My background includes years of network and computer security and today I received a message from some family members asking me to verify a website / offer / etc.

First, let me say this is EXACTLY what you should do if you're not sure about a message. Don't open websites linked in it, don't send passwords, etc. Phishers are basically trying to get your information / identity / etc by tricking you into providing it.

To get into the details a little, there was an ad on Craigslist for a beta test of Verizon's new 4G network, and better yet it included the iPhone! As is typical, it used official sounding language ("The FCC requires us to run this beta test..."), language explaining the details ("It's a different credit check site because of tax purposes!", what?!?), and so forth. I'd show you the site, but considering I don't want these weasels getting any more attention, let's talk about some common things that happen in Phishing situations:

• Message / site looks sort of official
• Make outrageous promises or claims (ie, "Your account is suspended!", "Act now, time is limited!", "We'll run a credit check and let you know if you get in!", etc)
• Require more information up front than makes sense ("Fill out this credit check and we'll let you know if you qualify")

There's obviously a lot more that can happen but let's go over how to recognize / avoid these messages:

• Check the email address - The email will look official on first glance but usually doesn't make sense when you think about it. A real company will have their own domain name (ie, google.com, verizon.com, apple.com, etc) but Phishers will use emails that don't look quite right. For example, john.verizon@gmail.com - The guy is trying to make it look official but has no real access to the domain so they fake it.
• Even if the email looks legitimate, don't trust it. It's easy to spoof these and can even reference real people / email addresses.
• The domain name - Again, anything legitimate will use a real domain name. You want to see the company / domain name as the last part before the .com / .net / etc. For example, www.apple.com is real. www.apple.hosting.com is not. If you're not sure, try going directly to the real site (apple.com, verizon.com, etc) and look for the details you're after. If you're not sure, ask.
• Hiding the domain name - sort of. With HTML you can have a link say one thing but go somewhere else. For example http://www.apple.com may look like it would link to apple.com, but is infact linking to www.apple.hosting.com. The best way to see this is to move your mouse over the link, but don't click it. The status bar (at the bottom of the browser window) will show you the real address.
• Credit checks / etc - First, always look for a secure site (https:// in the browser bar) - if it's not there, absolutely game over. If it is, you want to make sure that no popup messages came through (ie, "Can't verify site identity, etc") and that all the above is true.

Unfortunately these aren't the only thing you need to watch for (we've not discussed XSS attacks nor browser based hacks / attacks) but these are all pretty easy things to check for and verify.

I've got a bit of an electronics hobby and my favorite place to buy cool things is SparkFun.com. Now, they've given me yet another reason to love them:

They're giving away up to $100 in free stuff (you pay shipping) on Jan 7, 2010.

More details are available at http://www.sparkfun.com/commerce/news.php?id=305 but this works out to a $100 discount running for a few hours or up to a maximum dollar value. I'll certainly be trying to get some gadgetry but even if I miss out this just proves how awesome of a company they are.

I've been spending a fair amount of time thinking about NUI or Natural User Interfaces. I've been an iPhone owner for almost 2 1/2 years, just picked up a Magic Mouse (though what I really want is a trackpad attached to my keyboard), etc. I'm getting really close to the point of building my own multi-touch table (thanks to the awesome guides at http://www.nuigroup.com) and am still excited about doing so. That said - take a look at this this:

http://www.ted.com/talks/pranav_mistry_the_thrilling_potential_of_sixthsense_technology.html

Not sure how I feel overall about a projector constantly illuminating the world around me, but it's a ridiculously cool concept. Now I just need one of these to look at resistor color codes and tell me what it is...

I've spent way too many years in networking / network security for this to be *that* surprising, but it appears the TCP 3-way handshake isn't the only way to set up a connection.

Take a look @ This Article for some interesting detail and a lot of comments on the subject.

After spending too much time pulling my hair out trying to compile OpenCV 2.0 on Snow Leopard, I thought I'd share what finally worked for me (well, mostly.)

NOTE: I'm just learning about OpenCV as a whole so these instructions may not work for your needs.

1. Pull the latest OpenCV from svn (build 2275 was version used at the time):
   • svn co http://opencvlibrary.svn.sourceforge.net/svnroot/opencvlibrary/trunk opencv
   • cd opencv/opencv
2. Create & move to the build directory
   • mkdir build
   • cd build
3. Base configuration - run 'cmake ..'
4. Specific Configuration - run 'ccmake .'
5. Press 't' to toggle advanced mode on
6. Change CMAKE_CXX_COMPILER to '/usr/bin/g++-4.0'
7. Change CMAKE_C_COMPILER to '/usr/bin/gcc-4.0'

   Make sure to disable FFMPEG support (note, this may cause issues for some people, but this was the only way I could make this work.) You may also want to build the examples and look at some other options.

8. Press 'c' to run the configure, then 'g' to generate the configuration. You may receive a message about needing to redo the ccmake as the CMAKE*COMPILER lines were changed. This is ok, just make sure the FFMPEG support is disabled.
9. Run 'make -j8'

   Once finished, this should give you working binaries in the /bin folder. You may want to test these before installing. NOTE: I have not yet gotten a full 'make test' to return all results passed.

10. If desired, install the code with 'sudo make install'

Of course, once I got this working I haven't had much time to play with it. But the facedetection program and several of the other examples work as expected on my MBP. One other note, if by chance you use my EyePatch program, make sure the camera is actually enabled or things won't work.