Notes from Sven Latham
Ian Ozsvald has just published his second article in a series (first one here) about his experiences as a freelance programmer, moving from a full-time software position into his own one-man company focusing on applications of AI.
Ian’s articles are a valuable and interesting read, useful for anybody starting up as a freelance consultant.
http://dev.svenlatham.com/friendcal/
Finally, I’ve found a use for Facebook 🙂 This little tool will take all your friends’ birthdays and create an iCal file from them. The resultant URL can then be put into your favourite calendar program (I use Google Calendar), so you can see all your friends’ birthdays in one place.
This is very basic at the moment and I can’t guarantee it’ll be up and running for long (but I’ll try). It’s also very hacky, so expect nasty errors if something goes wrong!
Please give it a go if you have a Facebook account, and let me know if it works.
After this, FOAF extraction…. 🙂
Latest shared items from my Google Reader account:
Latest shared items from my Google Reader account:
Filling out a car insurance quote recently: ‘Is your car left- or right-hand drive?’
This question always stumps me. We drive on the left here in Blighty, my car is designed for UK driving, so surely it’s a left-hand drive? Nope. apparently it’s where the driver sits (as viewed from behind); it’s a right-hand drive car.
I also tend to get confused by ‘the inside lane’ on a motorway. Surely the inside lane is the one nearest the central reservation (aka median)… It is, after all, on the ‘inside’ of the road. Turns out though, that this is the outside lane; the inside is the one on the left.
Please comfort me by confirming I’m not the only one perpetually confused by definitions like these!
I’m currently managing a friend’s WordPress blog while they bugger off on a round-the-world trip. Goodness me they get a lot of spam.
Within a minute or so of turning off Spam Karma (it causes problems with the comment count, apparently) I/he had 15 new comments, all spam. So, without FTP access I quickly put in a hack to the comments page thusly:
<textarea name="quack" id="comments"></textarea>
<script type="text/javascript">
document.getElementById('comments').name = 'comments';
</script>
Nice and simple – a bit of Javascript that renames the comments field so it can be submitted correctly (if you fail to run the script, the comment fails). I know there are accessibility issues and all the smartarses who turn off their Javascript are stopped from commenting, but desperate times call for desperate measures. It’s quick & dirty, and for most people (this guy doesn’t get a massive amount of traffic) it works OK.
Anyway, I went to bed last night feeling smug that I’d robbed a load of spammers of their precious links. This morning I took a look: 38 new comments. They’ve already made their way around it.
This suggests one of three things:
Anyway, kudos to those guys for not being thwarted by a simple script! Now, let’s see what happens when I get Spam Karma re-enabled or I activate Akismet…
Update 22 Sept: Ignore the above. My code is rubbish. If the spammers do a simple POST to the server they will succeed, since I’d never updated the server-side code to match the client. Best bet for this hack would’ve been to rename the field both on the form and in the server code to something unpredictable (‘quack’ is just fine…) and not bother with the Javascript, Spammers would ignorantly continue to assume the field is ‘comments’ and their posts would fail. Thanks Brian and Neil T
A while ago I wrote a blog host service which included a more sophisticated spam filter. It would scramble all the fields client-side, include a couple of hashes and would only accept the comment as-is if all the hashes matched the server’s own records. It stopped blind POSTs and bots that did not use Javascript. It also cleverly spotted genuine users who might not have been able to run the Javascript (since there was a larger platform accessibility was a concern), and used timing information to identify real users (who take their time) versus bots (who tend to write/post immediately or in a regular pattern).
It worked for nearly 2 years without a single automated spam comment getting through (many tens of thousands were stopped; no false positives either). Manual spam got in, but was minimal. Finally the spammers changed their ways and (I guess) began using full browser sessions to post their spam – once they do that you need to start looking at content analysis or other methods.
Latest shared items from my Google Reader account:
Google Reader has officially escaped its test tube and gone into the big wild world. It’s taken nearly two and a half years to do that, but the teary-eyed announcement yesterday officially moved Google Reader from its ‘Labs project’ status into prime time. Many would argue it did that a long time ago with or without the label. The system is already reported to carry 10TB of data, crawls some 8 million documents and grows by 4% weekly.
With the announcement localised versions of Google Reader were introduced on their respective TLDs, including reader.google.fr and reader.google.co.jp. Let’s hope for many more enhancements to this already excellent application in the future.
I’ve been pointed to this new project coming from Rob Ennals at Intel’s Research Labs in Berkeley, CA. Looks very cool indeed. Described as ‘Mashups for the Masses’, MashMaker sits on the Firefox toolbar and uses a set of web page scrapers to aggregate data from multiple sources on a single page, all ultimately controlled by the user. The user interface is slick, quite uncomplicated and rather well made. Scraping is also editable – you can add new sites using regexes and XPath – and this is managed as a community so contributions are available to other users too. The idea is that the more technically adept users can contribute the backend ‘glue’, which is then available for all users.
The videos on the site (the IDF one in particular) are worth watching. I’ve signed up for a beta test so I’ll hopefully be able to review more once I get my grubby hands on it.
How often do you get messages from friends that read something like “Hiya, this is my new mobile 07123 456789 – Dave”?
I get maybe one a month of these, ranging from close friends to people I haven’t spoken to for a little while.
It always strikes me that these messages are taken somewhat for granted. What if somebody were to get a cheap PAYG simcard, then messaged a bunch of the target’s fairly distant friends (the close ones will see them often enough personally) with the new number. They could then masquerade as the target reasonably easy.
Okay, so maybe there’s not a huge amount of damage that could be done (or maybe there is…?), and it only works if you’re in the same network of friends as the target, and okay so the target’s profile on Facebook et al. will probably show conflicting information…. but still, I bet you could at least sucker in quite a lot of people with that.
Just a thought.