December 2008
80 posts
1 month tumbling
I’ve been blogging for 1 month now. No breakout posts yet, possibly because of the easiness of posting I’m lazy in writing. Anyways, I like tumblr a lot, the bookmarklet posting ability in particular.
Md5 is bad for security
Md5 is a broken hash, you should be careful when you use it.
A german hacker conference presentation revealed:
We have identified a vulnerability in the Internet Public Key Infrastructure (PKI) used to issue digital certificates for secure websites. As a proof of concept we executed a practical attack scenario and successfully created a rogue Certification Authority (CA) certificate trusted by...
FFFFOUND! →
A sleepy viral hit site, ffffound is worth checking out. It’s about social bookmarking great images, but they strongly control the community.
It’s developed out of Japan, and I think the technology behind is primative, something like a blog engine derivative, which might be why it’s strictly invite only.
Lately on del.icio.us I’ve noticed that I always set my bookmarks to ‘private’, even if really I could just leave them public. It’s an opt in thing, but since the bookmarks are for me and not for other people, I mark them ‘do not share’.
I would really prefer a setting that would make sharing links on del.icio.us opt-in, instead of opt-out. Del.icio.us has a...
What will kill twitter?
I see three flaws that can kill Twitter:
Other services out-innovate due to flaws in twitter’s underlying infrastructure.
People you don’t know posting randomness will get boring.
Spam.
Interestingly, I see a lot of parallels between Blogger and Twitter, which are both services from the same person: Evan Williams (also Biz Stone).
Blogger is known internally as the red headed...
Idea for yan twitter mashup: show twitter responses to blog posts on said blog post pages.
Cuil Fail: Traffic Nearly Hits Rock Bottom →
Techcrunch is mean sometimes. But yeah Cuil sucks, I’ve blocked them in robots.txt.
Link spamming, bookmarking links socially for your friends, seems to have moved to twitter.
In some ways twitter is better because people can reply and have more options to follow, but in some ways I’m not a fan of this change because the lack of tagging means that it’s hard to go back and find links for a specific topic.
I also don’t like mini-links very much - I want to know...
Process for writing CSS
CSS is a huge pain in the butt. Theoretically in web design you should separate data (xhtml) from presentation (css), but if you are developing quickly you will probably want to do both at once because it’s faster. Ultimately however it’s a good idea to separate out the CSS, it causes pages to load more quickly and it makes for a cleaner HTML which is easier to debug.
What I do when I...
Op-Ed Columnist - Time to Reboot America -... →
I normally don’t like reductionist authors who publish very successful ‘business’ books, this opinion piece is wafer thin but has a point, the US needs to trim the fat if it wants to retain its position as the invincible economic superpower.
He’s wrong about NYTimes, I can still get that. Along with almost all news sites. The filter changes all the time though.
Also,...
Disqus rocks
I really like the commenting system: Disqus, i’ve been using it for a while and it’s really well done, I have very few complaints about it.
It’s a little bit too full featured for what I care about, but that doesn’t get in the way.
If I were going to use it in a professional site, I would be worried a bit about losing SEO, properly optimized comments can pull in traffic...
Ajaxian » Lengthening Out URLs →
Nice, I hate short urls too, and I love json webservices. JSON webservices should always support a) callback and b) context, this one does callback but not context unfortunately.
They should publish some source code, do they do anything more complicated than just sniffing the location header of a redirect url?
“FASB’s “mark-to-market” accounting rules helped drive AIG and...”
– Washington Is Killing Silicon Valley - WSJ.com
The WSJ used to be a good paper, now it seems to be really trashy. Blaming accounting rules on the failure of AIG and Bear Stearns? Laughable.
Even worse, the thing they should be reporting is how laws like the DMCA stifle entrepeneurs at the behest...
I need an online MP3 manager
I hate physical possessions. Less is more, things own you man!
Just joking, I actually just don’t like to have a lot of stuff because it’s a pain to move around, I like to have everything I own fit in a carry-on suitcase. There’s also the possibility of losing stuff, which is always a bummer.
When I lived in Seattle all my data lived on DVDs I burned or on my terabyte external...
Key Fry's executive arrested in alleged $65... →
With this and the Siemen’s corporate bribery department, I wonder how many other companies have skeletons in their closets.
Announcing TunnelerX 0.9.5 - An SSH Tunnel for... →
Tunnel your traffic over an encrypted SSH connection - sits in your OSX tool bar. Indispensible.
Mini-Microsoft: Rumors of Upcoming Microsoft... →
As a former Microsoft shareholder, I would say one large reason I sold my shares is because Microsoft has far more employees than is responsible.
It’s not that they should cut divisions, although they should, it’s that for any product they have far too many people doing far too little, either by choice or because of bureaucracy.
SWiK needs a reboot
It’s been over a year and a half now since I quit working on swik.net.
Working on SWiK was a weird experience. It was a total experiment, can we build a community of people to help other people get into open source software, or figure out how to actually use open source software.
Fortunately or unfortunately, SWiK started to pull in Google referrals by the truckload. This did not translate...
ToAnswer » Using Twitter to find answers to your... →
Twitter based Q&A site. Completely dead. Seems nice enough, I wonder why it didn’t work.
idea: someone should make a google co-op for PHP that shows you the function arguments without having to actually click-through to php.net
Knol: a unit of knowledge →
Google Knol has been in operation now for over a year, but I have yet to run into a useful knol page.
It suffers from the same problem as Squidoo, there seems to be a law of the internets where the more freedom you give people to express themselves, the lower the quality is of the content created.
A knol on the front page...
Incremental Responsive Caching
One tool I’ve fallen in love with over the past year for web development is Memcache. I give credit to Brian Aker for telling me that just depending on MySQL to intelligently cache is a bad idea. Since then I actually have stopped using MySQL but haven’t for a second stopped using Memcache.
I started using Memcache too much really. One negative consequence of using memcache heavily is...
Delicious Top Searches of 2008 Aren't What You'd... →
Yahoo absolutely ruined del.icio.us with their terrible redesign and complete lack of development. Traffic is off 2x from the peak and this was one of the most promising services ever IMO.
I interviewed at delicious years ago, way back when they were just a bunch of guys crammed in a tiny office near the Shake Shack by Madison Square Park. Things got derailed as they were in the middle of secret...
“Pixastic is an experimental library which allows you to perform a variety of...”
– Pixastic: JavaScript Image Processing Library
Pretty fricken cool - photoshop in the browser, no plugins needed. Doesn’t work in IE though.
“The Supplemental Results Index is still very much in existence, still very much...”
– Google’s supplemental index is still biting your ass | SEO Theory - SEO Theory and Analysis Blog
I’d say let’s level the playing ground: small operators need to build their own volume to compete. Don’t let Mahalo and Wordpress and Shopping.com just take all the Google traffic away...
Federated Logins: A security risk?
Now that Google and Facebook have launched their passport 2.0 systems for logging in with your google/facebook credentials on 3rd party sites, are we heading off a security cliff?
I’m not talking about a potential for sniffing a cryptographic key enroute to a credential server man in the middle stolen token key attack or anything, I’m talking about the hardest security problem of all:...
Banning Bots
One neat feature of a site built entirely on Simpledb is that it’s easy to keep track of the per page load database cost in dollars.
For most of my pages, that cost is fairly low, but still on the order of a penny per thousand hits.
Thinking back to swik.net, we were hit by bots (mostly the googlebot), over a million times a day. Even at 1 cent per thousand hits, that would add up to...
Love in Beijing
A common phenomenon in China is for 2 generations to live together - kids often don’t leave home until they are married, and after that often the parents come live with the kids and take care of the grandkids (or grandkid, as per the one child policy).
All of this family togetherness however can put a crimp in plans for privacy, so pretty often in Beijing I will see couples together making...
Ten things I don’t like about Google Chrome →
Cool that Cutts posted criticism about a Google product. My main criticsm of Chrome is Google should offer an OSX build already! It could even just be a developer preview.
The downside of Macbook Pros in China
I love my aluminum Macbook Pro, I’ve had it for over a year now and I see no reason whatsoever to upgrade it this year, other than the fact it’s a little scruffy now.
One issue however is in China the power is not grounded, so unless you wear rubber shoes, you will get a lot of shocks from the metal enclosure.
It’s a little pavlovian, slowly training me to avoid completing the...
Idea for a web site: iphone interfaces for popular websites - community rates best implementations.
Live Search GM leaving Microsoft - TechFlash:... →
Where is Microsoft Windows MSN Live Web Search headed? I haven’t heard anything out of MSFT for a while - I think they may just give up on search and try to get on top of the next next big thing.
Watching Apache Logs
Is it odd to keep a terminal tab open on your Apache log?
I do: watch “tail -n 100 access_log | grep -v bot | grep -v spider | grep -v css | grep -v javascript | grep -v service | grep -v Yahoo | grep -v fetcher | grep -v png | grep -v jpg | grep -v gif | grep -v Mediapartners | grep -v favicon | grep -v 137.165”
I used to have an app I wrote that visualized the log using ajax...
Google AdWords Gets Ready For Holidays With... →
Google unfurls the festivus pole for the holidays - yay!
Q: What Do You Get When You Add Karate Belts To a... →
Q: What is the most copied meme in new web services for 2008? A: Question and Answer sites via Yahoo Answers.
Google Image Search: Now with Text Ads. Ugh. »... →
I disagree with Ryan, the ads look fairly inoffensive to me, but it raises the question: can you opt out of these like you can out of the Content Network?
Image searcher I’d imagine are often not filled with the ‘intent-to-buy’ that makes google search ads so effective.
“Google Inc. has approached major cable and phone companies that carry Internet...”
– Google Wants Its Own Fast Track on the Web - WSJ.com
Weird, network-neutrality falling apart?
Proposal for a new blog entry element: source.
After tagging became a big deal, every blog, video, mp3 on the internet needed a folksonomy of tag keywords attached. One cool thing though was that tags already had a ready-made data format in RSS.
So many blog entries published are actually reposts, commenting on another story, but there’s no easy way to discover within a blog post what is...
Answerbag.com | Ask Questions, Share Answers →
Question and answer sites are the new web 2.0 meme. People didn’t need to ask “How is babby formed” before 2008?
App Shopper: Seadragon Mobile (Photography) →
Sometimes I wish my iphone wasn’t jailbroken so I could use the AppStore
AWS webservices - you need a community!
One thing I wish AWS did better is create a community or marketplace for other AWS users. Right now Amazon basically is the only one making the services in their cloud. Charge by the hour data storage: cool. Charge by the hour database queries: cool.
But let’s say I want to buy image thumbnailing processing by the hour. No dice. I can maybe do some 3rd party negotiations, or buy an AMI that...
What email sending services do you use? →
Email Apis - I love these type of Hacker News threads.
Personally we use SPF and EC2 with sendmail, even though it’s contraindicated in the comments it seems to work ok for us.
“A love spoon is an ornately carved spoon traditionally made from a single piece...”
– Love spoon - Wikipedia, the free encyclopedia
Who-ever heard about this. Pushing Daisies hasn’t had quite the same magic this season but it’s still got some good moments where I am sad it’s cancelled.