While cruising around Digg today I found an entry about a site called Famster. It looked to be a great site to get your family located online. The service looked really promising from the outside and after signing up I thought that it might be something that I’d share with the rest of my family. Then, I discovered their security, or lack there of.
They use security by obscurity. If you are not familiar with that, it is basically this. I have Object A that has a link to Object B. In order to make Object B protected, I removed the link from Object A to Object B. So, now Object B is hidden. Well… sorta. If I still know the link to Object B, I can still access it. So is the case with Famster. But, if you guess on account name you could find other accounts on the site and exploit the security as well. Not very good security to me.
That’s just one of the issues that I had with this service. Another was that there is one administrator account and then the “member” (or family members) account. I really hate the idea of just two accounts, there is not accountability for actions on the system. Yes, you should be able to trust your family, but that is not the problem. It is the person who is not in the family who can silently access the site without you knowing who they are or what they are looking at. That really bothers me. We are in an age of technology where this is not a problem that should be occurring. It is not too much to ask to have family members have their own accoutns and own up to their actions on a system. At least I don’t think it’s too much to ask.
So, Famster, upon further inspection, your security is just not up to par. Your site looks great, but after 20 minutes of poking around on your site, I am terribly concerned with what I found. I don’t want to spend a lot more, because I’m afraid of what I might find.
Update @ 6:23pm: I’ve been informed that the issue of being able to access something that is private via a url has been fixed. However, I have been unable to verify this.
Tonight I was introduced to Google Finance by Aaron. At a first glance it’s very “Google”. Not a lot of data, a simple design, and information that they’ve harvested from the Internet. But, if you take a closer look at a stock chart, you will be blown away. Or, well, at least I was.
The ticker pages are very simple and easy to read and contains points on the chart that correspond to news stories from Google News. How cool is that? Now you have a pinpoint on when news breaks and how stocks react. This is great. No longer do you have to do this yourself. Or, well, if you did ever do that, now you don’t have to. Also, drag the top bar around and you can watch the chart and the new pins change in real time. Really neat stuff here.
Now, this does come at a cost. Google Finance only provides very basic data about each of the stocks. But, it provides the majority of data that you’d want: ticker, real time ECN, balance sheet, income statement, summary, competitors, their segment, and so on… There is not a ton of extra information listed, like you might find on Yahoo! Finance. But, the neat news visualization is worth the look.
One thing that they could to to fix it up is to use the ticker in the url everywhere. None of this number business in some places and the ticker in others. Take a note from Yahoo and almost any other site that deals with quotes. But besides that, I’m really impressed so far. Let’s see if it can replace my Yahoo Finance! page.
Update 3/20 @ 11:30p: Google Finance is now offline…
Update 3/21 @ 12:03p: It’s back online
This morning, after deciding that we didn’t want a typical breakfast, Jamie and I made a venture to Azura Asian Bistro at the bottom of First Hill. We’ve been getting flyers in the ValuPak for a couple weeks now and we decided that their lunch buffet ($9.90 on Sat & Sun 11a-3p) would be a good chance to check the place out.
When we arrived, we noticed that the place was pretty small (max occupants is around 50). But, that didn’t take away from us wanting to go! It also has a very new feel to it. Which, makes it stand out (not in a bad way) in this older part of Seattle. However, when we got in around noon, there was hardly a crowd and you could smell the food. The buffet isn’t large by any means, but what is there is great. From beef and broccoli, to assorted dim sum, to soups, there was something for anybody who enjoys Asian cuisine. Oh, and a bunch of sauces to dip in as well. Can’t forget about the sauces.
After a couple plates a piece and a pot of tea, we were filled. I would highly recommend this place to anybody who likes Asian food and it’s a good place to get quality Asian food, including dim sum, at a very reasonable price. Next time we go, we’ll have to try it when the buffet isn’t open so we can check out the rest of the menu. But, if it’s anything like today, I’m sure I’ll be just as impressed.
OK. Help me out here, I don’t get Flock.
So, it’s social bookmarking w/ del.icio.us, blogging with your favorite blogging program, pictures courtesy of Flickr, and searching of your search/page view history. But, how’s that better than what I already do with Firefox? I have the del.icio.us plugin for Firefox, I have a bookmark synchronizer, and I can live bookmark Flickr feeds if I wanted too (but I use NetNewsWire). So, what am I missing? Continue reading “Not a Part of the Flock”
Today Apple announced the release of the newest iPod in their hugely successful line of iPods. This iPod, in line with many rumors, is video enabled. Also, as in the past, Apple has released an update to iTunes to harness this new video functionality. Continue reading “5G iPod”
Today Google Talk Beta went live. What it is, right now at least, is a Jabber server that you can use to talk to your friends, but without a lot of functionality outside of voice and text chat. In addition to the text chat it provides, it also has voice capability that is similar to what Skype offers. So, right now, that is really how I think of the app; a Skype competitor.
For me, this new tool from Google doesn’t offer me much more functionality that I can’t already get elsewhere. I think that they will need to get something in it that will really convince people that it isn’t just another IM client to use. I already use AIM and MSN, there is no need for me to get on Google Talk or Jabber. I guess only time will tell on whether or not the tool will provide any serious utility to the average IM user. Right now it’s too young to be of any use to the day to day IM user. But, knowing Google, they will improve it and it will have that one “must have” function that no other client has. What that is, I have no idea and if it will be worth using is anybody’s guess.
Last night Jamie, Kevin, Ash, and myself made the trek to Central Washington to see the Dave Matthews Band preform at the Gorge Amphitheatre. I had never been to the Gorge before to see a concert and in addition to that, the last time I saw DMB was when I was a Junior/Senior (I can’t remember which) in high school. But, needless to say, I am huge fan of the band. I think I own all of the CDs and DVDs that they’ve put out. So, ya, I’m addicted to this group and seeing them live is always a treat. Continue reading “Dave Matthews Band at the Gorge”