Month: March 2008

Hacking a Facebook app != hacking Facebook

Silicon Alley Insider has a story with a we’re-really-not-trying-that-hard-but-sensationalism-just-comes-naturally-to-us headline boldly proclaiming that they can teach you How To Hack Facebook In 51 Seconds. Take a look a the video below and see what you think.

Wrong! Yeah, that’s what I thought too. That’s not Facebook. That’s a Facebook app. A custom application, written by an external developer who really doesn’t care about security a whole lot. There’s a big difference between hacking Facebook (exposing contact or personal details, gaining access to passwords etc) and hacking a Facebook application (in this case, changing your friend’s mood). Yes, that may cause some strange questions from your friends (“Why are you feeling like murdering kittens?”), but one poorly written app does not mean that the security of Facebook as a whole has been compromised. Great headline, totally inaccurate subject matter.

The source for this story was probably this review of the app from a day earlier which links to the Youtube video and highlights this exact problem in the environment where it is actually meaningful and would be most effective (if people actually bothered to read reviews before installing apps). The original poster even accurately characterized this as a hackable app, not a core breach of the mothership.

Here’s a fix for SAI – update the title to be “How To Hack the Facebook Moods App In 51 Seconds”. Still fairly interesting, and about 100% more accurate. This time the discussion could even focus on more relevant questions, like whether Facebook should be certifying apps once they hit a certain size.

Technorati Tags: , , ,

SXSW 2008 Recap

magnolia cafe

It’s been two weeks since I left SXSWi and while I had a fantastic time again, the intensity of this year’s festival was somewhat muted (at least for me) in comparison with the last time I was there in 2006. Why? A couple of reasons, two of which were:

  • Size. SXSWi was on three levels of the Austin Convention Center (ACC). I knew things were bigger in Texas, but I had no idea how much this applied to the ACC. The place is massive. So massive in fact that it felt like I spent most of my time roaming between levels, searching for people I knew and barely making it to sessions on time, unlike in 2006, where the festival was restricted to a single level and serendipitous meetings and conversations in the corridor outside the sessions were often the most interesting parts of a day.
  • Capacity. The number of people attending this year has skyrocketed. Take a casual glance at the number of parties in 2006 and 2008 to see the difference. It’s noticeable. Parties filled up quickly and stayed that way until after the open bar ran out or the last band went stopped playing, whichever happened first. I’m not sure what the solution is here for the organizers, but for me – next time there’s a party I want to get to, I’ll be getting there 15-20 minutes early. Shout out to Tim Shey‘s Next New Networks party which was one of the best ones I got to. [sadly, my band – Lacy & the Books didn’t get a chance to debut on Rockband :)]

Many of the same issues and concerns that I had were also raised by Leonard and Jay. Go read their posts – they’re far more eloquent.

As far as the panels go, my only complaint was that I couldn’t clone myself and be in multiple sessions at the same time. Here’s a daily breakdown:

Friday
Battledecks II – Powerpoint meets Karaoke actually turned out to be a really fun way of kicking things off. Takeaways: Ebola, Amy Winehouse, Wood-based Keynote graphs, lots of meat, Mike Essl’s Pickle Podcast invading the asses of chickens everywhere and other highly relevant interactive bits and bobs.

Saturday
Filching Design: When the Shoe Fits – loved this one. Takeaway: steal shamelessly when you need to, but be prepared to face the music.

You Are Here: Gaming and User’s Geolocation in Web 2.0 – Ryan Sarver invited me to be on this panel at the last minute and I’m so glad I went. Jeremy Irish from Geocaching.com had some stories about geowanking, I talked a bit about some projects I’ve done with area/code and continued the tradition of making sure I’m always on a panel with Dens at SXSW.

Blood, Sweat, and Fear: Great Design Hurts – this was one of my favourite sessions at SXSW. Michael Lopp and John Gruber make a great tag team. Takeaways: make pixel perfect mockups, hold pony meetings, be willing to get called an asshole.

Worst Website Ever: That’s So Crazy, It Just Might Work – hilarious. And a lesson in pitching, courtesy of Mr Productivity himself – Merlin Mann.

The Science of Designing Interactions – Andreas’ session was good, but perhaps a bit too dense for first thing in the morning. (10am is the crack of dawn at SXSW). Ming Yeow was a good complement to Andreas presentation.

Tools for Enchantment: 20 Ways to Woo Users – I really enjoyed seeing Kathy Sierra speak, but her typography hurt my eyes. Fantastic content. Takeaways: practice seductive opacity – keep the mystery alive.

The Supercollider: A Hero of the Social Network – use Twitter, Dopplr, LinkedIn, Facebook, Flickr extensively. Make lots of friends. Love life. Takeaways: super colliders are gorgeous.

Mobile Phones: International Devices of Mystery – my panel – was plagued with numerous lineup changes from the start and unfortunately Neil and Jonathan (welcome to the world, Calliope!) couldn’t be there – but I managed to rustle up truly fantastic stunt doubles in the forms of Matt Jones and John Poisson who kept the conversation about some of the more interesting, exotic and obscure uses of mobiles around the world flowing freely. One of my favourite insights was hearing Jen talk about why video calling is so successful in Italy (they sell phones in pairs and encourage you to give it to older family members).

PMOG: The Web as a Play Field – walked into the tail end of this one. Love the idea.

Managing Creative Teams – good practical discussions. I love the theater analogies. Takeaways: rotate creative leadership, cross training gives people a sense for what is possible.

Bio-Networks: Using Mobile Technology to Impact Healthstyle – another one that I walked into during the Q&A. I wish I’d seen her entire presentation.

Billy-Bob Thornton. Awesome. Love this guy. Loved the sunglasses indoor. Takeaway: “once you start testing things – it becomes like toothpaste.”

Tuesday Keynote: Jane McGonigal – I really enjoyed this one, but disagreed with some of her bold sweeping assertions. She’s a great speaker/thinker regardless, if you get a chance to see her talk – don’t miss it.

Conversations and meeting people are some of the highlights of the festival for me. Here are just a few of the people that I got to spend time with (in no apparent order):

New friends
Jen Bekman of 20×200 fame, Raul Gutierrez, Bre Pettis, Aaron Straup Cope,
Micah, Matt Jones, Nathan Eagle, Rick Webb, John Poisson, Jeremy Irish.

Old friends
Daniel Raffel, Cameron Marlow, Amanda Kelso, Omar Elsayed, Buster Mcleod, Molly Wright-Steenson, Jennifer Bove, Karin Klein, Leonard Lin, Andy Baio – MC Frontalot ruled!, Danny Newman, Nora Abousteit (too briefly!), Ryan Sarver, Manlio Loconte, Dens Crowley, Alex Rainert, Karen Bonna, Ron Goldin, Christine Brumback, Alli Mooney, Andreas Weigend, Will Carter, Kevin Kearney.

See you next year, SXSW.

Installing RMagick on OS X Leopard

After the last time, I swore I’d never fall prey to RMagick’s convoluted and painful installation process. Unfortunately, to paraphrase the Giant – it happened again.

So, after beating my head against my desk for hours while banging out permutations of “sudo port install ImageMagick” and “sudo gem install rmagick”, I have news for you, my devoted audience of 1.5 pygmy marmosets, – it can be done!

What you need to do is go back to the basics and install everything from source. I found a nice script here, but that only got me part of the way. Here’s how I did it:

mkdir src
cd src

curl -O http://download.savannah.gnu.org/releases/freetype/freetype-2.3.5.tar.gz
tar xzvf freetype-2.3.5.tar.gz
cd freetype-2.3.5
./configure --prefix=/usr/local
make
sudo make install
cd ..

curl -O http://superb-west.dl.sourceforge.net/sourceforge/libpng/libpng-1.2.22.tar.bz2
tar jxvf libpng-1.2.22.tar.bz2
cd libpng-1.2.22
./configure --prefix=/usr/local
make
sudo make install
cd ..

curl -O ftp://ftp.uu.net/graphics/jpeg/jpegsrc.v6b.tar.gz
tar xzvf jpegsrc.v6b.tar.gz
cd jpeg-6b
ln -s `which glibtool` ./libtool
export MACOSX_DEPLOYMENT_TARGET=10.5
./configure --enable-shared --prefix=/usr/local
make
sudo make install
cd ..

curl -O ftp://ftp.remotesensing.org/libtiff/tiff-3.8.2.tar.gz
tar xzvf tiff-3.8.2.tar.gz
cd tiff-3.8.2
./configure --prefix=/usr/local
make
sudo make install
cd ..

curl -O http://jaist.dl.sourceforge.net/sourceforge/wvware/libwmf-0.2.8.4.tar.gz
tar xzvf libwmf-0.2.8.4.tar.gz
cd libwmf-0.2.8.4
make clean
./configure
make
sudo make install
cd ..

curl -O http://www.littlecms.com/lcms-1.17.tar.gz
tar xzvf lcms-1.17.tar.gz
cd lcms-1.17
make clean
./configure
make
sudo make install
cd ..

curl -O http://mirror.switch.ch/ftp/mirror/ghost/GPL/gs861/ghostscript-8.61.tar.gz
tar zxvf ghostscript-8.61.tar.gz
cd ghostscript-8.61/
./configure  --prefix=/usr/local
make
sudo make install
cd ..

curl -O http://mirror.switch.ch/ftp/mirror/ghost/GPL/gs861/ghostscript-fonts-std-8.11.tar.gz
tar zxvf ghostscript-fonts-std-8.11.tar.gz
sudo mv fonts /usr/local/share/ghostscript

curl -O ftp://ftp.imagemagick.org/pub/ImageMagick/ImageMagick.tar.gz
tar xzvf ImageMagick.tar.gz
cd ImageMagick-6.4.0
export CPPFLAGS=-I/usr/local/include
export LDFLAGS=-L/usr/local/lib
./configure --prefix=/usr/local --disable-static --with-modules --without-perl --without-magick-plus-plus --with-quantum-depth=8 --with-gs-font-dir=/usr/local/share/ghostscript/fonts
make
sudo make install
cd ..

curl -O http://rubyforge.rubyuser.de/rmagick/RMagick-1.15.13.tar.gz
tar zxvf RMagick-1.15.13.tar.gz
cd RMagick-1.15.13
./configure  --prefix=/usr/local
make
sudo make install
cd ..

If you’d like to download the entire script and run it yourself – you can grab it here:

rmagick_install.sh

The trick for me was compiling the RMagick gem from source. Every single time I relied on @#@# rubygems, it failed. This script may fail after a while if some of the hardcoded paths change or if newer versions of the packages come out, so if it breaks for some reason, modify it to accomodate whatever version of RMagick / Freetype / Ghostscript is needed.

I hope this helps somebody else out there and reduces your head banging time to a minimum.

Technorati Tags: , ,

The iPhone SDK

fakesteve on the SDK:

Seriously, folks, it’s game over. This announcement today is as big as the announcement of the original Macintosh in 1984. At airports all around the world they put flights on hold so that people could stay in the terminal and watch the news as it was announced. In Canada they declared a national day of mourning for RIM. It’s that huge. Today, frankly, is a day that will live in the history of our industry. It’s a classic inflection point. Massive disruption. Schumpeter-esque creative destruction. I am sitting here just watching the trailer for “Ironman” with the volume cranked on my stereo and I’m running around going “I … am … Ironman …” in that weird computer voice. Truly, I am invincible. I rule the world. I am the greatest human being that ever lived. I feel just like that friggin Ironman guy, honestly. Bullets cannot pierce my iron skin. Apple is the greatest company in the world. We rock so hard it’s amazing.

Technorati Tags: , ,

Pick me! Pick me! Come see my panel at SXSWi.

Panel Surrounded

As you can see from the tiny image segment I grabbed from the wonderful sched.org SXSW organizer, if you’re attending, you’re going to be spoiled for choice this year.

So, when it comes round to deciding what to do on Monday 10 March at 11:30am, if you’re interested in finding out about the most interesting, unexpected or downright bizarre ways that people are using mobile phones around the world, why don’t you stop by and check out “Mobile Phones: International Devices of Mystery”. We’ve got a great cast of fantastic speakers – including Jonathan Donner, Nathan Eagle, Neil Churcher and Jennifer Bove – and all we need are some thought provoking questions from you – in the audience.

Find out more on the Socialight blog. See you there!

Technorati Tags: , , , ,