A Whole Lotta Nothing

Today someone spammed MetaFilter on behalf of Conde Nast publications, and it pissed me off way more than the average occasional spammy self-promoter on MeFi. We have a strict rule at MeFi (since there's no editorial vetting upfront) that you can't post about your own stuff, you have to make posts to interesting random stuff you found on your own. Unfortunately, that doesn't matter to the douchebags intent on ruining the web for everyone else with search engine gaming, as long as they benefit their clients, so we end up having to delete these keyword-laden posts that feature over the top fake testimonials about sites they "found" when they really worked for them.

What pissed me off today was seeing a normally reputable outfit like Conde Nast stooping to hiring a dodgy firm that employs such lame spammy activities. I know the response from Conde Nast or the spammy SEO company will be the same I've heard a thousand times: "It was one rogue employee" or "We didn't know the firm would employ such tactics." I heard the same thing when the Times (UK) was found spamming social sites earlier this year.

The point that seemed to be lost in the Times story was that a cornerstone of journalism that had been publishing for hundreds of years would stoop to such lame-brained antics. You'd think that someone higher up at a place like that would think maybe getting a couple percent more advertising revenue by ethically shady means wasn't worth jeopardizing the reputation or position of a 223 year old newspaper -- that institutions with a long-term vision shouldn't be interested in a quick buck by any means possible.

It's a bummer to see Conde Nast hiring someone to "optimize" search engines for them (where "optimize" means spam the web and generally make social sites and tools less useful for everyone in the hopes they do better for certain key search phrases) but given the way the economy is going and where it is headed, I suspect we'll see a lot more big name outfits and longstanding institutions making these same mistakes and resorting to problematic methods of increasing their bottom line, and frankly it sucks for everyone involved. It sucks for anyone using the web and wanting decent honest search results based on real quality of information (not just the information promoted by self-interested parties). It sucks to see industry leaders with dozens or even hundreds of years of successful business think this is a sensible approach to the web. Finally, it sucks to see some chucklehead get paid to spam websites in ways that are becoming so normal that people think this is something every business should do.

This is a fantastic informative video for people new to internet scams. Dad, if you're reading this, please watch it.

If you've followed this site for a few years, you probably saw my old essays introducing Google's Adsense to the blogging public and that time I said ads in RSS were a no-no. Today I wrote an extensive update on the same subject over on my new blog: How ads really work (superfans and noobs). I basically lay out everything I've learned from hosting ads for the past five years including some data from my own sites and those of several friends.

Pretty interesting community story taking place on Digg today (as much as I can gather, after Andre showed me):

• user makes a post on digg linking to the encryption key that is used to crack HD DVD protection


• story is pulled, user is banned, then story goes up about banning user (people speculate it's because HD DVD was an advertiser) update: Ed Felten has a good post about general efforts to take all references to the key off the web


• Two to three thousand people get annoyed/pissed, and start posting and digging all sorts of stories that mention the encryption key in seemingly innocuous ways.


• This continues for the rest of the day, with the entire front page of the site filled with stories leaking the crack

It's always fascinating when a community (or a country, or a religion, or a group of any size) decides to spontaneously revolt, and it's even more interesting when it happens in such a short period of time in a distributed medium like the internet. There are loads of stories like this on other sites and in multiplayer online games but I've never seen it happen on digg before. I'm curious how many people it took to come up with a reaction and the idea to post the key in other ways -- I can see a general mob voting mentality would be easy to gather steam once the posts were up since many people wanted a way to vent their frustration -- but I wonder if it was just a dozen or two users that started creating the posts that quickly got to the front page. And finally, what was their method of communication? In-site messaging? IM?

Anyway, I'm certainly a late comer to this story but I'd love to see a wrap-up of it several days from now, when all the details can be figured out.

On some random blog, I found a link to this book "Founders at Work", a book interviewing the founders of tech companies. The person mentioned Caterina talks about Flickr in it, among big famous 70s and 80s software geniuses so I ordered it thinking it'd be a history book about a bunch of classic Silicon Valley companies with maybe a recent one like Flickr thrown in there.

It just showed up and I can't believe how many recent companies are in it (del.icio.us, Blogger, Six Apart, 37Signals, etc) but I didn't hear about this book from any of the long-term bloggers that are part of it. C'mon Ev, Mena, Jason, and others! I read your blogs daily, and would have ordered this book weeks ago if I knew it existed.

I've long been a fan of Heifer International and suggested it to others as a charity, but I never read the small print. Philip Greenspun and Michael Stillwell did and both noticed their marketing is fairly misleading -- you're not really buying a water buffalo or a cow, but simply contributing to a general fund that someday may result in animals getting to families. It's not entirely dishonest but it sure feels like something different than what their site describes when you give money.

I've been playing with Outside.in for a few minutes (here is the Portland feed), and my first thought was that this is exactly what friends told me to do in 2000. MetaFilter was just taking off being barely a year old, and San Francisco friends urged me to make city-specific local news hubs that interested people could find links and news for and post to. Tom Coates had a great write up in fall of 2000 asking for precisely this. I was (and still am) too busy to take on such an effort, but it's good to see someone trying to pick up the reins and try it.

I'm surprised they didn't use CityName.outside.in URLs instead of outside.in/City_Name though.

Like the original iPod thread at macrumors, I love reading last year's announcement of YouTube getting funded. Post GooTube deal, Sequoia's $11.5 million invested netted them $495 million in return. With that in mind, these quotes from the post and linked blogs are great:

"The Web 2.0 funding frenzy is in full effect."

"People on the street in Montana aren’t talking about [YouTube]… It will be some years out before general people become users."

"...emerging land of absurdity where a live prototype that can be replicated in 90 days, that has no business model or revenue is considered a business."

Holy crap, the rumors were true: Google buys YouTube for $1.65 billion

I'm really happy about this and think it's a good thing. Like I said last month, YouTube offers a fundamental shift in how video is shared online and provided a free hosting outlet for millions of people. YouTube proved that broadband and video can actually work and it doesn't have to cost every producer an arm and a leg. The rest is all details, though I understand profits and lawsuits over IP are pretty big details.

I would put this purchase up there with the Blogger deal. Google saw this app that provided a huge shift in how people interact online and snapped it up. Same with Writely, same with Picasa (though I'm sure they wanted Flickr back when it was independent). Google used to just be a search company but now they're looking more like a very smart media company buying up all the best-of-breed services.

I do wonder how on earth they'll fold YouTube into Google. If they just merged the YT content into Google Video, all the personality and social aspects of YouTube would be lost, but if it stays independent, then they have two brands offering much of the same product competing for engineering and legal resources.

Congrats to the YouTube team and kudos to Google for snatching it up and keeping bandwidth costs at zero for young filmmakers.

Just a note to people looking for *.metafilter.com -- this morning there was an OS-level software problem on the web server, which required a total wipe and reinstall of the drive. The database server is fine, and I am getting all the data off the original web server drive, so everything should be back up and running by this afternoon or tonight at the latest. At the moment stuff is just being reinstalled and will take a few more hours.

Flickr and YouTube are wonderful services that have been lauded in the press hundreds of times this year, but recently I figured out their worth was much more profound.

Back in college, I spent my free time designing web pages for fun and due to my dead broke status, I got a lot of software on heavy student discount, borrowed copies from friends, and if need be, pulled copies from usenet. It used to be pretty easy to get copies of anything you needed and I justified it by saying when I went on to a career in web design, my employers would be purchasing full licenses of the products I bought, borrowed, and stole.

I also had this idealistic mantra: when everything you are creating is digital, the supplies should be free. An artist should never be limited by tools she cannot afford. Ideas should be the only limits.

Fast forward a few years and most of the things I clung to in college came true. My employers bought full copies of Photoshop and I generally had access to limitless free bandwidth thanks to employers and friends. The only limiting factors were my ideas and imagination. Anything I could create I could upload to my server and share it with the world.

But there was one thing I never thought quite worked out right, and that was The Bandwidth Problem. The web is an amazing, democratic, open, limitless thing that has forever changed my (and everyone's) life, but it always had the Achilles Heel of paying for bandwith. In the early days of the web there were plenty of free hosts with limitless bandwidth and we got all sorts of things like Mahir's I Kiss You, dancing hamsters, and fighting stick figures.

Free hosting popped just like the bubble did, and as blogs began to gain popularity in 2001-2003, paying for bandwidth was a constant problem, especially for sites with no revenue. During those years I talked to a lot of people with interesting ideas that were held back by the fact they couldn't afford to host their work or pay for the downloading of it by thousands. Nosepilot was a great example of the problem. Flash was still synonymous with "skip intro" and crappy techno background sounds when some random freaky artist builds a continuous sort-of story that takes the form of a whimsical scrolling film. The hosted file was something like 50Mb in size if you played the whole thing and as it gained instant popularity, the creator was hit with a multi-thousand dollar bill from his provider. I remember him trying to raise money through donations and giving him something via paypal. He eventually had mirrors set up to view the file on other servers while he was trying to sue his host into cutting the bill down. It was an ugly outcome for such a lovely piece of net art.

These days, whenever I see someone on Ask MetaFilter wanting to explain something, they'll almost always link to a screenshot hosted on flickr or a short cameraphone video on YouTube. I think we've all forgotten what the web was like before YouTube came around. Just a year ago, video on the web was still a thorny problem. The only people that could reliably offer it were huge movie and TV studios, and I recall even downloading the video for "A Million Ways" by Ok Go last summer required people volunteering mirrored downloads of a quicktime file.

Just over a year ago, I found something incredible on usenet: a mock terror exercise that was part of some anti-terrorism training program. In order to share the 81Mb file, I had to set up my own bittorrent server to share the download bandwidth with others. Even with bittorrent, when the file was linked on BoingBoing, the server crashed to a halt, and when brought back, almost maxed out my bandwidth for the month in a couple days. Until that time, I always considered my server shared with a friends was limitless at 1200 gigabytes a month, but this one video almost cost me a bundle.

Thankfully in 2006, everyone has YouTube and Flickr. Video is no longer a problem online. You can post thousands of huge images on Flickr and not have to foot any bill. You are free to create any movie, design, or photograph without fear of getting punished financially for its popularity. It can cost nothing to host, and millions can experience it.

The tools to deliver your creations are finally free. I am already seeing profound changes in how students can create and share their work but I bet in a couple years from now it'll be even more dramatic. We'll look back at the days when you were charged by the downloaded megabyte as quaint and laugh and wonder what things were like before YouTube and Flickr (and others, of course) took away those limits.

I've been getting these gmail spams for months now, with no predictable way to filter them out, since the spammers use variable email addresses, subject lines, and text content. For Gmail to filter them completely, they'd have to scan every image for text and apply that to spam filters, which is probably too much processing required.

Today I came up with a way to kill them forever, but it is definitely overdoing it, as it basically means no more .gif attachments in email from anyone anymore. But I don't mind since I rarely get legit .gif attachments. Here's what I did.

- Hit the Create Filter button next to the search box at the top of Gmail.

- In the field "Has the Words" put in: .gif

- For the Has attachment checkbox, check it.

Run a test search (middle form button) and check your results. Chances are you'll probably see a ton of spam, but look for the legit emails. I saw some from former coworkers, a blogging service, and a company I do ad stuff with. To keep those people safe, do this:

- In the field "Doesn't have" put in text that their emails would contain somewhere. In my case, I just put in their domain names.

Run a test search again, and make sure you don't see any false positives. I just made this filter permanent and found out I had 13,000 of these in the past month.

Thanks to spammers, email is getting more and more broken everyday, but at least there are ways to make it manageable.

update:this looks even better (thanks Cory!)

yet another update: this looks like a combo of how you'd put the hawk wings idea together with the one I presented, for Gmail. I'd strongly suggest going this route until spammers wise up and change their content types.

I'm going to try something new here, doing little posts called "bug reports". I guess I could submit this to This Is Broken, but there's sort of a negative connotation with that because everyone just piles on in the comments and I just want to help people out by clearly laying out bugs I've found so they can improve their product and I can enjoy a better experience.

Today I'm mentioning the photo gallery hack that Gawker sites like Lifehacker and Jalopnik use because I see them everyday and have learned to avoid them because I don't think they really work all that well. There are two main problems here:

1. RSS readers like reblog display escaped php in the entry. Perhaps it's just my web-based reader but I don't get anything useful from something like this (screenshot of a lifehacker post with a gallery):

2. Using the galleries themselves is cumbersome. With OSX/Firefox, when I click on an image, a few moments later, the blog entry reloads, and I have to manually scroll down to see the image. Clicking on Next properly jumps back down, but requires another page load, which can be slow. At times I've given up after 1 or 2 photos because the reloads are taking 10-20 seconds.

Here is a video of that in action

I have the feeling that the gallery works the way it does to encourage more pageviews, for advertising purposes, but it results in a poor experience for users. I tend to not even look at galleries and instead follow whatever links are in the entries to see photos somewhere else.

Suggestions for a solution: The easiest thing would just be using MT's built in image popup links. Or you could dump them into a Flickr set. Best solution would be an in-page dhtml widget that could show the first photo and cycle through them all without requiring any page loads at all, so visitors could quickly and painlessly view an entire gallery in seconds without losing their place or forced to wait for server responses.

I made a video for a dozen friends to laugh at my geekiness, and so far it's gotten as high as #3 most popular video and over 100,000 views on YouTube. I thought I'd recap some details and things I've learned from the process.

- I first saw MacSaber on Sunday morning, on MetaFilter. It was the only place I saw it at first, and I immediately thought of all the cool things you could do with the motion sensor, the most obvious being using a light saber simulator to do a parody of the star wars kid.

- On most blogs, even with a somewhat technically minded and art-appreciating audience, the first reaction for most people was about dropped laptops and hard drives destroyed by motion sensor toy apps like MacSaber. Some people can't see innovation when it's right in front of their faces. The SmackBook is the first in a long list of innovative uses of the SMS.

- I placed an order for a MacBook the day it came out, so it could replace my three year old 12" powerbook, and it shipped early, arriving Monday afternoon of this week. I unpacked it around 3pm, got it up and running and at 4pm loaded up MacSaber and did a few attempts at the joke.

- I filmed it with the iSight in my G5 iMac, using iMovie '06. It was super easy to do a take, review it, and do another one.

- It took about ten tries before I got enough movement and a funny moment worth keeping (a slight slip, and the stare at the end).

- After I uploaded it to YouTube, it took about 45 minutes to get approved. In the past it's taken 5 minutes so they're either swamped and doing it by hand still, or maybe having "star wars" in the title is a red flag that requires review just in case I uploaded a copy of the movie or something.

- I sent the URL to about a dozen friends (mostly bloggers) on IM. One of them was Andy Baio. Kottke and Cory Doctorow both read my feed, and linked it. Hitting the trifecta of kottke.org, waxy.org, and boingboing.net pretty much puts you on the internet meme fast track.

- YouTube comments are virtually useless. After the first ten or so from people that read my blog and got the joke of it all, the rest that followed were all variations on "this sucks" "what the hell?" and "I hope he drops it HAHAHA lolz"

- If I had a dollar for every "lol" in a comment on YouTube, I could retire.

- After I hit the popular page (about 12 hours later), 90% of the new comments were links to another video. It was basically comment spam, where users hit every popular video and say "hey! come look at my movie here!" I deleted about 40 of them so far. I just got an actual comment spam to a cafepress store, so I'm now turning them off.

- Some strange offshore video production company asked for redistribution rights. I wouldn't be surprised if YouTube is in talks with a TV Network. It'd be pretty easy to make America's Funniest Home Videos every week by just broadcasting the most popular page.

- It probably helps that the movie was only 12 seconds long -- it was very little "work" to watch it so I think it spread thanks to that.

- Since I don't have ads showing on comment pages here, I made no revenue off this. I suspect it could have been worth a couple hundred bucks considering the entry with the video got tens of thousands of views.

- YouTube is a little bit of a walled garden -- it could do a better job of promoting users and their own websites, or letting you write HTML descriptions like on Flickr. I noticed lots of videos embed a URL in order to get people to read more about something. I didn't really get traffic from YouTube to this server, other blogs did a better job.

- I wonder if Apple sold any MacBooks from people watching it and wanting to try it at home.

- The Weblogs Inc. folks linked to it on Engadget and TUAW. One entry called me "youtube user mathowie" and Engadget didn't even mention me by name (and they used to link to PVRblog all the time). Bonus boo-hoo points to Engadget for suggesting Apple copied the Nintendo Wii controller (even though Apple released laptops with motion sensors in them last year). Do some research people, you're pro bloggers, yo!

I've been getting a steady stream of really oddball email from this blog's contact form. They look like this:

Nice hack on Shoutwire!  I like how you stole my article submission link to a news story and re-directed it to your bullshit blog. 

If you want to express an opposing viewpoint on Shoutwire, please do so.  Don't fuck with my submissions.

sdkid

Shoutwire is some sort of digg clone that doesn't even have comments, it just has a frame around other sites and you vote on links and I can't tell if this person thinks I run it or thinks I hijacked it.

why are you jacking pages?

Another one, and when I replied to this one asking them to explain, I got nothing in return. This is the weirdest one of all:

Why do I get your site when I am trying to  get the Fox47News web site?

It must be a default browser thing, sorta like when you type in http into firefox and you end up at microsoft?

And another:

it bites the way your site hijacks links

I wish someone would write me back on this that doesn't think I am stealing something. A few months ago someone said an old article on Wired News redirected to this blog, but perhaps it was just a bad HTML link. I'd sure love to get to the bottom of this and figure out what combination of exact browser version plus links ends up with people on this site. If anyone has any ideas, do tell in the comments here because I can't figure it out and no one will email back to explain.

update: the person that sent the first feedback wrote me back and posted it to shoutwire's site here. On my mac with firefox, I don't get redirected here, but if anyone clicks on this link and ends up here, do leave a comment telling me what browser/OS you are running? Thanks.

another update: So here is the offending page. Click on the blue title and you'll end up here, but the crazy thing is that in the middle, the word "nothing" is google searched, and since I'm apparently the first result, people get redirected here.

So I think the issue is that whatever content management system foxnews.com is running, somewhere, somehow, instead of responding to browsers with a real 404, the phrase "nothing" is being returned on their app server, so browsers like firefox are guessing on it by running a Google "I'm feeling lucky" search for the phrase, ending up here. Hopefully someone at foxnews.com notices and fixes this soon.

conclusion: As Phil figured out, javascript on foxnews.com checks to see if it is being presented within HTML frames on another server, and if so, it redirects to http://nothing/. Firefox by default does a Google "I'm Feeling Lucky" search for any word you put in your address bar, and I am apparently the first result for "nothing" on google, so you end up here. I would direct folks to a page explaining this but there is no referrer sent from the I'm Feeling Lucky search. I guess those of you looking for foxnews.com, don't use whatever site tried to load foxnews within a frameset, as they are just putting a frame around other sites. Just go to foxnews.com yourself.

Sketchup is one of the coolest apps to come out in the past few years. It always reminded me of the OOP program from Microserfs.

Basically it's an easy to use, rapid 3D program that lets you sketch out ideas much like you would on a piece of paper. I used it to mock up my garden in about 30 minutes and my friend Michael did his entire house. The one downside to it was that until now it was really expensive, like around $500 per license. When Google announced they bought the app earlier this year, my one wish was that it would someday be free and it looks like that day has come. Sweet, though the free version is Windows only at the moment, which is odd since the app works great on OSX and I assume it's coming very soon for the mac.

I'd heard a bunch of buzz about the show Deal or No Deal on the Freakonomics blog so when I tuned into catch my first show I was slightly disappointed. I loved the 80s because there were three hours of game shows on three networks every morning (a highlight of staying home sick from school) and my favorite shows always had an element of quiz show in them. So I was surprised to find Deal or No Deal getting all this buzz and being on several nights a week when there's no skill or knowledge in the game at all -- it's purely luck. I might as well be watching lottery balls drop. I suppose that's why it's on so much and advertised heavily -- the show is not long for this world, so they have to milk it while they can.

I saw a couple contestants perform well. The goal of the show seems to be: guess on cases until you get a bank offer near $100k, then quit. But I saw one guy turn down a $91,000 offer and keep pressing on, until at the end he had almost nothing. He stayed in the luck game too long, let his greed surpass common sense and came away with almost nothing.

As I was reading danah's post about Friendster and MySpace I was reminded that Friendster was exactly like that bad contestant. Friendster had something that was hot and now and was fielding buyout offers left and right, but decided to press on. They made a few missteps along the way (danah covers them well) and now Friendster's like a lone case with $75 in it, not really worth anything to anyone.

I recall someone Jason Kottke a few years ago posting a call to arms for developers to post screenshots of their apps, because it was hard to judge what an application looked like or how it worked from a text description alone. Thankfully, in the years that have passed, most every developer has done this and it's rare to see an application download site that doesn't prominently feature multiple screenshots of it in action.

That's all well and good, but last week I realized how screencasts or live demos are many times more useful.

The thing that is great about them is you not only see the application work in real time, but you also get to see how the application developer uses the product. I love nothing more than seeing an expert use a product I might take up, or even one I've used for years. I used to love working at a big university because I got to meet other people that used Photoshop for several years and I always picked something new up looking over their shoulders. I still recall a seminar in 1999 where an expert developer spent an hour showing exactly how he setup his IDE for coding (it was Homesite, back then) before diving into a three day tutorial on some server software. I remember immediately going home and picking up homesite, and setting up all the special keystrokes and shortcuts he taught me. I was a much faster coder after that.

Last week I watched the reBlog guys use their app in a demo and it totally changed my opinion of the application. I thought it was one thing that only did one thing (republish feeds) and it turns out it's something completely different (an amazingly efficient feed reader). I realized then that you can get so much more out of a screencast than a simple screenshot.

I wrote a tutorial on installing and using reBlog for Lifehacker today, and in it, I did a quick demo of how I use the app, by recording an area of my screen while talking into the mic. It's not a great screencast, but I hope it demonstrates the beauty of a nicely designed application much better than a few static screenshots (by the way, snapz pro x has a dumb name but it's a great piece of software for this).

This year for Lent I'm giving up getting acquired by Google or Yahoo for 40 days.

That's forty whole days and nights that I won't be in talks with anyone about a buyout of any of my properties. That's my promise to you, O Holy Lord.

I always secretly hoped I'd never grow old and unhip, but every few months I'm reminded that the world is passing me by.

It all started with the askew hats. Two or three years ago I was walking down the street and saw some guys wearing baseball caps with the bills pointed off at crazy angles, like their hat was making a left turn but their head hadn't caught up. Every time I see a kid with his hat all akimbo I want to grab his arms, smack him in the face, and straighten his hat out. It's irrational, I know, but drives me crazy in a "get the hell off my lawn you crazy kids!" sort of way.

The online equivalent of this is of course, Myspace. Chalk me up as another early adopter design geek that thinks he knows users inside and out. I have almost a decade of experience running my own communities and Myspace baffles me completely.

I know there are millions of young people using it, but I can barely figure out what people use their profile pages for. Sometimes there is a blog, most often it's blank. Most all of them look like 1997 guestbooks filled with pointless me too testimonials from people with equally baffling profiles. When you click from one to another to another, you are transported back to Geocities back before Yahoo bought it, flaming animated gifs and all.

I can see how Myspace looks more attractive than Friendster because you have so much more freedom with your space, but if we give users flexibility, is this really what they want?

Apple has made the iPod the most popular music player on earth, but it's clean as a whistle. How could the same people love their super sleek music player and also love the gaudy oversaturated flashing/pulsating monstrosity of their Myspace profile?

I know I'm not alone in this, but it's good to see people smarter than me are making sense of it because I've been thinking about Myspace for months and I'm still baffled as to its success (I know the social component is the biggest part, but as a designer I'm mostly focused on the membership's design output).

Next time I see Clay Shirky, I want a hug and a story of how it all makes sense somehow.

From Search Engine Watch's 2002 April Fool's page: Google Quits Search, Focuses on Waste Management

Google To Become Portal
GoogleMail is to allow anyone to be myname@google.com. New GoogleStocks and GooglePages web building feature also unveiled. "Yeah, we said we'd never become a portal, but that was all part of our master plan," said cofounder Larry Page. Google's other cofounder Sergey Brin also confirmed that the company was launching a hostile takeover of Yahoo.

Funny how the truth is stranger than fiction.

When Jason posted the plane on a conveyer belt riddle earlier today, I was convinced that take-off was impossible if the belt could go infinitely fast and negate any forward movement. So no movement, no air passes over the wing, and then no lift.

But Michael 's explanation makes perfect sense to me, and now I see why the plane would take off.

I think the original riddle works because I don't have a day-to-day familiarity with jet engines and watching planes take off, or giant conveyer belts for that matter, so I couldn't really wrap my head around air speed vs. ground speed. But I know how a skateboard works, and a treadmill, and a rope and it makes perfect sense.

Mavericks is going off at the moment and I have to admit seeing it live is worth the ten bucks and the windows-only video requirement.

I've often heard prominent computer scientists lament the low uptake of email encryption -- that in the age of many gigahertz machines we still send plain text to each other (usually) over non-secure connections. Every couple years, just for the sake of my personal freedom and curiosity, I make an attempt to try and use encryption for a few days. Every time I do this, I am disappointed.

This shouldn't come as a shock to anyone that has tried to enable email encryption. Encryption seems to lie somewhere between privacy, security, and a mountain of engineering acronyms and standards. Unfortunately for regular people, most of these systems are overbuilt and the process is so painful that I would argue it barely even functions.

Take for example this tutorial on using encryption and digital signatures in Mail. It looks simple and straightforward, but interacting with the Thawte site is a long, painful process. I eventually got a working signature, but only after the following steps were taken:

- Sign up for an account at thawte, which requires an email, strong password, and the use of web server level password logins, instead of in-page logins (in-page login forms can give you good feedback, remind you that usernames are email addresses and how they should be formatted, etc).

- Once the forms were filled out, I had to validate my address to finish the account creation, which required copying/pasting two long hashed character strings. Now my account worked.

- Login to thawte using new account, hit the "request an email certificate" button

- System offers the following options for a X.509 Format Certificate (sidenote: wtf does X.509 mean and why should I care?):

For an X.509 certificate, please choose your software from the list below:
Netscape Communicator or Messenger
Microsoft Internet Explorer, Outlook and Outlook Express
Lotus Notes R5
OperaSoftware Browser
C2Net SafePassage Web Proxy

I run none of those, but just went with the Netscape one, assuming it would be universal (I later tried outlook, which blocked me, saying I need to use IE/windows to get one).

- Complete the request according to the tutorial (oh, and guess on either 1024 or 2084 bit security of the cert), wait about 15 minutes watching my certificate status sit at "pending"

- Remember to opt out of all marketing spam from thawte, in case they want to make some dough off my email address.

- When the certificate is complete and ready, the only way to download it is to click "Navigator" the name of the certificate type, in my accepted certificates list. It's totally non-obvious.

- On the certificate detail page, there is a button to fetch it. I click it in Firefox 1.5, and nothing seems to happen. I click again, and I see something gets loaded, but there is no download prompt.

- Since the tutorial is written for safari, I try that instead, and the fetch button asks me to download a windows EXE file, and for kicks, I do, which launches the mac's keychain access app. The keychain app only lists one certificate in my general list of email certs fetched from other people. There is no sign that I have my own, and Apple's Mail app doesn't show that it knows about it.

- I go back to Firefox, and read the special instructions for fetching downloaded certificates that your browser didn't tell you about.

- To "backup" your certificate from the browser to a desktop file, you have to enter a very high security password. Firefox won't let you copy the file until your password contains enough capital/lowercase/numbers/symbols to pass muster. My password is a combination of four of my highest security passwords because three of them munged together wasn't enough. I have to enter it twice to get the download. My bank doesn't require this level of security and even thawte gave me the certificate with a simpler password.

- I double-click the downloaded file, am asked for my insane high security backup password (which isn't my thawte login for the certificate itself) and I now successfully have my own certificates listed in the proper places according to the tutorial.

- I open Mail, and send a few emails to friends, the ones that also have a thawte certificate can get encrypted email from me by clicking a button. Only three friends of hundreds of people I interact with have a certificate that isn't expired. The keychain app lists about 50 expired certificates.

I can recall trying to get standard PGP going with Eudora on windows several times in the past, and having similar issues. There are problems on several levels here. It's a pain to get a certificate, it's a pain to incorporate that into your clients, and then finally it's a pain to actually send encrypted email to friends before asking first if they can receive it ok.

On the positive side, Apple's Mail client has built in signing/encrypting functions which let me skip a painful step of adding various PGP or GPGP hacks to Mail. The interface to signing and encrypting is a nice friendly couple buttons, and the encryption one remains greyed out for most recipients, but for some reason the option is presented to me on all replies, even if they don't have a cert and I'll get an error.

The tutorial is pretty good if a bit outdated with regards to the current thawte site (redesigned since the tutorial's screenshots were taken) and Mail in 10.4.4, and I would have never remotely figured out how to do this without it. Still, even with a nice friendly step-by-step tutorial, it was a bumpy road.

There are several places this process could have been streamlined. The Thawte site could deal with better explainations, support more email clients/browsers, and overall not make the process resemble pulling teeth. It would be nice if Firefox told you when it was downloading certificates, and it would be doubly nice if exporting them was a bit easier. The Mac OS level integration is good, but it would be nice if other OSes and email clients could work so smoothly once you finally get a certificate, and it would be nice if email clients were smart enough to only offer encryption options to people that can accept them.

Finally, I must admit that I don't have an absolute need for email encryption, but it'd be nice to have in a "citizens of a free republic should be able to use it for everyday communication" sort of way. I don't see the adoption of email encryption going up anytime soon, given the tedious process requried and I expect the same sort of users to continue using encrypted email (mostly CS geeks that can figure all this crap out and know what various levels of encryption mean and what the standards are). Still, it would be nice to someday see this being quite a bit easier to use. until that happens, there's no way the general public will ever touch this.

Every once in a while I hear someone raving about a new gadget and my first instinct is to check amazon first for a price, then check ebay to see what kinds of discounts are available. I've been doing this for the past couple years.

What I've noticed lately though is my search results are filled with results from sellers in China, often selling something for 80% off or more. But if you dig into profiles of the sellers, they've either never sold anything (just bought 4 or 5 small things) or their only feedback is from unregistered users. It's like an ebay scam from 1998 being repeated, only this time the scammers are based in China instead of the US or EU.

Here are some examples: a search for "garmin nuvi", a ~$900 in-car GPS unit. If you look down the listings, the prices range from $650-900 but my results show a bunch of Chinese sellers offering it for about $150. Here is one. The feedback profile on the seller shows +12, with no negatives, but notice that none are from buyers. This account has never sold anything. The username looks like a random text string, and many of the names of people leaving comments have similar names. If you look at someone that left feedback, you'll notice another account with around 10-12 positive feedback points, left by others with about 10-12 feedback points and similar bot-like names.

I didn't know ebay was selling from China, but it seems like someone is creating vast quantities of zombie users that give each other good feedback on small items only to use the resulting users to sell big ticket items at 20% of the retail price, which I assume is when the scam is over and they just keep the money, ditch that user account, and move on.

What baffles me is why the past ten years of ebay's fraud detection hasn't prevented something like this from happening.

1.

2.

3. There is no step three! (actually, Just Use Preview is step 3)

I've never seen The Mathematics Genealogy Project until just now. It's pretty incredible, covering the professional history of almost 100,000 mathematicians. I did some searches on the math PhDs I know and they were all there. The math greats are there and they even offer posters of anyone's entire genealogy.

I love magnificent obsessions like this one -- that someone went to the trouble to create it and that they keep it up to date (one math geek I know just finished summer 2005 and he was there), eventually creating this IMDB.com of math.

I'll admit upfront I still don't quite get what Google Base is useful for. It's not a Craigslist killer to me because I'm a browser, not a searcher when I'm at Craigslist. I don't see any compelling demo apps built on it and so far it seems like an odd, loose version of the Google index with more of a products and services focus.

Still, as much as I love Naill Kennedy's hacks, his Google Base blog import instructions remind me of Snowcrash, and the Gargoyles to be more specific.

Gargoyles represent the embarrassing side of the Central Intelligence Corporation. Instead of using laptops, they wear their computers on their bodies, broken up into separate modules that hang on the waist, on the back, on the headset. They serve as human surveillance devices, recording everything that happens around them.

In Snowcrash, the Gargoyles pollute the databases with thousands and thousands of hours of nonsense. I tend to think my entire six years of blogging would be akin to that.

After a few minutes of Googling, I found a pretty good method of finding not only specific food I wanted to eat in a new town I've never visited before, but the best of the lot.

Canada has some good resources. Foodpages lets you search for restaurants within a radius that meet criteria (Is there a US equivalent of this? There should be). Toronto.com is a good spot to find reviews and works just like any Citysearch.com directory. Lastly, Google Maps comes in handy for walking/driving directions to get there. It'd be cool if someone could mash all three up, so that the "reviews" listing at foodpages.ca was populated/linked with toronto.com's data. Google Maps already integrates with Foodpages.ca, which is probably how I found it in the first place.

So there I was in Toronto for a few days, knowing that I wanted to eat some good Indian, good Ethiopian, and some damn fine doughnuts, but I knew hardly anyone that could point me in the right direction. All I had to do was put in my hotel's zip code, search for "indian" cuisine within 1km, then hit toronto.com to pick out the best one based on reviews, and finally get directions from Google Maps. This allowed me to find Trimurti among the "little India" section of Queen St that featured several Indian places side-by-side. I found Ethiopian House via this method, which was also was great. My favorite food of the trip I found by accident, while walking past Cafe Crepe.

It may not sound like a big deal, but getting plopped into a strange town and wanting some good food is usually a pretty difficult problem to solve. In the old days you have yellow pages and word of mouth. These days, a little technology goes a long way towards finding what you're craving.

This is the most intellectually dishonest article title I've seen in quite some time: Google Print upsets children's hospital.

On the one hand you have a ridiculous story about how scanning public domain books to make the knowledge easier for everyone to share is somehow detremental to kids. But if you look at the facts, it falls apart even more.

1. Only 4% of books make any money at all, and we're talking about one story. Should laws be written to cover the very few?

2. The story Peter Pan isn't even in the Google Print index, according to friends working at Google.

3. Publishers can opt-out of the program, so the children could live another day if the hospital wanted out.

4. How exactly does searching for a book take money out of a publishers pocket again? Would people really not read a book and instead click through Google page by page by hundreds of pages to read it? Do people read search results instead of reading websites? Seems to me like it'd spur on sales, not steal from them.

Good lord, looks like someone found an old database lying around and thought "huh, is there any way we can make some money off this old thing?" Here's what I just got from Tellme, which I signed up for and used back in 2000 when it was cutting edge.

From: Tellme Studio developer@tellme.com
To: Matt Haughey
Subject: Make money with Tellme & Skype
Date: Wed, 26 Oct 2005 17:29:28 -0700 (PDT)

Dear Studio Developer,

Now you can start making money from the voice applications you create using Tellme Studio!

Starting today you can submit your voice application to Tellme. Selected applications will be deployed and publicized to the more than 55 million Skype users who can then pay to use the application.

Visit Tellme Studio now to build, test and debug your application. The first applications will be deployed soon, so start building!

-The Tellme Studio Team
http://studio.tellme.com

I didn't even know they existed anymore. And look! They've even got a circa-2000 flash-powered splash page. You don't see those everyday.

A lot of web app developers not only turn off autocomplete for credit card input, but they disable autocomplete on many logins. I get kind of annoyed every time I need to login to my bank's site, since it doesn't let you save your username or password. Though I know it's a good security practice, I'd prefer to make the decision myself.

Today I finally started looking for a greasemonkey script to override this, but after finding nothing useful, I tried looking for extensions and it turns out there's at least one firefox extension to override these sorts of forms.

Suck it, Wells Fargo.

I just placed an order for my third Mac ever, this time a new iMac. I realized my 2.5 year old powerbook wasn't worth upgrading if they'll go to intel someday, and I was just using it as a desktop 99% of the time so I might as well get something designed to sit on my desk instead of my lap. Another odd tidbit is that four years ago, I used to build computers from whatever motherboard was on sale at Frys, and now I buy pre-built non-upgradeable computers. Funny how that works.

Anyway, my point is iTunes and the "renting" problem with their music. They went from allowing three machines to five after Cory at BoingBoing complained, but I think I have a better solution.

Now that I'm on my third bit of hardware, and I've had a hard drive crash on the first powerbook, and I've given my wife copies of some songs, I'm pretty sure I've exhausted five machines for some tracks. But when I get my new machine and I register it, Apple will know it's me. They own the hardware, software, and servers that both the new computer registrations and music store purchases go through. Why not connect the two? The solution to the number of machines problem is an easy one.

Instead of allowing three machines or five machines to unlock a iTunes song DRM, make it n+1 where n equals the number of Macs you have purchased and registered. It does two things for you that are both good for Apple and good for customers. One, it lets people know their iTunes music has a future. If I buy a song today, and I buy a new mac each year or two, I'll know that ten years down the line the file will still play (and this isn't a total stretch -- I have mp3s from 1997 saved somewhere). The other thing it will do is remove any hesitation to buy a new Mac on the part of your customers. Imagine if I had purchased hundreds of songs (I'm probably somewhere close to that). If you could ensure that my purchased music collection can follow me from mac to mac to mac, I'd be a happier customer of both your hardware and music services.

Think about it, (n+1) is all I'm asking for here.

I must admit I feel a second wave of excitement long after web nerd friends announce their intent to marry -- it's when the invitation arrives and there's a new URL to signify their love.

You go to this intensely personal site meant only for a handful of family and friends and you get to see photos you've never seen before and often see a new blog with comments from your friends' brothers and sisters -- and you didn't even know they had brothers or sisters.

It's a great little easter egg and I love when I get to see sides of my longtime friends I've never seen before.

Salon's new redesign looked like they came up with the deadline first (their ten year anniversary), and fit the work to match. The way it stands, the site appears as if it was taken from the design and developer team's hands last night, while they were still working on the second draft and probably weeks away from having it fully baked.

Today at Creative Commons, Lawrence Lessig kicked off our first annual fundraiser with a the story of how CC got started. Lessig will be sending out a new message each week covering the history of CC, where we are currently, and what we have planned for the future. We're shooting for $225,000 from the public by December 31st and you get a cool shirt if you kick in $75 or more. Every little bit helps, so please kick in a few bucks today. Thanks.

Paypal's phone support system uses voice recognition to solve problems instead of humans in a call center. At the last step in a security process, I was to state my first and last name listed on my account. I don't think there's a powerful enough computer in the world that would hear me saying "howie" and think that maps to "Haughey". I got stuck in an infinite loop trying to state my name and couldn't complete the process. This is a stupid way to do security.

While trying to buy a gift for a friend's birthday, I visited his Amazon wishlist page, then one-clicked him a book I own and love. A few days later his book arrived at my doorstep. Apparently if you actually want to send someone something off their wishlist, you can't use the big orange "Buy with 1-Click" button even though the option is there, and you have to go the step-by-step route. Totally broken, and I now have a second copy of a book I already own.

So I guess the cat got out of the bag a little early. I tried it out with iChat (hit command-3 to bring up jabber and configure) and got right in with the details at that link.

I just realized something. I use Google for searching with my personal history turned on, and I view it through my personal portal, and I get all my personal mail through Gmail, and everything I've said online for the past ten years is available within Google's index, and now all my daily chitter-chatter could be on a Google server as well.

They don't do evil, but still, it's something to think about.

Technorati Tags: google, googletalk, im, privacy

I have to say I really like the plain, functional simplicity of the Google IM client on Windows. It's easy to manage multiple windows, you can easily see where a conversation left off, and there aren't any ads anywhere.

One thing struck me as odd though -- this is a IM client by Google, and yet, I don't see any way of searching through old conversations. There's a way to search for other users, but I'm surprised that a search engine pioneer didn't ship an app with text search built-in.

(Yeah, I know Google Desktop probably indexes Google IM conversations, but still there should be a direct search from within the app)

I have to say that I'm really happy to see My Web 2.0 launch (I got to see a beta demo a couple weeks ago). It's not immediately apparent, but it's personalized social search, using shared bookmarks between friends. I wrote about this back in December 2003 when I tried to come up with ways then-new social software sites could be useful. My second idea was to combine Friendster with Epinions so that you could search for reviews among your circle of friends, but I had it all backwards. Instead of turning Friendster into a search engine, Yahoo flipped that, by incorporating Yahoo 360 contacts into search.

My first thought when seeing this after thinking "cool, they built what I always wanted!" was that the bookmarklet posting interface does look a lot like the delicious posting interface, but I think these services serve different needs. I use delicious to bookmark all the neat things I find online, but Yahoo's search is more for reference things and epinions style bookmarks I want to save for later and share with friends. I guess though I've used delicious for a couple years now I still think of most material there as ephemeral, while I'm thinking My Web at Yahoo is better suited to permanent storage.

I'm changing my default browser search to Yahoo for a few days to see how it grows and becomes useful. It'll be interesting to see how the search gets better the more friends and saved pages get added. I'm already getting random other users mentioned above normal search results so that's a good sign. I can't wait to see what it's like in a few weeks when I do a random general search and find friend-approved links to exactly what I wanted instead of spammy search results or general information sites.

The other great thing I like about Yahoo's new search is that it attempts to circumvent one of my pet peeves: search engine spammers. Search engine gaming to get your URL high up in searches is a selfish act that degrades everyone else's experience and it's grown into a huge industry. Google has been gamed endlessly for years now to the point at which many general results have begun to suffer. I'm hopeful that if I limit my yahoo contacts to people I know and trust, no amount of search engine spamming in all the world by the SEO community will be able to muck up my results. In effect, this new search could kill an industry I thought would outlast the cockroaches, and that's a great thing.

Ross has a good summary of what this new push means for the worlds of social software and search. I'm curious to see what Google's next move will be. Hopefully they'll buy delicious and incorporate that.

Every so often I end up at snopes.com to hear about some crazy email forward or urban legend. It's ok content you can often find elsewhere but they're the central place for much of it so it's easy to find them. In the past few months however, I noticed they added an obnoxious popup ad (fired in Flash I would presume, which I don't block) on top of all their articles. Today I noticed after following a link there that my back button no longer worked, redirecting me to the snopes page I was already on.

That's pretty awful thing to do to users -- forcing them to look at annoying flashing ads that jump out when their browser is set to avoid them and then not to let them leave.

The first thought that came into my head after hearing The New York Times will be adding paid subscription walls to their content was that Dave Winer just totally sealed the win on his bet.

I can't believe how dumb the NYT is being about this. They shouldn't be putting up more walls but less. Dan Gillmor wrote about this extensively: if they took down the dumb account requirement and the $3.95 archives and instead opened up the 100+ years of archives to google and the rest of the web, I'm certain the advertising rewards from such an endeavor would outstrip any of these subscription ideas.

Today marks a bit of a milestone for me. I've been with Pair.com since 1998, hosting my haughey.com domain and email. They have served me well, with the longest downtime being about 24 hours when the changed data centers around 1999. I've always recommended them highly as they offer a lot of features, but in the past couple years I had trouble justifying the $35 a month I've been paying them while I already had my own servers to pay for. I could have moved the site to my shared linux server ages ago, but what held me back was moving my personal email.

Changing DNS is always a pain and changing mail servers is often asking for trouble. I've kept paying Pair while I put this inevitability off, but with the loss of Knowspam coupled with my attempts to budget my money better, today I made the change. The web stuff is now hosted on the same box as this blog and for email I'm now forwarding all @haughey email to gmail.

I've long been impressed with gmail's features and flexibility. It's great to be able to jump onto any computer and check your email in a browser, and now that they've added pop support (I wished for IMAP, but for offline email reading, mirrored POP makes sense), I can keep reading email in an application when I don't want to have a browser open all the time (or when I want to use a better email composing interface). Gmail's search can't be beat and that was another factor in the move.

Of course, before I changed email servers for the first time in 7 years, I tested it out, forwarding what little email I get at @metafilter addresses to gmail, and it's worked out great. I just bit the bullet and did the switchover of haughey.com DNS and got my first forwarded email minutes later (remember when this used to take 48 hours?).

About the only downsides I can see have to do with my From: address always being my gmail address. If Gmail let you customize that, you could basically use Gmail as a mail server while still maintaining your domain identity. I'm wondering how hard it will be unsubscribe via email from lists, since I can no longer send things from my old address, and I'm also concerned about everyone in the world that has white listed or filtered my haughey.com From: address.

Of course, those concerns are minor compared to the limitless storage and flexibility Gmail offers.

I know this has been going on for quite a while, but recently I've seen so many examples of it that I feel like stating the obvious that so many seem to be missing. Every time I see the new term ajax talked about online, there's a harsh knee-jerk programmer/geek reaction. "We don't need your stinking labels" and "XMLHttpRequest is a perfect fine name and has worked for years" are things you often read. On some level, these reactions are to be expected when you give a new label to an old technology, but lately, those reactions have been drowning out more substantive discussions.

But what baffles me most is that programmers are missing the big picture. Yes, XMLHttpRequest has been around for years, and ajax is just a pretty term for DHTML and javascript, but the beauty of the term ajax is that we now have an easy way to sell the technology. I know engineers have a natural fear of anything and anyone in the marketing world, but now that managers, VC, and funders all know what ajax is and that users want that kind of application interaction, they're much more likely to pay for it.

When a programmer drops the umpteenth comment on a weblog saying the term ajax sounds stupid and is unnecessary, they don't seem to realize how much more business they can pull in (if freelancing) or how they could score a raise (if salaried) if they would just add it to their next web application. Yes, the term is simply a marketing one and yes the technology has been around for a while, but it has been misunderstood and/or unknown until now. Ajax now means more money will funnel to your projects and users will prefer your products over the competition. In the end, the more people that use and understand what "ajax" means, the better off you'll be as a programmer.

Google's new satellite view on their maps is kinda freaky (I can see my car in the driveway), but it's fun to revisit my past.

I grew up across the street from the small city lake seen here, which used to be in the middle of a bunch of orange groves and then a golf course, all of which are long gone and replaced by houses (a bunch of childhood stories, in that view). My high school. After college, I lived near this restaurant, which has the best thai food in LA. I lived here when I first moved to San Francisco.

Yahoo just released a Creative Commons Search that kicks all kinds of ass, drawing upon their massive database of webpages featuring CC licenses. In my tests it is returning as good or better results than the main Creative Commons search, and it's doing it instantly thanks to Yahoo's muscle.

I used to think of Yahoo as the CBS of search engines -- it's the search engine your grandma probably uses to find Murder She Wrote episode guides. But in the past few months they've really turned it around. My Yahoo continues to impress, they picked up Flickr, and now Creative Commons search is baked in. This is not your father's search engine anymore.

I've used Windows on every primary computer of mine since 3.1. I'm only a recent convert to OS X, and I still share a desktop with a fast cheap PC running winXP that I devote to all coding. IE was my favorite browser from the days of 4.0 betas until a year or two ago when mozilla surpassed it. I've heard a lot of criticism of MS and specifically Bill Gates, but I've often defended both the corporation and the man. But my time as a microsoft apologist is over.

After ridiculous comments this week at CES, where Gates equated the last three years of my work with Creative Commons as some sort of Red Menace that needs to be stopped, it's clear he's off his rocker. Bill's spouting lines that make him sound like the new Jack Valenti. From the first Gizmodo interview:

"There's always a tricky issue when you get into stolen material or pornography...if you get notified that it's stolen materials or pornography or things like that...The laws for online publishing the same as for print-based publishing."

Translated: Bill Gates has a talking points team that wants him to equate potential copyright violators with pornographers so he's sure to mention it twice. The term "potentional copyright violators" while correct, isn't as forceful as "stolen material" so he repeats that as often as possible too. His last statement makes clear that to him online publishing = print publishing. In other words, intellectual property = physical property and should be treated as such in the eyes of the law, a concept so fraught with problems I won't even go into the ridiculousness of it all.

I'm pretty sure I've figured out what Bill's problem is and it's pretty simple: Gates is convinced that Microsoft's version of DRM is the One True Path for MS domination of internet content, and he's saying anything he can to promote it.

Microsoft missed the internet boat early on, asleep at the wheel until 1996 and has been behind the times on every venture they've tried since. They've tried to be the king of web publishing, but Dreamweaver owns that. They tried to be an ISP but AOL is still in front. IM? AOL is crushing them again. Passport was supposed to give MS control of every login on the web, but it turns out people didn't trust nor like it. They've tried search over and over, but Google is still the clear king. They're the newest johnny-come-lately to blogging and they don't stand a chance against Blogger, MT, Wordpress and everything else that came before.

This isn't the One True Way, it Bill's Last Chance. The last chance that MS has to try and make a ploy for control of all music, movies, photos, and text shared online from content companies by slapping some crappy rights-restricting wrapper on it all and taking a cut for MS.

There are a few obvious problems with that. Apple's iTunes music store and Apple's DRM works just fine for millions of folks, and the most popular music player since the walkman doesn't play MS' files. The internet is doing a damn fine job of letting musicians, filmmakers, authors, and photographers share their work openly, without any DRM of any kind. And the clear message from anyone that has ever been blocked from doing something completely benign with their files is that people won't stand for DRM that gets in their way and makes them feel like they're merely leasing content instead of buying. But MS keeps pushing it anyway.

Sorry Bill, you're going to lose this battle like you lost every other internet play you've dipped a toe into.