a running journal

interestingly, it seems the best revenue generator for the traffic department is fines. it further seems that much like any receiver of revenue (SARS, or IRS, or IRAS) invests in technology to ensure they capture every Rand, Cent and Dollar; so does our traffic department. anybody who drives will have registered at PayFine (http://www.payfine.co.za), a useful service that notifies you via email when you've picked up new fines; log into the website and "tada" ... your car in a picture, possibly even with a mug shot :)))

why this topic arose, apart from PayFine being around for a few years now, is that now the banks have made it even more convenient to settle these fines... and while PayFine has credit card facilities, the banks added an extra obvious tab for this "new feature"))) how can one refuse to challenge the fine when there are so many easy ways to just pay up...

Struggled with this code for some time, was not clear why the server was returning a 500 internal error message...and as it turns out, I still (obviously) needed to TokenSign my oAuth POST prior to submission. The code that did the trick is:

   var session = new OAuthSession(consumerContext, requestUrl, userAuthorizeUrl, accessUrl);
   ConsumerRequest context = session.Request();
   context.Post().ForUrl("https://rightsignature.com/api/documents.xml").WithFormParameters(new {
          xml = strXML }).SignWithToken();

This beautiful piece of complex underlying handshaking worked like a dream, and successfully returned the GUID I'm now using to track the document through the internal workflow.

Weird, logged into RightReply to have a look at their service. Thought it might be simple and easy to run a feedback system off a cloud service; but to my surprise found the Admin tab revealing a whole bunch of foreign email addresses. None of these were familar, and mine was also in the list raising some concern :S Unsure what the data represents but it looks like a "for each" loop that published more data than it should.

2am, very annoyed.

Tobias is over for just a weekend to South Africa. We met up at 6pm to catch up on 5 years of time gone by, and then enjoyed the company of about 8 more common friends. He also noted that he is comfortably (and safely) settled is Munich, near by our good friend Mark: both of which families relocated back to Europe (good bye to SA tax revenue on all my German peers fleeing back to Europe). While I would have loved to detail the evening, party at QBar, and finale at Billy The Bums, what now stuck was the non-constructive waste of time harassment of two cops.

The were SAPD, pulled me aside at a traffic light for making my way home at 2am and wanted to 'inspect if the situation was in order'. Of course, I don't smoke, no drugs, no speeding nor reckless driving; but seemingly merely wanted money. Considering that any free cash earns near 10% in a home loan facility, I'd be silly to carry any cash at all if I can pay by cards instead; and so merely handed the nice corrupt South African officers my last remaining R30 (Eur3) and they made their merry way.

Annoyed because I asked them to write a fine (for whatever the offence) and let me settle within the legal framework; but that seems to be less common nowerdays. They couldn't produce a fine book.

Wow, amazing that Intdev won the SugarCRM projec of the month!! We developed an open source module to enhance the functionality of SugarCRM to send SMS messages, both single and bulk.

Check out our project at SugarForge at http://www.sugarforge.com/projects/intdevsms

busy renovating... place looks like a mess...unfortunately all this work has to be put on hold after the lil old Greek lady complained, and the Department of Heritage served me a stop order to immediately cease all work. The process is slightly cumbersome as the submission requires original building plans (from 1948), unit plans, locallity maps, pictures of inside and out, and a motivation on these renovations. Once approved by Mrs Bird and the Heritage Trust, I'll have authorisation to continue and clear the remaining change of use with City Council. Now, regardless of which country one might be from; the red tape of any City Council naturally causes sleepless nights...and I'll hopefully get this approval wound up within 3 weeks.

Was supposed to have a meeting today with a Russian technology company, and expected to meet them here in Moscow. This seemingly was our arrangement until I received email advice that the discussion will be Skype as the lead had returned to St Peterburg. Now while I'm very comfortable using various technologies and personally thrive on working in a distributed fashion, their instruction somehow seemed more of an excuss. Unsure why, the impression it left was a lack of effort, and in order to satisfy the request (to meet) we should use technology. I've personally never excused work because of technology alternatives, yet would think that this probably happens in some context more often that one notices. Of course, time zones are a completely different problem all together, and far more excusable)) -- Sent from my mobile device

Had to laught today upon receiving this response from one of the service providers.  I make a web service call to validate banking details, and get an odd data set back from the BankServ network.

 

The return string was:

00|00|99|99|9||01

The explanation of the meaning and/or interpretation of the response from the service provider was:

"I wish I can help but unfortunately the rest of the parameters passed back from the various banks are not documented anywhere. There is also no documentation from the various banks as to which bank passes which variables back."

stumbled across Gnip, makes a lot of sense for such a service to exist. the problem with twitter is a) that it is entirely public, and b) single threaded. This makes it ill suited to system events, notifications, or multi-source and multi-topic similarly threaded announcements. In trying to find a fit to my all singing-and-dancing broadcast quest of business events, Gnip looks like the perfect solution.

The GET/POST protocol is very simple, and interesting to see them use other extensions including PUT and DELETE. These didnt feature much to date other than in vulnerable WebDav and Front Page Extensions implementations; yet comfortably fills the gap in this HTTP protocol message exchange.

Managed to set up an Intdev feed at: https://api-v21.gnip.com/my/intdev/activity.xml (probably not accessible without credentials)



Interesting concept, will seek some methods of how to employ this feed, ideally into a ExtJs carousel, or even better a very large LED display board reading "25 new leads to process, lets go!!"))

Last little update for the week, feeling awefully exhausted from the jetlag amongst the management meeting, risk management implementation consultancy and the coordination of soon-to-start renovation work.

I've managed to get Intdev a lil Twitter feed, not that I'm entirely blown over by the concept, yet it certainly realises Norbert Wiener's concept of Cybernetics of contineous feedback loops. Much like James Harkin, however, concludes in his recent book Cyburbia, the emphasis should still be on the message, not only the network. Of course, the network requires us nodes to participate in giving it value by participating, yet the endless, pointless flashing of of random boring messages has no value; the nodes must add value! I'll try to give the Intdev feed some value)))

The Intdev feed is published at: http://twitter.com/intdevinternet

Weirdly, within the first day we got 10 followers. Why? I have no idea who these people are, but yeah, sure... follow our all important Intdev announcements even if you're not from South Africa!

A little dev yesterday proved a simple experiment of publishing tweets from VBScript using the Microsoft.XMLHTTP POST method, and suddenly every event looks tweet-able: import scripts, end-of-day processes, up/down monitoring alerts, staff absenteeism, operational events...everything...))) though I have to enact restraint to avoid publishing noise and decided against))

On numerous occasions do the bucket shop operators of MT4 complement the amazing capabilities of this trading station. I've got little opinion about the large number of platforms out there, yet I do value breadth in a products ability to accomodate the large variety of trading possibilities. A bespoke platform might be good at transacting Spread contracts, and another FX, there are few on the market that cover more than one asset class well. Take for example the "new" feature of market depth in MetaTrader, finally showing 5 levels with limited details of the order book



Take a look in comparison at the IT Software (www.itsoftware.it) EasyTrade Desktop Client order book showing 20 levels, colour coded liquidity provider, the number of bids at each level and volume pressure bar.



I'll accept that MT4 is a turnkey install to enable any market maker, licensed or unlicensed, to facilitate retail flow; yet one has to admit that it lacks maturity to a) scale, b) integrate and c) meet user expectations.

Most exciting, received this invite from Google Voice! Having had a quick look at their service offering at http://www.google.com/voice I was most tempted to try it out. The mail read: Unfortunately that last part is most concerning, either they dont know that I'm not in the US, or they're simply trying to bring me to their site at which point I get bounced!! A bit annoying, looking for ways to improvise my location and finish the sign-up. Maybe an SSH tunnel to our Amazon EC2 US-East zone virtual machines, and then impersonate the source IP with locality (zip code) information from myus.com?)))

Today we stumbled across something I've never seen before, the drop down of the suburb selection of a prominent property site has injected HTML code in the resultset. Searching for a suburb returned a listing from a web serivce (.asmx) and rendered the possible results. The injected HTML appeared as in this below image:



The site was obviously reported and when navigating to it directly proactive FireFox noted a big warning:



The amazing thing about this injection is that the database was not compromised. The data set searched by the SQL of the web services was clean, no injection, no hidden text or values. Then, the code of the web service had a simple SELECT statement that acted as a mere pass-thru in sourcing the data, and then internally creating a reduced subset of possible auto-suggest matches. There was no adjustment to this code, no visible trace of this injected HTML.

Completely unsure how this can result, I adjusted the web service CS code and forced a w3p.exe restart resulting in a recompile of the entire .NET site including the web service (.asmx) service...and.... amazingly, the problem was gone!!! freaky but strangely true, the injected HTML must of been "loaded" into the running state of the web service code. Unsure of how it even got there, this completely unexplainable situation raises a few questions...

Stefan made some short notice changes to his flight from Japan via Singapore, prompting me to surrender the return and wait-list for an exit on the 14th. The universe conspired and we managed to spend a few constructive days workshopping ideas together in Singapore.

We booked into the fabulous and welcoming Quincy Hotel on Mt Elizabeth Road, just off Orchard. I was super impressed! The special we signed into provided for super comfortable accomodation, breakfast, lunch & dinner, free internet, free minibar, pool, gym, and 2 free pieces of laundry per day!! Of course we much enjoyed our stay with such abundance, and I'll go back any day under their amazingly competative rates)) Find more at www.quincy.com.sg

15 years after the families first trip to Oz... -- Sent from my mobile device