We have been discussing among ourselves about open sourcing Hiitch for a while now. When we say open source Hiitch, we mean both the server and the client code. A totally complete and open desktop social networking platform that others can use, extend, customize and redistribute on their own. Can open source really help us compete or is it the end of us? We have only recently come to an agreement that open source is an option that we will seriously consider in the near future. We have put into Hiitch our heart & soul and we are unsure if open source is a right move at this stage.

Why do we want to open source Hiitch?

• We envision Hiitch to become a free but personal social networking platform that everyone will use to meet new friends and stay connected. No barriers!
• We want to move the development fast enough to challenge the current market players and existing technologies.
• We desire a vibrant development community that will keep innovating with us.

Our biggest problem now is that we do not have the financial resources to fulfill all or any of the above goals. My argument for open source is that we can allow others to build smaller networks of their immediate social circle and then build software to connect these smaller social networks together to form a mega network of independent networking peers. We can achieve this with little or no cost at all using open source approaches. The open source community has already shown that the last two points is workable so I will not elaborate more on it.

What are our fears of open sourcing Hiitch?

• It scares away potential investors and greatly reduces our value as a commercial company.
• The open source community do not see a need for such a product and hence no vibrant development community.

The worse thing to happen is that we cannot financially support ourselves to innovate and develop ground breaking software for the social networking messes. Merely selling value added services on top of a free software platform is also not an easy approach. We also worry that a geek community cannot attract enough normal average users for which a life style application like Hiitch is build for.

Feel free to share your views with us on this matter.

I have been reading a few local Singapore blogs about the state of our entrepreneurship in the country. Yes, if you did not know, Hiitch is also a local production. I am guessing that not many local people out there read our blog or even know about Hiitch. So if you are one of those rare ones, we salute you. By the way, if you have mistaken us for a million dollar startup then I am sorry, you are looking at the wrong blog. Hiitch is what many locals will call a $1 company. Actually, as of now we are close to a $3000++ company. We are poor as hell, I must admit. Anyway, everyone has to start somewhere. We have just started our effort to raise some money for our work so if you have got some to spare, feel free to venture with us.

The idea Singaporean startup that I have gathered from my readings, talking to other well established Singaporeans and writing business proposals to local BAs (business angels) or VCs (venture capitalists) are of this sort. The entrepreneurial criteria that I am about to describe is to ensure a sure win for the local investors. If you are one of those that meet these criteria, we salute you. You are on your way to major success in Singapore!

Founder requirements:

Founder must have graduated from Harvard/Stanford/Cambridge/… or one of those ranked world top 10. However, NUS (National University of Singapore) or NTU (Nanyang Technological University) is acceptable but not preferred. No name universities or polytechnics are definitely out. Apparently, many Singaporeans believe that good education equals talent. No good education means no talent. Parents are preferably rich, I mean that the founder must have already invested a significant amount into the company. Significant amount must be no less than half a million or so. IQ must be above 140 or a Ph.D will suffice. Must at least have one successful venture before. If you do not have any prior successes, you must have at least 10 years of relevant working experience. Mediocrity in your working experience is not acceptable. Resume must have big company names and you must have held important positions in the company. And no, being a project manager at Ah Beng Pte Ltd is not considered working experience. If you have won any significant awards before, those will aid you. Significant awards mean awards given from an accredited organization such as NASA and etc. Our pompous, I mean our local cream of the crop organizations are also acceptable. OK, if you have at least these few requirements in place, your are considered safe to at least have the investors take at look at your resume.

Business plan requirements:

Your company must have the potential to conquer its intended market which must be at least as big as North America/Europe/China/India within 3 years. And no, the local Singapore market is not considered large enough. Technology under development must be no simpler than rocket science. This requirement of technology is a bit tricky to lay down. Most local investors are looking at creating the new time travelling machine or something like that. A web 2.0 startup is too simple to be considered a real technology. By the way, be prepared to explain what web 2.0 means, unless you are getting our government to invest because they are already working at web 3.0. And yes, it must be patentable. Profit for investors must be at least 50 times the money invested. Yes, local investors understand that high risk equals high profit. But local investors will also tell you that their air tight requirements is not about low risk but no risk, I mean reducing and managing the risk. Our investors have learned from their foreign counterparts that if you have the first mover’s advantage in your business plan, the chances of success is even higher. So unless your company have the world’s first, you may not have the edge that they are looking for. Also be sure to describe in detail your competitors. To be the world’s first but yet have competitors is a concept beyond me so you are on your own for this one. If you manage to figure out who your competitors are, you must include their plan, concept, strategy, strength and weakness. On top of that, you have to show how you are one up from them in your plan. One thing you cannot be without is figures. Our investors love figures. Make sure your financial forecast is well dreamt up, I mean projected. If there is one thing our investors want is a detailed business plan, so make sure you have at least 60 pages or more. Your business proposal must have the feel of a book or at least appear to have that same amount of effort put in. Be sure to have a hardcopy to be sent to them and yes, it must be colored! If your business plan have these criteria listed, you are all set to prepare for your presentation.

Unfortunately, we do not match up to those requirements. However, we are not discouraged. We are looking for a different kind of investor then those found locally. We want investors who will invest in us and not merely our idea. Investors who understand that we are the people who can and will deliver success and not the idea itself. Investors who will work with us and help us reach greater heights by guiding us to pursue our dreams. They will understand that both groups are taking risk in the venture and not just themselves. They will see themselves as part of the team and not as a revenue generating task master. Most importantly, they will realize that we are not about being the elite, but about passion, commitment, determination and hardwork.

If you are just another Singaporean average Joe company like us. If you are doing your best in pursuing your own dreams like us. Drop us a shout here and let us know you are also out there, Cheers!

Hiitch Pte Ltd is looking for investors who has/have the same vision as us and is/are willing to join efforts with us to establish the next generation social network. We have not been seriously looking for investment up until now. The main reason that we are starting to look for investment is because we realize that Hiitch needs the financing to expand faster to level the odds with our competition.

Hear Us Out!

You may think that on-line social networking is almost over with huge domination from companies such as MySpace, Friendster, Facebook, Bebo and etc. However, we think otherwise! On-line social networking is far from being over but just beginning. There are lots of areas in this field itself that has not been researched and explored but has great value. Communication tools aside, many of these existing services only allows you to place a profile and wait for things to happen. We classify these services as hit and run because of the way they encourage their users to relate to each other. But we envision Hiitch to be far from these hit and run services.

Hiitch is about researching and exploring at real time:
- new ways for you to meet people of your interest.
- new ways for you to widen your social circle.
- new ways to tract your relationships with others.
- new ways for you to find deals and opportunities.
- etc…

All our work is centered around the context of a personalized community in the space of a larger social network. Work in these areas have huge implications not just for the average net-citizen but also for businesses, organizations and etc.

Drop us a mail or contact us directly if you have interest in investing on what we are doing.

When we first started working on Hiitch our focus was mainly on on-line dating. However, as we progressed, we realized that Hiitch was becoming more and more like a dedicated and secure social networking software than merely an on-line dating tool. We like to see ourselves as still in the process of allowing our users discover for themselves what Hiitch really is to them. In this article I would like to discuss a few examples of how you can make use of Hiitch for your own social networking purposes. Hiitch has many features that can help you deal with your everyday social networking needs that cannot be found in today’s instant messaging (IM) culture. Before I go on, I like to highlight the fact that Hiitch is not and never will be an IM software. IM is only a supported feature in Hiitch and not what it is about. Hiitch is about discovering new people on-line and providing a common ground to communicate and share yourself with others. OK lets proceed with the scenarios that Hiitch can be of use to you.

Scenario One: Work

You have a small company or team that you work with. Everyone is usually hard at work on their own desk all the time. Some of them are physically not in the office most of the time. You would like to setup a dedicated network with them so that you can share things on-line and communicate more simply together at real time. You thought about using MySpace, Facebook and etc to help you tie everyone together but you hate the idea of checking your web browser all the time for new information. You are also skeptical about all the negative publicity about security and etc from these service providers. You feel that the common IM software like MSN live, Yahoo messenger, and etc just isn’t cut out for your social networking needs. This is where Hiitch can help you.

Hiitch sits nicely on your system tray and notifies you when items of your interests are received. Your contact comes on-line, you are notified (only if you want to). Someone in the team sends you an urgent file, you get notified and that file remains available for you always at anytime and anywhere until you choose to remove it yourself. If you are offline, messages send to you are kept for you until you come on-line. You can even send quick messages to your teammates without disturbing them during their work through your contact list. Your on-line status on Hiitch will help maintain your intentions to others in the network. So, if you set ‘do not disturb’, then no one can IM you directly. If you set yourself to ‘private’ then only your contacts will see you as on-line and etc. A new team member comes aboard and you are interested to get to know him/her, you can simply browse their profile card and read more about them, browse their photographs and etc. You can post news about company events or instructions on the community interface and notify your team as soon as you post them. If you keep them private, only your teammates in your contact list will be able to read them. You can also get others outside your team involved when you require feedback on ideas, get advice from others or want to do a community survey. You can also setup appointments with your teammate in another country without worrying about time zone conversions, Hiitch does it for you automatically and notifies both of you when the appointment is due.

Scenario Two: Play

Have you ever considered your own secure private social network? You are old enough to be responsible for yourself. You want to meet new people and get others to notice you. However, you don’t want to look desperate and try those on-line match making sites like eHarmony, Match and etc. You like your social life to pick up but you want to do that at your own time and have it all in your own control. You would also like to keep your existing friends and family as part of your private social network. This is where Hiitch can also help you.

Hiitch allows you to setup your own prospect criteria and helps you find them automatically. You just need to make sure you put in the right information about yourself and the kind of people you are looking for and leave the rest to Hiitch. When Hiitch finds people that you may be interested in, you get notified about them. You can then choose to view their profile immediately or bookmark them for later browsing. If the person that you have bookmarked has also done like wise, then Hiitch will notify both sides to encourage you to get to know each other better. Hiitch helps you keep track on the interactivity with others on your contact list. When you see that your interactivity with your best friend is getting low, you can send him/her gifts to brighten his/her day or just simply message or IM to keep in touch. Hiitch is not just about serious social networking. You can also search for other people manually and browse their profiles and pictures at your own time. You can even vote for pictures that you think are cool or just purely interesting if you like them. If you find a handsome man or babe, give them the compliment by voting for their pictures. You can also publicize about yourself by writing articles for the Hiitch community at your own spare time to share your views and ideas with others. Who knows, may be you might just become the most popular person within our community.

Hiitch is made for you to reach out to others and also for others to reach out to you simply and easily! There is much you can discover with Hiitch. Try it for yourself today by signing up for our private invitation into Hiitch.

Knowing how hackers do their dark art is an important part of learning to be secure on-line. It is not my intention in this article to teach you how to hack websites. Rather I want to help the average net citizens learn about the things to look out for when you have profiles and sensitive information about yourself kept on servers of Facebook, MySpace, Bebo, Plentyoffish and etc… Once you know how hackers work their way into your information, you can then know how to protect yourself. If your favorite social networking website is not taking the appropriate steps to protect you then you can at least know that your personal information is in trouble. Since many of the popular social networking sites today may be build or used by people who have little to no proper technical training and experience, you can be sure that our dark hackers are having a fun time.

In this article, I use hacking and cracking as the same term although technically they are different and require different skill sets. Hacking may involve programming skills but cracking usually do not. Anyway, I will discuss a few common and simple techniques that you need to know about, as well as, some more complicated ones that you should be aware of. You need also to start thinking defensively as you read this article so that you can take note of the possible security loop holes that you are or have created. It is critical to bear in mind while reading this article that hacking or attempting to hack a website is illegal in many countries! All your activities on-line are traceable from your ISP (Internet Service Provider) and chances of being caught is extremely high. In my description of the hacks below I have intentionally left out ways to prevent you from being traced so please don’t try it. OK lets start!

Step One:

The first step to trying to hack a website is always to gather information about the users/members or if possible the administrators of the site. Why gather information? (You may ask) Well, one thing for sure, hacking is not magic. You need to know your target before you even attempt to try breaking it. Many of the member profiles on popular social networking sites are public by default so gathering information from there is a simple task. (See how your social networking sites are already providing assistance to our dark art hackers?) When you gather information about your target, you need to know what type of information to look out for. You should copy down information like addresses, phone numbers, birth dates, user Ids, girlfriend or boyfriend information and etc… An added advantage is when you can think the way that your poor victims do. This can be easy when their profiles reveal a lot of information about themselves such as the type of music they listen to, the type of movies they like, the type of hobbies they have and etc…Some administrators are pretty careless too. You can usually find information about them from the site itself or from public DNS (Domain Name Server/System) information type of services. Doing some clever search from the website can reveal nice and handy information that you can use too. One such example is the web address entry field in web browsers. Whenever you do a search or click on some information, the browser would usually convert these action into some form of server side request. In that request, you can find important information such as user Ids, key values and etc that is used to maintain session information, retrieve information from their database or server side scripts. Sometimes you may even find directory paths to a particular file/movie/music, which is an added bonus.

For more advanced and adventurous hacker wannabes, you can try to ping or trace the IP (Internet Protocol) address of the server using their domain name. But bear in mind that some of the information provided by these probes are illegal to use for unlawful purposes. Anyway, these probes can help reveal a lot of information about the server that they are running, additional services that is being used, the path that your data will travel before reaching their server and etc… These information can then be used to try other more complicated techniques that I have briefly explained about in my previous two articles on security. DOS (denial of service) attacks, port scanning, spoofing, phishing, man-in-the-middle and etc will require these information.

Step Two:

Now that all the hard work is over, we can start harvesting our rewards. Now go to the website that your victim belongs to. The most simple and easy way to hack into their account is to try guessing the user Id and password. Some net citizens are just plain ignorant of good security practices. They use passwords like their date of birth, mother’s maiden name, information in their address, phone numbers, or even worse the user Id and password are the same. Trying the set of information about the target user first is recommended. If you don’t succeed, try using the information about their girlfriends and boyfriends. Remember, knowing how they think by understanding them with the information that they have provided about themselves is the key to our success when trying to guess the right passwords to use. If you hit a jackpot, you are in and you can then enjoy whatever is it that hackers enjoy when they have hacked into someone else’s account.

When you review the information that you have collected in step one, you might have discovered some bonus information like directory paths. Directory paths can be used to try back door hacks that allow you to enter into restricted web-pages. Some web servers are poorly configured and so even though you cannot access a web-page indirectly because it has been set private, you can do so by typing in the path to the server directly on your browser. If you do accidentally find a back door to some private content, do remember to alert the relevant administrators of the site of the security breach. Of cause they may sue you for hacking or attempting to hack into their website, in which case, you should have left them to their own down fall and not try to be a hero. Trial and error with absolute and relative paths to access restricted information files and web-pages is a powerful way of getting into and around websites. If trying a web-page directly is unfruitful, you can always try adding relative addressing to branch indirectly in your URL. Some web administrators know as much about securing their websites as a newbie does so you might just hit the jackpot. By the way all the techniques mentioned above can also be tried on Telnet and FTP (file transfer protocol) type services, just be creative about their usage.

For our jail bird wannabes you can try to script up some stupid DOS attack that is easy to do by writing infinite loops of web server requests. Basically, DOS attacks just load down the server with too many requests that the web server either becomes unusable or crashes. It is also interesting that when a web server crashes, it can sometimes make available what was once private or restricted. In short bad things might happen when servers crash and you can then take full advantage of it. If you have a Telnet terminal or SSH shell and etc, you can also try buffer overflow bugs. You don’t have to understand or write these exploits yourself, you can get these scripts from underground or security or research websites that provides them to us in the name of glory. You will probably acquire the name of a script kiddie but who cares about names when you can get your picture posted in the front page of tomorrow’s newspaper.

For our hardcore jail bird wannabes, you can try a simple phishing hack. Let us take Hiitch as an example. Just imagine Hiitch as a website based social networking service. Now all you need to do first is to buy a domain very similar to ‘hiitch.com’, say ‘wwwhiitch.com’. This is to catch our unsuspecting net citizens. Next clone the Hiitch website by saving the web-pages from your browser. When our victim comes to our fake Hiitch site by accident, they will not notice any differences between the original one and the fake one. The browser will not complain because the identity of the site is not digitally verifiable. Then write up a simple script to save and store the user Id and password that our victim will soon enter. Once their information is entered, send the result to yourself via email then redirect the victim to the actual site by doing a simple post to sign him/her in. The victim will not know or suspect anything even though they have just been hacked.

There are many ways to skin a cat and therefore breaking is always easier than securing an on-line service. Security is hard work for both the service provider and the end user like yourself. It takes proper education on security issues and enforcement on both ends to make an on-line service really secure. Are you the security weak link or your service provider? Ask your service provider how they are protecting you and your information. Play an active part in helping keep yourself and everyone safe while on-line.