Andy’s Blog

I’ve just started looking for an e-commerce partner to work with in order who will process orders for my apps – and I started off with the usual list:

CleverBridge, Avangate, ShareIT, Digital River.

ShareIT and Digital River I have used before, so thought I’d have a look elsewhere.

CleverBridge and Avangate I have experience with through other companies – however, up to now I haven’t heard a peep from CleverBridge. Not a good start.

I did get a tweet from FastSpring who are indeed interesting – I signed up with them, but still have not received my login details yet.

Anyway, looks like it will be a two horse race – Avangate vs FastSpring.

As long as both of them credit my UK account, it will fall down to technical implementation, flexibility and general ease of use. More to follow

I have certainly been exceedingly lucky, landing a contract to do some work out in Hawaii – in the Waikiki Beach area to be exact.

An incredibly exotic location, amazing weather (although what is up with the wind?), and some mind blowing beaches. Honolulu itself feels like any other American city, until you actually speak to people – life here is so laid back. An incredibly tempting mixture.

I’m staying at the Waikiki Parc Hotel – which is literally a stones throw away from the beach. The hotel, as hotels go, is not bad – room service is decent, and the staff are friendly. The rooms are an adequate size and comfortable enough. I still haven’t gotten around to checking out the fitness area / pool here, but that is partly because I really haven’t had the time and as I don’t swim (yet) I really have no need.

I did, however, drop into the Apple Royal Hawaiian store and check out the iPad. And was most disappointed. I really don’t know what people would actually buy that device for. It would make an amazing ebook reader, but in my opinion it’s too heavy for that. That and if you are like me you get a little careless with your books – you read them in bed, the train, the plane, the beach – and they get dropped. I’d hate to drop an iPad.

Anyway, it’s almost lunch time here, so I better get moving

Well, after almost two years of working with Money Dashboard working with them building their excellent Personal Finance Management tool, I’m returning to contracting.

Why am I bailing from a full time job and returning to contracting? Lots of people have been asking me this over the last few weeks and I thought I’d actually put my thoughts out into the world – at least that way, it will hopefully stop me having to explain it time and time again! (And, I’d hope, it might help a few people who find themselves in a similar situation make the leap).

First up, it’s not as if I have never been contracting before – it’s something that I used to do when I lived in the South East, and I did enjoy it. But with the hassles of moving, a “steady” job was far more enticing, so I left contracting when returning to Scotland. That was a good five / six years ago. In that time, the regular pay cheque was lovely, but it lacked the stimulation and freedom that I wanted.

A number of things changed in my personal life, as well as my outlook on various things, in the past six months – and it’s in that time that I started actively looking at returning to contracting. The flexibility as well as the time to pursue some ideas of my own appealed to me. That, and a contract opportunity in Hawaii.

Anyway, the long and short of it is that I’m now contracting, trading under Wildfire Software, and will be working on developing a number of applications – some industry focused, some security related (I know, I seem to have developed a thing for security!), but generally, keep your eye out. Oh, and why not follow my “work” twitter account?

Contracting is not for the faint of hearted – you never know when your next job is (let alone your next pay cheque!), but the rewards (and freedom!) are amazing – I’m so looking forward to actually having time off!

This isn’t to say that I’m escaping from Money Dashboard … I still have the need (actually, probably more than ever now!) for Personal Finance Management … and can’t wait to see how the application matures and grows. Now I’m wanting some more contractor friendly tools to appear in it

Expect some pictures from Hawaii to appear

As I’m sure some of my (two!) regular readers will remember, I have previously blogged about the security (or lack thereof) when it comes to using Social Networking websites – and specifically when you make use of any of the applications on them (here’s looking at you Facebook).

What’s more disturbing is that I came across this article today, which is equally concerned about it. It does actually increase my concern about Facebook – I hadn’t realised that when a friend takes a quiz, or makes use of an application, they can actually provide access to MY data through them. Interestingly there ARE some controls on Facebook to limit this, but I have yet to find them through a route in settings – but instead you have to use a direct URL: http://www.facebook.com/privacy/?view=platform&tab=other

Maybe you should all check to see what is accessible (take the quiz mentioned in the article, you might be surprised) and adjust your settings …

I’m all for Social Networking, but please, can we at least have some accountability?

I attended Cloud Camp last night in Edinburgh at The Appleton Tower @ Edinburgh University and it certainly delivered a few insights.

As you probably are aware if you read my blog, I work fairly heavily with the Microsoft Azure cloud at present, although this isn’t to say that I have not investigated the other possibilities such as the Amazon Elastic Compute (EC2) offering.

Why did we choose Azure? Quite simply it is a good way to ensure that we are using the same tech stack from top to bottom, which for us allows us to greatly improves our maintainability of our toolset.

There were a couple of product vendors there that did spark my interest: aicache and rightscale. It’s a pity that the management vendors do not support Private Clouds based around the Microsoft Hyper-V arrangement, or we would have seriously taken a look – as it is, they only support VMWare. Shame. Seems a hole in the market!

Another thing mentioned is that it is time to nominate for the Scottish Open Source Developers Award! It’s actually the first time I’ve heard of the award, but it seems a good idea. Unfortunately it seems that their website is down.

You can get an idea of the action by having a look at the #CCScotland tweets from last night: http://twitter.com/#search?q=%23ccscotland

There is one thing that I realised while sitting outside watching the world go by … I need to go back to University

So you are wanting to be more secure in your day to day activities on the web …

Well, the first thing you need to learn is checking up on where you have BEEN (yes that right, not where you are going, but where you have been!).

Maybe that doesn’t make sense, but let me give you an example.

You, like most people, probably use an online (free) webmail service, or perhaps the webmail service that your Internet Service Provider gives you when you sign up.

Have you had a look to see if it actually tells you something simple such as when you last logged in? Or even where (as in the IP Address)? This simple piece of information is usually enough of a red light should someone gain access to your account from a location that you do not normally use – or a time that you are usually at work, in bed, whatever.

But hold up. Who actually understands what an IP Address is, let alone read one (ok, outside of this circle eh?)?

Maybe we need to come up with a good way of identifying the “norm” for a particular user from a list of previous addresses, and flagging anything unexpected up for them. Maybe at that point you could  carry out additional authentication before allowing access to data.

Either way, I can not help but feel that in this digital age, something has to happen to improve digital identity security.

Almost three years ago I wrote a piece about the fact that Royal Mail did not provide any means of integrating with their “business class” SmartStamp postage printing software.

In three years nothing has changed.

But, something has.

More people are now using CRM solutions, such as Sales Force, or even self hosted solutions such as Microsoft Dynamics.

Even more are running SugarCRM or any of the other million open source offerings.

Ebay / Paypal have a deal to allow you to print off shipping labels, with postage, via Royal Mail (through their online service, a bit like SmartStamp).

Hey, but you have guessed it. Still no SDK for SmartStamp.
Personally, I find it slightly nuts that a team of developers can write something like this, and not consider the fact that third parties will want to integrate. I’m even more amazed that the architects, managers, and so forth have not realised there is probably an untapped fund stream there!

With the proliferation of Facebook applications, and people starting to install (even if they don’t use!) them, should we be getting concerned about them?

I mean, would we install a desktop application that promised to give us 30 seconds of entertainment if it wanted access to all our personal details – such as name, address, phone number, list of friends, etc?

I don’t about everyone else, but I have a habit of allowing applications that friends are using – experimenting with them for a bit, then removing them when I get bored. The key thing being, I remove them. How many other people do the same thing, but don’t remove them – leaving the application with access to your details?

Thankfully the data handling engine (and storage) is all on the Facebook system, but from what I can see there is nothing stopping the developer from adding offsite calls to push the information out of Facebooks system into their own – and would we really know? I’ve checked a couple of games quickly with the Web Developer Helper tool for Internet Explorer, and noted that some do appear to push information out – although the majority only download static content from external servers.

Perhaps we need to reconsider what information that we allow these applications to access? Might be nice if Facebook allowed you to see a summary of the information that is being exposed to the third party applications, and perhaps allowed us to anonymise some of the data?

What I would also like to know is what happens when we remove an application? There doesn’t appear to be a nice obvious indication that any data the application has collected while you have been using it has been purged (which SHOULD happen)…

Some of you will probably have noticed that over the past few months I’ve become rather interested in privacy on the net, in applications and of course with social networking (what better target – everyone has it in their life these days in one way or another). The reason behind this is that at my day job (plug … Money Dashboard Ltd … /plug) we are working on some pretty nifty software, and one of the aspects we are taking exceptionally seriously is data access and privacy. After exploring the required steps internally, I am amazed at how much information we divulge in our day to day lives, which could be construed as sensitive, to unknown third parties.

Maybe it’s time we started questioning it.

I’ve been having a bizare problem with Windows Installer on a fresh install of Windows 7 – I’ve been unable to get MSI installs to work with the constant error that another install is already running.

After a quick bit of diagnostic hunting in the event log I came across a recurring install “Microsoft Visual Studio Tools for Applications 2.0 – ENU”. Hmm. It was failing as it was unable to find the directory “”. So I created it. And amazingly the install completed successfully and I can finally install app again.

Very odd.

Downloads of my Freeware applications has moved to Wildfire Software; Wildfire will be continuing the development of these applications.

I might release a few more apps in the future, but this unfortunately depends on how much spare time I get!