Friday, 31 July 2009

Hardware hacking: VCR cat feeder, boot fetish Pong console







What fun.

See the BBC video (story here) of Dorkbot enthusiast James Larsson where he shows off his VCR cat feeder (dispenses food at the time the VCR’s been set to).

The cat's shown at the start and, err, the demo is at 03.08 if anyone wants to know, of a kinky boot fetish Pong game where the onscreen players are made to go up and down by groping and fondling leather boots (seriously) – and if you miss a point you get punished by a motorised whip (severity level adjustable)!

James Larsson and his inventions have also been featured in the New York Times and Wired.

Thursday, 30 July 2009

UK mobile broadband charges – don’t go over your limit!






The BBC has reported a survey by price comparison site Moneysupermarket.com which found that some 75% of UK mobile broadband users risk high charges for going over their monthly download limit, as over 50% didn’t know what their limit was while another 24% didn’t even know there was a limit.

According to the BBC report, the current charges are, for every extra gigabyte over your limit that you use:

    Mobile network operator

    Charge per extra gigabyte

    O2 £200 (!)
    3 (Three) over £100
    Vodafone £15
    Virgin £14.95
    Orange £14.95
    T-Mobile No charge, will suggest heavy users change tariff.

The BBC news report has a quote from O2 that the high penalty was "used as a deterrent and to make sure that others using the network had a good experience.. We text them when they are at 50% of the usage, and again at 90% and again if they go over.”

I have a 3 dongle and exceeded my monthly limit once, but I wasn’t charged as much as £100!

I think the BBC article is slightly misleading in that you don’t get penalised for a full GB’s worth of charges the moment you go over your allowance – it’s a scaled charging structure, according to the full Moneysupermarket.com mobile broadband guide with costs charts which appears to be the source of the BBC item. UPDATE: I picked up on an older item - the Moneysupermarket.com news release for this specific subject must have been given to the BBC and picked up by them before it was even published on Moneysupermarket.com's own site! Here's the specific Moneysupermarket press release.

But I do agree the charges for going over your limit are too high, and the differences between the mobile network providers is staggering.

To me, the most important practcal issue for consumers is: does the network text you as soon as you go over (ideally with a reminder of the rates), or even better text you if you’re getting near your limit? Unfortunately that information isn’t in the Moneysupermarket.com tables.

Wednesday, 29 July 2009

Windows: update Internet Explorer ASAP






If you were asked by Windows Update to update last night and you didn’t do it, or if somehow you got missed out, best get the MS09-034 update ASAP that Microsoft rolled out quickly yesterday (scroll down that page for a link for your particular system) as that has fixes for critical ActiveX security vulnerabilities affecting your web browser use.

Via Heise Security.

How to market to female bloggers






A survey of attendees to BlogHer 2009 (biggest conference of female bloggers in North America) by Ketchum showed that while over half of those surveyed are contacted by PR professionals at least once a week, public relations and marketing professionals are still not quite getting it right.

What should PRs be doing to market to women bloggers? The common themes from the survey aren’t surprising, any female blogger could recite most of them wearily by heart, so it’s disappointing that they’re still prevalent:

  • “Take the time to read their blogs and understand their areas of focus. Many women bloggers said they would like to hear about news and products that better match their specific interests.
  • This applies to location, too. A number of respondents said they receive communications about products and events not available in their regions or even their countries.
  • Know that they are “more than their blog” – they have other roles in addition to being a mom or a blogger, say respondents, including jobs outside the home.
  • Similarly, don’t assume that all women bloggers are “mommy bloggers.”

I've certainly had emails from some quarters continue despite my politely replying that I'm not e.g. a gamer so I don't review games. (I am interested in mobile - stay tuned for a review of Skype on 3 soon.)

The second is kinda shocking. Mass emails, I expect; but to the wrong country?

At least I don’t get the last problem, in fact I still get people emailing me who assume I’m male! (I’m guessing it’s the “us” in “Improbulus” but it could be because I try to avoid talking about anything pink, motherly or kiddie related on this blog.)

I don’t really mind if people assume I am no more than my blog, as I try to put a lot into this when I’ve time. Unless that point is getting at the following, which I do have a bugbear about - and I feel this applies to PRs dealing with all bloggers, not just female bloggers:

  • Don't assume bloggers have nothing else to do and will instantly drop everything in order to immediately reply to your email / review your product / go to your launch. Bloggers who aren't pro bloggers do have day jobs and lives, and we'll try to get to your product or service when we can, but there may be a long queue and these things take time (at least in my case, as I mostly write quite detailed reviews).
  • Corollary: if you want me to go to your launch, press conference or meeting, please please please give me lots of advance notice and an indication of what it's about and how long it will take, so I can schedule other events in my life to fit it in. And don't be surprised if I can't make it if you're only holding one event in one slot on one day with one week's notice. In other words, put on several sessions throughout the day / evening, on more than one day, if you really want lots of bloggers to attend.
I think that actually the lesson for PR & marketing people is pretty simple: just engage brain, treat bloggers (male or female) as working professionals with limited time, and you won't go far wrong. A polite targeted enquiry never goes amiss, even if mass emails may go unanswered.

Thanks to Mat Morrison for his tweet of a Bulldog Reporter report on the Ketchum survey.

Tuesday, 28 July 2009

Funny pub signs






(Photo by Impact Tarmac from this page, shown here under a Creative Commons Licence; seen on Dark Roasted Blend)

See also this equally funny pub sign (which I’m not showing here, as it’s not licensed under CC).

Monday, 27 July 2009

Online shopping comparison sites – shipping costs must be included






UK internet shopping web sites should probably (whether they knew it or not) have had to indicate shipping / delivery costs (as well as VAT) clearly on their sites since May 2008, under the Consumer Protection from Unfair Trading Regulations.

That particular point was made in guidance from UK government departments on computer online sales, rather than something that was explicitly spelt out for all web shopping sites, but it makes sense or is at least good practice, given the general law banning “unfair commercial practices” which should have been implemented across the EU in 2007 – the UK were late, and a few others are still behind (more on unfair commercial practices in the UK; and see which countries have banned unfair commercial practices).

A recent Google Base blog post mentioned that “on July 16th the German Supreme Court ruled in a lawsuit concerning shipping costs in comparison shopping results” and that Google were working on a solution for German merchants.

Now I’ve not been able to track down the judgement or any other news on it yet, but I strongly suspect that the court must have ruled that internet price comparison sites are required to include the full total price when serving up results comparing products from different websites, i.e. sales tax and shipping charges as well as the base price.

And I wouldn’t be at all surprised if that’s because of the Unfair Commercial Practices laws in Germany.

As soon as I've more info I'll report back. Does anyone else know any further details about this case?

Update: now see the German court's press release (in German) on the German supreme court ruling of July 16, 2009 - I ZR 140/07 (LG Hamburg, decision of 16 Jan 2007 416 O 339/06 & OLG Hamburg, decision of 25 Jul 2007 5 U 10/07 Karlsruhe, 17 Jul 2009), kindly sent to me by someone whose translation of the press release is as follows:

"Under the price regulation, a dealer is obliged to indicate whether in addition to the final price of the product there are additional delivery and shipping costs. Where appropriate, he must indicate their amount or the way in which they are calculated. This information must be clearly assigned to the advertising as well as easily identifiable and clearly legible or otherwise be made clearly perceptible.

With prices in price comparison lists, consumers must be able to see at a glance whether the price includes shipping or not. The significance of the price comparison, which is usually displayed in a ranked list, depends on this essential information. Under these circumstances, it is not sufficient if the consumer is only informed about additional shipping costs at the moment he consults the details for a specific product."

While that’s just a local German case, it may be influential elsewhere in the EU. And there's no reason why it shouldn't apply as much (if not more) to shopping sites as to price comparision sites. If the result of the case is to make European retail websites as well as price comparison services (aka shopping comparison sites or price engines) pull their socks up and provide complete easy to find pricing information in terms of the actual total cost to the consumer, making it easier to compare the total cost of purchase, that can be no bad thing for consumers.

Tags: , , , , ,

Nominative determinism 11






An orthodontist in Maryland, USA is called... Dr Bonebreak!

Hat tip: Kirk.

See also:
Nominative determism 10: dogs lead in Barking, woof woof!
Nominative determinism 9
Nominative determinism 8
Nominative determinism 7 and other funnies
Nominative determinism 6
Nominative determinism 5 and similar stuff
Nominative determinism 4
Funny acronyms: nominative determinism again?
Jobs reflecting names (nominative determinism, or aptonyms)
More silly or unfortunate names: Justin Case, Sue Mee, Rob Mee etc

And for funny or rude food names etc:
Funny food expiry date typo
Funny food name
Funny food name 2

Saturday, 25 July 2009

Google in straitened times..






I guess in these tough economic times, Google will take ad money from just 'bout anyone!

(For those who don't know, Bing is Microsoft's new search engine, the first that's likely to prove to be any serious threat to Google.)

Thursday, 23 July 2009

Adobe Acrobat – Flash / PDF security issue






Heise Security report a critical security vulnerability relating to Adobe Flash Player, Adobe Reader and Acrobat 9.x for all platforms (Windows, Mac, Linux).

Your computer could be infected by a PDF trojan (Trojan.Pidief.G) and taken over by malicious hackers if you open an affected PDF document or visit an affected website whether via Internet Explorer or Firefox. (Flash is used for lots of things on the Web like displaying YouTube and other videos.)

The exploit hasn’t hit many people so far, but you don’t want to be one of them!

Until Adobe release an update to fix this (hopefully by the end of July), to protect yourself:

  • Don’t use Acrobat / Reader! There are other free PDF readers around like Foxit (though even they get security holes from time to time; but they’re less of a target)
  • Use Firefox / NoScript when browsing. Then Flash content will be blocked until you click to let it through. Needless to say, click at your own risk! And you still have to beware when opening downloaded PDF files.
  • Delete or rename the authplay.dll file, which in Windows is usually located at C:\Program Files\Adobe\Reader 9.0\Reader\authplay.dll or C:\Program Files\Adobe\Acrobat 9.0]\Acrobat\authplay.dll (I didn’t have it at all on my computer, oddly). This deletion may make some PDF files crash, but probably not many.
    • Note: you may need to get your computer to show hidden files first. In My Computer / Windows Explorer that’s Tools > Folder Options > View tab > Hidden Files and Folders – select Show hidden files and folders.
  • Disable Flash in your Reader, Heise has suggested (which is what I did, as I couldn’t find the authplay.dll on my Vista system). That’s done via Edit, Preferences, then Multimedia Trust; find the line Permission for Adobe Flash Player and select it, then choose Never from the Change permissions dropdown, and OK it. Here’s a screenshot for those who prefer visuals:

Wednesday, 22 July 2009

Vanish: self-destruct your Facebook posts, Webmail emails etc






If you’re privacy / security conscious and worried that once email or other data gets out onto the internet it’s there forever (usually even if you hit Delete on your own computer), then you may be interested in Vanish, a new open source research prototype (i.e. not yet bug-free), which has just been released by the University of Washington, so that what you say online won't come back and bite you someday!

How it works is, Vanish:

“can place a time limit on text uploaded to any Web service through a Web browser. After a set time text written using Vanish will, in essence, self-destruct.”

Note that it “wraps round” the sensitive text that you want to self-destruct, so it can be included in virtually anything displayed in a browser.

It’s meant to work with Facebook messages or Wall posts, Gmail (Google Mail in the UK), Yahoo! Mail and Hotmail, as well as Google Docs and (if you really must) Blogger posts, even chats and other Web services (Outlook too, see below):

“After a set time period, electronic communications such as e-mail, Facebook posts and chat messages would automatically self-destruct, becoming irretrievable from all Web sites, inboxes, outboxes, backup sites and home computers. Not even the sender could retrieve them.”

Normally I test stuff, often for months, before I blog about it in a full review. But the documentation for this is pretty detailed and well written, complete with video even (embedded above), and I think the concept is brilliant, so I’m doing a quickie overview / review about it now.

So, you'll know I’ve not tried it in depth yet, but I think it’s well worth trying – it’s free so you’ve nothing to lose (but bear in mind it’s beta or even alpha).

I’ll of course blog more about it once I’ve had a proper go, if I've more to add.

How to use Vanish

You need to:

What it does is to convert the text you select into a jumble of encrypted characters. Paste that text into the email you're going to send, Wall post etc, instead of your original text.

You use Vanish (e.g. via the Firefox plugin or their online page) to do that conversion, and also to convert jumbled text back to plain readable text - see the documentation (scroll down that page a bit).

Note that it doesn't do the conversion automatically - you have to manually select text, convert, copy / paste etc. And the online version UPDATE: (not tried the installed version yet) doesn't let you choose the expiry date / time, it's fixed at about 8 or 9 hours maximum.

UPDATE: another limitation is that you have to be online to do the conversion, either way (though the self-destruct happens automatically even if you're offline), and as it uses Vuze BitTorrent peer to peer systems on the internet, it may be slow if your ISP throttles i.e. slows down BitTorrent traffic. Also, at the moment you can set the expiry time only when using Firefox (in the extension options - Tools, Add-Ons, under Vanish Firefox Plugin choose Options, it's the last option. And currently the expiry is in 8 or 9 hours max generally, so no good for something which you want to remain readable for say a week or a month. Or even a day. But the technically minded, if they control a machine permanently connected to the Net, can increase this period.

I tried it with Thunderbird / Outlook emails too and it worked, at least to convert and then translate back the emails via copy/paste using the online converter.

Whether the self destruct works with Outlook etc I don't know, given the emphasis on the Vanish site on web services, but I'll try it again after the expiry period. I don't see any reason why it wouldn't work in common email clients. UPDATE: that'll larn me to do a quick post. Yes you can copy / paste the converted text into Outlook, Apple Mail etc and according to the team it'll work.

It goes without saying that the person you send Vanish email etc to has to have Vanish installed on their own computer, or use the online Vanish service, in order to read what you wrote. And then do stuff manually.

I can't quite see people doing that, especially with Facebook Wall posts, but you never know..

The biggest usability point to me is that their instructions saying "Use http://vanish.cs.washington.edu/ to read this message" should link direct to the online translator or installation page (with the link to the online converter at the top of that page, not the bottom), in order to encourage people to use it - else many consumers may just not bother, or give up.

Comments / warnings

Remember, it’s only a prototype, so you use it “as is” without warranty, and please report any bugs you find.

And they warn about making sure that draft emails etc haven't been saved.

Also, of course, there may be regulatory "data retention" requirements to preserve certain electronic communications, so if you are obliged by law to keep stuff, I doubt you can get round it just by applying Vanish to your emails etc! (Though if the person who sent you email did that, maybe there's nothing you can do about it? Should you copy / paste the decrypted text and store it elsewhere anyway, if you're required by law to keep your communications? A different issue..)

My point is, if someone you send Vanish text to deliberately copies and pastes the unencrypted version before the expiry date, they'll still have a copy of the text. Vanish only guards against things hanging around forever accidentally, that's all I think it's meant to do; it won't work in the face of deliberate attempts to get round it. And the Vanish team acknowledge that too: but, as I said, that's not the purpose of Vanish. If secrecy / confidentiality is an issue, use encryption with e.g. PGP - ideally combine Vanish with PGP!

On a different matter, it's obviously still a prototype so not as user or non-geek friendly as it could be. See my point above about direct links for users. And maybe instead of using "Encapsulate" and "Decapsulate" for the menu items they could use "Wrap text" and "Read text". <- UPDATE: My bad, I based that comment on the screenshots, the plugin itself is now fine. But automatic conversion of the text on the fly would still be good.

But hopefully that'll come.

More information

See the Vanish overview which has other helpful links; for those interested, see also the full research paper Vanish: Increasing Data Privacy with Self-Destructing Data by Roxana Geambasu, Tadayoshi Kohno, Amit Levy, Henry M. Levy, and the source code.

Tuesday, 21 July 2009

Feed publishers – top 12 best practices






How should a website implement feeds? Below is my wishlist of essential to-dos for any website that provides feeds (reflecting my top 12 feed annoyances but of course), in the form of an open letter to website owners.

In my view these are the minimum best practices that web sites which publish feeds should follow. And here's a tip: how not to implement feeds is to omit any one of these steps! (except no. 12, which in my view is optional unless the site has lots of feeds).

Some guilty parties are named and shamed below. However, choccies & bouquets go to the BBC. Kiss kiss. If in doubt on feeds, the general rule is, see how Auntie did it, and do it that way.

Dear Website Owners

Please, please, please:

  1. Feeds, feeds, give us feeds! Just give us feeds. HTML webpages are soooo 20th century.
  2. Feeds for all periodically changing pages. Provide feeds for all pages on your site which readers may want to check regularly – not just news but also events, publications etc.
    1. Example: Citizens Online offers a feed for news, but not new publications. (And their “What is RSS?” link doesn’t work, which is ironic)
  3. Feeds per topic (and ideally one global feed too, see no. 12). Give us separate feeds for different pages or topics, so users can choose to subscribe to the individual feeds whose subject matter interests them, rather than having to get everything from your site in a single “all in one” feed.
    1. Example of good practices: BBC’s feeds; Out-Law.com’s per topic feeds.
  4. Autodiscovery on all relevant pages. Enable autodiscovery on all pages which have feed equivalents (and point ‘em to the right feed addresses!).
    1. Counter-example: Out-Law.Com (as an example of bad practice for a change) don’t provide auto-discovery code on their news page.
    2. Amazon don’t provide auto-discovery on their feeds page for their news releases.
  5. Autodiscovery on home page. Also provide autodiscovery for your feeds on your site’s home page, not just your individual news or other sub-pages.
    1. Out-Law.Com don’t provide auto-discovery on their main page either. (You can still find their feed address via Google Reader, but that’s due to Google coding cleverness, not auto-discovery on Out-Law’s site.)
  6. Display feed icons / chicklets on your news / blog pages. Include clearly visible feed icons / chicklets on all pages which have feed equivalents. Don’t leave ‘em out (my emphasis): “The canonical use of the feed icon is on a web page containing information (such as blog posts, news articles, and so on) that is also made available via web syndication, with the icon linking to a URL for the web feed.”

    And don’t just have just a text link saying “feed” (like this example, see top left). People are visual animals, we tend to look for nice visible icons.
    1. The UK Information Commissioner’s Office has a press releases page, but the feed URL for press releases isn’t even hinted at on that page – only on another separate page. You even have to search for “RSS” to find the page listing feeds! Easy to find, not.
    2. Newish information law blog Amberhawk have a “Subscribe to this blog's feed” link, but it’s small text & not obvious – and there are no chicklets.
  7. Link your feed icons properly. Feed icons should be linked to the addresses of the correct associated feeds – i.e. to the correct feed URLs. People expect to be able to rightclick feed icons to get your feed address.
    1. Don’t link the icon to another webpage that lists the feed URLs (ahem Google Groups feeds! scroll to bottom of page, feed icon doesn’t link to a feed but a webpage; smacks too to New Scientist and Amazon). Feed icons are meant to link to feeds, not webpages! (my emphasis): “The canonical use of the feed icon is on a web page containing information (such as blog posts, news articles, and so on) that is also made available via web syndication, with the icon linking to a URL for the web feed.”
    2. Don’t link chicklets to feed URLs that don’t actually work! (smacks to the European Commission – the RSS dropdown links only work in Internet Explorer, no other browser; and trying to choose a language (French etc) from the very shy Javascript dropdown list is almost impossible unless you’re very dextrous of mouse, so there’s an accessibility no no there. And the XML link on that page makes e.g. Google Reader and Bloglines choke.)
  8. Title your feed. Give proper descriptive titles for feeds (and for individual items). “Site feed” just doesn’t cut it (whose??), “(untitled)” is just as bad. “X’s feed” (for a site named X) is slightly better, “X news”, “X publications on topic Y”, “X events”, “X what’s new” better still.
  9. Give us full feeds. Provide full feeds, or at least the option of full feeds, and not just headlines or excerpts. (The European Commission’s press releases feed is next to useless especially for the Midday Express.)
    1. The only thing I don’t like about the BBC is that they don’t provide full feeds, only 1 liners, on their news sites. (They have full feeds on their blogs, at least.)
    2. Too many sites only provide short feeds. I guess they want readers to click through to their sites in order to view their advertising. But now there’s services like AdSense for Feeds, why not put out full feeds with ads? And the ad point is no excuse for public service sites like the BBC.
  10. No false “new” feeds. Produce your feeds properly so that they don’t always get marked as “new” whenever something irrelevant changes on your source page, and pop up again on your users’ feed readers. It wastes their time having to check feeds which supposedly have new content but don’t.
  11. Help de-duplicate items. If you put out several feeds which may sometimes contain the same new item because it’s relevant to more than one main topic, don’t forget people might subscribe to all those feeds. So help enable their news readers to de-duplicate items by encoding your items appropriately. Otherwise, having the same item pop up in different feeds is a time-waster for your users / customers. (I know not all feed readers can de-duplicate, but at least for those that incorporate the facility, help them do it!)
  12. (Optional) Feed directory and global feed. [EDIT: sorry, correcting bad editing after copy/pasting!] If you offer a ton of feeds, consider offering a single “directory” page listing all available feeds, as an extra service to users, and a single global feed that combines all your feeds, especially if you’ve done no. 3 above - but do that in addition to (not instead of) the above.

    Why? Because it’s very helpful to have the option of an “all in one” feed for users who want everything from your site but don’t want to have to subscribe one by one to every single individual feed you offer, and it also means that the user who subscribes to the single all in one feed can avoid getting duplicate items (see 11).

    If you decide to provide a directory page listing your site’s feeds:
    1. make the directory page easy to find, at a minimum from your home page and pages that have associated feeds, or on a search for “feeds” or “RSS” on your site
    2. don’t attach the directory page’s URL to the standard feed icon! Yes I know I’m repeating 7.1, but this bugs me
    3. list all your site’s available feeds on the directory page, not just a random selection (e.g. the IPPR feeds page doesn’t list their podcast feed)
    4. make sure the feed addresses listed on the directory page are correct and actually work.

(For those new to feeds see my detailed howto guidance / tutorial introduction on the basics of publishing feeds, primarily aimed at bloggers, and my very basic intro for new feed users.)

Saturday, 18 July 2009

Identity theft: is your personal data for sale on the internet? Lucid Intelligence, Garlik etc






This post has turned into a short overview (rather than review) of a couple of digital identity monitoring sites, after the Times reported that:

  • Over 4 million Britons’ identities are for sale on the Net.
  • Some 1/4 million British bank & credit card accounts have been hacked into.

It seems most of the data has been obtained by phishing - tricking people into emailing their user / password details by pretending to be the bank etc, and corporate / organisational emails and passwords have also been compromised. (See also this write up of a fascinating overview of various kinds of cybercrime and how the criminals do it). Bad practices by banks etc don't help. (Talking of bad practices T-Mobile UK actually ask you to email them your customer services password, unencrypted of course, when you email them for help!)

What triggered the article was info provided by a British company Lucid Intelligence which has built up a database of personal data traded over the Web - put together over the last 4 years by retired senior Metropolitan Fraud Squad police officer Colin Holder.

Have your personal details been stolen? Lucid Intelligence database

The Times article says Mr Holder intends to “offset the cost [of building the database] by charging members of the public for access to his database to check whether their data security has been breached”

But the Lucid Intelligence website itself says the searching is free, so the article isn’t quite accurate there. Searches cost nothing, but further information will be charged for. Their FAQ clarifies:

“Searches of the Lucid database will be free. If there is a hit for the information that you search for, we will show you a limited summary of what is held. A key part of that information will be an evaluation of the risk that that data poses to you. If you wish to see the full report with all of the data that we found, a £10 administration fee will be levied. This creates a search profile that you can come back to for a year from the date you request the full report. As we add data to the database, existing search profiles will be updated with new, matching data.”

Note that if you want to try searching their database you have to give them your full name and address plus either your email address or full postal address with postcode. You don't have to do both.

On the usability front, later searches offer a choice of Address or Email search, making it clear you don't have to give both addresses - but the initial search doesn't which makes people think you have to enter both postal and email addresses. They ought to provide the dropdown on the initial search too.

Also, while they do say on the search page that you may have to try variations on your address e.g. abbreviations, they don't explain whether you ought to try variations on your name or not (e.g. initial or full word, middle names etc).

You can search anyone's details that you know, not just your own - they don't require any kind of identity verification before you search. Though they do before you actually sign up.

Without signing up with them you could still do the usual Data Protection Act "subject access request" thing to ask for any info they have about you, but that will cost you a "minimal charge to cover Administration charges" - their FAQs don't say how much but as I recall it's £10 max though it can be more in some cases (according to Google's cache of the ICO webpage - the site itself seems to be down.)

Garlik

Now this sort of service isn’t new.

The strangely named Garlik have for some time been selling a paid monitoring "Data Patrol" service - for businesses as well as individuals - that keeps an eye out for subscribers’ details being sold on the internet.

I think Lucid have been much cleverer in the way they've gone about marketing their services - not only because of the free publicity they've got through the Times and others through the "Scare 'em" approach that plays on fears about the security of personal data, but also because they let you do the initial search free of charge.

Garlik don't even offer one initial free search, or a cheap short trial, so personally I've never tested their service despite the illustrious history of the people behind them (see also my summary of Garlik CEO Tom Ilube’s comments in a RSA discussion Is Privacy Dead?). As with "experience goods" generally, it's simple diginomics - no free sample has been offered of a service whose value to me is uncertain in advance of my trying it, so I'm not willing to fork out £45 for a year's subscription. I'd be interested to know what people who've tried them think.

Lucid's name is a lot more "You can trust me to help you" than "Garlik", too.

I don’t know how profitable Garlik are in terms of their core services – but I notice that they’ve recently announced the open sourcing of their RDF semantic web platform 4store, developed in-house to underpin their identity protection and fraud prevention services, and will offer support and consultancy services to organisations wanting to use it.

It will be interesting to see how these and other identity monitoring and identity protection services develop, and their rate of take up as people become more nervous about identity theft.

(Times article pointed out by Open Rights Group newsblog).

Gmail filters – still can’t control order, shouldn’t be out of beta






Although Google’s Gmail (Google Mail in UK & Germany) is finally out of beta, I don’t think it should be because one major issue still isn’t fixed: controlling the order of filters (more on Gmail labels and filters, and Gmail labels, filters and aliases.)

To me, “out of beta” means “good enough”.

In the case of something like Gmail, especially for enterprise use as part of Google Apps, it’s not “good enough” unless it’s at least as good as Microsoft’s Outlook email / calendar etc software.

And, in the case of filters, I must point out that Gmail filters still just aren’t as good as Outlook rules.

I know people who’ve set up quite sophisticated filters (rules) in Outlook to file their received emails into folders automatically, mark them, filter out unwanted e-mails etc. Power users, you might call them. But Gmail has to cater for the power users too – busy people rely on things like this to help them organise their work.

Yet, you can’t set up filters properly in Gmail – in particular, you can’t easily control the order in which filters are applied.

Let’s take a concrete common example.

My list of filters includes these:

Matches: (from:xerxes@example.com OR from:Xerxes) OR ("Xerxes Yapper " OR "Xerxes Yapper writes")
Do this: Skip Inbox

Matches: subject:(MailingListName)
Do this: Skip Inbox, Apply label "MailingListName"

The first filter tries to pick out emails from Xerxes Yapper, whose email address is xerxes@example.com, and also emails which reply to, or include replies to, Xerxes Yapper (e.g. whose contents include “Xerxes Yapper writes”).

It then asks Gmail to not show me those emails, but instead to skip the Inbox (I could also ask Gmail to Delete those emails, but until I get it all working properly I’m not going to).

The second filter tries to pick out all emails for a particular mailing list with name MailingListName, and file them by skipping Inbox and applying the label to them.

Now the point is to filter out any emails sent to that mailing list which are from or reply to Xerxes Yapper, then label and file the rest appropriately. Because I don’t want to see any emails to do with Yapper.

Problem is, the folder (label) for that mailing list still has emails from Xerxes Yapper in it.

The test searches on the filters work fine, so I’m sure that Gmail is, behind the scenes, applying the second filter first (so that all emails on that list, including those from Yapper, get filed in the folder), then trying to apply the first filter - but as the emails have already been filed, nothing happens there.

Received wisdom is that Gmail filters are applied in the order in which they appear on your filters page. Well I’ve spent too much time continually deleting and recreating both filters (or editing them) in order to try to get the order of application right – get rid of Yapper emails first, then file the rest. But it just won’t do it. They are displayed in the “right” order on my Gmail settings page, but they’re still not applied in the right order.

Why won’t Google let us drag filters up and down in order to control precisely the order in which they’re applied?

That’s my biggest beef with Gmail right now. It’s driving me mad and I’m at my wit’s end.

If anyone knows what to do, or if it’s going wrong because I’m doing something wrong, please tell me! (Yes, normally I try to be helpful and give solutions, but for a change I’m posting about a problem where I just can’t find a solution. I’m about to leave the mailing list in question, in desperation. Someone help!)

Thursday, 16 July 2009

Twitter info: was TechCrunch’s publication legal?






The recent security breach involving popular microblogging site Twitter has been very well publicised.

The hacker, “Hacker Croll”, emailed stolen information relating to Twitter / Twitter personnel to famous tech blog TechCrunch – which published some of it.

Does that publication lay TechCrunch open to being sued by Twitter or anyone else?

There’s a good analysis of the US legal issues by Sam Bayard at Citizen Media Law Project which, after considering:

  1. trade secret misappropriation under California law (publishing confidential company documents)
  2. invasion of privacy for the publication of private facts (publishing sensitive or embarrassing personal information).
  3. criminal law against receipt of stolen property under Section 496 of the California Penal Code,

concludes that, on the facts here at least, in the light of the US First Amendment protecting free speech, when publishing anything that would be classed as a "matter of public concern” TechCrunch are probably in the clear for the publication.

But that doesn’t mean other documents or information stolen can be safely published without liability; and it’s not certain whether there could be criminal liability for receipt (as opposed to publication) of stolen property.

Wednesday, 15 July 2009

Firefox users: critical security vulnerability






If you use the Firefox browser there's a critical Javascript vulnerability so until Mozilla manage to fix it you ought to take the steps mentioned in this post in order to protect your computer.

For those new to this, to set the value stated to "false" after following the instructions mentioned, rightclick on the "javascript.options.jit.content" line and select Toggle from the menu. (And again to change it back when it's sorted).

Tuesday, 14 July 2009

Using feeds: feed subscription problems? troubleshooting (2)






This post follows on from my basic introductory guide / primer on feeds, for the beginner who wants to start using news feeds aka RSS feeds.

Here I cover how to troubleshoot the all too frequent issue that arises when your feed reader or aggregator can’t seem to find a feed when you point it to a website or web page to try to subscribe to a feed.

How can I subscribe to page X on site Y when my feed reader can’t find a feed?

This is a frustrating problem for people new to using feeds (and indeed people not new to feeds!). There are workarounds to solve it.

The solution depends on the reason why trying to subscribe didn’t work when you gave your reader the website address. (If you don’t know the first thing about feeds, never fear, just read my short feeds primer.)

Here are suggested troubleshooting steps first, with reasons why later (for the curious) – if you’d like to know what autodiscovery etc means, just see the last part of this post:

  1. Try giving your feed reader another web address – not the home page of the site, but the exact web address of its news page or events page, whatever webpage it is that you’re trying to subscribe to.
  2. If that still doesn’t work, either (a) there is a feed, but there’s no autodiscovery code for the feed on the equivalent webpage (wag finger at the site owner, naughty bad, there’s really no excuse for not adding autodiscovery); or (b) there’s no feed for that page at all (slap on wrist for site owner, even badder).
  3. Let’s consider (a) first. This means you’ll have to manually look for the feed address and add it to your reader:
    1. Is there a feed icon? Go to the webpage you want to subscribe to. Hunt for a feed icon (called a chicklet) that looks like this, in varying sizes: or XML or . Rightclick the icon, save the link, and paste the linked address into your feed reader's "add" facility. It could be a text link, not an icon or image, it doesn’t matter; you just want to save that address and use it.
      1. Pitfall / trap. If that still doesn’t work, the site may have given you the wrong link. Feed icons are meant to link to the relevant feed addresses. But I’ve seen sites which link the chicklet to a webpage that lists the site’s feed addresses!
      2. So try leftclicking on the link instead, and if it goes to a webpage, you know what they’ve done. Take the feed address you want from that page – hopefully they’ve provided a feed for the page you need.
    2. No feed icons or feed links? Some sites offer feeds, but don’t bother to include feed icons on the pages that have feeds. Boo to them, spank spank! Those sites lazily have just one webpage (or more) where they list the feeds available for their site. So, go find that page. Search the website for “feed”, “newsfeed” or “RSS”. If you can find the page and it has the feed address you need, then you know what to do.
    3. No feed at all? OK, if none of that worked, the site owner probably hasn’t bothered to supply a feed for the page you want. Give them a good kick, then go read my separate post on how to “subscribe to” (track changes on) a webpage that has no feed – which is coming up in future (see, who sez I can’t do cliffhangers?)

Why can’t I subscribe to the news page on site X? Why won’t it work?

For readers who want to know why trying to subscribe to a feed sometimes doesn’t work.

  1. A feed is basically a copy of the content on the site or blog, converted into a special format suitable for feed readers. It even has its own web address (URL) – separate from the webpage’s address.
  2. Remember this: feed address, web address, not the same. Just as a site can have different webpages with different addresses, its various feeds will have different addresses too.
  3. So you can only subscribe to a feed for a webpage if the web site concerned:
    1. provides feeds in the first place (i.e. converts their webpage content into feed format – this can be done automatically on blogs, but sadly not on many basic websites), AND
    2. provides a feed for the page you want.
  4. Many sites don’t produce feeds at all; even sites that provide feeds don’t bother to create a feed for every single webpage on the site. They don’t need a feed for every web page, granted - but they certainly ought to provide feeds for all pages that contain periodically updated info which their visitors or users might be interested in knowing about. Like news or events.
  5. Also, feed readers need to be given the correct address of the feed you want to subscribe to (else they’ll cry or choke, complain and say “Oi, there’s no feed there!”). For this, they depend on:
    1. you, to manually enter the exact feed address (if you know it) when you add a feed, or
    2. (a) you, to give the reader the website’s address, and then (b) the website, to then tell the reader (behind the scenes) what the feed address is. (Remember, the web address is not the same as the feed address).
  6. How the latter works is, the reader goes to the web address you’ve given it, then checks special hidden code on that webpage to get the feed address (this is known as “feed autodiscovery” because the reader discovers the feed address automatically from being given the website address).
  7. However, as you’ve guessed, it’s up to the site owner to include this special code on the webpage. If they don’t, the po’ lil reader can’t do auto-discovery, try as it may.
  8. Also note that the code is attached to the web page, not the site as a whole - a site author might put autodiscovery code on one webpage but not another, or put different codes on different pages (as they would have different associated feeds – e.g. one feed for news, one for publications, etc). Or, of course, not put any at all..
  9. As for wrong links on feed icons - there are conventions / guidelines on using feed icons. The conventions exist for a reason. I quote, my emphasis: “The canonical use of the feed icon is on a web page containing information (such as blog posts, news articles, and so on) that is also made available via web syndication, with the icon linking to a URL for the web feed.” Sites which don’t follow the conventions make life much harder, unnecessarily, for their users – including their actual and potential customers. I have no idea why they don’t sort out their feeds and related webpages properly, it’s really not difficult. But there we go. I hope these troubleshooting tricks and tips are helpful.

Monday, 13 July 2009

Publish your Feedburner feed in realtime






If you have a Feedburner feed for your blog or site, you can now elect to have your newsfeed published as a real time stream using what’s called the PubSubHubbub protocol.

(Normally, updates to feeds are only sent out / fetched periodically, not as and when it happens.)

To do this, just activate PingShot – see this Google post for how to turn on PingShot.

I don’t mind a time gap myself because sometimes, sod’s law, immediately after I publish a post I spot a typo I’d missed before, so I like having the chance to fix it quickly before it goes out.

For those new to news feeds, see:

Those interested may also check out my detailed introduction to feeds.

Using feeds: introduction / guide for absolute beginners 1






This is a primer on how to use feeds / newsfeeds. I’ve done detailed posts on feeds before; this is just a brief intro for the intelligent non-techie, based on helping a friend get started using feeds, as there seems to be more non-geek interest in it now. Feeds finally going mainstream?

This first post (of a series) is a basic overview of feeds. Later posts will be more tutorial like, and will cover step by step how to use and subscribe to feeds (using the free Google Reader), including troubleshooting tips - all from the viewpoint of a feed user (rather than feed publisher, which was my previous main focus).

What are feeds or RSS feeds, what use are they?

  1. Instead of having to go round manually checking your fave news websites or blogs regularly for added or updated content, just fetch their content to you in one place, and check that. Examples:
    1. News or press releases
    2. Publications – papers or reports issued
    3. Forthcoming events
    4. What’s New page (combining all the above, perhaps)
    5. Blog posts.

  2. Feeds are much quicker to use, not just because you don’t have to visit multiple websites anymore, but because (at least on Google Reader) you can skim through all the latest “headlines” at once, on one page (rather than opening each folder individually). Then, you just open the ones you’re interested in reading further. Potentially feeds are a real time saver.

    Analogy: imagine your email has folders for different types of emails, and all incoming emails get “filed” into the appropriate folders automatically on arrival. But one “folder” called “All new mail” has all recent email for all folders; you just look at that one folder to skim the subject lines of all new emails, without having to file any emails manually. You can still look at folders one by one if you like, or search across all folders; the “All new mail” folder (“All items” in Google Reader) is just a convenient way to see what’s new fast, at a glance.

  3. You fetch (subscribe to) the content you want via feeds / newsfeeds / RSS feeds / Atom feeds (people use those words interchangeably to stand for the same thing).

  4. Some feeds are full (a complete copy of the substantive content on the equivalent webpage), some are partial (only an excerpt, and you have to click through to the source website if you want to read the full item). Most feed users prefer sites to offer full feeds, as it’s more convenient for the user. (On ACE I offer the option of full feeds.)

  5. Software that regularly fetches the content for you and aggregates it all in one place is called a feed reader / news reader / aggregator. The reader can be software on your computer, or it can be on the Web (where you can login to it from any computer).

  6. You can also use feeds not just to track new publications, but also to get alerts or updates on topics you’re interested in, right in your feed reader - e.g. mentions of a particular phrase in Google News or on websites or blog posts. Including from sites you don’t subscribe to.

    Those are really feeds for the results of periodic searches. (To set one up - just do the search, and subscribe to the search results.)

How do I subscribe to feeds?

  1. Sign up for a feed reader, or download and install one (more info on feed readers). Most are free.
  2. Add the feeds you want to your reader (how to subscribe to feeds).

I’ll be doing a separate post later on the basics of exactly how to set up and use feeds on Google Reader, ie a step by step tutorial – look out for that if you want to learn more.

But trying to subscribe for a feed doesn’t work!

Too many sites are awful in terms of their support for feed and feed use. Even sites that provide feeds don’t always (and they should) provide them in such a way that feed readers can “get” the feeds automatically from knowing the website’s main web address (URL).

This is a source of frustration for many new users of feeds. I’ll cover how to troubleshoot and work around feed subscription problems in a future post. (Update: link to that post added.)

What if the site or page I want to subscribe to doesn’t provide a feed?

There are ways to get updates of changes to webpages with no associated feeds.

Again, I’ll be covering a workaround in a future post.

But I want more info now!!

The curious or keen may if they wish read my detailed introduction to feeds.

Sunday, 12 July 2009

Powerpoint slides: how to print without dark background






Here's how to print out Powerpoint slides without dark background which is hard to read on paper.

The problem is that some Powerpoint slides with dark background colour or patterns don’t print out very well (e.g. text is hard to read against the background). They waste printer ink too. Who wants or needs that when you’re printing a hard copy for the text and diagrams?

Conversely, sometimes the text is too light against a light background but you want to print it out with darker, more legible text.

So here's a small tip: there’s a little section in the Print options which lets you print Microsoft Office Powerpoint slides without all the guff.

After you choose Print for the slides, but before you hit OK to print them, check out the “Print what” section (bottom left in PowerPoint 2003 at least).

Under the “Color/grayscale” subheading (outlined in red above), make sure you select “Pure Black and White” before you hit OK - and it should now print without the extra background or text that’s virtually unreadable because it’s the same colour as the background!

This can be a real time and frustration saver, but it only works for slides in Powerpoint, not slides in PDF. Shame.

Friday, 10 July 2009

Google's tips: avoid money / financial scams






This Google blog post on how to steer clear of money scams seems very sensible, and is certainly timely.

There are too many spam emails and other fraudulent schemes trying to do people out of their cash over the internet, but too many people do get tricked by online or web "offers" and the like.

See also my write up and a fascinating video of a talk by Cambridge academic Dr Richard Clayton about how some of these criminals ply their trade: evil ways to make money on the internet (phishing, pharmaceuticals, cheap electronic gadgets, "high yield" investments / pyramid schemes, and, yes, fodder for Google Adsense ads).

Monday, 6 July 2009

Internet & collaboration - “Us Now” film – free tickets for Parliament or watch on TV / online






The documentary film “Us Nowis screening in The Grand Committee Room of the UK Houses of Parliament on the evening of Wednesday 8 July 2009 at 6.30 pm - in association with More4 and Reboot Britain.

The “Us Now” blog describes the movie as

A documentary film project about the power of mass collaboration, government and the internet.

Free tickets are still available to see the film live, then hear a panel discussion on the idea put forward in the film that:

“Representative democracy is based on the idea that people are thick."

The illustrious group of panelists: Lord David Puttnam, Douglas Carswell MP, Ivo Gormley (director of the film), Rupa Huq, Chair: Catherine Fieschi (director of the British Council).

If like me you can’t make it, you can still watch Us Now:

For more on the film see:

Saturday, 4 July 2009

Brain music – music from brain scans






A very interesting New Scientist article (video above), about researcher Dan Lloyd’s work in converting functional MRI scans of brains to musical sounds, led me to find the further videos below (see all of Lloyd’s YouTube videos).

It’s fascinating that the brain scans of people with schizophrenia sound distinctly different from scans of mentally healthy people.

More cynically, I can foresee the idle rich paying to have FMRI scans of their own brains made and converted to video / audio, for the edification of themselves or their family / friends. Business opportunity there…


Thursday, 2 July 2009

Science & the media: Guardian editor & top epidemiologist discuss + Q&A






How do science and the media interact, what is the relationship between scientists and journalists, what’s the role of the media, the future of the news business and science news reporting?

The video of this very interesting discussion / Q&A on 3 June 2009 with Alan Rusbridger, editor of The Guardian, and Sir Roy Anderson, top epidemiologist and Rector of Imperial College London, is now available on a general page of online videos of Imperial public lectures; this particular video is available by streaming (best, probably), or as a downloadable M4V file (198 MB).

Below are some selected random highlights. Not verbatim, not 100% in chronological order, from notes only so not necessarily 100% accurate! - for the complete details please watch the video.

Sir Roy Anderson

There should be compulsory communications skills training for undergrad science students. A relationship with the media is not optional.

You should be able to explain your field in words of 1 syllable.

Scientists need to understand the factors dictating pressures on journalists, who are competing to get their article into journals, TV programmes etc, and what journalists need from scientists.

Attitudes to media are changing now with the rise of the Web, it’s not just TV, radio, print; something could get onto the BBC site or Twitter etc if not broadsheets, Today Programme etc.

Scientists should get to know journalists well, it can be very beneficial e.g. off the record discussions, ultimately the relationship is good for both sides.

The BBC site is the best source of quantitative information about swine flu!

It’s a delicate balance - being accurate and clear, and not playing to controversy.

Alan Rusbridger

Henry Porter nagged for years before civil liberties got on the radar.

The role of the media is as an interpretive layer between people who do things and people who may be interested in understanding them – to analyse, comment, explain the complexities and allow the widest possible debate. But it’s difficult to do that with complex areas.

The economics of the news business – apart from the BBC, extremely challenged because the internet is destroying the ability to charge for information, and the recession has delivered a triple whammy.

The Guardian’s trust status allows it to lose money but other serious news organisations like the New York Times, Washington Post etc, who see it as their duty to reflect complex subjects, will find it harder.

Technology has changed things; it’s no longer a 1 way process where they [journalists] tell us and there’s no comeback. Just text is not enough, it’s multimedia. The Guardian’s podcast has 100,000 listeners a week.

The Guardian have a series of deep sites, and a staff of 15 just covering science & the environment.

Smarter journalists are inventing new models, realising that the experts are out there – with skills of aggregating and reporting, tapping into people out there. [Example mentioned later in the session – on the Oracle / Sun takeover a technology journalist in the Guardian asked people to help on a chart; they did it in 2 hours and it was as good as the New York Times’ professionally produced one!]

Comment Is Free site – start with 1000 people interested in science, etc, and open it up to them. About 260 comment pieces are published a week with 85,000 contributors ? each month.

The Guardian’s site is just behind the New York Times’ in terms of English language newspaper sites.

The media no longer have the sole right to report / interpret debate.

There needs to be a partnership between old model and new media.

Other highlights

Sir Roy: swine flu will explode here and be a serious economic issue in the autumn, but the media haven’t picked that up. The vaccines won’t be ready.

Watch the money! eg for a Radio 4 discussion on climate change they brought over a US scientist who was paid for by oil companies.

The media have a responsibility. Scientists should help the media but the first person to call the media does not necessarily have the most accurate opinion. Other scientists have a role too.

Journalists can collaborate with scientists to hype things e.g. MMR.

Some editors are more interested in controversy than accuracy.

Alan Rusbridger: Libel is being used to close down science reporting. [The Simon Singh / chiropractic case.]

Audience member: The idea that everything has to be covered somehow is not healthy. Should help readers understand that science is a process – but there’s no sense of that in the way that science is reported.

Sir Roy: we still hugely rely on the media to distil information we don’t know about.

Alan Rusbridger: Charging won’t work as people are used to “free”. Advertising won’t work in a recession. Maybe there are too many newspapers. Local newspapers will start dying.

We may get to the point where for the first time since the Enlightenment we have to live without verifiable sources of news, and people won’t realise what they’ve lost until it’s gone.

Maybe a membership subscription model? Like national public radio [?] where people value information from one organisation enough to subscribe. The Times are considering a subscription based popular science product competing with New Scientist etc and also with New York Times science pages subscription.

Reporting conflicting versions? e.g. food / health news. Good science journalists will try to find opposing views too. Quality journalists will look into the background. But tabloids…