About & Contact

Articles & Links
Subscribe by Email

Articles Only
Subscribe by Email

Want a cool custom feed count image like the one above? Check out Conflagration!

RGR is hosted by asmallorange and powered by Serendipity. Have you checked out my other web sites? You can promote your blog at your favorite web forums with SigFeeder, or find some current, interesting news and opinion on a wide range of topics at Siteb.us! Like 'toons? Chat it up at the Animation Republic Forums. Or stalk me on my Pownce page.

Hiding passwords in plain sight

Sat 18 Aug 07 19:09 | Tags: Internet

You have to use passwords to access a lot of handy stuff on the internet. From vital, important things like online banking to fun, relatively trivial things like forums about cartoons, you're going to be asked to use a password to identify yourself. If you have a large enough presence on the internet, there's going to be a whole lot of passwords you're going to be asked to remember.

And, of course, you do just as the security experts advise, and use passwords that are combinations of letters and numbers, are of sufficient length, and are difficult to guess, right? And you never, ever write down all your passwords in one place; like, say, a text file on your computer, right? Right. Uh, me too.

Of course, we never would. But if we did…

But let's say for a moment that you were to create a file with your passwords in it on your computer. You know, just hypothetically speaking. This would be a really insecure and dumb thing to do, but is there a way to do it which would still make it difficult for someone with hostile intent to use your passwords if they came across that file? Sure, there are encryption tools and such to make files difficult for unauthorized people to access, but I've devised a little way to do this which I think works pretty well, but is much simpler to use. You know, if I were to ever do something like this, which I never would.

The key is that you don't need to put the entire password in the file; just enough to remind you of the password the next time you go to access it. And that reminder could look like gibberish to someone else. Let's say you had a goldfish named Oscar when you were a kid. A good password to make from this, then, would be 0scar79, 79 being the atomic number for gold. (Note that we're also using a zero instead of an oh for Oscar's name.) So how could that be obfuscated in a way that would remind you of that password when you needed it, but look like nonce to someone else? Well, it would be up to you, but I would probably do something like 0****(##atomic). Looking at that, I would think, "Hmm, begins with a zero, so it should probably really be an oh… has four letters after that… and it has an atomic number at the end, like an element or something… Oh! Oscar the goldfish!"

Okay, so it's a little silly. And I"m probably not the first to have this idea. But it works. I could theoretically keep my obfuscated passwords in a sidenote file, ready to pop up for easy access whenever I need to log in to Digg or something and can't recall my password. I just make some little rules for mapping the password characters to obfuscated ones; for example, a dash could signify repeated characters, and a percent sign could signify an intentional misspelling. Given those rules, here's some other sample obfuscations:

b4nana = *4**--
sanndb0cks = *a*-**0%%%
sod4caaanz8   = s**4**--*%(#young)
…(since 8 is Steve Young's jersey number)
green3141tea = ***-*(####apple)*e*
…(since 3141 are the first four digits of (apple) pi)

…And so on. Of course, you don't have to follow these rules; feel free to make up your own (in fact, this scheme will be more secure for everyone if you do). The key is that you merely reveal enough of your password to remind you of it, but not enough that others would be able to easily guess your password from what you've revealed.

You know. If you were going to actually do something like this. Which you shouldn't.

Get more great Ray Gun Robot content sent directly to your feed reader or email inbox! Subscribe today!
Articles & Links — Via Email
Articles Only — Via Email

0 Comments | 0 Trackbacks | |

Hey, I've got Pownce invites too

Sun 15 Jul 07 15:33 | Tags: Internet

Well, I'm not the first blogger to do this, and I surely won't be the last. But I've got these things and I've exhausted trying to give them away to friends, so total strangers may have their turn.

I'm giving away seven invites to Pownce. Pownce is a service inspired by Twitter, but with a few improvements. What's Twitter? It's like a combination of an instant messaging service and a blog; it basically allows you to send short messages to your friends and the public. Pownce follows the same formula, but lets you send files, links and calendar dates as well as messages. Check out my public page to get the idea. You can use it either through the web or through a client program. It's in public beta, but you need an invite from a current user to sign up. It could use some improvements, but I think it's on its way to becoming something quite interesting.

If you use the "Alpha" desktop client, be prepared to see this error a lot.

Want to try it? Then just either leave a comment to this post, or contact me privately. Just remember to give me your email address! All I ask is that you please at least try the service after you get the invite. Of the five people that I've invited so far, only one is actually using it regularly at this point; heck, even the guy that invited me has never posted anything so far as I can tell.

Get more great Ray Gun Robot content sent directly to your feed reader or email inbox! Subscribe today!
Articles & Links — Via Email
Articles Only — Via Email

5 Comments | 0 Trackbacks | |

In defense of top posting (sort of)

Wed 11 Jul 07 23:47 | Tags: Internet

John Gruber of Daring Fireball fame posted an article yesterday entitled Non-Top-Posting Reply Scripts for Apple Mail. Gruber provides an AppleScript which helps users of Apple's Mail app avoid top posting, which he brutally dubs "an uncouth and illiterate practice."

Top posting is the practice of replying to a message online - for the sake of simplicity, we'll specifically say an email - with the quoted text of the original message below the new content. It is the default behavior of Apple Mail, as well as Microsoft's Outlook and Google's Gmail, to place the cursor in a blank line at the top of a quoted message when initiating a reply, thus encouraging this behavior.

Top posting. My text is black; the quoted text is blue.

However, many people, Gruber included, think it's a mortal sin to reply to email in such an illogical manner; that is, with the newer information located above the older information on the page, contrary to any written language on earth. In the heyday of Usenet and mailing lists, posting with this behavior would likely garner you a mild reprimand by other readers, at the very least.

Nonetheless, the popularity of top posting in email today is undeniable. And I don't think it's necessarily bad in all circumstances. Before I explain why, though, let's look at the alternatives.

Bottom posting.

The traditional behavior of previous generations of email clients, such as the faded classic Eudora and the killed-before-its-time Claris Em@iler (not to mention old text-mode Unix clients), was to place the cursor after the quoted message, but before the signature block. When the user then wrote the reply, the new information would be below the older information, as is logical. Gruber's AppleScript essentially forces Apple Mail to function in this manner, with one unfortunate distinction; Gruber's script will place the cursor below the signature block as well. So a few keystrokes or some mousing will still be necessary in order to get the cursor in the "right" place for bottom posting (unless you don't use a signature).

Middle posting.

However, between top posting and bottom posting, there's a third, superior alternative. It doesn't have a definitive name - call it interleaved posting, inline posting, or even middle posting. In this method, you dissect the quoted message into ideological chunks, then write your reply to each chunk below it. Usually deleting parts of the quoted message that don't warrant a reply goes along with this, though this can be dangerous as you may not know what parts of the message seem irrelevant now but may be relevant in the future, to either you or the other conversant. Even more than bottom posting, this is - and was - the preferred method for replying to messages among many on Usenet and mailing lists, as well as web-based forums, their hip modern cousins. It saves space by not repeating the entire message, while at the same time making it easy to clarify just which part of the message you are addressing when you write your reply. This is the type of style I use for all my long-form electronic correspondence, whether personal or professional.

Therefore, Gruber's script doesn't help me much. It deletes the annoying blank line at the top, but it then puts the cursor at the bottom of the message - below the signature, even. In order to middle post, I have to track backwards through the message, either via mousing or the arrow keys, in order to get the cursor in place right after the first part of the quoted message I wish to reply to. The message doesn't have to be very long before this creates a situation where it's causing me to do more mousing/keying than it's saving. I'd rather have the cursor be in place at the top of the message, so I can track down the the first point in the quote I want to reply to. And as for the annoying blank line at the top… Sometimes I'll delete it, and other times I just won't worry about the easily-ignorable extra byte it's adding to the size of my message.

So if I think that middle posting is superior, why am I defending top posting and the email clients that facilitate it? Because in my job, I'm often having to deal with technical novices; people who don't know that top posting is traditionally bad form. Or maybe they do know, but can't be bothered to go through the extra effort that formatting an email for middle posting requires. (These would be the same people that can't put forth the extra effort to use the Shift key, for example. Mr Echo42, I'm looking at you.) Perhaps Gruber, as a professional tech pundit, is somewhat insulated from these sorts of people, but this is everyday conversation for our clients. These non-tech-savvy people are just going to do whatever their email client sets them up to do. And since email clients can't format a reply message for middle posting by automatically breaking a message into chunks and deleting irrelevant info (though this would probably be an interesting but ultimately futile artificial intelligence experiment), this means that they're going to either top post while quoting the entire message, or bottom post while quoting the entire message. So the question then becomes this; am I, as a reader, going to want to receive a message with the new information right there at the top and my previous message (which I can presumably still recall) below it, or one in which I have to scroll through my quoted message before getting to the new stuff? I obviously prefer the former.

I understand that top posting is counter-chronological, and I would still find it odd to see it being done on an online forum. However, with email, which is typically a person-to-person form of communication where the subject line is often enough to remind one of the current thread and direction of conversation (not to mention one more likely to be used by novices), I just can't get too worked up about it. It'd be great if everyone middle posted in their email replies, but since that's not going to happen, I'd rather they send me top posts than bottom posts.

Sending HTML- or RTF-formatted messages instead of plain text, however, should be punishable by death.

For more info about top, bottom and middle posting, see Wikipedia's article on posting style. Checking through the replies to Gruber's post through Technorati, most of them seem to be in agreement with me, though (with one exception) they've all spent significantly fewer words than I have to say so. One person in agreement, however, went so far as to tweak Gruber's script to support signatures. Gruber himself has posted a follow-up in which he seems to show support for middle posting, though, as I said above, I can't imagine how his script would be of much use for that. (UPDATE: It appears he also updated his original post to mention the problem with signatures.)

This post was written in Gruber's own Markdown mark-up scheme, by the way.

Get more great Ray Gun Robot content sent directly to your feed reader or email inbox! Subscribe today!
Articles & Links — Via Email
Articles Only — Via Email

0 Comments | 0 Trackbacks | |

Richardson, Romney and Fred join http://SiteB.us/USA08

Sun 8 Jul 07 19:36 | Tags: Blogging, Internet

I followed up today's release of Conflagration Beta 4 with an update to SiteBus's page for the United States 2008 presidential election. If you're interested in American politics, check it out; this page aggregates posts from the blogs or news sites of the candidates for the Democrats, Republicans, Greens and Libertarians - around thirty in all.

The changes in the update are:

• Democrat Bill Richardson now has a web feed for his blog, so he has been added. Right now, the top article expresses outrage about the recent commuting by Bush of federal convict Scooter Libby's prison sentence.
• Republican Mitt Romney was not included in earlier updates because the feed for his news page on his site is invalid and couldn't be properly parsed to get the articles out of it. This is still the case; however, his site now features a blog apparently written by his family entitled Five Brothers which does have a valid feed. This blog is probably the most "blog-like" of all the candidates' blogs; campaigning plans and platform diatribes are eschewed for lots of family pictures and such. I think the news feed would be more relevant, but until it is fixed, I've added the Five Brothers blog to the page.
• New Republican candidate and former actor Fred Thompson has been added.
• Republican candidate Mike Huckabee's blog has been removed from the page, as its feed seems to be experiencing sporadic errors. Huckabee's feed has worked fine in the past, so I suspect it's just a temporary thing; later tonight I'll try re-adding his feed and see if it works again. Currently his blog features photos of an electric guitar-wielding Huckabee on stage with his band, punningly named "Capitol Offense;" there's also a YouTube video of the band playing Skynyrd's immortal Free Bird. The guitar playing is fine, but whoever the singer is… well, he gets an A for effort.

Get more great Ray Gun Robot content sent directly to your feed reader or email inbox! Subscribe today!
Articles & Links — Via Email
Articles Only — Via Email

0 Comments | 0 Trackbacks | |

Jammin' with Joomla!

Sun 24 Jun 07 05:44 | Tags: Internet, Reviews, Software

One of the projects I'm working on at work is building a site using a content management system called Joomla! (I'm not overly excited about it; the exclamation part is actually part of the name, just like with Yahoo!) It was a bit of an experiment in that neither I personally nor the company as a whole had any previous experience with it, but I was told to give it a try for this one client and see if it was going to be something that we'd want to use for other clients in the future.

Joomla! is a fork off of an earlier CMS called Mambo. It's basically a PHP script which powers the creation of a web site in much the same way that blog software like Serendipity does, but it has a much broader scope; it can be used to make a blog-like site, but it can also build a site consisting entirely of static (unchanging) pages, or of periodical news articles, or of any combination in between. In addition, it has an extensive modding system with plenty of free and for-pay extensions which are fairly easy to install and include shopping carts, image galleries, and just about anything else you might need.

At first, I was skeptical of Joomla!, and didn't really like it when I started digging into it. It feels like it really does too much sometimes. It takes a bit of time to wrap your mind around the way that Joomla! works; for example, before you can add any content to your new site, you have to create at least one "Category," then one "Section" under the category; I'm still not entirely sure why this two levels of content categorization is really necessary. (Joomla! has an option, on by default, to automatically set up categories and sections and add some content to them when you install it, but I would actually recommend turing that off because you'll just have to go back and delete all that content later.) Also, when creating new Sections and Categories, you're prompted for both a "Title" and a "Name" for them, with no apparent explanation as to what the difference is between them or how they will be used. Weirdness like this give Joomla! a bit of a tall barrier to entry. Also frustrating are two things that I also found frustrating with WordPress; you're locked into using the unspectacular MySQL database system, and the "templates" are actually just PHP files which mix PHP code and page content and design, a poor programming practice.

However, the more I used it, the more Joomla! grew on me. Once you get over that initial hurdle of figuring out just how stuff is supposed to work, the simplicity and efficiency with which you can create new pages, add new content, and install new module features without ever having to touch a lick of code is quite pleasant - and will be greatly appreciated by our non-programmer client, who wants the ability to add content to his site by himself once we get it completely set up.

If you're going to try Joomla!, one extension that I highly recommend installing would be OpenSEF, which allows you to use URIs which are packed with keywords for search engines to index - not to mention making them easier to type for humans. Joomla! offers up some pretty gnarly URLs by default, such as (and I'm not making this up):

http://domain.xyz/index.php?option=com_content&task=view&id=8&Itemid=9

As our client is a guy who offers fishing tours of the local rivers, we're going to use OpenSEF to have an address like this instead:

http://domain.xyz/tour-packages-and-prices.html

Aah, much better. We're also using the RSGallery2 image gallery extension.

Anyway, just because you can create a Joomla!-powered site without any coding by all means doesn't mean you have to, and I sure wasn't one to shy away from a text editor for this project. For one, we needed to create a new template that'd be relevant to the client; after getting a mock-up image from one of our designers (that is, one of the guys that actually has some artistic talent; not my forte), I converted it into code and integrated it into Joomla!'s template system. I'd love to show it to ya, but it's not quite finished yet, so I can't link to it just yet.

One frustration that I had was that Joomla! does not have something in its back end to customize <title> tags for a page. It'll automatically create a title by taking the site name and appending the page's title as defined when it's created in the CMS back-end, but that wasn't really what I wanted for cosmetic and (especially) search engine optimization purposes. I figured there must be a way I could tweak the template to create a custom title depending on which page it was displaying. Finally, I found the $mainframe object, which contained a bunch of info about the current page that Joomla! used for various purposes. By doing a var_dump() on it, I found that the page's ID number was stored as a string at $mainframe->menu->id. So I whipped up a bit of PHP code and put it in the template near the top, before the mosShowHead() call.

<?php
//Better title-fier

if($mainframe->menu->id=="1"){
    $mainframe->_head['title']="Client Name Guide Service - River Fishing Tours in Humboldt County, Northern California!";
}
elseif($mainframe->menu->id=="6"){
    $mainframe->_head['title']="Client Name Guide Service - California Fishing Tour Packages &amp; Prices";
}
elseif(…){…}
?>

(Yes, smart-alecks, I could use switch instead of a bunch of if/elseifs, but I think the syntax for switch structures sucks.)

It's not easy to get started, but Joomla! is slick enough that I'd recommend it for people who want to get an easily-customizable site up and running quickly - though admittedly, you'll be setting up your second Joomla! site up an order of magnitude faster than your first one. Joomla! is free and open-source, so it won't cost you more than your time to give it a try.

Get more great Ray Gun Robot content sent directly to your feed reader or email inbox! Subscribe today!
Articles & Links — Via Email
Articles Only — Via Email

1 Comment | 0 Trackbacks | |