Arriving a little late on the scene, I am finally the proud owner of a new iPod Touch. I just could not get myself to make the full jump from my BlackBerry Curve to the iPhone, so I settled for an in-between move to provide some fun, sleek, fast Wi-Fi enabled browsing – yet keep the productivity tools I have on my Curve. If you aren’t familiar with the iPod Touch, it is basically the iPhone – without the phone (or camera, or GPS).

What’s the verdict? Well I can tell you this, nothing annoys me more than reading reviews of products that have only been used for a day or two. Personally, I’d love to see a website that carries product reviews of items that have been used for at least 31 days. I mean really, what do you know of stability or usability when you’re still in the new-gadget-honeymoon phase? You are all too likely to be blinded by the joys of a new toy than see product limitations. It can take time to notice what is NOT in a product.

So, what am I writing about then? Well for starters, aside from my limited user experience, this device is just simply impressive! I have been reading for months that many websites are more pleasant to read on the iPhone than on the PC and I figured those people were simply insane. A small screen versus a PC (or Mac) with a full keyboard, and people prefer that? By the way, no offense if you are one of those people – I probably admire you and am jealous of your iPhone.

This morning though, I began to understand. I had a morning like Corvida described in one of her recent blog updates, and was almost beside myself. In just a few minutes I caught up on my Gmail, Facebook, Twitter, checked the weather, and read the headline news on USA Today – all from my iPod Touch. And, all before I climbed out of bed. Browsing on the Touch (or iPhone) is actually pleasant! Do I access those items on my Curve? Hell No! Facebook, sure, sometimes, but it’s barely functional. Twitter is decent on TinyTwitter but there is simply no comparison. This REALLY makes me want an all-in-one device and hunger for the iPhone, but, will I switch?

The BlackBerry still rules the road when it comes to productivity, and typing, let’s not forget typing! Have you TRIED to type on an iPhone? I keep reaching for a stylus since my fingers seem way too fat for the tiny keyboard, yet I have no trouble at all with tactile keys half their size on the Curve. What about Copy and Paste? I use that all the time on my Curve and it is not natively available in the iPhone. In order to get Copy and Paste I will have to Jailbreak the Touch (there are 3rd party applications available to make this “kind of” work) and I can’t even do that yet since there was a recent firmware update the other day and there is not yet a new hack for the updated firmware.

Bottom line? The iPod Touch has an amazing interface, and it is a beautiful browsing device (and of course music too, it is an iPod after all) but I’m on the fence as to what my next cell phone will be. Then again, it appears though a new iPhone will be out soon, so maybe some of these issues will be better in the next version?

Maybe I’ll ditch the BlackBerry, AND the iPhone and just go for the Palm Pre…

Below is a sampling of what you can find on Twitter… or rather, WHO you can find. The list is in no particular order, nor does it represent my views on – anything at all. Enjoy.

http://twitter.com/BarackObama – yes, Mr. President himself
http://twitter.com/thewhitehouse 
http://twitter.com/USSupremeCourt 
http://twitter.com/HouseFloor
http://twitter.com/NationalDebt – this is depressing, but if you want it – it’s here
http://twitter.com/boblatta – Congressman for Ohio’s 5th District
http://twitter.com/danburton – US Representative, Indiana’s 5th District
http://twitter.com/ThadMcCotter – Congressman for Michigan’s 11th District
http://twitter.com/RobWittman – First Congressional District of Virginia
http://twitter.com/RobertBluey – Director of Online Strategy @Heritage.
http://twitter.com/Heritage – Heritage Foundation
http://twitter.com/timryan – Congressman for Ohio’s 17th District
http://twitter.com/johnculberson – TX Congressman
http://twitter.com/GOPLeader

Happy Tweeting folks!

The old proverb “Don’t judge a book by it’s cover” is simply, well, not true. The only time a person is driven to a book based on the content first, is when the book comes as a recommendation. If you are browsing books in a bookstore trying to find a particular area of knowledge – you choose books based on three things; title, subtitle, and the cover art. The truth hurts. So does trying to title a book in progress!

If you have been following me on Twitter, you may have picked up on the notion that I am writing a book. The entire purpose of this blog is for me to have an ongoing area where I can practice, and improve upon, my writing. Of course, the last few months my blog hasn’t received any traffic from me, therefore, my overall web traffic has begun to die. Blogs have a natural ebb and flow and unfortunately, lately, Techafina has been in the ebb phase. As I work on my book I hope to continue to write here as well because, I like my blog. Of course, I hope you do too. So if you are dismayed in the lack of posts lately, please don’t give up. I’m not going anywhere.

But, back to the topic at hand. Book titles…

As I have tried to figure out the “rules” in book naming, I have come across some excellent advice, and noticed some really bad patterns. A well named book will grab a reader’s attention – in 5 words or less. This is a tall order to achieve, and apparently, Daniel Defoe was not aware of this rule when he published Robinson Crusoe (the full title consists of more than 60 words). Keeping this in mind, why are there so many books named “How to learn x in y days” or “The Joy of z”?

Books that call out for me to pick them up have unique, creative names. I will pick up a book called Blink, or The Tipping Point, long before I will pick up a book with a “How to…” name. I don’t know, call me crazy, but I DO judge a book by it’s cover.

‘Tis the season as they say. No, not THAT season – I mean it’s Fall. Along with Fall comes the realization that many of my clothes from last year are worn out and need to be replaced. Next comes the ultimate chore – clothes shopping. I hate shopping. No, I mean I REALLY hate clothes shopping.

Men have no idea what it’s like trying to figure out what size each item is (which varies by store, as well as season, not to mention what is “in”), they have the pleasure of just dealing with measurements. I know I wear a variety of sizes between not only the number size, but then the style, and let’s not forget height. The definition of Petite by clothing manufactures is shorter than 5’3.” That’s just great for me because I am 5’3” which means a good part of the time Petite clothing is too short for me and “regular” sizes are too long. Next there is the option between Misses, Women’s, and Juniors. So you see, the variables expand at an exponential rate, and all I want to do is get what I need and move on, not try on six different versions of one item.

Is this just a normal rant? NO! You may have noticed before that I tag some blog entries with “Feature Requests” and that’s what this is semi-rant is about. I would love to see the following…

I would like to go into a local store and have myself scanned. Think of it as an x-ray, or perhaps something along the lines of a Motion Capture suit, like what Andy Serkis wore during the filming of The Lord of the Rings. Next, I’d like to be able to shop for my clothes online with any retailer I wish, and at the start of the session be able to click on my linked 3D-self (which of course my retailer would support) and move along with my shopping. This 3D image would then give me an option to “try on” a variety of clothing and styles, all virtually, from the comfort of my desk chair and the ease of a few clicks. Even better, my options would automatically be limited to only show me what would fit me, based on my 3D-Me. I could then order the items that fit and reduce the chance of having to return 80% of my order. This would actually make shopping much easier, faster, and, maybe even encourage me to “try on” more than I came to the store to purchase since I wouldn’t be worn out from trying on twenty different pairs of jeans.

Every year I would go back to my local 3D-Me store for a rescan to update my virtual self. Of course, I realize there are some software challenges to resolve, but can you imagine? Yes, 3D-Me please! Image by Cayusa

Aging issues and discussions are often avoided as they are seen as depressing, perhaps rude (who wants to acknowledge they are aging?) and just not very fun to talk about. Recently my family was facing some “end-of-life” decisions as my grandmother’s health declined at such a rapid pace that the entire family was discussing how to handle “things.” She said her goodbye’s and requested that all of her medications be stopped, her IV discontinued, and just wanted to be let go. Of course being my grandmother (of incredibly strong will), that didn’t really stop anything at all and she is doing quite well now, months later, and will be around for years to come. That aside, it brought up a lot of delicate discussions. Hard to believe since this woman is nearing 90…

When do we discuss aging? If we don’t discuss it in the early years along with proactive, preventative measures, what can we possibly discuss in our elder years other than reactive? I remember my grandfather put up an enormous fight over giving up his car keys, and later was seen driving his motor scooter down the street with a flash light tied the front… But again, I digress.

Is anything being done to improve “quality of life” of the elder community BEFORE they get to a stage where “matters need to be discussed?”

I came across some news this past week about a program that is being piloted to allow older drivers reduced car insurance. Allstate has a plan in the works that would offer clients aged 50-75, discounts in exchange for GAMING! Gaming often receives a bad rap for being a waste of time, instigating violent behaviors, or just whatever-negative-reasoning-someone-can-create. The truth is that gaming increases cognitive behavior and response time and is an excellent way to rejuvenate the mind.

The news of Allstate’s program is what I hope to be the first of many such ingenious ways to discuss aging matters, improve quality of life of those currently in the “Baby Boomer phase” and simply bring attention to an aspect of life that usually receives a “shhh” response.

Now, what does this have to do with “Geeks & Gamers?” It’s simple… how many assisted living homes have Themes? None that I’ve come across. There are the standard services offered along with nursing care and different levels of assistance and monitoring. What about activities? How many assisted living homes provide the option for those to live with other people who have common interests? I picture assisted living homes like college dorms, but they are nothing like that at all. Why not?

Forget arts & crafts, shuffle board, and Mahjong. I want to see assisted living homes have themes, and most importantly, when it’s time – I want to live with the geeks and gamers. I’d like to spend my evenings in the common room playing D&D, Magic the Gathering, or whatever MMO (Massively Multiplayer Online game) is popular in 40 years so I can play alongside my friends in other parts of the country.

What about you? What do you want to see change?

Tired of your day job? Not enough credit for the heroic work you accomplish? No need to wait for a mid-life crisis! Bad Horse is here for you and just what you need to spice things up a bit.

Take a chance. Be brave. Be evil. Apply to the Evil League of Evil and don’t tell your co-workers! This is your chance to take a stand against the oppression of Heroes and everything they represent.

Need to refresh your memory (or catch up on what all this Evil speak is about)? You can view Dr. Horrible’s Sing-Along Blog for free on Hulu.

Once you apply, you are welcome to add a link to your video application in the comments of this post. Techafina will be proud to help promote your application!

Remember… “make the Bad Horse gleeful, or he’ll make you his mare!”

Thousands of people are under the misconception that the Holiday Season begins with  Halloween. Of course, those same people may be baffled when their family, friends, and colleagues color their speech with odd sayings on September 19th every year.

Today, I’m going to set the record straight regarding the REAL kickoff to the Holiday Season, as well as make sure YOU are ready to celebrate like true pirates!

To begin with the beginning, a history lesson is in order. If you have never heard of Talk Like a Pirate Day, the quick back story is this: two dudes slipped into pirate lingo one day and decided there was a need for worldwide holiday to enjoy such endeavors. Thus, a new holiday was born (all with a little a help from Dave Barry). If you’d the more detailed version, feel free to take a moment and learn how it all began. Of course, come back here to learn how to properly celebrate this auspicious holiday!

Now, how to celebrate! Be sure you are up to speed on all your pirate lingo. At the very least throw around an Arr or Avast and absolutely an Amatey! And don’t forget about Heave Ho, Jolly Roger (the pirate’s flag) and  Shiver me timbers! If you want to see the Pirate Guys (Cap’n Slappy and Ol’ Chumbucket) show you an example, just head on over to YouTube.  Another great resource is the wikiHow article “How to Talk Like a Pirate,” complete with vocabulary usage and video (that eerily reminds me of a 1960’s Driver’s Ed video – but I think that’s the point).  And, last but not least, know what NOT to say on Talk Like a Pirate Day…

I think that about covers it! Hopefully now you can be well prepared to properly celebrate Talk Like a Pirate Day in all it’s glory this Friday, September 19th, 2008!

P.S. By doing your part to increase pirate activity, you are helping to decrease global warming! To learn more about this matter, check out The Gospel of the Flying Spaghetti Monster from Amazon.

P.P.S. Techafina takes no stance in the Pirates vs. Ninjas conflict and will give equal press time to Stalk Like a Ninja Day on December 5th.

Photo credit: http://www.talklikeapirate.com

There are many reasons people start a blog; to share information, teach, have a voice in the community, provide a sounding board for feedback, journal, you name it – the reasons are endless.

Regardless of WHY you blog, one very important underlying goal that you may not be aware of, is to continue to improve as a blogger. That need is there every time you check your traffic statistics, ask for feedback to a particular post, or consider changing the elements that are present on your blog. In the back of your mind you are wondering if change is good, will it help bring readers, anger loyal readers, deter people from staying long enough to read, or worse yet – will it prevent comments.

It’s important to stay in touch with the vibe of the blogging community, know what people are looking for in a blog, and, how to deliver it.

To stay in the blogging loop, I subscribe to more sites than I can possibly keep up with, but that works to remind me that my goal is never-ending. So instead of a Weekly Review of on goings around the ‘Net from this past week, here are some of the tools from my blogging toolbox.

1. Daily Blog Tips – http://www.dailyblogtips.com/
2. Copyblogger – http://www.copyblogger.com/
3. Personal Branding Blog – http://personalbrandingblog.wordpress.com/
4. ProBlogger – http://www.problogger.net
5. Smashing Magazine – http://www.smashingmagazine.com/
6. ConverStations – http://www.converstations.com/
7. the Blog Herald – http://www.blogherald.com/
8. LifeHacker – http://lifehacker.com/
9. stock.xchng – http://www.sxc.hu/ (free stock photography – just remember to attribute the photographer)
10. Flickr – http://flickr.com/search/advanced/ use the Advanced Search to find pictures with the Creative Commons license so you can use them for free (with attribution to the photographer)

And don’t forget your Blogger Punch List! Just like you need to change your light bulbs, replace batteries, and check your air filters – don’t forget your Blog needs routine maintenance too!

Do you subscribe to your own RSS feed so you see what your feed readers see? Does the “Subscribe Now!” link work? Better yet, pretend to view your site for the very first time – what do you see? Does anything need to change? Can you leave a comment on your latest article? Can a reader contact you?

Create your own punch list and make sure you go through the list on a regular basis.

Image Credits: Pencil Cup by JakeTse and To Do List by Stompy

By David Rosen

Here at last, is the final installment in our 3 part discussion of OpenID. In Part 1 we answered the question, “What is OpenID?” In Part 2 we looked at the benefits and risks that come with using OpenID. Today in Part 3, we’re going to finish our discussion of OpenID by taking a closer look at one of it’s greatest vulnerabilities. Phishing.

Before we delve into how Phishing applies to OpenID, let’s first take a look at a traditional Phishing example:

You check your email and find a (phony) email saying, “Your credit card will be closed unless you log in now to verify our records!!!! Click here to log in and verify your account now!” The phony email very helpfully presents a hyperlink to take you (supposedly) to your Credit Card Company’s website. In actuality, the link takes you a phony site which LOOKS just like your normal Credit Card login page but with one minor difference: the URL bar has the wrong address. If you fail to notice this one difference, then upon entering your username and password, the phisher will now have full access to your Credit Card account.

There are a few key hurdles the phisher has to overcome in order for this attack to be successful:

1. The email has to be convincing enough to get your attention, but not so over-the-top as to appear phony.
2. You have to actually click the link provided in the email.
3. The phishers have to guess which Credit Card Company login page to mimic (American Express looks different than Visa, etc).
4. The URL must be good enough to fool you. It must either be similar to the real thing, hidden, or obscured.

If, at any one of these steps, you get suspicious enough to not enter your username and password, then the phisher loses.

OpenID makes this process far easier, for the phisher, by completely eliminating the first 3 of these obstacles. How can this be? Take a look at the following OpenID phishing example:

While researching woodworking, you find a nice set of plans for a workbench at www.EvilWoodWorkers.com. The plans are free to download once you create a login for the site. Luckily, they accept OpenID logins, so you won’t have to waste a bunch of time filling stuff in. You click login and then follow the instructions to enter your OpenID URL. Unbeknown to you, instead of redirecting you to your OpenID login page, EvilWoodWorkers.com simply follows the URL, and copies your login page, on the fly, to their own phishing server, which happens to have a long, unpronounceable URL. This server logs everything you type to a handy, searchable Database (based on EvilSQL 2.0). You, however, simply find yourself staring at an exact replica of your normal login page that you’ve seen a thousand times, aside from the URL. And instead of looking at that long and unpronounceable URL, your eyes gravitate to the slowly blinking cursor which is waiting patiently for you type in your username and password. The muscle memory in your fingers takes care of typing out the login details. You hit enter. You download your Work Bench Plans for free. A week later, you log back in and leave a comment thanking EvilWoodWorkers.com for the nicely done PDF.

Alas, the fly in the sauce here, is that the Phisher’s Database now contains your OpenID URL, your OpenID Username, and your OpenID password. They have obtained, with elegance and style, the keys to your castle.

Everything that you use OpenID for now belongs to the Phisher.

How can this be? Why? The key point of failure in the above OpenID example is the redirection process. Normally (without OpenID), when you log in to a website, say Visa.com, you enter your username and password on a page hosted somewhere on that company’s domain. If you went to log in to Visa.com, and it redirected to you to some other website, with a totally different design, a different URL, and a different name, then you would be pretty darn suspicious that something phishy was going on. However, with OpenID, being redirected like that is simply business as usual. OpenID trusts the 3rd party site (Visa.com in this case) to redirect you to your OpenID provider’s log in page. That trust is the key flaw which upon which phishers will prey. The fact that you have to trust a criminal with part of the log in process is what causes this to be such a catastrophic vulnerability in OpenID.

Obviously, not every site is run by thieves. The real downside here is how do you know which is which? Since OpenID uses the same log in info everywhere, if the 99th site you log in to hits you with a successful phishing attack, then every previous (and future) site is now compromised as well.

OpenID is not without benefits, though. As we discussed previously, OpenID can potentially streamline and simplify the log in and sign up processes at supported websites. The potential conveniences it offers are definitely attractive.

Would I use OpenID? Sure. Given a couple caveats:

1. I only intended to use OpenID at low value sites
2. I only use https OpenID URL’s in order to minimize the risk of phishing
3. I only use OpenID at sites with which I already have a trust relationship

OpenID stands to improve considerably as it progresses. Perhaps the best part about OpenID is that it’s Open Source. It’s development is shaped and directed by the community which uses it.

The bottom line:
If you’re an early adopter who like to play with new toys and you have a good eye for security issues (or a extremely high risk tolerance), then OpenID is a great playground.

If you are just looking to make your online life easier and more streamlined, then stay away from OpenID for now. It’s not ready for prime time yet, and even though it seems like we’ve talked about some nasty looking flaws, there are likely even more problems yet to be uncovered.

Remember that horrible writer’s strike that the Writer’s Guild subjected us all to? Of course you do! If you watched any regular programming during last year’s television season, your shows were disrupted and TV pretty much came to a standstill.

During that awful time, a group of very creative guys (the Whedon brothers) wrote a comical  musical for Internet distribution only. The idea was to entertain, provide something of worth for those of us starving for new content, and simply crack a joke or two. This musical was available for free to watch streaming from the web site for several weeks and is now available on iTunes for a mere $1.99 per episode or $4.99 for the season pass to all three.

What am I talking about? Why, Dr. Horrible’s Sing-Along Blog of course! I know, I know, this isn’t “new” – but did YOU already know about it? If not, you’ve got to do yourself a favor and take 43 minutes to enjoy this wonderful creation. You’ll find yourself humming the tunes, and later, reaching to watch it again and again. Catchy, it is. And hey, if you’ve already seen it, isn’t it time to watch it again?