Latest from the blog

Thursday, Aug. 19, 2010

Facebook Places: Even more botched security settings



Facebook Places... ugh. More security settings to mess with.

Leave this setting at your own peril. Leaving it alone lets *other* people "check-in" on your behalf. Think about it. This will let anyone (your friends by default) tell everyone else where you have been. Without your permission.

The ACLU has even gotten into the action. Check it out.

WTF.

Click Account menu (on upper right), click Privacy Settings, click on "Customize", in the "Places I check in to" drop down select "Customize", select "Only Me", under "Make this visible to / These people" select "Only Me", and finally hit "Save Settings".

But wait, that doesn't really turn it off (but wait there's more). This page describes how to control the setting for Facebook apps.

Click Account menu (on upper right), click Privacy Settings, look for "Applications and Websites" on lower left - under that click "Edit your settings", look for "Info accessible through your friends" in the middle of the page then click "Edit Settings" on this line, uncheck ... everything, but especially "Places I've Visited", finally click "Save Changes".

WTF....

Seriously....

WTF.

Why is this so complicated? Just about any security-related question you ask an end-user is the wrong one (a non-expert can't be expected to give a reasonable answer). Facebook does one better and never asks the question in the first place.

Posted by Rick at 11:38 p.m.

Monday, June 28, 2010

Dogsundercover is now open for business

The Dogsundercover store is open! Holy cow! With much wrangling of the off-planet alien help we have a slick home page and smooth integration into our shopping cart software. We said it'd be June, and by holding their little green feet to the fire and their noses to the grindstones we got it all done. (OK, we all know aliens don't have noses, but you get the point.) Check out the selection of dog duvets (bed covers), blankets, and pillows.

Check it out.

Buy stuff.

Follow them on the Twitters.

W00t!

Posted by Rick at 9:13 p.m.

Thursday, June 17, 2010

rickmode.com 3.0

I've gooooooglified rickmode.com. The site is no longer hosted on a generic cheap crowded shared server. This will save me roughly $80 per year. Woo hoo.

I designed the new site roughly like my old one, but simplified and using some neat tricks for gradient box edges (CSS3 styles which don't show up on Internet Explorer).

Read on for more geeky bits...

I'm using Google Apps Standard Edition giving me Gmail support for my rickmode.com emails. The main site is Python application running on Google app engine. The Google Apps domain allows me to configure the Google app engine application to use the www.rickmode.com address. Due to the way Google handles domain names in their cloud infrastructure, the naked rickmode.com domain forwards to www.rickmode.com. In my opinion, losing the use of the "naked" domain is a small price to pay in return for no system administration and the added resiliency from the Google infrastructure... not to mention the nice price of free.

I've also moved my blog from a self-hosted WordPress blog to Blogger. So now I no longer need to keep up with WordPress security updates (even better) the blog can handle high traffic. I may lose some flexibility however I happen to like the design of the Blogger templates. Blogger also supports using your own domain names, allowing me to use blog.rickmode.com rather than the rickmode.blogspot.com default.

My main page pull in the top three blog entries using the Blogger Data API, which uses the Google Data Protocol. This only took about 40 lines of code, including imports and the HTML template bits.

All this still requires my own domain registration of rickmode.com with full DNS control. So for about $10 per year and a bit of work, I have a custom web site with tight integration to a blog, all with no infrastructure headaches. I can concentrate on developing rather than system administration.

Cloud, FTW!

Posted by Rick at 5:32 p.m.