Tuesday, June 30, 2009

"I hate Microsoft" is the new tech bandwagon

It always baffles me how supposedly good tech people can jump on whatever bandwagon happens to be popular at the time. Take, for example, the 'Let's Hate Microsoft' one that currently seems to be all the rage.

I've been involved with computers since I was 9 years old (I'm 34 now) and I've used Windows since its very earliest version. When I was a noob, I got viruses and was hit by just about every worm that went around. Then, I took the time to learn about good computing habits, proper security, and sensible practices.

On my Windows XP systems I don't run an AV at all, I run Internet Explorer 8, I use Outlook, and all the other supposedly 'deadly' things that make Windows so insecure and dangerous. I occasionally will download an AV and anti-malware programs 'just to be sure' always expecting to find stuff. You know what? I never do!

In the last five to eight years, I have *never* had a virus or worm hit my computer. I don't get spyware, I don't have popups all over the place, and I don't have those ungodly messes of toolbars that you see many Windows users having on IE. Why? Because I took the time to learn proper security, best practices, and don't do stupid stuff. I also keep my system patched.

The fact is that a properly patched, secured, and managed Windows system is just as secure and stable as Linux. So then, why does it seem so many Windows systems seem to fall under the crush of malware?


Look at the statistics. For most of the major viruses and worms that have been out in the last few years, Microsoft has often had a patch available for the vulnerability they exploited before the software was in the wild. Sometimes, they've had patches available for months or even years. Yet users who listen to the anti-Microsoft drivel of 'they're trying to sneak stuff on your computer' become so paranoid that they choose to either turn off auto-update or they 'selectively' choose 'safe' updates without a good understanding of what the others do. The upshot is that they, through their actions, leave their systems vulnerable.

Now, to be totally fair, I'm also a Linux user (desktop and server Ubuntu and a few Fedora systems) and they are pretty rock solid. But it's easy to say how secure you are when you're in the minority and nobody cares enough to really attack you by writing malware for your platform. Linux also tends to attract a more sophisticated and technically savvy user base than Windows so it's a bit dishonest to compare the two. If all Windows users suddenly migrated to Linux and brought their computing practices along with them, guess what? We'd see a LOT of problems with Linux systems too. So, no, comparing isn't totally honest. But, if we are, we can *easily* find examples of vulnerabilities that were exploited in *nix software and used to own systems.

The simple fact is that *no* operating system, Windows or otherwise, is secure until you choose to make it secure. It doesn't magically happen. USERS have to take the initiative to be proactive about their systems.

It's very popular to jump on the "Let's hate on Microsoft" bandwagon. Everyone seems to be doing it. I've run into a lot of people who told me "Oh I wouldn't use Windows if you paid me. It's crap" yet when I asked them what exactly their complaint was they would mumble something about 'security' but couldn't go into any details. Why do you think that is? It's because they didn't *know* any details! They just heard the rhetoric and thought spewing it forward made them seem knowledgeable and cool.

It doesn't. It makes them sound stupid and uninformed.

So consider this: next time you want to talk about how much you hate Windows, ask yourself this: why do *you* personally hate it? Have *you* had bad experiences with it or have you just read all the hype and made your decision based on that? Have you educated yourself about proper system care and management?

If not, look into it. I think you'll find Microsoft is doing a pretty bang up job with security these days. The chants of 'Linux is going to OWN Windows' are fading away.

I love Linux but I can't say I hate to see the zealots go.

Monday, June 29, 2009

Alright, so here is my contribution to the "Im a VB" campaign

I've always been a fan of Visual Basic. Since its earliest days, VB has been a trusted way to quickly and easily get things done if you're developing for the Windows (and now even Linux) platforms. To be sure, VB has gone through some major changes, but Microsoft has always kept to their word and kept the language easy to wrap your head around.

You can imagine my excitement when I saw on the Visual Basic Team Blog a new marketing and promotion effort by Microsoft called "I'm a VB". I'm a VB features interviews - both text and video - with ordinary developers who use VB in their daily work. As you might imagine, I was more than happy to contribute my story.

Here is my story, I'd love to encourage any VB developers out there to contribute your own story and let the world know that VB can do some heavy lifting. It's not just for toy applications anymore! You can also read other interviews here.

Friday, June 26, 2009

Details on the anonymous Twitter, Email and SMS client for mobiles #iranelection #gr88

As the battle over the Iranian election continues, activists outside of Iran are waging a battle of their own to make sure the flow of information to and from the country is not cut off. In what's become a cyber chess match, volunteers from around the world are going head to head with the Iranian government by deploying proxy servers and other technology to assist the protesters in staying connected to an unfiltered internet. So far, we've managed to stay one step ahead of the government and, while connection speeds have been severely throttled in Iran, the Internet is still, largely, available to anyone willing to install a bit of software.

But I believe this is just a band aide. There are many options available to the Iranian government which, for obvious reasons, we won't discuss here, that could stop the tech activist movement in its tracks and pull Iran into a virtual black hole.

So I've decided to take things a step further and move the fight from the PC onto the mobile phone. For the last few days, I've been working on a software program called TweetFree that will allow anonymous, secure, and nearly unblockable access to Twitter, anonymous email, and anonymous and secure SMS.

The software, currently being developed for Windows Mobile but eventually available to any J2ME device, will use a distributed system similar to the current PC proxy scenerio, to allow users to quickly and securely stay in communication with the outside world. I will be done with it tonight, send it out to several testers in the United States, and begin deploying it in Iran by Saturday morning.

But I hope this software goes well beyond the borders of Iran. Countries like North Korea and China all are well known censors of information and my goal is to help these users reach out to the world as well. Of particular interest to me is China which, as of 1, July, 2009, will require censoring and monitoring software to be installed on every single electronic device manufactured or used in China. Obviously, this will present a particular challenge to TweetFree as we're going to have to find a way to circumvent the monitoring tools installed on the phone but I'm confident that it can be done and I hope to have something ready by August.

I'd like to encourage all software engineers to get involved in developing projects like this. Our profession provides us with a unique set of skills that make us a real asset to people who need empowerment and a real threat to the government who supress them. It's time we put a little skin in the game and help our fellow man. Iran is showing it can be done. People tired of being oppressed combined with technology support can be a powerful thing.

Let Iran be a lesson to all of us; let us all realize that we
are our brothers keeper. We can support and encourage freedom. Right from the PC sitting on our desk.

Wednesday, June 24, 2009

How DARE we not be moved to action? #iranelection #gr88 #wakeupworld

It's often very easy for use to sit by and shake our heads at the tragady happening around the world. Places like Iran seem so far away, how could they really effect our lives? But the question could be raised "are we our brothers keeper?" and, if so, how can we sit by and watch the brutal massacre of a people who want nothing more than the simple things you and I enjoy?

I've been involved in working to support the Iranian fight for freedom since the beginning of the protests last weekend. I've watched and listened to countless stories both from new friends with loved ones in Iran and through the traditional media who just seem to have caught on to the horror playing out for these brave people. But, of all the stories I've heard and all the people I've spoken with, few have touched me like this interview between CNN and an Iranian woman who experienced first hand the brutality that the government is raining down on its own people.

Folks, if you think this doesn't effect you; if you think this doesn't matter to your life or your freedom or your world, think again. This is a fight that the Iranian people MUST win because they are fighting for nothing less than the soul of their country.

Over the last few days, with so much negative information coming out of Iran, I've been discouraged and started to wonder if we were all fighting a losing battle: the protesters, the activist, those who care. But, after watching this video, I am absolutely certain that we are doing the right thing and we must continue without wavering, without blinking, and without backing down.

This is the Iranian peoples time.
We must help them seize it.

Mahmoud Ahmadinejad, your time is at hand.

Supreme Leader Ayatollah Ali Khamenei, you are a DISGRACE to Islam and to your people. Your lust for power and the control of your people is shameful and Allah will have a special place in hell for you. May you rot there for the life of every single person you've allowed to die in this conflict, for every single drop of blood that was shed, and for every person who's freedom you've denied.

Allahu Akbar!

Monday, June 22, 2009

How to set up a Tor bridge to help users in Iran reach the Internet #iranelection #iran #gr88

I've gotten a lot of email asking me how to set up a Tor bridge. Instead of typing instructions out over and over, I'm going to post the instructions here. Please feel free to contact me with any questions or corrections you might have.


1 Go to www.torproject.org and download Tor.

2. Set it up like any other software (accept all the defaults)

3. Now, a program called Vidalia should start. If it doesn't go to all programs and under Vadalia Bundle, start Vidalia. This is the Tor configuration manager.

4. . Once Vidalia is open, if it says Tor is running. Click STOP TOR.


6. Click the third button from the left (SHARING) at the top of the screen

7. Select "Help Censored Users Reach the Internet"

8. Under BASIC SETTINGS tab give your proxy a name and (OPTIONALLY) provide contact email address. You do not have to provide an email address and, in your case, I'd advise you don't.

9. Under RELAY PORT select a port OTHER THAN 80, 8080, or 443. Those are all blocked in Iran. Any port under 65500 is good. I suggest staying under 10000.

10. Check (if it isn't already) "MIRROR RELAY DIRECTORY" and set the directory port to something (again, not 443, 80, or 8080 and NOT the same as the one you just chose).

11. You will now see, under the boxes you were just filling out and towards the bottom of the screen a box that says "Let others access your bridge by giving this line". This is the line you will give to friends and family. It needs to be COMPLETE including the long string of characters after the IP and port. They will put this into their browser or other programs proxy configuration to access your relay.

Ok, now, that's done. Tor is now setup. But there are a few more things you need to do.

1. Make sure that your Windows firewall (or whatever firewall you use) allows access to the ports you chose above. If you don't, nobody will be able to connect to you.

2. If you are behind a router, you'll also need to forward the two ports you chose above from the router to your machine. Since each router does it differently, I won't discuss that here but, if you need help, let me know.

After that, you're done! Give that line to people in Iran and they can connect through you completely anonymously. Then, send your bridge information to a few people:

1. Anthony Papillion papillion@gmail.com
2. Austin updates@austinheap.com
3. Fruity Pebbles bangxbangxbangx@gmail.com

Under NO CIRCUMSTANCES should you announce ANY information about your bridge publicly on Twitter or ANY OTHER social network. The government is monitoring those sites and block proxies as soon as they find them. It has to be via word of mouth.

Sunday, June 21, 2009

We need a secure mobile application for the #iranelection protesters.

Tensions are mounting in Iran. I have a very bad feeling that we're about to see a massive confrontation between the government and the protesters, the likes of which haven't been seen since Tienanmen Square. The government is getting more hard line against the protesters and it's getting more and more difficult for them to get information out of the country.

Many of us who support the protesters are software engineers. That means we can make a major difference in this conflict by using our skills to empower them and help them reach out to the world.

In that vain, I propose a new software project.

SMS and phone calls can be monitored. We need to develop an application for both regular phones and smart phones that will allow the protesters to securely message others even if 1) the SMS network is down and 2) the government continues to filter Internet traffic.

The application, which should be written in Java, should have the following features:

1. The ability to connect and route traffic over the secure Tor anonymous network.

2. The ability to auto discover new Tor routs should a particular route become unavailable.

3. Be fully encrypted so messages, even if intercepted, are useless.

4. Leave no identifying trace of messages or information on the handset.

Now, here's the challenge: this conflict is QUICKLY coming to a head. This application needs to be written RIGHT AWAY. A group of us should be able to write this in a few days and it should be in the hands of the protesters within hours after that using our secure connections to Iran.

If anyone is interested in working on this project, please contact me by clicking here or calling 918.926.0139 and we'll discuss it more.

Thank you for your help and willingness to help.

Friday, June 19, 2009

What does it mean: Iran is just the tip of the iceberg #iranelection #gr88

Today, I had a talk with the CBS Evening News. Yesterday, it was NPR and, at some point, both asked the same question: what does all of the online activism going on in the Iranian election situation mean? It's a good question and I wanted to take a moment from my recent technical posts to answer it fully, publicly.

What's going on in Iran is indicative of a global shift. People all over the world are standing up and telling their government 'ENOUGH!'. They're tiring of oppression, they know there's a better way, and they're gutsy enough to try what many people think is impossible: starting a revolution that leads to change. We still don't know what the outcome of the Iranian protests will be, but we do know that, succeed or fail, these brave people who have been willing to put their blood and lives on the line for their country, have forever changed the game for oppressive governments.

In Iran, it was the perfect storm. Young, tech savvy, people with mobile phones, computers, and a strong anger towards a corrupt and unfair government, coupled with technology that easily allowed them to get their message to the masses, brought together with activist - sometimes first time activist - who were willing to help.

But the online outpouring of support to Iran is just the beginning. When one of the most oppressive regimes in the world sees an uprising of ordinary people, other oppressive regimes take notice. It becomes much harder to sell the 'oh how the world is against us all' party line when it's obvious that the world is willing to help. Governments like North Korea, China, and others, should be scared. The time of easily manipulated and controlled information has given way to highways like Twitter and Facebook, and YouTube, and people around the world, some of whom never know how they could help, are willing to do the most extraordinary things for their oppressed brothers and sisters.

In short, what the online groundswell of support towards Iran means is that things are different. People are different. Governments are pushed aside and people, ordinary people of all races, cultures, and religions, embrace. Because, regardless of where we come from or what our beliefs are, the one thing we all can unite behind is freedom.

Thursday, June 18, 2009

Easy way to support Iranian protesters: run a TOR relay! #iranelection #iran #gr88

As the government continues their all out assault on freedom, providing those protesting the presidential elections in Iran with reliable, unfiltered, Internet access remains of vital importance. If protesters don't have access to the net, Iran falls into a virtual black hole where the only news that gets released to the world is tightly by the Iranian government and that could be disastrous.

In this post, we're going to discuss yet another way those outside of Iran can help the protesters reach the Internet: a Tor Relay Server. Tor Relays are traffic relay nodes that others on the Tor network can use to circumvent connection filtering by their government or ISP. Tor provides near complete anonymity and it's impossible to track where a connection on the Tor network is coming from.

First, you're going to need the actual Tor software. You can find that here. Download the version of the software for whatever operating system you're running and go through the default installation. This will set up all of the required Tor components you'll need to run your relay.

Next, we're going to setup relaying using a tool that comes with Tor called Vidalia. If the little green icon isn't already in your service tray, start it from your list of programs. It's under the Vidalia Bundle group.

Once Vidalia is running, click the SETUP RELAYING button on the control panel. Choose the radio button at the top of the screen that says 'Relay Traffic for the Tor Network'. This will setup your node as a relay node.

Next, select the 'Basic Settings' tab. Give your relay a nickname and, optionally, provide contact information. Set your relay port to whatever you choose (I suggest NOT using port 80), and set your directory port if you choose to use that.

Now, click on Bandwidth Settings. This is where you can limit the amount of bandwidth allocated to Tor users. It's self-explanatory so I'll leave those decisions up to you.

That brings us to the Exit Policies tab. Exit Policies are definitions of what kinds of services your node will allow access to. Uncheck any services you do not with to be a relay for and click OK.

You're done with setup! Not too painful, was it? Now, you'll need to make sure Tor users can access your node. There are two things you need to do:

1. If you're behind a firewall, make sure you unblock access to the ports you specified in Tor.

2. If you're behind a router, you'll need to port forward the ports you're running Tor on to the computer you're running the software on. Port forwarding is very individualized by manufacturer so I'm not going to discuss it here. See your owners manual for the router or call their support line to learn how to do it if you don't know how.

If all goes well, you are now running a Tor relay and should start seeing traffic pretty quickly.You can make sure it's running smoothly by going to the Vidalia control center and view the message log. You'll quickly see if things aren't going well.

The great thing about running a Tor relay is you're not just support Iran, but censored Internet users around the world. You're protecting privacy and supporting the freedom of expression. That is never a bad thing.

Wednesday, June 17, 2009

Iranian Protesters and Supporters: Be careful of proxies! #iranelection #iran #iran09 #gr88

As most of you who read this blog already know, the Anonymous Twitter Proxy (ATP) hosted on my website has been turned off as of 5:00pm ET today. While some have speculated that this was due to pressure from users suspecting that it might have been a trap laid by the Iranian government trying to ensnare citizens who are circumventing their filters, the real reason was much more simple: it served its purpose and was no longer useful after being blocked from access in Iran. The entire purpose of the software was to provide Iranian based users with access to Twitter; since it couldn't do that anymore, I took it down. I'm leaving the source code up though for anyone who wants to download it and run their own ATP to help Iranians keep in contact with Twitter. It's free, open source, and very easy to setup and use.

Over the last few hours though, I've been thinking a lot about safety. Not my own, but rather those of our brothers and sisters in Iran. To a large degree, they are operating technologically blind. They often don't have access to reliable Internet sources and information flowing in and out of the country can do so at a snails pace. This, of course, gives the Iranian government a temporary advantage over the protesters.

It occured to me earlier today that software like mine (and any other proxy servers, for that matter) could be easily used by the Iranian government to trap protesters. How easy would it be for the government to setup a web or ATP proxy and masquerade as a legitimate service while secretly monitoring, tracking, and arresting users of that proxy? Very easy, and that worries me.

So far, I've not seen any signs that the Iranian government has downloaded my ATP. I've been closely watching downloads and tracing IP's religiously. While I have had several government access of the site, none of them have downloaded the file. I'm actively blocking these IP addresses as they become known and protesters using the original ATP at http://bit.ly/tweetiran are still safe.

But my point to the entire Internet community involved in this protest: BE CAREFUL. Be very wary of passing on new proxy information into Iran until you've verified and re verified who owns them and where they're located. That means more than an email from someone, that means a phone call, IP traces, etc. Do your due diligence to protect the protesters on the ground in Iran because this really is a life and death situation for them.

For my part, I'm strongly considering pulling the source from the web. While I know this is VERY simple software that anyone could write, the fact remains that while it's out there openly, it saves the government the trouble. What I'm probably going to do is insist that anyone wanting the source code both email me AND call me to verify their identity. While this might seem excessively paranoid, I think now is the time, of all others, to be paranoid. I'll make my decision on that tonight and announce it tomorrow morning on this blog.

In the meantime, I want to reiterate to everyone out there: BE CAREFUL. Be suspect of ALL information until it's verified. We cannot afford to be wrong in this instance.

Not even once.

AnonymousInIran Anonymous Twitter posting script updated #iranelection #iran #gr88

As the situation in Iran continues to unfold, it's imperative that the world, especially the tech world, respond with their full support for the Iranian protesters. A few days ago, I wrote the Anonymous Twitter Poster as a response to government filtering of the Iranian Internet.

As the situation evolves, the security an anonymity of the protesters becomes vitally important. As such, I'm continuing to refine the script to take into account new security challenges and make sure people are safe.

Yesterday, some people expressed concern that the script stores IP addresses. We do this, of course, to be able to deal with abuse and ban people who would use the anonymous proxy to spam Twitter or post misinformation. However, an alert Twitter user pointed out that we could deal with this in a more secure way: IP hashes.

Now, no IP addresses are actually stored in the database or anywhere else. We only store an SHA1 hash of the IP address so, even if the database were compromised, it would be virtually useless in tracking protesters.

I admit that this is still not a 100% secure solution. The *only* secure solution would be not to store IP addresses at all. But, for right now, we're going with an SHA1 hash. We're also working on a new way to make sure the IP's are totally secure which I'll be updating the script tonight to reflect.

Anyone using Anonymous Twitter Poster is strongly encouraged to upgrade their copy from the source on the server by clicking here. You can verify that the file has not been tampered with by validating its CRC which should be 34f1926d. If you need a tool to validate the file's CRC, get it here.

Tuesday, June 16, 2009

Does @AnonymousInIran log IP addresses? #iranelection #iran #iran09

I've received a few emails asking if we're logging the IP address of those who use our TweetIran anonymous Twitter script (source here). While most people assume this is some conspiracy of the Iranian government, I can tell you as the administrator and writer of the script and service that it's not.

Here's the truth:

Yes, we do log every IP address that post to the service. This is logged to a private database and not shared with anyone (especially the Iranian government). We log IP addresses so that we can block users who decide to abuse the proxy or if we discover a government IP that is spreading misinformation. Nothing more. We do not share the IP addresses with anyone, ever.

Now, while the conspiracy theories fly, let me point out that what we're doing isn't even necessary in order for us to identify users. Web servers log every single connection anyway. Every proxy you use has the potential of logging your IP. Every one. Every web server you connect to that runs a service logs your IP. We log this to a db to protect people who want to honestly use the script. But your IP address is logged by the webserver anyway.

So, is this really anonymous? Yes. Our promise to our users is protection from the government. Us knowing your IP address does not put you in danger. THEM knowing your IP does. So, you are anonymous from your government. That is guaranteed.

I hope this clarifies the rumors circulating around the internet. If you follow the @cajuntechie tweet stream (mine) you will see that I am not an operative of the CIA or the Iranian government. I am just a guy in rural Oklahoma trying to make a difference and help a cause.

Hackers seize control of two Iranian government computers #iranelection #iran

UPDATE 7:43am ET:
According to the hacker, they have breached a 'sensitive' computer within the Iranian government and will share important information as they find it. Their attack on the governments computer network continues, undetected.

At about 6:15am ET I was contacted by someone claiming to work within the Iranian government and who was allegedly attempting, along with a small group, to breach a major Iranian computer network that's used to monitor and filter internet access inside Iran. The hacker obviously knew a lot about the technology in use by the government including software names, IP addresses, actual machine locations, and other important information that would aid any would-be sabateur in their quest.

I've exchanged a few Twitter messages with this person over the last hour and it appears they have now gained control of two Iranian government computers and have, as of this writing, not been detected by the government. The last message I got stated that the hacker was very close to breaching a part of the network that contained filtering equipment and computers and would be working to restore access to sites like Twitter/Yahoo Messenger.

While I cannot confirm the truth of this story beyond doubt, I have seen enough credible evidence provided by this person to believe what they are telling me is true. If it is, we might be very close to a turning point in the Iranian protest. This might be a major event.

I will update this blog and Twitter as soon as I know more. For now, pray that this is true and, if it is, pray for the hackers safety. Such boldness would be met with death for treason.

Run an anonymous Twitter poster for Iranian protesters #iran #iranelection

Earlier tonight, we wrote and setup a simple script that will allow people in Iran to post to Twitter without direct access to Twitter (which is being blocked in-country). This script is run on our servers and posts to the AnonymousInIran Twitter account in order to keep the tweeters anonymous and, thus, assure their security. The problem is, of course, that the Iranian government is monitoring Twitter and it's probably just a matter of time before they block access to our site.

So we need your help.

We'd like to invite everyone to get a copy of our script and run your own anonymous Twitter poster. It's easy to setup and we'll walk you through it. The entire process takes about 20 minutes and is another way you can help Iranian voices be heard.

If you're interested, email me and I'll get you the script right away.

Monday, June 15, 2009

Proxy server set up to help Iranian protestors under heavy attack #iranelection #iran9

As of 8:45pm ET on 6/16/09 the proxy server we set up to help Iranian protesters reach the Internet has been under heavy attack from what we believe to be pro-Iranian government sympathizers or, possibly, the Iranian government itself. The connections coming into the server all been from within a specific block of IP addresses originating in both China and Russia and have largely tried to load the same pages over and over.

For now, we've restricted the proxy to only those connections actually originating in Iran. It was set up to serve the people of Iran and we will maintain it to do so. We hope to withstand this current attack and keep the server up and running as long as we can. I encourage anyone with a few extra minutes and some extra bandwidth to spare to take time to setup their own server. For help, email me.

How Twitter users can help in the Iranian resistance. #iranelection #iran

There have been widespread reports that the Iranian government has been tracking and shutting down Twitter users in Iran who've been instrumental in getting information into and out of the country concerning the political unrest there. The government is monitoring Twitter closely and are actively engaged in sabotage. It is imperative that we assist in protecting the protesters in Iran by helping to confuse or at least slow down the governments efforts.

Here's my suggested course of action:

1. Change your Twitter profile. Select timezone +3:30 - Tehran and set your location as Iran.

2. Change your Bio to something that has to do with the current conflict.

3. Anything you retweet from an Iranian source DO NOT use the RT tag. Instead, tweet it as your own. This way, the government will have no way of knowing where the tweet came from. Yes, this could cause some minor problems, but protecting the protesters is of prime importance right now.

In addition, I've gotten a few emails reporting that the government has began attacking proxy servers that are being used to help protesters reach the net. We need to begin to compile a list of known government IP address and every single proxy server needs to block those addresses from connecting. Internet access MUST remain open to the protesters.

The government of Iran isn't going to give in easily, folks, but through perseverence and standing together we can push through change. Stand with our Iranian brothers and sisters and force the dictator out!

Sunday, June 14, 2009

How you can help the Iranian protesters

I've been following the IranElection Twitter Trending topic all day long and I've repeatedly seen tweets expressing a desire to help but not knowing what to do. As the country nears time for a major demonstration later this afternoon (4pm local Iranian time), I expect the government to clamp down hard on the internet. They won't shut it off, but they're going to try to censor and control what goes in and what comes out of Iran.

At this critical juncture, one of the main ways you can help, even if you're not a technical person, is to help make sure the Iranian protesters have access to the internet and the most effective way you can do that is to setup and run a proxy server.

Proxy servers act as 'go betweens' between a users computer and the end site they're trying to reach. They work because, when a government blocks a site, users can connect to proxy servers which fetch the site for them. That way, users have access to a site even if it's blocked.

In the video above, I show you how to setup a proxy server using the 3 user evaluation version of CC proxy. While 3 users might not sound like a lot, in a time when unfiltered access to the web is needed, it could be a lifesaver.

In order to setup your proxy server, you will need:

1. An evaluation copy of CCProxy
2. A working internet connection
3. About 10 minutes to set it all up

Watch the video above and it'll walk you through the steps you need to perform to get your server up and running.

Good luck to everyone in Iran and thank those of you who decide to help by setting up a proxy.

Clarification: A free little program for you to try

I'm an information geek. I love researching things, finding demographics data, looking at population and income information for a region, etc. Recently, I considered moving and found myself having to visit multiple sites to find such information and I thought, there has to be a better way. So, I created a little program called MyGeoCoder.

The program, which you can download for free here, allows you to type in a full address, or just a city and state, and immediately get a satellite view, map view, and population statistics on the area. It's not pretty (I am not a UI designer) but it works well and I thought I'd take the time to share it with all of you.

So check it out and send me feedback. I'd like to make it better over time and make it more useful to those who love information. What do you like? What do you not? What could be better? What works? What doesn't? That sort of thing.


This moment will be remembered forever

As the post election situation unfolds in Iran, it is becoming painfully obvious how deeply and strongly the Iranian people want freedom. Held hostage by their own government for years, the people are now finding their voice in what is perhaps the most critical and important crossroads in their long and proud history.

This day, it doesn't matter if we are Iranian, American, black, white, Christian, or Muslim. It only matters that we are all brothers and sister supporting our brothers and sisters fighting for their freedom. In the end, our individual differences and whether this resistance won or lost won't matter and won't be long remembered. Generations will pass and stories will be told of the heros made today. But, what will be remembered is that on this day, at this time, at this very moment, a nation found its voice and sought its freedom. May their voice never be silenced again.

Allah O Akbar, brothers and sisters.
May God be with you all.

Friday, June 5, 2009

OpenEMR and Windows: No longer second class citizens

OpenEMR is an open source electronic medical records and practice management solution designed to run on the LAMP (Linux, Apache, MySQL, and PHP) stack. While it's always been possible to run the software on Windows, it was so tied to Linux/MySQL that it was near impossible to get the same functionality on Windows as you had on Linux. The reasons for the tight integration with LAMP are many, but I also realize that a lot of users are still Windows only and some people don't want to learn a whole new skill set just to setup an EMR.

So, now, they won't have to.

My company, OpenEMR HQ has started a project to migrate OpenEMR fully onto the Microsoft platform. That means a stable, seamless run in a Windows, IIS, SQL Server, and PHP environment and no performance or security issues. We've been toying around with the idea for some time now but we started making a serious run at it in April. We're expecting to have the code fully migrated by late July.

This does not mean that OpenEMR will no longer run on LAMP. What it does mean is that users will have equal choices when installing the software. Windows will not be treated like a second tier platform, paid little attention to, and serviced only as an after thought. Now, both platforms will be on equal footing with OpenEMR.

I'll post more details as they become available but our expected release date for OpenEMR for Windows will be July 15th. The software will also come packaged with a standard Windows installer that will allow easy and quick configuration of all the necessary components without having to edit the configuration files.