Recently, I’ve been getting more concerned in security. As an American living in a Middle Eastern monarchy, multiple government agencies are likely monitoring my internet traffic—not to mention that I frequently connect to servers from sketchy internet cafes while traveling in the developing world. To mitigate these risks, I proxy all my traffic through a secure server—but with the recent heartbleed bug, I decided to step my security up a notch.
Now, all traffic is routed through spiped, a simple and secure utility. Using Docker, I’ve automated most of the setup for this system, so you can easily route your traffic securely as well.
Setting up the server for this is quite simple, assuming you have Docker installed.
Clone my Dockerfile, which handles setting up a Socks proxy (with SSH) and the spiped server.
git clone https://github.com/morgante/spiped-docker /home/spiped
Enter the spiped directory, where the magic happens:
Generate a secure key for the spiped socket to use for communication across the internet.
dd if=/dev/urandom bs=32 count=1 of=spiped.key
Build the Docker image (it will automatically load the key you just generated)
docker build -t spiped .
Start the spiped server with Docker:
docker run -d -p 49168:8089 -t spiped
You now have a fully functional SOCKS proxy listening on port 49168 and secured using a private key.
On the client, all you need to do is installed spiped and connect to the server. These instructions are for OS X, but the process should be similar for other operating systems.
Install spiped (with Homebrew).
brew install spiped
Copy the private key from your server.
scp firstname.lastname@example.org:/home/spiped/spiped.key ~/spiped.key
Start the spiped client:
spiped -e -s '[0.0.0.0]:8089' -t '[18.104.22.168]:49168' -k ~/spiped.key
- In System Preferences, configure your network to connect to a SOCKS proxy at localhost:8089.
Now all your internet activity is securely routed through your server. If you want to automate this slightly more, I have written a very simple start script.
In my experience, the spiped tunnel is highly reliable and recovers more gracefully than a standard SSH tunnel.
Leave any questions in the comments and I’ll do my best to answer.
This past summer, I had the awesome privilege of being a hackNY fellow. Besides providing free housing to a group of fantastic hackers, the hackNY fellowship program is the perfect introduction to the New York City tech community. HackNY directly led to my current job as a software engineer at Business Insider, gave me a group of fantastic techie friends, and inspired me to seriously pursue my own startup (Social Citadel. If you’re a student hacker, there is no better way to spend your summer: apply today.
Since I’ve been getting a lot of questions about what hackNY looks for in applicants, and inspired by Swift, I’m sharing my application below. Hope it helps!
Tell us about a time you built something awesome in code. How did you choose it? Why did you enjoy it?
Tell us about what you hope to learn this summer and why is hackNY right for you.
Though I’ve been coding for years, I look forward to learning more about the “soft” skills which it takes to build great software—working with a team and collaborating to create something better than I could make by myself. Of course, I hope such skills will help me in developing my own startup in the future (FundShift), while also making me a better programmer, especially when it comes to scaling software to many users while maintaing speed and usability. HackNY is perfect for me because I love the satisfaction of seeing the joy which software can bring to someone by filling a gap in their lives. In a startup, I’ll have the opportunity to work on problems directly affecting users and see my solutions actually deployed—a rare opportunity at larger corporations. Having started my own companies in the past, and worked with Vermont startups, I look forward to working hard in a New York startup, learning from older developers, and taking the initiative to start my own projects.
Is there a particular technology or industry you’re currently interested in? How come? Where do you see it heading in the future?
The financial sector is ripe for innovation, as its one of the few areas in our world yet to see true disruption. While technology has certainly changed the way financial firms work, it has yet to change the way they act. Indeed, technology, by enabling esoteric instruments and high-frequency trading, has only widened the gulf between individual investors and large banks. Thus, in the next few years, we’ll see populist dissatisfaction with the financial system translated into new business patterns where capital moves fluidly throughout the system and where information is readily available to investors large and small. We’re already seeing the starts of this with sites like SecondMarket and AngelList, but the potential for innovation is far greater. Indeed, that’s part of what I’m trying to accomplish with my startup FundShift by creating a platform where starting a fund is easy as making a Kickstarter project and communicating with investors is as simple as Twitter. Crowdfunding has already begun, but now crowdmanagement—where even small investors can easily get reliable information and education from managers—is ready to expand. Like most innovation, this won’t come from the top, but from the bottom-end of the market, with people who only have a few thousand dollars to invest but still demand respect and information from managers.
Discuss your technical skills/proficiencies/languages and experience
When you’re not coding, what do you like to do for fun?
Though I’m also extremely interested in economics & politics, I treasure my time spent backpacking. Besides resting my eyes from all the time immersed in screens and books, backpacking always offers a fresh challenge, even after the hundreds of miles I’ve hiked (including the 270-mile Long Trail and a month in Alaska). Backpacking demands that I look up at a mountain’s sky-piercing summit and deny that height, seeing only the easy inevitability of the next step. But the reward for taking that step, and the next, and the next, is to eventually emerge into a new world. A world above the clouds, with its own weather and laws. A world where poverty is unknown and everyone is equal in physical triumph. A world which even the most atheistic among us cannot deny the spirituality of. Though I wish I could live in that world forever, “you cannot always stay on the summit.” (René Daumal) Therefore, when I come down, I bring the memory of that world — its peace, its freedom, its love — with me and use it to inform how I live my life. Next to the beauty of that world, and the challenge of reaching it, even the best software and hardest challenges are mere anthills.
We’re looking for applicants who are restless builders. Please provide links and a brief description of at least two code samples in the language of your choice.
Much of my work is visible at http://lab.morgante.net, but here’s a selection of my open source contributions. (Sadly, my more substantive projects aren’t publicly accessible.)
- HabariBox is a plugin I wrote which integrates Habari (PHP) with DropBox, allowing users to easily share images from it and even update their blog by just adding a file to their DropBox
- In Node.js, I built this simple status site for student government projects which pulls information from GitHub. (https://github.com/nyuadsg/status)
- Mpango is the (PHP) plugin which powers my lab site by pulling information from GitHub and generating documentation. (http://lab.morgante.net/mpango)
- In Node.js, I wrote a centralized authentication system for students’ use at NYUAD. It authenticates against NYU’s servers (using a roundabout method) and serves an OAuth server for all student projects here (https://github.com/nyuadsg/passport)
- PolyMatch is a Facebook application which analyzes responses to a few basic questions and identifies respondent’s partisanship through an algorithm and database of 50,000 voters. (https://github.com/morgante/polymatch)
- LinkBlog is a (PHP) implementation of linkblogging for Habari, which includes Atom syndication and traffic tracking. (http://lab.morgante.net/linkblog)
- SimplyNoted is a (PHP) plugin which uses Simplenote’s API to integrate author’s notes into the Habari publishing process. (http://lab.morgante.net/simplynoted)
- Shield is a theme with JS/CSS/PHP which I wrote for my personal blog and the Habari platform (https://github.com/morgante/shield)
I still feel pretty happy about these answers, though FundShift is defunct due to regulatory issues. Node.js and PHP are still my primary programming environment (for pleasure and work, respectively).
Since (in both the chronological and causal sense) Twitter announced changes to its API last Wednesday, the Internet intelligentsia has been raising a ruckus. Justifiably so. Though the outlines of these changes have been on the horizon for a while, this new move clearly shows where Twitter is heading as a company and service. And I’m not quite sure that’s a direction I want to be following.
With this move, Twitter is making it clear that it means
businessenterprise. Just the fact that the announcement is written in MBAease clarifies that Twitter now thinks of itself more as a corporation than a startup. Indeed, its infamous quadrant with social CRM and social influence ranking makes it clear that the company is focused more on monetizing and consolidating than on continuing to innovate. Of course, we know how well that went for other companies.
There’s nothing inherently wrong with attempting increased monetization except when it ends up being counter-productive. For Twitter, increased attempts at consolidation will quite possibly kill it.
The first problem for Twitter is that its service depends upon the very environment it’s seeking to quash. Many of its best features, from @replies to #hashtags, originally came from users. And it was the simple accessibility of the API which quickly made Twitter nearly ubiquitous—even your house can Tweet now. Without this robust ecosystem, Twitter is essentially just a text field—something that any freshman CS student could pull together in an afternoon.1 Microsoft, for example, can afford to have MBAs run the company, because the switching costs are high. For Twitter, they’re negligible. Anyone can build a text box.
Twitter’s second major problem is one of direction: it’s astronomically easier to go from closed to open than from open to closed. Apple can get away with tight restrictions because before the App Store existed nobody felt entitled to install applications on their phone. Even in going from open to closed, Twitter could potentially succeed if that change provided a meaningful benefit to users. Facebook was more restricted than Myspace, but those restrictions came with the benefit of not having my eyeballs seared out from using it. Twitter is going in the opposite direction: it’s restricting us to its main website which is, for your average alpha user, shittier than it was a few years ago.
Though these problems won’t prompt an immediate exodus from Twitter (indeed, only 23% of posts come from external apps), Twitter should still be worried. It was that 23% which first left Myspace, Yahoo, and AOL. Particularly for a service as simple as Twitter’s, they really matter—what your tech-savvy friend is using has a greater impact than where Bieber is. Especially if we start to see a chilling effect where new developers don’t include Twitter functionality in their apps due to the possibility of it being cut out of the ecosystem.
My biggest objection to the changes is mostly philosophical. With the new display requirements, Twitter is asserting ownership over my content there. I agree with Marco’s reading: rule 5b would seem to preclude me from quoting my own tweets on my own blog without their wrapper. This seems more like something an archaic wire service might try than the policy of a tech startup. Indeed, it make Twitter’s viewpoint quite clear: our content and attention is their property to be sold to corporations for advertising and “social CRM” (whatever that is).
Twitter’s announcement came at the perfect time for app.net, which easily met its funding goal thanks to the general outcry in the web crowd. But I really don’t think the way it’s being portrayed matches either its potential or position. Despite what internet bloggers and campaign commercials say, there’s nothing inherently virtuous about running an old-fashioned business where customers pay you. Thus, app.net isn’t even truly quixotic: it’ll likely fail, but it was never virtuous.
Probably the biggest reason it will fail is that for the vast majority of people, the $50 annual cost for the service far exceeds the utility it provides. Thus, the service will end up being the playground of the people with $50 to spare for an empty text box. While Twitter might end up being filled with only
people following Bieber I likely follow a couple of Bieber-fans and wouldn’t enjoy a platform without some of the regular people.
My other major problem with app.net is that it isn’t even doing what it purports to do. Instead of only charging users, it’s charging both sides of the market. Thus, members are being sold the
privilege of being sold to app developers for up to $1000. That might not seem like much for a legitimate business, but it’s the sort of cost which is prohibitively expensive for quick projects and will seriously limit the ecosystem around app.net—you won’t see the ubiquitous support which Twitter currently enjoys.
I don’t know where things are headed, but I’m guessing the future is neither Twitter or app.net. Until the future comes around, I’m putting my time where my mouth is and spent the weekend building a Twitter clone for Habari. The system I’ve designed has a couple of benefits:
- I control the content, through Habari, so Twitter certainly can’t complain about me quoting their material.
- For now, microposts are posted over to Twitter. Once the future comes, it’ll be easy enough to post them there as well.
- For ease of mobile use, I can take advantage of the Twitter ecosystem by posting to a secret account which will be subsequently mirrored over here and on my main Twitter account.