Choices Are Limited When Looking For Secure Messaging Apps

I have used the Signal – Private Messenger app for a long time – I even remember that it was originally called ‘TextSecure’.

Luckily for me, the app also includes support for ‘normal’ (unsecure!) SMS messages, because only a very limited number of friends and acquaintances were willing to follow me. Perhaps this news will change their minds:

Without any fanfare, the Senate Sergeant at Arms recently told Senate staffers that Signal, widely considered by security researchers and experts to be the most secure encrypted messaging app, has been approved for use.

Source: ZDNet

So the US Senate is allowed to use this app – will the Open Whisper Systems crew be proud and see this as a compliment?

Read Full Post »

Staying Power For Old Beemers

Last weekend, I spotted two old BMW motorcycles on the road in the port of Antwerp (Belgium). I had my camera in my hands, so I managed a few badly-framed photos – you can see them on Flickr.

By chance, I also spotted an advertisement for a similar bike. I don’t pretend to be a specialist on the subject, but I haven’t seen many BMW R50/2’s in this color scheme (not even on Google Images), and I find this combination quite flattering!

A fine-looking oldie, as seen in one
of the last advertisements on Kapaza

When I said I found this “zoekertje” by chance, I meant that I just had a quick look at the Kapaza website, because the site announced just last week that it will be closing down in a few days. I have visited that site, with its thousands of advertisements for second-hand stuff in many categories, while on the prowl for say another bike or a special lens for my camera. Kapaza is (was) one of the few big Belgian websites that used ColdFusion for at least parts of its site, and that made me pay a bit more attention to it also. This is one more website that won’t last half a century and more, unlike the motorcycle shown here!

Read Full Post »

Security And Trust On The Internet

In a blog post titled “Securing our Digital Economy“, the president and CEO of the Internet Society writes:

The truth is that economies can only function within a secure and trusted environment.

Which brings us to encryption. […]

Encryption is a technical building block for securing infrastructure, communications and information. It should be made stronger and universal, not weaker.

Stronger encryption? I’m all for it. Do I really have to explain that government-enforced “backdoors” in encryption tools will only weaken those tools – and the trust they are supposed to deliver?

Source: Shutterstock

Read Full Post »

Don’t Use Directory Name ‘/api’ For Your Own Uses In ColdFusion 11

Last week, I did loose a lot of time in what should have been a quick ColdFusion hack. My colleagues and I were just trying to set up a web service-based solution for a simple problem: they had a JavaScript page that needed a bit of data for which I already had the code in ColdFusion. So I created a new directory in an existing application, whipped up the required code in ‘index.cfm‘ to return a bit of JSON and tested the result from my browser… only to get an “Error 500 - Application index.cfm could not be found“.

Weird, heh? The required file was there, so why could CF11 not find it? Adding an ‘Application.cfm‘ did not help, neither did repackaging the code in a CFC. On CF8, on the other hand, everything worked as expected. So what was going on?

It took some time, but I did find the explanation: CF11 reserves the directory name ‘api’ for special treatment, so you can’t use it like any other directory name – and of course that was the name I had chosen! Adam Tuttle described the situation nicely in 2015:

Funny you should mention that the issue is inside an /api folder. I’m trying to track down the same problem, except I’m directly accessing an index.cfm (sort of — onRequest intercepts the request and redirects to CFCs as appropriate — it’s a Taffy API) and I’ve found that renaming the folder from /api to … literally anything else… works fine. It’s almost as if something in CF has special meaning at /api, like the special /rest mapping does.

Indeed, renaming my directory solved the problem – too bad it took me so long to find the cause. On to the next problem!

PS. Adam Tuttle has more to say on the subject, but his post on the subject has disappeared: the URL ‘http://fusiongrokker.com/post/coldfusion-11-sometimes-chokes-on-api‘ no longer points to the relevant text, but is redirected to another blog also belonging to Adam Tuttle. There, unfortunately, the post is NOT available. I won’t call this a case of linkrot, but it’s not good either. Luckily, the Wayback Machine has a copy of the page, including a few comments…

Read Full Post »

Does Your Social Media Tool Need A ‘Trip Mode’?

Social media are everywhere these days, to the point where they suddenly seem to be more important than any other communication medium. Families and friends use them to stay in touch while on holiday, companies use them for informal meetings and discussions, news media distribute their headlines with them, politicians on both sides of the Atlantic Ocean (and probably elsewhere in the world too) use them to try and set the stage for policy changes.

Privacy questions remain, however. Especially now that the concept of real and virtual walls around nations is rearing its (ugly) head again. So here’s an interesting suggestion from Maciej Cegłowski, in a post titled “Social Media Needs A Travel Mode“:

All I care about when I’m on vacation is posting devastating beach photos that will make my friends jealous. So why do I need to carry the complete list of people I went to high school with, or an archive of messages I exchanged with a chance acquaintance ten years ago?

[…]

We need a ‘trip mode’ for social media sites that reduces our contact list and history to a minimal subset of what the site normally offers. Not only would such a feature protect people forced to give their passwords at the border, but it would mitigate the many additional threats to privacy they face when they use their social media accounts away from home.

Reinforced real borders the world all over form a strong contrast with an Internet that has (almost) no frontiers. So I do wonder if we’ll ever see such a thing – perhaps Diaspora could propose a solution?

Read Full Post »

Latest Gopro Action Is A Big Fail

I strongly agree with the open letter sent to Gopro by user Jeffrey B.George – although “open” is a strong word for a text that apparently was only posted to Facebook. But anyway: back to the matter at hand.

I too was confronted with the need to create an account on the Gopro website and to login to that account in order to use the latest version of the Gopro software just to see my video’s on the iPad! That is quite an offensive move by Gopro, essentially blocking the use of their main product for any user out of reach of the Internet. I suppose I must consider myself lucky to having bought a relatively cheap Session and not a Hero5? That way, I won’t have wasted as many Euros? No, sorry, like Jeffrey says: “an action camera shouldn’t need an internet login“. Nor should the use of an app to control said camera.

If Gopro doesn’t change its stance on this matter , I won’t be able to recommend the brand to my friends. Is that what they want?

Read Full Post »

Mark Twain Did Not Say: Reports Of My Death Are Greatly Exaggerated – Or Did He?

The first mention of Snopes on this blog goes back to the year 2000, and I’m happy to announce that there is a good overview of what Snopes is (and how it came about) on the Webb Awards website. In summary, Snopes is a “fact checker”, where you will almost certainly find your favourite urban legend, its ‘truthiness’ and its history. Snopes started checking ‘hoaxes’ and ‘urban legends’ in 1994, shortly after the birth of the Web. These days, the presidential election is more than enough to keep the Snopes team hard at work; suffice it to say that many extravagant claims turn out to be fabrications, with or without Photoshop. There are many ‘fake news’ sites on the Web, but ‘real’ news media sometimes forget to verify their stories as well, and that just means more work for Snopes and its ilk.

Sarcasm by XKCD

“How the Truth Set Snopes Free – Racing Against the Web’s Rumor Mill” also explains:

And therein lies one of the biggest lessons that Snopes has to teach: Urban legends are most interesting for what they say about those who spread and believe them—our hopes (as in the grateful millionaire tale) as well as our fears about the secret ways the world really works.

Here’s the current biography of David Mikkelson, Snopes’ founder:

David Mikkelson founded snopes.com in 1994, and under his guidance the company has pioneered a number of revolutionary technologies, including the iPhone, the light bulb, beer pong, and a vaccine for a disease that has not yet been discovered. He is currently seeking political asylum in the Duchy of Grand Fenwick.

The interpretation of that sentence is left as an exercise in humour detection to the reader ;-) Or you could try the “Random” function of the website to be surprised again and again with how stories are morphed from fact to falsehood, myth or hoax.

For details on what Mark Twain said, check out https://en.wikiquote.org/wiki/Mark_Twain…

Read Full Post »