colin lowenberg

A technology blog about Wi-Fi, indoor positioning and real-time location services, industrial safety and telemetry, security, and more.




Hungry Hungry Hacking: How to use XMPP with Path to chat with every brunch spot in the US

If only you could talk to a brunch place without waiting on hold.
For those days when you wake up hungry, we need an app to tell the wait time at NOPA. Even better, track wait times at all major brunch spots in San Francisco. Of course TalkTo and Yelp both offer a way to communicate with a business.

TalkTo had 1-8 minute response times.
This was far better than the 24-48 hour response times on Yelp. I found out chatting with friends that my friend Saikat had used TalkTo in the past, and I asked Saikat for the password to his an account. Saikat was previously on the front page of Hacker News for hacking Yelp to expose racism in the past.

I looked directly at the JavaScript driving the chat.
I discovered that all of the JavaScript used by TalkTo was left uncompressed and un-obfuscated. I found the service uses an XMPP server and a JavaScript based Jabber client to communicate. All I needed to do was connect to the server and I could chat directly with businesses across the US.

Now it was a competition.
I had let the cat out of the bag to get his account. Saikat started parsing data from the output of the JSON API, a different direction. He discovered the URL used to load conversations, and immediately tried to scrape TalkTo’s website to collect the responses from businesses. Unfortunately, I had dinner Sonoma giving Saikat a 4 hour head start. I came back and Saikat had already setup Selenium and Mechanize to scrape data very slowly. (Saikat: 1, Colin: 0)

Some of the best ideas area dismissed.
I wanted to know how the product worked, I wanted to integrate and communicate directly with the business. Saikat thought I was wasting my time, only pushing me to work harder. He was first to finish and that was all that was important. Saikat had dismissed my “path”, and that’s emboldening.

First, check the DNS/SRV records.
A quick way to determine the server and port is using the dig command. SRV is used by Jabber to help clients automatically identify a Jabber server. You can see talkto.com uses im.talkto.com on port 5222, the default port.

Second, send telnet commands to the Jabber server
using XML. You can even authenticate, but this is the hard way to do this. Once you have the SRV record, you can try to connect with any Jabber client.

Test with IM Observatory, a security testing tool Path’s Jabber server earned a grade of F.

Enable your Developer menu
It’s located in Safari’s Advanced preferences. Right click the page, and Inspect element.

Find the Jabber ID for NOPA. For example, try searching for “jid”:

Jabber ID’s have a full email format, turns out they use @place.talkto.com

Find your own Jabber ID by searching for your actual name, or just “name”:

Since the user is not a place, @talkto.com is the correct full Jabber domain:

Talkto uses a Javascript client for XMPP called Strophe.js that uses Bidirectional-streams Over Synchronous HTTP (BOSH) to connect to a server.

Find the password
I know strophe authenticates with our JID, but I need a password to login. Searching for the password, always start with the default passwd. You’ll find the XMPP.init and XMPP.connect and the passwd variable. Look at that, the password is the session ID stored in the cookie.

Open the cookie jar… mmm cookies
and copy the session id.

Find the BOSH server. A quick search and you have the server URL and port and a bosh_proxy:

Add an account to Adium or your favorite XMPP client. A command line XMPP would be ideal for scripting.

Enter the server, BOSH server, and Port.
Also, you’ll need to allow plaintext authentication over an unencrypted connection, because talkto really doesn’t want to make you jump through hoops like SSL/TLS.

Click connect!
Add a new contact for NOPA with the Jabber ID a3120f3d@place.talkto.com and start chatting!

If you have the Talkto chat window open at the same time you will only see the received messages:

Once you close the window and reopen the conversation you’ll see the transcript appear in full:

Results:
I can message businesses directly from a chat client rather than using the TalkTo client or mobile app. I can parse this data and create our own app using their servers and database of businesses. I can do this all with scripting to automate the connection, chat with NOPA and display the response in a mobile app or webpage. (Saikat: 1, Colin: 1)

Potential Vulnerabilities:
Talktoagent.talkto.com is what I believe is their Call Center Agent app where their agents and the businesses login and respond to messages. I could potentially access the API for their call center. The best way to do this would be to simply setup a business account with TalkTo, or ask TalkTo to talk to one of my friends acting as a business.

Punchline:
When hackers get hungry, Path gets press.

Disclaimer:
My posts are my own and not the views of my employer.

reblogged from : @colo

20 Market Leaders & Challengers in Indoor Location

Market Leaders & their focus:
1. Accenture – Integration Leader, deploying solutions with several of the companies on this list
2. Google Android Maps – Mapping Market Leader, Indoor Navigation Leader, No Analytics announced, WiFi positioning with database, API for WiFi, Bluetooth, and NFC
3. Apple - Mapping Market Leader, No Analytics, Positioning with WiFi database and Bluetooth LE iBeacons, API for Bluetooth but not WiFi
4. Cisco (+ Meridian Apps) - Wi-Fi Positioning Market Leader, 20+ sites with Indoor Nav Apps, Cisco Analytics launched recently, WiFi positioning via trilateration
5. Aruba + Meridian Apps – Navigation App Market Leader, Analytics included, WiFi positioning via Cisco or Aruba trilateration
6. Euclid Analytics - Wi-Fi Analytics Market Leader, Indoor Positioning / Zones, WiFi positioning via Aruba or Euclid Sensors
7. Abuzz - Navigation App Market Challenger, No Analytics, WiFi positioning
8. Acoustiguide - Navigation App Market Challenger, No Analytics, WiFi positioning with Aruba
9. Qualcomm iZat– Positioning Market Device Provider, No Analytics, Positioning via Cisco WiFi and Qualcomm Chipset
10. Nokia HERE Maps - Mapping Market Challenger, No Analytics, Positioning via Cisco WiFi or Nokia HAIP Bluetooth
11. Motorola + Nearbuy Systems – Wi-Fi Analytics Market Challenger, WiFi Positioning via Motorola, No Maps or Navigation, plans to integrate with Meridian
12. Aisle411 + WiLocate – Mapping Market Challenger, Positioning Market Challenger, No indoor positioning sites announced
13. PointInside – Mapping Market Challenger, No indoor positioning sites announced, WiFi positioning with Cisco
14. Skyhook – Mapping & Positioning Market Challenger, Limited 3D mapping, No true indoor positioning sites announced
15. Wifarer – Indoor Navigation Challenger, 1 indoor positioning site announced
16. Insiteo - Indoor Navigation Challenger, 1 indoor positioning site announced
17. Shopkick – Rewards/Marketing focused, Several sites with proximity/entrance, No true indoor positioning sites announced
18. Mobiquiity - Rewards/Marketing focused, Bluetooth, No true indoor positioning sites announced
19. Proximity Media - Rewards/Marketing focused, Bluetooth, No true indoor positioning sites announced
20. Estimote – Sensor Market challenger, Bluetooth, No tri-angulation, Proximity sensors, iBeacon integration

Apple iBeacons is Genius

The computer world article says this is uncharacteristic of Apple, but it’s not. Apple bought WiFi SLAM, and their indoor location strategy was made clear and similar to Google’s. They will open APIs so developers can build apps with Location services - the big thing people have been waiting for years. iBeacons is the same idea but using Bluetooth for proximity. My apple friends won’t comment if iBeacons came from WiFiSlam, but let’s assume they follow the same strategy.

Forbes saying why this is big.

Remember Apple cares much more about Apples own customers than big retailers. They are releasing iBeacons on the 4S and 5 and 5C and 5S and iPads. There is no NFC in the new iPhone (or any model) so they are setting the standard for location services with BLE (Bluetooth low energy). NFC requires a physical touch in many cases, which is even less user friendly than Bluetooth is today. Also they don’t have NFC in every device already, iBeacons will work on most Apple devices.

I still have reservations about Bluetooth for location. (most people don’t even use Bluetooth today while WiFi is ubiquitous and used at both home and work). BLE and iBeacons means Bluetooth can be used for “proximity” location services without draining battery. That assumes suddenly people will leave Bluetooth powered on in favor of added benefits. Good thing iOS 7 makes it easier to enable Bluetooth with a simple swipe-touch instead of 3-4 touches.

Companies like Square that are making money in mobile payments with card swipes, are probably going to move to add iBeacons to replace card swipes.

Google Ventures investor Don Dodge told me he is most interested in the startup Estimote. I encourage you to read up on them. Dodge was an investor in Wifi SLAM. Dodge is now invested into Bytelight, location services using lightbulbs and smartphone cameras. (Phillips is working on similar technology to Bytelight.)

Apple has a vision of iPads as registers and iPhones as wallets. It’s easy to see their vision when you walk into their stores.

Don’t forget that Google Wallet is pretty amazing, and it could compete with Apples iBeacons. I used it today to pay with NFC at Macy’s. My iPhone with iOS7 was jealous. It’s already everywhere, and Google already tested physical GoogleWallet credit cards linked to GW accounts. That was leaked in November but never announced at IO. The Google card would be “amazing” and kill any Bluetooth based solution. Imagine you only had to carry a single card that can act as any of your cards.

That said, Google and Apple aren’t the only players opening up APIs for mobile payments. Amex is doing well working with Foursquare, Chase has Quickpay, BoA has a card swipe app, but it’s the true open APIs from Stripe and Braintree and Discover that attract developers. I use Venmo on a daily basis, and they were acquired by Braintree. I hear they are trying to raise money now.

More on Estimote.

I’ve already preordered my estimotes and my bytelights.

Meridian Goes to Aruba: Why Wifi Networks are the Future of Location-Based Mobile

nfarina:

First thing’s first: I’m more than a little excited to announce that our plucky startup Meridian has a new home.

image

You may not have heard of Aruba Networks, but there’s a good chance you’re connected to one of their wireless access points right now. Their customers include the Facebook campus, Venetian resort and H&M retail, and they’re currently #2 in market share (after the behemoth Cisco).

So Meridian is a mobile software company, and Aruba is a wireless hardware manufacturer. How do we fit together?

image

Well for one thing, we have the same customers. Meridian helps enterprise locations like hospitals, stadiums, and retail stores create great mobile apps for their visitors. And Aruba helps these same locations provide their visitors with great Wifi connectivity.

But there’s more to it than that. We believe that intelligent wireless networks are the key to building awesome location-based mobile apps. Here’s why.

Read More

reblogged from : Nick Farina

reblogged from : @colo

Comcast opens Wi-Fi networks after Sandy

gizmodocom:

Comcast Unlocks Its Wi-Fi Hotspots to Hurricane Sandy Survivors

by Andrew Tarantola

Paywalls guarding the New York Times and the Wall Street Journal fell first. Now Comcast, one of the largest cable operators in the country, has announced that it will unlock thousands of Wi-Fi hotspots along the East Coast to help emergency responders and others affected by Hurricane Sandy.

Read More

reblogged from : Gizmodo.com Updates

“ Apple and Samsung appear to be almost the only companies that matter in mobile.

reblogged from : Fred Wilson Dot VC

reblogged from : NPR Fresh Air

“ The world now has nearly as many mobile phone subscriptions as inhabitants.

reblogged from : Dave Morin