iMatt :: The Blog of Matt Clare

A recent article in the Columbia Journalism Review by Matthieu Aikins underscored the need to protect the contents of your smartphone. If the potential to have your own information stollen or generally snooped through your stuff, please consider this story.

The British journalist and filmmaker Sean McAllister was in Syriashooting a documentary for Britain’s Channel 4 about the underground there. A few he had worked with were concerned about his general lack of care about his communications and protection of the identities of those in the underground he was working with.

In October, McAllister was detained by Syrian security agents. Well detained he could hear the cries of prisoners being tortured in nearby rooms. He was interrogated and had all of his electronics seized and searched.

Upon hearing that security forces had McCallister a few individuals who had been in touch with, including the main source of the article, immediately fled fearing the brutal Syrian regime now had information that put their lives at risk. Others in McAllister’s electronic records, like one Omar al-Baroudi, were never heard from again.

The article uses the example to point to the need for journalist and the organizations that employ them to become more aware of how to protect their digital information. I hope this stark example will encourage everyone with a smartphone to consider protecting the information on it and information available to it.

If not, please consider the potential embracement of a malevolent or mischievous individual finding your smartphone and posting to Facebook or Twitter on your behalf (though I would understand that it would be nice if someone update your Google Plus account).
Read more... (693 words, 2 images, estimated 2:46 mins reading time)

Over four months ago I ordered a WoPad from PandaWill.com, so far I’m glad to have the exposure to the Android platform, and for some tasks the larger screen works well. But, the bottom line is it does not replace what any of the Apple iOS devices do.

The Device

The best part about the WoPad is that with express shipping it costs less than $200.00 Canadian. The free Android operating system that Google provides allows seemingly random manufacturers to assemble a collection of hardware, add the Android OS and suddenly have a tablet for sale.

The WoPad offers a capacitive screen or pressure sensitive. I won’t consider anything without a capacitive screen to be a modern tablet, so I ordered the capitative screen so that I wouldn’t look like a cafeteria worker trying to punch-in a trays worth of food into it. That said, the WoPad’s capacitive screen is slow to respond, that or perhaps it’s ability to process touches is very slow, but more on that in a bit.

The WoPad also has an SD card reader, standard headphone jack, standard USB connector for external media, a mini-usb connector so that the WoPad itself can be an external drive. There’s also a micro-HDMI port (I have yet to test) and it’s non-standard power connector – however it will trickle charge off of the mini-USB cable.

Android

The first thing I did when I received my WoPad was ask a colleague to “root it” and install the latest Android ROM that the WoPad would could support.

The ROM he used was based on this thread over at SlateDroid.com www.slatedroid.com/topic/14507-wopad-froyo-custom-rom/ Using these steps www.slatedroid.com/topic/12854-how-to-flash-a-rooted-rom/

If it weren’t for my keenness to get the latest ROM it would have never needed to be connected to a computer. A challenge Apple’s “peripherals” have yet to overcome.
Read more... (687 words, 6 images, estimated 2:45 mins reading time)

If your web site is running on Apache, and almost all are, there’s a simple way to protect directories on your web server. This method can be very secure, when combined with HTTPS and some good practices on your part, but it can also be a simple way to limit access to just a few people who know a password – perhaps as an alternative to Facebook sharing.

The feature being used is Apache’s HTTP Basic Authentication module. Apache has their own How-To at their web site, but here are the basics:

You need to add two files to your web server, and it helps if you have access to a terminal/command prompt.

Here are two key files and their their contents.
.htaccess

#Force HTTPS
#RewriteEngine On
#RewriteCond %{HTTPS} !=on
#RewriteRule ^(.*) %{HTTP_HOST}%{REQUEST_URI} [R,L]

AuthType Basic
AuthName "Restricted Files"
AuthBasicProvider file
# Needs full unix file address, output of pwd command
AuthUserFile /var/www/html/examples/guest_w_pass/.htpasswd
Require valid-user

These are basic .htaccess directives, that most web servers should allow. The first segment is to force the use of HTTPS, you might want uncomment that if HTTPS is important to your application. The second section turns on basic authentication and directs the web server to where to get the password file – you can put the password file anywhere your web server can access it and it does not have to be in the same folder as the .htaccess file. You are responsible for finding the full unix path to the file, either from the pwd command or the “Get Info” option inside a file browser.

.htpasswd

guest:{SHA}K8+J8fKKKxjnREM2J4/C72Qawa4=


This file is the results of the command htpasswd -sc .htpasswd guest. The s after the – is for SHA-based password hashing and the c after the – is for create. The file can be added to or updated with the command htpasswd .htpasswd username. Run the command htpasswd --help for more information.
Read more... (433 words, estimated 1:44 mins reading time)

I’m a big fan of famfamfam.com ‘s free icon set Silk. The Silk icon set contains over thousand simple icons that are free to use for any purpose. All those at famfamfam.com ask is that you include a link back to there web page in your credits famfamfam.com/lab/icons/silk/.

The icons are so simple as small that it makes a lot of sense to include them in your web site’s CSS file as Data URIs. Here’s my web page containing the Silk icon set as CSS/Data URIs.

Wikipedia has a good explanation of what Data URIs at en.wikipedia.org/wiki/Data_URI_scheme . The Data URI scheme is a URI scheme that provides a way to include data in-line in web pages as if they were external resources, as opposed to linking to a file.

The other advantage of using CSS is that the images here are loaded as background images through CSS. An advantage for accessibility and other functional reasons when loading an image for decoration only.

Data URIs are the binary file data represented in Base64 encoding. It’s worth noting that Base64-encoded data is about 4/3s of the original data size, or about a third larger than equivalent binary images. Data URIs also my not be as aggressively cached.

With that noted, there are advantages to using Data URIs. Data URIs reduce the number of HTTP requests. Negotiating a new HTTP request is often the biggest bottleneck on a broadband connection. With small files (like these) the overhead of establishing a HTTP request can actually represent more transferred data than the image itself. These types of decisions reduce the number of round-trips and delay.
Read more... (362 words, 7 images, estimated 1:27 mins reading time)

While my wife was getting a valuable two hours of sleep before she was woken with contractions signaling the birth of our first born child 19 hours later, I was not quite tired enough to sleep. UnknowingIy missing out on my last chance to sleep for a while, I was typing away at a PHP script to allow us to share pictures of our new baby – whenever he was going to arrive – with our friends and family privately with nothing more complex than the ability to eMail photos from my iPhone.

It was important to us to be able to share these pictures of our new child, but also to protect our child’s image from the very public exposure of the public internet and the still too public (or at least, un-trustable privacy of) Facebook.

Here’s how I was able to achieve this with a web server, some PHP, a GMail account and my iPhone:

Creating Galleries
First off I created a folder with standard Apache Basic Auth settings and let our friends and family know the simple username and password. I also turned on WebDAV access for the geekier viewers. In order to construct interesting galleries I placed a copy of Qdig, a Quick Digital Image Gallery PHP script to create galleries and thumbnails on the fly (and secured it against the WebDAV access). I had to increase the amount of RAM PHP could use, but otherwise it was very easy to implement.

Getting eMail Attachements from GMail with PHP

I created a new GMail account (specifically through my Google Apps domain) to receive all of these cute baby pictures via eMail from my iPhone. The next step was to check it automatically and store the attached pictures in a specific folder.
Read more... (452 words, 1 image, estimated 1:48 mins reading time)