Notes from Barcamp Auckland 2010

Barcamp Auckland is an annual gathering of developers, designers, start-ups and social-media types. It’s a full day event held in an ‘unconference’ like style, where the attendee (see my attendee & interested folks list on Twitter) set the schedule – and people turn up to discuss topics which interest them.

The following are the session notes I took during this years Auckland Barcamp

Continue reading “Notes from Barcamp Auckland 2010”

These *are* the Droids you’re looking for…

Hat tip to @VodaphoneNZ for re-igniting my interest in having another crack at the following post which I originally wrote for an internal publication for my employer. I’ve changed some of the phraseology,but the basic content – apart from the opening paragraph – remains pretty similar. Once again, these are my personal opinions and are presented as such.

Vodafone NZ Tweets about it's new Android lineup [24th June 2010]

If you are in any way connected to the mobile phone world, you would have heard of the Android phones, an increasing number of which are now starting to make their way into the New Zealand market. Vodafone have been quietly selling android phones since the middle of last year, and third party importers have been importing them in increasing numbers since around the same time. With the release today of ‘FroYo’ (Android 2.2), Vodafone NZ have come out with an impressive looking list of devices sporting the Android stack.

The disappointment for me being that, like other Telcos in the space, a number of the devices announced are running some fairly old versions of the stack, and there is no clear message for the as to how to update their devices, or indeed if this is even possible. I’d certainly like to see the Telcos, or the community, or a collaboration of the two – to come out with some simple HOWTO guides (or simple “Sorry – but you can’t” messages) around updating the device to more recent software. Let me know in the comments if you have come across anything which may help the average Joe (or Jane) with this…


What is ‘Android’

‘Android’ is a software stack including an operating system, middleware and core applications – kind of like Windows on your PC. It was first unveiled in 2007 by a firm who was subsequently bought by Google, who’ve since released most of the code under the Apache (software and open source) license. And that decision is what has captured the attention of the community.


Continue reading “These *are* the Droids you’re looking for…”

Tabnabbing – An Even More Evil Phishing Attack

Image by Flickr user 'Toasty' http://www.flickr.com/photos/toasty/1276202472/Wow – I’ve just finished reading a recent blog post by Aza Raskin (creative lead for Firefox) and he presents an interesting new phishing attack vector for us to be(a)ware of, that of ‘Tabnabbing’.

For many of us, phishing attempts, (that is – attempts by ‘evil’ sites or emails to pretend they are from legitimate sources and then dupe the user into revealing login credentials or other useful information) are fairly easy to spot. Some are stupidly obvious such as the now well known tale of the government official who needs to get large sums of money out of the country, others are less blatant and use shortened URL services or minor misspellings to trick people into clicking their links. But now, joining the ever growing list of ways to socially engineer an inattentive user into revealing useful information, is some very clever javascript which seeks to fool us when we’re not looking!

The attack is structured as follows:

  1. The attacker gets a user to browse to a staging site
  2. When the user switches focus to another tab, the staging site then changes the favicon, and the content displayed on the page to something which the user will be familiar with – in his example, Aza uses a Gmail login or ‘credentials expired’ page.
  3. When the user next scans their open tabs, they recognise the familiar tab and switch to it – believing it to be the genuine article.
  4. Because it’s an existing open tab, they implicitly trust that the domain is what it should be – and from there the credentials are captured – and the user is redirected back to the legitimate site, oblivious that they’ve been scammed.

Continue reading “Tabnabbing – An Even More Evil Phishing Attack”

What is this “Android” thing that people are talking about?

The first week of April 2010 saw the announcement of Telecoms first Android handset, with the exclusive launch for the XT network of the LG GW620.

Telecom is not alone in the New Zealand market with Android handsets. Vodafone have been selling the HTC Magic since the end of June 2009 and independent device importers also have a range of Android phones.

Globally, the industry is expecting big things from the handset manufacturers as well as the Android platform in 2010. At the Mobile World Congress (the world’s premier mobile event) in February, it was announced that 60,000 Android handsets are shipped every day (though what ‘shipped’ means was not clarified).

Continue reading “What is this “Android” thing that people are talking about?”

“If something seems too good to be true…

…it probably is.”

It’s an old, well-worn saying for sure, but it holds as true today as it did way back whenever the anonymous, cynical, amateur philosopher came up with it.

Recently in New Zealand, there have been an increase in phishing attempts trying to get people to open email attachments which then deploy malware onto the computer, and recruit your PC into a global network of compromised machines.

A few weeks ago, there were a number of emails arriving to various mailboxes I hold claiming to be from DHL or UPS and containing details of a package delivery, over the last few days, this threat has evolved to include messages purporting to be from Amazon and including details of a paid order.

The short version of this post is simply:

Don’t open attachments from people you do not know”

…but we can also extend this advice to “Treat any attachments or links from people you think you may know with a healthy dose of caution”.

For those who are interested in a little more information

The biggest risk around phishing attacks is they take advantage of our human nature of curiosity, implied trust of people (especially those we believe we know) and, dare we say it – greed. These “social hacks” are useful in that it’s relatively simple to change the appearance of an email so it looks like it comes from a friend or colleague, or to obscure a link to make it appear that is comes from your bank, or favourite social networking site.

It’s human nature…

The very nature of how we as humans operate is once we recognise a name we believe we can trust, we instinctively lower our defenses to being scammed and are often convinced to click that link, or open that email attachment.

The best defense against such attempts is a healthy dose of skepticism, look closely at the link, does it look long and complicated, does it redirect through a web domain that you don’t recognise?

Scan your email attachments – and, if you are in any doubt, contact your friend/colleague to check on the attachments validity. Or, visit the website directly rather than clicking on the link within the message – if it is your bank contacting you, you’ll still be able to access the information directly from the bank website, if it is a message from Facebook – you’ll also be able to get those updates direct from the site.

Protection at Home

In terms of viruses and malware, we don’t have anything near the same level of protection that we may enjoy on a corporate network. It’s up to us, whether we’re at work or home, to make the right decisions when dealing with any communications which may expose us, our machines, our data to risk. Email, Instant Messenger links, Social Network links/messages/applications, the list goes on – they’re all targets

The best advice I can offer is:

  • Keep your operating system and applications updated with the latest patches as they are released
  • Invest in a good anti-virus/anti-malware program, keep it updated daily – and use it to perform regular full scans on your systems, as well as checking out those suspicious files
  • Access websites from your browser rather than via emailed links
  • Perform regular backups of your important files (don’t forget your digital photos & video)
  • If you think you may have been compromised, scan your systems, change your passwords and seek help.

Above all, employ a healthy dose of skepticism when dealing with communications that you are not expecting, even when you believe you know the sender – and be careful out there…

Commentary on Corporate Approaches to Social Media

Honestly, this is brilliant – while the clip itself has been mashed up to cover everything from Hitlers replacement motorbike to his choice in gaming consoles, this subtitling by Laurel Papworth (original article) has a bunch of agencies across the ditch resorting to ad-hominems – a classic sign of “oh-bollocks-what-do-we-do-now”.

Disclosure: I have met and spent time with Laurel during a workshop a few years back and was well impressed then, as I have continued to be as I’ve followed her commentary on all things social media. For those interested, I’d recommend following her posts, and subscribing to her podcasts.

TEDx Auckland – Session Two: Wendy McGuinness

Second to the stage was a ‘Reluctant Futurist’ namely Wendy McGuinness from Sustainable Future, an “independent think tank specialising in research and policy analysis.”
Wendy spoke on “The Danger of Now” which, in summary, was about ensuring you take into account whereabouts you (or your project/strategy) fits in the grander scheme of things. Some takeouts from the talk were as follows:
TEDxAkl - The only passable photo I have There are three types of futures:

  • Probable
  • Possible
  • Preferred

When testing a scenario or future one should:

  • Define: Parameters, Trends, Drivers, Assumptions
  • Explore: Uncertainties (and rank them)
  • Build: Scenario Worlds / Write Stories / Test
  • Use: Consider Implications / Review / Communicate

I found the talk to be somewhat disjointed, yet filled with amazingly wordy slides with paragraphs of text which may have reinforced a point if they had have been on screen long enough to read. It was always going to be tough to follow the first (very engaging) speaker – however, with some practice, feedback and basic presentation learning under the belt, this could have been a lot better received – so I hope I am not seen as being too harsh in my summary.


For another summary of the talk, click here to see what Missing Link said.

TEDx Auckland – Session One: Michael Henderson

As I alluded in my initial TEDx Redux, the inaugural Auckland event was awesome. In the next three posts I will briefly cover my perspectives on the presentations delivered at this, the first TEDx event in Auckland, New Zealand.

TEDxAkl - The only passable photo I haveThe first speaker was a fascinating guy called Michael Henderson [UPDATE: Looks like something ‘weird’ is happening with his domain,try here for his cached page in the interim] , a Corporate Anthropologist. As well as being unemployable (who want’s an Anthropologist anyway?), he is never bored – because people are so interesting to study. Some observations:

  • Organisations are the modern tribes
  • CEO – Interesting title
    • Chief – Head of the tribe
    • Executive – Head of Structure
    • Officer – Very Militaristic – Head of Strategy
  • The difference between a cult and a culture is:
    • In a cult, the leader sees greatness in themselves
    • In a culture, the leader sees greatness in people
    • Silo mentality never occurs in a tribe
  • Engagement Studies
    • Organisations:
      • Engagement = email sort
      • Worldwide ~20% of employees are engaged and 80% sit on the fence
    • Tribes
      • Engagement = contact sport
      • No tribes run engagement surveys, all members are engaged 100% as you are either learning, doing or teaching

“Why is no one teaching GenY to respect those who came before them as sources of learning?”

Executives go on a ‘retreat’ (never an advance?) then return to proclaim new company values to their employees.

  • Employees don’t hear values, they hear violations;

“Integrity, really?? Aren’t you the CxO trying to set up XYZ to fail so you can get more headcount/budget?”

“Language is the bloodline of a tribe”

His parting observation was on the two dynamic forces of organisations: Relationship versus Results

“Measure yourself on Relationship versus Result – is the win [on this point] worth more than the long term relationship?”

The interesting observation I made about his talk was that, not only was I noting the same points as one of my colleagues, these same points were also being noted by a number of other ‘corporate types’ around where we were seated.


For another summary of the talk, click here to see what Missing Link said.


Update: A TED talk on this theme of Anthropology and Tribes was posted recently “David Logan on Tribal Leadership”

Update: Domain seems to be back – have adjusted links & text


Update: September 2011 – Added Michaels new business sites and the following TEDx video…

Ideas Worth Spreading – My Journey to TEDx

TED. Three letters, a veritable treasure trove of new ideas, challenging thinking and incredible people with finely honed presentation skills.

TEDx Auckland

I first stumbled across the TED initiative in 2006 when I was shown a presentation by Hans Rosling using Gapminder to do some incredible data visualisations. From that day onward, they have been a regular both in my RSS feed readers and in my browser as I immersed myself in the site from which I have gained so much.

It was with huge excitement then that I saw that TED was not only allowing independently organised events (under it’s banner of TEDx), but one of these events was going to be in Auckland, New Zealand – my home town.

I must admit I was initially reluctant to fill out the registration form, as chest puffery and self promotion doesn’t sit well with New Zealanders. Encouraged by some colleagues, and with the knowledge that the official event attendee spots are so coveted I did sit myself down and force my fingers to the keyboard to tap out an introspective view of what I have achieved to date, and why I should be amongst those fortunate enough to sit in attendance. The exercise in itself was worthwhile as it gave me an opportunity to cast back over many years in the technology industry, and to re-celebrate a number of the awesome innovations that I had been involved in over that time. The submit button was clicked, the “Thank you for registering” page loaded – and then all there was to do was wait.

In the fullness of time, I received an acceptance email and, excitedly, I checked in with my other colleagues to find they too had secured their place – timing-wise, the TEDx Auckland event was scheduled for the day before a weekend away at TelecomONE, a FOO style “Innovation Unconference”, so I knew that we would be in for one heck of a lot of brain stretching. We made our plans to meet up and attend together, and then again we waited for the beginning of the first ever TEDx Auckland, October 01, 2009.