Some Brisbane Guy

Today somebody sent me a link to MIS Australia’s article about some ridiculous filters the ever-paternalistic Australian government is trying to foist on the Australian public for our own protection. Like, thanks you guys.

Anyway I got feisty when I realised that you can’t cut and paste from the Australian Financial Review’s MISAustralia website. As soon as you highlight text on the site, it becomes all garbled. My first, knee-jerk reaction when somebody does something on their website to make it less useful for users (like disabling right-click) is along the lines of “Errr you MORONS! WHY would you BOTHER DOING THIS?” Which is not exactly constructive criticism, but I really can’t see how doing this kind of dumb stuff on your website is a good idea.

If you don’t want your content on the web, don’t publish it there!

I can somewhat understand the mindset of fear at work here. Site owners feel that their content is sitting out there on the web ready to be copied and exploited by anyone. But here are a bunch of reasons why it’s dumb to use lame “DRM” or “copy protection” methods on your website:

You’re making it HARDER for people to share your stuff with their friends

In my case with this article, a guy at work tried to send me the link and a relevant quote from the article — but couldn’t! He could only send me the link. If a busy person can’t just quickly cut and paste the written equivalent of a soundbite to somebody else, they might not bother at all — it’s annoying and confusing. Not only that, but I might not visit your site because it’s just a boring link - there’s no snippet to pique my interest. This means less traffic for your website.

Your site will be LESS POPULAR because it’s HARDER TO FIND

Having garbled content is bad for search engine rankings. Don’t believe me? Try this search — it’s searching for the phrase “opponents of isp-level filtering” on Google — but restricted to ONLY on the MIS Australia website. Whaddya know, it returns ZERO results! That’s because the “protected” content makes NO SENSE to search engines. Not being searchable means missing out on A LOT of potential search traffic.

Your site will be LESS POPULAR because it’s not SHARING INFORMATION - what the web is built on

The most successful websites actively share their content to attract more users/readers using something called RSS. What RSS does is lets you share your content so freely that computers can find new stuff on your site and do the job of spreading it around for you! The only way people are going to know that your site has great content is by showing it to them. Hiding your content away is going to help nobody — not readers, because they can’t find you, and not you, because you’ll have no readers.

I can appreciate that people may be fearful about their content being stolen by web scraping. But this is actually not that big of a problem. Google knows how to deal with web scraping and has methods of determining who should be rewarded as the original publisher of content. Some kid stealing your articles and posting them on his own site isn’t going to take away all of your traffic!

You’re making your website WORSE TO USE.

So many sites that prevent me from right-clicking an image make me angry, because usually I’m just trying to see a higher-resolution version of the picture that they’ve scaled down to fit their page using HTML, but the pic is really a big, colourful picture with lots of detail that I’m missing out on. That sucks. Or maybe I want to send the picture to a friend, saying “Hey, look at this great site, they have heaps more cool pics like this one!” — just saying “hey check out this site they have cool pics” is way less powerful.

And that’s just disabling right-click. MIS Australia’s effort actually makes the site look TERRIBLE -- they have to use a fixed width font because their lame content “DRM” just uses two layers of content, one beneath the other! If you used a variable-width font the text on the two layers would never line up, and you would just get a jumble of letters. So that’s why MIS Australia’s articles look like they were typed out in the 1940s, even on a beautiful screen with font smoothing.

Speaking of a jumble of letters, that’s also what any visually-impaired person’s screen reader is going to see when it tries to read out the page. Way to discriminate against the disabled, yeah!

Your lame system can be easily circumvented ANYWAY - so why bother?

Especially the sites that deny the ability to right-click. There’s so many ways around this that it’s just pointless and makes your site annoying. If you really don’t want people to steal your images, use low-resolution pics with a watermark, because your right-click prevention just won’t work. If you really don’t want people to steal your website code, the best you can do is to obfuscate it — or don’t publish it at all! Web programmers are crafty — and often still in high-school, so they have lots of time to work around your tricks!
In the case of the MIS Australia website, to get the text of any of their articles is as easy as using /g,’\n\n’).replace(/< [^>]*>/g,”));})();”>this link and choose “Bookmark this link” or “Add to Favorites” and save the link to your bookmarks/favorites.

Now read an article on MISAustralia.com and if you like it, click your bookmark/favorite you have just added.

Presto! The article contents will be pasted into the comments box at the bottom of the page for you to cut and paste at your leisure.

I’ll say it again. If you’re going to go to the trouble of putting your content on the web, why hamstring your efforts? Put it out there and SHARE IT, and more importantly, LET OTHER PEOPLE SHARE IT — that’s what your website is for, and that’s how you get popular!

I’m listening to an IT Conversations podcast of Rasmus Lerdorf (the guy who created PHP) speaking about PHP, and I have to say I’m pretty surprised to hear him say “I hate programming with a passion — I created PHP to avoid programming.”

Rasmus says that he wrote PHP while building a web-based system for Toronto University. The university didn’t care how he built the system, they just wanted their system, so Rasmus built PHP to make his job easier.

Rasmus’s decision to open source PHP was made when he was getting lots of questions about how he was doing his work, and they had the same needs. Rasmus and the University of Toronto were delighted at the speed of development they were now getting — and that he was fixing bugs in his sleep!

To run a successful open-source project, Rasmus says that you need to cater to four types of people:

• those with simple self interest - they have a need that the project solves
• those looking to express themselves through their code
• to interact with others to get their oxytocin fix
• those who want to make the world a better place

The same motivations that motivate people to join an open source project also motivate people to join an interactive website.

You have to think about how the people think about themselves when they involve themselves in your project. You have to give them some ownership and control…which was hard for me…then again I’m a really lazy guy

In order to build a decent modern web application, you really need to think about what the users think of themselves when they interact with your site. Every single action a user performs with your website improves your site.

Later Rasmus delves into performance profiling and optimising a PHP website using Callgrind/valgrind, as well as some stuff about the ubiquity of cross-site scripting vulnerabilities and other topics.

It’s a great podcast, do yourself a favour and have a listen.

The Buzzword

Like any good buzzword (say…agile — or is that AGILE? No, it isn’t.), Web 2.0 is overused and bastardised to mean a thousand different things by some groups of people, and at the same time it’s mocked and dismissed as just another buzzword by others.

OK so it’s March 2008 and Web 2.0 is so not cool these days because it’s so old, but I feel like it’s important that I share two insightful resources that really do describe Web 2.0, if not succinctly then at least fairly comprehensively

The Resources

The first thing I want to share, and probably the canonical Web 2.0 description, is Tim O’Reilly’s essay “What Is Web 2.0 - Design Patterns and Business Models for the Next Generation of Software.”

The other thing is this Youtube video that really had an impact on me when I first watched it. I think it does a good job of demonstrating the ideas behind web 2.0, especially for only 4 minutes and 31 seconds. It’s a good, quick conceptual overview of the whole concept.

The “I Kinda Reckon” Bit

So now that we’re talking about the whole web 2.0 concept thing, I’d just like to point out that it is really a lot different to the ideas people had back in the dotcom boom/bust days. Business ideas were much more aligned to the big dollar outlay, build-it-and-they-will-come, broadcast mentality of more traditional media and businesses (although some apparently got it right anyway.)

So everyone threw all that stuff out in favour of lightweight, bootstrapped startups that rely on users contributing, and APIs and interoperability and simplicity and figuring out what the web is and not imposing some model from before.

If you look at it like a giant agile development project, the original dotcom web bubble was our first iteration. We got some features, some stuff worked, some stuff was missing, and we threw some stuff away in the dotcom bust. Maybe Web 2.0 is iteration two — Fred Brooks did say, “build one to throw away.”

The Wrap Up

So as insanely belated as this post is, I really wanted to get these two resources off my chest and out of my private wiki (feel the two-point-ohness) so that y’all can enjoy them. Please do so.

Whoo yeah I’m excited!

About two months ago I got a new Apple Macbook Pro. I love it, it’s rad, I love using it etc. But something that’s been bugging me no end is that I don’t know the shortcut key to jump to the address bar (where you type http://…etc) in Firefox. In Windows you just do Alt-D and you’re there, I think that works in Linux as well, but on OS X it’s no go.

Well, I’ve just found out the shortcut keys for not only the address bar, but the search bar as well (and also in Thunderbird!):

jump into the search bar in Mozilla Firefox and Thunderbird

Cmd-K (Mac), Ctrl-K (Windows)

jump into the address bar in Mozilla Firefox

Cmd-L (Mac), Ctrl-L (Windows)

Mozilla.org has more juicy keyboard shortcuts.

This is super good news because now I can use basically the same key combo on Windows and on OS X. My life just gets better and better, friends.

Something else that’s kinda annoying about Thunderbird is that it’s not GMail. I love GMail and all my mail goes through it so that:

1. tons of spam gets filtered out by GMail’s awesome spam filtering
2. I can access a copy of all of my mail from anywhere on the internet (except work who block GMail…argh)

But not only does my mail all go through GMail, I download it all via POP3 to my Thunderbird mail client. This is because:

1. I then have a backup copy of all my email on my own computer and am not just trusting Google to never go broke/lose my mail/start charging me to access it/something else unforeseen
2. I can access my email when I’m offline, eg on a plane or a train or whatever

But as I was saying, Thunderbird is not GMail and despite being a proper rich, fat-client desktop application, it doesn’t have the great shortcut keys that make GMail so quick to navigate and move messages around. Plus it doesn’t have that whole “archive and forget, then search later” philosophy, it has the old-school “carefully choose category-based folders for your messages and then take forever to find them later” philosophy, which is so 1998 and lame

But what I’m getting at is that now thanks to GMailUI Thunderbird works like GMail, adding j,k and other shortcut keys to navigate messages as well as a really cool “Expression” search mode that lets you search just like you do in GMail.

As I said, my life just gets better and better.

If patience truly is a virtue, then the guys who made these two videos are really virtuous. Check out this Line Rider insanity:

Yes it’s crazy huh? Well this is nutser in a more hardcore nerd way. A guy has built a robot that can solve a Rubik’s cube! It’s called Rubot. Apparently the “scanning phase” isn’t shown, and the robot was given an easy cube that wasn’t messed up very much so that the video didn’t go on for 15 minutes. Coolness:

Enjoy kiddies!

As a grammar nazi I notice trivial minutiae like this. Lately I’ve started using GMail to store and archive all my mail so that I can always get to my email no matter what computer I’m on. Maybe I’m lazy, or maybe I’m obsessive.

Anyway, since GMail started a couple of years ago, the main benefit of GMail is listed on the homepage as, “Search, don’t sort.” But now it’s “Search, do not sort.” Weird. Check out these screenshots.
Now go read something interesting.

Update: That was this morning. I tried to post via email but it didn’t work. The computer I’m using now shows “Search, don’t sort” and not the clunky “do not sort”. My other computer seems to use google.co.uk instead of google.com or google.com.au, so maybe the chaps at GMail think that the Poms aren’t hip enough for apostrophied abbreviations. Interesting…

Tonight I was disappointed to find that I wasn’t the first person to know about Wikimapia.  It’s a collaboratively edited Google Maps mashup that lets you record places of interest with a description and tags.  It’s the coolest thing ever.

As I discovered earlier today, if you accidentally leave your Google account signed in on another computer, anything that is searched for on that computer using Google will be recorded in your Google account’s Personalized Search Search History.

But what if you didn’t just leave your account signed in accidentally, but actually managed to remotely log somebody in to a Google account you’ve created using just a crafted URL that you send to them on the pretext of showing them some cool/interesting/funny web page? That would be more interesting, wouldn’t it? (Say yes).

If you did this and that somebody didn’t realise, you would be able to gradually log that person’s search history and learn their searching habits, possibly leading to greater insights about that person. Sound good?

OK well since you’re so keen, here’s how to do it. So that this is all a bit more friendly and relaxed (I love relaxed), we’re going to name our person whose life we want to invade by tracking their search history “Bob”. Here’s what you do:

1. Create a Google account. Well you can use an existing account, but you do run the risk of losing access to it if Bob finds out the password to it, which they may. You can create the account using any e-mail address, although it will most likely end up being visible to Bob so you will want to use something like a fresh Gmail account I would imagine. Make sure you leave ticked the checkbox labelled “Enable Personalized Search”, or this whole thing is pointless.
2. Find a cool/fun/interesting/funny web page that you want to Bob and others whose search habits you would like to learn. The funny link I’ve provided there is hilarious, sure, but also it’s on Google’s Video site. This is potentially good because the several Google URLs that will soon flash across the address bar may raise less suspicion.
   UPDATE: You can only use Google addresses as the target URL eg the “funny” Google Video example just above. BUT you could also use the “I’m Feeling Lucky” button to redirect to other sites (http://www.google.com/search?q=feeling+lucky&btnI=I%27m+Feeling+Lucky).
3. URLEncode the URL of the web page that’s so awesome you just have to show Bob. Yep, just paste the URL into the Plain textbox there, press the URLEncode button and copy the resulting URL from the Encoded textbox. Voila, you have the encoded URL in your grubby little clipboard.
4. Here’s the (slightly) tricky bit. You need to construct for yourself a URL that does the job of:
   1. Logging Bob into your new Google account so that their searches will be added to your new account’s Personalized Search History
   2. Redirecting Bob to the page with the super cool content on it that you’re purportedly showing him.

   Your URL will be like this:

   https://www.google.com/accounts/ServiceLoginAuth?Email=[emailAddress]&Passwd=[password]&continue=[URL]

   Take out the square brackets, and replace the fields in square brackets like this:

   1. emailAddress: The email address for the new Google account you’re using. If it’s a GMail account, you don’t need the @ or anything after it, but for any other mail account you do need the @ and the domain part (examples: mynewgmailaccount, anotheraccount@freemail.com).
   2. Password: The password for the Google account you’re using.
   3. URL: Your URLEncoded funny/interesting/awesome web page for Bob to see.
5. OK, so you’ve plugged all that info into the URL and you have a big-ass string with lots of crazy % symbols and numbers etc. What you have to do now is make it presentable so Bob doesn’t get confused or suspicious or bewildered. We do that with TinyURL, a cool service that will redirect a URL like http://tinyurl.com/6mpq to a big, stupid URL like the monstrosity you have just created.
6. All you have to do now is give Bob your new TinyURL, and let the web weave its mystical magic. You might want to test your TinyURL first, or the big monstrosity URL or both. Just paste the URL into your browser’s address bar and you should be delivered right to the stupid/crazy/wacky site you are showing Bob. Then go back to Google Homepage where you should be logged in as the account you created. If not, check the email address and password from step 4 were correct.

So that’s it! All you need to know. Some ideas for using this are putting the TinyURL in one of those stupid email forwards where everyone puts in their name and “needs” so that Google tells them what they need — this way you get the name of everyone who’s fallen prey to your evil plan. You could also just send it to people you’re suss on or just joke around with your friends, or your Mum! So much fun to be had.

Here’s a good example of why the “if you’re not doing anything wrong, why worry?” argument against privacy invasion is useless and misguided. Just because you aren’t doing anything illegal, does that mean you want your family to be able to see what you’ve been searching for without you realising?  Of course not — privacy is important, regardless of what you’re doing!  As is computer security, which is maybe more closely related to this issue.

So what’s got me going on about this?  Today I signed into my Google Personalised Homepage to see what search terms were in my Search History after a friend brought it to my attention.

I have looked at my search history before and it freaked me out a bit to see all the stuff I’d searched for, but today when I went to look, I noticed some searches in there that I definitely hadn’t done. They were…my MOTHER’s searches! Obviously what’s happened is that I have signed in to one of Google’s services on my Mum’s computer and now her searches are being recorded as mine.

How easy would it be to get on your friend’s (or enemy’s!) computer and sign in to the Google personalised homepage as some Google account you have created for the purpose, and then let it track everything that person searches for until the end of time (or until they realise or delete their cookies or get another browser…), you sure could get some useful and/or embarrassing information I bet.

I’d like to do a SecurityFocus kind of investigation into this, I think there could be some privacy issues here — I wonder if there’s a way to send people a link to sign them into a Google account you desire.

Well, only just after that post it looks like I’ll have to challenge Daniel to use the new Whereis interface and tell me it’s not better, because it’s a LOT better thanks to some AJAX kinda stuff (and of course the new graphics that bring it well into 2002 :P). Clicking to re-centre the map is lots faster now because you only need to reload the map image, not the entire HTML page. It also features dragging but that doesn’t work as nicely as the drag feature in Google Maps.

Good work to Whereis for getting this stuff going, it makes the site a lot nicer to use than before, when it was actually quite frustrating as everything disappeared and was rendered again each time you clicked. Wow, and I also just noticed that you can change the map size, which is great to see instead of the postage-stamp map view the site’s always had.

Now they just need some keyboard shortcuts, haha!