botWerks

i had a need to stretch and do something moderately nerdy and anti-social this weekend. i’ve been poking at foursquare over the last month or so and i  must say, it’s kind of cute. i don’t wander around the ‘hood as much as i’d  like to, but the app’s been a little more interesting to me than your average social media app.

i was a little curious as to what kind of checks were implemented with the API and how interaction with the API actually worked. it turns out that the API operation is dead easy. however, they don’t do some things like check the realistic time difference between checkins or the distance between venues for consecutive checkins.  as such there’s no notion of physicality associated with the application and the check-in process and the game.

of course this means that they’re dependent upon well behaved client behavior. to that end you only have to present the coordinates for the venue(s) you’re interested in, in order to obtain (or maintain) mayoral dominance.  you can use this to periodically check into a venue, even if you’re not physically there to pick up the GPS coordinate.  given that there are often perks associated with being a mayor of a particular venue, there might be some value in squatting on a particular location.

this begged a little experimentation. yielding foursquatter. a perl foursquare client script which can be trivially used to squat on a venue, or venues.

code and such is available on github.

it’s clear to me that my best efforts in educating the next generation of star wars fans under my tutelage have been for naught.  while discussing star wars episodes this afternoon, they were referred in terms of their corresponding lego kits.  i.e., the battle of hoth (which has a corresponding lego kit) was the reference as opposed to referring to the empire strikes back. i don’t know whether to chalk this up to a failing on my part or whether this is a function of the marketing muscle of lego.

on the main server create the directory and initialize a bare repo on the server.

% mkdir path_to_repo
% cd path_to_repo
% git --bare init

from the local machine with your content/code, add the remote origin and push your code to the repo.

% cd path_to_local_source
% git remote add origin ssh://hostname/path_to_repo
% git push origin master

share it or get it from another location …

% git clone ssh://hostname/path_to_repo

assumes that the person has an account on the host with the appropriate permissions to modify or read the repo contents.

pull changes from the server to pick up the latest …

% git pull origin master

the scraper in the scion gave up the ghost the other day. as a minnesotan, i’m more than a little picky about my scrapers. they’re critical tools. period.

most folks don’t appreciate the utility of the teeth on the back side of a well made scraper. they’re used to score deep ice or buildup and make use of the larger scraper blade more efficient. the alternative is to use the primary blade of the scraper to wedge through the build-up. a tedious endeavor.

the designers of this scraper clearly didn’t have an appreciation for the utility of these teeth, but they’d seen other scrapers on the market with these teeth. they structured the base of the scraper in such a manner as to render these teeth useless. fail.

nothing revelatory here, but some interesting background pointers.

i’ve been catching up on a massive reading backlog as of late. one of the topics egregiously in the backlog has been digesting the information associated with internationalized domain names (IDNs) and poking at some of the attendant follow-on considerations. given that there’s a huge hunk of the world that doesn’t use latin character sets, this is an increasingly interesting and relevant topic. particularly for network infrastructure dweebs.

for those looking for a good place to start on the topic of internationalization i highly recommend geoff huston’s writeup on the topic, Internationalizing the Internet. he provides a reasonable primer on interesting topics such as digraphs, glyphs, etc.

fortunately, localization of content presentation is an area which has received a considerable amount of attention within the computer industry. further, it benefits from the fact that there’s been a bit of give and take socially and from a development perspective to accommodate various localization requirements. e.g.: japanese writing and layout has undergone a bit of accommodation to “modern” publishing capabilities and computer interfaces.

internationalization of the Internet is another matter. of considerably greater difficulty is enabling the infrastructure to support the variety of localizations that are out there. the first among these is the DNS infrastructure. this leads you down a windy path of different encoding mechanisms and a whole host of additional security implications. of notea number of interesting variants on homograph
attacks.

looking at this from the perspective of network engineering, we’re really moving into a world where there will be new stresses and strains placed upon the DNS infrastructure.  what was previously a relatively low bandwidth infrastructure service will rapidly explode in terms of bandwidth utilization and processing requirements going forward.  considerable attention will need to be given to application design and verification mechanisms in the background to alert users to a host of new attacks.  it’s unclear what the implications will be on service / application developers over the near term given that most of the infrastructure elements associated with web services are ascii oriented.

misc. background reading:

• punycode – a means of encoding unicode into the ASCII character space.
• Phishing defense against IDN address spoofing attacks – abstract: Address spoofing is a common trick used in phishing scams to confuse unsuspecting users about a Web site’s real origin. With the introduction of Unicode characters into domain names, also known as Internationalized Domain Names (IDN), the risk has significantly increased even for the most cautious users. The author explores the various types of address spoofing attacks focusing on IDN, and presents a novel client-side Web browser plug-in Quero which implements several techniques—including highlighting—to protect the user against visually undistinguishable address manipulations.
• RFC 4690 – abstract: This note describes issues raised by the deployment and use of
  Internationalized Domain Names.  It describes problems both at the time of registration and for use of those names in the DNS.  It recommends that IETF should update the RFCs relating to IDNs and a framework to be followed in doing so, as well as summarizing and identifying some work that is required outside the IETF.

i’m behind on organizing pictures and notes from our recent trip to peru.  but when i was running through some video, i ran across this little nugget of annoyance.

imagine, if you will, that you’ve spent the better part of the last 3 days hiking 30 miles in the andes and you haven’t had a shower.  you’ve traipsed around machu picchu and you’re dog tired.  more than anything, you’re really looking forward to getting some sleep and chilling on a train on your way back home.

as a slight aside, i should point out that some folks who’ve hiked the inca trail and arrive at machu picchu to be confronted by, “we took a bus here” tourists get their teeth set on edge. when confronted by these tourists complaining about having to walk up and down stairs at a wonder of the world the last thing you want to do is have to put up with them on a train.

however, the company that runs the trains from aguas calientes is (justifiably) loathe to miss a marketing opportunity and after they’ve given you some light snacks and tea proceed to bust out the sales cart and the pulsating techno.  when you want to sleep and politely ignore the couple sitting 18 inches across the aisle from  you this is not helping things.

a note of advice – if you’ve going to do the inca trail and you’re making a decision as to which train you’re going to take back to cusco, or wherever it is you’re going back to, stick with your peeps.  you want to be with worn out fellow hikers and folks who aren’t going to be drunkenly whipping out their visa/amex/mc to purchase alpaca wool sweaters and shawls.  more importantly, you don’t want to be dealing with some rancid marketing techno while you smell like ass.