Category: Life online

Another reason to reconsider your password approach

According to Finjan Inc., Google’s anti-phishing blacklist (used, for example, in their Firefox extension) apparently contained various phished usernames and passwords, suggesting that you really should not use the same username and password combination across the web.

Interestingly, OpenID would have, to some degree, mitigated this breach by moving the username and password combo off by one step, so at worst, the only credentials compromised would have been the publicly known identity provider URL.

I’ll be posting more about the topic soon, but I think that, in this particular case, the OpenID model would have been slightly more secure in concealing the high value information (namely your username and password credentials), and, better still, in the case of a breach, if you still had access to your account, you’d be able to change your password once and reduce the vulnerability of the remote sites that you use your OpenID to login to.

And, note that I’m not talking about the serious matter of spoofing your OpenID provider… in which case OpenID is no better than any other phishable site.

Twitter and the future of transmogrification

Technorati on Twitter

I proposed to Ma.gnolia a short while ago that they start using Twitter to broadcast their system status updates and they implemented it shortly thereafter.

The beauty of using Twitter is its flexibility — you can ping it using Jabber, the web, SMS or through its API. You can also receive updates through the same protocols, as well as via feed subscriptions. I call this “” — essentially the ability to morph data between forms and through various inputs.

It seems that others are picking up on the trend towards Twitterification — and I find it very interesting, especially as the differentiation between bot, aggregate and human is essentially nonexistent. Was it a service, a friend or one of many friends pinging you just then? One never knows!

So far I’ve found these non-individual, non-human Twitterers

Organizations & Companies

Weather

I’m sure there are more, but do you know of any more that I missed?

Sticking eyeballs with toothpicks; or Yahoo buys MyBlogLog

Another sign that Yahoo thinks it can buy its way to the hearts and eyeballs of the netigentsia comes today, as Yahoo buys stalkerati tool MyBlogLog. We already knew that this was coming, but we’ve finally confirmed it.

Ok, so that’s all good and well — I’m impressed at how quickly this thing grew and then got snarfed up (in fact, I was checking out its impressive traffic today) — but what concerns me is that this kind of purchase underscores my thesis about Google’s Identity Mousetrap, but this time in the Yahoo neighborhood. Interestingly, in conversations with my Yahoo friends, they’ll said that their BBAuth system should have been reconsidered given the advances of OpenID… and yet, “Bradley Horowitz, vice president of product strategy at Yahoo, said Mybloglog will likely remain branded as a separate entity, but Yahoo users will be able to register on it with their Yahoo password. The reader communities will soon be able to access Yahoo services, like the Flickr photo site or the Yahoo Answers information service, to their groups.” (emphasis mine)

Ok, well, that’s business.

But, the language Horowitz continues to use also seems to threaten Technorati: This closes the loop between readers and publishers, he said. Every publisher wants to know his readers, and the readers want to find out about each other. It’s the power of implicit networking.

Which, if you’re a blogger and watch your Technorati stats, you can see that there are interesting parallels here.

Rafer continues: The biggest thing in blog search is ego search – my name, the web sites I love, says Rafer, who will work for Horowitz, promoting his service to Yahoo’s many properties. People search Google and Wikipedia for information; with blogs, people look for cool things and serendipity.

So what’s curious (that I don’t have much insight on) is what this means for Technorati, who now supports OpenID, both as a provider and consumer, and Yahoo, who seems interested in the 33,000 MyBlogLog users and getting them to switch to Yahoo logins, but who doesn’t yet have its own blog search to cater to that audience. I mean, it makes sense, it’s just a bit… odd. Is it really worth $10M?

Dodgeball mobile site on the way

dodgeball mobile (logged out)
After suggesting that Dodgeball had become braindead, signs of life, like the forthcoming Dodgeball Mobile, are making me reconsider.

Dodgeball Logged in

One thing that I would prefer to see, though, is their use of the “m dot” convention, rather than the longer-than-necessary “www.dodgeball.com/mobile” URL.

I sent them this feedback and got an automated reply:

Thanks for writing to dodgeball. This is just an automated reply to let you know that we received your email. We’re putting most of our energy on
improving dodgeball right now, so we’re unable to provide personal
responses to all the email we receive. We do look over all feedback and
suggestions, so we can bring you the best dodgeball experience possible.

So, at least they’re “putting most of [their] energy on improving dodgeball”. We’ll see, but frankly I’m becoming more and more of a fan of Plazes SMS.

Information philanthropy

I hadn’t quite thought about the co-production economy from the standpoint of philanthropy, but in a message from Chris Baskind, the admin of the Lighter Footstep Ma.gnolia Group, he said:

I know there’s nothing more valuable to you than your time, so let me ask for it directly: please contribute great links when you see them. Ma.gnolia’s interface is snappier than ever, and it doesn’t take long to archive a resource that might really make a difference to someone down the line.

It occurs to me that perhaps in the information economy, quality information, links and good ideas really are useful and valuable surrogates in place of donating money, which require centralized bodies, disclosures and other “conversion taxes” (that is, changing your dollars and cents into things that are tangibly useful for an endeavor).

I dunno, thoughts?

Opera 9.10 adds antiphishing

Opera Fraud Protection

Opera 9.10 is out today with the the addition of what they’re wisely calling “Fraud Protection” (Firefox calls phished or spoofed sites “suspected forgeries“).

Similar to Firefox’s hybrid approach, wherein you can either download a list of sites to your computer or instead run checks against a Google service, Opera downloads a list of URLs from Phishtank and then runs a query against GeoTrust to see if the domain you’re visiting is legit.

It’s interesting to see that the heaviest area of browser “innovation” in the past couple years seems to be in anti-phishing, anti-spam, anti-popups, anti-forgeries, anti-fraud and generally fighting other things that make the Internet suck.

Now, at least, most of the major browsers are caught up with technology that will submit your surfing habits to third party sites in the interest of protecting you from the baddies, though it’s of course curious the choice of partners in each case and how this benefits each, enabling them to learn from this data… For example, in the case of Firefox or Microsoft, who partnered with Google and… Microsoft… respectively, will they also be able to use this information to improve their search results and advertising tactics? They say no, but hey now, if they’re the only choice on the block, that puts them in a pretty powerful position to determine who’s on the up and up and who’s… not.

Make me money, make you money

Ebates cash back

Ok, I’ve avoided overly commercial messages in the past, but when I do find good deals, I think it’s worth it to pass them on, since I appreciate it when other people do the same. I’ve used Trezr for this lately, but today I’m going to whore out my own blog because I think this is actually a pretty good deal for everyone.

<sales pitch>
If you go check out Ebates today (note: affiliate link!), you’ll find a Cyber Thursday sale that’s only on for another seven hours.

Some of the rebate rates they’re offering are pretty sweet — but the one that caught my eye was 2% off at Apple… double the normal 1% rate. This is a pretty good discount if you’re looking to buy a laptop or G5 (hint: 2% of $2500 is $50).

Anyway, here’s what’s in it for me. You sign up using my affiliate link, you make a purchase using Ebates, and I make $5 and you make $5. That’s it. It’s not like they’re doing anything special for me — but I figured that today’s deals were good enough to put it out there and, should you choose, you could take advantage of this.
</sales pitch>

As you can see from the screenshot above, I’ve saved a bit of money using Ebates since 1999… So, again, if you want, go sign up and make me some money and you some money too.

And thus concludes this overtly commercial message. Which, I might add, will be an extremely rare exception in the course of things.

Ask and yee shall receive: FlickrBooth

FlickrBooth

Nearly a year ago, I asked for someone to hack Photo Booth so that I could upload photos directly to Flickr. This would be useful at BarCamps, parties and, well, anywhere else that you wanted to speed up the capture-to-Flickr process.

Turns out that Tristan O’Tierney, a self-proclaimed Mac Geek, has finally built the solution, which he calls FlickrBooth.

I tried it out and not only does it work as described, but it’s mind-numbingly easy to install and start using.

Searching for the Noah’s Ark of Syndicated Content


Original © copyright 2003, University of Delaware College of Marine Studies.

Filed under “thank god I’m not alone in this”.

Khoi Vihn recently posted on a topic that I very strongly relate to… “So Many Blog Posts, So Little Time”:

The problem is there’s so much great, engrossing net activity and blogging going on, and I have so little free time. When I do find myself with a spare moment, I’m struggling just to keep this blog up-to-date, leaving me very little time to just surf. The net effect is that I just can’t keep up with what everyone’s saying, except in fits and spurts. So, when talking to folks whom I consider to be good friends, I’m perpetually embarrassed by my shallow knowledge of exactly what they’ve been up to.

Phew. Well, at least I know I’m not alone — and Tara’s feeling this too. Running a business, having a flooded inbox, dealing with being a human, all that stuff, well, it makes you wonder what’s going to happen when the long tail starts experiencing this problem and revolts by abandoning social networks in droves, unable to keep up with the steady stream of service notifications. I mean, feeds help — but only at literally aggregating content… they do nothing to actually provide you more attention or brain power to consume or make sense of the content.

Meanwhile, Matt over at SvN4 lays out a couple possible solutions to what he calls “The RSS avalanche”, proposing four different filtering solutions:

I’d add three more options:

But still, these are only mechanisms for paring down the content available to you to consume. How do you still pick from these filters the things that are worth revisiting, bookmarking, taking time to consider, or even to respond to, in the comments or on your own blog?

What will the solutions look like for non-tech savvy audiences? Or just folks who increasingly don’t have the time to fiddle around with setting up these filters? Is this not the suggesting an inevitable return to the travel agent model? Wouldn’t you like an information-travel-agent to pick out the most interesting content, customized for just you? Who you can trust not to let anything slip by? I don’t think that robots or community filters can play this role, though they can help.

So I have a confession to make. I’m only subscribed to 15 feeds right now. Total. And with email, I still can’t keep up. So what are you doing about the coming deluge? Have you discovered the Noah’s Ark of Syndicated Content? And if so, why haven’t you shared it yet?!