Support My Idea

Mac users this week received Apple’s first automated security update, which was released to defend against newly identified bugs that could allow hackers remote access.

According to Reuters, the tech giant launched the updated on Monday to fix “critical security vulnerabilities” in OS X’s network time protocol (NTP), which is used for syncing computer clocks.

The flaws were revealed last week by the Department of Homeland Security and the Carnegie Mellon University Software Engineering Institute—the latter of which identified a number of potentially affected vendors, including FreeBSD Project, NTP Project, OmniTI, and Watchguard Technologies, Inc.

A number of versions of the NTP Project “allow attackers to overflow several buffers in a way that may allow malicious code to be executed,” the Carnegie Mellon/DHS security bulletin said.
Apple, AT&T, Alcatel, Belkin, and a handful of others are currently listed as “unknown.” But Cupertino has applied an update, which an Apple spokesman told Reuters is “seamless,” and “doesn’t even require a restart.”

The company’s typical security patches come through Apple’s regular software update system, and often require users to move through a series of steps before installing. This week’s update, however, marks Cupertino’s first implementation of its automated system, despite having introduced the function two years ago, Reuters said.

Apple did not immediately respond to PCMag’s request for comment, but told Reuters it has not identified any cases in which the vulnerability was exploited by hackers.

Earlier this year, Apple fixed the “gotofail” SSL security hole, which had been fixed in its mobile iOS devices only a week before. Few details were revealed about the flaw, which experts said hackers could use to launch man-in-the-middle attacks to intercept messages passed from a user’s device to sites like Google, Facebook, and online banking.

PCMag

As I’m trying to become more familiar with Flux, I found some bad tutorials (extremely complicated, not easy to follow, and even when I got through it, I still didn’t have a clue the difference between a dispatcher and a store).  But luckily, I then found a pretty simple and concise tutorial that did a great job of walking me through a Flux app.  I’m still not exactly sold on Flux and how/when to use it.  Perhaps for extremely complicated apps, it makes a lot of sense, but for a lot of the simple prototypes and feature apps I like to do, React by itself works just fine without any of the complicated overhead of Flux.  Well, without any further delay, here’s the tutorial, I hope you find it as useful as I did:

Creating a Simple Shopping Cart with React.js and Flux

I’m hoping to now build my own app with Flux to I can try to solidify what I learned, so hopefully the next post will include a quick example of a Flux/React app.  Good luck and enjoy the rest of the weekend.

So a bunch of news outlets have been reporting that Facebook stopped showing Bing search results and the following things popped into my head:

1. Facebook has realized what the rest of the Internet has known for years and decided to stop showing inferior search results
2. Do people actually use Facebook to search for things besides people that they want to dig dirt on or funny cat videos they remember seeing previously?
3. When will I start seeing ads in the search results – sponsored search results 🙂

In either case, not really note-worthy and definitely not front-page news, but I guess tech news has been slow lately. And of course, I’m just perpetuating the focus on such un-note-worthy news by publishing this, but at least I don’t consider myself a journalist.

And on the brighter side of things, I’ll be looking into Flux soon, so hopefully I’ll have a write-up on my feelings about it.

Like most people, I saw the announcement for Docker Machine and decided that I’ve been reading about Docker long enough, I should really take a look at it.  And Docker Machine sounded like a dream come true, so I decided why not give it a try since it sounded so easy.  So I followed the instructions and downloaded the packages I needed and tried to create my first “dev” machine, unfortunately, I did not get a nice happy Docker Machine ready for use – instead I got the following output:

INFO[0000] Downloading boot2docker...
INFO[0006] Creating SSH key...
INFO[0006] Creating VirtualBox VM...
INFO[0012] Starting VirtualBox VM...
INFO[0012] Waiting for VM to start...
FATA[0043] open /Users/me/.docker/public-key.json: no such file or directory

And apparently, I’m not the first person to report this as there is already a GIT issue for it:

Add instruction to create the public key

So that makes a lot of sense now. So I tried running the command suggested:

./docker-1.3.1-dev-identity-auth

But I get a message about not specifying a command for the call to “docker”.  Luckily, it apparently created the public key and now when I try to create a new machine, I get the following:

INFO[0000] Downloading boot2docker...
INFO[0010] Creating SSH key...
INFO[0011] Creating VirtualBox VM...
INFO[0016] Starting VirtualBox VM...
INFO[0017] Waiting for VM to start...
INFO[0048] "dev" has been created and is now the active machine. To point Docker at this machine, run: export DOCKER_HOST=$(machine url) DOCKER_AUTH=identity

Victory is mine! Okay, hope this helps someone and I hope I get to find some time to continue playing around with Docker.  I’m also hoping to get a site up and running on Digital Ocean sooner rather than later as well.  Then I can try this whole container portability thing and see what all the hype is about.  Stay tuned.

So it’s been a while since I’ve posted, so I figured it’s time to get back on the wagon and post more random content to the web (because we know that’s what the web needs).  Anyways, nothing too interesting to post other than my continued use of React in my side projects.  Hopefully, I’ll actually make one of them presentable enough to share soon.  So besides React, I find myself typically setting up Flask on Heroku and making REST API’s pulling/writing data from MongoDB.  And I’m also spending a lot of time setting up Mocha/Chai to do integration tests using Selenium and Sauce Labs.  So a pretty busy time and getting to use new technologies as well as leverage some that I’ve been using for a while.

Anyways, hopefully the first of a series of posts, but we’ll see how much time I can make.  As always, you can follow me on Twitter.

So some might think this is bad news and is going to hurt the launch of the Moto 360, but I’m personally glad that Best Buy leaked this information.  The best part is that the watch has a price of $250 which I think is pretty reasonable.  I think there were predictions of this watch costing $349 which I think was way too high.  And I think everyone who has been waiting for the Moto 360 to be released loved hearing this news and seeing the preliminary specs on the device (nothing new or note-worthy, but definitely nice to know).  So now we’ll get the official announcement on Sept 4 and hopefully be able to go pick one up at the store shortly afterwards.  Again, this doesn’t ruin anything for me and makes me anxious for Sept 4 to arrive.  In fact, now that Best Buy has announced the device, I’m pretty sure I’ll be going to Best Buy to pick mine up.  Perhaps a marketing snafu on Best Buy’s part, or maybe a genius marketing move that will help drive sales for the retailer.

I don’t think I’ve done a car post before, but when I saw these shots, I felt compelled to do so.  I know this isn’t a real car that you can go purchase and even if it was, I don’t think I was be able to afford one, but it’s so stunning, it definitely needs to be admired.  I don’t think there’s much known about this concept car or even a likelihood of it actually being built.  The first concept was seen in sexy red at the 2014 Detroit Motor Show and quickly compared to the Supra.  The FT, which stands for Future Toyota, has been re-done in a much more subdued, but extremely elegant, grey for the Pebble Beach show.  Apparently Toyota doesn’t typically produce two versions of their concept cars, so this is a rarity and bodes well for this actually going to production.  Anyways, enough talking… enjoy the shots.

This is a useful tip if you have to do any type of mobile web testing for iOS Safari and you either don’t have an iPhone/iPod Touch or you don’t feel like plugging it in and setting things up.  As long as you have Xcode installed, you can simply open a terminal and run the following command:

MACBOOK:~ user$ open -a iPhone\ Simulator

This should launch the last simulator you had running.  If you need to run a different version of iOS or switch to a different device profile, you can do that once the simulator has started.  Hopefully this works for you – you can even create a shortcut and put it on your desktop or in the dock if you find yourself running this command often.

Google will soon ship an upgraded version of Google Glass with 2GB of RAM, angering early members of its Glass Explorer Program stuck with the older model.Google Glass currently comes with 1GB of RAM, but to improve performance Google will begin shipping a new version with 2GB of RAM, it said in a post to Google Plus.

The announcement angered some existing Glass owners. Some demanded a free upgrade to the 2GB version in comments on the posting. Others said they would be willing to pay a small fee for an upgrade, while one acknowledged that if further hardware updates were planned, it wouldn’t make sense for Google to upgrade all users each time. “Getting a final consumer version would be swell though,” he added.

Google does not plan to upgrade existing users’ devices, it said.

“Throughout our open beta program, you can expect to see us make changes here and there. We won’t be swapping devices, but you’ll continue to see improvements with our software updates,” a Google representative said in a comment on the posting.

The company does replace broken or defective Google Glass devices, however, prompting Google Plus user Jake Weisz to identify a loophole in the no-upgrades policy. “If defective Glass units get free upgrades to 2GB, you will see a lot of ‘defective’ models this month,” he wrote.

In May, Google broadened its Explorer Program, making Glass available in the U.S. to anyone over 18 years old for US$1,500. Before that, users who wanted to buy Glass required an invitation from Google. On Monday it extended the offer to U.K. residents over 18, who can purchase Glass for £1,000 (roughly US$1,700).

Google is upgrading the Glass software as well as the hardware. It is adding an easier way to frame shots for photos, with the addition of L-shaped corners bracketing the image in the viewfinder screen, and adding two new Google Now cards, one to remind users where they parked their car and another to let them know when packages are arriving.

The company also announced 12 new Glassware apps from partners, including Shazam, a music recognition app that can be triggered with the words “OK Glass, recognize this song,” and 94Fifty Basketball, a training aid that works with a sensor-equipped basketball to offer feedback after each shot.

Google’s announcements arrived just before the start of its annual I/O developers conference in San Francisco, which kicks off Wednesday. The company will lead sessions on how to build new types of software for Glass during the conference.

Google is also expected to unveil a small TV set-top box resembling the Apple TV and Amazon’s Fire TV at the event, the Wall Street Journal reported on Wednesday. Citing two people who have seen the device, the newspaper said the device will not be sold under the Google brand but will be powered by the Android TV software that Google developed to play games, movies and other content on TVs. Users will be able to control the box with their Android phones and tablets and maybe with other devices, the report said.

PCWorld