I used to back a fair number of Kickstarter projects and to me while it is disappointing to not get a reward delivered, it’s not the end of the world. I pledged to support an idea, a dream, with the hope of seeing it reach fruition. I’m more disappointed in seeing those dreams fail than I am in not getting a shiny trinket that will most likely end up on my shelf within a few months.

When a project misses their initial deadline, I don’t mind. They always do. Seriously. On average each project I backed that ended up delivering a reward was 8 months and 11 days behind schedule. Six projects have yet to deliver years later, including the first project I ever backed. Two of the projects have come forward and explained that they have failed and will not be delivering rewards. Two more have admitted to running out of money and claim to be pursuing additional sources of funding. When backers start flipping out a few weeks to a couple months after the estimated ship date comes and goes I can’t help but laugh. Lighten up. If you wanted something in time for Christmas, go to Amazon and order it, if you wanted ownership in a company, invest in the stock market. Calm down and take a deep breath, Internet, you’re embarrassing yourself.

If I had a nickel for every time I read a comment threatening a class action lawsuit in retaliation to a product being delayed I would have mountains of cash to invest in more Kickstarter projects. Kickstarter is no longer this obscure platform, it’s a household name, but there still seems to be a huge amount of misconception as to what exactly you’re doing when you pledge to support a project. You’re not pre-ordering a product (to be fair, some projects are to blame for this misconception since they do use wording like pre-order), you’re offering up funding to help someone hopefully reach their goal of producing a product and as a reward for believing in them you might get a t-shirt or a copy of the book they’re writing, etc. While I believe (and Kickstarter’s own guidelines support this) that the creators should make every possible effort to deliver those rewards I do not believe the angry mob of the internet is justified in trying to ruin those creators lives who bit off more than they could chew.

To me, Kickstarter is a platform to inspire creativity and offer a non-traditional solution to those dreamers out there who don’t fit the venture capital mold, or aren’t business loan material. They’re taking a risk putting themselves out there, we’re sharing in that risk believing in them. This piece is not intended to present a bulletproof argument against every situation, just convey one nerd’s opinion on the matter. You are entitled to disagree and I’d love to hear your thoughts on the matter either way.

I first heard about the WIMM One last year, shortly after the announcement of the then vaporware “I’m Watch” (although, as of the time I’m writing this I don’t know a single person who has received their pre-order unit…), and I thought it looked like a great product, despite the fact that the fit and finish of the I’m Watch looked nicer. Plus, you could actually order one! And at $199 (available now through Amazon) how could you pass up living in the future?

I’d like to note that I haven’t worn a watch in at least three years, since I always have my cell phone on me. This little gadget changed that though, now I don’t leave home without it.

The Good

Apps. You can’t bill this as the WIMM’s most compelling feature, since their “Mirco App Store” how has about 30 apps in it. However, I’m still counting it as a plus, since this is after all a developer preview that’s designed to inspire people to build apps for it. And also, my old Casio watch didn’t have any “apps”.

Near silent OTA updates. I’d had my watch for about a week when I saw the folks at WIMM tweet about a new firmware, I went to check for the update on my watch and it had already downloaded and installed. Never skipped a beat.

LCD. The screen on this unit is surprisingly easy to read even with the backlight off (in most conditions), and in direct sunlight it (backlight on) it still worked well.

Call/text notifications. The best thing about this unit is the Bluetooth pairing to your smart phone. With an iPhone, currently you only get call notifications, but it displays the caller ID and optionally vibrates, beeps, or both to alert you of a call. With the companion app for Android, you can not only get call notifications, but read your text messages as well.

Calendar app. Using the developer website, you can add either an Exchange Calendar, or Google Calendar to your watch. Notifications of upcoming events will then popup on your watch, also depending on which watch face you use, you can preview upcoming events without having to load the calendar app.

Weather app. I know, I know, it’s just a weather app. But it actually displays the current temp on the app icon, something that Apple has yet to grace us iPhone users with.

The So-So

The touchscreen takes a bit of getting used to, mostly because of lag issues. Often the WIMM One doesn’t register my initial swipe, or it misinterprets a single tap for a double tap. This isn’t an iPhone quality touch experience by any means, but the performance has been optimized slightly through software updates, so I’m holding out hope that the final release will work better.

Battery life. There are days where I get a solid twenty hours of battery life, but the more regular occurrence is I get closer to eight hours. WIMM does say that if you experience poor battery life, you should disable third party apps and then reenable them one by one until you pinpoint which app is killing your battery. Honestly though, 8hrs gets me through the work day at least.

The Bad

Size. It’s a bit chunky, and took some getting used to for my tiny nerd wrists.

Disabled GPS chip. Apparently the unit ships with a GPS chip, but it’s currently disabled due to “performance issues”.

Device management. This isn’t that big of an issue, especially once you get the device setup to your liking. Currently there are certain settings that can only be configured through their website and then have to be synced back down to the watch.

The Bottomline

It’s a sweet, albeit nerdy accessory. Sure both you and I could live without this device, but if you’re half as gadget obsessed as I am you’ll pick one of these up.

Doing what any good nerd would do, I took to Google and found nothing but many other people wondering similar things.

One such person suggested I try this item: Audio Extension Cable for iPhone and claimed that it worked perfectly with their Square Reader. Despite having only a one-star rating, I put my faith in this random internet stranger and ordered one. It arrived quickly enough, only to be promptly added to my box of random cables I will probably never use. As you might’ve guessed it didn’t work.
At this point I’m getting rather annoyed, but being the rather passive aggressive person I am, I settle for tweeting asking if anyone else had found a solution. Square replied to one of my followers, but not directly to me, with the following statement…

The reader must be plugged into the headphone jack in order to work. Let us know if you have additional questions.
-SqSupport 

Hmm… Challenge accepted! (Side note: Much like a spoiled child if someone tells me no, I want it all the more)

Undaunted by my previous brush with one-star rated items, I ordered up this little piece of crap pair of headphones: Macally TunePal Stereo Hands-Free Headset and Audio Splitter for iPhone and iPod My logic being that if it supported the audio pass-through for volume controls and a mic that it should work with Square’s card reader. And moments ago, the Macally TunePal arrived, I hurriedly unpacked it and then promptly discarded the headphones only saving the audio splitter, plugged it into my iPhone 4S and then attached the Square Reader…
Success!!

Despite being incredibly short and adding a second unneeded headphone jack, I got what I wanted. Bonus, it turned out to be just long enough to work for my point-of-sale setup.

So dear internet, if you happen to be searching fruitlessly for a method to extend your Square credit card reader, I hope you stumble upon this post before spending too much of your hard earned latte money on various cables that may or may not work. But by all means, if you find another cable that works please share it in the comments!

The real reason I bought it was because I happen to enjoy a lovely book while suffering from near debilitating insomnia (okay, it’s actually quite minor these days), however, my wife does not enjoy the bedside lamp required for me to do so with my Kindle (so very nostalgic, just like a real book). Being the complete and utter tool I am I skipped the cheap clip-on light and I ordered Amazon’s own solution for the problem.

The Good:
Kindle snaps in and fits very snugly in the case. Page buttons are easily accessible.

The light is powered off the Kindle’s battery, so you only need to charge one device. Plus no added bulk.

It does a great job of lighting the entire page (one would assume this to be true, but I was pleasantly surprised nonetheless).

The Bad:

The quality of the leather is so-so, the very first thing I thought of was the cheap leather briefcase my father used to carry around. It also seems to be sadly lacking in the durability department.

Front flap feels rather flimsy.

Call me crazy, but when I purchase a case for a product I tend to want something that protects the screen, and while the Amazon case does have a front flap, it doesn’t offer a magnetic clasp, elastic band, or even a friction based mechanism for securing the flap closed.  The $29 Marware case I bought for my Kindle Fire even has that.

The Bottom Line

This is a great case despite being $60. And in all fairness, the price isn’t that outrageous. I wanted a light and I needed a case either way, so when comparing this to $20 for a clip-on light and $20 for a case it doesn’t seem that crazy.

This is not a comeback. This is not a triumphant return to the internet with a string of brilliant posts. Nor is this the announcement of the phoenix like resurrection of Hijinks Inc.

No, this is merely the faint sound of our staff crying out from under the cascading waterfall of the real world. We’re still alive, we just don’t have the time or the mental capacity to balance our lives and posting regularly.

But maybe someday soon we’ll have a few spare moments during a layover at an airport, or an exceptionally boring meeting, to jot down a few thoughts.

Stay tuned.

It’s an absolutely fantastic device and very easy to use. The really nice thing about the Ooma Telo is that it comes with a whole new phone number, so setting it up is as simple as adding that number to your Google Voice account. Ooma also offers some additional nifty features like Instant Second Line, Multi-ring, and Call Blocking for a monthly subscription of $9.99. A 60-day free trial of Ooma Premier is included with the Telo.

Alternatively, if you’re looking for something a little cheaper, you might consider the Obihai Obi110 ($49.99) or the Obi100 ($43.99), both are great solutions for integrating your existing phone handsets into Google Voice. These devices use the actual SIP calling function that was added to Google Talk/Gmail last year.

Let me break it down for you:

• Each morning at 5am my company website sends an updated list of products that we have in stock to Google Base to get listed in Google Shopping.  Google now knows what products my company likes to carry as well as how quickly we sell said products.
• My company uses Google Analytics, not only to track our corporate website, but our clients websites as well. Google now has access to very detailed information about how popular my websites are and  just who’s visiting them.
• The afore mentioned company also uses Google Places to attempt to draw in new business. This one isn’t that big of a deal, since it doesn’t really increase Google’s access to information about my company. I’m just trying to be thorough.
• Each of my sites generates a Google SiteMap.  Making it even easier for Google to catalog every little page on my websites, even some that I may have forgotten about.
• All my websites that run advertisements run Google AdSense. Now I rely on Google to get paid.
• I use Gmail for my personal email. Google gets to scan through my entire life and contextually provide ads to me. Yay?
• I also use Google Apps for my business. Which includes the occasional Google Doc upload of a spreadsheet or presentation. Potentially giving Google access to sensitive company information. As well as Google Calendar, which lets them know where I’ll be and when I’ll be there.
• Several of my ventures use Google Voice numbers for texting and calling. Google has access to an archive of my text messages and voicemails.
• When I subscribe to an RSS feed I do it through Google Reader, so that my RSS feed reader on my laptop, desktop, phone, and iPad all get the same feed. Guess what? Google gets some solid feedback on what kind of blogs/articles I read.
• If I record and upload a video it usually goes to YouTube, I also watch movie trailers and the like on YouTube. All the sudden Google knows whether or not I watched Rebecca Black’s “Friday” music video, and if so, if I watched the whole thing.
• I often use Google Maps to get directions. Now Google knows where I’m planning on visiting, which new restaurant I’m likely eating at, and where my Uncle Phil’s house is.
• Did I mention that I have an Android phone? Making it even easier for me to continue to use Google products in my day to day life. If I use the Barcode Scanner app to check the price of something, Google instantly knows what I’m out shopping for.
• And last, but not least, I use Google for 99% of my internet searches. If Google didn’t already know what things I’m interested in, they do now.
• Oh, and I use Google Chrome to do all my web browsing.

Don’t worry, there’s still more I can do to give away my life to Google. For example, I could start using Google Latitude, or start accepting Google Checkout on my company’s store, maybe use Picasa to start sharing family photos. Or actually update that Google Buzz account of mine… nah, that’ll never happen.

[Note: I’m sure I’m using even more Google services and not realizing it, so I may update this list at a later date]

Firefox has introduced something new in order to get more and more people to download and test Firefox 4 Beta, while at the same time bring in some support Knoxville Zoo. It is called firefoxlive.org and the main idea for this site is to show live videos of cute, little, fuzzy, adorable, beautiful, lovable, delightful, innocent, I-WANNA-SQUEEZE-THEM-SO-TIGHT fox cubs! Check it out for yourselves. If you don’t smile or feel those warm fuzzies inside then check for a pulse you heartless fiend.

The primary attack vector is on open WiFi hotspots, like those in coffee shops, airports, and other public places. This is not an exploit in Firefox or your operating system, but rather the problem of open WiFi and the website your connecting to. Firesheep does nothing new and can not be patched.  This can be done with any packet sniffing tool for your platform. What it does do is make it very easy for just about anyone to launch a Firesheep attack on an open WiFi hotspot.

Solutions
The ultimate solution to end all Firesheep attacks is the use of SSL on more than just login pages.  On most websites this is something that the the website must first make the internal changes and then the end user must implement with a setting change.  This is not ideal (as it should be on by default but its better than nothing). Facebook says they are evaluating implementing this.  The first major website that has made changes (Source) to protect its users from Firesheep is Microsoft with Hotmail and many of the other Live services. However this setting is not on by default; users must enable it in their settings.  I hope that with time all websites with private, or user data will make this change a default, like Google has done with Gmail.

Many web companies cite the increased cost in implementing full time SSL connections for their users.  While it is true that an SSL connection does increase the server load the difference is very small.  Google was really the first major Internet service to move a very large service to be encrypted with SSL by default for the entire session with Gmail. A Google engineer has talked about the cost of switching over to full SSL for all Gmail users in this blog post here http://techie-buzz.com/tech-news/google-switch-ssl-cost.html

“all of our users use HTTPS to secure their email between their browsers and Google, all the time. In order to do this we had to deploy no additional machines and no special hardware. On our production frontend machines, SSL/TLS accounts for less than 1% of the CPU load, less than 10KB of memory per connection and less than 2% of network overhead. Many people believe that SSL takes a lot of CPU time and we hope the above numbers (public for the first time) will help to dispel that.”

They concluded that there was not a significant increase in cost or server utilization by implementing this. That being said Google has a ton of servers and a lot of resources to work with so this may not be true for every website.  However the myths of the past that this would be an incredibly expensive process and not worth it are simply not true anymore.  Implementing SSL for the entire session (versus just at log-on now) is the only true solution to this problem.  Many websites say they are working on this now and plan to implement it.  This is a good thing.

Here are some solutions that you can do to prevent being a victim of a Firesheep attack.

Be aware of the network you are on.
Know that if you’re on a open hotspot that you’re vulnerable to attack.  It’s probably not the  best idea to be logging into sensitive websites, checking email, Facebook, paying bills, etc.  If you do need to do these things consider some of the options below.

Use a minimum of WPA encryption.
While everyone in their homes should be running a minimum of WPA (preferibly WPA2) many businesses and other public places offer free WiFi that is unencrypted.  Users need to put pressure on business owners and administrators to implement the WPA protocol to protect users.  WPA offers an individualy encrypted session between the user and the router by default.  This does not protect you 100% but protects you from local Firesheep attacks which are the main threat. Many businesses have in the past not wanted to do this because of not wanting to be asked thousands of times per day what the password is or dealing with any complications; however it must be done today because of this and other security risks.  Listening to Security Now podcast #273 they came up with a great solution: put the password in the SSID.  For example the SSID might be (Joe’s Coffee Free WiFi-Password = Joe) or something similar.  This would allow a user who is browsing for the free WiFi to see the password and be secure.  It was suggested that the best way to do this would be to demonstrate the attack to a shop owner; heck, maybe you would get a free drink out of it too.

Use SSL
Some websites that have the option to force SSL (Secured Socket Layer) through the entire session but do not have it turned on by default (Microsoft Hotmail for example) so enable it.  This can be enabled on the security tab of the settings page. Regardless of if you’re on an open or encrypted hotspot, SSL protects you and is the ultimate solution.

Sign Out
Signing out is something everyone should be doing anyways.  Since this tool exploits a session cookie, if you end your session, the cookie that the attacker may have caught becomes worthless.  It is also just the proper way to close a session and is a must on any public computer.

HTTPS Everywhere
HTTPS Everywhere is a plugin for Firefox that is produced by the Electronic Frontier Foundation (EFF) that forces encryption with many major websites.  The EFF is a foundation thats goal is to defend your digital rights. This includes Net Neutrality, privacy and security. Many websites support full HTTPS traffic but make it difficult to use.  HTTPS Everywhere makes this process nearly seamless for the websites it supports.  This is a project that is still in development but is stable and works well.  I have been using it for a few weeks now and noticed no ill effects.  It works on the following websites: Google Search, Wikipedia, Twitter, Facebook, bit.ly, GMX, WordPress.com Blogs, New York Times, Washington Post, Paypal, EFF, Tor, LXQuick, and others. You must install this plugin directly from the EFF’s website https://www.eff.org/https-everywhere as it is still in beta.  Once the plugin goes to a 1. release I expect to see it on Mozila’s plugin page as well.  I hope they will be coming out with a Chrome version soon as well.

Blacksheep
Is a Firefox addon that monitors for Firesheep activity on the network .  It does this by broadcasting fake credentials to sites that are know to be targeted by Firesheep and then when someone does try logging into these fake sites it alerts you with a drop down box in the browser.  It is little more than a notification and offers no real protection to your personal information.  You can download it here if you are interested http://www.zscaler.com/blacksheep.html

VPN
VPN’s offer secure tunnels back to a connection that you trust such as your home or office.  All traffic will flow through this connection so you avoid someone who might be spying on the open hotspot at the airport your on. They require some setup but are what enterprises use to securely connect users back to the office.  They work just as well for the average user as well.  There are many free and paid ways to do this so here are a free ways to do it.  OpenVPN Other options compiled by Lifehacker http://lifehacker.com/5487500/five-best-vpn-tools

In conclusion this is a big deal. Everyone should be aware of it as you travel this holiday season.  Often times travelers hunt out free WiFi connection anywhere they can.  Open WiFi is dangerous, it always has been but with Firesheep it becomes much easier for someone to exploit for nefarious reasons. To protect yourself, consider setting up a VPN connection to your home, if you must use open WiFi connections to check sensitive email or social media websites.

Other Sources not specifically listed in the article but used
http://www.grc.com/sn/sn-273.txt
http://techie-buzz.com/tech-news/google-switch-ssl-cost.html
http://codebutler.com/firesheep
http://www.slate.com/id/2275850/pagenum/all/

Here is a quick explanation provided by Google: “Google will make a donation to worldwide non-profits on behalf of the Chrome community, based on the number of tabs you open in Google Chrome between December 15-19. You’ll be supporting charitable causes, just by browsing the web.”

This is a great way to help the world with doing nothing more than you normally would. So go download it now!