On January 24, 2012 the U.S. Senate will vote on PIPA, a bill that would enable government censorship of the Internet.  This cannot be allowed to pass.

PROTECT-IP, and a similar house bill called the Stop Online Piracy Act, would permit federal law enforcement to block the domain name of any site deemed by the Department of Justice to be infringing on copyright.  This includes not only sites that are directly providing pirated material such as The Pirate Bay, but any site that links to another site containing copyrighted material.  This includes search engines and social networks.  Imagine if Google was taken offline because it indexed a site with a pirated copy of a movie (which it almost certainly has since Google indexes the entire internet, good or bad) and returned that site in a search result.  Imagine if all of Facebook was taken down because one person of the over 800 million members posted a link to a site where you could download Lady Gaga’s newest album for free (that kind of thing happens all the time).  Under these laws, both of those scenarios would be possible and legal.  Furthermore, the laws circumvent due process.  In order for a site to be blocked, the DoJ simply has to find that it contains or links to piracy, and that’s it.  There’s no trial or hearing, and minimal investigation.  All these bills would accomplish is breaking the Domain Name System and opening up security holes in the Internet, penalizing law-abiding citizens in the process – all while doing next to nothing to actually stop piracy.

Numerous companies and legislators have voiced their opposition to these bills including Google, Reddit, Facebook, Twitter, Wikipedia and countless others.  As part of the effort to raise awareness and protest SOPA/PIPA, Reddit and a growing list of other prominent sites will be blacking out their sites on January 18 8am-8pm EST.  Wikipedia is even considering joining the party.  As some of the highest traffic sites on the Internet this action would be seen by tens of millions of people.

I’ll be taking part in the blackout as well, by shutting down my site that day and displaying an anti-SOPA/PIPA message in its place.  If you have a web site, I highly encourage you to do the same.  There is already a WordPress plugin to do this very easily.  The more people actively show their opposition, the better.

Efforts taken against these bills have already have an effect.  Constituent emails, calls and letters have forced Congress and the Senate to revise the bills, which is a start.  We need to do everything we can to kill these bills for good.

Don’t let the lazy, greedy entertainment industry executives hamstring the entire Internet for the sake of their dying business models.  Contact your congressman or senator in opposition of SOPA and PIPA.

Do Your Part

Stop American Censorship
Electronic Frontier Foundation

For many months I’ve been using a Yubikey as a staple of my cyber security plan.  It makes me exponentially more secure and at the same time makes it easier for me to stay secure.  The only part of it that isn’t drop-dead simple is the configuration, though even that isn’t very difficult.  I’m going to show you step by step how to configure your Yubikey to get the most out of it and set yourself up for success.

In order to configure your Yubikey, you’re going to need the personalization software.  This utility is available for Windows, Intel-based Mac OS X and Linux so you’re good to go no matter what you use.  Once you download it, follow the instructions to install or run it on your machine.  For this example we’ll be using the Windows version of the utility, running on Windows Vista.

You’ll see areas of the screenshots that are blurred, where there is information that is personally identifiable and possibly still valid.  Anywhere you see information in plain text, that information is invalid so there is no risk in sharing it.

Once you have it installed, run the software.  You will be greeted with a screen like this.
Note: if you’re using a newer version of the software, your interface may differ. At the time of this writing, the latest version is 3.0.1.

This is the main screen, which gives you an overview of your Yubikey and the options for configuring it.

Yubikey offers two memory slots, meaning you can have two different configurations stored in the device. For this example we’re going to have the following setup:

• Memory 1: Yubico-authenticated One Time Password (this is used with services like LastPass)
• Memory 2: Static Yubikey password (traditional password – always the same)

This is going to give us the most use from our Yubikey, since you can use the static password anywhere One Time Password isn’t supported (logging into Windows, securing a TrueCrypt volume, etc.).

One Time Password

Let’s get started with Memory 1, the One Time Password configuration. On the main screen, click “Yubico OTP Mode” to get started.

On the next page, click the “Quick” button.

This greatly simplifies setting up the Yubikey, and handles all the configuration options required for the One Time Password system. It also allows you to upload your Yubikey’s credentials directly to the Yubico servers, which is required for using the Yubikey to authenticate with services like Lastpass. The Quick configuration screen looks like this:

Everything you need for OTP to be configured is shown, and all the values are randomly generated and pre-filled by the software.  All you have to do is choose the memory slot you want to use, which for this example (and I’d recommend for your use as well) will be Configuration Slot 1.  Once your screen looks the the image above, click “Write Configuration” and click yes at the prompt.

The software will now write the values we’ve just generated to the first memory slot in your Yubikey.  When it’s successfully written the information, your screen will look like this:

Now that we’ve programmed the Yubikey for One Time Password authentication, we need to provide the unique credentials to the Yubico servers.  In order to the One Time Password system to work, a service using OTP to authenticate you must be able to verify that the one time string they’re being given is valid for the device giving it to them.  They do this by sending it to the Yubico servers and asking if it’s valid.  So, we need to provide our data to Yubico so they can verify those OTP strings.  To do this, click on the “Upload to Yubico” button.

This will launch your browser and take you to a page that’s pre-filled with all the data from the Yubikey.

You’ll need to fill in any fields that weren’t provided by the configuration software, such as your email address and the CAPTCHA at the bottom.  Once every field (including the CAPTCHA) except for the “OTP from the YubiKey” field is filled in, place your cursor in that remaining field and place your finger on the gold button on your Yubikey for 1-2 seconds.  This will generate a one time password string, enter it into that field, and send the Enter key command to submit the form.

It may take a couple of seconds for the data to upload since the server needs to verify that all the provided data checks out.  Once this is complete and the data has successfully been saved to the server, you’ll see the following page.

The page verifies all the data that was saved to the server, and shows the OTP string that was provided.  Since each string is only valid once (hence the name “One Time Password”) that string is already invalid by the time you come to this page.  It will never, ever be used again.  You will want to validate that the Yubikey can successfully authenticate with the Yubico servers, so click the green link labeled “online test service” on that page, which will take you to a page with a Yubikey OTP form field.

To test your Yubikey, simply place your cursor in the box and tap the button on your Yubikey for 1-2 seconds.  Just like when we were uploading the credentials a moment ago, the device will generate a string of OTP and send the Enter key command.

Remember, it can take 15-20 minutes for the uploaded key to spread to all the servers, so you may not be able to test at first.  If your authentication fails, you’ll see this page:

If this happens, just try again in a few minutes.  Eventually you should see a page like this:

Once you see this, you’re all set with configuring your Yubikey for OTP.  You can start using it with any service that supports it.

Static Password

Not all authentication systems support One Time Password.  For example, Windows and Mac OS user accounts don’t support One Time Password, so you have to use a traditional static (unchanging) password.  Luckily the Yubikey has a second memory slot which we can use for exactly that.  This is a much simpler configuration process since it doesn’t require uploading the code to any servers.

In the Yubikey configuration software, click “Static Password” along the top, and then click the “Advanced” button.

This is going to allow us go make sure all the parameters of our static password are how we want them, which I’ll walk you through.  The page you’re taken to looks like this (though in this picture I’ve already set everything up):

Notice the settings I’ve chosen in the image above.  Starting from the top, I’ve set the Configuration Slot to Configuration Slot 2.  This is crucial, as we don’t want to overwrite our OTP configuration that we just set up.  In the “Program Multiple Yubikeys” section we’re going to leave this turned off, since we’re just configuring one Yubikey.  I have no experience using this tool to program multiple Yubikeys at once, so I’m not going to attempt to walk you through that if that’s what you’re trying to do – we’re just going to focus on programming a single Yubikey.

In the “Configuration Protection” area, I’ve turned on protection.  This is a safeguard against somebody (including you) either accidentally or intentionally erasing or overwriting your static password.  This is done with  a 6 byte hex code in an effort to prevent the use of insecure, easy-to-guess passwords.  You can get a hex code by going to Gibson Research Corporation’s Perfect Passwords page, and copying the first 12 characters from the “64 random hexadecimal characters” field (that’s where I got the one shown above).  Just paste in the field shown, and the software will automatically format it properly.  You also need to store this 12 character code somewhere safe, in case you never need to reprogram your static password.

The Password Parameters section is the important part: this is how we determine what the password will be.  The length defaults to 32 characters, which is fine so we won’t change that.  The Public Identity field doesn’t apply to this process, so it’s grayed out.  Private Identity and Secret Key are the parts that really matter, but those fields need to be generate.  Simply press the “Generate” button next to each one and a random string of characters will appear in each.  This string changes every time you press the “Generate” button.  You’ll also want to check the boxes for “Upper and lower case” and “Alphanumeric” to make the password stronger, and to ensure compatibility with systems that support limited character sets.  If you plan to have multiple Yubikeys with the same static password (keeping a backup, sharing it with your spouse, etc.) you can do so by replicating the settings in this section.  Copy the Private Identity and Secret Key and make note of the length and which boxes were checked.  You can then paste the strings and replicate the other settings, and the password that results will be the same.  In fact, it’s smart to keep this information somewhere safe even if you only have one Yubikey in case you lose or break your Yubikey and have to create your static password on a replacement.  Just be sure to keep this information somewhere secure, since somebody could replicate your password if they got their hands on it.

Once your screen looks like the one shown, click “Write Configuration” and wait for the message saying it’s been successful.

You’ll want to test it to verify that it’s working.  Open a text editor such as Notepad, and hold your finger on the Yubikey button for 3-4 seconds.  When you release it, the static password will be “typed” into the editor, and an Enter key command will be sent at the end.

Your Yubikey is now fully configured.  To use the static password, copy it from the text editor and paste it where you’re prompted to set a password.  I would recommend using it in combination with a short password string that you’ve memorized.  Make sure you place the memorized password ahead of the Yubikey static password, since the Yubikey presses Enter as soon as it’s put in the static password.  By doing it this way, you effectively create a multi-factor authentication system in a simple password field: one part from something you know, and the other part from something you have.  This makes it easy to remember your password, while still giving it superb stength by adding the 32 character random string from the Yubikey.

How To Use It

Because there are two separate configurations stored inside the Yubikey, there are two separate ways to trigger the Yubikey.  Here’s how it breaks down.

• Generate OTP string: place your finger on the Yubikey button for 1-2 seconds.
• Enter static password: place your finger on the Yubikey button for 3-4 seconds.  Don’t hold the button for longer than 4 seconds or else it won’t do anything.  If that happens, just try it again.

With this setup you’ll be able to have top-notch authentication security in any situation.  Use the One Time Password component wherever it’s supported, and use the static password combined with a memorized password everywhere else.

For the past six months I’ve used the Cr-48 I got in December on a daily basis.  As you may recall, the Cr-48 is a test computer Google created and sent to chosen applicants to field test their new Chrome OS.  I received one, and I’ve used it all the time.  Since Google just announced that Chromebooks will start being sold commercially on June 15, I thought it was time I talked about my experience using it.

Hardware – The Cr-48 Itself

I want to get this taken care of right up front.  I’m only going to spend a few sentences on this since the Cr-48 itself will never be sold, and was only developed for testing.  I really like the device, though it’s sometimes a bit on the slow side.  If you’re using a really rich web application like Seesmic Web it can lag a bit, and YouTube videos can get choppy if you play them above 360p.  None of this is really a deal-breaker, and 98% of things I do on it never have any speed or performance issues.  When it was first shipped a lot of people griped about issues with the touchpad, but those have pretty much all been resolved with software updates.  I still really like the matte black soft touch finish on the case, though it’s started to wear off in a few spots, like some of the corners.  Battery life is still fantastic.  All in all, I’m still very much a fan of the Cr-48, and bring it with me almost every time I leave the house.

User Interface

Let’s go ahead and jump into the important part: the software.  Chrome OS, from a user interface standpoint, is really no different from the Chrome browser you can install on any computer now.  The entire interface is just the Chrome browser, so there’s really nothing new to learn here.  Really, the only place the user interface differs is logging into the computer, which is simply a box with your username and (if you want) a picture to go with it, and a prompt for your password.  Once you log in, you’re looking at Chrome.

Settings & Preferences

Since it’s Chrome, all settings are the same as the normal Chrome browser.  Plus, since Google has built full profile synchronization right into Chrome any bookmarks, extensions, web apps, etc. that you sync on your current computer will automatically show up on your Chromebook, and vice versa.  There’s really not much to discuss here, since you already know 95% of it if you use Chrome.

Networking

This is a crucial part of any Chromebook, since the entire platform is Internet-dependent.  The Cr-48 is equipped with 802.11 a/b/g WiFi, as well as a Verizon 3G chip.  The 3G works fine, though I use it rarely.  WiFi works great, but there are some issues that are software-related.  First off, it doesn’t support more advanced authentication methods.  Many colleges and large companies use a method of connecting to the wireless network that requires entering a username and password during the connection being established.  Chrome OS thus far on the Cr-48 doesn’t support that, though I have to believe they’ll be adding support in time for the June 15 launch.  There are also occasional issues with WiFi not reconnecting properly when coming out of standby.  That has improved over time, but it’s still a problem.  Google also recently enabled support for ad hoc networks, such as those created by a phone when doing hotspot tethering.

File Management

This is an area that still needs work, though it has improved markedly since I first got my Chromebook.  Given that Chrome OS does everything on the web and not compute locally, it seems somewhat logical that they would put less emphasis on managing local storage.  There are times though when you really need to download a file, or upload one from a flash drive or SD card.  I often need to do that for this site, in fact.  When I first got the computer, there was barely even a menu entry for accessing files.  By now they’ve added a more complete file manager, and support for external media.  However, a lot of basic tasks are still unavailable, such as copying or moving files, or viewing properties.  I really would like to see them enhance this part of the OS.

Security

This is one of the components of Chrome OS that I think really makes it stand out.  I’ve gone to every site I can think of that’s a known malware propagator, and haven’t had a single issue.  It’s locked down tight.  I tried sideloading a different version of Chrome OS from USB, and it wouldn’t take.  I’m pretty impressed with how security-minded Google was when designing this platform, and I think it’s a great solution for a lot of users, especially in corporate and educational environments where many users may not know best practices for avoiding infection.

Chrome OS Has Lots of Promise

I’ve heard a lot of naysayers discounting the idea of an operating system that only does the web. They claim that there’s no point, when you can already access the full web on a normal computer, and do a whole bunch of other stuff too.  Honestly though, let’s think about the average user: most people I know spend the majority of their time on a computer on the Internet.  When they’re not surfing the web, they’re using an office suite, listening to music, or looking at pictures.  Very few people I know are doing any sort of actual photo editing, music creation, or video rendering at all, let alone on a regular basis.  Even for the developers I know, most of them are doing web development – which you can do very well with some great web apps.  The point is, almost every task the average person performs on a daily basis either already is, or can be very easily and comfortably, done online.  Plus, most people don’t know everything that’s required to keep a computer safe and running well, so why give themselves the headache?  Chrome OS has the makings of a fantastic platform for most users, and with a few enhancements will be a really solid competitor.  I’m looking forward to seeing where it goes, and I’m going to continue using my Cr-48 all the time.

Lastpass, my favorite password management solution, noticed a “network traffic anomaly” on their servers yesterday which they couldn’t account for.  They immediately notified users that they were investigating if any data was breached, and said this:

Because we can’t account for this anomaly either, we’re going to be paranoid and assume the worst: that the data we stored in the database was somehow accessed. We know roughly the amount of data transferred and that it’s big enough to have transferred people’s email addresses, the server salt and their salted password hashes from the database. We also know that the amount of data taken isn’t remotely enough to have pulled many users encrypted data blobs.

So basically, they don’t know for sure but better to be safe than sorry.  Good on them.

Here’s the good news: if you use a Yubikey to authenticate with Lastpass, you can ignore this entire situation.  Because Yubikey authenticates with a third party beyond Lastpass, any data that may have been gained is completely useless without your physical Yubikey.  The only way an attacker could gain access to your account is if they a) had managed to figure out your password (unlikely, but possible) and b) if they are holding your exact Yubikey.  If you’re holding it right now, then the laws of physics tell us that’s impossible.  The moral of the story is, buy a Yubikey immediately and get Lastpass Premium if you haven’t already (Yubikey offers a package deal for this).

The threat here is not one of a hacker actually having your passwords – that’s protected by the full end-to-end encryption that Lastpass implements, and this is exactly why they do.  The concern is that whoever may have grabbed data is now going to try a brute force attack on users’ passwords in an effort to gain access to their account.  Only if they successfully figure out the password can they see any of your data.

For those unfamiliar, a brute force attack is when a person trying to gain access to data tries a whole bunch of different passwords, often using a list of dictionary words as part of it.  It’s basically a game of chance: sooner or later they’re bound to hit on somebody’s account which is using a simple dictionary word for the password, so they just keep trying every word on everyone until they do.

Since Lastpass has identified this risk, they’ve taken steps to mitigate it.  They’re tracking IPs from where users log in, and if it’s not a recent IP they block authentication.  Mobile devices are also blocked, and they’re requiring these users to change their master password.  Steve Gibson, the security guru and my (unbeknownst to him) mentor, explained this all very well in a tweet earlier today.

Unfortunately, due to the volume of password reset requests from this situation they’re a bit overloaded.  They’re asking users not to change their password unless prompted by the system, or as least not for a couple of days.  Whether you’re comfortable with that is up to you.  As Steve explained though, they’ve also completely changed how passwords are handled going forward to make even existing passwords incredibly difficult to brute force.  I would say it’s fairly safe to hold off changing your password unless Lastpass explicitly asks you to.

Here’s the bottom line: unlike the recent breach of the Sony Playstation Network, all your data is fully encrypted and completely inaccessible without figuring out your credentials.  Since Lastpass has already responded very appropriately and is taking all the steps they can to prevent any actual data breach, you shouldn’t be worried.  As I mentioned above, you should also be using a Yubikey.

For years I’ve been using the same link structure on every WordPress site I operate: example.com/year/month/day/post-title.  I opted for this method because I liked that it gave time context to the content right inside the URL.  Plus, my links looked fancier & more impressive!  Recently I’ve decided I don’t like this so much anymore, mainly for one reason: it’s not easy to tell somebody a link like that in conversation.  Since doing more audio & video content where I can’t simply post a text link for people to click on, I’ve decided that big, complicated links are a pain.  This is partially solved by link shorteners, but these aren’t good for conversation either.  If, for example, I wanted to tell somebody about my post on Lastpass it would be awkward to say “go to C-N-V-R dot C-C slash lastpassreview” since they won’t remember it & it sounds like a pain to do.  Instead, if I could just say “go to C Conover dot com slash lastpassreview” they’ll be more likely to do it.  So I decided to change my WordPress settings to enable this method.

There’s just one problem: I’ve been using the old system for years, and those links are all over the place.  I don’t want them to break & people to get “Page not found” errors all day long, I want them to be routed to what they are interested in seeing.  Luckily that’s easily accomplished no matter how much you want to change.

Global Redirects

The first thing to do is install a plugin called Dean’s Permalinks Migration.  This plugin is incredibly simple to set up, but very powerful.  All you do is provide to it the old permalink structure (the one you’re phasing out) which is simply the syntax code in the box on the “Permalinks” settings page in your WordPress installation.  Once you’ve saved that, the plugin will look for any request to your site using the old link structure.  If it gets one, it redirects it to that same location under the new permalink structure.  If the requested page doesn’t exist (or at least not at that slug) then the user will still get a 404 error, but otherwise it will work immediately across the whole site.

Of course, the most important part of this is actually deciding on what you want the new permalink structure to be.  The Permalinks Migration plugin only supports one entry for the old permalink structure, so you only want to change it once.  Hopefully the plugin developer will add support for multiple entries, but for now be sure you’ve chosen the structure you really want.

The way this plugin handles redirects is important.  Any time somebody goes to a page at the old location, Permalinks Migration returns a 301 code with the redirect command.  ”Christiaan, what’s a 301 code & why do I care?”  Good question, I have an answer.  See your visitors won’t really care or notice, they’ll simply click or type a page they want, and after a moment they’ll get there.  Search engines will notice and care, because a 301 code indicated to a search engine that it’s a permanent redirect.  When a search engine is told that, it makes a note to update this page in its listings to reflect the new location to which it’s being redirected.  It may take a while for this change to show up in Google results & the like, but after a while you’ll see the new URLs showing up in search results.

Special Case Pages

Of course, not all pages will end up staying in the same place.  You may decide you want to change a page’s URL to make it simpler, more descriptive, or just because you think it looks better.  I actually did this with all the show episodes on Wheelspin Network, to make it easier to quickly pull up an episode.  Before I was using the structure I mentioned at the top of this post, but I’ve switched to just the show abbreviation & episode number.  For example, the link to episode 40 of RoundelTable used to be: wheelspin.tv/2011/02/01/roundeltable-40-bill-auberlens-daily-driver-has-3200-horsepower/ instead, it now reads: wheelspin.tv/rt40.

Doing it that way makes it much easier for someone to quickly pull up an episode if I reference it during a show, and it looks a lot cleaner.  However, since the location of the page itself has changed the Permalinks Migration plugin won’t be sufficient to get a user from the old location to the new one.  For this situation, we need to create a custom redirect.  That’s where the plugin Quick Page/Post Redirect comes in.

This plugin does the same basic thing as Permalinks Migration, but on a page-by-page basis.  All you have to do is go to the plugin’s Settings page, and in a blank line enter the location the user requests on the left, and the location to redirect them to on the right.  It’s that simple.

As a side note you’re not limited to redirecting to pages just on your site, but to any URL you want.  You can see in the picture above that I have some links going to completely different places, but I can still give people a link through my domain to get there.  Very handy.

This is obviously the more time-consuming stage of the process, but it’s just as critical to a successful migration.  The best way to ensure you don’t miss any custom redirects is to add one to the list every time you change a page’s location.  That way you don’t forget about any & end up sending users to a dead end.

You’re All Set!

Properly configuring these two plugins should ensure a totally seamless transition to your new permalink structure.  I personally would like to see WordPress support some sort of page tracking & redirect for permalink modification by default, but in lieu of that the solution I’ve outlined works like a champ.

Do you have a different solution for doing this?  Let me know in the comments, I’d love to have some additional ways in my toolbox.

Bear in mind as well, in the age of new media you as an individual can be, and realistically are, a brand.  As you’re building or maintaining yourself as an online entity, you’ll want to be taking advantage of every tool you can to make yourself recognizable.

Brand Identity & Recognition

If you’re simply using the standard bit.ly links to share pages, your links have no more meaning to somebody seeing it in their feed than anyone else.  Sure, they’ll carry some weight when they’re in posts from your accounts, but if somebody else shares the link they’ll look just like any other link.  If you have a custom URL, people will instantly recognize that the link they’re going to click on comes from your brand.  If you have a reputation for quality content worth viewing (which hopefully you do), then people may be more likely to click through to the page when they see a link from your short URL.  The link will continue to carry that reputation for you when it starts showing up in places beyond the accounts you control, further extending your reach to existing & new visitors.

Brand (and link) Trust

This one is perhaps the most imporant factor in my mind.  One of the biggest problems with generic short URLs is that you have no idea what a link goes to unless you click on it.  If you’re trying to build positive relationships with readers & visitors to your site, why would you want to give them a link that they may not be comfortable clicking on?  Sure, it’s probably safe since you’re posting it on your account, but how can they know?  Plus, the benefit of the doubt is gone when it’s being posted in places outside of your control.

By using a short URL, you’re doing a couple of things.  First, you’re giving potential visitors confidence that the link they’re about to click on is trustworthy.  You’re also letting them know that you endorse whatever page you’re linking to.  This can be a double-edged sword, if the page changes after you’ve linked to it & suddenly isn’t what you intended it to be, but that’s rare & not much of a concern.  Since you alone have access to the account for your custom URL shortener, users will know that a page linked to through your custom shortener domain have been vetted & won’t harm their computer, which builds trust not only in your links but in your brand.  You’re growing a stronger relationship with users at every level.

It Looks Better

This one is obviously more subjective, but I think it’s got enough validity to include it.  When you share a link with somebody using your custom short URL, it gives the impression that you know what you’re doing.  For folks who are more technically savvy & understand what a link shortener is, they’ll appreciate that you’re more clued in to how it works too & that you’re committed to fully cultivating your online presence.  For people who aren’t as Internet wise, you’ll appear more professional (which actually applies to the former group as well) and they’ll probably take you a little more seriously.

Think of it like your own domain for your email & web site.  If your email address is “yourcompanyname@gmail.com” you’ll look small & not so professional, no matter what your size or credentials.  If, however, your email address is “yourname@yourcompanyname.com” you now look like a fully professional, large-scale operation.  Your web site works the same way and nowadays your link shortener does too, since it represents your brand.

Luckily, It’s Easy To Do

For my URL shortening I use Bit.ly Pro.  It’s the same as standard Bit.ly but it allows you to have a custom URL, for free.  You still have to buy the domain you want to use (the fewer the number of characters, the better), but the actual shortener service is free.  Bit.ly will walk you right through how to set it up, so it’s not a big deal at all.  Once you have everything configured, Bit.ly will automatically shorten any link you give to it using your domain.  Plus, if somebody uses Bit.ly to shorten a link from your web site, it will automatically give them a short URL with your domain as well, to ensure that any Bit.ly link associated with your site looks that way.

If you run your own web site, I’d highly recommend taking advantage of this.  It’s a great & easy way to ensure that your links are recognizable anywhere they’re posted, and builds invaluable brand equity.

I don’t typically like to do things like ask for votes or otherwise campaign for my own stuff on this site, but this one’s pretty big and I need your help. You see, Endras BMW in Toronto is running a contest to find a blogger to hire full time.  In addition to the opportunity to try out a new & unique experience, the perks list is pretty significant.  Plus, it’s great exposure & opportunity to make connections as I work to establish myself in this industry.

Folks who read my blog (which I assume is you, since you’r reading this) know that I’m skilled in writing, and readily interact with my readers.  I’m sure it’s also very evident by now that I’m obsessed with cars & have an especially strong love for BMWs.  I even do a show every week about them!  That’s why when I came across this contest that Endras BMW is running, I realized this would be perfect for me.

As I mentioned, they’re looking for somebody to hire as a full time blogger for their dealership.  The winner will be hired for a year, receive a $65,000 salary, a free condo in downtown Toronto, a new BMW every 6 months, and get sent to a bunch of events, drives, promos, etc. all over the place!  Talk about a sweet perk package.

I’ve applied, and now I need votes to move forward in the competition.  In order to move on to the next round, I need to be in the top 20 applicants.  If you’d be so kind as to vote for me, I’d very much appreciate it.  Who knows, I might just win!  If so, party in Toronto at my place!

Voting lasts until April 1st for the first round, and you can vote once a day per device and/or IP address.  So, if you have multiple computers, a smartphone, an iPad, your work computer, etc. feel free to vote on all of them!  As the old saying goes, “vote early, vote often!“

Update: I’ve made it to Round 2, be sure to vote for my video!

Here’s the text of my submission:

This is the moment I’ve dreamed of all my life. Not just since the first time I sat behind the wheel and felt the unmistakable rush of forward movement, of limitless potential and raw power waiting for me. This is a passion that started the first time the thunderous shout & titillating lines of my neighbor’s Corvette called to me like Jessica Alba in a swimsuit; from the toy car that was my inseparable fixation for the first years of life. While other kids were playing cops and robbers, I was designing the world’s fastest, best handling and most innovative racecar out of Legos. This goes beyond a fascination with suspension and 1-2 shifts – for me, this is life itself.

All this flies through my mind as I ease the M3 into 1st, revving the engine and feeling the rhythmic pulsations of 414 thoroughbred German stallions whinnying with a sound like the Boston Pops. Time to focus as 3…2…1…I’m off! Fast through the revs and up through the gears, then back down as I slow for Turn 1, and as I come out the other side after the perfect apex, I realize: I was born for this.

Vote for me in the Ultimate Blogger contest

Google announced yesterday that they’re enabling two part authentication on all Google accounts.  Originally offered back in September 2010 to Google Apps customers, this security enhancement feature is now rolling out to users of standard Google/Gmail accounts.

Why does this matter?  Well, if you’re like millions of people who use Google services including Search and especially if you use Gmail, Calendar, Docs, etc. then Google has a lot of information about you stored on their servers.  Google’s got a pretty good track record for strong security & data protection, and have received recognition for it, but none of this really matters if users aren’t protecting themselves.  Chances are pretty good that you’re using a password that isn’t considered strong (like “password”, “12345″ a pet’s name, etc.), or may even be reusing that password across multiple sites.  If this sounds like you, you’re definitely going to want to check out Google’s two part authentication.  I’d also recommend taking a look at Lastpass & Yubikey to lock down your online presence with ease for all the sites you use.

Actually, even if you’re using a strong password you should still enable two part security.  See, strong passwords are excellent & I implore everyone to use them, but if somebody is able to log or record your password without your knowledge then it doesn’t make a difference.  The risk of this is fairly low on your own personal computer where you control everything, but if you’re using someone else’s machine (or a public shared terminal) then you have no idea what could be going on behind the scenes.

The way Google’s two part authentication works is this: you log into your account as you normally would, with your email address & password.  Rather than taking you directly to the service you want to use, it prompts you for a verification code.  This code is a randomly generated number that changes every time you log in, making it impossible to replicate.  So where do you get this number?  From your cell phone.  Google has developed an app for all the major smartphone platforms (Android, iOS, Blackberry) that will give you the code for that session.  If you don’t have a phone that can run this app, Google will send you a text message with the code.  You can also opt to receive a phone call which will read the code to you.  This way, anyone trying to break into your account will have to not only know your email & password, but also have physical access to your mobile device to receive the code.  Without all of this, they won’t get a thing.

Of course, this all seems like kind of a hassle to go through every time you access your email.  Luckily, you can set it to remember computers that you trust, such as your personal computer at home.  If you log on at a computer where you’ve set it to remember verification, you won’t be prompted for the verification code & can just log in normally.  Anywhere else you go, such as a public computer at a coffee shop, you (or anyone trying to pretend they’re you) will have to enter the code.

So now that we’re all on the same page about why this is important, how do you enable?  Great question, and I’ll show you.

First, go to Google & sign in to your account.  Once you’re in, click on Settings -> Google Account settings.

Once you’re there, locate the link that says “Using 2-step verification” in the Personal Settings section.

From there, follow the instructions on screen.

If you have a smartphone & would like to use the app for it, Google has provided instructions for each major platform.

One of the things that’s really awesome about 2 step verification is application-specific passwords.  If you use software with your Google account that doesn’t support 2 step verification (such as mobile Gmail, your smartphone, a desktop Google Talk client, etc.) the system will give you application-specific passwords.  You simply type in the application you need it for, and it generates a 16 character random password that you enter into that application in lieu of your normal account password.  You then have a control panel of all the application-specific passwords you’re created & when they were set up.  The best part: you can revoke access for any application at any time, and it will immediately invalidate that unique password.  That way, if your phone is lost/stolen & you don’t want people accessing your email on it, you can simply deny it access to your account & they can’t do a thing.  No need to change your primary Google password, just remove the one for your phone.  Very smart.

Now not all accounts have had this enabled yet, so you may receive a message that this feature will be available soon for your account.  If that’s the case, be sure to check back & turn this on once you’re able to.  This is a simple & effective way to prevent people mucking about in your business, and it’s exciting to see large companies taking such an active interest in helping their users stay secure.

For more of my posts about how to protect your data, look at my security archives by visiting cnvr.cc/onlinesecurity.

As anyone who knows me well will tell you, I’m kind of a security geek.  I’m fascinated by encryption, data protection, strong passwords, and generally locking things down just because I can.  For a long time there was a challenge with some of my friends to see if any of them could get into my computer, or at the very least figure out one of the 4 passwords required to boot it up to a desktop.  So when I found out about Lastpass & started using it, I was pretty excited.  A service that fully encrypts all my passwords, allow me to generate strong, unique passwords for every site I use, and syncing to the cloud (my other tech passion) – what could be better?  Well imagine my excitement when I found out that there was a device that could make not only Lastpass exponentially more secure & at the same time easier to use, but anything I did requiring a password!  Enter the Yubikey.

“Christiaan, we’re not all geeks like you.  Why would I ever want this thing?”

Great question, and I’ll tell you why.  If you’re like a lot of people these days, a large majority of your life is stored electronically.  Some of it is online with Google, Facebook, Flickr, etc. and some of it is on your own computer.  It makes life very convenient, and in many ways a lot of fun.  However, without some good strong passwords to protect all that information, you’re leaving yourself very vulnerable to people who may be ill-intentioned.

If you’re someone who keeps a little book, cheat sheet or a bunch of Post-Its with your passwords written down (or you use the same password for your bank as you do for Facebook) you’re also leaving yourself incredibly vulnerable & you should definitely take a look at my review of Lastpass.

Now we’ve all heard it before: “make sure you use passwords with random letters, numbers & symbols and never use a word somebody could guess!”  That’s all well & good, but let’s be honest: passwords are hard enough to remember as it is without having to add in gibberish.  This is where the Yubikey comes in.  It generates very long (mine is set to 54 characters), randomly generated passwords that you can use in conjunction with something you can actually remember.  When combined, you finally have that password the security people tell you to have.  The best part: all you have to do is push a button!  It also features One Time Password technology (the primary feature of the device, actually) which I’ll explain later.

So the bottom line on why you should keep reading this post, and why I think you ought to have one: it’s as simple to use as it is incredibly secure.

The Device Itself

First off, let’s look at the actual hardware.  This thing is small.  I mean, it’s noticeably smaller & lighter than your average flash drive.  I keep it on my keychain (which is notoriously sparse) and don’t notice it at all.

As you can see, quite small and also quite thin.

Don’t think that it’s fragile though.  It’s made from strong plastic, and is sealed to be water resistant.  Notice how the USB tab doesn’t look like the one on your flash drive, with the normal rectangular metal plug?  That’s because those are breakable, and leave the drive open to water damage.  On the Yubikey the USB contact strips, as well as the touch-sensitive activation button, are integrated right into the plastic body.  Mine has been through the laundry a couple of times, had drinks spilled on it, and even been dropped in a puddle – none of which even began to phase it.  As you can see in the pictures mine has managed to accumulate a few scratches & dents along the way, but they don’t affect it one iota.  This thing is tough.

“So if I plug it into my computer that means drivers and a headache, right?”

More good news!  When you plug in the Yubikey, your computer will recognize it as a USB keyboard.  This is awesome, because I’m not exaggerating when I say that USB keyboards are probably the most universally supported computer accessory in the world.  Everything supports them, with no software or outside drivers needed.  Just plug this thing in & go.  Like I said earlier, it’s simple.

The other cool thing about this is, when you press the button to use it, the Yubikey “types” the entry into the password field, and you’ll see a whole bunch of dots suddenly fly across the screen.  It’s like watching the world’s fastest typist or something.

Setting It Up

Some of this continues down the path of K.I.S.S. and some of it is not quite so straightforward – but before you get dismayed, don’t worry!  I’ve written a post that explains step by step & in-depth exactly how to configure your Yubikey for optimum security & simplicity.  Now, if you’re only planning to use it with Lastpass or other One Time Password compliant services, then it’ll be ready to go the second you take it out of the box, no device configuration required.  However, if you want to maximize your use of it & really secure your passwords all around, that’s what I’ll be explaining.  Check back for that post, I’ll put a link right here once it’s up.

What I will say at this juncture is the more complicated aspect is a one-time process.  You do it as soon as you get your Yubikey, and you NEVER have to do it again (unless, of course, you decide you want to for whatever reason).  In any other place where you’d be setting up the Yubikey for use with various services (such as Lastpass), that service will walk you through exactly what to do, which usually only consists of pushing the button.  Simple.

Using It

Let’s all say it together: Siiiiiiiiiiimmmmple.  Just stick it into the USB port on your computer, and when a service you’ve set it up with prompts you for your Yubikey you just hold your finger on the button for one second, release, and you’re done.

You’ll know when you’ve got it inserted the right way & that it’s ready to be used when the LED in the center of the button lights up green, like this:

Only one end of it fits in the computer, and if it doesn’t light up the first time flip it over.  It really is no more difficult than that.

The way I have mine set up is with a static password (one that never changes), which I use in combination with a password I remember & type in to form a very secure Windows password.  I also have it set up to do One Time Password for logging into Lastpass, which I mentioned at the beginning.

One Time Password (OTP) is pretty much what it sounds like: each password is only used one time, ever.  Basically, when you push the button on the Yubikey, it generates an instance of OTP.  The first 12 characters are always the same, as a way for it to identify itself.  The rest of the password (very long & ugly) is totally random, and never repeated – ever.  Once it generates the OTP, it sends it to whatever service requested it, such as Lastpass.  That service then checks that password against its own records, to see if it makes sense for that device.  If it does, it then sends it along to a central authentication server, which also checks to make sure that password makes sense for your device, as well as verifying that the sending service (i.e. Lastpass) is authorized to authenticate with this device.  If all this stuff checks out, you’re logged in.  If it sounds complicated, that’s because it is, and it’s actually far more complex than I just explained.  However, you don’t need to worry about ANY of that in order to use it, I just wanted to demonstrate how secure One Time Password is.

In addition to all the verification procedures & checks that One Time Password offers, there’s another major benefit.  If you’re using a computer on which some unscrupulous person has set up a keylogger to gather people’s usernames & passwords, OTP foils their attempts.  Since they’ll log a password that can never be repeated, it makes their data totally useless & keeps you 100% protected.  Take that, criminals!

Plus, don’t forget: all of this happens when you just push one button, and let it do the rest.

Final Thoughts

At this point I’ve had my Yubikey for about 6 months, and I can’t imagine living without it.  It’s made me so much more confident in & comfortable with my personal cyber security, and at the same time made being secure easier than it ever was before.  I honestly can’t think of a single thing I’d change about it (OK, maybe the initial configuration – though that’s truly not hard) and recommend it to everyone, period.  I have my 85 year-old grandfather set up with one to simplify his computer using experience & keep him safe on the computer, and I couldn’t have kept him this secure & still allow him to go about his business any other way.

I give the Yubikey a 9 out 10.  If you want to get one, you can order it at the Yubikey web site.

Order a Yubikey Configure Your Yubikey

Full disclosure: the link contains my affiliate code, which gives me a few cents of any Yubikey purchased from it.  It’s not much & the price is the same whether you use that link or go directly to the store, but it helps offset the cost of running this site a little bit.  I’d appreciate it if you use the link above, but most importantly I just really think it’s a great product & think everyone should get one.

Yubikey Photo Gallery

Facebook recently enabled the ability to use a persistent secure connection to their servers when accessing the Facebook site.  What this means is that, once you turn it on in your account settings, all data sent between your computer and Facebook will be fully encrypted.  This helps keep your data private, but more importantly it prevents possible snoopers & hijackers from gaining access to your Facebook account without you knowing it, and without even needing your password.  Up until recently this was a complicated, cumbersome procedure.  Thanks to a little piece of software called Firesheep, it’s now shockingly simple.

Firesheep is a Firefox extension that allows anyone with enough knowledge to install the plugin & use a web browser the ability to hijack other people’s insecure connections when using unprotected Wifi (like Starbucks or most other public Wifi hotspots).  It shows a list of all the connections being made through the wireless access point that Firesheep can access, and with one click the Firesheep user is able to take over that connection & be that person, without the victim knowing it or providing any data whatsoever.  If a connection is secured however, then Firesheep won’t be able to do a thing.

I highly recommend everyone turn on full time encryption for their Facebook account.  There’s absolutely no reason not to, and every reason you should.  Plus, it takes all of about 15 seconds to set up.  I’ll even save you the most time-consuming part & send you right to the settings page to do it.  Once you’re there, click the “change” link next to Account Security, check the box next to “Browse Facebook on a secure connection (https) whenever possible” and click Save, and you’re done!  You’ve now protected yourself from Firesheep on Facebook.

The stream is freely available, and you can watch it on the Al Jazeera English YouTube channel.  It’s lower on the page, to the right of the channel info block.

[Photo: CBC]

I JUST GOT MY CR-48!!!!!!!!!! (I had to hold Shift to type that since there’s no Caps Lock) #cr48

— Christiaan Conover (@cconover) December 18, 2010

Before we go any further, I just want to mention that this particular post is focusing only on the Cr-48, and not on Chrome OS.  I’ll be doing a Chrome OS write-up later.  Bear in mind, the Cr-48 will not be sold commercially, so the only way to get one is by applying to the Chrome OS Pilot Program & Google selecting your application.  This is kind of a review, but given the circumstances of getting one it’s mostly academic.

Opening The Box

In case you haven’t seen it yet, the box is very cool.  There’s some awesome engineer-like diagram artwork on the front, and the box itself is just pure cardboard with no paint or finish.  The contents are pretty basic: some paperwork & information, the power adapter, a pretty large battery, and of course the Cr-48 itself.  There was one little touch in the unboxing process which I found pretty funny & indicative of Google’s understanding that not all Cr-48s will remain fully assembled & unhacked:

Starting It Up

Having removed everything & popping in the battery, I fired it up.  Actually, all I did was open the lid & it started up automatically.  A blue flowing background with the Chrome OS logo popped onto the screen, but only for a moment until I was brought to a login box.  I’ve timed the cold start a number of times, and every time it’s about 15 seconds.  From no power to login, a quarter of a minute.  It takes my normal laptop that long just to get through BIOS post & firing up the OS boot process.  Now part of that has to do with Chrome OS itself, but it’s also due to the lack of a hard drive in the Cr-48 since, after all, the OS doesn’t support saving files on the local machine.

Since this was the first time I’d logged into my Google account on this computer (thank you to Google, by the way, for enabling Google Apps accounts to behave like normal Gmail accounts so I can use my GApps account on the Cr-48), I had to go through a couple of steps.  First, I typed in my email address & password on my Google account.  Next, I was asked to take a picture of myself to show at the login screen on this computer to visually identify my account.  The camera is decent, but nothing amazing.  A very usable, acceptable picture.  Mine happened to include a grease stain on my chin, as I’d just gotten home from doing some suspension work on my car.  I figured that was acutally a pretty accurate picture of me given how often I end up looking like that

Having taken the picture, I was done with setup.  Since I use Chrome as my browser on my normal computer & keep my account synced, all of my settings, bookmarks, extensions, apps, etc. were all automatically populated onto the Cr-48.  I had absolutely nothing else to do in terms of making changes to settings.  The only thing needed was to set my local time zone on the machine, and I was done.

Using It

The laptop feels very nice to type on.  The keyboard feels similar to modern Mac keyboards, with pleasant plastic key feel and good button push.  Even the shape of the keys is similar to a Mac.  The size of the keyboard is actually much better than on most other notebooks I’ve used, even on the larger end of the spectrum where this one falls.  It’s a standard QWERTY keyboard layout, but that’s where the similarities end.

They’ve removed the normal “Windows” key in the bottom left of most keyboards (Mac people would know it as the Command key) and widened the Ctrl and Alt keys to make them as large as the Shift key.

They’ve also done away with Caps Lock, though the key is still there, instead functioning as a Search button.  Press it, and a new tab opens in Chrome, with the cursor in the Omnibox ready for a search.

Remember Function (“F”) keys? Not on this thing.  The entire row of Function keys has been replaced with buttons dedicated to web browsing.  In order from left to right: Back, Forward, Refresh, Full Screen, Next Window, Decrease Brightness, Increase Brightness, Mute Volume, Decrease Volume, Increase Volume.

It took a little getting used to, but I’m already such a fan of that setup that using my normal computer seems a little cumbersome for browsing.  It’s really pretty intuitive.  There are a few things about the keyboard that I find lacking from my normal laptop.  For one, there aren’t any Home or End keys, which I use all the time when editing documents or blog posts.  Also, I use F6 all the time to put the cursor focus in the address bar to search or browse in the current tab.  Still, minor differences I’m already getting comfortable not using.

As I mentioned at the beginning of this post, “matte” is the name of the game with the Cr-48.  The screen has a matte finish (so glad!), the keys are matte black plastic, and the entire body of the notebook – literally all of it – is finished with matte black soft touch rubberized plastic.  There are no logos, branding or any marks to indicate what it is.  It’s about as simple as you can possibly get in terms of styling, and in this case simpler really is better, as I personally think its utilitarian & sparse design is actually quite striking.  Plus, the soft touch finish on the body feels awesome while resting your palms for typing, or just carrying the notebook around like a folder (which I’ve been doing pretty much non-stop since I got it, and plan to continue doing for the foreseeable future).

Since Chrome OS is literally just the Chrome browser & some user management software, the internal hardware doesn’t need to be much.  Because the OS is based around the idea that everything is stored on the cloud, and nothing is stored locally, it has no hard drive.  There’s flash memory to store the OS & any extensions or downloads you have, but there’s no file manager to allow you to put anything on the computer itself.  So no hard drive means no drive noise or heat.  There’s also no optical drive, meaning – again – no drive noise or heat.  I’m not even sure if there’s a fan in this computer, since I haven’t heard or felt one turn on yet even running many apps with Flash video playing.  As a result, the Cr-48 is usually cool to the touch, and completely silent.  So silent that unless you’re looking at the screen, you won’t know it’s on.  Even for people used to quiet computers, this is quieter.  I’ve literally never encountered a computer that makes as little noise as this one.  Sitting in a quiet room with this, keystrokes (which are also very quiet) can start to sound like you’re hammering out the letters.

Despite a lack of traditional computer hardware, there are still some vital features that remain: there’s a USB port, headphone jack, and SD card slot.  There are very few device drivers for Chrome OS at this point, but basic USB devices such as mice & keyboards are supported.  If you happen to be a Yubikey user like I am, that’s also supported as it identifies itself as a USB keyboard, so no worries there.  The SD card slot works, despite some references or speculation to the contrary from various online sources.  In fact, all of the pictures in this post were uploaded using the SD card slot on the Cr-48 directly from my Canon camera, so I can fully vouch for the fact that it’s usable.  The headphone jack also works just as you’d expect.

The lack of drives or other extra hardware typically found on other notebooks means less weight as well, and it is very light – though to be honest, not as light as I might have expected for its size & specs.  The reason it’s a little heavier than expected is due to the very large battery though, and given how much time you can run wire-free I have no complaints about a few extra ounces of battery weight.

While we’re talking about the battery, let’s discuss battery life: it’s fantastic.  Google says you can expect over 8 hours of computing time on a full charge, and so far I’ve found that figure to be fairly accurate.  As with any battery-powered device, use time is entirely dependent on what you’re doing.  If you have 30 tabs open with Flash running in multiple tabs, watching video, cranking the volume & putting the screen brightness al the way up, you’re not going to be able to get 8 hours out of it (though in all honesty, you’d probably still get at least 5 based on my short attempts to torture test it).  If you’ve just got some email, text editing, blog pages, etc. with moderate screen brightness and perhaps even some music on in the background, it’s entirely possible you’ll get that 8 hours.

In using it intermittently from a 90% charge, I was able to get a total of about 9, maybe 10, hours of use before it hit 10% and I plugged it back in (though the computer even then didn’t give me a low battery warning).  I’ll continue to test & monitor the battery life of the Cr-48 in various conditions and report back.

When it is time to charge the computer, just plug in the cord as usual.  There’s an LED right next to the power port that can indicate at a quick glance whether the battery is charging by glowing orange:

Or is fully charged by glowing the same blue-white as the power button LED:

It’s a nice feature, especially if you aren’t using it all the time or have it set aside to charge & need to see quickly whether it’s full without turning it on.

A Few Complaints
Despite all the awesome aspects of the Cr-48, there are a few things that bug me.

First off, the touchpad can be finicky.  There are no dedicated mouse buttons.  Instead, you click the whole touchpad surface like you do on a Macbook.  I’ll be honest, I don’t really ever click the touchpad but instead just tap to select, which works fine.  It also uses some of the multi-finger gestures you may be used to on a Macbook such as two fingers to scroll, and by clicking with two fingers you can right-click.  For the most part the touchpad works fine, but it can jump around a little if you’re trying to click and drag, and if you accidentally rest a finger on it while trying to use it with the other, the cursor might jump or just stop moving.  By no means a deal breaker, just something to get used to.  So far I haven’t been really annoyed by it at all.

The lack of Home and End keys that I mentioned earlier is probably the hardest thing for me to adjust to.  I use that all the time when editing documents, especially when I’m preparing show notes.  Having to select a line of text or jump to a position using the mouse or arrow keys is more cumbersome than simply hitting a dedicated button.  On production Chrome OS notebooks I think that’d be a great addition to the keyboard.  Perhaps they could shrink the enormous left Ctrl and Alt keys & squeeze in Home & End.

Update: Voice & video chat can also be frustrating on the Cr-48.  I don’t know whether the issues are hardware or software-related (it’s probably a combination), but after only a couple of minutes into a call the audio starts to be choppy & broken, almost like a really bad cell connection.  Mind you, this is while being on Wifi about 6 feet from the hotspot connected to a FiOS line.  The video is jerky & slow all the time, clocking about 10-15 frames per second at best, and as low as probably 2-3 at worst.  Not very smooth at all.  I suspect it’s due primarily to an underpowered processor for video & audio, but also could be related to the voice & video chat plugin that may not be optimized yet for the lower power hardware that will be coming in Chrome OS notebooks.

Bottom Line: I Love It
I’ll be the first to admit, this computer may not be for everyone.  However, the shortcomings it may have are almost exclusively part of the software stack, and in simply looking at the hardware, I’m thrilled.  I’d personally really like to see this computer be sold commercially at some point.  Ok, not this exact model (hey, I was lucky enough to get an invite-only, pre-production device, what’s wrong with wanting to keep it a little exclusive?) but one very similar, or nearly identical.  I really think that for people for whom Chrome OS is a viable, and even appealing, option for being productive the Cr-48 is fantastic.  It feels nice to use, it looks great, the battery lasts longer in the day than a lot of people I know, and it’s simple.  I absolutely love mine, and so far really don’t miss the baggage of a full-blown OS & computer for day-to-day stuff.

How is this different from the blog on this site?  Think of it like the difference between writing a letter & sending a text.  The blog on this site is more of the polished, curated side of my personal content publishing.  My Tumblr will be the text message-like side of my stuff, where I post up short, quick things I want to share.

In addition to being able to follow it directly through Tumblr, you’ll also see my Tumblr posts show up on my Twitter feed, Facebook fan page & the RSS feed associated with cconover.me.  So if you’re already following me in any of those places then you’ll be seeing my Tumblr stuff automatically.

As you’ll notice below, any links that were included in the tweet are working, and it pulls in the design of the user’s Twitter background.  It’s like having a screenshot, but much easier & more useful.  Expect to see a lot more of these on here in the future.  Mainly because I can.

Just installed the Blackbird Pie plugin for WordPress http://cnvr.cc/b8emVN on my site.Writing a test post to try it out.

— Christiaan Conover (@cconover) November 6, 2010

Update 03JAN12: I’ve switched to Twitter Embed, since Blackbird Pie was causing issues with my current site theme and Twitter Embed is even simpler to use.

Police Scanner Feed

Listen to the live San Francisco Police Department scanner feed right here via UStream (audio feed provided by Soma FM)

Download PLS file for use with your own media player.

News Feed

KRON is broadcasting live footage from the streets of San Francisco on their official UStream channel, which you can see here.

Twitter

Follow the following hashtags: #SFRiot, #sfscanner

@Stammy is tweeting highlights from the police radio traffic.

I heard about the service in passing earlier today on a recent episode of Tech News Today, but didn’t pay it much mind.  Then I stumbled across a Mashable post on my Twitter feed that mentioned the service & I figured I’d check it out.  Naturally I signed up for it because it involves cars and it’s a new service, so I couldn’t resist.  It only took a few minutes to claim my license plate & set up my user account.  So far it seems pretty cool, though I haven’t gotten to really use it yet since nobody else I know is on there.

Speaking of which, BUMP it still in invite-only beta, but guess what? Apparently I can send out invites, so if you want one shoot me an email & I’ll hook you up (for as many as BUMP lets me send out).  Once you’re set up, stop by & “bump” me and perhaps throw your user URL in the comments below.  You can find my BUMP account in the “Find Me Online” menu at the top of this page, which I just recently added.

Accessible Anywhere
For me, the most important aspect of LastPass is that it’s based on the cloud.  All the other features of Lastpass are excellent & very important to any good password manager, but what good are they if I can’t access them wherever I am?  I’m frequently away from my computer, instead using my phone or other computers where my computer can’t come.  Being able to always have access to the most up-to-date login data for the sites I use at any Internet-connected device I might encounter ensures that I’ll be willing to take full advantage of the rest of LastPass’ capabilities.  Plus, I know that my data is always backed up & secure, no matter what happens to my own computers.

Secure
Security is an integral part of how LastPass works.  When you create a new entry, the data is encrypted on your local client.  This encrypted data is then sent over a SSL connection to the LastPass servers, where it’s securely stored.  The only way to decrypt the data is using your own password; there’s no backend or method for LastPass or anyone else to view your data without your credentials.  Plus, they support additional methods of authentication, such as Yubikey, to make your account even more secure.

It Just Works
These are great features, but they mean nothing if the service doesn’t make it easy to use.  The LastPass plugin is really good at detecting new sites & prompting you to save them, recognizing existing sites even if the URL doesn’t exactly match what you have saved, and detecting when you’ve changed the password in an existing site.  It also includes a feature to generate a secure password, and saves it in the database until you’ve added it to a site entry.

Ok, this stuff sounds great, but how is it to live with?
For years I’ve been skeptical of password managers because I thought they’d be annoying & a hassle.  I was also worried about losing the data.  I figured there would be cumbersome steps to go through, I’d spend twice as much time logging in as if I’d just done it myself, and I’d end up being frustrated.  It also concerned me to put all my passwords in a list.  To be honest I never would have tried LastPass in the first place unless I’d heard Steve Gibson explain the benefits of it & give it his seal of approval.  Since setting it up & building out my list of sites, not only has it cut down significantly on the time it takes me to log in to all my various services, but it’s made my own habits (and passwords) much more secure.

For a long time I’d been using a few different passwords across all the different sites I visited.  They were all randomly generated “strong” passwords, but they were used in a lot of places so it left me vulnerable.  If somebody had compromised one of those passwords they would have had access to a large percentage of the sites I use.  There’s a good chance that this is resonating with you, as many people have this same practice, which makes them equally vulnerable.  Now, every single site I use has a different strong password that’s been generated and is stored by LastPass.  My standard password scheme is: 32 characters long and consisting of upper and lower case letters, numbers, and special characters – and every password is completely different.  Now, all I have to remember is one really strong password for my LastPass account, and all these other randomly generated passwords are taken care of for me.

Now, there is one major inconvenience to this system, which is having to log in to LastPass each time I open my browser.  If I set it up to keep me logged in between sessions, it would leave a hole in the security that LastPass offers, so I have it set to require me to enter my password each time I log in.  It can get annoying, but it only takes a moment.  However, I’ve found a solution for that too: Yubikey.  I mentioned this a few paragraphs up, and I’ll explain in a later post fully how this works, but I’ll give a brief synopsis now.  Basically, it adds another layer of authentication using a little USB key.  When I open my browser, LastPass prompts me for my Yubikey instead of my password.  Rather than typing in a long string, I simply insert the Yubikey & press the button, and LastPass authenticates me & logs me in.  It also makes the authentication process more secure than just a username & password, so my web experience is both simpler and safer.

Since using LastPass my impression of password managers has changed completely.  I now rely completely on LastPass & am very happy with its performance.  I’d highly recommend using it to anybody, and have even set up my grandfather to use it for his sites, complete with a Yubikey.  No more need for little notebooks of passwords, or only having 2 or 3 passwords for everything.  Set it up & let it do the rest.

Take a look at my review of the Yubikey, and how it integrates with Lastpass.

Here’s the first video I’ve done using the camera.  The entire thing was recorded at a 24p frame rate (like you see in films) at 1080p high definition, and then was downcoded to 720p high definition when I exported the final copy.  It’s a pretty basic video, but it does a good job of demonstrating this camera’s capabilities & gives me good practice.  Enjoy!

So, Apple had one of their now-famous events today.  They unveiled a bunch of things, including a touch screen iPod Nano, a new iPod Touch with front-facing camera & FaceTime, and a new iPod Shuffle (which doesn’t really look any different from the old one).  The thing that everyone was waiting for leading up to the event though, and the thing that’s gotten the most attention, is the new Apple TV.

Let’s lather then shave here, and give it a fair shake on its strong points.  First, form factor.  There’s no denying that the device itself it beautifully crafted and appeals from a purely aesthetic standpoint.  It’s small, polished & has that funny little piece of fruit on the top that woos so many people.

Second, interface.  The screenshots I’ve seen look like they’ve stayed true to Apple’s reputation of clean, simple UIs.  Straightforward yet elegant.  Predictable though.

Third, simplicity.  Beyond the interface, the hardware itself is simple.  Plug in a power cord (not even an external power adapter, just a cord), run the cable from the Apple TV to your television, an Ethernet cable if you’re not using WiFi, and you’re good to go.  The remote is only a couple of buttons.  There’s nothing here to confuse even the most technologically challenged folks.

It has a decent content offering as well.  Apple is going to be offering content directly from their own platform, featuring $0.99 TV show rentals from ABC & Fox, HD movie rentals for $3.99 to $4.99, Netflix, YouTube, and of course iTunes.  They’ll also enable you to stream content from your computer, or to play content from your iOS-powered device on your TV wirelessly.  All cool features, and the content offering is decent.

That’s actually a pretty good offering for a $99 device, so why am I bored?  Because when it’s compared to what else is available in this segment, it’s underwhelming.

Now before I go any further, I’ll fully disclose that I haven’t used any of the products that are mentioned in this post except for one which I’ll get to later.  Based on published specs & outside reviews though, there’s enough information available to glean some useful data about Apple TV’s competition.  Its features & content offerings can’t compete with what’s available on Roku, for the same price or cheaper for both the content & the device itself (the base model Roku box is only $60), and by all accounts is as simple to set up & use as the Apple TV.  Roku has over 50 “channels” of content, including one for news & other information programming from the major networks like NBC & CBS – for free.  It of course offers a Netflix interface which looks excellent, along with content from some of my favorites like TWiT, Pandora, Vimeo & Flickr – services for which the Apple TV has no offering.  Fun fact: Amazon Video on Demand, one of the “channels” on Roku, just announced on Wednesday that they’re now offering $0.99 TV show purchases from Fox & ABC – the same price Apple TV will be charging for 24 hour rentals.   Oh, and by the way: the Roku box that’s priced the same as the Apple TV ($99) is capable of playing 1080p video, while the Apple TV tops out at 720p.  For most people that’s plenty, but if you’re watching sports or streaming a high definition video over your network where bandwidth is plentiful, why not go for the best picture possible?

Roku is an example of a device that’s already available, and has been for years.  Let’s talk about one whose device isn’t available yet, but whose software has been available for a few years now & is excellent: Boxee.  I mentioned having used one of the services in this segment, and this is the one.  Boxee is an excellent piece of software, and offers more content than you can hope to consume – only it’s a la carte, so you take only what you want & need.  Oh & by the way, the software & all the apps inside are free (thought some do require a subscription to the service they interface, like Netflix).  It’s also an open platform, which means you can modify it if you have the ability, but moreover it means you can develop an app for it if you’d like.  There’s great content available through Boxee.  Plus, they already have a hardware device on the way, which is shaping up to look like an awesome product.  Unfortunately it’s a little delayed coming to market, but nonetheless it’s gonna be awesome when it does show up.  It has the same kinds of features the others do, with one significant exception: the remote control has a QWERTY keyboard on the back so you can easily search for content.  It’s expected to be twice as expensive as the Apple TV, but to me it looks twice as good.

I’m not even going to get into all the Blu-Ray players & other devices that are on the market.  Let’s just say that this market has been established, and has had some fantastic offerings already available before the new Apple TV even showed up.  Ones that don’t lock you in to only a few services & content platforms, only work to their full potential if combined with a bunch of other products from the same manufacturer, and have capabilities below what the competition offers for the same cost.

To me it seems that Apple TV seriously missed the boat on taking over this market: allow apps.  Apple is arguably the leader in device-specific app marketing & distribution, so why not start allowing developers to build apps for a whole new interface & experience?  This is what Apple has become known for with their small devices.  It just doesn’t make any sense why they’d pass up this opportunity.  If they’d done that, I wouldn’t even have written this post.  I hate to admit it because I don’t like the app model, but it’s that significant.

There is one thing that the Apple TV has going for it, despite all its shortcomings: Apple.  Let’s be honest, Apple has built up their standing & reputation in our culture as the go-to company for simple, chic & fun tech products.  It seems that anything they put their fruit silhouette on turns to gold.  So why should the Apple TV be any different?  It’s gotten a lot of hype, it’ll be on display in every Apple Store in every major mall across the country, and people will flock to it because it’s cheap, exciting & new.  That’s the sad truth.  It makes me upset, because it’s going to reinforce that Apple doesn’t have to make a revolutionary product at this point for people to treat it like one.  They just have to make it good enough & put it on sale.

So, I’m bored by it.  I’m annoyed by it, but mostly I’m bored.  It’s nothing new.  It had all the potential in the world, and it blew it.  Meanwhile, competitors are working hard getting their products out, or have sweetened the deal on already available good products, which means the window of time that Apple has to make this thing really revolutionary & stick out is closing fast.  Consumers are somewhat going to win from this competition – but not with the Apple TV, or at least not right now.  I’m excited about what else is available & what they’re doing to get known, but I’m bored & disappointed by a product I wanted to like.

Dear Christiaan:

Thank you for contacting me in opposition to network neutrality.

Due to the widespread growth of Internet broadband use, the issue that Congress needs to consider is whether legislation is needed to regulate access to broadband networks and services. The main concern is that further regulation would hurt deployment and progression of broadband facilities. Many Internet access providers previously stated that they will abide by the rules that the Federal Communications Commission (FCC) established in 2005.

On January 9, 2007, Senator Byron Dorgan (D-ND) introduced S. 215, the Internet Freedom Preservation Act. The bill would establish Internet neutrality duties for service providers, prohibit user discrimination, and allow providers to expand their business practices. S. 215 was referred to the Senate Committee on Commerce, Science, and Transportation, and awaits further action there. Please be assured that I will follow the progress of this bill closely.

I appreciate hearing from you about this issue, and hope you will not hesitate to contact again about this or any other matter of importance to you.

I appreciated the Senator replying to my email (to date, he is the only elected official of the 5 or 6 I contacted that has given any response).  However, there were a few things in his message that concerned me.

First off, I am NOT in opposition to Net Neutrality. In fact, I couldn’t be more in favor of it. Any limits placed on the Internet & the concept of Net Neutrality will serve no benefit to the consumer, or anyone for that matter (except the greedy financial interests of telcos). Net Neutrality is crucial to the continued success of the Internet as a platform for education, communication, commerce, and countless other things that are dependent upon its continued open access system.

Second, the issue should not be whether regulating the Internet is necessary. The issue should be how to put regulations in place to protect it as it is. Further regulation that would put restrictions on its use or allow service providers to filter access & content would not only hurt deployment, but it would take away some of the value of the Internet to consumers – including those yet to receive a broadband connection. Rather than spending time, money and effort determining whether we should regulate the Internet, let’s spend that time & money on ensuring that all Americans get the Internet as it’s supposed to be provided – open, unfettered & free from censorship. If telcos are balking at the cost of running lines, they’ll still be balking even if they get their way to regulate the networks however they choose.  Of course the service providers will abide by the FCC’s rules – until they see that the FCC doesn’t exactly have the authority to tell them how to run their networks.  They’re not going to violate the government’s requirements, but if those “rules” suddenly don’t carry as much weight as everyone thought, they’re not going to pay attention to them.  We are talking about businesses after all, and ones that have already expressed interest in locking down their networks & have shown that they don’t have the consumers’ interests in mind.

Now, I did read over the Internet Freedom Preservation Act that Senator Cardin talked about.  For the most part, I think it’s a good solution.  It covers most of my grievances about regulation of the Internet, and I urge Sen. Cardin and all other elected officials to push for this bill to be passed.  It’s certainly much, much better than the proposal that Google & Verizon have offered up.

Google and Verizon have struck a deal to submit a proposal to lawmakers that, in short, would stand to kill the Internet as we know it.  I’m not being dramatic or fear mongering, I’m stating the reality of the situation.  The elements of this proposal are engineered to appear to protect users’ rights to open Internet, but in reality have major loopholes that seem to give them carte blanche to filter services at will on mobile networks & “new services” that show up.  Basically, not Net Neutrality whatsoever.  It’s a cheap copout that will result in private companies controlling the Internet, and eventually killing it whether they mean to or not.

I’m kind of at a loss as to where to begin with this piece of garbage.  At first I was incredulous & didn’t believe that Google – GOOGLE! – could be involved in this kind of attack on Internet freedom.  They’ve billed themselves as the emblem of open Internet and their “Don’t be Evil” motto has been lauded as the right way to do business in any industry, let alone tech.  I’m beyond that point now though, and I’m feeling confused & mad.

Let’s start with the part that most people are probably ok with: maintaining an open policy for the existing wireline Internet.  By itself I couldn’t be more in favor of this idea.  No restrictions, just unfettered bandwidth & packet traffic regardless of who you are, where you live, what color you are, who your ISP is, what job you have, who your favorite football team is.  This is exactly how the Internet SHOULD work.  Yet this new proposal has even managed to attach inappropriate strings to that: sure, we’ll keep the Internet open, as long as it’s “lawful” traffic that’s going through our network.

I’m sorry, who appointed ISPs and content providers the protectors of the law?  I could’ve sworn that authority was reserved for legislators and the courts – the very people for whom I’m writing this.  Service providers have absolutely no business filtering traffic based on its perceived legality.  It circumvents the legal system, spits on due process, and creates such a quagmire of legal nuances and potential for abuse that it boggles the mind.  It should never be considered acceptable to filter content, especially on the basis of legality.  People should not be assumed guilty, and punished for crimes before even having been convicted of committing them.

However, that portion of the proposal is mostly vanilla & aside from the clause about lawful traffic I can support the sentiment.  Where things go really wrong is the provisions for mobile/wireless networks and new services.  The argument being made by Google & Verizon is that mobile networks are more limited in their capacity to carry content, and therefore need to be managed more actively than wireline networks to ensure a good user experience for everyone.  They also argue that since most people in the US have choice between more than 2 wireless carriers it creates competition & helps prevent carriers from locking down their networks.  In reality it’s not nearly this simple.  People don’t typically choose their carrier based on the data plan available, they choose it based on how much it costs (and by extension how many other people they call regularly are on the network so they can use the free mobile-to-mobile minutes), the quality of coverage, and perhaps to a lesser extent – but still relevant – the devices available from that carrier.  These factors often create large discrepancies between carriers which can greatly reduce the realistic competition.  So really, in many areas after everything is factored in many people are still left with only one or two practical choices for a wireless carrier.  Those of us like myself, or the people at whom this post is aimed, who live in the Washington-Baltimore area are lucky enough to have pretty good coverage from all 4 major US carriers, so we don’t notice this as much as people who live a little further afield from a metropolitan area, or even some in certain metro areas with coverage problems (for example: AT&T in San Francisco).  So the idea of true competition isn’t as simple as Google portrays it in their post.

There’s another major factor here: wireless is the future.  It’s becoming increasingly widespread as, at the very least a secondary, and in some cases a primary Internet connection.  Jeff Jarvis put it perfectly in his post:

But wait. Mobile is the internet. Mobile will very soon become a meaningless word when — well, if telcos allow it, that is — we are connected everywhere all the time. Then who cares where you are? Mobile? doesn’t matter. You’re just connected. In your car, in your office, in your bedroom, on the street. You’re connected. To what? To the internet, damnit.

The distinction between mobile Internet and wired Internet is fast disappearing.  That is, it should be and will unless legislation like that proposed by Verizon & Google is enacted.  Mobile access is growing at an unprecedented rate, not only in number of subscribers but in the rate of innovation and creation geared around mobile connectivity.  Put restrictions on that and an entire industry that’s been steadily growing even through the recession (many thousands of high-tech jobs) will all but grind to a halt and collapse, causing an economic meltdown in the tech industry tantamount to the dot-com bubble burst a decade ago, only worse this time around given the scale & reach of the industry today.

Now, I do acknowledge that wireless networks are limited in their ability to provide bandwidth as compared to wired networks.  However, regulating the bandwidth by restricting certain services over others cannot be the answer.  It’s anti-competitive, and gives carriers undue control over other companies that ISPs have no stake in or legal authority over.  Which brings us to the next point: new services.

The proposal leaves room for ISPs to filter traffic that comes from services that don’t yet exist.  In other words, since they can’t predict what may be developed in the future, they think the safest solution is just to be able to block anything that taxes the network.  This is perhaps the most egregious portion of the proposal, because it affects all Internet subscribers, both wired and wireless.  It’s also the part that will most directly hamper innovation & development.  If this sort of regulation and authority had been put in place 10 years ago, think of the amazing services we wouldn’t have today?  YouTube probably wouldn’t have been created because it uses a lot of bandwidth & ISPs would have been able to just cut it off.  Skype may never have been released, or at the very least never added video support.  Think of how many military families directly benefit from being able to chat “face-to-face” because of services like Skype?  Being an Army brat, I can only imagine how awesome it would have been to be able to see my dad’s face when he was deployed.  Had this sort of law been enacted, kids wouldn’t get to say good night to Mom or Dad from halfway around the world while seeing their face, parents wouldn’t get to watch their baby saying his or her first words or taking their first steps, or for that matter kids wouldn’t be able to see who their parent was if they’ve been deployed for the child’s entire life.  ”Sorry Sergeant Jones, we can’t let you talk to your wife & kids over video chat because it just takes too much of our resources.  Thanks for your service, though.”

Let’s not just talk about what’s already here that we may have never gotten.  Let’s talk about all of the amazing products that haven’t even been thought of yet.  Young kids are learning to program in school, teenagers are creating web startups in their basements, brilliant & creative minds are making some of the most influential new services the world has seen.  A geeky kid from Harvard made a web site that now has half of the world’s Internet-using population connected to it.  These things have happened in the relatively early days of broadband Internet.  Imagine what we’ll have in the next 2, 5, even 10 years if the Internet is enabled to continue operating the way it does now?  Thousands of creative young minds are brimming over with ideas on how to make our lives easier & ways to make connecting with other people more enjoyable.

The Internet is democracy & free speech in action like never before in human history.  It is the First Amendment in its purest, most amazing form.  Anybody can publish ideas and potentially reach millions of people, without having to start a newspaper or broadcast station.  Governments and corporations can be influenced to do the right thing by average people who finally have a voice that can reach further than a bullhorn in the street (case in point: you’re reading this right now).  This is the embodiment of what thousands have died to protect & defend in an incredibly tangible form.  Human history is created & preserved using it.  An entire generation has grown up with the notion that they truly can make a difference and reach the world if they want to, like never before.  The Internet is proof incarnate of why we elect public officials: average citizens believe that their ideas, beliefs & feelings can be heard & make a difference.

As elected officials, you have an inherent duty to protect this amazing invention from corporate greed, censorship or tyranny.  This is beyond party politics, or Congressional districts.  The Internet affects everyone, and that influence grows with each passing day.  Many of you have built campaigns that relied heavily on the reach & power of the Internet, and it worked for you.  A number of the issues that pop up on the evening news regarding Congressional decisions often resonate with a very specific group of people, and the rest acknowledge them & go about their daily lives.  This issue is not like that.  This issue reaches far beyond what any of us can truly understand.  To start with, it directly & immediately impacts the estimated 200 million Americans who are already broadband subscribers.  Nearly two thirds of the entire U.S. population will feel the effects of a decision like this.  I can’t think of a decision in my life that has had that much tangible impact on so many people.  Not to the degree of Internet regulation.

Let me phrase this in another, more direct way: think of all the either already registered or younger, soon-to-be registered voters in this country.  College kids, high schoolers, young people in the work force or who are looking for work.  For that matter, people of any age who use the Internet to connect with family & friends, search for a job, look at pictures & videos of their grandkids, use Facebook.  Do you think all those millions of people in voting districts throughout the country will be very happy when they find out you voted to allow their favorite sites & services to be filtered by some big corporation?  Sounds like a bad position to be in if you’re running for office with an increasingly Internet-saavy & dependent constituency.

There’s an old cliche that says the right thing is never easy.  That couldn’t be more true here.  So when Google & Verizon send along their proposal to you, have the confidence & foresight to strike it down.  Whatever it takes, squash that bill.  Once you’ve done that, start working with the FCC to put real, sustainable Net Neutrality laws in place that protect the Internet as a frontier of innovation, commerce, education, justice, communication, security, information and living democracy.  Have the fortitude to protect us from ourselves.  Trust me, you’ll regret it if you don’t.  Maybe not tomorrow or a year from now, but then again you just might with the rate of amazing creation online.  This issue is too important, too influential & too potentially devastating to let it be decided by companies who simply want to turn a profit.  Defend a form of freedom that impacts us all on a daily basis.

As a great orator and iconic & honorable character once said, “for God’s sake, do your duty!”

——–

If you feel as I do & are putting your trust in the legislators to protect the Internet as the incredible & invaluable utility that it is today, please send this to your elected officials as often as it takes for them to hear you.  Perhaps write your own declaration of rights for the Internet & flood Washington with it.  Whatever you do, make sure the representatives of the people hear you, unmistakably.  Use these sites to find how to get in contact with them:

Write Your Representative
Senators of the 111th Congress
Contact the White House

Before we go any further, let’s take a look at the official demo video that YouTube put out with the release of the new site:

There are some important things to note in this video. First off, the native app feel of the interface: the web site & the videos themselves look & feel like they were part of an app written specifically for & installed on each device being shown.  The video seamlessly transitions when the phone is changed from portrait to landscape orientation.  The site is smooth & behaves like a native app.  Everything about it is very polished, and the best part: it looks & behaves exactly the same across multiple devices.  Android, iPhone – it doesn’t matter what you’re using, you can have the same experience as everyone else.

There’s an even deeper & more important element: access to YouTube’s content can’t be controlled by a platform developer.  YouTube is the biggest video sharing site on the planet – 20 hours of video are uploaded every minute – and is an integral part of the modern media & content consumption experience.  Why allow various device manufacturers, OS developers, etc. to decide on a whim they no longer support YouTube by banning its app from their platform?  By making an awesome mobile web app, control is put back in the hands of YouTube, and most importantly the users.

As I mentioned above, there’s an element of cool to any web geek out there who’s excited by the prospect of full-featured mobile web apps.  This is one of the first major examples of a web interface being as good as, or better than, native software on a mobile device.  This is true proof of concept in a significant way, not only in its reach of user base, but in the fact that it’s tackling something that can be very tricky: cross-platform video compatibility.  YouTube and Google has made a strong move in the progress toward HTML5 and rich web apps, in some ways technically but even more importantly – symbolically.

I’ll get down off my soapbox & back to the facts: YouTube has done an excellent job with the new mobile web site.  It’s so good that I’ve replaced the YouTube shortcut on my phone’s home screen from the one for the native app to a bookmark directly to YouTube mobile.

I can’t wait to see what they do next.

I’ve been using Google Voice since I got my invite in June of last year & absolutely love it. Everyone I talk to has that as my number, and now I can text from my phone & computer, and everything is always synced. It’s totally integral to my daily life now. I’m very excited that other friends can now make use of this great service.

That is, except for my friends with iPhones. Sure, they can use the service, but Apple has denied them the option & choice to use the service to its full potential. In arguably the most notable rejection of an app from Apple’s App Store, the company decided that the Google Voice app duplicated core features already available on the iPhone and wouldn’t put the native Google Voice iPhone app on the store. As we all know this is the only way to get apps for iPhone, so those who really want this app are SOL.

As most people also know by now, Apple is coming out with the next generation of iPhone, which may start landing in people’s hands as early as tomorrow. Pre-order sales have overwhelmed Apple & AT&T, and the device is obviously going to be a big hit.

Does the timing of Google Voice going public strike anyone else as a little more than coincidence? Google and Apple are directly (some would say aggressively) competing for market share in the mobile space with their respective mobile device operating systems/devices. With Apple about to roll out a major new product, it certainly seems like a great opportunity for Google to strike a blow to Apple by pointing out a few major complaints & missing features of iPhone by making a major product launch of their own. All those new iPhone users who unbox their shiny new device over the next few days & want to add support for Google Voice to complete the package will suddenly be met with frustration & disappointment when they discover that Apple has decided not to give them the freedom to get to use this service they’ve heard great things about from their Android-using friends. They may start to have a little resentment and feel belittled by Apple’s decison. If I were in marketing at Google, this is how I’d be thinking & actively working to create. It certainly can only help Android’s already rapid adoption & market penetration.

I may be reading way too far into this, but it’s the first thought I had right after I heard the announcement (well OK, maybe the second thought – my first one was “Yippee!!!!!!!”). It just strikes me as a little too perfect to be an accident.

What do you think?

Now this is the story all about how
My life got flipped, turned upside down
And I’d like to take a minute just sit right there
I’ll tell you how I became screwed by a store called Best Buy.

Based on the title of this post and its apparent topic you may be thinking that I’m being melodramatic or overreacting, but I am not.  You see, the incident that has incited this post involved my cell phone, more specifically a smartphone.  Even more specifically, a Motorola Droid.  I’ve had the phone since the day it came out (November 6, 2009) and absolutely love it.  Not only is the device itself amazing, the service I get on Verizon both for voice and 3G superb, but I have come to rely on its capabilities as an integral part of my day-to-day operations.  In fact I would argue that my phone and my car are the two most important possessions I have in terms of necessity for getting done what I need to.  So here’s what went down.

Yesterday (Saturday) my phone’s screen stopped working.  Thinking perhaps the software had locked up (primarily because it’s the simplest issue to fix) I removed the battery, reinserted it & powered the phone back on.  Signs of life – the backlight for the screen & buttons lit up, the haptic feedback was working, the touch sensor was apparently working – were evident, the only problem was the actual display was not showing a picture.  I was annoyed & frustrated, but wasn’t overly concerned because I have a Best Buy “Black Tie” protection plan on my phone which covers this sort of thing.  After drill I headed over to my local Best Buy to seek a replacement device (based on what had been explained to me at time of purchase of the phone about how the protection plan works).  The girl that helped me was very friendly & professional and things seemed to be going well…until they suddenly weren’t at all.  After about 5 minutes she asked me if I’d like to use a “loaner phone” which confused me.  I asked her why did I need a loaner phone?  Wasn’t I going to be receiving another phone since I have a protection plan?  It was at this point that I was informed of what the real policy apparently is: any device brought into Best Buy covered by a protection plan must be sent out for servicing, repaired if possible, and if not possible the customer will be authorized to receive a new device, all of which is at no additional cost to the customer.  Admittedly a reasonable policy; after all, why not fix the device if it can be instead of just throwing out a potentially perfectly good phone?  Makes perfect sense to me.

Here’s where things start to make much less sense.  I ask about the time frame for repair, to which the Best Buy employee responds that it could be anywhere from a few days to a month, and that typically after a month the customer is automatically authorized a new device.  I was pretty annoyed by this possibility, especially given a previous experience involving a 5 month turnaround time (after being told it would be no more than 30 days) for my laptop at one of Best Buy’s, now out of business, close competitors.  However, if Best Buy was willing to provide me with a loaner device to prevent me from being noticeably impacted by this incident during the repair time then I was willing to live with it.

The next question & subsequent answer are what broke the deal.  I asked the Best Buy employee which phone I’d be offered as a loaner.  She looked it up, and informed me that it would be the Verizon Blitz.  I was at that point unfamiliar with the phone, but when it was shown to me I was not pleased.  This is a simple feature phone with a full QWERTY keyboard, built & reviewed as a competitor to th LG EnV2, the phone I had upgraded from when I bought my Droid in the first place.  It was running basic Verizon firmware with no real capabilities beyond phone calls & texting (neither of which I do from my Verizon number anyway).  Given that my clients understand and expect that I am almost always available via email, which I rely on heavily for my business, and a number of other things I need my Android phone for that I’ll explain later on, this loaner phone would be simply insufficient.  When I explained these facts to the person helping me (and I’ll reiterate that she was indeed helpful & professional and doing what she could) and that by not having the services I rely on available to me it could impact my business, she told me that this was all Best Buy could provide me and that she wouldn’t be able to do anything about that in her position.  Displeased with this answer and not being willing to put out $150 for use of a phone as equally insufficient to my needs as old ones I already had at home to use, I thanked her for her time, kept my phone and walked out.

At this point more deeply frustrated than I had been when my phone first stopped working as it now seemed the service I had been paying for was not going to be serving me fully, I decided to go to the dedicated Best Buy Mobile store nearby to see if perhaps they’d be able to give me a loaner phone more logically suitable for a smartphone user.  This endeavor yielded the same result, same dialog with an employee, and additional expression of regret that Best Buy wasn’t able to help me more fully.  I was now moving past the point of frustration and starting to actually get mad, which as anybody who knows me well will tell you, is a notably rare occurrence.  This should indicate even more the importance to me of my phone & its abilities being available.

At this point I did my best to place a phone call to a close friend for some advice – obviously not an easy task given that my touch phone’s screen was not working.  He suggested I go to the local Verizon store and inquire about effecting an exchange since the phone is less than a year old and is still under manufacturer warranty.  I did this, and worked out a solution with Verizon.  Problem (almost) solved.  They are shipping me a phone which should arrive tomorrow.

So now that we’re all up to speed on the back story, I want to clarify my issues: first off, I have no complaints with the individual employees I dealt with, and in fact have good things to say about them.  So for any Best Buy representatives who are hopefully reading this, please take note of that last statement as one of the most important in this post.  They were as helpful as they were able to be in their positions, and displayed nothing but professionalism and courtesy.  This issue has nothing to do with them at all, and the only reason I even made mention of them was because it was necessary to provide the context.  My issues are with Best Buy the company and its policies regarding customer service and support.

As stated above, the policy of sending phones out for repair rather than automatically replacing them is reasonable.  I understand why that would be desirable as it likely costs much less than a new phone.  In fact, I’d rather have my current phone repaired as it apparently has a keyboard unlike any other Droid: the individual keys are raised & much more textured than the typical Droid keyboard:

I’ve spoken with a number of other Droid owners I know and none of them have a keyboard like mine.  The employees at Verizon and Best Buy all said that mine is the first one they’ve seen like that, and they’ve seen many hundreds (at least) I’m sure.  I very much like the keyboard on my Droid and would be happy to keep it if possible.

That Best Buy feels it to be acceptable to provide smartphone users with no option as a loaner other than a generic feature phone with very limited capabilities is very much unreasonable.  I am heavily reliant on my Droid on a daily basis, and I’m sure I’m not as much of a power user as many, many other customers out there.  To give them a poor substitute as a stopgap is at best frustrating, and at worst disrespectful and insulting.  To the customer it implies that Best Buy assumes it is in a position & has the right to decide whether the needs a customer has for their device are worthy of a comparable device, or whether they can afford to be “out of reach” from certain forms of communication for an apparently indefinite amount of time.  I can think of few better ways to quickly elicit infuriation on the part of the customer than for a company to disregard its customers’ wishes and presume to know better what will suit a person’s needs without any options should the customer disagree.  It is perhaps this apparent arrogance, conscious or otherwise,  that exasperated me most and left me with such disdain.

So I propose this: to start with, Best Buy should re-evaluate their priorities in terms of customer service.  Let’s be honest: when it comes to brick and mortar electronics retailers, Best Buy is the only big game left in town now that Circuit City is out of the picture.  If anything this should mean Best Buy should be working harder to keep good standing with customers.  Given that Best Buy deals in the technology market, a large segment of their customers are probably more willing to buy off the Internet than in person than many other markets.  Compound that with the often lower prices you can find online and you can start to see why Best Buy’s customer experience should be paramount in their strategy.  If we narrow down to the mobile sector, Best Buy is also in a good position.  They carry phones from all major carriers, and offer things like instant rebates instead of the mail-in ones that are slow and a hassle, and also tend to have lower prices than the carriers’ official stores.  All of these bode well for Best Buy.  However, as smartphones become increasingly common and in demand they should be accommodating customers willing to pay the premium for these devices, instead of demonstrating to the customer that they are not that important after all.

Second, re-structure the protection plan.  If they already are willing to offer loaner phones, go all the way with it.  I’m not saying they have to offer the top-of-the-line devices as loaners.  Perhaps offer a Droid Eris to all Droid lineup users.  The phone would be cheaper for Best Buy to purchase for use as a loaner, and would allow the customer to stay productive through the repair.  Plus, they could keep the phones in circulation for a limited period of time, then sell them as open box at a reduced from full retail price.  This might be very appealing to those customers who don’t have a protection plan on the phone they just broke, and could potentially draw in additional customers who may otherwise go directly to Verizon or another carrier and now have the option of saving money on a replacement, and make them satisfied Best Buy customers as well.

All of this should be doable – better yet, has to be doable.  Mobile is the fastest growing segment of technology in terms of adoption – does Best Buy really want to alienate the “high rollers” of that sector?

Compare this to auto insurance: let’s say I happen to be the driver of a 7 passenger vehicle because I have a wife, 4 kids and a dog, and I need that vehicle to transport my family.  Something smaller won’t be sufficient for me to get the job done.  So let’s say one day I’m driving down the road and I get hit by somebody ignoring a stop sign – in other words, my car is now damaged & possibly totaled through no fault of my own.  Luckily, I have good car insurance with a low (or no) deductible.  Better yet, I have rental coverage so the insurance company is going to give me a loaner car for the time it takes to either repair my damaged car or replace it if mine is totaled.  Sounds great!  Except the only car the insurance company can offer me is a 2 seater subcompact.  Nevermind the fact that it will never be sufficient for the things that I have to do each day (what am I going to do, tell my kids “sorry, I can’t take you to school until the insurance company fixes or replaces the car”?), and that I’ve been paying each month for my insurance to keep me on the road in case just such an accident occurs.  There’s just nothing they can do for me because the rental company they use either doesn’t have any comparable vehicles in stock for use as a loaner, or because maintaining the inventory is too costly.  How long am I going to be a customer with my insurance company, or how likely will I be to ever use that rental company in the future?  You can bet your end-of-year bonus I’ll be insurance shopping while my car is still being evaluated, and the second I have either my car or a replacement back in my name neither company will see a dime of my money again, and I’ll be sure to tell my friends & family about my experience.  Better yet I’ll tell all my clients who happen to defer to me for advice on these sorts of decisions since my job is related to those industries (that analogy is relevant to me personally as well, but I won’t even elaborate on that right now).

I was very satisfied with what I understood the Best Buy protection plan to be and felt comfortable & secure in using my phone in a variety of situations without fear as a result – until it was time to make a claim on it.  The experience has left a bad taste in my mouth, a flavor I’m not at all interested in trying again unless the recipe chances noticeably.

However, I am still open to discuss this situation with Best Buy and come to an amicable agreement and resolution.  If that can be done than perhaps I’ll be more willing to consider making future purchases (and making that recommendation to friends, family & clients).  So if any Best Buy official is interested in trying to save a client, and possibly many others as well, feel free to contact me about it.  Just don’t expect a very rapid response as I won’t be near a computer for a few days, and for obvious reasons I’m currently not getting messages anywhere else.

While I was undeniably disenchanted and fired up while writing this, all accounts of events and information given & received are true to fact.  Nothing was embellished, exaggerated, or otherwise skewed for dramatic effect.

Photo courtesy of Andy Feliciotti

There are other days than Monday, therefore I am labeling the #BMWMonday crowd the #BMWbunch , if ya’ll don’t mind. Pass it along.

— Martin G. (@AsianMartin) March 22, 2010

So…I’m passing it along.  It’s a good point and a good idea, so let’s run with it.  You can find me on Twitter @ConoverBMW.

Update: @AsianMartin has made a valid point regarding this change:

Woah woah woah I didn’t mean to change #BMWMonday ‘s designation altogether! I just wanted to use the new name on other days than Monday…

— Martin G. (@AsianMartin) March 23, 2010

As a result, here is my proposal: Use #BMWBunch every day, and on Monday use both #BMWBunch and #BMWMonday together.

First Impressions
The first thing you’ll notice about the SPOT is the box it comes in.  That may sound a little obvious and stupid, but take a look at it and you’ll see what I mean:

The box is heavy on bright orange and photographs of dangerous situations.  The company’s slogan, “Live to tell about it” is emblazoned all over the box.  It’s certainly eye-catching, and immediately gives the consumer the impression that the company wants: this device is crucial to saving your life.

Once you open the box, it’s more of the same: flashy catch phrases and bright colors, all pointing to the same concept.  This was my favorite phrase on the box:

It’s not my favorite because of the unpleasant image it conveys, or because it’s sort of cleverly worded, but because of its bluntness: use the SPOT, and you probably won’t die.  I actually find it a little funny.

Once you finally get inside the box, you find the SPOT.  It’s about the size of a regular point-and-shoot digital camera, and about twice as thick.  When you take it out of the box, the first thing you notice is the rugged case.  This this is obviously meant to take a beating.  It’s made out of hard plastic, with a big rubber surround and grip.

As you can see from the pictures, my unit has already gotten a few bumps and scratches.  I’ve dropped it on concrete, left it out in the rain, and it doesn’t even seem to notice.  It is definitely a solidly built product, capable of going where it’s intended.

The unit sits well in your hand as well (not that it spends much time there, since there isn’t a screen).  The rubber grips on the sides do a good job of making sure it won’t slip out of your hand.  If it does slip and fall overboard however, you don’t need to worry too much since it floats:

Unfortunately, it seems that it doesn’t like to stay upright for very long.  So, if you happen to be sending a distress call and it falls in the water, it may not be able to keep sending that signal until you recover it and aim it back toward the sky.

Once I got it assembled and activated it on the SPOT web site, it was time to test it out.

Using SPOT
The unit is incredibly simple to use.  To turn it on, just press the “On/Off” button so that the LED blinks.  You have to let it sit for a few seconds after you turn it on before you can use other functions.  Once it’s ready, just press a function button (there are only 3) based on what you want it to do.  The manual explains the specifics on how to do it, so I don’t feel like I need to go into them here.

Put it in a place where it will have a clear view of the sky, and then just let it go to work.  I usually use it in tracking mode.  When this feature is on, it sends a GPS position to the SPOT system via satellite every 10 minutes.  You can then go back and look at your “breadcrumb trail” later in your account control panel, or if you have Shared pages, other people can see it in real time.  I have this feature enabled for mine.  You can find my public page by going to spot.cconover.com, or by clicking on the SPOT logo on the right sidebar on my blog.

The GPS appears to be very accurate, often pinpointing you down to the parking space or dock slip you’re in. Sometimes the data is a few meters off, which you really only notice when you have it tracking while you’re in one spot for an extended period of time as you’ll have a number of points in a cluster around the spot where you actually are.  That said, for the most part it’s right on target.

The SPOT satellite network is very reliable as well.  When in tracking mode, the unit will transmit your position every 10 minutes.  Even when traveling in urban areas it manages to successfully send the data almost every time.  This is particularly handy for me, since I have an 8 hour drive between school and my house, traveling through many urban areas.  It’s very nice for my parents to be able to hop online and see where I am at any point during my trip instead of having to call me.

The worldwide coverage of the SPOT network is very good as well.  This will be especially nice for Sea Term this year so that friends and family will be able to track us throughout the trip and see exactly where we are.  For individual use it’s good for the recreational boater who may not have an EPIRB, or can’t get a cell phone or VHF signal.

Battery life on the SPOT is very good as well.  The manual says that it can send up to 1900 messages on a set of batteries, which if you ran the tracking feature continuously 24/7 would give you about 2 weeks of tracking.  The device does require Lithium batteries, and they make sure you know that by writing it everywhere they can find on the back of the device.  Lithium batteries are non-rechargeable (unlike their lithium-ion counterparts in cell phones and digital cameras), and are more expensive than regular alkaline batteries.   However, they’re not that much more expensive, and last significantly longer, as well as being more resistant to damage from harsh climates.  I’ve used mine almost every time I drive anywhere and it’s still running strong on the original set of batteries.

So far I’ve been impressed with the SPOT’s performance.  I’m eager to see how it does out at sea in a couple of months, and until then I’m going to keep using it in various conditions to see how it does.

Have you used a SPOT, and if so what’s been your experience?  If not, would you consider getting one?

First off, there is a video series that the Coast Guard has put together called “It’s Just Eight Weeks” which highlights portions of recruit training, to give prospective enlistees an idea of what training is like.  My understanding is that the videos will soon be obsolete, as they are overhauling the training program and a lot of things are going to change.  That said, it’s still an interesting series.  You can find it here:
It’s Just Eight Weeks

The next sites seem to have shown up in time for the Commandant’s announcement of expanding social media and Web 2.0 usage in the Coast Guard.  First up the TRACEN Cape May’s own web site, which seems to still be under construction, but has useful information nonetheless.  You can find that by going to www.uscgbootcamp.com.

The last site appears to be the newest of all.  TRACEN Cape May now has a blog on Blogger, with the very first post dated 23SEP08, which is only a day or two after the Commandant’s announcement.  The first “from recruit training” post on the blog shows a recruit company doing pugil stick training, so they’re obviously wasting no time in getting cool information out on the web.  You can find the blog at uscgbootcamp.blogspot.com.

One thing I find really cool about the last two sites is that they say right up front that they will be posting submissions from recruits during their training.  Some of you may be aware that while I was in boot camp, I posted on CGBlog.org via snail mail about my experiences.  I think it’s awesome that the Coast Guard is now embracing this idea as official policy.

Google Analytics: This plugin is crucial to me, perhaps above any of the others I use. I love Google Analytics – it’s so easy to use, and it gives you so much information. However, I sometimes get a little frustrated with it in conjunction with WordPress. When I decide I want to switch themes, I have to go through and manually paste the tracking code into each appropriate theme file, which can be frustrating, especially when I realize days later that I missed one. Also, since I’m a frequent visitor to my own blog to make a new post or whatever other reason, that can skew the accuracy of the data being presented. I’ve used the filter feature in Analytics before, but I’m not always at the same location when I access my blog, so for me it’s not that effective. The Google Analytics plugin solves both these problems. It automatically inserts the tracking code you provide into all the pages, making sure that no page view is overlooked – except, of course, for the ones you tell it to ignore. It allows you to choose what user levels not to gather tracking data from, so you won’t see all the visits you (or other authors/admins) make to the site, resulting in a more accurate reflection of the visitors to your blog. This is a must-have for any serious WordPress user.

WordPress.com Stats: This one complements the Google Analytics plugins, and between the two you get a wicked good picture of who’s coming to your blog and what’s bringing them there. WordPress.com Stats tracks information specific to bloggers, and displays the stats in real time. That way you can start seeing immediately once you’ve made a post how long it takes for people to discover it, as well as how they’re discovering it. It tracks the number of visitors, search queries that led them there, most popular posts, as well as other information. Another must-have for any real blogger.

Advanced TinyMCE Editor: Let’s face it, the editor that comes with WordPress is a little sparse. beyond very basic text decorations and inserting links and pictures, there’s not a whole lot you can do with it. That’s a little frustrating for software designed for a type of web site that’s all about creating content. Advanced TinyMCE Editor is the answer to every dissatisfied WordPress blogger’s prayers. It provides you with a full-featured editor like you’d expect to find in an office suite or a word processing web application. More advanced text decoration tools, table modification tools, spellcheck, and a lot more that you’ll have to try.

CForms II: A contact form is a great way to let readers feel more connected to you, and to get direct feedback about your blog beyond the comments left on individual posts. I’ve tried a number of different form plugins, but none of them have come close to cforms II. Unlike any others I’ve found, this one lets you create your own forms using a graphical system, and even allows you to use Captcha image verification, auto-clearing and requiring fields, all with the click of a mouse – no code knowledge needed! You can have multiple forms if you’d like to allow readers to contact different people, or want different information depending on the page they visit. The features and options available with this plugin are immense. When you insert the form into a page, it does include a small credit link at the bottom of a form. With most of the plugins I’ve found, that turned me off of them. However, this one’s so flexible and powerful that I was willing (even happy) to help the creator out. There’s no other contact form plugin worth having, so definitely check this out.

Lightbox with Add Lightbox: Lightbox is an awesome plugin that displays images linked on your blog in a cool flash viewer on top of the page.  Add Lightbox automatically inserts the rel attribute into the image link so you won’t have to manually set up using Lightbox on every image.  When combined, it allows your readers to look at pictures on your blog much more easily and quickly, while still making it easy for you to take advantage of this.

These plugins are a great start to making blogging easier and better in 2008.  Slap these in, stir up some content, and you’re good to go!  Happy blogging in 2008!

Deluge is a BitTorrent client created specifically to be lightweight, so you won’t have to kill your system performance just to download that new Linux distro (c’mon, we all download legal BitTorrent content, right?).  It provides all the features that Azureus does (or at least the ones that you need) and you won’t even notice it running.  I like to maintain my anonymity when downloading torrents, so the proxy and encryption support are vital to me.  It’s got other cool features that I didn’t have with Azureus, such as a built-in anonymous web browser that has dedicated proxy servers to keep you anonymous while you’re searching for torrents, and the ability to password-protect the program so people can’t just open it from the system tray at a whim and see what you’re downloading.

The interface is similar to Azureus, so it makes switching easier.  There are certain parts of it that are even more efficient, such as the torrent information being visible at the bottom of the window in dynamic tabs, rather than having to open a new tab for every torrent you have running.  The statistics automatically show up when you open or select a running torrent.

I’m definitely sticking with Deluge as my client.  It’s fast, reliable, and easy on the system.  Finally, I can download the new Ubuntu – because I would never use it to download music :-p

• 500 GB disk space
• 5 TB bandwidth
• $5.95/month

I looked a little deeper, and found all the standard stuff that the other big guys offer – unlimited email address, unlimited hosted domains, etc. – along with some other features I didn’t see anywhere else like automatically increasing disk space & bandwidth limits, and streaming & chat server support. I found out that the $5.95/month price only applies if you sign up for 10 years of hosting at once, but the 1 year price isn’t too bad, and if you use a promo code you can get a discount off the first billing cycle. I’ve made a promo code for my readers to get $50 off, which is the maximum amount Dreamhost now allows; the code is cconover50.

There are a few things about Dreamhost as a company that makes me happy to give them my business as well. First off, they are a small business, owned by the employees. Having been self-employed with a small business of my own, I like to support other small businesses when I can. Also, they are a green company which means that they are carbon-neutral. I am a big propoent of alternative energy and environmentally friendly practices, so I’m glad to support a company that believes in it too.

I know this sounds like a paid advertisement for Dreamhost, but I am just a really satisfied customer who thought he’d share his experience with other webmasters/bloggers looking for good hosting.

Who do you host with, and what do you think of them?

Qik is a new service that allows you to stream live video from your phone to viewers around the world via the Internet. It uses software installed on your phone to stream the video captured by your phone’s camera to the Qik servers, where is provides it to other viewers, as well as recording it for you to view and use later. They currently only support a handful of phones (all Nokia), but they say on their web site that they are “constantly adding support for new phones” so hopefully that list will expand to other manufacturers soon. I smell an awesome app for the iPhone, or for Android…

This definitely looks like a service to watch, I can definitely see it becoming the Twitter of video.

Once you sign in to your GMail account, and are brought to your inbox, you simply go over to the Google Chat buddy list and click Options, then sign in to your AIM account. It prompts you for your AIM screen name and password, and then you’re good to go. It shows status the same way that it does for Google Talk buddies, and displays aliases as well as away messages right on the buddy list. I have everyone on my buddy list aliased for easy reference, so I was pumped to find that out! The chat window pops up the same way, either within the GMail window you have open, or optionally as a popup window.

Google added in features like chat history from the Google Talk system for use with AIM, so it almost makes you want to just use GMail for AIM all the time. Even if you continue to use the regular AIM client, or something like Pidgin as your primary instant messaging client, it sure is a huge improvement over AIM Express for web-based AIM access. I, for one, give it two thumbs up…right after I finish using them for my conversation.

However, as reported on TechCrunch, the open network policy will most likely result in a “two-tiered” network: one for customers who went through all the existing channels to become Verizon subscribers, and one for people who wanted to bring their own equipment and applications to the table. Verizon isn’t known for giving their customers much control, so it’s not surprising that they’re not suddenly giving it away in one fell swoop.

However, the upcoming FCC spectrum auction may require them to do just that. Part of the requirement for being eligible to bid on the 700 MHz spectrum is to allow open devices and open applications. Verizon seems to be trying to show they’re willing to comply ahead of time, in an effort to demonstrate that they’re really serious about the auction and getting a piece of the newly available spectrum. This auction is a major event in the wireless telecommunications industry, since it will significantly affect the competition in the market. Hopefully, the result of this auction will be a viable alternative to Cable and DSL broadband services. Companies that can buy a piece of it will be able to be competitive, and those that can’t won’t be able to keep up. Verizon knows this, and following their failed efforts to change the FCC’s policy, they are willing to sacrifice a little to be eligible for the auction.

Regardless of the reason, it’s a step in the right direction, and Verizon’s all but permanently made the decision to open up, pending the results of the auction in January. Assuming they are able to grab a chunk of the spectrum, they’ll have to support open devices and applications as long as they own it. Consumers may finally have a little freedom to operate if they subscribe to the largest wireless carrier in the country. Until that new spectrum becomes available to consumers, however, this announcement seems to be a lot more sound than substance.

The WildCharger is capable of charging up to 5 devices at once, and is powerful enough to even charge a laptop.  Each device needs to have either a WildCharger adapter, or have the capability built in, but once your device is WildCharge-ready, you’ll never have to plug it in again!

This thing even appeals to my green side, since it is claimed to be nearly 100% efficient and removes the need for excess chargers, and the materials and manufacturing they require.  The pad itself is $60, which is really pretty cheap when you consider that it’s about $30 to buy a charger for your phone alone, and can be used with any phones you buy after that.

Now granted, I haven’t gotten to try one out so I can’t say first hand just how cool the actual device is, but if it works as advertised then I’m getting one.  I am definitely keeping an eye out for when they make an adapter for my phone, because this is a wicked cool gadget!

Google will most likely be vying for spectrum against big names like Verizon Wireless and AT&T, whose experience in the industry puts Google to shame. However, it’s not that often that the opportunity for true change in a closed, tightly controlled industry – like the wireless telecom industry – is presented. Google has the financial resources to effectively compete against the existing carriers, and has a reputation among consumers for providing easy to use, convenient, free services that work well. If they are able to gain a portion of the wireless spectrum, they stand to present a legitimate threat to the traditional structure of wireless carriers.

Android is an awesome concept, and I hope that it succeeds. However, as I said when that announcement was made, the major roadblock for Android’s success is the wireless carriers, and their ability to lock down the OS once it hits their network. If Google is the network, and allows Android to be used the way they promote it, they could have a strong recipe for success, and – dare I say – revolution in the industry.

I still think, however, that they’ll need a “GPhone” to release with Android, as well as if and when their wireless network is open for business. What do you think?

The first looks at Android are appealing. The Android developers released a video demonstrating some of the basic functions of Android:


It has the desktop-like browsing, the 3G, the hardware acceleration support (in case you want to play Quake on your phone), most of which look similar in function and hardware interface to the iPhone. I know, everybody’s comparing Android to the iPhone, so it sounds tired that I’m saying it too. But let’s face it: the iPhone has revolutionized the way people think about their phone and the way they interact with it. If Android stands a chance at succeeding, it does to a certain degree have to mimic the iPhone, or create something so revolutionary in both form and function that it makes the iPhone seem obsolete. As much as I’m a fan of Google and their web innovations, and as much as I’m sick of hearing the praises sung about the iPhone and iPod, I just don’t see Android busting the iPhone any time soon. All that being said, there is one major thing that Android has above the iPhone: open source, and the freedom to develop and install any apps you want.

The Open Handset Alliance states that Android will be fully open source, free to modify and develop for. However, it does not require carriers to keep the OS unlocked once it’s installed on phones for their network. So at first glance it looks like the long-awaited answer to the monopoly cell phone carriers have on phone software, yet as it’s written now, it will still allow carriers to keep a strangle hold on the mobile software industry.

The key, I think, will be the handsets it ends up on, to create the full hardware and software package. If Apple had simply created a new mobile OS and contracted with Blackberry to provide the hardware, I doubt the response would have been anything close to what it was. In order for Android to appeal to the general public beyond developers, I think it needs to have a recognizable hardware package as well; something that was developed specifically for Android to act as a “release device”.

I’m very curious to see how Android’s entry into the mobile phone market plays out, and I’m hopeful that it will create enough competition with the closed source developers that the carriers will realize the need for change. However, with the largest carriers in the U.S. (AT&T and Verizon) missing from the OHA and the iPhone still the epitome of next generation phones, I’m not sure how much of a threat it’s going to be able to pose.

Skribit was officially launched this morning, and as stated in the FAQ section of their site, it’s still in “closed beta” so it’s unavailable to the general public. However, you can create an account in preparation for its public release, or simply request to be contacted once it’s available. I’m definitely planning on trying it out and most likely keeping it, so I’ve created an account.

What makes this widget even more appealing beyond its purpose, is the way that it’s implemented: it has a management environment to back it up. Suggestions made to you, as well as suggestions you make, are all organized on the Skribit web site, making it easy to go back and see what’s been suggested in both directions.

It also provides another way for bloggers to discover and connect with each other. Think of it as pre-commenting: rather than readers/bloggers waiting to see what a particular blogger has written and then commenting on that if they have thoughts about it, readers actually get to take a front seat role and help guide the blogger on what his or her readers really want to know about. Plus, the blogger can then discover other blogs they might like themselves, through the people who read their blog and suggest topics.

I’m personally really glad to see such a thing developed. I’ve thought this would be useful for a long time, but haven’t had the resources to implement it, especially not to the scale that Skribit will (hopefully) reach. It looks like it will be a great product, and has the potential to become as much a part of blogging as commenting itself.

The plugin is called Flexible Upload, and its name says it all. It will resize the image to whatever size you specify, and allows you to choose which dimension you want to base it off of. It also creates the thumbnail image to whatever size you want. This makes it very convenient for putting images inside posts, since you can have a thumbnail image that’s larger than the one WordPress creates by default, but still small enough that it’ll load quickly.

My favorite feature of this plugin is the watermark feature. This allows you to insert your logo or some other identifying image in the image you are uploading, and allows you to choose where in the image to insert it. I have it set up to insert my logo in the bottom right corner of all pictures I upload. That way, all the images on my site will be visually identified with me, whether or not they’re viewed on my site or elsewhere.

There are a number of other features for modifying the appearance and placement of images in posts, to streamline that process as well. It covers things like alignment, link target (especially useful if you use something like Lightbox), etc.

This plugin is a much needed addition to WordPress. I’ve always thought that the upload system is a little sparse, especially when it comes to images. This fills in the gaps and more. This is a must-have plugin for anybody who uploads pictures to their blog on a regular basis.

Picking the right colors can be a little challenging, especially if you’re not very familiar with the color wheel and the different properties of color. This is especially true when it comes to web design. Not all colors are good choices for use with web sites, so it’s important not to use the ones that aren’t. One of the best ways to avoid color problems is to use a color scheme generator. This will allow you to pick out the base color you’d like to use, from a choice of predesignated “web-safe” colors, and create a color scheme for you from those. Some are more powerful and flexible than others, so I’ll give you a variety to choose from.

Color Scheme Generator 2: Simple color scheme generator, using a color wheel and some basic color combination techniques, such as complimentary and triad. This is very useful if you already have a color in mind.

Color Palette Generator: This allows you to create a color scheme from an image, such as a photograph. Simply provide the URL to the photo, and the software generates a color scheme based on the colors found in the image.

Color Schemer: Downloadable software to help you create color schemes. Similar to Color Scheme Generator 2, but a little more powerful. My favorite feature of this software is that in addition to picking out colors for you, it shows typical site layouts and how you could use the colors in the layouts.

ColorZilla: An extension for Firefox which helps you pick colors based on colors used on other sites. Includes a feature called Eyedropper, which will tell you the exact color code in RGB and Hex for any pixel on a page, even in an image, to help you determine exactly what color you’d like to use.

These tools can make color scheming much easier, and can help to improve the overall visual appeal of your site. Happy scheming!

One of the nicest aspects of WordPress is its ability to be used as a complete web site management tool, rather than just a blog. Its ease of use makes it a great solution for people unfamiliar with web site management, and daunted by the complexity of larger content management systems. However, there is something missing from the default WordPress installation: the ability to easily manage page menus. There are a number of plugins that let you do this, but I’ve found two that I think are the most valuable to have.

What makes these plugins important is a couple of things: ease of use, and functionality. Both of these plugins make it very simple to achieve the desired result, without giving you too many options to confuse you or get in your way. Sometimes, less really is more.

My Page Order is a great tool to help you manage, well, the order of pages in your menu. WordPress does natively support page ordering, but doing this is a little cumbersome. My Page Order eliminates the need to manually set the order value of each individual page, and instead gives you a clean, easy-to-use ordering tool in the WordPress admin area. simply move the pages up and down with the buttons, and click Order Pages when you’re done. It even supports ordering of subpages.

Fold Page List is another vital tool to anybody managing a site with more than a couple basic pages. If you have content categorized, and make use of subpages, this is a must-have. This plugin dynamically expands and collapses your subpage menus when you navigate to the parent page. That way, you don’t have to have a page menu that extends endlessly down the page displaying all your subpages. Simply replace the WordPress default page list function with the Fold Page List function, and you’re good to go. It supports all the WordPress parameters, and integrates seamlessly into your site. It also gives your site a much more professional feel.

These plugins will make site management much easier, as well as more user-friendly for visitors. Also, be sure to check back to the plugin pages for updates, as they add capability with newer versions of WordPress.