Mostly Harmless

Article on the BBC about search sites indexing information from social networking sites as well as the usual sources such as websites and newsgroups.

The interesting thing is that these sites don’t really change anything - yes they provide a “picture” of sorts of a person’s dalliances online that is accessible to the ordinary person but they don’t give you much more than a little fiddling with Google could have done.

In my case (and I have a pretty unique name) all you get is a rather fetching picture with a christmas hat from myspace that isn’t currently on this blog. So far so not very revenue generating for the site in question. A few scraped links to technical queries on online forums and mailing lists also aren’t very interesting to anyone, given that the email addresses and topics under discussion will be a few years old now.

What most people already knew to be true hasn’t changed - for piece of mind online just don’t use your real name. Given that I’ve got profiles across several social networking sites, this blog and quite a few domains in my name as well as profiles on numerous forums the level of information scraped by these sites is really pretty piss poor. Yes, these personal info aggregation sites do pose a major risk to those teens currently posting deeply personal stuff publicly over the web, but really that is the fault of the parents who let them have access to something unsupervised that they don’t really understand the implication of themselves.

If you do have a lot of information on a profile (such as facebook) including telephone numbers, address and birthday then that should really be a friends only page anyhow (don’t join a network) - unless you’re the type who writes your details in pub toilet stalls hoping for a “friend request”…

The sites also seem to suffer from the usual “common names” problem - they can tell me that Dan is a councillor in Eastbourne and was a governor at a local school but not one of them managed to link both of these pieces of information to the same name. One of the sites picks up my boss (who has a pretty unique name) but again simply by pulling a myspace entry which links you to one of the sites that she owns.

From the point of view of unique features, if the site is simply trawling other social networks and the web then it’s in danger of dying of irrelevance - myspace, facebook etc could easily partner with a search company if they wanted to trawl information from other sources for users to add to their profiles but most people don’t want that anyway - I have absolutely no interest in auto populating a profile of mine with out of date information or detail of online support requests to the MythTV project. Most people’s profiles are highly tweaked to a specific picture they want to provide at that moment.

I’m not saying that an upstart service couldn’t combine Google style search algorithm power and social networking into something massively wonderful / privacy threatening depending on your perspective but what I am saying is that the level of technical acumen and capital required to achieve such a thing makes it pretty unlikely. Pretty much the only thing these sites seem to do at the moment is provide an ever useful reminder to be careful what you attach your name to.

Rowan :: Aug.08.2007 :: Internet Anonymity, Personal Entries :: No Comments »

I’m actually kind of surprised that this is news. I remember at a previous employer watching facilities get told off for hoovering out a printer that had suffered a toner spill as this would spread the carcinogenic particles throughout the office and that the clean up should actually be done with special equipment with filters (and presumably with a mask).

This said I know a lot of people with laser printers in their homes now and we were considering one ourselves, so it goes to show anything that gets coverage for something which is er technically known but not widely known is worth knowing.

You know a blog post has gone south when you start to sound like Donald Rumsfeld…

Rowan :: Jul.31.2007 :: Hardware, Health :: No Comments »

I was lucky enough a week or two back to get a day away from the screen up in London to attend Nominet’s registrar information day. The event had a sensible start time of 9.30 for registration (presentations starting at 10.00) making travelling up the same day just about possible (i.e getting up at 5 is the very earliest I’ll entertain). I would have been there bang on time if not for a tube derailment (nothing to do with my deciding to travel I might add, gypsies curses not withstanding). Walking up a quiet Oxford street in some rare sun was really rather enjoyable.

The event itself is a strange hybrid, in some ways it would be appropriate as an Induction for new Registrars but there is also useful content in most of the segments on recent developments and a presentation on future technologies at the end and these are appropriate for anyone at a registrar who needs to keep up to date and indeed there were several attendees who had been before or were even regular to the event.

The attendees were a mixed bag or management, techies and administration staff, comprising those interested in being registrars only if they can fully automate the process to those working for small development and consultancy outfits still composing emails to register domains by hand. This made the fact that Jay Daley (whose rather scary blog on control freak techniques is well worth a read) managed to do an overview of some fairly technical subjects (DNS-Sec, Enum) before going home time without some of the less technical members of the audience beginning to foam at the mouth rather impressive.

In general the staff seemed to recognise that the organisation has an image amongst some of it’s registrars as old fashioned and bureaucratic and indeed the organisation has added a “Key Account Manager” position so that they can keep in touch with and get better feedback from the registrar community. One expects these sorts of days to be well choreographed but all of the staff I spoke to certainly gave me a more positive view of the organisation than I had had previously as well as being able to put emails addresses to faces, something which is always handy.

The staff were pretty honest, when queried on the precise rules behind a technical process involving merging account Nominet were happy to say “we’re still having fun playing with that”. Obviously it would be nice to have live systems fully documented but not being honest about why they aren’t documented yet would have been worse than confirming the details are still being set.

The concept of getting the technical team to blog along with their technical challenges as part of their objectives seems a good way to make their work more visible as well as documenting technical humps traversed (I’ve got no idea whether Nominet have an internal knowledgebase but it always surprises me how many places don’t for various reasons) and indeed publishing some of that knowledge is a pretty admirable goal for a team working at a high level. Customer facing technical teams in commercial organisations often can’t blog about recent challenges in case these reveal details about a particular incident they’d rather the customers didn’t know about for reasons of confidentiality or business prudence so it is good to see an organisation that has the opportunity take advantage of it.

Ultimately the day was worth attending and will probably be worth revisiting at a set interval or whenever there are interesting developments at the organisation that will affect the business.

Rowan :: Jul.27.2007 :: Reviews, Web Hosting :: No Comments »

Recently a couple of the people who run the biggest WPMU based sites out there have put together a premium member’s area for those wishing to run serious MU based sites.

Seeing as Boz and I have been recently putting together an MU site for a group of friends this is an interesting development, I can immediately see the need for this for those working singly or in small departments who don’t have the direct WPMU expertise but want to quickly reach a large user base on a stable, scalable software base. A reasonable proportion of the freely available MU plugins out there look like they may present scaling difficulties down the line - something you definitely don’t want if you’re providing a service you have to support. Hitting a wall once you’re a few thousand users in is probably extremely unpleasant as it’s harder to redevelop something that is running 24/7.

If we do get around to building another site with WPMU (I have to say I’ve enjoyed working with it) I’ll probably subscribe to this as much out of interest as out of need.

The only real downside I can see is that they may well get an influx of subscriptions from people who really want everything done for them, from consultation to installation and ongoing support which may well clog up the premium forums and their time to support on there with inappropriate questions. However the entry fee will hopefully discourage this kind of behaviour.

There may well be a snotty counter argument to doing this sort of thing off the back of GPL style software, but in all honestly, WPMU is a fair way short of what wordpress.com is so it’s difficult to make an argument whereby these people shouldn’t get rewarded for their expertise and time. Essentially I can see dev premium saving me time in working out answers other people have already arrived at and life is too short for the alternative.

Rowan :: Jul.20.2007 :: Web Apps, Wordpress MU :: No Comments »

The forums over at Wordpress MU aren’t really the hand holding sort, the regulars are just too busy. However if one has done some background work first there are good solutions in the threads and the regulars are happy to assist someone who has managed to get a part of the way on their own initiative.

A lot of people however seem to approach MU without the pre-requisite skills suggested in the software’s readme (i.e being able to cope with server level software as opposed to a single cms / wordpress install).

For this reason I’d consider the four points below fairly essential if you want to work with MU (even if you have a technical background).

1. Use self hosted wordpress for at least six months - by “use” I mean creating a site installation you’re happy with and blogging to it regularly. Install via FTP or shell rather than fantastico or equivalent and install any security updates as soon as you can.

2. Be comfortable installing and fixing small issues with widgets, plugins and themes - be comfortable reading through the code and following the logic into the database if something isn’t working as expected. The wpmu forums are an invaluable resource but will often only point you in the right direction with a code snippet, you’ll have to apply the solution or follow the logic through so it fits to your site.

3. Ideally have written some plugins / widgets / themes for WP yourself - I hadn’t before starting to work with MU and I really wish I had as there is the added complexity of considering the multi user element when working with MU.

4. Be able to manage the necessities on a dedicated server or VPS  - If you need to hire hardening or optimisation experts or have the budget to pay for management, fine. My own WPMU site is currently sitting on a shared host and will hopefully be fine there - once ready to deploy a site that will be for the wider public rather than just friends from reading the MU forum it appears that this is the ONLY reliable way to go. My experience at a shared hosting company completely backs this up - as a general rule users aren’t allowed to install server level software themselves as it puts far too much of a drain on the shared resources.

Rowan :: Jul.11.2007 :: Web Apps, Wordpress MU :: No Comments »

I can’t help but laugh at the fact that the BBC had to implement Microsoft DRM technology into their iPlayer application. The reasoning behind this…

“The rights holders - the people that make the programmes, from Ricky Gervais to the independent producers that account for up to a third of our programming - simply wouldn’t have given us the rights to their programmes unless we could demonstrate very robust digital rights management.”

…is all well and good. But wait! Doesn’t the BBC already distribute programming in an unencrypted fashion through which it can be readily recorded and redistributed without restriction? (I’ll give you a clue, it’s on the roof…)

So this player developed presumably with license payer’s money is a total irrelevance to me as I don’t run a Microsoft operating system for more than a small % of time anymore. One of the major reasons I gave up the operating system is because it forces you to do things the way the company thinks you should do them, rather than the way that makes most logical sense. Can I get a refund on the bandwidth costs for this as well as anymore reality TV muck you choose to produce? No? Didn’t think so.

A decent digital TV card or box for the PC now costs about £30 - £50, recordings from which can be readily burnt to DVD. Funnily enough the ability for people to record television programming so that they can keep it historically hasn’t cause the market to collapse - the VCR was not the end of media as we know it and neither was the DVD or hard disk drive recorder. The sales of pre-recorded DVD format releases should have proved this beyond all doubt.

I didn’t take Ricky Gervais for a delusional paranoid - but there we go, stranger than fiction.

Rowan :: Jun.28.2007 :: Media, Operating Systems :: No Comments »

As further proof that whenever you have an idea the Internet is capable of crushing you by showing you that someone has already done it, I’ve been meaning to write an article on this for a while - and now I don’t need to.

Updating a personal website has always been something I’ve known I should do, but never got around to very well, Wordpress lets me easier than any other CMS I’ve used.

Rowan :: Jun.25.2007 :: Reviews, Web Apps :: No Comments »

I’ve been a reader of Bruce Schneier’s CRYPTO-GRAM newsletter for some years now and it always inspires mixed feelings. Schneier writes with authority on security, terrorism and the psychology of both. At the danger of being misrepresentative, here’s a quote

“We worry about airplane crashes and rampaging shooters instead of automobile crashes and domestic violence — both far more common”

Depending on the issue, you might feel safer after reading but generally you come away worrying about people’s ability to be duped over what is and isn’t an actual probable risk to them. You’ll worry about politicians taking advantage of these as easy emotive issues rather than focusing on more likely ones that are harder to “sell” and you’ll worry about the media herding people in the direction of their statistically improbable fears rather than acting as a responsible platform.

“I tell people that if it’s in the news, don’t worry about it. The very definition of “news” is “something that hardly ever happens.” It’s when something isn’t in the news, when it’s so common that it’s no longer news — car crashes, domestic violence — that you should start worrying”

On the good side, it’ll help you be more rational about the security threats that are actually likely to effect you. I’ve scared the crap out of my partner on more than one occasion by arguing that if someone really wants to get to you or the contents of your house, the lock on the door and the burglar alarm are really only a formality. They stop people wandering in but they won’t stop someone breaking in (unless they’re inept…which is another story). So what really determines if you should be scared of burglary is the amount of attractive swag you have in your home and how many people know you’ve got it.

It’ll also remind you that security theatre like a burglar alarm is still worth it so you don’t have to get up every time the freezer clunks in the hall, one thing I really like about Schneier’s writing is he doesn’t belittle people for being people (and that must be oh so tempting when you’ve been working in the field as long as he has).

The newsletter is perhaps over long for the “average” reader, but for every single intelligent person I’d advise having a read, it just might help you feel more rational and clear headed about what you ought to be spending your valuable time worrying about

Rowan :: Jun.18.2007 :: Personal Entries, Security :: No Comments »

It has been such a very long time since there was a record that really mattered, a record that can get under your skin. Something that tries to take on the world, chew it up and spit it out, snarling and cool all at the same time.

Continue Reading »

Rowan :: May.30.2007 :: Personal Entries, Reviews :: 2 Comments »

Spent an enjoyable evening yesterday playing the Viking Game with Jen and family (yes yours truly really knows how to live it up of an evening). It’s a Tafl game or basically one where the teams are not equal. The King (who has a small guard of pieces) has to escape and the attacking team have to prevent the king escaping and ideally surround him with four pieces in order to run him through.

Thinking ahead is actually harder than something like draughts, because the pieces are not constrained to only move once square at a time, they can move any distance as long as their path is not blocked.

I haven’t found a computer equivalent that reproduces the board game we played exactly - only one that runs in a DOS box where the king can win by reaching the edge of the board, which makes it fairly easy for him compared to the version we had where he has to escape to one of the four corners (which are more easily blocked). I suspect this is balancing on the part of the producers of the boxed version because it does seem a bit easier to be the king at least going from the first couple of plays. Also that old DOS game seems a wee bit hard…

If anyone knows of a more recent Linux variant of this game, do please let me know.

Rowan :: May.29.2007 :: Games, Personal Entries :: No Comments »