fakecall.net

You're polite, but some of your cow-orkers are not. They come around every day when you're in the zone and knock over your house of cards. Maybe you're in the meeting that never ends and need a little help to make an exit.

I want to help you.

Use this API to receive a phone call from Steve (a text-to-speech bot). He'll probably ask you about some work-related things, things so important that you may have to cut your conversation with your cow-orker short.

Resources and methods: Account (PUT, DELETE), Call (POST), Authorization (PUT, GET, DELETE). Each of these returns some simple JSON. Details below.

This is a free service with no accompanying warranty. Your number will be kept private and your account will be completely removed when you delete it. See below for details.

This will call the number you specify and ask you to verify you have the phone in your possession by entering a 2 digit code. The password is whatever you want it to be, and which you'll use in the future for Basic Authentication when you need to do any other API calls.

This is also how you change your password if you've forgotten it.

Return JSON document:

Example: Creates an account for 123-456-7890 with password "your password here", which number and password will be used for HTTP Basic Auth for all other API calls in the future:

This is where Steve calls your number and engages you in conversation. Be warned that Steve is pretty dull and not very creative:

Return JSON document:

Example: Makes Steve call 123-456-7890 and engage in conversation:

This really deletes your account and leaves no trace. We use "rm -rf /path/to/1234567890" (really).

Return JSON document:

Example: Deletes the entire account for 123-456-7890:

If you're not near a device capable of making an API call, but maybe a nearby conspirator is, with a secret wink or nod they can make the call for you, if you've authorized them with this API call (they will also have to have a fakecall.net account).

Note that I'm running nginx, which chokes on empty PUTs unless you tell it with a "Content-Length: 0" header not to expect any data (see Example below).

Return JSON document:

Example: Authorize 555-555-8899 to place a call on your behalf (the "Content-Length: 0" header is for nginx, which doesn't have a configuration option for empty PUTs):

This syntax is identical to calling your own number, except that you specify another number to call. You must be previously authorized to call the number or you will receive a 403 Forbidden status code.

Return JSON document:

Example: Makes Steve call 999-888-7777 and engage in conversation:

You may use https if you wish for some resources, but you'll be using dotCloud's SSL certificate (I don't have one yet). Use curl's --insecure parameter to bypass SSL certificate checks. I haven't tested the API with SSL thoroughly, so it may not work on all resources or methods (then again, it might work fine).

If I were a bad guy, I would collect your phone number, and, um, then I would have Steve call you all the time.

Seriously, I might as well have chosen a random number from the phone book for all I know about you. At least then I'd know your name.

Ok, really seriously, I don't care about your number. This is a free service that I do because I found it useful for me. I promise not to let anyone else have your phone number (unless they have a signed search warrant or something equivalent—like a gun—that would compel me to do it). My libertarian streak cringes at the idea, which is why I've gone to great lengths to leave as few traces of anything as possible on my site.

Consider a Google Voice or other throwaway number if you're really worried about it.

As long as your account is active, I have your phone number and your SHA256 hashed password. My Twilio account records the time that it called your phone number. I'm not sure what's happening on the dotCloud account, but I don't think that anything is recorded there beyond the API calls in the nginx logs. I'm still new to most of these services.

Info I don't have: your name, your email address, your social security number, your date of birth, your mother's maiden name, your first pet's name, your employer, a list of your friends, the color of your first car, etc.

Yes, I really do delete your account. That's what I expect companies to do for me when I want to delete my account with them.

I may delete accounts that haven't been used for, say, 6 months, but I don't have a heuristic in place yet.

No problem—just invoke the PUT method again on your number (i.e., re-create your account as if it never existed). We'll re-verify that the phone is in your possession and you can send a new password. Your other data (if any) will stay intact.

All passwords are hashed with SHA256 before storage—no plaintext passwords are kept anywhere on the site.

The site is running on dotCloud, built with Perl's Mojolicious framework. DNS is hosted with Amazon's Route 53 (which I manage via Interstate53).

Calls are made with Twilio using my Perl module for all Twilio interaction.

I learned RESTful design from reading RESTful Web Services and studying Twilio's RESTful API.

A friend of mine at work used to notice when, uh, long-winded folk were spending too much time at my desk. Knowing I'd prefer to work, but was too soft to ask people to leave, he'd call my cell phone from a few cubicles down and start talking to me.

When I started playing with Twilio last year, I thought it would be fun to try something like this. When I found dotCloud in June, I began to see the light. When I discovered Mojolicious in July, I knew I had to do something about it.

10 days start to finish, including learning Mojolicious, dotCloud, and Amazon Route 53.

Why did I include this dumb question? Because I'm looking for work (I'm employed now, thanks).

For now. If it's popular enough, I'll have to charge something eventually—Twilio and Amazon aren't free services (and I'd love to give dotCloud some money every month for hosting too).

Maybe I'll give anyone one free call per day. Those who want more escape hatches calls from Steve can give me a couple dollars per month or something. I haven't really thought it through that far.

Personally, I have an OS X service I made using Automator which I tie into a keyboard shortcut I can hit anytime to invoke the call API using curl.

Sure, knock yourself out. Let me know how it goes.

Update (12 Dec 2011): here are a few people who've done just that:

• Elliot (via github), a Python API by Peter Hajas.
• FalseCall, an application for iOS 5 by Michael Brindle.

Send me an email.

Maybe, but you get what you pay for. Send me an email.

This is an issue with nginx, which doesn't like empty PUTs. Add --header "Content-Length: 0" to your curl call to tell nginx not to expect any further data.

There are a few options that I haven't surfaced yet, such as allowing you to set future calls, change who's calling you, record your own calls, etc. Maybe international calls (US calls only for now—everything else is too expensive!)

powered by twilio™

dotCloud

mojolicious

Amazon Route 53