SkratchBoard

US takes a step forward; Canada takes one back

Today, I woke up to the great news that the Obama administration has announced Startup America, an initiative to spur innovation and entrepreneurship. This includes a $1 billion early-stage innovation fund for high growth startups, expanding entrepreneurship education and incubation programs, and collaboration with the private sectors. With these commitments and changes, one of the most startup friendly country in the world, and it makes good on Obama's promise to invest in technology and entrepreneurship. You can read more about Techcrunch's report here.

Sadly, across the border, my home country is taking a big step backwards by approving metered Internet. Starting in March 31, large telecoms such as BCE can impose metered Internet to smaller ISPs, who in turn will need to pass the extra cost to their customers. It remains to be seen whether the large telecoms themselves will impose metered Internet with a smaller cap. This is not good for online usage, especially in an age where video streaming is commonplace. Netflix had just started their operations a few months ago in Canada. If metered Internet usage becomes commonplace, it will increase the cost of Internet access for consumers, stifle innovation, and slow down technological growth. Internet usage is like the lifeblood of technology. Charging more for it will slow down overall blood flow of the system and dramatically slow growth.

Please join me in signing this petition to stop metering Internet use at http://openmedia.ca/meter.

How to safely login on Facebook/Twitter over public WiFi

Even non-techie folks are aware of the huge security issue in accessing popular social networking sites like Facebook and Twitter over public WiFi networks these days. How do I know? Because my wife is a non-techie, and she is concerned :) Let me try to explain what the issue is in the most non-techie way possible and offer you a solution.

Problem

The problem here is when you use a site like Facebook, over an unsecured WiFi network, the authentication token (which identifies to Facebook that its you) is transmitted in clear text. How do you know if you are on an unsecured WiFi network? Unfortunately, most public WiFi networks are unsecured today to make it easier for users to connect. If you just have to click a check box and say I agree to connect, it's an unsecured WiFi network. Actually, both Windows and OS X warn you before connecting to unsecured WiFi, but most people just ignore the warning. Encrypted WiFi networks require you to type in passwords, which is commonly found in people's homes.

Ok, so what's the big deal if things are transmitted in clear text? The guy sitting next to you at the coffee shop could be running a tool like Firesheep to *very easily* steal your auth token and log into Facebook or Twitter as you. Trust me, it's *really easy*. This problem does not only affect Facebook and Twitter, and you should avoid logging into any website over unsecured WiFi network if the web address does not start with HTTPS. HTTPS web sites use what's called SSL or Secure Socket Layer to encrypt traffic between you and the server, but HTTP web sites don't. Both Gmail and Hotmail use HTTPS by default, so you are safe with those services.

Now, this situation is not only bad for you, it's also bad for me. I like to work at coffee shops and my work involve working with sites like Facebook. While I like working at coffee shops, I don't like it enough to hand out my Facebook authentication token to strangers. What to do?

Solution

The easiest way for you to safely login to Facebook over public WiFi is to use a browser extension that forces the use of HTTPS on Facebook. Facebook actually supports HTTPS, but it's just not persistent. You can try it for yourself. Go to https://www.facebook.com/. You can log in, but the problem is right after you click something, it will go back to the non-https version. By using a browser extension like Use HTTPS for Google Chrome or HTTPS Everywhere for Firefox. After you install one of these extensions, you can try going to https://www.facebook.com. Now you will notice that as you use the site and click on links, the HTTPS remains on the address bar.

To be clear, the browser extension won't help you with any website. It just happens that both Facebook and Twitter have HTTPS versions of their websites but they haven't enabled HTTPS persistence. The two browser extensions above force the connection to use HTTPS.

Now you can have peace of mind when using Facebook in the public.

Gotchas with Windows Azure

I have been developing my app on my local machine. The app is still far from complete, but I think the time has come to try deploying it on Azure just to go through the motion and identify potential problems. I have done this once in the past with a previous application (Buddywishes.com), and it went smoothly. So I wasn't expecting any problems.

But this time around, the experience was anything but smooth. I started trying to deploy last night, and I only got it working about 10 minutes ago (obviously I didn't work from 10 pm to 3 pm non-stop; I do sleep). The problem I was hitting is that the deployment get stuck in this busy/restarting loop forever. Searching through the web, it's apparently a very common problem, and many people have come up with "check lists" to resolve the problem. Here are some that I came across:

• http://blogs.staykov.net/2009/12/windows-azure-role-stuck-in.html
• http://blogs.staykov.net/2009/12/another-common-reason-for-windows-azure.html
• http://blogs.staykov.net/2010/07/windows-azure-web-role-deployment.html
• http://msdn.microsoft.com/en-us/library/gg277962.aspx
• http://blog.toddysm.com/2010/01/windows-azure-deployment-stuck-in-initializing-busy-stopping-why.html

The most common things mentioned were making sure the DiagnosticsConnectionString for the web role project is not using the default and should be using your own account credentials. The second most common thing pointed out was to make sure referenced assemblies that are not in core .NET FX have the Copy To Local property set to True. I checked everything on the check lists and I was still getting no luck, and I felt like I was completely in the dark as I was just brute forcing. Then I came across Jim Nakashima's blog entry about using IntelliTrace to debug Windows Azure. Unfortunately, it didn't work for me as I couldn't even get the log files for some reason.

After a couple more hours of brute force debugging and researching, I noticed that my web project is missing the WebRole.cs. Interestingly, none of the check lists above mention this as a problem, so I wanted to highlight it here to save someone's time in case others are running into it. My web project was also missing several references that I noticed a plain vanilla MVC2 project created via a new cloud project would have. Specifically, I manually added back:

• Microsoft.WindowsAzure.Diagnostics
• Microsoft.WindowsAzure.ServiceRuntime
• Microsoft.WindowsAzure.StorageClient

After I added WebRole.cs to my project (copied from vanilla project) and the above references, I was tried deploying to the cloud instead. This time, I was at least able to use IntelliTrace to get the logs and saw that it was throwing exception because it could not find System.Web.Mvc.dll. That's an easy fix: just set this reference's Copy To Local property = True. I deployed again, and everything worked.

Hope this helps someone out there...

- James

I'm back! SkratchBoard.com is alive!

What a remarkable day today! Some of you may know that I used to blog quite frequently on SkratchBoard.com about mobile gadgets. About 4 months ago, however, my domain got taken over a cybersquatting company called Demand Domains.

I am happy that I finally got my domain back today! The folks at Demand Domains were at least nice enough to give me back my domain when I explained to them that I own the common law rights to the SkratchBoard.com mark. I had registered an LLC with the same name a while ago, and I have been publishing things under that name. They were very understanding, and cooperated in transferring my domain back to me.

Instead of putting my old blog back up, I have decided to move my Posterous blog here. SkratchBoard is no longer going to be about mobile devices. I am going to use this space more as a personal blog moving forward.

Will I be writing this in a year?

Today, I stumbled upon a nice article on Seattle 2.0 from Aaron Franklin. The article resonated with me in particular since I just left Microsoft. I can already identify with a couple of things he mentioned, and I agree with his perspective on growth. In some sense, growing is the most important for me as I embark on my first year as an entrepreneur. I resolve to work hard and to create something of value, and ultimately it will be judged by the market. But I also believe there are factors in success that are beyond my control, yet I think growing is completely determined by me alone.

Hopefully in a year, I will have lots of learnings and growth to share.