blogs

The Orange Suit, E01 something you have. AKA using the Two Factor Authentication module on a Drupal website

Trust, authentication. The key factors of the internet in this age where hacking, privacy and security are the biggest threat to freedom on the Internet. Trust starts with authentication. Authentication starts with identification. For some good background, the decade old keynote of Dick Hardt with regards to identity, it is still a classic.

The old adagium is that good authentication can be done by using three factors, something you know, something you have and something you are. For example, a pincode (know), a key (have) and a photo (are).

Two factor authentication combines two of these three for identification, often a password and a one-time-usable code delivered via the phone that you have. Two factor authentication is standard in the offline world, a driver's license (have) with a photo (are) or a bank card (have) with a PIN code (know). And it is about time that we use this Two Factor Authentication (TFA) as the basis for our web presence as well, to log in to your mail, your bank account and to your Drupal website.

This will prevent ugly security incidents or frontpage defacements. People reuse passwords, write them down never change the passwords, have listed passwords or share them and if you have a website where editers and administrators can publically can log in, you will have a security incident waiting to happen.

On drupal.org we use TFA for higher roles. The module being used as d.o is https://www.drupal.org/project/tfa and I do think it should be on every Drupal site.

I always wanted to start a screencast series on Drupal modules for site builders. So it was only logical that the TFA module was the first module I used for this vlog. You can see the screencast called "The Orange Suit" episode 1, "Something you have" and hear why you need this module, how to configure the module and what the module does.


Please leave a comment with your feedback on the youtube video, if you just liked it, thumbs up on youtube: and do follow "The Orange Suit" on facebook and twitter

Suggestions for the next episode are welcome as well via one of those channels.

Last Clock for iPhone / iPad


Today I found on lastclock a rather nice free app for the iPhone and iPad where one vertical camer line is user per second to make a hand on the clock.

Sounds complicated?

See this video:

Just like any analog clock, Last Clock has three hands: one for seconds, one for minutes and one for hours.
The hands, however, are made of a slice of live video that gets scanned to the clockface. With different refresh rate for each hand, the three time circles reflect the rhythms of the space at different temporal resolutions.

RoomAlive, project mapping and augmented reality using a kinect

I realy love this MSFT project:

The RoomAlive Toolkit enables developers to network one or more Kinect sensors to one or more projectors and, by so doing, to project interactive experiences across the surfaces of an entire room. The toolkit provides everything needed to do interactive projection mapping, which enables an entirely new level of engagement, in which interactive content can come to virtual life on the walls, the floor, and the furniture. Imagine turning a living room into a holodeck or a factory floor—the RoomAlive toolkit makes such scenarios possible.

Watch this video. Now if only MSFT (or someone else) would release this for the OSX...

see By bertboerland at 03/05/2015 - 20:06 | english | geeks/nerds | Happy | hardware | microsoft | tv | bertboerland's blog | login or register to post comments | digg digg | bookmark bookmark | cosmos cosmos

NS, fraude en het spinnen van de media inclusief politiek naar "vals spel"

Vals spel, hoe de NS haar fraude probeert te verbergen en de media hier op happen

Staff Awards Ceremony

BREAKING: we hebben afschuwelijke aanbestedingen in Nederland bij de overheid. Okay, dat was niet breaking. Onze aanbestedingen en de onmogelijkheden om het beste bod te verkrijgen zijn breed bekend. Wat wel breaking is. Dat een BV waar de overheid 100% aandeelhouder van is een Europese aanbesteding van een overheid wint, door … let op…. FRAUDE te plegen.

U heeft het vast wel gezien, een medewerker in de hogere regionen van Veolia (concurent die ook op aanbesteding aanbood) lekt informatie over een aanbesteding van bus/trein verkeer in Limburg (waar anders) naar een dochteronderneming van de Nederlandse Spoorwegen in ruil voor een goede baan bij deze dochteronderneming . Hierdoor wint de NS de aanbesteding als gevolg van zeer nare fraude. Precies wat we met de die rare aanbestedingen proberen tegen te gaan.

Marklin Schnellzuglokomtive

Tot zover al redelijk absurd, de overheid drukt een bedrijf uit de markt door fraude te plegen op een overheidsaanbesteding. Maar wil je weten wat het nog enger maakt?

De NS weet dat ze met de billen bloot moeten, dit is slecht nieuws en dat moet goed gebracht worden. Hoe dan wel? Ten eerste, je bekent. Daar is dan geen discussie meer over. Maar je bekent niet dat je fraude hebt gepleegd. Maar daar neem je een onschuldig woord voor. Iets met … mmmmh.. Iets kinderlijks. Iets eenvoudigs. Iets onschuldigs.

Fyra V250 4806 in revenue service @ Rotterdam Centraal
"Hebbes", zei de spindokter op de PR afdeling. "We noemen het 'geen eeerlijk spel gespeeld'". Geen eerlijk spel. Fraude. Niet warm, 0 kelvin. Geen halszaak, onthoofding. Treinen op tijd, geen wonder.

Een heerlijke spin. In elk interview. In elke stuk. Zeg je gewon dat er "geen eerlijk spel" is gespeeld en op zijn slechts "vals spel". Nooit het woord 'fraude' in de mond nemen. En dan wachten op dat de media je juist quoten.

En ja hoor.

Om maar een paar te nomen. Gelijk aan de communicatie afdeling van de NS, verwerpen de media het. Maar gebruiken wel woorden die "fraude" kleiner maken als "oneerlijk spel". Aanbesteding is geen spel, fraude geen oneerlijk spel.

Raar toch. Ale media die het over "vals spel" hebben na aanleidng van de berichtgeving van de NS over de fraude van de NS tegen de overheid. SWil je het nog vreemder hebben. Binnen enkele uren na de bekendmaking wordt de verantwoordelijke minister geinterviewd.

Dijselbloem staat voor de camera. En verwerpt de fraude van de NS met de woorden: ""Bij de aanbesteding is vals spel gespeeld, en dat kan natuurlijk niet", zegt Dijsselbloem."
En verder gaat de NOS verder met "De minister vindt dat de NS-directie adequaat heeft gereageerd. De acties die het bedrijf heeft ondernomen zijn volgens Dijsselbloem ingrijpend maar terecht."

Bananenrepubliek.

DrupalJam 2015, come for the Jam, stay for Drupal


Drupal. I didnt come to Drupal code 14 years ago, I came for the community and stayed for the functionality. That is part why I never liked the "Come for the code, stay for the community" slogan. Sure, it is a perfect cheesy slogan. If all you want attract are coders in the community, it is even a perfect slogan. For a perfect community, of perfect happy coders.

We have got to learn to address humans. Not just humans who can code. That is, if we want to be a true community for a product. A product that is well designed and does attract both the business and the user to participate in the product, the process and hence the community.

Leaderers. Entrepeneurs. Visionaries. Testesters. Document writers. Project Managers, marketeers. To name just a few. Of course developers can also have the skills to do these jobs, an often overlooked fact. But someone who is "just" a marketeer, will not come for the code. (S)He might come for the job at hand, money that might be involved, the functionality, but the best reason why an external non developer should come to the community to help out, is the community that is helping her/him out. Not clean lines of code, but helping hands of love.


This is I am active in the Drupal community, to help out to get others on board. With a rocking team ( Marja, Imre, Rolf and Peter and others) we are organising the DrupalJam event in the low lands. The DrupalJam started with 20+ persons and pizzas in a room and is now a big event with over 300 people attending, over 25 sessions and a budget in the tens of thousands.

DrupalJam -organised by the Dutch Drupal foundation- will be held in Utrecht, April 30 and it really represents the helping hands -not just the lines of code- of the community. With keynotes from Bruce Lawson ( HTML fame), Marco Derksen (digital strategist, entrepreneur) and featured speakers like Jefrey Maguire (moustache fame, D8), Anton VanHouke (leading design agency in the NL, introduced scrum in to strategy and design), Stephan Hay (designer, writer) and Ben van 't Ende (Community Manager for the TYPO3 Asssociation).

And like last year, Dries will do a virtually Q-and-A. If you want to ask him nearly anything, do so at this form.

The event will be held in an old industrial complex as can be seen in these shots

I am really looking forward to this event, it has a long tradition and always strengthened the community and brought in new blood. People who "Come for the business and stay for the community" Those who come of the need for design and stay for the love. Or love the functional and stay for organising the next DrupalJam.

PS: Now this head has rolled, it is time we decide what we do the body. If you have 5 minutes of your spare time, read this post and if you have one minute more, see this one from 2008 as well.

XML feed