Upward Mobility: Dear Apple, Please Stop Hogging All the Good Stuff
Forget Touch ID, we're still waiting for access to Siri!
As I mentioned last week, the new Touch ID feature of the iPhone 5S is (at least for the moment) only usable by Apple created software. What this means is that a developer can’t take advantage of the feature to authenticate a user inside an application, it can only be used to unlock the phone and authenticate to iTunes.
This continues a troubling trend we’ve seen with Apple lately. Nearly two years after the release of Siri, the voice UI is still locked out for anyone but Apple and their chosen partners (such as Wolfram Alpha.) I understand that opening up a technology for third party usage takes planning and work, but twice in a row now, Apple has released what could be a transformative technology, and left the developer community out of the picture.
Cultivate and Grow Your Following
How to use SlideShare presentations for more than public speaking
For years, PowerPoint slidedecks dominated boardrooms and marketing meetings for companies around the globe. With the introduction of SlideShare six years ago, a whole new platform appeared, and with it the opportunity to share slideshows in a new way. Now, technologists, programmers and developers are using slidedecks to collaborate, demonstrate their professional knowledge, and move quickly in an open, agile workplace. For example, you can:
- connect with other professionals who are working on similar projects.
- quickly learn what is being presented at industry conferences.
- identify others who are working on technologies and projects that you’re interested in.
- learn how companies and organizations are using specific technologies, and follow their progress.
A Programming Life: Choose Your Own Adventure
Honesty, Evaluation, and a Success Story
I caught up with, Amye Scavarda (@amye), Client Advisor, Acquia, and Leslie Hawthorn (@lhawthorn), Community Manager, Elasticsearch at OSCON 2013 where both gave a talk on how to grow a career, that you’ll enjoy, in the open source world and beyond. Turns out it might not be so hard.
Key highlights include:
- Some old school first steps in taking a look at your work life [Discussed at 0:57]
- Don’t start by trying to improve what you are worst at [Discussed at 2:38]
- How and when should you learn new programming languages? It depends. [Discussed at 4:09]
- Success stories aka how this has worked for Amye [Discussed at 5:24]
You can view the full interview here:
After the NSA Subverted Security Standards
Is protecting open processes possible?
I was somewhat surprised, despite my paranoia, by the extent of NSA data collection. I was very surprised, though, to find the New York Times reporting that NSA seems to have eased its data collection challenge by weakening security standards generally:
Simultaneously, the N.S.A. has been deliberately weakening the international encryption standards adopted by developers. One goal in the agency’s 2013 budget request was to “influence policies, standards and specifications for commercial public key technologies,” the most common encryption method.
Cryptographers have long suspected that the agency planted vulnerabilities in a standard adopted in 2006 by the National Institute of Standards and Technology and later by the International Organization for Standardization, which has 163 countries as members.
Classified N.S.A. memos appear to confirm that the fatal weakness, discovered by two Microsoft cryptographers in 2007, was engineered by the agency. The N.S.A. wrote the standard and aggressively pushed it on the international group, privately calling the effort “a challenge in finesse.”
The Guardian tells a similar story. It’s not just commercial software, where the path seemed direct, but open standards and software where it seems like it should have been harder.
I was very happy to wake up to a piece from the IETF emphasizing their commitment to strengthening security. There’s one problem, though, in its claim that:
IETF participants want to build secure and deployable systems for all Internet users
Last week’s revelations make it sadly clear that not all IETF participants are excited about creating genuinely secure systems.
Mining One Million Tweets About #Syria
Surprising social media stats
I’ve been filtering Twitter’s firehose for tweets about “#Syria” for about the past week in order to accumulate a sizable volume of data about an important current event. As of Friday, I noticed that the tally has surpassed one million tweets, so it seemed to be a good time to apply some techniques from?Mining the Social Web?and explore the data.
While some of the findings from a preliminary analysis confirm common intuition, others are a bit surprising. The remainder of this post explores the tweets with a cursory analysis addressing the “Who?, What?, Where?, and When?” of what’s in the data.
What Do the New iPhones Mean For Developers?
Sometimes earth changing moments come in fingertip-sized packages
Well, the media feeding frenzy that is an Apple product release press conference is over, and the whelmingness is definitely on the under, rather than over side. Part of the lack of drama is that, these days, it’s almost impossible for Apple to keep anything under wraps. There are just too many hands in the supply chain, too many carriers to coordinate a launch with, and too many opportunities for a stealthy cameraphone snapshot of a box or component. Add in patent and FCC filings, and your barber can tell you what’s going to be unveiled, at least a week or less from the event.
Upward Mobility: Buddy System
This little XCode gem can handle all your plist needs
Sometimes it’s easy to forget that along with XCode, the iOS development environment also includes a ton of useful utilities that you can leverage to make your life easier. Many of them come along with the command line tools that you can install via the Downloads pane of the XCode preferences window.
The Myth of the Private API
The Fundamental Interconnectedness of Things
A little over a week ago, I wrote about how the authentication model for an unpublished Tesla REST API was architecturally flawed because it failed to take basic precautions against the sharing of credentials with third-parties common to most REST-based services these days. Since its publication, the main criticism of the article centered around the fact that the API is neither a published API nor has it been advertised as being meant for third-party consumption.
The adding of value to devices and services with or without the knowledge/permission of their creators is an integral part of the Internet of Things. These days, people expect an API around their devices. They will discover any APIs and add value to the device/service—even if the task requires a little reverse engineering work. A responsible creator of a device or service in today’s world defined by the Internet of Things must therefore do the following things—always:
- Give it a public API
- Protect any internal communications so they can’t be reverse engineered
- Protect any public communications so that they don’t put end users at risk when they leverage third-party devices and services
Working in the Hadoop Ecosystem
Working with big data and open source software
I recently sat down with Mark Grover (@mark_grover), a Software Engineer at Cloudera, to talk about the Hadoop ecosystem. He is a committer on Apache Bigtop and a contributor to Apache Hadoop, Hive, Sqoop, and Flume. He also contributed to O’Reilly Media’s Programming Hive title.
Key highlights include:
Sharing is a competitive advantage
Why the Velocity conference is coming to New York.
In October, we’re bringing our Velocity conference to New York for the first time. Let’s face it, a company expanding its conference to other locations isn’t anything that unique. And given the thriving startup scene in New York, there’s no real surprise we’d like to have a presence there, either. In that sense, we’ll be doing what we’ve already been doing for years with the Velocity conference in California: sharing expert knowledge about the skills and technologies that are critical for building scalable, resilient, high-availability websites and services.
But there’s an even more compelling reason we’re looking to New York: the finance industry. We’d be foolish and remiss if we acted like it didn’t factor in to our decision, and that we didn’t also share some common concerns, especially on the operational side of things. The Velocity community spends a great deal of time navigating significant operational realities — infrastructure, cost, risk, failures, resiliency; we have a great deal to share with people working in finance, and I’d wager, a great deal to learn in return. If Google or Amazon go down, they lose money. (I’m not saying this is a good thing, mind you.) When a “technical glitch” occurs in financial service systems, we get flash crashes, a complete suspension of the Nasdaq, and whatever else comes next — all with potentially catastrophic outcomes.
