Download the Honeypot

A while back, I wrote a small applescript that could be attached to a folder action inside Dropbox that would (upon a trigger, which in this case, was any file being added to a specific folder) record the users IP address (via a curl -sS http://whatismyip.com command, which no longer seems to work), and snap a picture with the iSight camera (using Axel Bauer’s isightCapture CLI (Command Line Interface)), and save the whole thing back into Dropbox so that you can see them on your other computers, or on the web.

But it had one major flaw. It took a bit of work to set it all up (needed the CLI to be installed into the Applications directory, needed to set up the folder action), which rendered it useless if (like most people) you only decided to look for a solution after the laptop was stolen. So I let the link die, and decided not to follow up on it anymore.

However I have been contacted about it a few times. And each time I’ve had to explain that if the laptop was already gone, there wasn’t much you could do. At least not with my script. Huge bummer for me. This morning, I was asked again,and I had an idea. What if I bundled the iSight CLI into an Applescript Application, changed the icon to an Excel document, and created a honeypot? Instead of needing the Folder action to work as the trigger¹, You could simply drop this bundle into the root of your dropbox after the laptop was stolen, and the thief’s own curiosity would do the rest.

So I rewrote it a bit to point to a bundled version of the iSight CLI, and also to dump everything into the Dropbox Public folder, which would give Dropbox a bit of time to upload it to the servers before the thief would be able to figure out what was going on. I think it’s pretty neat.

So here’s the new install procedure:

1. Download Passwords.zip
2. Unzip, and put the fake Excel file (called “Passwords”) somewhere super obvious in your Dropbox. Like the root. Basically, put it anywhere in your Dropbox folder except the public folder². This can (obviously) be done from any computer hooked up to the same Dropbox account, or you can even upload the file via the Dropbox Website.
3. You’re done.

This can be done after the thief already has your laptop. As long as Dropbox is still syncing, the passwords file will get to them, and their curiosity will take over. Once they get the file, here’s what will happen:

1. The thief tries to open the “Excel” document
2. The script logs the IP address by doing curl http://icanhazip.com
3. A folder is created inside the Dropbox Public directory with the name of the IP address
4. The script snaps a photo with the iSight CLI, and saves it inside the same IP directory, and names it with the current date
5. Dropbox then syncs that data to the DB servers, and also back to your computer

Hypothetically, it may look to the thief like Excel is simply crashing, which may even cause him/her to attempt to launch it again, increasing your chances of getting a useable picture.

DISCLAIMERS

It should be noted that using this script in no way guarantees that you will be able to find your stolen laptop, and I make no claims as such. Also, please note that there are a number of ways a semi-smart thief could foil this script:

1. If the laptop never connects to the internet, Dropbox cannot sync. So the Honeypot app won’t be downloaded, and the image and containing folder won’t be able to sync.
2. If the thief knows about Dropbox, they may be smart enough to go up to the web client and permanently delete the picture from Dropbox’s servers
3. There is a chance that the thief may never attempt to open the honeypot at all
4. There is also a chance that the thief will be able to catch and delete the image before Dropbox gets to upload it. I have tried to minimize this by placing it in the Public directory (And therefor, out of sight). But the chance is always there.
5. There is also no way to know how the image will come out. Theoretically, if the thief is trying to open your passwords file, they would be staring right at the screen, and therefor, the picture would be great. But there’s really no way to know for sure.

CODE

I’m making the (extremely) basic code for the Applescript portion of this app available as a Gist on GitHub. I do not have access to the iSightCapture CLI source, and will not be releasing it as a standalone product, just embedded into the app. If you want the actual iSightCapture CLI, you will have to download it from it’s project page.

Big day for me. Hops 1.0 is (finally) available.

This is something I have been working on for close to a year now. A far-too-large portion of that year was spent trying to get my company name set with apple, but I digress.

This is the very first iPhone app I have ever made. This is also the first time I’ve done anything with Objective C. So it’s a pretty exciting day for me.

A few answers to some questions I want to answer, both for you (the user), and myself:

Why did you make Hops?

When I got my iPhone, it happened to coincide with my really starting to dive into craft beer. I had dipped my toes in the waters before, but then I saw Beer Wars and it struck such a chord with me, that I decided to really start to explore the world of what I now arrogantly refer to as “real” beer. But I have a shitty memory. So I was having real trouble keeping track of what beers I had or hadn’t drank, and beyond that, what I thought of the beer I was drinking.

I took a look around the app store (which really is the first place I go if I’m trying to solve one of life’s problems) and there were some options there, but nothing I really felt good about throwing my money down for. I remember talking about this with some people (at Cambridge One over some beers), and someone said: “Why don’t you just make one?”. I laughed and brushed it off, but holy crap if the idea of just making one myself didn’t stick with me. I don’t really have a development background (I’m a film editor, by day), but I’ve done some light scripting in Ruby and Python. So I decided (in the shower) that I would make a go of it. I would build something, and for the first time, I would try to sell it.

Why should I use Hops?

I believe that there are a few reasons:

• For me, Hops has been a really great way to not only keep track of my beers, but it has really been instrumental in getting me to branch out and try newer, different, more exciting beers. The simple act of wanting to log new beers means that I will choose beers just to be able to add them to my catalogue.
• The sharing features make it really easy to tell the world when you enjoy (or hate) a beer. Simply tap the action icon in the toolbar, choose your service (Email, Twitter, Facebook, or Tumblr at the time of this writing), and away you go. If you aren’t logged into these services, you will be prompted for authentication. And you can always log out of your services (Or turn on and off specific services) inside the setting panel.
• Being able to quickly search my log for a beer, and instantly be able to look up when I drank it, and what I thought has saved me from repeating a mistake many times.
• Being able to sort your beers by different criteria can show you your drinking habits in really interesting ways. You may be surprised at how many beers you drink from a specific region, or be able to say “Wow I really need to try more of ’s beers”. Or maybe seeing a log full of IPAs is just what you need to maybe go try a nice porter.

Why does it cost $3.00? That’s so expensive!

Again, a number of reasons:

• Your device cost (at least) $200. I think $3 is a marginal price to pay for software that works well.
• This is not my full time job. I have other responsibilities on a day to day basis other that sitting around answering support email. So if I’m going to provide the level of support I hope to be able to provide for this (and all future) apps, I need to set the price based on what makes financial sense. At $3, I can afford to continue development, and continue to do my real job, and I don’t have to worry about getting a million people downloading the app for free, and burying me in support email.
• A free app simply isn’t financially viable. If you want to hear a much more experienced developer talk about this, listen to episode 5 of Build and Analyze, and listen to Marco Arment talk about his experiences with the paid and free versions of Instapaper.

tl;dr

Click here to see the app on the app store.

I just want to say thank you to the excellent community over at StackOverflow for the help I received during development. I’m spoiled that I have such a resource to help me learn something as complicated as this. If you’re ever thinking about getting into development, I can’t recommend that place enough. I also got a whole hell of a lot of inspiration from guys like Marco at Instapaper, Loren Brichter of Tweetie/Twitter for iOS fame, and of course the amazing work by the teams at Apple.

I have some really fun ideas in store for Hops. I had a blast building it, and I really hope you enjoy it.

After reading Rasmus Anderson’s great post about why OSX’s menubar should be dark, not bright, I immediatly went and installed Nocturne on all my machines. Haven’t looked back. Nocturne is in my login items, so it’s launched on startup, and I’ve got it set exactly the way I like it. I never use the other features of Nocturne though. So the one thing that has been bugging the hell out of me was the menubar icon that you couldn’t get rid of. And I can’t imagine that I’m the only one who feels this way. So I pulled the source, and just commented out the bit where it creates and sets the menubar icon. Bingo bango, I get the clean black dim menubar, with no unnecessary menubar icon.

If you end up using this, you will not have access to any of your settings while running the no-menubar version. You will have to run the “real” version (which means doing a killall Nocturne via terminal to quit the modified version) to gain access to the settings. I recommend renaming the original Nocturne to something and keeping it around just for this reason.

Download Nocturne Sans Menubar Here

if you’re looking to become the world’s next Ustream star, investing in one of these may not be such a bad idea.

Looks pretty neat, but being the next Ustream star would imply that there have been others.

Today’s agreement to consolidate ownership of Goose Island under Anheuser-Busch will provide us with the best resources available to continue along our path of growth and innovation.

Looks like I have 1 less brewery to support.

I love pinboard. Love, love, love. So I wrote a little Sinatra app that allows you to tag any bookmark with “want”, and have it displayed as a sorta-pretty wishlist with tags and filtering.

The service can be found (for now) hosted on a free Heroku instance at wishboard.heroku.com. The source is available on github.

Simply go to wishboard.heroku.com/<your-pinboard-username>, and you’ll be able to see your generated wishlist. For example, check out mine. Wishboard doesn’t display anything that isn’t public already, so there’s no auth involved. It’s just a public RSS feed and some ruby and CSS.

If you want to help fix my shitty CSS, my shitty Ruby, or my shitty HTML, please. By all means. Feel free to fork the hell out of it.

Quick disclaimer: I’m totally cribbing Brett Terpstra’s fantastic custom pinboard stylesheet (available here) for the styling as it exists right now. I don’t know CSS at all, so it’s been great to be able to dig through his and try to figure out what he’s doing and how. So thanks, Brett. Huge fan.

Merlin Mann -

You can’t “prioritize” a list of 20 tasks any more than you can “uniqueify” 20 objects by “uniqueness,” or “pregnantitze” 20 women by “pregnantness.” Each of those words means something.

Kind of an old article, but I have this article saved in my Yojimbo library just so I can refer back to it on a regular basis. And every single time I finish it, I feel like giving a standing ovation.

Benjamin Brooks -

I like to pay for things and here is why

Exactly how I feel on the matter. I purchased LaunchBar as well once QS became sufficiently annoying to use on a day to day basis. I have been a happily paying Dropbox Pro user for going on 2 years, because they are a service I simply can’t live without. I have licenses for Things, and 1Password on both the Mac and iOS sides of the equation, because they are the best tools for the job. Please, if at all possible, let me give you my money so you can keep making your awesome products.

Gamasutra -

Success came literally overnight. Trainyard was released on June 10 this year, selling modestly till Apple featured the game in its recommended list a the start of October.

Literally overnight.

On a related note, I LOVE Trainyard. If you have an iOS device and don’t own it, shame on you.

Gizmodo reports that Apple has made other things that were colored white have been prone to breaking. So OBVIOUSLY this means that a the new white iPhone would break as well. High class reporting from Brian Lam.