Dan Q
Do you think that the Italian power company, PowerGen, were actually thinking of how else their domain name could be read when they registered powergenitalia.com? And there’s at least nine more equally badly-chosen domain names.
Oh, and happy new year.
I frequently find myself impressed with some of the more unusual things it’s possible to obtain on the internet. I was browsing the binaries newsgroups when I came across this gem of a self-help film:
A few interesting things about this film:
Just plain scary.
A little more research and I found the web site of David DeAngelo, who made the film: there’s a page to sign up for his online course in meeting women online… the page starts by promising the usual crap that you can get from any spam-ridden inbox: “how you can manipulate your online profile to inspire interest,” “how to be confident when it comes to talking on the phone,” and so on, but the thing that got my attention was the following line. It’s as much bullshit as these programmes always are, but it makes a promise I’ve not yet seen in my 12 years of net-surfing:
Inside you’ll learn… a “secret” email subject line that drives a woman crazy
with curiosity and gets her to open YOUR email first.
What do you know: women’s heads are hard-wired so that a few key words in a subject line will get them to open it, no matter who it’s from or what the context in which they receive it. Dating be damned: if this were true then I would subscribe to the program. Why?
Ah, the fun that’s to be had with Google Suggest:
Some interesting facts we’ve learned:
Have a play with Google Suggest yourself.
Abnib Version 1.0 was a funny little beast. It was built to accomodate for about half a dozen bloggers, but ended up with about nine or ten. It worked, though, and the principle of aggregating the blog entries of our friends and our friends’ friends took off. Abnib 1.0 had a few major flaws: firstly, it only showed a summary of the post. This was partially because all but two of the bloggers thereon were using free LiveJournal accounts, and a limitation of free accounts at that time was that you could only get the first couple of hundred characters of a post at once. Another limitation was that the site design was columnular – each person had a column of their own, which dramatically reduced the space available and made in-post images impossible. Furthermore, Abnib 1.0, which updated itself wholly or partially every time it was visited, was as slow as a dog.
Abnib died when I accidently deleted a few key files for which I didn’t have backups, and that was the end of that. However, with Gareth‘s help, it was reborn in August 2004 as Abnib 2.0. This was powered by Planet, a Python-driven flexible feed aggregator which is used in all kinds of places for just the kinds of purposes we use it for. Jon went a step further and added an interesting new style to it, and we added the Abnib Gallery (Abnib 2.1), a place for all things Abnib to share photos. Abnib became a real “centre” for our fun little crowd, gathering information on Troma Night and the RockMonkey wiki, as well as the usual weblogs. The release of Abnib 2.2 brought extra abilities much-requested by users, such as the ability to “hide” the community feeds. That’s where we are now.
However, all is not well. There are a few key things I’d like to see improved in Abnib:
So, in order to fix these problems (among others) and implement some new features, I’ve begun work on Abnib 3.0. This new version of Abnib will:
It’s all powered by a new weblog aggregation engine called Phatnet, which I’ve been building for the last few weeks specifically for this purpose. And it’s pretty damn gorgeous. But that’s not all. Experimental features which might end up part of it now or later include:
Hopefully, I can get Abnib 3.0 finished and released later in December. If you want to see what’s been done so far and how it all fits together, take a peep at the Abnib 3.0 Preview (it updates every few days, so it’s no good for actually reading blog posts on, but it should give you an idea about some of the features: try clicking the “More Posts…” link at the bottom or on people’s names in the sidebar). It’s ugly as sin, but hey. Feedback appreciated.
Here’s a geeky (well, geekier) retelling of The Matrix.
This article is a repost promoting content originally bookmarked via del.icio.us. See more del.icio.us imports or more things Dan's reposted.
Bookmarked via del.icio.us: A Cynical Timeline Of The Internet.
Over the last few weeks I’ve playing playing with an exciting new technology known as OpenID. Do you remember Microsoft Passport and it’s opposite number, Liberty Alliance? Well; we all know that these services weren’t all they cracked up to be. They claimed to be “distributed log-on services”, but in actual fact they were centralised log-on services (controlled, for example – in the case of Passport – by Microsoft – do you want Microsoft to know everything you do on the web?), and not really distributed at all…
…OpenID really is a distributed log-on service. Anybody can set up an OpenID server and start giving out OpenID accounts. If you have a weblog with LiveJournal, for example, you already have one, and soon folks on other similar blogging services will have them too.
I’d love to see a future where OpenID catches on, because it really is a beautiful and elegant (from a technical point of view) way of doing things, and it’s really easy to use from a user’s point of view, too. I’ve spent a little while implementing the beginnings of a WordPress (the blogging engine that powers this site) plug-in, and it’s taking shape: if you look in the upper-right of the page, you should find that you’re able to log in to this web site using your LiveJournal account. That means that WordPress users like myself, in future, should be able to do things like LiveJournal’s “friends only” posts, and allow LiveJournal users to make comments in a way that proves they are who they say they are, and many other benefits, too.
But, of course, it doesn’t stop there: DeadJournal will be next. Then TypePad. Then Blogger and the forum sites – phpBB and the like. Then the wiki sites. All of these sites will be able to authenticate against one another, and make content private, or accessible, without having to have silly “sign up” systems of the type we’re starting to see everywhere these days.
It’s all very exciting, but it’s early days for now. Right now, my WordPress plugin doesn’t do a lot – you can log in and out, and that’s about it. But give me a go, and tell me what you think – log in to my blog using your LiveJournal account, and give me some feedback. And when I finally get this code to a production level (right now it’s buggy as hell), I’ll release it as a WordPress plugin, and the world will be great.
Abnib now supports “feed hiding” of the “community” feeds (RockMonkey, Troma Night, Gallery). Just click the “hide feed” link at the bottom of a post of the type you don’t want to see. This feature by demand of Jon.
In other news, Blue Dragon is proving somewhat popular, with 7 registered players (plus me, but I don’t play on account of the fact that sysops who play their own games tend to do well, even if they’re not cheating, and get accused of cheating regardless of how well they do), and a couple more about to sign up. If you’ve not given it a go yet, there’s still time to get in and cause some damage before the “top players” pull too far out of reach… and if you are playing, you’ll see that a few new areas just became available to you…
Hmm… my blog works. On it’s new host.
This looks promising.
More when I have it.
Every year the Students Union here in Aberystwyth puts on the May Ball, an excuse to dress up and party if ever I saw one, for students. For the last few years this has been held on-campus, in the Arts Centre, Students Union, and the concourse in-between the two. Live music and shows, dancing, and a fairground… and hundreds of students in ball gowns and tuxedos… Since the event had been moved “on campus” there have been less tickets available than ever, and demand grows steadily higher. As a result, students queue for hours to get their tickets.
This year, tickets began to be served at 10am, but the queue was 270 people long by forming by midnight: yes, people were willing to stand, all night, for ten hours, to be first in a queue for May Ball tickets. The Students Union have, of course, monopolised on the situation and will be selling drinks to the people queuing. Hey; let’s charge them twice.
Another recent problem has been that of ticket touting. Tickets sell for under £40, but can be re-sold to those desperate to go for as much as £100. Last year, the Students Union would not allow more than 8 tickets to be bought in a single transaction (and with queues so long, there’s no chance of queuing again), but that still meant that sly touts could easily earn up to £480 for a few hours work. This year, only four tickets can be bought by any single person, but this simply resulted in a longer queue, sooner, and I don’t think it’ll stop touting (if I was going to the May Ball, and therefore needed to queue anyway, I would buy my full allotted four tickets, regardless of how many people I was actually purchasing tickets for… and I know of dozens of others who follow this methodology every year, meaning that even as demand goes up, the touts take an even larger share of the profits).
Thankfully, I’ve been to the May Ball once and I’ll happily get by without ever going again. But I got to thinking, having seen the lunacy in those students who’ve spent all of this morning and all of last night queueing, that this isn’t the best way to be arranging this event…
A Better Way
Here’s how it should be done. All the tickets should be sold online, by the Students Union. If you want to buy tickets, you connect to their web site and fill in the following details:
An e-mail is sent to your university e-mail address to confirm that it really was you who ordered the tickets (and not somebody ordering in your name). If this is not replied to within 24 hours (as will be explained in the e-mail), the order is cancelled. The tickets (which are posted to you or collected from the union) are printed with “Your Name”, and “Guest of Your Name”, eliminating the risk of touting (assuming that reasonable checks are made by security at the gate – just checking the identity of every fifth person in would act as sufficient deterrent to those who would like to go to the ball using a ticket in somebody else’s name).
The e-mail confirmation also gives people a chance to change their mind: if their friends, who they wanted to go with, were unable to get tickets before they all sold out, for example, they would know about it and be able to cancel their order. But it would also ensure the identity of the purchaser without requiring them to pass their password over the network. Students collecting tickets from the union would have to produce photo ID.
Those tickets remaining unsold after the web server is hammered by requests for tickets (for example, those cancelled or released later) would all be sold in a “second wave” (which would be announced in advance).
It is terribly unfair for the union to make students stand out in the cold and the rain, without sleep, to get tickets to an event; it could even be argued as discriminatory (whereas the University ensures that all students have the capacity and tools to use an internet connection). There would be no queues, no touts, and no unfairness. There would be no fights for the limited amount of cash in the on-campus cashpoints. The union would save money in ticket salespeople and policing the queue. And a system like this could be implemented for them for a sum of money that could be measured in the hundreds, not the thousands, of pounds. Hell; I will quote them for it, if they ask: I’ve already knocked up a prototype. Why not send a message to the May Ball organisers and tell them what a good idea it would be, particularly if it would make the difference to you, personally, about going to the May Ball.
They still won’t listen.
People have asked me for GMail invites again, but one of these people’s @aber.ac.uk e-mail address doesn’t seem to be working, says GMail, so here are some “ready to pick up”:
Get ’em while they’re hot. If one doesn’t work, try another. If they all don’t work, leave a comment (and pull your finger out next time).
Got home videos? Send them to Google! That’s the message that Google co-founder Larry Page is trying to put out.
In anticipation of launching a “video search” system, Google wants a stack of material on which they can test their “video spider” – a program which will hunt for keywords (spoken, or on-screen) in video material, so that it’s searchable in much the same way as web pages already are.
Fucking weird.
Do you remember Ceefax, that wonderful service from the BBC that seemed so cool until you discovered the internet? Well I do. And so does a Dutch consultant who set up a system, on the web, for searching Ceefax pages.
Well; in any case; I thought that his site was fun (in a nostalgic kind-of way) but hard-to-navigate, so I’ve developed a sensible front-end that’s far more reminiscent of the way Ceefax works: Ceefax Browser On Scatmania. Give it a go.
A PhD student in San Deigo has written a fascinating paper which will spook internet anonymity freaks – Remote Physical Device Fingerprinting – which describes how a physical computer can be uniquely identified on the internet, regardless of operating system, IP address, or data sent, just by looking carefully at it’s TCP packets (which contain the data for a large amount – perhaps a majority – of the internet’s traffic, including all web and e-mail traffic).
The technique works by observing the deviation in the timestamps sent (in accordance with the widely-adopted RFC 1323: TCP Extensions for High Performance, specified back in 1992). Each computer’s hardware clock is made from a separate piece of quartz, and each quartz crystal is unique in it’s imperfections. By measuring these imperfections across the internet, it’s possible (with enough sample data) to identify a computer individually, which has implications both good (computer forensics) and bad (anonymity).
The paper itself [PDF] is well worth reading. And, for those that are paranoid about their anonymity online, here’s how to “turn off” this feature of TCP for Windows 2000, Windows XP, and Linux:
echo 0 > /proc/sys/net/ipv4/tcp_timestamps
Of course, the absence of timestamps from your machine may, if you’re in a small enough sample group, single you out even more, but at least you’re not globally unique any more; which from an anonymity perspective is a really good thing.
I’m sure you’ve all seen the recent Internationalized Domain Name exploit, which affects most web browsers (except for Internet Explorer – shocker! – because it doesn’t yet have the power to support internationalized domain names): if you haven’t, why not visit paypal.com – looks just like the real thing; doesn’t it: the browser bar says you’re at PayPal’s real site, but you’re not. That first ‘a’ in the name is an international character (actually the letter ‘a’ from the Cyrillic character set, which is just slightly different from a Western ‘a’, if you look closely. Of course, this leads to potentially thousands of dangerous phishing exploits, tricking users into exposing their bank account details to random Nigerians.
Opera, makers of a stunning web browser that I’m not quite sure I should be abandoning yet, have announced their solution to this problem (which isn’t actually a web browser problem at all, but a specification problem): IDN domain names from outside of places which are expected to need then (e.g. dot-jp, etc.) will be displayed longhand, and secure sites (https) will display their certificate holder’s name – longhand – alongside the domain name in the address bar.
Of course, unless you’re using Opera 8 beta, the only way to be sure you’re safe from this exploit is to manually type in every link you follow.