The pricing is structured with two options. The first is to buy the tablet for $99 and pay $9.99 a month for the e-editions of the newspapers for 2-years. The second is to pay $129 for the tablet and agree to a 1-year subscription at $12.99/mo.

If you decided to buy this tablet without the deal, it is currently retailing for about $221, but it is not quite available yet from general retailers. A lot of misinformation has been going around saying that it is available for $170, however this is for an older model and isn’t accurate if you are making that comparison.

The newspaper wants you to believe you are receiving a savings over a regular newspaper subscription. If you work it out over the term of the contract and discard the value of the newspaper, it costs $338.76 for the 2 year and $284 for the 1 year deal. Obviously if you aren’t going to use the newspaper portion, it isn’t worth it to agree to this deal.

I am going to review the PMN portion of the device separately from the hardware, because they are really two separate things. Also of note, this is my first Android device. I’ve used Windows Mobile in the past and I’ve been an iOS fan for the past few years but have been wanting to dip my feet into the Android world for a while now and thought this would be a good chance to do so.

Click here to skip to the Philly Media Network apps review.

The Arnova 10 G2 Tablet

The Arnova 10 G2 Tablet

The tablet itself has a solid feel to it. It is mainly plastic but is sturdy enough to not seem flimsy. There is a camera on the front and none on the back – and the front-camera is of low enough quality that it isn’t going to be good for much more than video-chatting.

It came with Android 2.3 installed on it, as well as a few apps and shortcuts. Specific to the Phillytablet are a few apps I will describe in further detail below.

The 10″ screen itself is bright and of decent quality. It has a more rectangular shape than the iPad, which does lend itself to reading a newspaper or a lot of text.

Battery life, from what I can tell so far, is also good on this tablet.

I did notice that it does not charge via the included USB plug, you need to use the proprietary power adapter to do any charging, so I was a bit put off by that. USB is so prevalent, all devices/gadgets should charge via this method.

The lack of a dual-core processor was definitely visible at times. Angry Birds took a few seconds to get running smoothly, but after that it seemed to run OK. Any website that included Flash was visibly slow and movement was jerky. Reading a book via the Amazon Kindle app was OK, there was a little delay while paging but it was tolerable. If I had to guess I would say that this device suffers a bit both from not enough CPU power and also latency while reading/writing to memory.

All said, it is a decent device for the money. I would not describe this as a “top tier” tablet as some PMN executive will tell you, but it isn’t bad for the price.

The App Store

Since I’m new to the Android world, I’m also new to this market fragmentation I’ve heard so much about. And it is ugly. So for non-Android people, I will give you the short and quick version as I know it, please feel free to correct me if I am wrong. Apparently Google only allows access to Android Market on some devices, and this tablet is not one of them. To try to correct this, Archos (the parent of the Arnova brand) created an App store called AppsLib. They also included the Amazon App Store on the tablet. Each store does have tons of applications, however I found some major gaps. You want Netflix? Nope. Skype? Nope. BeeJive? Just the Facebook version (?) for some reason.

It appears that some application developers choose to only release to certain stores, and access to those stores is restricted. I’ve heard that you can root your device and add some custom ROMs which then give you access to other stores, but haven’t gotten that far yet.

Yet for some reason, AppsLib offered Angry Birds for free (add supported). I can’t really figure it out, but I can tell you the separation of apps stores is definitely a cause of confusion for consumers.

Notably missing was Google Apps and other cool toys you often see on other Android phones and tablets. It does include a browser and some apps are available via the Amazon store, including Seesmic, Kik and more.

The Philly Media Network Apps

The E-Edition of The Philadelphia Inquirer

So now that we’ve determined that you should only buy this device if you want to receive the subscription to Philly Media Network, what do you get with your subscription?

When you receive your device there are several pre-installed apps from PMN. One is a link to the online tablet version of The Inquirer. The second are two ‘e-readers’ for the digital versions of the print layout of the Philadelphia Inquirer and the Daily News. The rest just seem to be bloatware to me – advertisements (links to websites, basically) to Main Line Health, PMN, Dealy-o and Philly.com. So the real thing you are paying for are the subscription to the 2 e-reader apps for the Inq and Daily News.

What I like About The Inquirer and Daily News Apps

There are a few things that I do like about the apps. It’s nice that it will automatically download the papers while you are at home, and you don’t need the network to read them as you travel on your way to work. I take the train and the reception from AT&T is, let’s just say, unreliable. Using the paper app you can read through the paper just like the print version.

When I was a print newspaper subscriber, I liked reading the paper, but disliked all of the trash it generated. This is also a great way to reduce paper consumption and reduce distribution costs for the paper.

And Of Course, the Drawbacks

Specific to this device, there is a delay while reading the paper and moving around. With the processing power of a tablet, I assume you are going to see some of this latency. I’m curious how this e-version of the paper would look on something like the EeePad Transformer (@subewl, care to help me out with that?)

Non-specific to the device, the UI of the app seemed to be a bit confusing to me. You supposedly have the ability to click on headlines and be taken to a text-version of the article formatted to read on your screen. It only worked about half the time for me, I think it has to do with where the main text section was located. Hopefully this is just a bug they can iron out.

Why I Like Reading The Whole Paper

Sorry of this gets a bit philosophical for you, but I think there is a place for old-school journalism. It’s not about local news, if I want tidbits of local information I’ll check Twitter or Facebook. I like old-school journalism because it gets me in-depth coverage of local-ish news items.

Blogs have their place too, but I attribute their success to a different area of the brain. It’s the same area that OK or People scratches – breaking news, gossip, and ‘eye catching’ headlines. Having written for some major blogs – Lifehacker and MakeUseOf, it is amazing to see how much of the success of a blogger is attributed to the eye-catching quality of the title of the post. It takes one read through comments and you can tell that many do not even read the actual content, they read the headlines and form an opinion.

Newspapers are good, on the other hand, at really getting into the issues. They interview local people and analyze the issue much more than any blog that I’ve known.

The problem with newspapers is that they are trying to emulate the success of blogs. Instead, they need to focus on what they are good at – in depth coverage of local/national news, and bringing that to its audience in as user-friendly of a way as possible.

An e-Newspaper does not do this. I think The Daily is probably the best example I’ve seen of a newspaper making this transition the right way. Focus on the app. Creating version of the newspaper that is exactly like the paper version is not going to win you any subscribers.

Want to reach us in the digital age? We might have a shorter attention span but we still value good content.

Will the Phillytablet be a success?

This is certainly a tough call to make. I want it to work. Journalism as a whole has been under fire and the whole reason I gave this deal a shot – besides having the tablet itch for a while now – is that I want it to succeed. I’m probably the ideal customer for this tablet – my train commute giving me ample reading time – and I’m a news junkie to boot.

I just don’t see this being a long-term viable winning strategy for them. I think they are concerned that not enough people have access to tablets in order to get the e-edition of the paper. As we’ve seen tablet prices drop, I think if someone wants a tablet, they are going to buy one and this isn’t going to be a barrier to adoption of an e-newspaper. The barrier to adoption is that reading a full-version newspaper on a tiny device is never going to be as a fulfilling experience as holding out crisp newsprint.

To illustrate my point, I paged sadly by the crossword and sudoku puzzles. We used to get the physical paper just so that my wife could do those every week. With the e-edition, you can’t play them at all.

What can the Philly Media Network do to turn things around?

First of all, I think they need to drop the Phillytablet initiative and focus on content and delivery across all platforms – iOS, Android and Web. If they want to offer a tablet, give it as a gift if someone subscribes to the paper for a year or 2. They should be giving online access to everyone with an interest in the content, not just subscribers to a physical or electronic paper.

Also, they need to get with the times on the ordering process. You had to call a phone number to order the Philly tablet. You couldn’t order it online or pick it up in their store. This goes the same with their newspaper subscription, and in this day and age is a major drawback to adoption.

Let me know your thoughts

So, I’ve certainly been wrong before but I am curious about your thoughts. Do you think the Phillytablet has a shot? What is the future of print newspapers?

You can set this script to run via cron at any desired interval, I’ve set it to run every 30 minutes for me. Test with sample information to make sure it works under your setup. I’m using the default mail() function, and I also included some json decoding in there so you could also use this script to play around with decoding a user’s information in PHP.

If you are running it from cron, add the sample entry:

The above would run the script every hour on the hour.

Of course you can easily modify this sample code if you are looking to do any kind of similar checking in your web app. If you find this kind of script useful, please let me know!

FourSquare is a growing service that allows you to “Check in” to restaurants, grocery stores, museums and just about any place you can imagine. However, I have seen several of my friends checking in to locations which, I must say as a security research student, set off warning bells. Although I am calling out FourSquare specifically, these also apply to just about any other location based software where you broadcast your location to other folks, whether they are your friends or the general public. GoWalla and BrightKite are in the same boat.

As with any list, there are exceptions to the rule. So although I would say that you should generally avoid checking in at these locations and you can use it as a rough guide, things might be different for you personally.

Without further ado… here is my list of top FourSquare Check-in Locations To Avoid:

1. Checking In At Home

This one would seem to be obvious a few years ago. Remember the “old rules” when you got on the internet – don’t give anyone your real name, address, phone number or other personally identifiable information? It seems like this one went out the door when social media came into the picture. I’ve seen many folks posting the exact coordinates of their home, as well as when they are home. Between that and the fact that many users have their real names associated with their user ids, this becomes a huge security problem. Stalkers would love to get their hands on this information.

2. Checking In At Your Significant Other’s Home

Similarly to checking in at home, does someone need to know the location of your boyfriend’s, girlfriend’s or fiance’s residence? This information should be public knowledge.

Photo by epicharmus

3. Checking In At Your Bank

One thing you should never, ever let scammers, con artists, and identity thieves know is where you do your banking. Checking in even once at this location gives them not only an idea of the company where you bank at, but which branch you go to and the time of day you typically visit. This should definitely be a no-no. It’s like wearing an “I’m carrying cash” sign on your back.

4. Checking In While On Vacation

“I’m in Florida for the next 7 days with my whole family” is just begging for a burglar to come ransack your house. Maybe you have someone house sitting for you, or have some sort of security system in place, but I suspect many do not.

This is a tough one to follow. When you are on vacation in some interesting place, you want to tell your friends about it. What I tend to do is to check in, but not mention that my family is with me. This obfuscates some of the information and would hopefully give enough doubt to any would-be intruders to actually trying to break into your home.

5. Checking In At Your Doctor’s Office

In addition to calls of “TMI” this is another one that you should keep to yourself for privacy purposes. Someone could in theory call or visit your doctor’s office and get your personal medical information.

Photo courtesy of tidewatermuse

6. Checking In At Work, Depending on Your Job

This one depends highly on your job. If you are a security guard, you probably don’t want anyone knowing when you are on or off the job. However if you are a desk worker, you won’t mind if your friends, or anyone knows that you are indeed at work as this can be assumed.  If you are in the military and are deployed on a secret assignment in a foreign city, don’t think it is proper to check in anywhere in that city. (In fact, you might want to check in at a false location for misdirection, but that topic is for another day.)

Alternatively, if you are supposed to be at work but have called in sick, don’t check in at your favorite bar that night. It will reveal your ruse in an instant to anyone who is in-the-know enough to follow you on 4square.

7. Checking in at Your Child’s School

This is an addition from a friend, he mentioned that he makes sure that he never checks in at his children’s school. You don’t want to give someone a direct map and time table for when your kid is at school. This is another check in place that should be strictly off limits.

In conclusion, when checking into a location, be aware of what someone would do with that information if they had a malicious purposes. Maybe it is a bit paranoid, but I try to think of the above reasons before I check in at locations which could divulge sensitive information to unknown parties.

Sure you can restrict who you friend on these networks, but increasingly it has become obvious that criminals are using fake accounts to friend folks and “grow” their network. Be careful with who you friend and send all of your location information to. In addition to the above specific locations which can reveal sensitive information about you, any 4square user checking in at restaurants or other places divulge a pattern of travel that could be used against them.

Both of these account compromises were caused by weak password reset questions. And although Palin certainly was/is a high profile account, the Twitter compromise was caused by a low-profile IT Administrator who happened to store sensitive company documents in their Google Docs folder. This goes to show that everyone, from the CEO of a large company, to a low-level system administrator, is accountable for the security of their accounts.

Sample (bad) Password Reset Questions:

Many e-mail accounts use a typical range of password reset questions:

• What is your mother’s maiden name?
• What was your first pet’s name?
• What is your favorite sport?
• What is your oldest daughter’s name?
• More Questions

Even questions regarded as “Good” on this list are easily guessable if you have access to the social networks of an individual. For example: What is the middle name of your youngest child? What is your oldest sibling’s middle name? Answers to these questions often appear on Facebook or other social media websites.

After coming up with the idea to write this article, I took a look at my own email account password reset question. It was set to my Father’s middle name. I had probably set this when I first signed up for a  beta account back in 2005 or so – I was not in the mindset that it would become my primary account and also be the gateway to a bevy of information. As with many folks, when I sign up for a new account on a website, it will often e-mail me my account information (including my password, boo!) to my e-mail account. And, as I suspect with most people, I do not follow best practices and use a different password for each account. Not to mention that many other accounts will send an email to your account on file in order to reset their passwords. Therefore, since not only the main account password at risk, there is a lot riding on the security of your email account. If someone can gain access to your email account, they also gain access to a lot of frequently used passwords and accounts. Domain hijacking has occurred using this method.

The Solution

The first step is that password reset questions must not be answerable by information available via social networking sites. For someone who is very active in social networking, this might be hard to come up with at first, but really is not hard.

A good password reset question is:
Not easily guessable from online or offline sources (secure)
Stays the same over a long period of time (stable)
Is readily recallable by authoritative person (obtainable)
Has only one answer (definitive)

My source for questions that satisfy these metrics is my wallet. I look for cards that have information that will stay the same for a long period of time, for example, a driver’s license, library card or other membership card.

You can then reset your password question to a value on those cards. If the site does not let you ask your own password reset question, you might try to replace a common one, such as “mother’s maiden name” with this. Just be careful you don’t get too tricky, or you might forget the correct question/response to the answer and lose access to your account for good.

For a sample answer, you might use the first 5 digits of your driver’s license ID, plus the last 6 of your gym membership card. Really you can use any information that you want that you do not share on social media websites.  Just make sure they follow the four guidelines above.

Do you have any tips for a good password reset question?

A few photos from the talk:

It is dirt simple to set up.

Go into Appearance -> Widgets and select the widget area you wish to add the twitter search stream to;

Add “RSS” and position the widget accordingly.

Click “Edit” and “Enter the RSS feed URL here:”. This is the link from search.twitter.com where it says “Feed for this query”.

Enter a title, if appropriate.

Thats it! You will see an area on the site such as the one below:

To summarize: There is no Twitter Search Plugin but WordPress’s RSS feature works just fine!

The reason for this is that being able to provide a high speed access line to a home involves running a LOT of wire or fiber – and this has an enormous  investment in capital and technology. Only large companies have the resources available to provide these services and keep them stable. They also will buy many smaller companies that pop up – both for their technology or because it also eliminates some of the competition. Comcast has done this in our area and has largely bought many alternatives to their cable service.

Television, on the same hand, has traditionally been controlled by a handful of local companies. Largely due to copyright restrictions and content agreements, smaller non-geographically centered companies have been unable to gain access to popular content. Therefore most television providers are behemoths and there are not many smaller options.

Now in theory, we now have the internet bandwidth to have full streaming, HD television content to come right over your internet connection. There is a great deal of bandwidth involved in such a service – so the technology many companies use to bring video streams to your desktop (or other display) uses Point to Point protocol (P2P). This distributes the bandwidth across many clients so instead of having one source for the video bandwidth, it is more evenly distributed.

The Problem

Perhaps you see where this is going. Many major ISPs now offer television services over their connections. Likewise, many Television companies offer internet service as well. The prospect of a customer going to another company and purchasing a television package, using your ISP/Television Company’s internet bandwidth (that you already pay for), is a frightening prospect for them. Right now, cable programming is a cash cow. I would say the majority of television users watch a handful of channels on a regular basis, however all cable television companies force you to purchase a ‘package’ with hundreds of channels. They have largely resisted a-la-cart programming options.

What it comes down to is choice. The choice to be a smart consumer and not be tied down to a single company for any service – whether that be internet, television or phone. Of course, the companies who provide these services would love for you to have to use their other services, and in my experience many consumers do go for these ‘triple play’ packages. In their minds, getting phone, internet, and TV for $99 (Even though this is a teaser rate, and will likely go up to $140 a month or more after the initial period) is a great deal.

So what can you do?

So how can the consumer fight for this choice? The companies certainly are not going to fight for you.

1. In the United States, the FCC has some power to regular the big companies that deliver internet to your household. Some people (including myself) do not completely trust in this entity to serve the best interests of consumers.
2. Ultimately, in today’s free enterprise economic system – your wallet does the talking. If your ISP decides to throttle, delay, or otherwise impede P2P traffic – run for the hills and choose the nearest alternative. Let them know this is the reason you are leaving.
3. Finally, educate anyone willing to listen about this problem. It goes largely unnoticed by the general population, and the more people who know about this issue, the better.

So what happens when there are no other choices? Well then it may be time for a new breed of ISP to enter the landscape, but I’ll save that article for another day.

For more information or to contact your representative, see http://www.savetheinternet.com/.

For the uninitiated, two-factor authentication is when two separate methods are used to verify an identity. For example, a thumbprint and a codeword, or a eye scan and a smart card. The most useful in my and many other’s opinion is a One Time password token, like the Paypal/Verisign security key. This device, which is meant to be carried with you at all times (think, belongs on your keychain, and you keep it in your pocket like a key) generates a series of numbers which depend on what time it is. This number, when combined with your password, provides a much more secure way of authenticating that it is really you who is logging into PayPal, and not just some guy from across the world who happens to have guessed, or phished your password.

OpenID is a relatively new technology where you store your personal information at a site called an OpenID Provider, and then other sites authenticate to that site. You then tell the OpenID provider that it is ok to let your target website use your information and itself to authenticate you. After that, when you want to login to this target site, you just need to be logged into your OpenID provider. Maybe this video will clear things up for you.

Some popular OpenID Providers are: MyOpenID, Verisign Labs PIP, and many, many more. I personally use Verisign Labs PIP, simply because I trust Verisign, and established security company, more than many of the other ‘mom and pop’ websites who now all of a sudden are OpenID providers. Call me elitist if you want but that is just how I feel.

So, good idea in theory, but I had a pretty big reservation about it. What if someone was able to get your OpenID username and password? All of a sudden, they have access to ALL of your websites that you use OpenID with, and you are worse off than if you just used seperate usernames and passwords for each one. You do use different passwords for your website logins, right?

So, just today, I thought to myself: wouldn’t it be great to be able to use that Verisign Branded PayPal Security Key with my Verisign Labs PIP account? Lo and behold, a google query later, and I find out that they are one of the only OpenID providers to provide two factor authentication, and that my old PayPal Security key works with it! Bingo!

I didn’t really find too much information online about how to hook the two up, so I thought I would put up an explanation to help others realize the security that this provides them.

1. Get a PayPal Security Key

All you need to do is go to the PayPal Security Key Website, sign in, and place an order for it. A few days later you get a little package with your key, and then you can feel special too.

2. Login or Create an Account at Verisign PIP

The Verisign Labs PIP website has all of the information you need for signing up. Go through all of the steps needed to activate your account before proceeding to the next step.

3. Add your Security Key Credentials to your account.

Go to the “My Account” page, and at the bottom there is a section that says “VIP Credential”.

You will then be asked to enter the credential ID (which are the letters/numbers on the back of your key) and also to push the button to generate a one-time key.

Click add, and you are done!

Next time you log into your OpenID at PIP, you will see the following challenge after you enter your username and password:

At this point, you might be asking what happens if you don’t have your Security Key with you? Well, there is an alternative. They will send you a one-time pin either to your cell phone via text, or to the e-mail account that you have on file with them.

This ensures that even if you don’t have your key with you, access to your websites can still be had. Just make sure your e-mail password is different than your OpenID password!

As an added bonus, they offer a firefox plugin called “Seatbelt” that automatically fills in your OpenID location for you on sites that support OpenID. It’s nice to not have to remember your OpenID URL, which is username.pip.verisignlabs.com. It’s not overly difficult to remember but they definately could use a more catchy URL.

So that is about it – with these two things, you should be sailing along with OpenID using two-factor authentication and minimal effort and money spent!

At first I thought the goal was to get as many people to follow you as you can. Then I read this post from Scobleizer that basically says: it’s not who follows you but who you follow. After mulling over this I realized it does make sense… I realize I’m not going to be as popular as some of the heavyweights on Twitter, and that really shouldn’t be your goal. My personal goal on twitter is to be connected with others, see whats happening, and maybe make some friends along the way.

An initial admission is probably in order: I don’t use a feed reader to follow news. I find that it is simply too much information to follow and much of it is duplicated content. I have a handful of websites/blogs that I visit on a daily basis to get an overview of general news (I am a news junkie) and I enjoy the format of websites and the associated images that go along with a story.

Along those lines, I found myself following some pretty neat feeds – @Makeuseof, @BreakingNewsOn, @nprnewsblog and others, which are basically imports of RSS feeds from their particular blog. Some of these ‘blog Twitterers’ also inject personal commentary into their streams.

After adding @engadget to my stream this morning it hit me: I am using Twitter as a Feed Reader! For those selected blogs that import their feeds into a Twitter user, or even those twitter users that have a blog which is synced up to Twitter, I find it awesome to be able to see what is going on, without having to manage “feeds” – mark items as read, and maybe even get additional commentary on stories. No marking of read items, no ‘old unread’ information to deal with, just a constant stream of feeds sent live to my twitter stream.

If I see an article I’m interested in, I click through (via the handy tinyurl link) and read to my hearts desire. If it doesn’t interest me, I just ignore it. It turns Twitter into a social feed reader, where you can talk about stories to other twitter users.

So will Twitter take over for feed readers in general? I think for some hardcore people, a direct feed is the only thing that will work. But for more ‘casual’ feed readers, such as myself, I think using Twitter as a feed reader is a great idea. Let me know your thoughts/experiences with it!

[Updated 2009/5/6 - See archived comments for this post at Disqus, I've since moved comments back onto this site.]