PROFESSIONAL PATH

PROFESSIONAL PATH

A brief and visually helpful timeline style walk through of my work experience...

Read more
SKILLS, TALENTS, AND ABILITIES

SKILLS, TALENTS, AND ABILITIES

Showing determination in the face of fear makes us extraordinary. Wow, that's deep but hey, check out some of these awesome skills...

Read more
FISHY BUSINESS

FISHY BUSINESS

His roommates are pretty worthless but that doesn't stop him from saying, "Ooop. Ooop. Ooop." on the regular...

Read more
Homepage / Technology & Programming

Reading Time: 4 minutes Secret awesomeness… Jiffy is quite an amazing little fellow. In fact, I got him to do some awesome tricks the other day. I thought I had video recorded him balancing a food flake on his nose, swimming in sync with my hand, and some other great tricks. The worst part is that I forgot to click ‘record’ before we conducted such awesomeness. Either way, I was unable to produce video evidence of this encounter and because of that devastating event I’ve ensured that Jiffy will always have surveillance monitoring his fantastically impressive ways! Evidence! I need evidence! Who is he, exactly? Jiffy is a Skirt Tetra that I got from PetSmart for a couple of dollars. It was interesting because I first got Jiffy for an experiment to grow different plants and spices as part of my learning process regarding hydroponics and aquaponics. However, one day I noticed that Jiffy was acting different than the other days, he was anticipating me feeding him. Jiffy swam in a completely different pattern than the days prior, he was demonstrating memory. I did not believe that a fish could remember me and so I tested this theory out by sending different people in to visit with him and he openly responded differently depending on who was visiting with him; it was strange to me at first. Now, I’ve come to accept that Jiffy is a smart little guy, who has interests and desires; though not very advanced (generally dealing in the eating, floating, and pooping but you know). He’s my wet little friend and I’m happy to share his company with you! I hope you enjoy spending time with him, too! Straight From The Nerdery So how am I streaming this? Why can you only see it using http? Let’s dive right in! I heard, in an Arizona WordPress Group meeting, that some people were trying to stream live feeds of their animals on their website. This got me thinking about doing this for Jiffy The Fish. At first, I wanted to purchase a low cost camera on Amazon but then I thought twice because I’m broke AF. Finally, I got all fiercely modern MacGyver and realized I had a bunch of old Android phones laying around that I could hack together something with. So, I used a Samsung Android phone to create a live stream with use of its camera. From there, the feed is posted at an internal IP address (inside the home network). Next, I accessed the network router, established a port route/forward to my Android devices’ internal IP and poof, the outside world could connect! The next challenge was getting the feed from my internal (home) network to my server where my website is for little to no money. This part was actually pretty simple. It required being extremely resourceful because my home network is using a dynamic IP address. This limits my access to my feed because the ISP may change the IP and I have to reconfigure everything, which means I need managed DNS. A great tool for this was No-IP, an extremely helpful service for projects like this. No-IP has a stand alone application that you download to your PC and it pings your external IP address and upon any changes it updates the DNS of a given domain name, in my case “jiffy.ddns.net”. Having No-IP automatically checking and updating my DNS helps me to know that I can consistently rely upon my live fish feed to be accessible from the outside. Use of No-IP has allowed me to insert the following iframe tag into the HTML code of this page: Having this iframe tag inserted into the HTML let’s you see that it is clearly using “http”. This is because No-IP charges for “https” being attached as part of their DNS management package. So, this broke MacGruber is stuck with a managed DNS HTTP feed link at the present time. That’s super lame, too, because having an unsecured live feed element (HTTP) in a secured page (HTTPS) means it will not render on the page when your visitors try to view the page using your sites default HTTPS URLs. If you navigate to the HTTPS version of this page, you will notice that the iframe feed element does not load or play (because it is not secure). As you will notice, your browser may throw errors or display that the site is “not secure” while you are on this page (Figure 1). This is because of my no cost solution I’m using to stream the feed (as an HTTP element). Figure 1. Screenshot of URL bar of browser. It’s good that some browsers stop an unsecured element from populating on a page but it’s also really annoying when it does that, too. Either way, this was the cheap and dirty way I got a live feed of Jiffy to you. There are other ways I’m sure but this is the one I used. If you are curious to know more about how I hacked this Android to use it’s camera as a live streaming CCTV device, please feel free to contact me for more information! Status Update As of 8/24/2019, due to some unforeseen events, Jiffy The Fish’s live feed is unable to be broadcast on this page. Hopefully soon this feed will be active again soon.

Read more

Reading Time: 5 minutes   INTRODUCTION: Meet Baby PanPan and Sabrina! These two rascals are on quite the adventure together and I’d love to take a moment of your time to explain why these two are so important. Actually, I thought it through and realized these two really aren’t important at all. In fact, these are fictional characters created as part of a software program I am currently developing. PURPOSE: To create a software solution for the Panera Bread bakery team which: Provides task event notification, Connects with Panera Bread training guides/materials, Provides reference materials to assist bakers in their duties during the course of their shift, Allows bakers to enter notes which may be logged/sent to team members as needed (ex. sends an email message for managers to order more chocolate chips). PROJECTED FEATURES: Version 1.0 Allows tasks, schedules, and reminders to be entered. Provides alarm and/or notifications for timers and scheduled events (such as reminders to clean the deck oven, wash down shelves, or wash the focaccia rings). Is connected with Panera Bread bakery training materials to include: Bakery color charts Instructions (or ‘how to’) for each item. These are in printed off manuals current, however, they are difficult to access and use with ease and again, are simply not green and/or up to modern standards. Technical specifications for ovens and/or all equipment in the bakery Other necessary materials as needed Version 2.0 Voice recognition integration*. This would allow bakers to simply speak to Baby PanPan to: Set a timer (ex: ask Baby PanPan to set a 15 minute timer and send a notification to your phone when it goes off. This allows you to leave the ovens and work in an area away from the sound of the oven alarms, such as the bakers walk-in cooler or the freezer). Display a color chart of any item Connect Pandora accounts of different staff members in order to shuffle or play playlists. Sync Bluetooth wireless devices (such as speakers) Version 3.0 Allow task completion events to be directly entered/appended to the Panera Bread employee training file. This will provide very specific documentation for managers which may be referred back to at any point. Here is an example of how this feature would work: Frank, the baker, is working over-night at Panera Bread. Frank’s district supervisor needs the deck ovens cleaned at each store on a weekly basis. So, the district supervisor enters a weekly cleaning assignment, into Baby PanPan, which is titled “Clean the deck ovens”. Baby PanPan will popup with that assignment reminder and Frank will have to acknowledge this reminder. Additionally, Frank will have to mark the task as completed or not completed. Whatever Frank’s response, Baby PanPan will append Franks response directly into Frank’s Panera Bread employee training folder where the district supervisor may refer to these responses for employee evaluation and development purposes. furnish documentation for regular employee reviews. Allow task completion emails to be sent to supervisors email address for documentation purposes. Can send SMS notifications upon timer expiration (helpful in case you are in the freezer and cannot hear the oven alarm). Allow task completion emails to be sent to supervisors email address for documentation purposes. BRIEF: Baby PanPan (sometimes referred to as simply BPP) was created as a fictional character. The story goes that BPP is a small (baby) pan who fell off of a Panera Bread delivery truck while en-route to Baby PanPan’s home store. Now, Baby PanPan is on an adventure to find his home store. Sabrina is a scoring knife who Baby PanPan encounters (at the Raintree store) on his adventure. The Raintree store, located in Scottsdale, Arizona, and is the pilot store for this application. BPP an Sabrina are the playful graphical characters which provide the backdrop for the real important things this software is to provide. “When the cat is away, the mice will play.” There’s an old saying which goes something to the effect that when the cat is away, the mice will play and any manager can testify to the fact that this also happens to humans and is not exclusively applicable to mice. There are plenty of things for a manager and keeping daily logs of employee progress and task completion is almost too much to ask. Not to worry though; Baby PanPan allows the employee to carry out tasks the manager needs completed and it appends the completion status directly to the employees folder. Almost like a black box for an airline, when something goes wrong, Baby PanPan’s logs can be pulled to reconstruct the event in question. Having documentation provides substantive evidence for all parties involved while also providing helpful features to assist the baker throughout the night (such as playing the employees favorite Pandora playlist to help provide productive motivation). Additionally, any communication (i.e. messages, emails, etc) that is sent through Baby PanPan will log automatically into each applicable employees folder that is associated with the communication. It is believed that Baby PanPan is a much needed tool for the Panera Bread bakery operations department. WORK SO FAR: Currently, BPP is a Microsoft Access application on its way to be converted to a WordPress Plugin. The current Access version, opens to a main menu where you can generate a new pan-up or search for old pan-ups (Figure 1). Figure 1. Screenshot of BPP main menu The screens/forms for new/old pan-ups are the same (Figure 2), and they are limited in ability. Figure 2. Screenshot of BPP pan-up form Additionally, I have obtained the domain name www.BabyPanPan.com and am working on programming the website. THE TEAM: Team members Wanted! Right now I’m acting as the butcher, the baker (literally), and the candlestick maker on this project. I’m designing the characters, sketching, and programming, so, my progress is extremely limited. Completing this project in a timely manner would require the following team members: Graphical Designer Programmer Project Manager If you are interested in becoming a part of the Baby PanPan team, please feel free to contact me so we can work out the details. Please understand, this is not a paid endeavor; this is a pet project exclusively. Naturally, after the plug-in is published at WordPress.org, you will receive credit as being a part of the development team. EXIT STRATEGY: Clearly this application is exclusively useful to Panera Bread bakery employees, therefore, [...]

Read more

Reading Time: 4 minutes Figure 1. Video of working Uber GPS hack. DISCLAIMER: This white hat hack is for educational purposes only. PURPOSE: To demonstrate the need for immediate changes to Uber’s GPS tracking and validation programming. TYPE: White Hat WHAT IS NEEDED: Rooted Android phone with: Uber Driver app installed (hacked copy required for long term use) GPS spoofing app installed A cellular data plan Non-jailbroken iPhone with: Uber Driver app installed A cellular data plan BRIEF: This hack spoofs GPS through exploitation of Uber’s lack of proper root check handling and per device account reset feature. Currently, when an Uber Driver is logged in using an Android device, the Uber Driver app checks whether root privileges are granted. The root check is accomplished using the Google Maps app, which detects if the Android device is rooted (or whether the user has full admin control of the device). Before I was able to complete my hack of the Android Uber Driver app, I discovered that the Google Maps app is what relays to the Uber Driver app whether the device is rooted. It was at that point that the Uber Driver account becomes frozen (following a slow build up of occasional pop-up error messages from the Google Maps app). However, to undo this ‘freeze’, simply log on to your Uber Driver account using a non-jailbroken IOS device and your Uber Driver account is instantaneously reset for you to continue spoofing along. As a side note, to avoid the Google Maps pop-ups there are workarounds. Also, until you hack the Android Uber Driver app, you run the risk of a permanent lockout but this may take a matter of weeks. All methods exploit the same weakness which is founded in the same initial hole that the Uber app leaves open: an app playing location games that doesn’t actually know where you are (and lets too many people see things they shouldn’t be able to see). SYSTEMS EFFECTED: Uber app Uber self-driving vehicles (please contact me for more information about this) SAFETY CONCERN(S): Life, limb, and property; to include: Driver, Rider, and Uber self-driving vehicle(s). Through spoofing, one party may furnish a false location. Having the ability to employ false GPS opens the way for legal exposure for Uber as well as liability for any party who chooses to use the Uber service. Here are some examples of what one may do using this hack: An Uber Driver, may falsely change their GPS to a location where a surge is taking place thus adding the surge rate to the Driver’s account (see Figure 1). Additionally, upon the next fare request, the Uber Driver – while still not moving – may falsely arrive “on-scene”, pretend the Rider failed to board the vehicle, thus getting the “no-show” fee as well as the surge rate. An Uber Rider, may request an Uber self-driving vehicle. Once the self-driving vehicle arrives, the Rider may activate false GPS, and guide the self-driving vehicle to a chop shop and take possession of the self-driving vehicle while reporting back to Uber that the vehicle is traveling as it should be. An Uber Driver, may pick up a Rider, activate false GPS and take the Rider to a different location than what is on the waybill. The Uber Driver may feed false location(s) to the Uber app, letting the Uber app record the occupants are heading to the correct location. In these examples (above), we have theft of money, theft of a vehicle, and kidnapping. Obviously, there are other crimes which may be carried out using this hack. For example, utilizing Uber self-driving vehicles to coordinate a terrorist attack to transport any number of payloads. Just these few examples raise enough concern for this matter to be an issue of public concern for any and/or all parties utilizing the Uber service. PATCH: The following measures should be taken: Upon actual confirmation, through detection (like what is already in place), of a rooted device, Uber Driver app should freeze the given user account until such time as a complete Blue Team investigation may take place. Uber should not allow user accounts to become automatically unfrozen. Do not allow users to reset their own accounts (especially by simply switching device platforms). Modify relational policy regarding activity behavior patterns to include more conservative assumptions. Require Rider to also confirm each phase of the ride process (arrival, enroute, completed, as well as other safety features) thereby diversifying the one party control of the transaction. Driver-to-Rider relational comparison model implementation. Employ use of the Determinative Ambulatory Location Algorithm (DALA) in combination with several policy adjustments to current GPS validation techniques. Additional recommendations include: Followup, address, and amicably resolve ALL feedback received from Drivers through affiliate surveys and other forms of communication (this would have solved this issue when it was still a theory). Establishment of a real reward program to enable ANYONE to bring a bug/hack to Uber’s attention (like what Microsoft has). Regarding the technical aspects of DALA, samples of this algorithmic solution may be requested using my CONTACT ME page. CONCLUSION: This white hat hack was to demonstrate the need for immediate changes to Uber’s GPS tracking and validation programming. Uber has been placed on notice regarding their software having this (as well as many other) issue(s). Uber’s Bug Bounty Program precludes participation through their own language which leaves no real white hat outlet. This hack is completely avoidable and Uber should take measures to immediately repair this. Uber has not responded to my communications regarding my concerns about this issue.

Read more

Reading Time: 2 minutes Having worked in the IT field for over 10 years, I resonated with Moira Alexander, of Chief Information Officer (CIO.com), a subsidiary of International Data Group (IDG), in her article titled Project management guide: Tips, strategies, best practices , when she listed the following as reasons IT projects fail: Misalignment between project goals and business strategy Unrealistic project scope or scope that is not closely controlled Vague business goals or requirements The remaining items Alexander listed in her article may have relevance to others but for me, these jumped out at me. Misalignment has occurred with me when management is afraid to set boundaries with clients. In software development you wireframe out all aspects of development but when managers meet with clients and let too much input enter the development process it mucks up the waters. Often times, it is because clients do not understand what all goes into programming software yet want to reserve the right to randomly add in a feature that may take months or even years to produce. Features included in software must be very specific, realistic, and useful or you have a bad end product. When someone doesn’t understand what goes into software they begin listing off features they’ve seen in movies or heard about in a tech magazine. The truth is, when you imagine something “cool” (like unnecessary window slide-in transition in RMS software) in the middle of production you effectively cancel the working contract, as well as the previous production schedule, and must reenter into the negotiation stage so you may rework the entire contract to include the given “cool” add-on. Clients become endlessly offended and have the “Why can’t you just add in anti-gravity while you’re at it?” attitude when it’s simply not a possible feature you can include and satisfy the terms of the contract (budget, time, etc.). However, when you have a manager that fails to relay this information to the client you immediately have unrealistic project scope. Vague business goals (or requirements) has happened with me when the client was given too much opportunity to change their mind about features offered. When contracts are signed for software they stand as the diecast from which all production will come from. If at any point the model (or cast) is changed, the entire contract must be rewritten to establish a new diecast from which software may be generated. In short, I completely agree with the items listed in this article. I have personally experienced setbacks and they did specifically include these three (3) items listed.

Read more

Reading Time: 1 minute Background This project began because of a few factors. One of the big factors was that I have two small boys at the house. My wife mentioned to me that I should keep my office door locked so the boys don’t get in the office and get hurt on something in there. So, my goal was to come up with a techy way to lock the office and keep things consistant with my nerdy inventor theme. When I was about 10 I remember Star Trek The Next Generation (TNG) was one of my favorite shows and my fondness was actually kick started again by a fellow co-worker of mine. He would bring his Star Trek DVD’s to work and on some nights he would come to work dressed in his full Star Trek uniform! At first that seems really funny but he was very intelligent and I never minded having a conversation with him. As time went on I thought it would be a kick to skin my security touch-pad door system using the TNG look, style and feel. My research for artistic insight got me watching the show again and I had a lot of fun revisiting some childhood moments. I was able to capture the TNG skin for my door panel and so I know have a TNG door touch-pad locking the office!   Summary of Downloads & Extra Links   Helpful links Adge’s Star Trek LCARS Terminal Page LCARS DesktopX Theme LCARS X32 View the LCARS code on Github

Read more