Posts Tagged ‘transparent’
CMS Wire posts about Periscope, writes honest, detailed entry
October 28th, 2008 • Mentions, Progress
Tags: Mentions, Progress, transparent
The folks over at CMS Wire posted an entry about Periscope last week. Somehow, we missed it. Note: please let us know if you’re writing something about us, we’d love to know and also let our users know about what’s being said, good, bad or otherwise. If nothing else, we’ll link to you :)
They make some excellent points, especially with regard to usernames and passwords — the more people who use Periscope that know about what is and isn’t stored, the better — and also offer up some kind words for us. Thanks, guys! And the post certainly goes a long way in educating readers about the facts.
Transparency on Basecamp Usernames and Passwords
October 2nd, 2008 • 1 comment Everything else
Tags: encryption, password, transparent
I’ve always thought that complete transparency is a virtue. It doesn’t matter what we’re talking about here: whether it’s inter-personal relationships, coach-team relationships or client-vendor relationships. If you’re reading this, you might be a little concerned that we’re storing your Basecamp username and password. Quite frankly, I would be too! Read on…
First of all, right now, there is no way to get around not storing them: the iGoogle framework simply doesn’t support POST nor HTTP AUTH. As a result, the Periscope backend acts as a pseudo-proxy taking requests from the gadget and doing all the necessary integration and logic to get data from your Basecamp account and serve it back to the gadget. And since your Basecamp account is password protected, Periscope needs to know those passwords to get at your data and serve it back to you. The nice thing about letting Periscope do all the heavy lifting is that it can do cool things like integrate more than one Basecamp account for you, do some time-tracking and even let you have access from things like your iPhone.
For the record, Periscope does not store any data that you request from the Basecamp servers. It merely proxies the data, filters and sorts and does whatever else you asked it to, and then serves it back to you. Periscope keeps logs of your activity in so much as it knows that you logged in and looked at the Recent Activity tab: but that’s about it! It does not know the content of the tab. It also counts clicks to various links you may click on. Periscope also leverages Google Analytics for other statistics.
What about the actual storage of passwords?
Your Periscope password (different than your Basecamp password) is not stored at all: we store a one way hash of your username and password. That way, if you forget your password we’ll have you reset it: we don’t have the ability to remind you what it is.
As for your Basecamp username and password, we store this information in a database and do so with the greatest amount of care: the username and password is encrypted using the MCRYPT_RIJNDAEL_256 cipher and stored in a physically different server than the encryption key. We are currently hosting with pair Networks who have an excellent track record and with whom we have been very happy. We also allow you to change your information from your My Account page at any time.
We built Periscope for ourselves and are glad to be able to share it with you. If you’re still concerned that your Basecamp username and password is being stored on an unknown server somewhere in the digital cloud, the best thing you can do is add a new person to your company in your Basecamp account (call it “Periscope User” or something similar), and use the credentials for that person in your Periscope stored account. That way, you’re not storing your own personal username and password, but rather a throw-away user that could be changed at any time. And remember to give it less than administrator privileges too, if you want to be even more careful!
Beta closed, live announcement list open
August 28th, 2008 • Everything else, Progress
Tags: beta, Progress, transparent
I’ve had more than enough interest in the gadget (over 150 of you subscribed) and it feels like the right amount to move forward. So, I closed the beta signup on the main page and opened an announcement list subscription that you can be notified when Periscope goes live. Don’t worry beta users, you will be notified too!
So go on over there and signup for the announcement if you haven’t registered for the beta.
New look for the site & blog brings us another step closer…
August 16th, 2008 • Progress
Tags: 37signals, design, Progress, Releases, transparent
This morning I updated the look of both the main site and the blog. I’m going for as much overlap in their look as possible, so I did some CSS magic on the theme that I am using (which is Konstruktors‘ Sans-Serif Racer) which I absolutely love. Thanks Kaspars!
Also, I added global navigation that I think is pretty close to what you’ll see when Periscope goes live. Yes, you’ll be able to login to the site and configure some things like how many Basecamp accounts you have, what their URL’s are, your credentials for each one and more mundane stuff like changing your Periscope password, your personal details and more. I think I’ll do a screencast of this in the future, so watch this space!
Periscope has been in the back of my mind now for the longest time, so I thought I would share an early screenshot (February 2008) of the gadget. You’ll notice that in addition to the two tabs you may have seen in other screenshots and screencasts, there is also a “To-Do” tab. I originally wanted to put EVERYTHING I possibly could into Periscope, but quickly realized that I would never release a product if I tried that (thanks 37signals) — so, don’t be discouraged! To-do’s are something I’m thinking about, and something I will hopefully add in a later release. Just not now! I thought the screenshot was kinda cool to see how the gadget has evolved.
37signals mentions Periscope Gadget
August 8th, 2008 • Mentions
Tags: 37signals, beta, blog, press, transparent
Want a great reason to start a blog? How about 37signals writes a short post about something you’re doing (Periscope) without your knowledge, and now you’ve got enough signups in your Beta release to warrant an actual beta!
So, this turns out to be the first post as a result. I’m hoping to keep Periscope, its development, progress and evolution as open and transparent as possible! Stay with me as I grow this blog, add more and more info, and talk about how it’s going with the gadget.
