Month: March 2003

A Close Encounter with a Paypal scam

When I checked my inbox this afternoon, I got a mail from info@paypal.com telling me that my account has been deactivated.  To reactivate it, I must enter bank account and credit card info.  It looked really legit with nothing suspicious.  I deleted it without looking at it further because I haven't used Paypal in the past and don't plan to in the future.  Ten minutes later, I run across this article on my Radio News Aggregator.

Paypal customers target of apparent scam [InfoWorld: Top News]

Would I have examined the message's more closely before filling it out?  I usually do when I across something suspicious, but this one was not.  A close one.

Mucho Tags

When Is it OK To Invent New Tags?. Tantek Çelik, smart Microsoft browser guy, is blogging from the big W3C meeting now going on in Boston. Among other things, he's mad because some W3C specifications are written not in HTML but in a completely different XML language called xmlspec, and that language has some tags that are a lot like HTML tags, so why don't we just use HTML tags? I'll address some of the historical background and specifics, but Tantek is pointing at a real important issue in the world of XML: when do you invent your own language, and when do you re-use someone else's? Warning: long, and loaded with markup design theory and obscure standards history.… [ongoing]

Tim Bray, an old XML-DEV collegue and a major living landmark in XML history, writes about inventing new tags.  I found it interesting because I am hacking together something that will allow anyone to invent new HTML tags with a few lines of Python on the client-side.  You want a <laugh> tag?  You got it.

Tracking Hot Topics

In blogspace, hot topics come up daily and many bloggers simultaneously post on the topic, but I find it pretty difficult to find all the posts nor organize the discussion thread weaving across blogspace as discussion progresses.  Services like Daypop and Blogdex doesn't really help.

 

DHTML DOM Weirdness

I was playing with some Python code that monitor and change currently displayed web page in IE using DHTML DOM API and ran into some weird behavior.  Specifically, it won't let me insert child elements into an element without a parent.  Here is what my code looks like:

itemNode = doc.createElement('div')
textNode = doc.createTextNode(item['description'])
itemNode.appendChild(textNode)

This fails because itemNode is parentless.  To make it work, I had to insert itemNode into either the document or a document fragment like this:

itemFrag = doc.createDocumentFragment()
itemNode = doc.createElement('div')
itemFrag.appendChild(itemNode)
textNode = doc.createTextNode(item['description'])
itemNode.appendChild(textNode)

This is clearly weird behavior, particularly since I participated in the design of W3C DOM API Level 1 and 2.  I just don't recall this sort of behavior being brought up for discussion while the DOM specs were being written.  If it did, I would have demanded the API be changed to make this assumption explicit like adding parentNode parameter to DOMImplementation.createXXX() methods.  Did I forget something or is this another case of Microsoft's inventive interpretation of specs?

FYI: Python code above is part of code used to display RSS feeds on IE.  Its working well now.

NY Times on OhMyNews.com

NY Times: Online News Shakes Up Korean Politics. "Only 20 percent of the paper each day is written by staff journalists. So far, a computer check shows, there have been more than 10,000 other bylines." [via Scripting News]

<

p dir=”ltr”>In case someone missed it, here is my own post about OhMyNews.com written in February.  Its a significant example of how citizens-as-journalists can not only work but bring about change.  I am not going to say that all the changes will be positive, but changes nonetheless.

Using WiFi Worldmap as location service

Location-based applications are new and exciting, but without a GPS device or an address, its difficult to figure out the location.  Getting location from IP address is not reliable.  For example, one IP-to-Address service reports that I am located in New Jersey although I am sitting at home located in the middle of SF peninsula.  Within cellular networks, location can be found by triangulation but current cellular network throughput is a severe constraint for many location-based applications.

So I have been thinking that WiFi can be used to get approximate location (within ~300 feet).  I know that there are new WiFi gears coming out that will extend the range to 1.2 miles, but it doesn't hurt to muse in case it leads to something interesting.  With such a service, a WiFi station can provide the location information to the user as well as the party at the other end.  One immediate application is stolen laptop retrieval.  What else?  Food for more thought.

[As I was writing this post, I searched google for information on destructive range of bombs because I was curious about how big a bomb is needed to ensure kill within 300 feet.  I hope my curiosity doesn't put me on Home Security Department's radar. <g>]

Python: Boa Constructor

Programming Python can be extremely frustrating.  Docs are almost always incomplete and overly brief.  Finding stuff is tedious, forcing me to grep over all the modules.  Pythonwin IDE feels less than half finished.  Urgh.  Great deal of my frustrations were erased by Boa Constructor.  While Boa is still in development, its better than Pythonwin by a mile already.  Just install the 0.2 version and then pour the CVS version on top to fix at least one minor but irritating bug that prevents Boa from coming up on some machines.  Enjoy.

Downside of being a Pied Piper

As a creative person with a big mouth, I often myself being a Pied Piper.  Its easy enough.  Start with a new (as in New & Improved) captivating viral idea and add liberal amount of charisma (I have been accused of being charismatic when I am mad enough to light up the fire in my eyes).  So one morning you wake up and realize that you got a horde of lemmings on your tail.  Now what?  You can't quit because you are the leader.  You can't stop because a movement requires you to move, preferrably forward.

I think this is what is happening with Joi Ito's Emergent Democracy.  More you talk to people and share your thoughts, more entangled you get.  If you are an intellect trained to see all sides of an issue, its a torture like an unbeliever forced to be the head priest.  Like Tim Oren, I found Joi's thoughts naive.  Allow me to skip the details for now to avoid being an Anti-Pied Piper, a position just as worse as Pied Piper.

User-Unfriendly Security

In today's heightened awareness of online risks and vulnerabilities, software engineers are increasingly shifting burden to the users, bombarding them with confirmation dialogs that overwhelms users with unwanted details and desensitizing them into pressing the OK button without reading the dialog message.

Number, complexity, and ambiguity of regional regularity obligations also encourage this trend.  Add to this, increasing demand for user control over all matters by privacy proponents.  Take for example, P3P initiative that, although well intended and widely implemented, provides no tangible benefits no comprehension to average users.  Result is secure software that is difficult and bewildering to use, manage, and support.

Typical engineering solution to this problem is to add "Do not show" checkbox on the dialog.  Unfortunately, most users I have met are either ignorant of the "Do not show" checkbox or abuse it, turning off every confirmation dialogs they run into.  So this solution is not only useless, but also make software difficult and tedious to use.  There are other solutions that can do better.  I'll describe one in another post.