So as promised I’ve released a major update to Talk.org. See here for the full Talk.org release announcement
The main new feature is optional user registration. I have used Technoweenie’s Acts_as_Authenticated. Since I use page caching I’ve had to resort to some tricks to provide the user account features. So what I do is I call an action which has a rjs template, which enables the user specific features.
Wow it looks like the Nokia N80 is shipping at expansys. It is still pretty expensive at £600, but this is no doubt the coolest phone to come out in a while with Wifi, UTMS and Quad band. Skype is supposed to be supported on it as well soon.
I am now officially launching TimeCert which is a trusted third party service for proving the existence of a file, object or document at a certain time.
Lets say your application managed confidential documents or emails. You could use TimeCert for maintaining a proof that a document or email existed at a certain time. As this timestamp is generated outside your own server, it is evidence that you did not manipulate say a contract after the timestamp. It would also be pretty easy for someone to add timestamping to their blog software.
You could also use it to timestamp a sourcefile to help out with Intellectual Property issues.
Basically TimeCert receives queries based on a SHA1 digest of an object. The first time it receives a query it creates a small record in a database with a timestamp.
If you are not familiar with SHA1 digests, it takes any binary object and creates a tiny 20 byte “fingerprint” (all though TimeCert uses the 40 byte hex encoded variety), which uniquely identifies it. This is relatively secure cryptographically speaking even though it is not as secure now as it was before. However for most applications it should be secure enough.
TimeCert is not really intended as a end user application, but more as a third party service for existing applications to hook into.
Have a go at it your self. Go to the TimeCert Interactive Digest Generator to create and timestamp your own test data. This is really for testing purposes only, but I do not store the raw data you post.
This generator could potentially be very CPU intensive under high loads, so I might disable it if it’s abused.
It uses a standard REST style API where you create a HTTP GET to:
Where DIGEST is a 40 byte hex encoded SHA1 digest that your own application generates. The reason why your own application should generate this is that this way you can actually maintain the object itself private from me. The only thing you make public is the digest.
I have a Ruby class which will call the service and will publish a Java one ASAP. As soon as my RubyForge project is up I will post them. If you want to write a client in any other language, just let me know.
The server is written in Ruby and uses the new Camping micro web framework and the Mongrel. The actual server OS is OpenBSD.
I will be releasing the extraordinarily simple application under GPL as well under the hope that other people will run similar services. As I think it best if there is at least a few other trusted third parties around.
This is an App I have wanted to do for a long time. My original plan for it was to use digital signatures, but I do not think there is any real need for this any more.
The service will always be free to use. I need something like this for my own applications, which is the real reason why I’ve created it. The nature of the application does not call for accounts free or commercial, so I can’t ever see that will happen.
So as some of you know, this blog used to live on the Talk.org domain. I recently launched a new fun project there (which you should all try out).
An unexpected consequence of this was that I was receiving an awful lot of incoming trackbacks and referrer spam that were getting 404 errors.
So, I decided it would be very easy to write a quick little trackback honeypot for harvesting the IP addresses of these Trackback spammers.
Basically I have a simple rails controller which intercepts all hits to my old Movable Type cgi directory. It then stores an entry containing information about the request in the database. I have a simple little algorithm to decide if it was actually spam or not. This I use to create a blacklist which I can feed directly into my firewall. At the moment I do this manually so I can monitor that it looks correct. It would be trivial however to do this in a cron job.
I might take it down again, but I have published the blacklist for you to use in your own firewall or anti spam measures.
Next job is to create a tarpit akin to OpenBSD’s amazing and hilarious Spamd.
You may or may not have tried my new taggable web forum system Talk.org. But I have always wanted a mobile interface.
Now I have got it mostly working with my own phone the Sony Ericsson K608i. I assume it works for most other newer Sony Ericsson models as well.
Cut you please do me a favor and see if you can first of all browse it easily from your phone and then if you can post a message to a conversation. This Mobile Talk conversation would be a good place for a start.
It is just uses xhtml and a super simple handheld css profile, so there was not a lot of extra work involved. I did find that at least on the Opera Mini it displayed the google ads I have on each conversation article. I have to figure out how to disable this for mobile use.
I used the following css for disabling most unnecessary stuff:
#sidebar {display:none}
#tags {display:block}
#menu {display:none}
#toofast {display:none}
#password_section {display:none}
#nick_field_link {display:none}
.count {display:none}