Hungry Hungry Hacking: How to use XMPP with Path to chat with every brunch spot in the US

If only you could talk to a brunch place without waiting on hold.
For those days when you wake up hungry, we need an app to tell the wait time at NOPA. Even better, track wait times at all major brunch spots in San Francisco. Of course TalkTo and Yelp both offer a way to communicate with a business.

TalkTo had 1-8 minute response times.
This was far better than the 24-48 hour response times on Yelp. I found out chatting with friends that my friend Saikat had used TalkTo in the past, and I asked Saikat for the password to his an account. Saikat was previously on the front page of Hacker News for hacking Yelp to expose racism in the past.

I looked directly at the JavaScript driving the chat.
I discovered that all of the JavaScript used by TalkTo was left uncompressed and un-obfuscated. I found the service uses an XMPP server and a JavaScript based Jabber client to communicate. All I needed to do was connect to the server and I could chat directly with businesses across the US.

Now it was a competition.
I had let the cat out of the bag to get his account. Saikat started parsing data from the output of the JSON API, a different direction. He discovered the URL used to load conversations, and immediately tried to scrape TalkTo’s website to collect the responses from businesses. Unfortunately, I had dinner Sonoma giving Saikat a 4 hour head start. I came back and Saikat had already setup Selenium and Mechanize to scrape data very slowly. (Saikat: 1, Colin: 0)

Some of the best ideas area dismissed.
I wanted to know how the product worked, I wanted to integrate and communicate directly with the business. Saikat thought I was wasting my time, only pushing me to work harder. He was first to finish and that was all that was important. Saikat had dismissed my “path”, and that’s emboldening.

First, check the DNS/SRV records.
A quick way to determine the server and port is using the dig command. SRV is used by Jabber to help clients automatically identify a Jabber server. You can see uses on port 5222, the default port.

Second, send telnet commands to the Jabber server
using XML. You can even authenticate, but this is the hard way to do this. Once you have the SRV record, you can try to connect with any Jabber client.

Test with IM Observatory, a security testing tool Path’s Jabber server earned a grade of F.

Enable your Developer menu
It’s located in Safari’s Advanced preferences. Right click the page, and Inspect element.

Find the Jabber ID for NOPA. For example, try searching for “jid”:

Jabber ID’s have a full email format, turns out they use

Find your own Jabber ID by searching for your actual name, or just “name”:

Since the user is not a place, is the correct full Jabber domain:

Talkto uses a Javascript client for XMPP called Strophe.js that uses Bidirectional-streams Over Synchronous HTTP (BOSH) to connect to a server.

Find the password
I know strophe authenticates with our JID, but I need a password to login. Searching for the password, always start with the default passwd. You’ll find the XMPP.init and XMPP.connect and the passwd variable. Look at that, the password is the session ID stored in the cookie.

Open the cookie jar… mmm cookies
and copy the session id.

Find the BOSH server. A quick search and you have the server URL and port and a bosh_proxy:

Add an account to Adium or your favorite XMPP client. A command line XMPP would be ideal for scripting.

Enter the server, BOSH server, and Port.
Also, you’ll need to allow plaintext authentication over an unencrypted connection, because talkto really doesn’t want to make you jump through hoops like SSL/TLS.

Click connect!
Add a new contact for NOPA with the Jabber ID and start chatting!

If you have the Talkto chat window open at the same time you will only see the received messages:

Once you close the window and reopen the conversation you’ll see the transcript appear in full:

I can message businesses directly from a chat client rather than using the TalkTo client or mobile app. I can parse this data and create our own app using their servers and database of businesses. I can do this all with scripting to automate the connection, chat with NOPA and display the response in a mobile app or webpage. (Saikat: 1, Colin: 1)

Potential Vulnerabilities: is what I believe is their Call Center Agent app where their agents and the businesses login and respond to messages. I could potentially access the API for their call center. The best way to do this would be to simply setup a business account with TalkTo, or ask TalkTo to talk to one of my friends acting as a business.

When hackers get hungry, Path gets press.

My posts are my own and not the views of my employer.

Snoopy spys on Wi-Fi

I love the combination of drones with Wi-Fi.

(Source: colinster)

Grizzly Analytics has the BIGGEST report on Location & Geofencing

Grizzly Analytics analyzes and reports all the ongoing research on GeoFencing, including technology research overcoming the hurdles listed above, and including all the applications and services above and much more. Read about the research activity of all the major mobile companies – Google, Microsoft, Apple, Samsung, Nokia, Qualcomm, EBay, IBM & others – and also 3rd-party applications and individual researchers with related patents.

Euclid Analytics - U.S. Retail Benchmarks

With data on 20 million domestic shopping sessions during the month, Euclid finds that, while walk-by conversion slipped versus July, Back-to-School and some lingering seasonal clearance drove strong improvements in bounce rate, and visit duration. We believe that these metrics bode well for specialty retailers’ comp store and total store sales during the month.

euclid analytics retail

Apple iBeacons is Genius

The computer world article says this is uncharacteristic of Apple, but it’s not. Apple bought WiFi SLAM, and their indoor location strategy was made clear and similar to Google’s. They will open APIs so developers can build apps with Location services - the big thing people have been waiting for years. iBeacons is the same idea but using Bluetooth for proximity. My apple friends won’t comment if iBeacons came from WiFiSlam, but let’s assume they follow the same strategy.

Forbes saying why this is big.

Remember Apple cares much more about Apples own customers than big retailers. They are releasing iBeacons on the 4S and 5 and 5C and 5S and iPads. There is no NFC in the new iPhone (or any model) so they are setting the standard for location services with BLE (Bluetooth low energy). NFC requires a physical touch in many cases, which is even less user friendly than Bluetooth is today. Also they don’t have NFC in every device already, iBeacons will work on most Apple devices.

I still have reservations about Bluetooth for location. (most people don’t even use Bluetooth today while WiFi is ubiquitous and used at both home and work). BLE and iBeacons means Bluetooth can be used for “proximity” location services without draining battery. That assumes suddenly people will leave Bluetooth powered on in favor of added benefits. Good thing iOS 7 makes it easier to enable Bluetooth with a simple swipe-touch instead of 3-4 touches.

Companies like Square that are making money in mobile payments with card swipes, are probably going to move to add iBeacons to replace card swipes.

Google Ventures investor Don Dodge told me he is most interested in the startup Estimote. I encourage you to read up on them. Dodge was an investor in Wifi SLAM. Dodge is now invested into Bytelight, location services using lightbulbs and smartphone cameras. (Phillips is working on similar technology to Bytelight.)

Apple has a vision of iPads as registers and iPhones as wallets. It’s easy to see their vision when you walk into their stores.

Don’t forget that Google Wallet is pretty amazing, and it could compete with Apples iBeacons. I used it today to pay with NFC at Macy’s. My iPhone with iOS7 was jealous. It’s already everywhere, and Google already tested physical GoogleWallet credit cards linked to GW accounts. That was leaked in November but never announced at IO. The Google card would be “amazing” and kill any Bluetooth based solution. Imagine you only had to carry a single card that can act as any of your cards.

That said, Google and Apple aren’t the only players opening up APIs for mobile payments. Amex is doing well working with Foursquare, Chase has Quickpay, BoA has a card swipe app, but it’s the true open APIs from Stripe and Braintree and Discover that attract developers. I use Venmo on a daily basis, and they were acquired by Braintree. I hear they are trying to raise money now.

More on Estimote.

I’ve already preordered my estimotes and my bytelights.

Apple Feature to Turn MLB Stadiums Into Interactive Playgrounds

If you’re planning to see a ballgame next year, make sure to bring an iPhone. According to Mashable, the MLB has been working closely with Apple to integrate the iBeacon indoor mapping technology in iOS 7 to create an interactive experience at stadiums around the nation. This technology will likely go live in 2014. As of now the Mets are clearly in, but there’s no word on other teams that will use iBeacons in their stadiums.

Meridian Goes to Aruba: Why Wifi Networks are the Future of Location-Based Mobile


First thing’s first: I’m more than a little excited to announce that our plucky startup Meridian has a new home.


You may not have heard of Aruba Networks, but there’s a good chance you’re connected to one of their wireless access points right now. Their customers include the Facebook campus, Venetian resort and H&M retail, and they’re currently #2 in market share (after the behemoth Cisco).

So Meridian is a mobile software company, and Aruba is a wireless hardware manufacturer. How do we fit together?


Well for one thing, we have the same customers. Meridian helps enterprise locations like hospitals, stadiums, and retail stores create great mobile apps for their visitors. And Aruba helps these same locations provide their visitors with great Wifi connectivity.

But there’s more to it than that. We believe that intelligent wireless networks are the key to building awesome location-based mobile apps. Here’s why.

Read More

iPad mini 4G is cheaper Kindle Fire 4G!

Ok, all this talk about the iPad mini being too expensive, brings up a discussion about what would you buy? What if you wanted a small form factor computing device (aka mini tablet) with 4G that can serve as your in car entertainment, GPS navigation, movie screen, browser, and even a hotspot to connect your laptop? It has to connect with LTE or HSPA+ to get that high speed high quality HD video. So you are ready to spend more than $300 for this super device, but you want the best bang for your buck and you want it to fit in your back pocket. Sounds like you can afford the iPad mini, but is there something better? Let’s take a look.

Kindle Fire HD at 8.9” is $500 for 4G LTE with 32 GB, $514 without advertising:

iPad mini at 7.9” is $460 for 4G LTE with 16 GB, $560 if you really need 32 GB.

Google’s Nexus 7 at 7” is still killing it at $299 for HSPA+ only on AT&T

Next most important to someone like myself would be the visual aspects. The Kindle is great for reading books and watching 1080p video with it’s incredibly high resolution. The iPad mini has the lowest resolution, lowest color gamut, and highest reflectiveness. However, streaming HD video is usually 720p (closer to the iPad mini) not 1080p, so that extra resolution doesn’t really help much on a 7.9” inch screen

The Kindle Fire 4G is $40 more than iPad mini 4G but comes with 1” more screen, double the resolution, and double the memory. The Nexus 7 is 2” smaller than the Kindle Fore 4G, and $200 cheaper. So if you are going to pass up the iPad mini for a Kindle, you get a better viewing experience. If you pass up the iPad mini for the Nexus 7, save alot of money.

Of course app stores are keeping customers from moving between OS platforms. If you have iPad and iPhone apps, you are going to have to buy all those apps again on your new Android.

(Source: colinster)

Comcast opens Wi-Fi networks after Sandy


Comcast Unlocks Its Wi-Fi Hotspots to Hurricane Sandy Survivors

by Andrew Tarantola

Paywalls guarding the New York Times and the Wall Street Journal fell first. Now Comcast, one of the largest cable operators in the country, has announced that it will unlock thousands of Wi-Fi hotspots along the East Coast to help emergency responders and others affected by Hurricane Sandy.

Read More