Hi, my name is Terry Smith and I'm a developer and aspiring entrepreneur.

Wow!  It’s been a crazy few weeks.  While I’m not likely to take up regular blogging for a little while still, I wanted to let everyone know where I’m at.

Recently, I moved from full-time employment with B5Media to full-time contract work.  I am still on a part-time contract with B5, but my focus has begun to turn to other projects.  Before I talk about those though, I want to give a huge shout out and thanks to Lee Newton and Joe Taiabjee, who have been incredible to work with at B5.  On top of being great friends, they have taught me so much that I will take with me, to anything else I do.

Speaking of which, I am happy to announce that 23press, a small project I started back in Februrary (after Jeremy Wright gave me the idea), is now a real company.  Jeremy has officially come on board as our CEO, and we’ve added another founder, Jason Hall, as our COO (I remain the faithful company janitor/CTO).  Jason is a super smart operations guys who brings a wealth of experience in managing, marketing and running venture backed companies to the table.  I couldn’t be happier to have him on board.  Since most of you that read this blog are in the blogging and/or start up world, I’ll let Jeremy’s experience and reputation speak for itself.

So what’s next? Today, we are launching our completely redesigned 23press site, as well as version 1.4 of our flagship product Move That Blog.  It has been a bit of a bumpy road, since (as you can imagine) browsers, blog setups, and hosts are all very different from each other, which makes our job of cross-communication even more difficult.  Version 1.4 of MTB is much more stable than it’s predecessors and addresses a ton of issues we’ve seen so far in our initial sales.

We are also planning a backup product.  It’s a busy market, but we think we can do it simpler, faster and better than the other guys and we can’t wait for the chance to prove it.

That’s it for now!  There are some other exciting updates in the pipeline I hope to make public soon, so please stay tuned.  As always, if you have any questions, feel free to reach out.

I’m back!  After over a year of this blog being down, being used a testing ground for new projects, and having no content, I’m hoping to make a return to semi-regular blogging.

To kick things off I want to discuss the fiasco that is happening with SSL.  A while ago, one of Comodo’s certificate authority servers which generates SSL certificates was hacked and used to generate real certificates for some top sites including Yahoo and Windows Live Mail, Google, and Skype.  Those certificates have now been revoked, and Comodo has blamed “evil” governments abroad, and the issue had finally started to blow over.

And then, today, an Iranian hacker came out claiming that it was him, a single person who had perpetrated the attacks and vowing more of them.  And this hacker is right about one thing: who knows how many of these happen non-publically.  Ars Technica says that the CA trust system is broken, and in part I agree.  But I don’t think the issue is trust from a root Certificate Authority to it’s resellers, I think the issue is that we use SSL as a site verification system at all.

SSL does a really good job with what it was originally intended for: encryption.  Data is encrypted on the client, decrypted on the server, and vice versa.  My payment information cannot be read by someone in between or who is monitoring data on an open wireless connection, and as we’ve all heard over and over again it would take 1000 servers a million years to crack the code (or something like that).

But then browsers and certificate authorities started using SSL as a means for verifying that the site they were connected to was the right one, which to me is a separate issue.  It was certainly a logical step at the time, and it makes sense that the actual site should be the only one who has an SSL certificate.  But with recent vulnerabilities like the NULL byte attack a few months ago, and this recent attack of “trusted” resellers and certificate authorities, I think it’s time to re-think the way we verify a site’s identity.

There’s a huge market opportunity here and now is the perfect time to capitalize on it (and I imagine it’s going to continue to be a good time until another solution comes along).  While I don’t yet have an idea on implementation, I will follow up if I do.

I’m excited to see what you guys come up with.