Left In Lowell

This is pretty funny (and also pretty embarrassing). Mysteriously, Eric Fehrnstrom tweeted something incomprehensible coming from him:

Tonight at 8:05 PM, Scott Brown strategist Eric Fehrnstrom tweeted the following from his account:

“I’m excited to announce that Cindy Creem is the newest hire at my charity, Be the Change #mapoli #masen”

Why in the world would one of Scott Brown’s strategists tweet a reference to Sen. Creem and Alan Khazei’s Be the Change organization? Why would he do it from the first person? [Lynne’s note: the Khazei campaign just yesterday announced state Sen. Creem’s endorsement.]

For any BMGers on Twitter, you’re probably familiar with the @CrazyKhazei account. For the most part, the account has been impersonating U.S. Senate candidate Alan Khazei and mocking him.

From all this you can more than assume Fehrnstrom is the one behind the @CrazyKhazei account.

As someone who has several Twitter accounts (the most active of which right now is @leftinlowell), I can see how this can happen. I use a program to manage my accounts all at once on my laptop and my smartphone, with all my accounts logged in. I get streams from all my feeds in several columns, and I can post updates to any or multiple Twitter accounts, and even to my Facebook account and pages. I have, on occasion, meant to post something to one account and accidentally had another account checked off instead.

Of course, none of my accounts are tweeting extremely questionable and mocking Tweets about a candidate for US Senate, either.

You have to go read the rest of the BMG diary, as well, where chrismatth gives us some highlights from the @CrazyKhazei twitter account. Additionally, commenter kloechner catches another Brown campaign staffer (his “online campaign strategist” Robert Willington) who was the one to register “crazykhazei.com.”

One assumes Scott Brown signed off on this, on some level. Right? Way to act like you’re in junior high, guy.

Update: the Globe and WaPo blogs have picked up on the story.

The Community Software Lab (CSL) fundraiser is tomorrow, a nonprofit dedicated to helping other nonprofits with technology, and training young people in the field of IT and software. It’s a great group and the party sounds really fun. It starts at 5:30 tomorrow (Saturday) at 119 Gallery.

It’s only $10 (ahead of time) or $15 at the door, and features a band (Zoloff and the Mood Elevators), food, and if you can’t make it you can also just donate. They are hoping to get needed matching funds for a grant from Google for their technology training program.

Great cause, and good people! Go get your tickets.

This has got to be one of the coolest ways to get your kid into engineering and science. Props.

Homemade Spacecraft from Luke Geissbuhler on Vimeo.

[Via a friend’s facebook link to Unreasonable Faith.]

Something I noticed out of the corner of my eye while researching my last post, but didn’t have time to delve into deeply, is the fact that Chris Doherty’s donation page does not appear to have an SSL (Secure Socket Layer) certificate indicator. The donor page asks for your full information, including all credit card info, and claims at the top that “This is a secure page” with a padlock image, but what is more important than easily made in-page claims, is the missing padlock you should be finding on the bottom bar of your browser when you hit that page.

The donation form itself is in an iframe - embedding code from another site, the URL of which is:
http://secure.sage-systems.com/cms/chrisdoherty/?l=donate

But just because “secure” is in the subdomain of the page being pulled, it does not mean security. That page URL also does not have the “https” prefix - https indicates a secure URL. The form script appears to resubmit to itself via relative URL (web talk for using the same prefix and domain).

Curious, I put my IT husband on the case, and he used what’s known as a “packet sniffer” - software that monitors the pieces of information, called packets, that are sent to and fro whenever you submit something and then receive something through the web (or rather, through a network then the web). An encrypted (SSL) packet is indecipherable via packet sniffer. However, the test data that we submitted through the form on that page was perfectly intact in the packet sniffer. That means a knowledgeable computer person (with malicious intent) can, particularly if you are on say, an unsecured network at a coffee shop or library, grab 100% of your credit card information, everything that person needs to use the card themselves online (including the CVV, address, name, and expiration date).

If I were Chris Doherty, I would be really pissed off at my web design firm. This is a terribly amateur mistake that could compromise the personal information of donors. And it needs to be fixed ASAP.

UPDATE: Looking at the code for the page now, the iframe now links to “https://secure.sage-systems.com/cms/chrisdoherty/?l=donate” which appears to be a secure site (the certificate doesn’t name ownership info, but it at least has SSL).

This means the parent page (the contribute page) itself does not have SSL, but the transaction should be secure. It’s not how I would set it up - in that people do look for that padlock on the bottom bar when they are on a page asking for credit information, and it will not appear there, but it should be secure. I don’t have a packet sniffer here with me so I can’t check it but my guess is it’s encrypted. So good on the web updater for getting to it quickly. Still, pretty rookie move…

How quickly our electoral paradigm has shifted! Yesterday, I became a fan on Eileen Donoghue’s state Senate campaign facebook page. I was fan #9 (and the eight already listed, I knew most of them personally, ha). Today, I hopped on and looked again, and already, there are 140 fans listed. I’m guessing it’ll quickly ramp up from there.

Five days ago, this Senate seat wasn’t even an “open seat.” Now, the battle has been engaged already, online!

Can’t say that as a web designer and developer, I’m unhappy about the new, virtual engagement process of our elections.

I found this blog post which dredged up a 1995 article, complaining how the internet was really overpromised, that is very amusing. It’s chock-full of yummy goodies to laugh at, but its opening alone is precious! Bold mine, to highlight stuff that yes, really did come true, you internet Scrooge!

But today, I’m uneasy about this most trendy and oversold community. Visionaries see a future of telecommuting workers, interactive libraries and multimedia classrooms. They speak of electronic town meetings and virtual communities. Commerce and business will shift from offices and malls to networks and modems. And the freedom of digital networks will make government more democratic.

Baloney. Do our computer pundits lack all common sense? The truth is no online database will replace your daily newspaper, no CD-ROM can take the place of a competent teacher and no computer network will change the way government works.

Too funny. The only one that, I think, you can hand to this 15-year-old rant, is that we haven’t replaced teachers, though classrooms are a very different place technologically than they were, in most schools.

Anyway, go read it, it’s very funny. Talk about having no vision!

Coming at you live, via the internets, a series of toobs where you can have a virtual discussion…I’m going back to my facebook feed (which was where I found this link).

We could all (well, those of us on the losing side anyway) use a little funny in our day.

Crooks and Liars provides.

Hat tip to Mr. Lynne sitting across the room over there.

This was too good not to link to. It’s gone viral today with no less than three people [in my acquaintance] linking to it by email or Facebook.

Yes, sometimes being a web designer is hell.

Update: And you have to see this crazy stuff! Awesome!

BMG posts about the city of Boston’s new online tool that “allows you to report and track maintenance requests, see political boundaries and police districts, and all kinds of other useful information.”

We’ve talked often about measurement of government services in order to determine effectiveness and efficiency. Could this be one model of how to do so? Particularly on the tracking of maintenance requests and other interactions of residents and city government.

Stomv in comments has some very pertinent ways this needs to work to be effective. It’s a good spec list. If I were building a website system that could do this, those are the sorts of specs that need to be worked out definitively.

There’s a lot of hype around this, but the threat is real. A virus has been propagating in order to do something - no one’s sure what - on April 1st. I keep my Windows machine pretty well patched and my virus software very updated, but the steps to ensuring you aren’t infected have to include more than that, so I’m running the suggested scan from McAfee. If you have trouble getting to the McAfee site John links to, that’s a sure sign you might be infected.

Also, be careful using Facebook and other application-running sites. Viruses are known to sometimes come through such sites.