Category Archives: Uncategorized

Why I’ve joined HidNSeek project as technical advisor

A few month ago, I’ve discovered a great project that just started on Kickstarter : HidNSeek, which was an innovative tracking device, based on Sigfox. If you read my blog, you probably now that I am a big supporter of Sigfox and I find their approach very smart. I met the HidNseek team during the last Connected Object conference, and we immediately had a good fit.


HidNSeek is a GPS tracker, and thanks to Sigfox, the energy consumption is very low and you can have several monthes of activity without charging. The other advantage is that you don’t need any GSM subscription, while having a good coverage .

The campaign was successful, and I’ve proposed to help them and support the development. I will take part of the mobile client development (iPhone/Android) as well as the backend, and use my previous experience both in mobile and big data to make this a great product.

The traction is incredible, and there is a lot of great on-going discussions with potential partners and customers, beyond the initial Kickstarter campaign in the #IOT field.

I am a strong believer in the potential of connected object not only in B2C markets but even more in B2B.

So let’s wait a little bit to see the first results of these efforts coming into the market…..

Node.js and Asynchronicity dictature

I’ve made recently some experiment with Node.js, the new kid on the block. Coming from the Ruby and Event Machine world, the evented approach is not new, but some aspect of JavaScript make the approach quite fun.

First examples are fine, and you enjoy it. But as soon as you try to do more complex things, you are facing the pyramid of hell: the callback nightmare.

So what’s wrong with it?

The selling point of Node.js is the evented approach. The problem is that too many event kill the evented approach. Everything want to be an event, and most of the code you are writing is then to achieve synchronicity .

Let’s take a first example, with a small “pyramid of doom”: open a file, write a line, and close it (I know that there is specific function to do it once, but the objective here is to show the issue with “all async”)

var fs = require('fs');'toto', 'a', 666, function( e, id ) {
  fs.write( id, "Test", function(){
    fs.close(id, function(){
      console.log('file closed');

The Node.js community is aware of the issue, and says tha promise will change all, and the promise of promise, is to make async things happenning sequentially.
Basically, instead of having a pyramid, you chain events.
So same exemple , using ‘Q’, a promise library:

var fs = require('fs');
var Q=require('q');

Q.nfcall(,'toto', 'a', 666)
	fs.write( data, "Test", null, 'utf8');

Ok, no more pyramid of doom, but not totally sure that’s is much better than before. A lot of code just to ensure sequentiality.

Async vs Sync

Let’s compare to the “classical” approach'toto','a',666);

(this won’t work on node.js currently!)

Or even better in a chainable approach:'toto','a',666).write("TEST").close();

The code is 10x time easier to read than the previous one.

Yes, but evented io is faster, it’s the future!

Evented io is great, no doubt. The point is: do we really need to raise this to the level of the developer? 95% of the tasks are sequential, even those who require IO. So instead of exposing this to the developer, the language/framework should be able to hide this to the developer, using the ability to do other things during these events.

This is the idea behind fibers, or more generally behind cooperative multitasking. This won’t make your program slower but will just hide some of the complexity for you. You still can have concurrency, joins, etc…

Event is good when :

  • You really have ‘unexpected event’ or this part of your application is push based, like somebody pressing a button on a UI, a web request, a Tweet coming in a stream, etc…

These are really event.

When event is not really needed :

  • When you want to read/write file, access to the database, etc… This does not means that you must be blocked, this just mean that in that case programmer wants to be sequential

Golang and others choose this path, and this make the code much simpler to read.

I predict than in a couple of year, all the node.js community will suddenly discover that “sequenciality is not so bad” and will introduce fiber or ways to make synch.

Facebook vs Twitter on Social TV, where are real numbers?

Our friends from Trendrr recently disclosed some interesting numbers about Facebook usage vs Twitter usage around the NBA playoff kickoff. According to them, there is 5x more Facebook usage than Twitter usage.
Interesting because nobody for now have these data to compare, so it’s hard to get a real view, and secondly because nobody that I know hardly publish things on Facebook about TV (while many of them use Twitter for this) so may be I am not in the right category.
However, Trendrr published some stat on the NBA:

(click to see full size image)

If you take a look at the number, you see:

Total on air activity: 3.190.816
Facebook on air activity: 2.377.251

So total is probably facebook+other networks, like Twitter (so 813 565 tweets or maybe less, that’s where come the 5x more than Twitter)

But take a look at the other numbers:

FB on air posts + comments +shares=924.266. So, what are the others? Like? Yes, majority of FB usage seems to be like even if there is a decent amount of comments, but more in the range of Twitter

The last interesting data, is FB on air uniques: 210.760 . Waow, this is not bad in SocialTV metric, but typically in the Twitter range. I would be curious to know how many unique users have tweeted on this same event, but I guess it’s probably more than 210.760 unique users.

Typically, there is around 2 to 3 tweet in average per event, so it should be around 300.000 unique twitter users….

Even, these are much bigger numbers thanthe 95% twitter vs 5% facebook that are usually used in the industry, but below the 1 vs 5 for Facebook.
Facebook can easily bypass these kind of issue by providing better metrics to companies like us ( TrendsMotion) without compromising security and privacy of conversation! Let’s start to work together…

Twitter Site Stream using EventMachine

I’ve spend some time to try to use Twitter Site Streaming API with event machine, so here is just a small snipet of code on how to do it. In fact it’s pretty simple

Just go to your app page on twitter ( ) and go to your application. Get the access token here. You will find also a button “get my access token” where you can get the oauth access token and access token secret.

With these, you will be able to sign the request

require 'rubygems'
require 'eventmachine'
require 'em-http'
require 'json'
require 'oauth'
require 'oauth/client/em_http'

# Edit in your details.
CONSUMER_KEY = "<put your consumer secret key here>"
CONSUMER_SECRET = "<put your consumer key here>"
ACCESS_TOKEN = "<put your access token here>"
ACCESS_TOKEN_SECRET = "<put your access token secrethere>"

def twitter_oauth_consumer
  @twitter_oauth_consumer ||=, CONSUMER_SECRET, :site => "")

def twitter_oauth_access_token
  @twitter_oauth_access_token ||=, ACCESS_TOKEN, ACCESS_TOKEN_SECRET)
end do
		  # now, let's subscribe to twitter site stream
		  # check informaiton on twitter site
		  # here we are followig to user that have signed to our app...
		 http =''
		 	:head => {"Content-Type" => "application/x-www-form-urlencoded"},
		 	:timeout => -1) do |client|
    		twitter_oauth_consumer.sign!(client, twitter_oauth_access_token)

	  	buffer = "" do |chunk|
    		buffer += chunk
   			while line = buffer.slice!(/.+\r?\n/)
   				puts "handling a new event:"+line
   		http.errback { puts "oops" }
   		http.disconnect { puts "oops, dropped connection?" }


For this, I use the eventmachine plugins for ruby, as well as the oauth and em-http plugins.

Please note that you must you https with twitter in order for this to work.

Twitter Hacked!

This is a translation of an article published in French, on the website

twitter fail whale Hack de Twitter   La suite...

I’ve been contacted yesterday by the guy who have hacked Twitter. His pseudo his Hacker Croll (here is the initial reference to Hacker Croll, but in French) and explained to me that he was able to access to the various email boxes of the twitter employee including Evan Williams ones and his wife. This allowed him to have access to all a number of astonishing informations.

He had access to the Paypal, Amazon, Apple , AT&T, MobileMe and Gmail accounts of Evan Williams, Sara Morishige Williams, Margaret Utgoff and Kevin Thau (twitter employees)

Here are the snapshots that the hacker sent to me:

Evan Williams1 Hack de Twitter   La suite...

He was able to access to the Registar information of the Twitter domain name, and he could have been able to redirect twitter domain name to any other IP address (or simply steal the domain name)

Capture 1201 Hack de Twitter   La suite...

Capture 115 Hack de Twitter   La suite...

But the most incredible, was the quantity of internal information that he was able to get on Twitter:

  • the complete list of employees
  • their food preferences
  • their credit card numbers
  • some confidential contracts with Nokia, Samsung, Dell, AOL, Microsoft and others
  • direct emails with web and showbizz personalities
  • phone numbers
  • meeting reports (very informatives)
  • internal document templates
  • time sheet
  • applicant resumes
  • salary grid (time for me to

But amongst all these information, you can see some funny things like:

  • the “possible” launch of a TV reality show where contestant will go across USA et will win contests thanks to their followers, with a 100 000$ price at the end (but for a nonprofit organization)
  • Some growing predictions that target 25 millions of users end of 2009, 100 millions ends of 2010, 350 millions ends of 2010…with revenue  that I will not disclose here…
  • A list of new star account like Wyclief Jean, DuranDuran, Cartoon Network, Cisco, UCLA, Guillaume Pepy (CEO of one of the biggest french company, the SNCF), Nirvana, Toshiba, 50 Cents,…. etc…

Capture 1101 Hack de Twitter   La suite...

  • The plan of their new offices with a list of whishes from the employee who would like a sleeping room, a playing room, plants, a chief cuisto, a meditation room, bicycle room, adjustable desks, sport room,washer/dryer, wifi, lockers, wine cellar, an aquarium and others…They seems to have imagination….

Capture 93 Hack de Twitter   La suite...

  • We learn also their idea about Twitter monetization…Of course, we’ve got certified accounts, but also advertising with the ability to put AdSense widget,  or sponsored tweets. Twitter whish also to be the first service to reach the billion of  users (which is highly probable). They defined themself more as a “nervous system” than an alert system.
  • We also learn that french president will soon use Twitter (@NicolasSarkozy ) and that Nicolas Princen which will do this.
  • And we’ve got also some “test” of t-shirt and cap designs

Capture 10621 Hack de Twitter   La suite...

Capture 1032 Hack de Twitter   La suite...

So Twitter has been visited by this hacker. Since then, everything is back to normal thanks to security recommendations:

Capture 1121 Hack de Twitter   La suite...

passwords have been changed. The information given by Hacker Croll is from beginning of may, but are still very instructive. In his mail, Hacker Croll explains the things to learn from this misadventure:

What I would like to say is that even the biggest and the strongest do silly things without realizing it and I hope that my action will help them to realize that nobody is safe on the net. If I did this it’s to educate those people who feel more secure than simple Internet novices.And security starts with simple things like secret questions because many people don’t realise the impact of these question on their life if somebody is able to crack them.

concerning me, I’ve put here only the information that are not against twitter because I am a big fan of Evan and his team works. I’ve just relayed some information of Hacker Croll and what I can tell to Twitter team is that this hacker seems to have a conduct code which will not give any prejudice to the company.

Now, clearly, we see from this hacking demonstration that it’s very easy to guess a simple password from a secrete question, and from this to enter into other account (Facebook, GMail and others) and from this enter in the heart of a company, both in accessing confidential data  but also by paralyzing business symply by getting a few domain names or admin accounts.

So, don’t stop to be paranoid. Don’t use secret question, use a different password for each of your account, don’t put inline sensible documents, etc… In short, be careful..

A nice and innovative GPS based game

Parallel Kingdom is a new (and far from being released) GPS game based on Android platform. Since a long time locaion based games have been explored, but up to now none really succed to capture enough attraction, mostly because they required poeple to move to play the game which requires a lot of commitment to play the game in a cold winter day!

But this one, Parallel World, seems to contains some interesting concept. You can build virtual elements on top of the real world, and then influence other players. The exact mechanism of the game is not yet explained, but I like the concept, presented by this video.

CTO Handbook — How to care for and feed your CTO

A great piece of reading  (discovered through AboutMobility weblog): CTO Handbook — How to care for and feed your CTO
He defined three types of CTO:

  • The Technical Founder – the person that wrote the code that got the
    company off the ground. Has sweated to give the alpha/beta/product life
    and as a result any criticisms are effectively received/interpreted as
    “Your baby is ugly! Now where’s your Corn Flakes so I can piss in them
    too!” Is never far from code.
  • The Visionary – sometimes seen as the flake without any “real”
    deliverables. Is never far from a whiteboard. Can write code but
  • The Figure Head – parachuted in, probably did or was associated with
    something impressive in a semi-related industry. Doesn’t know most of
    the company but is on a first name basis with most flight crew. Is
    never far from PowerPoint.

The next game, just like CEO is doing, is then to think which part of these description fit in your profile!

Facebook and privacy

Just discovered a VERY interesting post about Facebook and privacy:
Facebook Isn’t Private, and 7 Other Things You Should Know.

The most interesting part, is this one, the number four topic:

By posting User Content to any part of the Site, you automatically grant, and you represent and warrant that you have the right to grant, to the Company an irrevocable, perpetual, non-exclusive, transferable, fully paid, worldwide license (with the right to sublicense) to use, copy, publicly perform, publicly display, reformat, translate, excerpt (in whole or in part) and distribute such User Content for any purpose on or in connection with the Site or the promotion thereof, to prepare derivative works of, or incorporate into other works, such User Content, and to grant and authorize sublicenses of the foregoing.

So Facebook can do what they want with content posted on Facebook! Including picture, your profile (your CV?), etc…. A perpetual, non-exclusive, transferable license….

Think of this before creating your own private group to discuss the next big thing, or before posting your perfect pictures… Seems to be the reason why a group named “the Grasshoppers” moved from Facebook to Ning

Through Widgify

Identificateurs Technorati : , ,

My current favorite blog….

For those who still don’t know it, there is a new great blog which already a star: it’s Marc Andreessen one, . A lot of great post about startup creation, VC, and a lot of other things. Read the “Moby dick theory of big companies” , and the series on “Truth about venture capitalist

Interesting also is the Ouriel Ayon point of view on Marc’s blog. As him, I always wondered how Marc could create so quickly such incredible content, while being involved in many other things.

5 things you don’t know about me

 Well, seems that I’ve also been tagged for “5 things you don’t know about me”, but twice! The objective of the game is to give five “unknown” facts about you, and spread this virally to five other people…

  So this came from Seb and Wendong!

  • I started to work as a game developer for UbiSoft during my student period. Ported a crap game, and had to get a serious job in the telecommunications later on.

  • I was in Africa (Zaïre that came later Republic Democratic of Congo) and enjoyed some civil war
  • I’ve made a lot of pirate TV decoders during my engineering school! (for
  • I am now a definitive Ruby On Rails addict! The best productivity boost since I’ve discovered Java, 11 years ago.

  • I own a collection of “museum computers and console”, like Vectrex, ZX81,  Colecovision, Atari Lynx, Gizmodo, etc….

  So, let’s follow the link with a few suggestions for the next providers of these five facts:

- Pascal Darre
- tmenguy (everything and the software universe)
- Philiipe Kerignard (truc de ouf in French)
- Fred Brunel
- Alexander Cassovici ( Mobitrends)

Technorati Tags: ,

Augmented Reality: Total Immersion moving on CellPhone?

Earlier this year, I had a post about potential interest of augmented reality on mobile. It seems that Total Immersion, the leader of this sector – well now with a famous demo 2004 presentation  haves also plans for mobile.
Here is a video which shows some potential usage of AR on mobile for advertising for instance. Sorry, the video is in french. Examples includes “augmented reality advertising”, and the manipulation of a small character. I am sure that there are much more interesting scenarios than these one, so let’s see….
On negative things is that the demo still running on a PC, and very little to do with mobile now. One of the great things with AR on mobile, is that the concept of a camera phone allows you to use the mobile as a “window” or a “lens” that transform what you see. This feeling does not happen with the current demo where you have to look in a different direction to see the results. Hope that before 3GSM this will be solved (Total Immertion plans to demonstrate it on 3Gsm next year).

Video: Total Immersion – On10

Through Codors Blogs

Technorati Tags: , ,

A new patent war ahead : Surfkitchen on dynamic download?

Surfkitchen, a provider of ODP (On Device Portal) is on the way to have a UK patent that  – if I understand it well – might generate a lot of troubles if granted. This patent cover the download of dynamically generated data that is trigerred by an SMS.

 First, let’s look at the abstract:

Abstract of EP1536613

A method of server initiated download of information is described. When a server (5) determines that content (26,28) is stored which is to be made available to a remote device (1;2) the server (5) dispatches a signal to the appropriate remote device (1,2) in the form of a non HTTP message such as an SMS message which has a predefined format. When such a signal is received, this indicates to the remote device (1;2) that content to download exists. A browser program (14) on the remote device (1;2) then responds to the received message by forming a conventional HTTP link to the server (5) and requests location data identifying the location of content (26,28) to download from the server (5). When the browser program (14) receives the requested location data the browser program (14) utilises the location data to generate instructions to cause copies of the content (26;28) to be downloaded via the HTTP link.

So the patent seems to cover the fact that you notify a mobile through SMS that a content is available on the server. Then, the mobile answer by forming an HTTP request to download this content from the server.

This seems quite broad, and might cover many existing services/technologies:

  • MMS ( See Wikipedia definition ) . A notification is send to the client, using SMS or Wap Push and then the phone generate an HTTP request to download the contents.
  • Wap Push, more generally speaking, is just sending a link (an URL) to a mobile phone, so it trigger by definition an HTTP request.

If you dig one step further, it appears that the patent highlight the fact that it’s not really an URL to the exact location which is sent. It only trigger the fact that some informations are available, and then, the server identify the user and only send the relevant information….

  • [0019] Having the server 5 send an initial content update signal which indicates the existence of content to be downloaded from the server 5 but which does not indicate the location of that content gives rise to many advantages.
  • [0020] Firstly as the signal does not identify the location of any particular item of content, a single signal can be sent to a remote device to enable the remote device 1, 2 to download multiple items of content. The fact that a single signal can be sent reduces the amount of data which is transmitted to the remote device via the non http link.
  • [0021] Additionally, since data identifying the locations of content to be downloaded only needs to be generated after the browser program 14 has initiated a communications link between the remote device 1; 2 and the server 5, this data will identify current locations for content to be downloaded even when there is a delay between the sending of the initial content update signal and the initiating of a communications link by the browser program 14. The possibility that content from within the content store 24 is deleted in the interim between notification of the existence of content and the dispatch of a request to download content from a location and hence a requested item of content is no longer available is therefore reduced.

Translation: the data to be downloaded is created dynamically. In other words, the link might be  ( or just if the user is automatically identified) and then the answer content depend of the user: it’s a dynamic content/page creation….

So if the result of the SMS sent is a dynamic page, then you might be concerned by this patent.

It might be the case of SyncML, where HTTP synchronisation can be triggered by an SMS for instance.

In fact, many services trigerred by SMS might be covered by this patent. MobileScope have plenty of these, but we are not the only one in the industry. Of course, as a competitor to SurfKitchen, we are more concerned by such patent.
But many deployement of applications are done through SMS/WapPush, and it’s not always a link a static ressource, but to a ressource that might depend of your handset for instance.

Note: the patent is not yet awarded, but in a final phase.

So I would be curious to get your feedback/views on this? Does anybody in the industry feel concerned by this?

Technorati Tags: , , ,