making myself to the increasingly well-equipped and highly-automated attempts at compromising accounts, stealing identities and stealing funds that are being launched every day.  I went and tested some of my passwords at the Password Strength Checker, and I was ashamed.   The potential impact of this really hit home as I read Mat Honan's personal tale of woe and his follow-up piece Kill the Password in Wired magazine.  Add in Passwords Under Assault from ArsTechnica and you'll be shaking in your boots.

So I decided that I was not going to be that guy who goes around telling people about how vulnerable they are with their simplistic password schemes while quietly living a lie in my own password management scheme.  I might still be hacked some day, but I would not be found giving some teary-eyed interview to Oprah where I whined about how the pressure of the 190 accounts to manage just got to be too much and how I knew using a simple dictionary word plus a series of sequential numbers was wrong but I still didn't do the right thing.

That's when I found 1Password from AgileBits, a password management tool that alleviates the horrors of password management.

- Read More -

pushover
December 28, 2012

Replacing Notifo with Pushover

Two years ago I compared Notifo and Prowl as tools for sending custom push notifications to your mobile devices.  I ended up relying on Notifo quite a bit to send me mobile alerts about certain kinds of events that I might not otherwise notice right away - email messages from certain people, some kinds of calls or voicemails at my office, certain messages meant for me in the office chat room, etc.

(You might think all that alerting would get obnoxious, but having these notifications sent to me according to my preferences has meant I'm less likely to obsessively check email or other digital inboxes for something important I might be missing.  The good/important stuff gets to me fast, the rest waits for me to view it at my convenience.)

In September 2011, the creator of Notifo announced that he would be shutting down the service.  It's continued to mostly work since then without his intervention (a testament to the self-sufficient nature of what he created), but in the last few weeks I've seen increasing errors or delays in getting messages through, so I went in search of alternatives to Notifo.

Today I found Pushover, a really simple but elegantly done service that offers all the features I want.

- Read More -

October 31, 2012

Are Wayne County's voting machines trustworthy?

Early voting is underway in Wayne County, Indiana.  Voters showing up at the polling stations will find themselves directed to the Hart InterCivic voting machines. A 2007 study of these machines, initiated by the Ohio Secretary of State and conducted by Pennsylvania State University, the University of Pennsylvania, and WebWise Security, Inc. found that: the […]

August 4, 2010

iPhone iOS4 IMAP mail syncing problems

Market musicianI offer this account of trying to address a known (and I would say, severe) bug in the iPhone 4 mail software, in case it's helpful to others:

Ever since I upgraded my iPhone to IOS4 (the latest version of the phone's operating system), the Mail application has been flaky when it comes to syncing mail messages via IMAP. Duplicate messages, empty/blank messages, messages dated 12/31/1969, messages that are deleted and then re-appear, and so on.

At first I thought it might be my phone hardware, which had been cursed from the beginning (a story for another time), but after that phone died and Apple replaced it with a brand new one with fresh firmware and settings, and it STILL happened, I was convinced it's the software on the phone.  Other people are having the same issue all over the place.  But it can be hard to make Apple believe this - said the Apple Genius Bar worker at the Apple Store in Chicago, "they're probably all just using the phone wrong."  Wha?

- Read More -

January 3, 2009

Using the iPhoneOS SDK on older PPC Macs

I'm just getting started with developing applications for the iPhone / iPod Touch, and one of the first real hurdles I encountered was that Apple didn't make it easy by default to use their iPhoneOS SDK on non-Intel Macs. With some Googling around I was was able to find a variety of articles that mentioned workarounds, but the comprehensive solution was spread across lots of blog post comments, forum postings, etc. So, for my own reference and hopefully as assistance to anyone else who might be in the same boat, I'm consolidating the steps here.

- Read More -

December 8, 2008

Security FAIL

Two stories of security failure for this blustery day: 1) Apparently, all you have to do to throw off the facial recognition software that protects us from identity theft or worse, is smile: The Indiana Bureau of Motor Vehicles is restricting glasses, hats, scarves -- and even smiles -- in driver's license photographs. The new […]

Older Posts