As some of you may know, I'm writing a series of short stories to help young people learn how to code. One of the things I wanted to do was introduce the concept of using RESTful APIs. It's so powerful to show people that they can retrieve information from the Internet and then manipulate it in software. Originally, I had wanted to use Twitter and Flickr as examples - they're both fairly well known and have interesting content. The only problem is that both require authentication. I'm an…
Continue reading →
There is a new API in town! HTML5 will (soon) let you make the user's device vibrate. What fun! Obviously, it's useful for triggering alerts, improved immersivness during gameplay, and all sorts of other fun things like sending Morse Code messages via vibration. At the moment, Chrome (and other Android browsers) ask for permission before accessing features such as geo-location, camera, address book etc. This is a security measure to prevent your private information leaving your hands…
Continue reading →
I've only had my solar panels for a few weeks, but I'm already trying to hook them up to the Internet of Things. I'm using the Fronius DataManager card. The API is fairly well documented - but you should be aware that it offers no authentication! The API is Read-Only - but I would still recommend against opening up your firewall to allow unfettered access. Aim I want to draw a (static) graph of my day's energy generation - suitable for sharing on social media. I've released the PHP code…
Continue reading →
I was recently given 3 rather locked-down network cameras. Each camera was pre-programmed to communicate with a specific website, and only attach to a predefined wireless access point. Naturally, there was no supplied username or password. I thought about how I might get access. Using a man-in-the-middle attack to sniff the password, or trying to dump the firmware and examine that. Sadly, all the vulnerabilities previously reported no longer work. After a little bit of thought, I went for…
Continue reading →
As part of my quest to ensure I have a reasonable backup of all my social media data, I've been investigating ho easy it is to export photos from TwitPic. I've been using TwitPic since 2008 and have uploaded 1,200 images there. There's no official export function for TwitPic. The services which used to exist relied on their RSS feeds - which have since been killed off. This little Python script uses some undocumented APIs to grab all your images, save them in a directory, and make sure they …
Continue reading →
You can't. I mean, not officially. There's nothing in the API documentation, and all my attempts to contact Twitter on this matter have been ignored. If you're getting abuse on Twitter you have to use the official Twitter clients to report people. No matter that 3rd party clients may be better at protecting your privacy, offering you a sanitised view of the people tweeting you, or enable you to block offensive words or phrases. In Twitter's increasing war on the developers who helped build …
Continue reading →
Earlier this week, I wrote about the Future of AudioBoo. I'm sure the service is going to be just fine - but thought it would be an interesting exercise to liberate my data from there just in case. As I begin the move to decentralised services where possible, I think it's important that I take responsibility for my own data. The API docs for AudioBoo are very clear, so here's a quick guide on how to download all you Boos and (most of) their data. Get All Your Boos The AudioBoo API - unlike …
Continue reading →
Twitter makes a lot of money out of me. At least, I assume so. The code I helped write, and the sites I run, are used by millions of Tiwtter's users. I've sent a tonne of traffic their way, and what has Twitter given me? Not even a "thank you." Seriously, no one from Twitter has ever said "Thanks for all the customers. Thanks for helping develop our presence in certain markets. Thanks writing tools that keep our users playing on our service. Thanks!" Compare and contrast to App.net. The …
Continue reading →I've been thinking a lot about APIs and their design recently. I stumbled on this fantastic quote from Greg Parker: Greg Parker@gparkerA programming language is a user interface for developers. Language authors should learn from HCI principles.❤️ 41💬 6🔁 019:10 - Wed 22 February 2012 When I first started learning C++ (back in the bad old days) I was convinced that any 1st year student could design a better programming language. One which behaved in a sane fashion without a lot of legacy cruft…
Continue reading →
Summary Twitter's way of linking URLs is broken. It's annoying to users, and a pain in the arse to developers. This quick post talks about the problem and offers a solution. I've raised a bug with Twitter and I hope you'll star it as important to you. (more…) …
Continue reading →
Twitter has announced that it will soon open up a native photo sharing service. Rather than using an external service like Embed.ly to retrieve thumbnails, all the data is embedded within Twitter Entities. So, if you request a status using "include_entities=true", you will be able to grab the image and display the thumbnail using the following code. function twitter_get_media($status) { if($status->entities->media) { $url = $status->entities->media[0]->media_url_https; …
Continue reading →
Quick Summary Twitter's secure API hides the contents of the tweets you are reading. But it doesn't hide the images of those you converse with. Raised as Issue 2175. A Bit More Detail Twitter has a secure (HTTPS) and insecure (HTTP) API. When calling the secure API, all the content of the returned message (tweets) are encrypted. Eavesdroppers only see the cipher-text - essentially garbage. However, within that cipher-text are links to insecure resources. For example, a user requesting…
Continue reading →
