Internet

It’s a series of tubes that Al Gore invented, right?

Meme Propagation Test

by

This posting is a community experiment started by Minding the Planet to see how a meme represented by a blog posting spreads across blogspace, physical space and time. It will help to show how ideas travel across blogs in space and time and how blogs are connected. It may also help to show which blogs are most influential in the propagation of memes. The original posting for this experiment is located at: Minding the Planet; results and commentary will appear there in the future.

Please join the test by adding your blog (see instructions, below) and inviting your friends to participate — the more the better. The data from this test will be public and open; others may use it to visualize and study the connectedness of blogspace and the propagation of memes across blogs.

The GUID for this experiment is: as098398298250swg9e98929872525389t9987898tq98wteqtgaq62010920352598gawstw98qwrt189849813907azq4

(this GUID enables anyone to easily search Google for all results of this experiment). Anyone is free to analyze the data of this experiment. Please publicize your analysis of the data, and/or any comments by adding comments onto the original post at Minding the Planet; Note: it would be interesting to see a geographic map or a temporal animation, as well as a social network map of the propagation of this meme.

INSTRUCTIONS

To add your blog to this experiment, copy this entire posting to your blog, and fill out the info below, substituting your own information in your posting, where appropriate.

(Note: Replace the answers below with your own answers):

  1. I found this experiment at URL: http://www.jluster.org/node/249
  2. I found it via “Newsreader Software” or “Browsing or Searching the Web” or “An E-Mail Message”: Newsreader Software – NetNewsWire
  3. I posted this experiment at URL: http://www.michaelhanscom.com/
  4. I posted this on date (day, month, year): 03 August 2004
  5. I posted this at time (24 hour time): 00:30:57
  6. My posting location is (city, state, country): Seattle, WA, USA

OPTIONAL SURVEY FIELDS (Replace the answers below with your own answers):

  1. My blog is hosted by: TypePad
  2. My age is: 31
  3. My gender is: Dangly Bits
  4. My occupation is: Copy geek
  5. I use the following RSS/Atom reader software: NetNewsWire
  6. I use the following software to post to my blog: ecto
  7. I have been blogging since (day, month, year): Verifiable: Nov. 25, 2000. Unverifiable: Sometime in ’98 or ’99.
  8. My web browser is: Safari

iTunes: “Lovesong (Extended)” by Cure, The from the album Mixed Up (1990, 6:20).

Tech Support Porn

by

The job market just keeps getting wierder. Consider this Portland Craigslist job posting, for instance…

Seeking qualified tech girls for specialized phone hostess positions.

Requirements:

You must be over 18.
You can be described as a “Tech Girl”, “Geek Chick” or “Network Ops Cutie”.
You need a pleasant speaking voice and able to talk “tech”.
Calls can become sensual so you need to be ok with that.
A fully clothed photo for our web site, although exhibitionists are preferred.
Be willing to take calls from those who find your certifications very sexy.

Please see our web site for more information: http://www.askthetechgirl.com/

There’s a devious, if sad, brilliance in this.

(via Something Positive)

iTunes: “Going to California” by Led Zeppelin from the album IV (1971, 3:35).

VisitorVille

by

Apache log file analysis plus SimCity equals VisitorVille, a program that displays your website as a city, with traffic represented by people moving from building to building (page to page), and arriving via bus (referrers and search engines).

Visitors come to your web site from other sites (referrers). Some of these referrers are search engines. In VisitorVille, referrers are depicted as buses. And web pages on your site are depicted as buildings. When a new visitor arrives, a bus delivers them to a building. To move between buildings, visitors either walk, take a cab or — if you have designated them as a VIP — a limousine. VIPs also fly in by helicopter.

When you have many visitors on your web site, it begins to resemble midtown Manhattan, and it’s hard to get your eyes off the screen! Buildings resize and illuminate dynamically based on the number of people inside, their relative popularity, and how many visitors exited through them. Buses, taxis, and limos race around the streets; pedestrians walk across crosswalks; helicopters ply the air. It’s all very real, because it’s reflecting something that’s also very real: Your visitors are human beings, and they exhibit human behavior. They are not abstractions, and with VisitorVille you no longer have to think of them as such!

As goofball as it sounds, after spending some time perusing their website, I have to admit that this is a really cool idea. Unfortunately, it’s a really cool idea whose client software only runs on Windows. Such a shame…

(via Wired)

iTunes: “Part 2 (Bomb the Bass/Grandmaster Flash and the Furious Five/The Charlatans/Prodigy/Jane’s Addiction/Tim Dog feat. KRS-One)” by Howlett, Liam from the album Prodigy pres. The Dirtchamber Sessions Vol. 1 (1999, 6:44).

Mac OS X vulnerability

by

News broke across the ‘net over the past day or so that there is a verifiable, serious security threat under Mac OS X 10.3 (Panther) involving Safari (or any other web browser) and the Help viewer application.

What’s going on is that Mac OS X maps different “helper applications” to handle different protocols as you surf around the internet. A ‘net address that begins with http:// is handled by Safari (or your default web browser), an address that begins with ftp:// is handled by the Finder’s built-in FTP, and so on.

By default, the help:// protocol is handed off to Apple’s Help application, which (no big surprise here) is a viewer for documentation for OS X applications. Some documentation is stored locally on your hard drive, but Apple wanted to make it easy for updates to the documentation to be added, so Help also has the ability to fetch documents over the ‘net — essentially, it’s a stripped-down web browser. And that’s where the vulnerability kicks in.

While Safari has built-in controls to prevent malicious attacks, the Help viewer does not. It is able to run scripts that are fed to it, and can do so with the full user permissions of whichever user is logged in to the machine at the moment.

In this rather disturbing example of the exploit, the web page makes a help:// call, which launches the Help application. Help is then directed to an Applescript which is fed the terminal command ‘du‘ (disk usage, I believe), which presents a scrolling list of all the files on your hard drive inside a terminal window. Now, this is just an example, so it’s harmless — but if the Applescript or the terminal command had been more malicious in nature, some serious damage could have been done.

Luckily, the fix for this is quite simple:

  1. In Safari, go to Safari > Preferences…. In the “General” settings pane, uncheck “Open ‘safe’ files after downloading.”
  2. Download and install the ~~More Internet Preference Pane~~ [RCDefaultApp preference pane]{.underline}.
  3. Open your System Preferences (Apple Menu > System Preferences…) and go to the ~~More Internet~~ RCDefaultApp{.underline} preference pane (it should be at the very bottom of the System Preferences window).
  4. Scroll down the protocol list and click on the ‘help’ protocol, then ~~change that to an application other than Safari or Help — many people are recommending changing it to the Chess game application, as it’s harmless and will provide a distinct visual clue that something has happened~~ [set it to ‘\<disabled>’. Do the same for the ‘disk’ and ‘disks’ protcols]{.underline}.
  5. There is no step 5. You’re done!

(via lots and lots of people)

Update: John Gruber recommends another application for the same approach, as MoreInternet doesn’t show the disk:// and disks:// protocols that can also be used for this attack.

iTunes: “Coda” by Webley, Jason from the album Only Just Beginning (2004, 10:10).

Mac OS X Word 2004 Demo Trojan

by

For the second time in just over a month, panicky news stories are alerting us about a trojan horse attack against Mac OS X. Last time the exploit was disguised as an .mp3 file, this month it’s disguised as a Microsoft Word beta installer.

And for the second time in just over a month, it’s a lot of panic over very little.

The details are simply this: one person downloaded what purported to be an installer for a public beta of Microsoft Word from the Gnutella peer-to-peer filesharing service. This “installer” — actually an AppleScript application weighing in at a hefty 108k — actually deleted the contents of their home directory when ran.

In other words, someone got stupid, got bit by a stupid (and extremely simple), if nasty, practical-joke style hack.

They then ran to MacWorld UK, who contacted Intego (the anti-virus company whose press release fanned the flames of the previous trojan scare) and Microsoft, and MacWorld UK proceeded to write two shining examples of FUD that have since started to run rampant over the ‘net.

It’s very simple, people. Don’t blindly trust every little file you run across on the ‘net, and use a little common sense.

The two best comments I’ve seen on this so far —

From Codepoet:

See, for there to be real security on a computer, a use cannot be stupid. The computer can only do half the work needed t make itself secure; the user must do the other half. The reason fo this is that a computer exists to do things we tell it to do, and if w tell it to, oh, I don’t know, run a Trojan Horse then it will run the Trojan horse. There’s nothing in the system that will say “Hey! This is a Trojan horse!” nor can there be. It’s a program, you told it to run it, and that’s that.

And from Will Parker:

I just don’t know too many people who, when they find an open soft drink bottle full of foamy yellow liquid at a bus stop, drink it to find out if there’s a new Sprite Remix flavor.

iTunes: “I Don’t Want Nobody to Give Me Nothing (Open Up the Door, I’ll Get It Myself)” by Brown, James from the album 40th Anniversary Collection (1969, 3:06).

Semacode

by

Semacode for this website

Here’s a fun little tech toy that I discovered thanks to Jonas: Semacode, a two-dimensional barcode that encodes a URL in the matrix. With the newer breed of camera phones and the right software installed, the phone can read the barcode and automatically open the URL in the camera’s embedded web browser.

For a long time computer scientists have been looking for a cheap, inexpensive way to create a gate between the real world and virtual world of the internet. Semacodes provides such a solution. By means of special symbols, printable by anyone on any printer, and special software, available for camera phones, connections can be built on a wide scale in a totally decentralized fashion.

A semacode is a small symbol that encodes a standard, web-oriented URL. The URL is embedded into a two-dimensional barcode along with error correction information. When the semacode reader software snaps the barcode, it launches the embedded URL on whatever web browser is available.

Software to read the Semacode barcodes is already available on the Semacode website for Nokia 3650/7650, 3600/3620/3660, 6600 or 6620 camera phones.

There are all sorts of potential uses for this. Some of the following examples come from the Semacode website, some from Jonas, and some from me:

  • Bus stop transit information: Grab the Semacode posted on a bus stop sign and go right to the page listing the bus schedule, or if a system such as NextBus is being used, get up-to-the-minute information on when the next bus will be by.
  • Tourist orientation: Post Semacode stickers at landmarks or intersections pointing to MapQuest maps or Yahoo Get Local pages to help people instantly find out just where they are and what hotels, restaurants, or attractions might be close by.
  • Ticket sales: Include a Semacode on an event poster, newspaper, or magazine advertisement that links to the online ticket sales website.
  • Social networking I: Put the Semacode for your personal website on the back of your business cards.
  • Social networking II: Create a webpage detailing just what you’re looking for in a potential mate and then make a shirt with the Semacode pointing to that page prominently displayed to wear to the bar.
  • Advertising I: I’m thinking seriously about updating the designs on the shirts I’m selling through CafePress to include the Semacode for this site (or for a yet-to-be-constructed page specifically for the shirts) on the back of each shirt, logo-style.
  • Advertising II: Include the Semacode for a club or business on the flyers or advertisements.

I’m sure there are a lot more possibilities here.

Of course, the really ironic thing about all of this is that not only do I not have a cell phone, but I have no intention of getting one, as the fool things annoy me to no end (though, really, it’s not the phones themselves that annoy me as how incredibly rude cell phone users can be), so aside from slapping my Semacode around, I can’t really take advantage of the technology. That doesn’t make it any less interesting to me, though.

iTunes: “Dragula (Si Non Oscillas, Noli Tintinnare)” by Zombie, Rob from the album American Made Music (1999, 4:37).

Amazon’s A9

by

Interesting: Amazon just launched A9, a Google-based search engine, choosing to break the news via John Batelle’s blog.

A9, Amazon’s much discussed skunk works search project goes live today, so I can finally write about it. I saw it last month (caveat: unbeknownst to me until recently, Amazon targeted me as their conduit to break this news – I think they wanted it to move from the blogosphere out, as opposed the WSJ in) and had to keep the damn thing to myself, it was hard, and here’s why: On first blush it’s a very, very good service, and an intriguing move by Amazon. It raises a clear question: How will Google – and more broadly, the entire search-driven world – react?

(via Boing Boing and Jason Kottke)

iTunes: “Ill Flower” by Future Sound of London, The from the album Lifeforms (1994, 3:24).

Adding to the TypeKey fray

by

Okay, so while I wasn’t paying much attention, TypeKey became the most recent firestorm to sweep through the weblog world. By now, you probably already know at least the basics of TypeKey — and if not, then you’re not likely to be interested in the rest of this rambling (in brief, it’s an identity verification system for weblog commenting…think Microsoft Passport for weblogs).

There’s been a lot of interesting discussion of TypeKey since the first announcement. I haven’t been able to wade through all of it, but I’ve found Shelley Powers‘ three TypeKey-related posts (TypeKey: The Patriot Act of Weblogging, TypeKey Scavenger Hunt, TypeKey: Final Act), the related discussion in her comments, and the comments in response to Jeff Jarvis’ post Comment to be extremely worthwhile.

Looking over the TypeKey FAQ recently posted by SixApart, my first impression is that it sounds like a good system. Identity verification combined with comment moderation (to come in MovableType 3.0, and I’m assuming also in a future TypePad update) can go a long way to combatting both spam and unwanted comments. It likely won’t be a 100% solution — but then, chances are there just isn’t a 100% solution (there are always smarter mice to avoid the better mousetraps).

However, Shelley brings up two very important points (actually, she brings up a few more, but these two spoke more to me) — points that are prompting her to avoid TypeKey, neither implementing it on her weblog when it is released, nor signing into the service as an authenticated commenter. While I don’t feel as strongly about these as she does, they’re certainly worth considering.

The first is simply scalability and performance — if every comment on every weblog needs to go through some verification process before it appears on a post, how quickly will the system be able to respond as more and more people sign into the service?

We who went to Movable Type or other product that we host on our own servers did so specifically because we did NOT want to have any form of dependency on a centralized system. We did so, for the most part, because we have been burned on either performance or access because of the centralization and scaling problems.

…[Mark Pilgrim] lists several centralized systems that he believes do scale well and serve the community, and it’s true these have managed to scale and are useful, but each and every one has failed when I’ve tried to access it at least once a week.

Blogdex was inaccessible off and on this weekend, and Technorati was hard to access last night, and I couldn’t access Bloglines two or thee times last week, and I got some kind of odd error with Radio comments a couple of weeks ago, too, and, well, the list goes on. The problem with centralized systems is not that they fail completely and breakdown permanently; it’s that they behave oddly or inconsistently, or poorly under load.

…the thing with Technorati or Blogdex or Bloglines (I haven’t used Feedster) is that I’m not dependent on them to write to my weblog, or for my commenters to respond, or for my pages to be accessed. Only my own system resources, or the Internet in general between my server and each of us can impact on this. With TypeKey, though, that’s changed.

Unfortunately, at this point, there’s really no way of knowing how Six Apart plans on handling this. TypeKey’s announcement is only a few days old, and details of the underlying systems (both software and hardware) are still forthcoming. Until TypeKey moves out of the testing stage, goes live, and starts getting hammered by everyone who signs on, we won’t know the impact that the system might or might not have on our sites.

Historically speaking, as Shelley points out, things aren’t looking too rosy. I’d like to think that Six Apart realizes this, and will have done everything possible to ensure that these issues aren’t a major factor — but then, there’s a lot of things that I’d like to think that aren’t borne out by real-world evidence. At the moment, “wait and see” is the only real approach we can take.

The second issue that caught my interest was one of conversations, who we allow to participate in them, and what we allow them to say.

Odd thing, weblogs and comments. We say to each other, “Our weblogs are our homes and we should be able to control what’s said in them”. Yet, they aren’t our homes, are they? You don’t keep your door open for anyone to just walk in to your home, do you? Weblogs are published online supposedly because we want a broader audience for our thoughts and writing then just our friends and family.

They aren’t really our ‘homes’, and the analogy fails in so many ways, but they are our spaces, so we have a right to control them and hold people who comment accountable, don’t we?

But who holds us accountable? I’ve seen again and again, the weblogger write the most inflammatory material in an essay, and when you respond to the tone they set in their writing, or to their responses to your earlier comments, you’re told to be nice, or be gone.

We say, commenters should be held accountable for what they say. I say, but then, who holds the weblogger accountable?

So far, I’ve kept a very open comment policy on my weblog. Generally, outside of removing comment spam and deleting duplicate comments, I do very little editing of what people contribute to my site. That’s not to say that I’m not tempted at times — I have one particular post that has picked up some extremely disturbing racist comments — but to date, the only major comment deletion or editing I’ve done has been at the request of the person who left the comments (and that was under admittedly unusual circumstances).

Truth to tell, I’ve never entirely understood the impulse to delete comments that don’t agree with something I’ve posted. I’ve had some very interesting discussions with people who didn’t agree with something I’ve written — if part of why we bother to blog is to invite discussion, why would we want to limit that discussion to the proverbial “echo chamber” of nodding sycophants? Seems to me that that approach makes for some dreadfully boring “discussions”.

At other times, I’ve seen people get very aggravated about a comment that seemed to be overly rude, aggressive, impolite, or offensive in some way. Well, perhaps…but while it would be nice if all debate could be structured perfectly politely, is the occasional jibe, jab, or verbal tweak really worth deleting the comment (or even banning the commenter) and in the process removing the actual content of what was said? Myself, I certainly don’t think so — in fact, I often get a certain perverse pleasure out of responding to those posts. While I’ve never quite mastered the stereotypical British practice of being able to say the most brutally vicious things in an impeccably polite manner, I’m always willing to give it a shot. ;)

So, with all of that…will TypeKey work for me (if and when it is integrated into TypePad)? Well, at the moment, keeping an open comment system has been working fairly well — the comment spam hasn’t been hitting me hard enough to make it terribly difficult to deal with, and I do enjoy getting feedback when someone feels moved to comment. I’m also not a big fan of comment moderation — as it would require me to approve every comment before it appeared on the site, it could lead to some oddly dis-linear conversations as I’m not at my keyboard at all times, anxiously awaiting the next comment to land in my inbox.

At the moment, it looks like TypeKey-enabled weblogs will have a few options for how they handle comments.

  1. Only accept TypeKey-authenticated comments where the commenter sends an email address
  2. Only accept TypeKey-authenticated comments
  3. Accept TypeKey-authenticated and moderated comments
  4. Accept TypeKey-authenticated and regular comments
  5. Accept moderated comments
  6. Accept unmoderated comments
  7. Accept anonymous comments

My current plan is to go for option four. Those people who sign up for TypeKey will be able to use their TypeKey logon to verify their identity. Those people who don’t use TypeKey will still be able to participate normally. Ideally, I’d like to find a way to signify TypeKey validated commenters (possibly with a special icon by their name) — I’ll have to look into the viability of doing that once TypeKey is available to me.

Given that option four will perform essentially identically to my current open, unmoderated system, why bother? Well — first off, curiosity. I’d like to be able to play with the TypeKey system from both a commenting and administration standpoint, and this will allow me to do so. Secondly, it will allow those people who do use TypeKey to use that logon to comment on my site along with any other TypeKey-enabled sites they visit, without having to remember separate information for my specific weblog (sure, it’s easy enough to do, we probably all have a good number of username/password combinations rattling around in our heads…but why not make it that much easier to keep track of them all?). And lastly, should I get to the point where I feel the need to institute a more draconian comment policy (though I hope that doesn’t happen), having TypeKey already enabled will make it that much easier.

In the end, then, the questions and concerns that Shelley has raised are very worth keeping in mind, but they’re not enough to keep me away from TypeKey, as I think that there could be some very good benefits to the system. Here’s hoping that once TypeKey goes live it’s the benefits that play out under real-world conditions, and not the potential downsides.

iTunes: “On the Run (Hot Tracks)” by Bigod 20 from the album Roadkill 1.04 (1992, 6:21).

We all have our priorities

by

Phil Ulrich: I miss IRC.
Phil Ulrich: In some respects.

Michael Hanscom: :nods
Michael Hanscom: been ages since I found a good irc chat, though
Michael Hanscom: i’ve occasionally toyed with the idea of checking into [#joiito] (or whatever it is), but I’m not sure if I’m “a-list” enough…lol

Phil Ulrich: You are after the MS Incident, me bucko.

Michael Hanscom: :laughs
Michael Hanscom: notoriety counts?

Phil Ulrich: Sure.
Phil Ulrich: ;)
Phil Ulrich: I like to think it does.
Phil Ulrich: Or else you could just show up and be A-list by association.
Phil Ulrich: Kind of like the losers at the party who hang around and get drinks for the cool people.
Phil Ulrich: Not to imply you’re a loser, again, of course. Phil Ulrich: ;)

Michael Hanscom: LOL nice…

Phil Ulrich: We should start a B-list IRC chatroom.
Phil Ulrich: Lifestyles of the Inconsequential and Infamous.

Michael Hanscom: lol sounds good to me
Michael Hanscom: there’s got to be more of us out there
Michael Hanscom: in the meantime, though…dinnertime for me

Phil Ulrich: Pick a network, any network.

Michael Hanscom: bbl (at some point)

Phil Ulrich: Mmmm, dinner.
Phil Ulrich: You choose dinner over IRC? HEATHEN.

Michael Hanscom: dinner…and Buffy

Phil Ulrich: Okay, that’s a winner.

Don't feed the trolls

by

The ‘net has given rise to many varied technical, pseudo-technical, and not-technical-at-all-and-often-very-silly terms over the years that it’s been around. Aside from ‘spam’, quite possibly one of the more frequently used terms is ‘troll’.

These days, troll is more often used to describe someone who is just more or less randomly spewing offensive garbage in chatrooms or messageboards in a blatant attempt to tick people off. This type of post is described in the Jargon File’s entry for ‘troll’ as sense two:

  1. n. An individual who chronically trolls in sense 1; regularly posts specious arguments, flames or personal attacks to a newsgroup, discussion list, or in email for no other purpose than to annoy someone or disrupt a discussion. Trolls are recognizable by the fact that they have no real interest in learning about the topic at hand – they simply want to utter flame bait. Like the ugly creatures they are named after, they exhibit no redeeming characteristics, and as such, they are recognized as a lower form of life on the net, as in, “Oh, ignore him, he’s just a troll.”

However, prior to this usage, troll was primarily a verb:

  1. v.,n. [From the Usenet group alt.folklore.urban] To utter a posting on Usenet designed to attract predictable responses or flames; or, the post itself. Derives from the phrase “trolling for newbies” which in turn comes from mainstream “trolling”, a style of fishing in which one trails bait through a likely spot hoping for a bite. The well-constructed troll is a post that induces lots of newbies and flamers to make themselves look even more clueless than they already do, while subtly conveying to the more savvy and experienced that it is in fact a deliberate troll. If you don’t fall for the joke, you get to be in on it.

I’ve always preferred this usage of the term, though this style of troll has become far less common as of late. My best guess for this is that quite simply, it’s far easier just to blatantly spout off some offensive drivel without taking the time and effort to craft it in a creative enough way that more experienced readers will merely read it, recognize it for what it is, and move on, leaving the more clueless to vent their anger in the ensuing thread.

Today, I stumbled across a somewhat rare item, in a posting that actually lies somewhere between the two definitions. It leans a little more heavily towards the second definition, but the author did take the time to craft a misleading first paragraph before moving on to the actual content. I’d dock them points for a few reasons (it’s a bit too blatantly attempting to aggravate; doesn’t have the subtle wink-between-the-lines that a true definition one troll should; and its posting in a general-purpose forum — the Seattle LiveJournal community — means that there’s no specific topic for the author to work within, giving them more reign to just pick a topic intended to offend), but I do have to give them a few points for at least making some attempt to be a little creative.

As the original LiveJournal post will very likely be deleted before too much longer, here’s what triggered all this.

My lovely wife and I have a new baby girl! We just brought her home today. She was born on Christmas eve at exactly 9:24PM. She is 6 pounds and 2 ounces, and she is so perfectly beautiful!! I was hoping she would have been born on Christmas day, so she would have the same birthday as the baby Jesus, but no matter, I’m just so happy!!

Anyway.. my question is.. Does anyone know where in Seattle I can take her to be circumcized? They wouldn’t do it at the hospital… the doctors just gave me a funny look. So if anyone knows of a place in or around Seattle that specializes in female circumcision, I would appreciate the info. It doesn’t have to be a certified doctor or anything.. as long as he knows what he’s doing.

Thank you all! Merry Merry Christmas!! :)

Seen any other worthy definition one trolls around lately?