Just Kickin’ It

Just Kickin' It

Just Kickin’ It » Originally uploaded by rprins.

I haven’t posted in a while… but I’ve been keeping busy. This is a shot from a park just north of N Pacific Street on Eastern Ave N. I can’t find what the name of it is, or if it even is a park at all. But, we found a cache here and I took some photos along the way since you had good views of the University Bridge and also Downtown Seattle.

Famster… Upon Further Inspection

While cruising around Digg today I found an entry about a site called Famster. It looked to be a great site to get your family located online. The service looked really promising from the outside and after signing up I thought that it might be something that I’d share with the rest of my family. Then, I discovered their security, or lack there of.

They use security by obscurity. If you are not familiar with that, it is basically this. I have Object A that has a link to Object B. In order to make Object B protected, I removed the link from Object A to Object B. So, now Object B is hidden. Well… sorta. If I still know the link to Object B, I can still access it. So is the case with Famster. But, if you guess on account name you could find other accounts on the site and exploit the security as well. Not very good security to me.

That’s just one of the issues that I had with this service. Another was that there is one administrator account and then the “member” (or family members) account. I really hate the idea of just two accounts, there is not accountability for actions on the system. Yes, you should be able to trust your family, but that is not the problem. It is the person who is not in the family who can silently access the site without you knowing who they are or what they are looking at. That really bothers me. We are in an age of technology where this is not a problem that should be occurring. It is not too much to ask to have family members have their own accoutns and own up to their actions on a system. At least I don’t think it’s too much to ask.

So, Famster, upon further inspection, your security is just not up to par. Your site looks great, but after 20 minutes of poking around on your site, I am terribly concerned with what I found. I don’t want to spend a lot more, because I’m afraid of what I might find.

Update @ 6:23pm: I’ve been informed that the issue of being able to access something that is private via a url has been fixed. However, I have been unable to verify this.

WaMu Unavailable

I’ve tried a couple of times today to pay my bills on line at wamu.com, but every time I try, I am getting an error and I can’t. It is beyond frustrating. I can understand if the site is down outside of business hours (or peak hours), but I would imagine (and I only speculate here) that when the sun is up the most people are making transactions on line. I have a rent check to mail and association dues to pay and I need this service to be up. I’ll check back again tonight, but I shouldn’t have to. It should have worked the first time.