Easily Transform JSON with json2json

January 5, 2012 //

I have been working on an auto-complete web service that searches Amazon’s Product Advertising API. I built it in Node.js and using the APAC package made it really easy to query the API. The only thing that was extremely impractical was the JSON data returned by APAC.

Since Amazon’s API only returns data as XML, APAC uses xml2json to convert the XML to JSON. Unfortunately the resulting JSON is quite ugly. I wanted to be able to choose the data I needed and copy it to a new, clean JSON format. My solution was to create json2json.

json2json lets you create a template that describes how to transform the original JSON to a new structure. I wrote the Node.js package and example template in CoffeeScript because it has a much cleaner and simpler syntax than JavaScript. However, it is extremely simple to convert to JavaScript (click on “Try CoffeeScript”) and can easily be modified for use in a browser. Check out the (crude) documentation and example files and let me know what you think.

Categories Technology, Web

FBAPI.js: Facebook JavaScript SDK Simplified

December 17, 2011 //

I’ve been working on Rembly using several javascript libraries: Spine.js, Mustache.js, ICanHaz.js, and Facebook’s JavaScript SDK. These have made application development easier, but not always easy enough! I wrote previously about my enhancements to ICanHaz.js for loading Mustache templates. This time around, I wanted to use Facebook’s JavaScript SDK with less “overhead” and a simplified API.

I created FBAPI.js to handle the setup requirements that Facebook’s SDK requires, such as adding a “root” tag to the page before loading the SDK. Now FBAPI.js takes care of all the SDK requirements and lets you use the Graph API without worrying about the overhead. FBAPI.js adds helper methods for event binding and retrieving user data. However, the best part of FBAPI.js is that you don’t have to wait for the page or javascript dependencies to be loaded before you can start using it! All methods use promises and callbacks. This lets you run your scripts in any order you want!

Check out the Github repository and let me know what you think!

Tags Facebook, FBAPI.js, Javascript, Programming

Categories Technology, Web

Easily Overload JavaScript Functions with Optional Parameters

December 12, 2011 //

I just answered a Stack Overflow question from a couple years ago titled “Handling optional parameters in javascript“ and figured I’d write about my solution here.

I’ll start by saying that the easiest way to handle optional parameters in javascript is to use an “options” object that allows a function to be called with as many or as few parameters (arguments) as you wish.

function displayOverlay(options) {
  if (options.alert) { 
    alert(options.message); 
  }
}

However, if you need to use individual parameters, i’ve created a utility that acts as a proxy and lets you strongly type values. It looks like this:

function displayOverlay(/*message, timeout, callback*/) {
  return proxy(arguments, String, Number, Function,
    function(message, timeout, callback) {
      /* ... your code ... */
    });
};

I call my proxy arrangeArgs(). Here’s a clearer explanation of what’s going on:

function displayOverlay(/*message, timeout, callback*/) {
  //arrangeArgs is the proxy
  return arrangeArgs(
           //first pass in the original arguments
           arguments,
           //then pass in the type for each argument
           String,  Number,  Function,
           //lastly, pass in your function and the proxy will do the rest!
           function(message, timeout, callback) {

             //debug output of each argument to verify it's working
             console.log("message", message, "timeout", timeout, "callback", callback);

             /* ... your code ... */

           }
         );
};

I created the arrangeArgs() proxy to handle optional parameters for you. It works nicely. The code is in my Sysmo.js utility library on GitHub. Let me know what you think!

Tags Javascript, Programming, Sysmo.js

Categories Technology, Web

A Super-Charged Version of ICanHaz.js

December 5, 2011 //

I’ve been working on Rembly, which uses Spine.js as the core piece that ties all the functionality together. I decided to use Mustache.js for my HTML templates. And finally, I chose ICanHaz.js as a simple and lightweight way of managing my HTML templates.

Although ICanHaz.js is a great start, managing my HTML templates became unwieldy because I started having little templates everywhere. Each part of a page that is dynamically updated needs to be broken out into its own template. When you’ve broken a web page into small parts, it’s hard to keep track of what it looks like when put back together. It also becomes hard to create the correct CSS styles when you lose track of the HTML hierarchy.

This lead me to enhance ICanHaz.js with a ton of new features. The primary one being nested templates, which allowed me to keep my full HTML page template in tact, while designating specific HTML tags as “sub templates” or partials. You can also specify additional templates to load and replace script “include” tags with the loaded HTML.

Check out my fork on Github for more information about how to use my enhanced version if ICanHaz.js. Make sure to look at the javascript comments for details. And let me know what you think.

Tags HTML, Javascript, Programming, Rembly, Templates

Categories Technology, Web

Announcing the ThreatSim Beta

June 15, 2011 //

I’ve been working with Stratum Security for the past couple of months on ThreatSim (@ThreatSim), which we are happy to announce to the world today! ThreatSim is a web-based phishing attack simulator to help companies assess how vulnerable their network and internal assets may be to phishing attacks. Not only does ThreatSim track who is clicking on phishing emails, but we’re also making an exfiltration agent available, which simulates transmitting sensitive data from the local network out to the internet.

Check out the website at www.ThreatSim.com, follow us at @ThreatSim, and check out the conversation on Hacker News.

Categories Security, Technology, Web

Using WolframAlpha to Hack Text CAPTCHA

November 10, 2010 //

I’ve been playing around with the Text CAPTCHA demo page and wondered how well WolframAlpha is at logic questions. As it turns out, Wolfram is pretty smart! Although, since a CAPTCHA requires an exact answer, some of the results from WolframAlpha are logically correct, but are not exactly correct. If someone wanted to use WolframAlpha to crack the text CAPTCHA technology, they could build in filters and such to narrow down answers to what the CAPTCHA is likely looking for.

Out of 10 demo questions, 3 failed and 7 were correct (although, 4 had the correct answer but would fail a CAPTCHA if the exact answer was not parsed out). Here are the results:

Text CAPTCHA: What is seven hundred and forty four as a number?
WolframAlpha: NumberQ[744]
Result: ALMOST

Text CAPTCHA: The 7th letter in the word “central” is?
WolframAlpha: the word
Result: FAILED

Text CAPTCHA: Which word in this sentence is all IN capitals?
WolframAlpha: capitals IN
Result: ALMOST

Text CAPTCHA: Which word contains “z” from the list: zoologist, midwifery, spiderweb, crimps?
WolframAlpha: zoologist
Result: SUCCESS!

Text CAPTCHA: The 2nd colour in purple, yellow, arm, white and blue is?
WolframAlpha: yellow
Result: SUCCESS!

Text CAPTCHA: Of the numbers seventy six, 2, 50 or forty, which is the lowest?
WolframAlpha: or
Result: FAILED

Text CAPTCHA: What is the 7th digit in 9686561?
WolframAlpha: 1
Result: SUCCESS!

Text CAPTCHA: Which of these is a colour: monkey, bank or purple?
WolframAlpha: colour purple
Result: ALMOST

Text CAPTCHA: The day of the week in chips, house, bank, mouse, trousers or Friday is?
WolframAlpha: mouse
Result: FAILED

Text CAPTCHA: If a person is called Mary, what is their name?
WolframAlpha: called Mary
Result: ALMOST

Wolfram, you’re close… keep up the good work! Text CAPTCHA, the demo page was easy. Are the other questions harder?

Update: There’s a discussion going on over at Hacker News, if you want to check it out!

Update 2: WolframAlpha can generate a CAPTCHA image of each of these text questions, as to make it harder for a bot to decode AND answer the question! Check it out: http://www.wolframalpha.com/input/?i=CAPTCHA+What+is+seven+hundred+and+forty+four+as+a+number%3F

Update 3: There is more discussion going on over at Reddit for you guys looking for more insights….

Update 4: Looks like someone put together a script that knows the format of the Text CAPTCHA questions. It was posted on Hacker News.

Tags CAPTCHA, logic, validation, WolframAlpha

Categories Security

I Know Everything About You(r Garbage)

November 10, 2010 //

Working as a security consultant, I’ve come to be much more paranoid about my privacy over the years. One thing that I do is shred anything that has my name on it. I don’t need anyone rummaging through my garbage to write my biography or cash in on my identity!

I could go on, but why? Read about someone else’s trash….

Tags identity, paranoia, privacy, theft

Categories Security

Change the Way You Sleep, the Way You Work, and the Way You Type

November 9, 2010 //

I definitely need more discipline in my life, and part of that is getting out of my home office into some real, collaborative office space. Then I might start working on a routine that takes me more than a couple feet from my bed.

But check this out…. This guy talks about 3 different improvements he’s made to his daily routine…. I imagine attempting these might be a good exercise, but I don’t think I’m there yet. But I am impressed. And I should probably try it one of these days.

Tags discipline, human behavior, routine

Categories Studies

Google Introduces Instant Preview Search Results

November 9, 2010 //

I think I’m a fan of Google’s Instant Search. Rather than having to hit “enter” or click the “search” button, the search results automatically refresh as I type. It’s quirky sometimes, because I’ll see some search results that look accurate as I’v only typed in a couple letters, and if I’m typing too fast, it passes me by and it’s not always easy to back up to to those previous results. So, for the most part, I like it.

Google just introduced Instant Preview, which displays a screenshot of each search result, while highlighting the relevant part of the page that qualified it as a search result. Convenient for skimming, and could lead to some interesting hacks that websites implement to generate some catchy screenshots that may or may not look the same when you actually click the link.

Tags Google, search

Categories Technology, Web

Microsoft’s Kinect Already Hacked!

November 7, 2010 //

Is it silly that Microsoft spends so much time and money chasing the goal of preventing their hardware (and/or software) from being hacked? If you build it, someone will hack it. It’s pretty much a fact this day and age. I think it’s time to embrace it. As a matter of fact, wouldn’t this HELP push the product? More people will buy it because you can do much more with it than with the limited functionality that is shipped with the product!

Via Network World.

Tags future, hacking, Microsoft

Categories Business, Technology