Top 25 Most Embarrassing Moments of 2014

SplashData just release what I would like to think is the top 25 most embarrassing moments of 2014.

1. 123456 (Unchanged from 2013)
2. password (Unchanged)
3. 12345 (Up 17)
4. 12345678 (Down 1)
5. qwerty (Down 1)
6. 234567890 (Unchanged)
7. 1234 (Up 9)
8. baseball (New)
9. dragon (New)
10. football (New)
11. 1234567 (Down 4)
12. monkey (Up 5)
13. letmein (Up 1)
14. abc123 (Down 9)
15. 111111 (Down 8)
16. mustang (New)
17. access (New)
18. shadow (Unchanged)
19. master (New)
20. michael (New)
21. superman (New)
22. 696969 (New)
23. 123123 (Down 12)
24. batman (New)
25. trustno1 (Down 1)

If you see your password on this list… CHANGE IT! While your at it, spend some time investigating if your site supports 2 Factor Authentication, which adds a second layer of security in the event your password is leaked.

Webmasters: Check out this cool password strength checker, which tells your vistors how quickly their password can be cracked. github:dropbox/zxcvbn

New Years Resolution: Secure Your Digital Life

Update: I will be putting together a HOW-TO for using the YubiKey to lockdown access to many popular websites. Stay Tuned!

New Years resolutions are tough and difficult, but here is one that you can keep: Secure Your Digital Life!. It seems like every day we read a news story about a corporation getting hacked, private details leaked, credit cards stolen. This New Years, resolve to lock down access to your online information, starting with your account access.

The password is dead, long live the password!

How hard do you think it is for someone to guess your password? Is it your mothers maiden name, or perhaps your drivers license? How long do you think it takes for a computer to try to brute force your password? Hint: Not long. The password is dead, long live the password! Well, almost. We need more than just a password, and most sites (Gmail, Facebook, etc) support 2 Factor Authentication. With 2Auth, a password is not enough, you also need to provide a time sensitive token, usually generated by your phone or key fob.

You may have seen this already, in fact, you may have Google Authenticator or Duo already installed on your phone, and thats great! Its definitely a step in the right direction… but did you know the secret keys stored on your phone are accessible to just about anyone? Yup. Those apps are storing the secret keys for deriving your login tokens right on your phone’s storage. They are there for anyone to see.

That’s where hardware comes in, which is harder to crack (but not impossible). Data can be stored in WRITE-ONLY areas, meaning that attackers will have a difficult time getting at the secret keys used to generate your login information. My favorite device so far is the YubiKey, which can do just about anything. From OTP to U2F (2 Factor Authentication), this little key does it all (including GPG keys). It even has native support for Gmail (and Google Apps).

YubiKey NEO

The Two Factor Auth List has a list of popular websites that support 2 Factor Authentication. Most sites that support a hardware or software implementation will be compatible with the YubiKey, including the popular LastPass Password Manager.

VPN Hell

Working remotely has allowed me to continue doing what I do best while recovering from back surgery. In these past few months of working a part-time job while living in Ohio, I have experienced VPN Hell, where the VPN randomly cuts out, or even worse, disables my computers internet connection completely.

Looking at you Juniper Networks. I stay up at night in fear that my computer might have gone to sleep while the VPN connection was still active, thus preventing my computer from accessing the internet (with or without VPN) when it wakes up. I have become all too familiar with the restart shortcut.

But working at home has its drawbacks, especially when I’m on the move and trying to get VPN on my Droid Maxx. I tried downloading the Juniper Pulse app, but I have encounter all kinds of errors. Pre KitKat: the app would “pretend” to connect to my VPN. The status would say “Connected”, and even give me a time indicator. But whenever I tried to access the internet on my phone, I would get a connection error, and Juniper Pulse would change to “Disconnected”. Stop getting my hopes up you stupid app!

I thought perhaps my now KitKat Droid Maxx might fare better. I entered my username and password correctly, and then proceeded to the 2-Step Authentication (which only occurs if the user/pass are correct, remember that! Its important). Once I successfully entered my 2-Factor Auth, the application said, “Invalid primary username or password”. Huh.. I know the username and password I gave you was right, since I got as far as the 2-Factor Auth!

But my friends, fear not, for I have found a way to get around this annoying problem. I’m not sure what is wrong with their app and authentication (for a VPN company, that does not give me much hope), but you can still use it. In order to get it to work, I accessed the VPN server url in my Android’s Chrome Browser. Using Chrome, I entered my username and password into the authentication box, and proceeded through the login process, completing the 2-Factor Auth successfully. Once that was done. I was take to a page that offered to launch Juniper Pulse from Chrome. I clicked on the Juniper Pulse option, and was asked which app should handle the request (Juniper Pulse duh!). The Juniper Pulse app opened at which point I had to select “I trust this application” to make VPN connections. Do I? I guess I have no choice, but hey, at least I have a VPN connection on my KitKat Droid Maxx, maybe now I can get some work done.

Remote control your (now) headless Android phone

Last night a terrible thing happened, I dropped my Razr Maxx and shattered the screen. In its defense, I have dropped it on many occasions, including (accidentaly) throwing it across a concrete garage (face down), and kicking it into a wall (from bed). Without even a scratch on the screen, it has withstood my abuse like a champ, but last night it just couldn’t handle the sharp jagged rocks that broke the screen.

Sometimes people get lucky, and even though the screen is shattered, its still usable, (albeit, touch sensitivity probably sucks after that). If that was my case… I wouldn’t have anything to write about. No… my screen no longer turned on. So now what?

Remote control it! It is an android after all (pun intended).
Heres what we need:

First thing I did was start up the Android Screencast java program. This little program detected my plugged in phone and immediately brought up my screen. Apparently  if you have a rooted device, you can also send clicks from the program. Unfortunately, my device was not rooted.

In order to send commands to your phone, you are gonna need to use the Android SDK. Once you have it installed, find the platform-tools folder, cd into it, and run:

 ./adb shell

That should bring you into a shell command to which you can send commands to your phone.

ADB Shell

ADB Shell

shell@cdma_spyder:/ $ input
usage: input ...
       input text <string>
       input keyevent <key code number or name>
       input tap <x> <y>
       input swipe <x1> <y1> <x2> <y2>

My first challenge was getting past my lock screen. I have a PIN number, which I was easily able to enter using the command:

input text 1234

Then, came the more challenging part: hitting the submit button. In order to submit my PIN, I had to guess/determine the X Y coordinates of the enter button, and send a tap via:

input tap 350 750

Remember that the Android coordinates screen starts at the top left. So, (0,0) is the top left, (MaxX, 0) is the top right, (0, MaxY) is the bottom left, and (MaxX, MaxY) is the bottom right.

In order to get the Notification Window, I had to swipe down:

input swipe 350 0 350 700

Another neat trick is sending KEYCODES via the

input keyevent

command. You can find a list of KEYCODES here. I particularly found

input keyevent 3

useful, which is the Home button.

Backing up my SMS messages

Backing up my SMS messages

Luckily, I was able to navigate through Android, launch my SMS Backup program, and backup everything I needed, eventually transfering them all to my computer.

MySQL Triggers and Django

Django is a great Web Framework to build websites in. It handles so many things for you that sometimes it can’t handle the most basic things. If you have ever tried to use Triggers in MySQL and Django, you know what I mean (or will soon find out). Now, you may not have many uses for Triggers, especially when Django handles the majority of the work for your automatically, but in some cases, it is neccessary to define your own triggers at the database level (like for a Database course in college).

Django provides you with this really nice “syncdb” command, but there isn’t an obvious way to to insert custom triggers. Searching around, I found that you can provide “custom” sql during the process, which would seem like a great place to insert triggers. Just add a “sql/” folder to your Django app, and create a file called <model_name>.sql. Or, if you want to be more specific, <model_name>.mysql.sql. At first I thought this would be a great place for the trigger, but it didn’t work. Django kept getting hungup on the ‘;’ in the Trigger.

When creating a Trigger using a GUI like MySQL Workbench or ProSequel, the application sends SQL commands separately,  as delimited by the ‘;’. The problem is that a ‘;’ may exist within a Trigger statement. For example, the following would not work:

CREATE TRIGGER validate_enrollment_hours
BEFORE INSERT ON service_serviceenrollment
DECLARE event_start datetime;
DECLARE event_end datetime;
SELECT start_time, end_time INTO event_start, event_end FROM events_event WHERE id = NEW.event_id;
IF NEW.start < event_start OR NEW.end > event_end THEN
SET MESSAGE_TEXT = 'Invalid Start/End Time', MYSQL_ERRNO = 1001;

I spent the better part of an hour trying to figure out why. Turns out the ‘;’s really confused SequelPro and MySQL Workbench. The solution was to change the delimiter and execute the following statement.

delimiter |
CREATE TRIGGER validate_enrollment_hours
BEFORE INSERT ON service_serviceenrollment
DECLARE event_start datetime;
DECLARE event_end datetime;
SELECT start_time, end_time INTO event_start, event_end FROM events_event WHERE id = NEW.event_id;
IF NEW.start < event_start OR NEW.end > event_end THEN
SET MESSAGE_TEXT = 'Invalid Start/End Time', MYSQL_ERRNO = 1001;

Great! Now I can actually get this Trigger in the database, but if I use the latter example in the <model_name>.mysql.sql file, it still doesn’t work! Finally, I stumbled upon ticket #3214 on the Django website. While I wasn’t too keen on doing any kind of patch, there was a interesting little snippet I read in there.

“As a workaround, multi-line SQL statements have to have someting other than whitespace between their semicolons and newline characters.” -Sam Morris

Eureka! Finally!

CREATE TRIGGER validate_enrollment_hours
BEFORE INSERT ON service_serviceenrollment
DECLARE event_start datetime; --
DECLARE event_end datetime; --
SELECT start_time, end_time INTO event_start, event_end FROM events_event WHERE id = NEW.event_id; --
IF NEW.start < event_start OR NEW.end > event_end THEN
SET MESSAGE_TEXT = 'Invalid Start/End Time', MYSQL_ERRNO = 1001; --
END IF; --

All is well now. The apocalypse has been diverted, and I can finally move on to the next million other things I need to do.

Energy Datapalooza 2012

So I thought I’d talk about my recent trip to Washington D.C. to attend the Energy Datapalooza conference. First thing I noticed in D.C. was this: the Metro system there is really nice. I mean really, really, nice. Cleveland’s RTA system could surely take a leaf out of D.C.’s book when it comes to the cleanliness of its stations.But I digress, the conference was very interesting. It started out like this: waking up at 6 in the morning and trying to not to look like a zombie. Getting to the conference was easy (see above: the Metro there is nice!).

Who is that dashing young man on the left? Oh! Thats me!

Ok ok, the conference. It started out with some really great talks, I especially enjoyed the one by the Found and CEO of WattzOn, Martha Amram. WattzOn has definitely got some good stuff going on, and a new app they just released that helps you choose new appliances that are both low-cost and energy efficient. There were quite a few good talks, and then Secretary of Energy, Dr. Steven Chu, gave a great speech on how there is such a large market of energy related applications that are just waiting to be developed.

Oh, and you see the back of that kid’s head on the right side of the video? Thats me too!

There was also an award ceremony for the Apps For Energy contestants, where we were invited onto the stage to shake Dr. Steven Chu’s hand and get our picture taken.

Ok, so after all the presentations, we went up to the 4th? floor and setup our table. I think we took the prize for the most screens on a single table, 2 phones, two tablets, and my laptop (my gorgeous Retina Macbook Pro). Various people walked around checking out the displays. I got to talk with a lot of people and demonstrate our application. Even Martha Amram (WattzOn) stopped by and gave me her business card (which I was excited about). We definitely got some great feedback, so now its a matter of incorporating those suggestions into our application and releasing an update. When your one of two programmers, that can definitely take some time, but I’m working on it!


Update 10/8/2012:

Another video surfaced about the Energy Datapalooza.

Java’s Quirky Modulus

When it comes to them modulus operator, Java can be kinda quirky. Consider the statement:

a % b

If “a” is negative, the result will be negative. On would expect that -1%12 would return 11, as it does in Python. You can get this desired behavior in Java by doing:

(a % b + b) % b

I definitly wasted 5 minutes  debugging this, but at least now I know.


Energy Datapalooza

It’s hard to believe that only a few months ago, my team and I won second prize in the Student Division of the Apps For Energy Contest. It still hasn’t quite sunken in yet… we won a national competition….that is just amazing. One of my teammates was talking about it to a friend during a car ride (late Chinese food run), and she was totally amazed. Me?… I was amazed at her amazement. Did my team really just place in this national competition? I still feel like the same person. The whole thing just seems so surreal, like it was all a dream.

As a winning team, we have been invited to Washington D.C. to attend the “Energy Datapalooza”, with a booth demonstrating our application. I just got this in the mail, which drives home the impressiveness of what my team has achieved. I’m really proud of my team, but we have a lot more to accomplish before we can rest.

Unleashing the power of data to advance our energy futureThe White House Office of Science and Technology Policy, Council on Environmental Quality, the U.S. Department of Energy, and the U.S. Environmental Protection Agency cordially invite you to join us for an “Energy Datapalooza,” highlighting innovators and entrepreneurs who are using freely available data from the government and other sources to build products, services, and apps that advance a secure and clean energy future.

Monday, October 1, 2012
8:30 am – 2:00 pm

Eisenhower Executive Office Building
South Court Auditorium
Washington, D.C.

Special Guests:

Steven Chu
U.S. Secretary of Energy

Todd Park
Assistant to the President
U.S. Chief Technology Officer

Bob Perciasepe
Deputy Administrator, EPA

Nancy Sutley
Chair, White House Council on Environmental Quality

Heather Zichal
Deputy Assistant to the President for Energy and Climate Change

Jellybean x86 Released

In a previous post, I talked about how to improve the Android emulator speed by using an Intel x86 System Image. The Jellybean Intel System Image is now available via the Android SDK Manager. Head on over and start downloading the Intel x86 Atom System Image for Android 4.1 (API 16).

VLDB2012 – Very Large Databases 2012

Just a few weeks ago, VLDB 2012 concluded, which is a conference devoted to research in the field of databases. My Masters Thesis advisor and his wife (who just happens to be the General Program Chair), pointed me to this conferences website, and some really great research articles that were discussed.

If you head over to: and scroll down to “Program At A Glance”, you can see a variety of papers on various topics, such as Crowdsourcing, MapReduce, NoSQL, and much more. As if I am not busy enough already, I will most certainly be looking through some of these articles.

To think that 10 years ago, a “VLDB” was considered to be 2GB. Nowadays, companies like Google are processing 20 petabytes of data every day.

Main Site:

Stylish Android QR Codes

I was working on my resume today, when I had this idea of embedding a QR Code for Budget It Yourself. I wanted to somehow distinguish that this QR Code was for an Android application, and not a website or iPhone app (but that’s coming someday I hope). After a little bit of experimenting, I found I could overlay colors and images over the QR Code without affecting its readability. I made a few different mockups, so now I have to decide which one I like best. They all seem to scan perfectly fine on my Razr Maxx and Droid X, but there is always that possibility that another phone may not understand them. I could definitely see using a technique like this to display QR Codes for multiple devices (Android, iOS, etc) on posters or spots where space is limited. There is no need to say “HEY! SCAN THIS ON ANDROID ONLY!”.


Budget It Yourself QR Codes

Codonics – Final Co-op Report – Spring 2012

During my co-op at Codonics, I have been heavily involved in implementing wireless and networking support for Safe Label System, a medical device used in Operating Rooms to help reduce the number of medical mistakes in syringe labeling.


            During my second co-op at Codonics, my responsibilities were focused on software development; creating new features that were required in order stabilize and market the Safe Label System. Sometimes I was given a very specific set of requested features, and asked to implement them exactly as specified. Other times, I was given room to prototype possible solutions to common requests, and design a solution that would meet customer needs in a safe and effective way. My role as a software engineer began to extend into product development, where I was designing new features without specific requirements, trying to find ways in which I could improve the existing system.

            Near the end of my second co-op I began to help setup the SLS System at various hospitals across the United States. I worked with Massachusetts General Hospital, Porter Medical Center, Northbay Medical Center, and St. Vincent Charity Medical Center to install the Codonics Safe Label System at their sites. In all cases, I was responsible for diagnosing any problems during the setup, including wireless connectivity, network setup, and email alerts. I had to think on my feet when issues arose during these installs, because I had no way of changing any code if a defect was found. I was responsible for ensuring the success of the technical part of the installation. In some case, I was flown to the site, or participated in conference calls with IT Administrators.


            My co-op at Codonics has helped to hone my skills in programming, as well as understand advanced concepts like multi-threaded applications and wireless networking protocols. By writing the networking code for the SLS in Java, I have gained a lot of knowledge of how wireless networks work, can be configured, and optimized.  I have spent many hours testing wireless devices, building drivers, and setting up various server configurations to test various types of wireless networks. By designing the networking code in Java, I became familiar with how the underlying Linux OS works with networking, and since then I have began thinking of how it could be improved. I even started my own open source project that communicates with the Linux kernel at a very low level in order to get information about existing network connections, and relay that information to Java through a Java Native Interface.

During the times that I was on site at various hospitals, I improved my communication skills by talking with nurses, doctors, and IT administrations about their needs and existing network infrastructure. This allowed me to improve my communication skills with non-engineers, who may not understand some of the technical lingo used by engineers. The ability to communicate effectively is not a skill that is easily learned in a classroom environment, so my experience at Codonics has been very valuable.


My co-op at Codonics has helped me to develop many skills related to Computer and Software Engineering. I have spent much of time developing new software features that have helped to fuel sales of a medical product that has the capability to save lives in hospitals across the world. There is a lot more to being a software developer than just writing code. It’s important to go out in the real world to meet your customers; getting to know the customer will help you define new features for your product that will continue to make it relevant in your industry.

Continual improvement of the Safe Label System will benefit not only the customer, but the nurses and patients as well. Establishing relationships with customers helps to gain their feedback about what features work well, and which ones need reconsidered. It’s a continual feedback process that develops and matures the product over many cycles. The software must be designed in a way that is atheistically pleasing, easy to use, and efficient. Sometimes decision revolving around the UI can take several weeks or even months, but it is important to choose the best option for customers.

My co-op has allowed me to apply many courses to real-world applications. My Advanced Game Design course gave me a deeper understanding of the Java language, which improved my ability to write code for the Safe Label System. I have become very proficient in Java, and I hope to continue that skill into creating mobile applications for Android. Additionally, my Operating Systems course helped to me to understand the complications that can arise in multi-threaded applications. This knowledge helped me to write performance enhancement and fix bugs relating to concurrency.

I am excited to be returning back to school to complete my Bachelors degree. My current plans are to continue one extra semester to obtain a Masters degree as well. My co-op at Codonics has helped give me an idea of what software engineering is like, and I will be excited to obtain a full-time position in software when I have completed my schoolwork. My co-op has shown to me that I am well adept in a field that I enjoy very much. I look forward to the completion of my studies at Case Western, and I am confident I will be ready to work as a software engineer upon graduation.

A Faster Android Emulator on Mac (Android 4.0.3 “Ice Cream Sandwich”)

If you have ever tried developing for Android on the Mac, you will know its painstaking slow. I run an iMac i7 (Hyper-threading) with 16GB of RAM, and I find myself grabbing a beer whenever I am using the Android emulator. Until now, I haven’t cared too much about the lack of speed (Hint: Beer). But recently I have been emulating a lot more devices, including tablets. I stumbled upon a Stack Overflow article which described possible ways of improving performance, and found out there is an Intel System Image for Android 4.0.3 (Ice Cream Sandwich).

Everything has been slow on my computer because I have to emulate an ARM processor, but thankfully there exists a version of 4.0.3 that is for Intel. This system image will allow you to run 4.0.3 natively on your Intel based Mac. Unfortunately, there is no Jelly Bean Intel System Image yet, but I can hope. In order to use this emulator, you can follow the steps below to install it:


Step 1

Open up the Android SDK Manager, and brows for “Intel Atom x86 System Image” under Android 4.0.3
Note: There is also one for Gingerbread under 2.3.3 if you want to run Gingerbread natively too.


Step 2

Download the “Intel Atom x86 System Image
Optional: Grab a beer, cause you won’t have an excuse the next time you launch the emulator


Step 3

Navigate to downloaded file:
<Android SDK Location>/extras/intel/Hardware_Acceleration_Execution_Manager/
and open the IntelHAXM.dmg file


Step 4

Running the .mpkg, and make your selection on how much RAM to use. You can always change your mind later by re-running the installer.


Step 5

Open the AVD Manager in Eclipse, and create a new Device. Select “Android 4.0.3 – API Level 15” as your Target, and choose “Intel Atom (x86)” as your CPU/ABI.
Under “Hardware” add the “GPU Emulation” property, and set it to “yes”. Make sure to have “Snapshots” unchecked. Its GPU Emulation or Snapshots, take your pick.
Fill out any remaining fields you wish.


Step 6

Launch the Emulator, and cry a little on the inside about how much less beer will you be drinking. Your wallet thanks you.

Budget It Yourself wins 2nd Place in Best Student App! [Update]


Location: Cleveland, OH

The Budget it Yourself app is a collaborative project from a team of students at Case Western Reserve University and the Cleveland Institute of Art. The app helps users track their energy usage and make energy-savings goals.

Well, it was just announced today that my team’s app won second place!

This is a great achievement for me, and will no doubt further me interesting in mobile development. As one of the requirements perks of winning, we have to keep the application free for one year, and I plan on making multiple updates and improvements along the way.

I want to give a great big thanks to Robert Karam and Patty Ni, my team members for helping make this possible. I look forward to working with them as we continue to develop Budget It Yourself. You can checkout the full announcement at


We are now on the front page of the Cleveland Institue of Art website! Direct Link:

Budget It Yourself – Apps For Energy Challenge sponsored by the U.S. Department of Energy

The U.S. Department of Energy recently launched a challenge to integrate Green Button data into new/existing software. “Green Button is an open standard for sharing electricity data that is available to millions of utility customers, so mash it up with other public data sources to help homeowners and businesses take action, understand their usage and make better-informed decisions.”

I learned about this in email from the Department Chair at Case Western Reserve University, and I was immediately interested in the idea. After getting a team of close friends together, we spent as much as time as possible (considering finals, exams, graduation, and a 40-hour job) on the project. Thus was born…


Budget It Yourself

View Our Submission

When you can budget, you can save. Simply upload your data then enter the PIN into the BIY Android application. Your device takes care of the rest. Budget It Yourself helps you keep track of your own energy usage by making sense of the Green Button data.

Privacy Policy