Profile cover photo
Profile photo
Ramin Keene
Ramin's posts

Post has shared content
"From the crawled websites (~19K HTTPS enabled sites from top 100K Alexa domains), 7980 (43%) were found to have at least one type of mixed content. This means that almost half of the HTTPS protected websites, are vulnerable to one or more attacks..." [1] 

How's your site doing? Now's a good time to fix it.


Post has shared content
I bought a digital video download today that required a video player from Leaping Brain. As usual, the proprietary player wasn't great and to transfer it to my iPhone I'd need another proprietary player. Ugh. But I browsed around and found that the video had been downloaded into a hidden directory as a bunch of .mov files. Great, except none of the files would play.

It turned out the actual player, launched from their compiled app, was a Python wrapper around some VLC libraries. Nothing funny going on, as far as I could tell, but when I tried to launch the player directly, nothing happened. The compiled app was modifying the .mov files right before they were loaded into the player, and then reverting the file on disk. According to

 "We apply our BrainTrust™ proprietary video encryption to your movies before we upload them to our servers. If someone ever was able to gain access to your content, the files would be useless and unplayable, because they are stored in a scrambled, encrypted format. Once downloaded to the user’s hard drive, the files are still encrypted and only readable via the MOD Machine Player by a legitimate owner. We are not aware of a better DRM scheme than ours. Where Windows Media DRM is easily crackable, and doesn’t run on Macs, BrainTrust™ works great on Windows 8, Vista, Windows XP and Mac, and is virtually uncrackable."

Virtually uncrackable? Well, since they load the file from a Python script, it's easy to make a copy of the "decrypted" file before it's reverted. Having done so, I was curious to see the encryption scheme. By comparing the binary files, I discovered the "proprietary video encryption" algorithm: for the first 15kB, each 1kB block has its initial bytes xor'd with the string "RANDOM_STRING". That's the "scrambled, encrypted format" that leaves these files "useless and unplayable".

Post has shared content
I just looked at the nearly final returns, and compared with the predictions in that were updated as of this morning.

It looks to me like Nate Silver correctly predicted every single state.  Including Florida.  In the morning I'll check how closely he nailed the popular vote.  Right now Romney is ahead by a hair, but most of California is not in yet, which will clearly change that.

From an alternate universe, can give a lesson in how NOT to interpret polls.

Post has shared content
Was checking out a very cool project mapping Google/Facebook/Apple shuttles departing SF every morning..

Got to halfway and saw this composite panoroma photograph (shown here). Ruining the image, for me, was the black matte of the background.

Then I started getting curious about the state of alpha WebP images. So:

* They are shipping in Chrome 22. (It's been a year since they were announced, but they had to suss out issues before they finalized the bitstream)
* Filed a two tickets (fallback & alpha) against the excellent weppy polyfill: Should help adoption.
* Added the current WebP best practice to

(For those not up to date: this is basically the equivalent of jpegs with alpha channel! Regular webp is already in Chrome, Android, and Opera. weppy provides support to Firefox.)

Post has shared content
Indoor location services are going to be huge. Lots of new smartphone apps will help you find your friends on a college campus, at a shopping mall, or office building. Retailers will offer coupons, ads or offers, based on which aisle you are in at the supermarket or grocery store. LOTS of innovation coming in indoor location. Read this story by VentureBeat.

Post has shared content
I can't make this stuff up

I'm sitting in a Starbucks doing random whatever over an iced americano. While I waiting for my drink, I watched a guy with his friend, pick up a newspaper; and start to remark on the Samsung Apple verdict.

Guy: "Wait, so what they're saying is, Samsung is the same as Apple?"
Friend: "I know, right? Makes me think twice about how much I paid for my Mac Book"
Guy: "Seriously"

Not 10 minutes later, a husband and wife, same newspaper:

Husband: "... Samsung's iPad is the same as Apple's iPad, and I paid how much for the Apple one? Honey, I told you they were a ripoff", after looking up the Samsung tablet on his iPhone.
Wife: "Oh wow," looking at the screen, "... that's a lot cheaper. Think we can return it?"

I put my Samsung QX410 on my table, and started to plug in, when he leans over to me, "Sorry, you don't mind if I ask, how much did you pay for your Samsung laptop?"

"Oh, no worries, it was $700." I replied. 

I watched shock overcome his face, like actual shock. He looked at me, blankly, for an awkward amount of time, "Mind if I have a look?" he asked. 

So, I obliged, and showed him a few things. He commented on Windows 7, so I opened up my virtual machine of OS/X... By the time the conversation was over, he was ready to kick Cupertino in the nuts, I think.

... Now, the punchline: 

I'm writing this post after the FOURTH group of Starbucks patrons have made the connection that Samsung is now the same as Apple. They don't know the details, they don't really care, what they know is Apple is saying that Samsung is the same as Apple ... and with one simple Google Search, you get prices that are basically half for what seems to be the same products -- for nearly everything. 

Two of these groups (including the husband/wife) asked me about my Samsung laptop, the second group noticed my Galaxy phone (also by Samsung)... Best billion dollar ad-campaign Samsung ever had.

Post has attachment
"he considered hanging out and thinking an extremely valuable way to spend your time"

Post has attachment

Post has attachment

Post has shared content
Wait while more posts are being loaded