Technology

Relationships

December 9, 2019February 11, 2004 by Michael Hanscom

One of the things that’s always bothered me (and many other people) about social networking sites such as Orkut, Friendster, or any other *ster meme-of-the-moment is the binary nature of their setups — either someone is your friend, or they aren’t. That’s it. Those are your only choices.

My world just isn’t that black and white, sorry.

I was grumbling about this in #joiito last week sometime when Tantek pointed me to XFN, which looks very interesting. Essentially, it takes advantage of a little-used link attribute — specifically, the rel attribute — to define the relationship between the linker and the linkee. Various values have been defined, such as ‘friend’, ‘acquaintance’, ‘met’, ‘spouse’, etc.

For instance, while linking to Dad’s site, I can include the value ‘parent’ in the link (<a href=“http://www.hanscomfamily.com/” title=“The Hanscom Family Weblog” rel=“parent”>like this</a>); linking to Kirsten’s site I can use ‘friend’ and ‘met’ (<a href=“http://www.geekmuffin.com/” title="geek*muffin" rel=“friend met”>like this</a>), linking to Mike I can use ‘acquaintance’ (<a href=“http://mike.whybark.com” title=“mike.whybark.com” rel=“acquaintance”>like this</a>), and so on.

Now this, I like.

Of course, now I have to figure out how to work it into my site. It’ll be easy enough on posts such as this, of course, as I can code the relationship values in as I’m creating the post. What I need to figure out, though, is how I want to attack my blogroll.

Hey, Anil, Mena, Ben, et al — any chance of putting XFN into TypePad‘s People TypeLists? That would be enough to coax me back away from Blogrolling, even if I lose the recent-update highlighting! Currently I’m using the Blogrolling service, which has some definite advantages (easy to update, automatically highlights sites that have been updated recently, etc.). ~~However, there isn’t a way for me to add XFN values to the links there, so if I want to add XFN to my blogroll, I’m going to have to go back to updating it manually. A bit of a bummer, that (not least because quite simply, knowing me, I’m more likely to leave it as-is and forego the XFN niftyness).~~ [As it turns out, you can add XFN to a Blogrolling blogroll if you have a paid “Gold” account. Just go to the ‘edit links’ screen, and for each item, add rel=“whatever” to the ‘Extra Link Attributes’ field. Thanks to Dori for pointing that out in the comments!]{.underline}

Still, at the very least it’s worth playing with, and I’ll do my best to remember to do so on all future posts.

And if that weren’t enough, Jonas pointed out that Tantek and Kevin Marks have proposed another use for the rel attribute called VoteLinks: using values of ‘vote-for’, ‘vote-abstain’, or ‘vote-against’ when linking to an article or post on the web to indicate your opinion of the resource being linked to.

Currently, any automated indexing application (such as the robots/spiders that Google or Technorati use) only see a link as a “vote” in favor of a particular resource — i.e., Site A links to Site B, therefore Site A believes that Site B is useful or provides an important resource of some form or another. While human readers can draw upon the context of a link to decide whether that’s actually the case (while I might link to a page about George Bush, for example, it’s extremely unlikely that I’d be saying anything favorable), the spiders aren’t able to do that — and that’s exactly what VoteLinks aims to correct.

Now all I need to do is come up with some simple “thumbs-up” and “thumbs down” graphics. With those, I can work VoteLinks into my CSS so that links that I’ve designated “vote-for” will get a thumbs-up appended after the link, and links designated “vote-against” will get a thumbs-down appended after the link. Will I do this? Who knows. ;)

Some very interesting toys to play with, each a worthy attempt to add a little more value to everyone’s travels around the web.

iTunes: “She and Mr. Jones (Uncensored)” by Lords of Acid from the album [R]Ejected Tracks (1998, 4:52).

Own 1/1100th of a supercomputer!

December 9, 2019February 11, 2004 by Michael Hanscom

This is almost enough to make me wish I hadn’t bought my G5 already!

Now that Virginia Tech is upgrading ‘Big Mac‘ to the new G5-based XServes, some of the original 1,100 dual 2Ghz G5 Power Macs that were part of the cluster are being sold through MacMall for \$2799.

(via Dori Smith)

Issue with my comments-only feed

December 9, 2019February 9, 2004 by Michael Hanscom

I have no idea if anyone other than myself is currently subscribing to my ‘comments only’ RSS feed, but I’ve noticed an odd issue with it that I haven’t been able to troubleshoot yet. I’ve asked for help on the TypePad User Group, but I wanted to mention it here too, in case anyone else has been noticing this or might be able to point out what I’m doing wrong.

What I’ve been finding is that each item in my comment-only feed is being given the date of the original post that the comment is appended to, rather than the date that the comment was added to my site. For instance, a comment added today to a post from August shows up in my newsreader with the August date instead of today’s.

Here’s the code I’m using for each item in the RSS feed template (the full template code can be found in this post from last week):

<MTComments lastn="20">
<MTCommentEntry> 
<item> 
<title><$MTEntryTitle remove_html="1" encode_xml="1"$></title> 
<link><$MTEntryPermalink encode_xml="1"$>#c<$MTCommentID$></link> 
<description><$MTCommentBody remove_html="1" encode_xml="1"$></description> 
<guid isPermaLink="false"><$MTCommentID$>@<$MTBlogURL$></guid> 
<content:encoded><![CDATA[<MTCommentAuthorLink show_email="0"> on 
<MTCommentDate format="%b %e, %Y %l:%M %p">: <$MTCommentBody$>]]></content:encoded> 
<dc:date><$MTCommentDate format="%Y-%m-%dT%H:%M:%S"$><$MTBlogTimezone$></dc:date> 
</item>
</MTCommentEntry>
</MTComments>

Now, it all looks right to me, and the same basic code seems to be working in all the rest of my templates (for instance, in the ‘full posts plus comments’ RSS feed, each comment begins with a header that lists the correct date). For some reason, though, it’s not working here.

Any ideas?

Update: The issue has been fixed. Turns out that you can’t use an <MTCommentDate> tag inside an <MTCommentEntry> container (much thanks to Jamie Jamison for pointing me to the explanation).

The solution was fairly easy (and the code in my ‘how-to’ post has been updated): I just removed the date display from the body of the RSS item, and moved the closing <MTCommentEntry> tag up a couple lines. Here’s the new version of the above code:

<MTComments lastn="20">
<item> 
<MTCommentEntry> 
<title><$MTEntryTitle remove_html="1" encode_xml="1"$></title> 
<link><$MTEntryPermalink encode_xml="1"$>#c<$MTCommentID$></link> 
<description><$MTCommentBody remove_html="1" encode_xml="1"$></description> 
<guid isPermaLink="false"><$MTCommentID$>@<$MTBlogURL$></guid> 
<content:encoded><![CDATA[<MTCommentAuthorLink show_email="0">: <$MTCommentBody$>]]></content:encoded>
</MTCommentEntry>
<dc:date><$MTCommentDate format="%Y-%m-%dT%H:%M:%S"$><$MTBlogTimezone$></dc:date> 
</item>
</MTComments>

Geek backlash

December 9, 2019February 8, 2004 by Michael Hanscom

It was bound to happen eventually. It actually probably started happening a few years ago, but now it’s actually getting news stories — ‘geeks’ are tired of fixing people’s problems.

As MyDoom, the fastest-spreading virus ever, continues to clog e-mail in-boxes and disrupt business, the computer-savvy are becoming openly hostile toward the not-so-savvy who unwittingly play into the hands of virus writers.

The tension over the MyDoom virus underscores a growing friction between technophiles and what they see as a breed of technophobes who want to enjoy the benefits of digital technology without making the effort to use it responsibly.

The virus spreads when Internet users ignore a basic rule of Internet life: never click on an unknown e-mail attachment. Once someone does, MyDoom begins to send itself to the names in that person’s e-mail address book. If no one opened the attachment, the virus’s destructive power would never be unleashed.

“It takes affirmative action on the part of the clueless user to become infected,” wrote Scott Bowling, president of the World Wide Web Artists Consortium, expressing frustration on the group’s discussion forum. “How to beat this into these people’s heads?”

I’ve always counted myself somewhat lucky in this regard. I owe a lot of my geek leanings towards my parents (specifically, my mom, in a somewhat unusual reversal of sterotype), and while I’ve surpassed them in my knowledge base, I can generally rest assured that they’re quite competent enough to avoid many of the more obvious “duh” issues on their own. If they run into something that they can’t solve on their own, while they’re not above tossing a quick question my way to see if it’s something I can solve quickly, they also don’t mind if it’s something that they need to seek “official” assistance with.

The majority of my friends tend to either be at least as computer-literate as I am (if not more so), or at the other extreme, avoiding those infernal machines at all costs. Those few that are in the middle ground — well, if they’re friends with me, they’re likely friends with a lot of other ‘puter geeks at the same time, and will rapidly discover that they have no excuse for incompetence. ;)

That said, though, I’ve certainly seen the backlash coming. One of the big benefits I’ve found to being a Mac user is ducking tech support issues. While I know that I know my way around Windows, when I do get the occasional “why won’t this work?” question from acquaintances or co-workers, it’s very easy to just assume a befuddled expression, mumble something about being a smug virus-free mac-using bastard, toss in a few pointed comments about Windows stability, and go on my merry little way.

(via Jacqueline)

iTunes: “Blue Nun, The” by Beastie Boys, The from the album Check Your Head (1992, 0:32).

RSS Templates for TypePad Pro/MovableType

December 9, 2019February 6, 2004 by Michael Hanscom

I just had someone ask how I was able to create the four RSS feeds for my site. Here’s a quick rundown, along with the templates themselves, should anyone else want to do the same thing. All the templates are RSS 2.0, and have been checked with the RSS Feed Validator.

TypePad users will need a Pro account, and will also need to be using an Advanced Template set, as you’ll need to create a new template for each RSS feed you want to add. I give each template a name that’s fairly indicative of which feed it is for, and I make sure that the output file is also named similarly.

Here are the templates I use:

####Default feed: Full text, no comments####

Template Name: RSS 2.0 Full
Output File: index.rdf

<?xml version="1.0" encoding="iso-8859-1"?> <rss version="2.0"      xmlns:dc="http://purl.org/dc/elements/1.1/"     xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"     xmlns:admin="http://webns.net/mvcb/"     xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"     xmlns:content="http://purl.org/rss/1.0/modules/content/"> 

<channel> 
<title><$MTBlogName remove_html="1" encode_xml="1"$></title> 
<link><$MTBlogURL$></link> 
<description><$MTBlogDescription remove_html="1" encode_xml="1"$></description> 
<dc:language>en-us</dc:language> 
<dc:creator><MTEntries lastn="1"><$MTEntryAuthorEmail$></MTEntries></dc:creator> 
<dc:rights>Copyright <$MTDate format="%Y"></dc:rights> 
<dc:date><MTEntries lastn="1"><$MTEntryDate format="%Y-%m-%dT%H:%M:%S"$><$MTBlogTimezone$></MTEntries></dc:date> 
<admin:generatorAgent rdf:resource="http://www.movabletype.org/?v=<$MTVersion$>" /> 
<admin:errorReportsTo rdf:resource="mailto:<MTEntries lastn="1"><$MTEntryAuthorEmail$></MTEntries>"/> 
<sy:updatePeriod>hourly</sy:updatePeriod> 
<sy:updateFrequency>1</sy:updateFrequency> 
<sy:updateBase>2000-01-01T12:00+00:00</sy:updateBase> 

<MTEntries lastn="15"> 
<item> 
<title><$MTEntryTitle remove_html="1" encode_xml="1"$></title> 
<link><$MTEntryLink encode_xml="1"$></link> 
<description><$MTEntryExcerpt remove_html="1" encode_xml="1"$></description> 
<guid isPermaLink="false"><$MTEntryID$>@<$MTBlogURL$></guid> 
<content:encoded><![CDATA[<$MTEntryBody$><MTEntryIfExtended><p><a href="<$MTEntryLink$>" title="Continue Reading: <$MTEntryTitle$>">Continue reading <$MTEntryTitle$>...</a></p></MTEntryIfExtended>]]></content:encoded> 
<dc:subject><MTEntryCategories glue=" | "><$MTCategoryLabel remove_html="1" encode_xml="1"$></MTEntryCategories></dc:subject> 
<dc:date><$MTEntryDate format="%Y-%m-%dT%H:%M:%S"$><$MTBlogTimezone$></dc:date> 
</item> 
</MTEntries> 

</channel> 
</rss>

####Enhanced Feed: Full posts with comments####

Template Name: RSS 2.0 full plus comments
Output File: fullposts.rdf

<?xml version="1.0" encoding="iso-8859-1"?> <rss version="2.0"      xmlns:dc="http://purl.org/dc/elements/1.1/"     xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"     xmlns:admin="http://webns.net/mvcb/"     xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"     xmlns:content="http://purl.org/rss/1.0/modules/content/"> 

<channel> 
<title><$MTBlogName remove_html="1" encode_xml="1"$>: With Comments</title> 
<link><$MTBlogURL$></link> 
<description><$MTBlogDescription remove_html="1" encode_xml="1"$></description> 
<dc:language>en-us</dc:language> 
<dc:creator><MTEntries lastn="1"><$MTEntryAuthorEmail$></MTEntries></dc:creator> 
<dc:rights>Copyright <$MTDate format="%Y"></dc:rights> 
<dc:date><MTEntries lastn="1"><$MTEntryDate format="%Y-%m-%dT%H:%M:%S"$><$MTBlogTimezone$></MTEntries></dc:date> 
<admin:generatorAgent rdf:resource="http://www.movabletype.org/?v=<$MTVersion$>" /> 
<admin:errorReportsTo rdf:resource="mailto:<MTEntries lastn="1"><$MTEntryAuthorEmail$></MTEntries>"/> 
<sy:updatePeriod>hourly</sy:updatePeriod> 
<sy:updateFrequency>1</sy:updateFrequency> 
<sy:updateBase>2000-01-01T12:00+00:00</sy:updateBase> 

<MTEntries lastn="15"> 
<item> 
<title><$MTEntryTitle remove_html="1" encode_xml="1"$></title> 
<link><$MTEntryLink encode_xml="1"$></link> 
<description><$MTEntryExcerpt remove_html="1" encode_xml="1"$></description> 
<guid isPermaLink="false"><$MTEntryID$>@<$MTBlogURL$></guid> 
<content:encoded><![CDATA[<$MTEntryBody$><MTEntryIfExtended><p><a href="<$MTEntryLink$>" title="Continue Reading: <$MTEntryTitle$>">Continue reading <$MTEntryTitle$>...</a></p></MTEntryIfExtended><MTEntryIfAllowComments><p>Comments on this Entry:</p><MTComments><h4><MTCommentAuthorLink show_email="0"> on 
<MTCommentDate format="%b %e, %Y %l:%M %p">:</h4><MTCommentBody></MTComments></MTEntryIfAllowComments>]]></content:encoded> 
<dc:subject><MTEntryCategories glue=" | "><$MTCategoryLabel remove_html="1" encode_xml="1"$></MTEntryCategories></dc:subject> 
<dc:date><$MTEntryDate format="%Y-%m-%dT%H:%M:%S"$><$MTBlogTimezone$></dc:date> 
</item> 
</MTEntries> 

</channel> 
</rss>

####Short Feed: Excerpts Only####

Template Name: RSS 2.0 Excerpts
Output File: excerpts.rdf

<?xml version="1.0" encoding="iso-8859-1"?> <rss version="2.0"      xmlns:dc="http://purl.org/dc/elements/1.1/"     xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"     xmlns:admin="http://webns.net/mvcb/"     xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"     xmlns:content="http://purl.org/rss/1.0/modules/content/"> 

<channel> 
<title><$MTBlogName remove_html="1" encode_xml="1"$>: Excerpts</title> 
<link><$MTBlogURL$></link> 
<description><$MTBlogDescription remove_html="1" encode_xml="1"$></description> 
<dc:language>en-us</dc:language> 
<dc:creator><MTEntries lastn="1"><$MTEntryAuthorEmail$></MTEntries></dc:creator> 
<dc:rights>Copyright <$MTDate format="%Y"></dc:rights> 
<dc:date><MTEntries lastn="1"><$MTEntryDate format="%Y-%m-%dT%H:%M:%S"$><$MTBlogTimezone$></MTEntries></dc:date> 
<admin:generatorAgent rdf:resource="http://www.movabletype.org/?v=<$MTVersion$>" /> 
<admin:errorReportsTo rdf:resource="mailto:<MTEntries lastn="1"><$MTEntryAuthorEmail$></MTEntries>"/> 
<sy:updatePeriod>hourly</sy:updatePeriod> 
<sy:updateFrequency>1</sy:updateFrequency> 
<sy:updateBase>2000-01-01T12:00+00:00</sy:updateBase> 

<MTEntries lastn="15"> 
<item> 
<title><$MTEntryTitle remove_html="1" encode_xml="1"$></title> 
<link><$MTEntryLink encode_xml="1"$></link> 
<description><$MTEntryExcerpt remove_html="1" encode_xml="1"$></description> 
<guid isPermaLink="false"><$MTEntryID$>@<$MTBlogURL$></guid> 
<content:encoded><![CDATA[<$MTEntryExcerpt$>]]></content:encoded> 
<dc:subject><MTEntryCategories glue=" | "><$MTCategoryLabel remove_html="1" encode_xml="1"$></MTEntryCategories></dc:subject> 
<dc:date><$MTEntryDate format="%Y-%m-%dT%H:%M:%S"$><$MTBlogTimezone$></dc:date> 
</item> 
</MTEntries> 

</channel> 
</rss>

####Comments only feed####

Template Name: RSS 2.0 Comments
Output File: comments.rdf

Update: The code here has been slightly altered since the original posting to account for an issue with incorrect dates.

<?xml version="1.0" encoding="iso-8859-1"?> <rss version="2.0"      xmlns:dc="http://purl.org/dc/elements/1.1/"     xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"     xmlns:admin="http://webns.net/mvcb/"     xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"     xmlns:content="http://purl.org/rss/1.0/modules/content/"> 

<channel> 
<title><$MTBlogName remove_html="1" encode_xml="1"$>: Comments</title> 
<link><$MTBlogURL$></link> 
<description><$MTBlogDescription remove_html="1" encode_xml="1"$></description> 
<dc:language>en-us</dc:language> 
<dc:creator><MTEntries lastn="1"><$MTEntryAuthorEmail$></MTEntries></dc:creator> 
<dc:rights>Copyright <$MTDate format="%Y"></dc:rights> 
<dc:date><MTEntries lastn="1"><$MTEntryDate format="%Y-%m-%dT%H:%M:%S"$><$MTBlogTimezone$></MTEntries></dc:date> 
<admin:generatorAgent rdf:resource="http://www.movabletype.org/?v=<$MTVersion$>" /> 
<admin:errorReportsTo rdf:resource="mailto:<MTEntries lastn="1"><$MTEntryAuthorEmail$></MTEntries>"/> 
<sy:updatePeriod>hourly</sy:updatePeriod> 
<sy:updateFrequency>1</sy:updateFrequency> 
<sy:updateBase>2000-01-01T12:00+00:00</sy:updateBase> 

<MTComments lastn="20">
<item> 
<MTCommentEntry> 
<title><$MTEntryTitle remove_html="1" encode_xml="1"$></title> 
<link><$MTEntryPermalink encode_xml="1"$>#c<$MTCommentID$></link> 
<description><$MTCommentBody remove_html="1" encode_xml="1"$></description> 
<guid isPermaLink="false"><$MTCommentID$>@<$MTBlogURL$></guid> 
<content:encoded><![CDATA[<MTCommentAuthorLink show_email="0">: <$MTCommentBody$>]]></content:encoded> 
</MTCommentEntry>
<dc:date><$MTCommentDate format="%Y-%m-%dT%H:%M:%S"$><$MTBlogTimezone$></dc:date> 
</item>
</MTComments> 

</channel> 
</rss>

Teaching? Technical writing?

December 9, 2019February 2, 2004 by Michael Hanscom

Every so often, a topic pops up in the TypePad User Group forums that I feel I can add my own particular little brand of insight into, and I’ll spend some time doing my best to explain (often in excruciating detail) what’s going on. I recently got a very nice comment from Doc in response to one such post.

…another excellent description. Are you sure there’s not a bit of teacher in you someplace?

The funny thing is that over the years, I’ve gotten quite a few comments along those lines from many friends of mine, and I’ve started considering the possibility of pursuing getting a teaching degree ~~if~~ [when]{.underline} I manage to get back into school. It’s always flattering to get comments like Doc’s that indicate that this might not be an entirely unrealistic goal.

Another direction I sometimes toss around in my head is technical writing. I’ve come up with quite a few different ‘how-to’ or explanatory posts (quite a few of which are archived here) over time, and I’ve always enjoyed writing them out. There’s a definite satisfaction to being able to take a somewhat obscure concept (such as printer stylesheets, title attributes, or [dealing with blockquote tags]) and finding a way to present it clearly (if not always concisely) so that it can be more easily understood.

As long as I enjoy writing and have an apparent knack for things like this, I sometimes think that getting into technical writing — how-to’s, manuals, documentation, and the like — could be a very interesting way to make a living. Programmers and technicians can often come up with some wonderful applications and devices, but often can’t explain how or why they work as successfully as could be done. I can’t program to save my life, but if I have an ability to come up with decently-crafted explanations, why not explore that a bit?

Of course, I haven’t got the foggiest idea of how to get started, or even how to go about investigating the possibility. Still, it keeps kicking around in my head, so maybe one of these days I’ll stumble upon a direction to go in.

iTunes: “Eastern Promise (Dub Pistols vs. Bow Wow Wow)” by Bow Wow Wow from the album Groove Radio Presents Alternative Mix (1999, 4:08).

411 Length Required

December 9, 2019January 31, 2004 by Michael Hanscom

Every time you click on a link and your web browser requests a resource (page, image, video or music file, or any other possible link destination) from a web server, there is a certain amount of information passed back and forth between the server and the browser as the transmission is started. One of those pieces of information is the HTTP Status Code.

If everything is working correctly, the status code sent from the server to the browser is ‘200 OK’, after which the requested information begins to be transmitted. If something doesn’t work for one reason or another, there are various possible responses, the most infamous of which is ‘404 Not Found’, returned when the requested resource doesn’t exist on the server anymore.

Recently, ThinkGeek started selling HTTPanties — a set of panties with either ‘200 OK’ or ‘403 Forbidden’ emblazoned across the front. Cute idea.

CodePoetry decided this wasn’t enough, though…

Nothing says lovin’ like 200 OK I suppose. Of course, beyond that and 403 Forbidden lie a whole world of wonderful responses that would be useful at times…

300 Multiple Choices for the creative.

301 Moved Permanently for the formerly-masculine.

305 Use Proxy for the adventurer.

307 Temporary Redirect for various reasons.

401 Unauthorized for the stranger.

402 Payment Required for … yeah.

404 Not Found for the unfortunate.

405 Method Not Allowed — I’m not going there.

406 Not Acceptable explains itself.

407 Proxy Authentication Required for the underage.

408 Request Timeout for the extended foreplay.

409 Conflict for the tired. (“The request could not be completed due to a conflict with the current state of the resource.”)

410 Gone — Not going there.

411 Length Required describes itself nicely.

413 Request Entity Too Large does the same.

415 Unsupported Media Type will not be discussed.

416 Requested Range Not Satisfiable suffers a similar fate.

417 Expectation Failed — this is getting bad, quick.

502 Service Temporarily Overloaded for those that didn’t leave 3-way to the phone companies.

503 Service Unavailable for the married and boring.

Works for me!

iTunes: “Snakes” by Voltaire from the album Devil’s Bris, The (1998, 4:10).

iSight issues

December 9, 2019January 30, 2004 by Michael Hanscom

Mike recently posted about some of the pros and cons to being the owner of an iSight — pros including the simple fact that the iSight is simply a damn good camera; cons including the Mac-only nature of iChat and the somewhat less-than-satisfactory mounting options that come stock out of the box.

Cross-platform video conferencing may be coming down the pike (we hope) with a future release of AIM on the Windows and Mac platforms, as Apple has a pre-existing partnership with AIM (iChat ties into the AIM network, allowing both iChat and AIM users to IM each other). Nobody seems to know for certain if or when this may happen, but we’re keeping our fingers crossed. As far as mounting options go, Mike pointed to the SightFlex, which looks perfect, and is getting added to my birthday wish list.

I’ve noticed some other cons to the iSight, chiefly being that as of late, it’s been notoriously instable, appearing and disappearing from my system more or less at random, and at times apparently interfering with the mounting of my iPod. Apparently I’m not the only person being bit by this bug, but on the bright side, there are a few possible solutions mentioned recently on MacFixIt, including simply remembering to turn the iSight off (twist the front of the camera to close its iris) when it’s not in use. I’ll give that a shot for a while, and see if it helps.

iTunes: “Chicken In A Biscuit” by Black Happy from the album Peghead (1993, 2:55).

Microsoft vs. the web

December 9, 2019January 29, 2004 by Michael Hanscom

One of the standards that has been part of web browsing for years is a method of including a username and password in a hypertext link, in order to facilitate being able to conveniently logging into a protected site. For instance, were my site password-protected, one could add username:password@ to the beginning of the web address, creating a link that looked like http://username:password@www.michaelhanscom.com/ in order to log in with a single click.

The downside to this is that because that information is optional and not always used, a web browser ignores any characters up to and including the ‘@’ symbol if they are included in a link, as they are not part of the address being requested. The target webserver will also ignore those characters if it is not configured to require login information to access its hosted web pages.

This has led to one of the more common forms of ‘link spoofing’ — I’ve seen it myself in hoax e-mails purporting to be from PayPal. The perpetrator will create a false page on a webserver they control that appears to be a page on PayPal’s site that asks for the victims credit card information. They will then create an e-mail also formatted to appear as if it came from PayPal, asking the victim to log in and verify their information. When they give a URL to click, it will look something like http://www.paypal.com@12.345.67.890/verify.html — which to many people, appears to go to PayPal’s site. However, because the browser is ignoring the ‘@’ and everything before it, the browser is actually pulling a page from the IP address 12.345.67.890 and not from PayPal, and any credit card information they enter into that page will go not to PayPal, but to some anonymous criminal taking advantage of people’s ignorance of how the web works to collect useable credit card numbers.

Making the matter worse, versions of Internet Explorer prior to 6.0 (Service Pack 1) on the PC had a bug where if a (false) web address was included in a link before the @ symbol, that address would display in the browser’s address field rather than the address of the site actually being visited. In other words, in the above example, the user would see http://www.paypal.com/ in their web browser address field rather than http://12.345.67.890/. This bug has been fixed in IE 6.0sp1, but far too many people have yet to upgrade.

Microsoft, in their infinite wisdom, has decided that enough is enough, and are taking steps to combat this type of hoax. How are they doing this? Not by attempting to educate their customers in any way, releasing a patch for other versions of IE to fix the bug, or by adding a simple ‘This type of URL may be dangerous’ warning dialog when links formatted this way are clicked (something that I think would be fairly easy to add — just scan the link to see whether or not it follows the username:password format before the @ symbol; if it doesn’t, pop up an alert box). No, instead of any of those options, they’re breaking the long-standing standard.

To mitigate the issues that are discussed in the “Background information” section of this article, Microsoft plans to release a software update that removes support for handling URLs of this form in Internet Explorer and Windows Explorer. After you install this software update, Windows Explorer and Internet Explorer do not open HTTP or HTTPS sites by using a URL that includes user information. By default, if user information is included in an HTTP or an HTTPS URL, a Web page with the following title appears: Invalid syntax error

Great idea, guys.

Update: According to CodePoetry, it appears that Microsoft may actually be following standards, and the use of usernames and passwords in URLs is officially discouraged. If that’s the case, then…well, that’s that. I guess it’s not such a bad thing after all (if a little inconvenient in some instances).

And here’s another goodie: there are a few other various ways that malicious people can craft, hide, and spoof URLs that take advantage of bugs in various versions of IE so that the URL displayed in IE’s address bar is not the URL of the site actually being visited. Microsoft has issued a tech note explaining that the most effective way to be sure that you are visiting the sites you really want to visit is to simply type the address into IE’s address bar manually.

So, to be absolutely sure that you are visiting the two Microsoft Support documents that I’ve linked above, please do not click on the links. Instead, move your cursor into IE’s address bar, click and select the displayed address, hit ‘Backspace’ to erase that, and type the following two URLs manually into the address bar:

http://support.microsoft.com/default.aspx?scid=kb;%5bLN%5d;834489
http://support.microsoft.com/default.aspx?scid=kb;[ln];833786

No typos now!

There. Don’t you feel better, safer, and more secure now?

I know I do. But then, I haven’t used Internet Explorer in ages.

(via codepoetry and Mark Pilgrim)

iTunes: “Vinegar and Salt” by Hooverphonic from the album Magnificent Tree, The (2000, 3:20).

Blasphemy

December 9, 2019January 29, 2004 by Michael Hanscom

I’m probably the last Mac blogger to mention this, but I just couldn’t let it pass by. There are special circles of Hell reserved for people who do this…

[Update: Turns out that it’s a hoax. The page on Overclockers.com has been updated with an e-mail from the person behind this explaining that they got an empty G5 shell and decided to have some fun. Whew! Nice troll. ;)]{.underline}

I got a shiny new Apple G5 for Christmas. I loved the case, but I’m no Mac user. So I….

Get a brand new dual processor G5, then

Rip out everything,

Cut out the back of the case so I can use a PC motherboard, and

Install an Athlon motherboard.

Don’t get me wrong, I’m sure G5 is a great computer, but I wanted a Dell for Christmas. I don’t have any programs for Apple and didn’t feel like waiting for them. I thought about selling it, but my parents would be upset with me. After all, this was a very expensive gift and it meant a lot to them to give to me.

It’s a good thing my parents don’t know anything about computers, because I’m sure they would be really angry if they knew what I did. I have to say that I’m happy – I can keep on using XP.

![The monstrosity]

[The monstrosity]: https://michaelhans.com/eclecticism/2004/01/graphics/G5_wreck_1.jpg {width=”363″ height=”143″}

(via lots of people, but the picture was shamelessly ganked from Lane)

iTunes: “Let Your Body Die (Television Overdose Overdosed)” by Cyber-Tec from the album Cyber-Tec (1995, 6:29).