January 2005 Entries
As if to punctuate my post entitled Image Based CAPTCHA is Fast Losing it’s Appeal, Casey outlines his .NET code used to beat the CAPTCHA employed by many blogs using a Neural Network approach.
This is a beautiful attack on CAPTCHA (as it is currently often implemented) and only shows that there is no "ONE" solution to rule them all. The attacks against rel="nofollow" as ineffective against spam now apply to CAPTCHA. Blocking automated spam in all its forms will be a continuous iterated process encapsulating multiple combined defenses (such as rel="nofollow").
And to the haters that are pissed that Casey published this, get over yourself. You need to realize that his post shows that CAPTCHA (as it is currently implemented) is a wall of sand. If it was this easy for him to beat CAPTCHA, a black hat out there probably already has a similar solution. Ignorance is no substitute for security. Now you know it can be beat quite easily, go fix it and quit whining.
Thanks to Scott Reynolds for pointing out Casey's approach.
Received this comment on my "Blogging Is Pure Vanity" Post.
I've always thought blogging was the product of excessive self-indulgence. When one of my particularly vain coworkers started a particularly insipid blog, it was time to strike back. So I started blogging the news of his life. Then I told everyone else at work about it except him. He still doesn't know about it and we've been laughing at him for a week now.
Now that's funny. I've been searching, but I haven't found anyone blogging about my life due to my particularly insipid blog.
Every Friday the company buys lunch. Today we all received an email with the list of choices from a Thai restaurant. I replied with "Orange Chicken". Soon afterwards one of my coworkers thanks me for letting him know I'm having Orange Chicken. Huh?
Then I get this email from another coworker:
You know... for a second there I thought we would all be held in suspense while we tried to guess what you were going to have for lunch.
I feel so much better knowing you plan on eating the orange chicken tomorrow; seriously it takes a lot off my mind...
Ahh, I've made the rookie AOLer mistake of hitting "Reply To All". I swear this is my first time.
I responded that
I'm a trend setter and it's my duty to inform the wannabes, losers, and biters of my choices so they have ample opportunity to jump on the bandwagon.
Besides, it's good to let the President of the company know that I'm an up and comer. Orange Chicken is the choice for an individual who deserves a very large raise. I work with a bunch of wise-asses.
UPDATE:It gets worse. After some good natured ribbing, I send out the following to the "everyone" list.
Hi All,
I accidentally hit the “Reply To All” button earlier when indicating my choice for the savory options we have lined up for this Friday. I apologize for spamming you with my choice, which happened to be, and remains, Orange Chicken.
I just wanted to make it clear that the company neither endorses nor supports the choice of Orange Chicken. The company takes no official position on your choice of Thai food other than to pick from the choices given. The choice of Orange Chicken is a personal choice and should not influence you in your own decision relating to fine Thai cuisine.
Therefore, if you should choose to go with Garlic and Pepper Beef, for example, feel free to make such a fine and tasty choice (though I would suggest you consider Orange Chicken as it is quite delicious).
Phil
After hitting "SEND" I notice that there's a few emails in my inbox where another coworker had been sending puzzles to the everyone list and received a reprimand from our HR person, let's call her Bonnie.
This email address sends to everyone in {COMPANY} and should be used ONLY for business purposes. While I appreciate the heart of it is to share fun, addressing it to everyone is extremely inappropriate.
So my "extremely inappropriate" email arrives in everyone's inbox AFTER this one and my coworkers think I'm both hilarious and a dead man for my "response" to Bonnie. I have some 'splaining to do.
Colin has a nice little quiz about enumeration on his blog. Basically he asks, how would you implement a class to enumerate through all the letters of the alphabet. Below is my "cute" response.
using System;
using System.Collections;
public class Alphabet : IEnumerable
{
public IEnumerator GetEnumerator()
{
return "abcdefghijklmnopqrstuvwxyz".GetEnumerator();
}
}
Now if you compile my answer and run it, it seems to answer the question correctly (for an academic quiz), but it's completely wrong for a real world developer. The right answer is "Well, which alphabet or alphabets must I support? Does it need to be localizable based on the current locale?".
Yes my friends, the answer is to gather more requirements. Make sure you really understand the problem domain. This is why software isn't as easy as "well I want it to do this so just do it." This quiz asks what seems to be a very straightforward question. If you as a developer gave me the solution I wrote above, I'd be pretty pissed as a client if I was ready to deploy this to Korea.
Oh yes, this is geeky! Craig Wangdera posted the source code he wrote that lights up physical light bulbs with the status of his build using CruiseControl.NET. For example, the yellow bulb lights up when a build is in progress while a green bulb lights up if the last build was successful. See the full size picture and source here.
Given that I've written much of the documentation for RSS Bandit on the documentation site and have spent a lot of time in the code making a few contributions here and there, I feel a bit sheepish that I didn't know about this particular feature.
After reading this post (which is one of many discussing how to create one click subscription links) from Phil Ringnalda I discovered that a common way to subscribe to an RSS (or ATOM) feed is to merely drag the link into your aggregator.
I hadn't seen that described before so I thought I'd try it out with RSS Bandit and sure enough it works. Sweet! I'll have to add that to the docs.
Found this interesting article via Hassan Voyeau that details the performance penalty when naming your stored procedure with an sp_ prefix in a database other than the master database.
Personally, I hate adding extraneous and unecessary prefixes and suffixes to names. Sometimes they’re useful and necessary, like when programming in Fortran 77. But I hate naming tables with a tbl prefix and stored procs with an sp prefix (I’m forced to at my current position). Sql Enterprise Manager does a nice job of separating tables from stored procedures when they are being displayed. I’m never going to get the fact confused that that square looking thing on my database diagram is a table and not a user defined function.
Anyways, Hassan, how’s the weather in Trinidad?
If you’re a fan of good music (I mean objectively, not subjectively) I plan to recommend a few songs here and there in this blog. Never mind the fact that if you end up purchasing the songs via my site, I get paid. I give you my word, a vow, that I will never lead you musically astray. I may lead you astray in other ways, but not in music.
Having said that, let me introduce you to this new single by The Chemical Brothers.
I’m a big fan of Metropolis on KCRW. If you live in the Los Angeles area and are a fan of good music then you’re probably familiar with this radio show hosted by Jason Bentley. It’s a great place for discovering new music as Jason really does have his finger on the pulse of electronica and world music.
It’s on this show that I first heard the song Galvanize, which contains the catchy hook that is the subject of this post, "My finger is on the button". I purchased it on 
today and am totally digging the violin action mixed in with the funky beats. The image on the left is a deep link into the iTunes music store. If you’re not an iTunes user, you can click on the Amazon.com link.
[Listening to: Galvanize - The Chemical Brothers - Push the Button (6:33)]
Being married to a Japanese woman, I've cultivated a love of tea. Although Koreans have great tea as well, it doesn't figure as highly in the culture as it does for the Japanese.
My favorite tea is a type of Green Tea called Gyokuro. It's hard to describe the taste as it has a lot of character and almost a silky texture that just spreads across the tongue when you drink it.
So to make a long story, the point of this post is to try to earn some green tea from Adagio teas as part of their link rewards program. Yes I can be bought with a cup of tea.
[via Opiniated Geek via Scobleizer].
Today marks the completion of my thirtieth trip around the sun. And it's been a scenic ride. Much love and thanks to my lovely wife for putting together a little shindig for me and a few of our closest friends. Great food and drink were consumed and a good time was had by all.
What will the last two lines print. Will they be the same?
DECLARE @test VARCHAR(2)
DECLARE @first VARCHAR(4)
DECLARE @second< VARCHAR(4)
SELECT @first = ISNULL(@test, 'test')
SELECT @second = COALESCE(@test, 'test')
PRINT @first
PRINT @second
What do you think?
I'm proposing a new attribute. Place rel="willfollowforfood" in your link and I will index it in exchange for food.
I read an article recently that talked about how ticket scalpers have a 10% success rate against TicketMaster's CAPTCHA controls. That might not seem like a very good rate, but when you have an automated process attacking it, 10% is plenty good.
CAPTCHA for the uninitiated stands for Computer Aided Program to Tell Humans and Computers Apart. It's a method or program used to distinguish between a computer and a human.. The most popular type out there is the letter or word warping kind you often see when signing up for a web based email account.
It turns out that character recognition programs are getting better by the second. As cool as these type of controls are, I think a simple text based semantic approach might prove stronger. For example, asking a simple question such as "RGB Stands for Red Green and what color?". If you can't answer that question, I probably don't mind the fact that you're not commenting on my blog. ;)
The one problem with this question approach is that you can't generate these questions automatically. You'd have to create a decently sized database of questions. However, the benefit is that language recognition is still very difficult for a computer. Especially when dealing with mispellings.
What is the nomber after foure?
Waht is the nmuber aeftr fuor?"
You can probably answer that easily. A computer is going to have a much more difficult time.
In any case, rel="nofollow" and CAPTCHA aren't going to be the final solution. At some point, our blog engines will have to learn to tell the difference like a human would. One approach is to enlist the concept of trust. If you've been subscribed to my blog a while or I'm subscribed to yours, I'll let your comments in no problem. Otherwise your comment will have to pass a series of heuristics to get in the door.
Humans, feel free to comment...
UPDATE: It's worth noting that Bayesian Spam Filtering is not a silver bullet. Spammers have gotten smart and are now employing a tactic called Bayesian Filter Poisoning. By including random legitimate words along with their message, they either get their message through, or cause you to teach your filter to regard legitimate words as suspect.
I've seen a particularly tricky approach via email where they used a font in the same color as the background. Check out the following quote. Highlight it with your mouse and see what it says.
This looks does like Spam to the human naked eye. BuyecheapodrugssandtimprovesyourasexOlife. But it doesn't to the computer
One complaint about rel="nofollow" is that you just might want to reward people who post related and constructive links in the comments section of your blog.
My answer to that is to implement reverse comment moderation. As far as I'm concerned, I'd like comments to appear immediately on my site. However, I don't want them getting Google juice. Call me vindictive if you will. I know it won't stop comment spam. But I do think it's a fine complement to other methods that do attempt to stop Spam
Instead, I'd be happy to go in and remove rel="nofollow" for all links within a post. Ideally there'd be a really nice interface for it. A simple checklist of the day or week's comments and I could check them off and post it.
Then again, I don't really care that much. If you really post a comment with something worthwhile, I'll just mention it in my next blog entry sprinkling a tiny bit of Google juice on your link. (And I do mean tiny. I'm part of that long tail Chris Anderson talks about).
A Dr. at Cardiff University has created a scientific formula to prove that January 24th will be the worst day of the year.
The formula for the day of misery reads 1/8W+(D-d) 3/8xTQ MxNA.
Where W is weather, D is debt - minus the money (d) due on January's pay day - and T is the time since Christmas.
Q is the period since the failure to quit a bad habit, M stands for general motivational levels and NA is the need to take action and do something about it.
Well I could have told him that without this fancy formula. January 24 is the day after my 30th birthday. It's all downhill from there. ;)
My neighbor Chris is working for the Army Corps of Engineers on several construction projects in Iraq to help rebuild their infrastructure. While they've enjoyed some success, they also have their fair share of setbacks.
Infrastructure also provides the insurgents with an attractive target. Around Basra, they regularly blow the oil pipelines that run to the port of Umm Qasr. If you stand out at the army base for awhile in the evening, you can usually spot a billowing cloud of smoke in the distance marking the most recent hit.
Read the whole post here.
There's a debate going on about how effective the rel="nofollow" solution really is. Some believe that Google is flattering itself by thinking that the primary motivation for comment spam is Google juice.
I do not believe that rel="nofollow" will stop comment spam as I've stated before (though I've applied it myself). Getting their links out there may be motivation enough. However I think it will have a bigger impact than some people think.
In terms of sheer economies of scale, I don't think comment spam is like regular email spam. Sending an email to millions of users is very easy both technically and costwise. Buy a list and start sending. Comment spamming millions of websites takes a lot more work.
The primary benefit to comment spam was that a sites page rank increased. Think of it this way, if I spam 100 sites, that might increase my exposure a little, say 10,000 people come via those sites. But suppose those 100 sites increases my page rank and now scores of users are finding my site via Google. That's where the big financial impact comes in. Those 100 sites might now bring in 1,000,000 users. (I'm pulling these numbers out of my ass but I'm probably not too far out there).
Removing the Google juice increases the comment spammer's work by a factor of 10 or even 100 to get the same financial impact. This might not stop the comment spammer, but it will hopefully put a damper on their activities in the long run.
Hello y'all. In case you haven't noticed, links in my comments now have a rel="nofollow" attribute attached. That means no more Google juice when you post a list of links in the comments section of my site. So you can stop now. No really. Move along. No point in comment spamming here.
Ok, since you're still here, you've apparently noticed, this hasn't placed a magical barrier around comment spamming. You've forced me to unveil my next weapon against comment spam. When posting a comment, my server will obtain your IP address and location and unleash a legion of angry lonely Ninjas to dispatch anyone found at the address. Not to mention that my server will start streaming Yanni's greatest hits to your browser. If you make me really angry, I'll send Yanni himself. But only in rare occasions as his hourly rate burns a hole in my wallet.
Besides, your comments will be removed from my site expediently. I have a crack team of monkeys in Nigeria who are highly trained to identify and remove comment spam from my site. For one banana a month, comment spam is cleansed from my site. (Sorry to American monkeys for offshoring, but I really couldn't afford the standard five banana rate).
From now on, no person, whether an individual or a body corporate, shall look directly upon my person nor speak of me without my written permission. I was inspired to enact this notice by this tidbit from Raymen Chen.
Maybe they don't want people to find them.
The copyright notice for the web site of Hutchison Whampoa Limited states,
Copyright Hutchison Whampoa Limited. 2003. All rights reserved.
No person, whether an individual or a body corporate, shall create or establish a hyperlink to the HWL Corporate Website by hypertext reference or imaging without the written permission of Hutchison.
I can't create a hyperlink so you'll have to find it yourself.
This isn't an issue of deep linking; they are banning even links to their home page.
[Via The Old New Thing]
I applied a patch to my .Text installation as recommended by Scott Watermasysk in this entry of his blog.
New comments will now have the rel="nofollow" attribute applied, thus preventing Google (and others) from indexing the link and giving the comment spammers a higher page rank.
I found a slight problem with the patch. It works for URLs within the body of the comment but if the user specifies a URL in the URL field, it doesn't modify that URL. Thus you can still comment spam me, but only one URL at a time. I posted a comment in Scott's blog about this.
In any case, I doubt this will stop the comment spam anyways. It may well be good enough for the spammers to continue. Despite the fact that their Google page rankings won't increase as a result, by spamming enough sites, they'll get enough exposure on enough blogs (et all) that enough users will click through. It's the same way with email spam. All it takes is a very small percentage of suckers to bite.
This does take away one of the key motivators to comment spam. I will probably add a CAPTHA tool later after some investigation.
I never fill out these silly surveys and usually make fun of those who do. But I succumbed to peer pressure this time. Apparently I'm a Nerd King God, I don't know whether to be proud or insulted.
All bow down!
Schwimmer makes some good points in his clarification to his decision to ask Bloglines to remove his feed. A few points in particular warrant further discussion.
Creating the free content for advertisements that Bloglines will sell to other trademark law firms. This isn't baseless conjecture - read this discusssion of Bloglines' plans for advertising keyed to the content of blogs. At least with Google's contextual ad program, the blog creator gets some money.
The question I have is how is this different than if say FeedDemon or Newsgator decided to release a free version of their aggregator that included targeted ads. Tyme White claims...
there is a big difference between Bloglines search/preview feature where anyone can view a blogs content and someone adding the feed for private viewing. The argument of desktop readers having ads is completely different - that would be for private viewing only by the user and the ad would NOT be on the feed, it would in the software.
Seems to me it's only a difference in mechanics. Most aggregators contain search features as well. Wouldn't be hard for them to include targeted ads. Not only that, it's still making money off your content. Even a desktop aggregation company could print the following ad...
Find out how our sales team can help you reach you reach new customers with targeted advertisements on ACME Aggregator. Contact sales@acmeaggregator.com for more information.
In my view, there's a big difference in what Bloglines is doing and some website blatantly ripping your content. I can see the problem if Bloglines was a profit motivated legal website and the main content of the site was taken from legal blogs that provide feeds. With Bloglines, the primary usage is for private users to subscribe to feeds. Yes, your content is available via search, but it's the same as with Google. Likewise, don't you want people to find your content, regardless?
Tyme goes on to say...
The bottom line, if money is being made off of a feed it could be deemed commercial use and you should receive permission from the author before redistributing unless the content is considered public domain.
Does that mean Google must ask permission to display your site in search results which might contain ads for your competitors (which was recently ruled completely legal).
Suppose you send copyrighted email to a gmail user? Does it infringe on your copyright that Google can target ads to be displayed alongside your email?
I don't ask these questions to be contrarian, but to really understand the issue. As I see it, yes martin is right. He does have the right to control his content. But true wisdom is knowing when one should excercise a right. As Scoble points out,
...(by the way, how come you guys aren't yelling about Google's caching? Did you see that all your pages are cached over on Google? That breaks with traditional copyright law too, but so far we've been cool with that too. Why? It helps everyone.
My advice to Martin is that yeah, you're right. You have a copyright over your content, but think about the big picture. You've definitely got yourself noticed. Now let Bloglines use your content for fun and profit, become a blogging hero, and watch your own clientele list and profit grow as a result. Everyone can win in this situation. Don't try to force a new technology to fit within the confines of an outdated copyright system that's winded and unable to keep up.
Probably the best thing to come out of all this is a discussion of copyright as it pertains to an entirely new medium. Let's hope the right decisions are made that reflect the cooperative nature of RSS.
I love me some electronic gadgets.
Take today for example, I was in the middle of a fantastic pick-up soccer game under clear blue skies when I received a page on the company Treo (I had it by the goal). A socket server service was down and needed to be restarted (long story, it will get replaced by something yours truly wrote).
A few years ago that probably would have required me muttering a litany of swear words under my breath while driving in to restart the malcontent service. But not this time baby! We live in the digitial wireless mini-this and mini-that age.
I took over as goalie for a bit, busted out the Treo, navigated to our secure administration tool on the web, and restarted that sucker (all while blocking a few deadly shots on goal). Life is good.
Saw this on Scoble's link blog.
http://www.molly.com/2005/01/15/the-accidental-blogger/ | Comments
THE ACCIDENTAL BLOGGER is what I'm going to call what happens when a blogger writes a post that accidentally becomes far more important to their site than ever intended. I certainly never intended that racing frogs and the death test would be among my more popular threads, but there you ...
[Via Scoble]
A while back I blogged about a hilarious Dave Chappelle skit called (and if you tend to read aloud, I recommend reading the next words silently) "The Niggar Family" (and please note that the derogatory N-word is spelled differently lest you flame me miserably).
Unfortunately, the search word that brings the most visitors to my site via Google is "Niggar". Egads! A mispelling of a most offensive epithet is NOT what I want to be associated with. I can only hope that these users are indeed searching for the skit video and aren't a bunch of bad spelling ignorant racists.
As you might guess, the search phrase that brings the most visitors is "Niggar Family". That post has seen 7881 web views according to .Text's reporting. In second place is the phrase "German Car Video" (25,981 web views). You'll just have to watch it to see why.
My most popular post of all time is "Nerds Protest The RNC" (41,635 web views). It's the photo of the sign with the html tag "</bush>.
So like Molly, I've had my share of being an Accidental Blogger. The day I write a technical post (the intent of my blog) that matches those numbers is the day I say to myself that haacked.com has done good (thus exposing my poor grammar skills).
I've just removed Martin Schwimmer from my subscription list. Why? Because he doesn't want his posts reprinted in Bloglines (and, I assume, in sites like my link site).
The real trick here is: if you don't want your full posts reprinted somewhere else, don't put them into RSS. That's one reason most commercial sites don't include full content in their feeds.
I don't mind that Bloglines reprints my content and I don't mind that anyone using an RSS News Aggregator looks at my content without seeing my design or my navigation links or my email address or cell phone number.
If I did care, I'd switch my RSS feeds to only shove out partial content, or I'd delete my RSS feed altogether.
[Via Scobleizer: Microsoft Geek Blogger]
After reading Martin's post and his reasoning for contacting Bloglines, it sounds like much ado over nothing. In my humble opinion, he's making a myopic mistake in action and reasoning.
First of all, if he's going to provide an RSS feed for his blog, his argument against Bloglines is disingenous. His RSS feed is stripped of his contact info and branding as well.
I have a simple solution for him, simply put your contact info at the head or tail of every blog post. Problem solved! You can now take a step forward instead of a step back. If you're trying to get your promotional information out there, why make it harder for others to receive and consume. Especially given the popularity of bloglines. It just seems so short sighted to me. Then again, never underestimate the power of controversy to get you noticed.
Here's an example of how to do a tagline:
This post was brought to you by Haacked, please send money. <--- Sample of a promotional tag line.
I keep waking up at 4:30 AM wide eyes open, too wired to sleep, too tired to think straight. At least I won't be late for basketball this morning.
Hmm, I'll have to try this...
Now erase all but 240 of your songs. (Thanks, Boogah!)
iPodShuffle [Flickr]
[Via Gizmodo]
We have perfect timining. We arrived in Los Angeles this morning to beautiful blue skies. Rumor has it that it's been raining for the past four days or so, but I don't believe it.
It's nice to be home after a wonderful vacation. We picked up Twiggy from the doggy day care and are now fighting the effects of jet lag. I am also struggling with my new addiction, NeverWinter Nights Platinum edition. As if I don't have enough on my plate with RSS Bandit Dev, Contracts, Book Proposal Reviewing, and general reading. Oh yeah, and my day job.
First level:
10,000 tickets at $175
Limit 2 tickets per person
Internet sales
Second level:
5,000 tickets at $200
Limit 2 tickets per person
Internet sales
Third level:
5,000 tickets at $225
Limit 4 tickets per person
Mail order and internet sales
Unlimited ticket at $250
Mail order and internet sales
Buy now to get the best deal.
Go here:http://tickets.burningman.com/
Due to my love for sake, my father-in-law gave this bottle to me as a parting gift.
*hic* I'm ready to shtorm the castle shir *hic*
He also gave me two bottles of "Negori" Sake (not pictured). This is a milky looking sake that contains the live cultures used in the sake making process. I absolutely love it, but I learned that it's more of a commoners drink and not served in many of the fine restaurants.
Now I just need some people to share it with when I get back to LA.
Do you remember that episode of the Simpsons (number 24 to be exact) where Homer takes his family to a Japanese restaurant and orders the blowfish? Yeah, me too.
My father-in-law took us out to a very traditional Japanese dinner as a celebration of TY's (Akumi's brother) impending wedding. Here's a picture of our room and Akumi listening attentively as our server tells her the menu (or something like that. I couldn't understand as it sounded like a bunch of jibberish to me. I think they call it "Nihongo" or "Japanese" to you and me).
And for the main course, I will feed you poison.
The food was outstanding and very delicately prepared. At least for the two microseconds before I clumsily destroyed my dishes with my two chopsticks of death.
Thar's gold in them there soup.
Much to our surprise, we were served Fugu. It's not a typical part of this meal and isn't listed on the menu, but apparently Akumi's dad is such a regular he received a bit of special treatment.
Now back to that Simpsons episode. Homer discovers that he's eaten poison and is going to die. He makes a list Homer's List of Dumb Things I Gotta Do Today Before Dying (the first item on the list is "Make List") and hilarity ensues.
Fugu is an ugly fish that is capable of inflating itself and exposing protective spikes (think Finding Nemo). Those spikes contain tetrodotoxin, a poison that is 1200 times more lethal than cyanide. It only takes a small amount to kill a person and each blowfish contains enough to kill 30 people. It is the one delicacy that is not allowed to be fed to the emperor (and no wonder). Approximately 100 people die from it in Japan yearly, though mostly in outlying areas where fugu is prepared by those who are not trained to prepare it. This is probably less than the number of people who choke and die on mochi rice each year.
Meet the maker of your doom.
But I happily dug in. In the picture above, the plate is covered in Fugu sashimi, the main meat of the fish. At the top left, the white stuff is the skin of the fish (the best part in my opinion) and at the right is something explained to me as the "stuff between the skin and the meat".
Apparently the word "delicacy" in Japanese means "Food that has very little taste. What little taste it has, is too subtle for your western tastebuds". The fugu meat had a very subtle taste and a very slight chewy consistency. We dipped it in a sauce to give it more taste. Later we were served fried fugu (not pictured) and that was very delicous. Cooking it brings out more flavor.
One of my favorite parts of this meal was the expensive bottle of sake we consumed. For only 10,000 yen (around $100), we enjoyed this very smooth and clean concoction with a slight fruity aroma and taste.
Mmmmm Sake
I've become quite a connoiseur of sake, so much so everyone wonders if I'm secretly Japanese myself.
Yesterday, along with Akumi's uncle Tadashi, we visited her grandmother at a rest home. She's a spunky 90 year old woman and gives me great insight into where Akumi gets her rebellious nature from. We took her for a walk and I jumped onto a thin railing. Her reflex wasn't to wave me down for my safety, it was to reach out as if to push me off and cause me to crack my skull. We made sure to push her wheelchair to the edge of the river as if to push her in. We all had a good laugh afterwards.
Katana
Afterwards we walked over to the uncle's house. Akumi refers to him as the "Harley Davidson" uncle as he rides a Harley and is in love with the Harley brand. He was wearing Harley jeans and a Harley cap. When we arrived at his place, he showed us his 200 year old Katana.
The Katana in its case. Tadashi made the stand himself.
It's a beautiful piece of craftsmanship. Every two weeks he cares for it with a strict regimen to ward off rust and keep its beauty. Should he require a sharpening (which probably won't be required) it costs $100 per centimeter to sharpen properly. It's a collector's item worth over $8000 made by some guy named Hattori Hanzo (ok, the Hattori part isn't true).
Tadashi shows us the engraving on the hilt and a matching monograph in a collector's book.
Tadashi explained to us that Samurais went to great lengths to take care of their swords and a good way to get yourself killed back in the day was to carelessly handle or knock down a Samurai's sword. That would invite a fight to the death. Only then did Tadashi let me handle the Katana and I took great care to show it the respect it deserved.
Displaying the ferocity and skill that would have made me a great samurai. Or samurai fodder.
Seppuku
Tadashi has a sense of humor similar to my dad's. He told us that when he's unable to care for himself, he'd prefer to commit seppuku than waste away in a rest home. My dad always tells us that when he can't wipe himself, drive him out the backwoods of Alaska and let him loose for the bears to find him.
When a samurai was dishonored, he would commit Seppuku in order to regain his honor. Today, dishonoring oneself is a sport displayed on reality television.
Sometimes this is referred to as Hara Kiri, though Tadashi tells us that Seppuku is the correct term. Hara Kiri and Seppuku are the same characters in Japanese, but they have two different ways to pronounce them.
The act of seppuku required the samurai to essentially dissect himself with a katana while another Samurai chopped his head off to finish the deed. The sword the other samurai used was specially made for this purpose as just any sword will not do. To test the sword (see, "test first" is not a new thing) they piled dead decapitated bodies one on top of the other, in what must've been a pleasant ritual, and then attempted to cut through as many as they could with one strike of the katana. Afterwards, the katana was carefully engraved to document the number of bodies it cut through. Thus a "three body" sword meant it cut through three bodies.
Tadashi showed us a picture of a sword with an etching of "Three Body Sword" on one side. On the other side it said "After re-engineering, Four Body Sword". I want to know where they got all these bodies for testing. I'd hate to be the QA department for a seppuku katana.
In the next two pictures, Tadashi demonstrates Seppuku.
Step 1, insert the blade here. Be sure to disinfect first.
Step 2, slash across here. Be sure to cut into the major organs. Doesn't that feel nice?
For women who had been shamed, they would often kneel down to commit seppuku and were permitted to lean into the blade, bracing the hilt on the ground if they did not have the strength to cut themselves.
I can't access Google, Gmail, or BlogSpot. Gmail.com (which used to redirect to my Gmail account) now takes me to http://www.gmail.com.org/. However I can get to microsoft.com etc...
No, I haven't become a paranoid privacy freak ready to purchase a cabin in Montana. This is just something that struck me as I opened my browser today. My default home page is http://my.yahoo.com/. Thus when I open my browser, the following information is sent to a Yahoo! server via HTTP (HyperText Transfer Protocol. The rules for sending and receiving data between a browser and website) (note: some data omitted for brevity).
GET / HTTP/1.1
Accept: */*
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 ...
Host: my.yahoo.com
Connection: Keep-Alive
Cookie: B=1note6p0p3843&b=2;...
Notice that the last line is labelled Cookie and there's a bunch of data that comes after it (which I omitted). That data is the infamous cookie data you no doubt have heard about. It probably contains some sort of identifier which Yahoo!'s servers use to look up my personalized information in a database, thus rendering a page just for me using my settings (hence the name my.yahoo.com and not your.yahoo.com).
So far so good, it's really quite benign. But what you don't see in the HTTP request is the TCP/IP data. Simply put, TCP/IP is the underlying protocol used to send and receive HTTP messages across the web. As you know, every computer connected to the internet has an IP address (the IP of TCP/IP) which uniquely identifies that computer. When joining a network, your computer will often have an IP address dynamically assigned to it. Right now, my IP address is 61.125.193.68.
Without getting into the nitty gritty, it's enough to know that blocks of IP addresses are assigned to ISPs in huge blocks. Different blocks also tend to be allocated to various geographic regions. Thus Yahoo! can lookup my IP address in some database and figure out that I'm in Japan. In fact, that's exactly what they did as when I opened my browser, I noticed that the ads were in Japanese.
When I saw those ads, it occurred to me that any website I visited via my laptop using cookies could corroborate the fact that I'm in Japan. Of course, it might be easier to discover that fact by just reading my blog.
As far as I know, this isn't a perfect means to obtain your whereabouts. There are anonymizer services out there that can hide your true IP, though the anonymizer service itself will know your IP.
Chris Sells humorously relates his experience dealing with his traffic violations.
The one where I describe my recent run-ins with the Oregon traffic police and my availability as the "Bad Boy" in your boy band.
[Via Marquee de Sells: Chris's insight outlet]
If you think the Oregon police sound strict, try dealing with the Military Police. I once was ticketed by an MP on an Air Force base while riding a 10 speed! He claimed I entered the intersection too fast, but from my view, I had waited till all the cars had passed and then entered the intersection.
When I saw the tell-tale red and blue lights behind me, I considered gunning it for a moment, but my legs were tired and I wasn't ready for a Dukes of Hazard moment.
I don't remember a monetary fine, but my dad did have to go talk to his first officer as a result. He tells me it was rather non-eventful, but I like to think it went something like this:
1st officer: So Sgt Haack, I see your son got himself in a bit of trouble.
Dad: Yes sir, a minor traffic violation.
1st officer: I didn't realize he was old enough to drive.
Dad: Well sir, he isn't.
1st officer: ah, so driving without a license too. Sounds like a bad start.
Dad: Possibly, though he was riding a bicycle. But you know kids these days. It starts with riding a bicycle too fast and the next thing you know, he's smoking crack.
1st officer: Ummm. I see. Well tell your son to keep it in a lower gear. Dismissed.
Back in the day when I was a wet behind the ears developer a coworker gave me some sage advice. He told me that if I wanted to become a good developer, I need to read the bible. He was of course referring to Code Complete, the bible of software construction. When I was promoted to manager, I made it required reading for developers. Several years later, I’m reading through the second edition savoring every page like a fine glass of sake.
This time around, I have a lot more experience to provide context to what I’m reading. Around page 270 (Chapter 11 end of section 2) I came across McConnel’s recommendations about the use of constants and it got me thinking about how appropriate that advice is in the world of .NET.
McConnel discusses good and bad names for constants. An example of a poor name for a constant is FIVE. If you needed to change it to another value, it wouldn’t make any sense (const int FIVE = 6;). Instead choose a name that represents the abstract entity the constant represents. For example, CYCLES_NEEDED.
Another bad example he presents is BAKERS_DOZEN which he states would be better named as DONUTS_MAX.
Although I agree with him in principle, his advice might need to be modified in light of how constants are handled in .NET. For example, CYCLES_NEEDED probably shouldn’t be a constant if you think you might change the value later. Secondly, BAKERS_DOZEN might be a fine constant since it’s a value that will never change.
This boils down to a semantic issue. What exactly is a constant? Is it simply a variable with a value set at compile time often used to consolidate a setting in one place? Or is it a variable that holds a value that never changes, not even from build to build?
Well the answer of course is "it depends". When you look at .NET however, it seems to favor the latter behavior. Suppose you’re building a class library that contains a public constant like so:
public class Library
{
public const int CYCLES_NEEDED = 5;
}
And you build an application that references this assembly and makes use of the constant like so.
class MyApp
{
///
/// The main entry point for the application.
///
[STAThread]
static void Main(string[] args)
{
for(int i = 0; i < Library.CYCLES_NEEDED; i++)
{
//Do meaningful work...
Console.WriteLine(i);
}
}
}
If you compile and run this simple program, the console will output the numbers 0 through 4 as you would expect. Yes, this is a complicated program. The result of many years of experience.
Now suppose it’s several weeks later and your boss storms into your office. The company is bleeding cash and he wants you to up the cycles to 6 to increase profit. "Why that’s simple" you say to yourself.
"I’ll just change the value of CYCLES_NEEDED, recompile my library assembly, and deploy the dll without touching the exe so that the downtime is minimized. I’m such a genius!"
So what happens when you do that? You get the same output as before.
Huh?
When one assembly references a constant in another assembly, the compiler will embed the value of that constant into the assembly. For example, using Reflector to decompile the sophisticated console app presented above, the Main method is compiled as:
[STAThread]
private static void Main(string[] args)
{
for (int num1 = 0; num1 < 5; num1++)
{
Console.WriteLine(num1);
}
}
So as you can see, in order to change the value of the constant, both the library and the consumer of the library have to be recompiled to reflect the change with the constant. If we anticipate that CYCLES_NEEDED might ever change, it would be better to make this a public static read only variable as such:
public class Library
{
public static readonly int CYCLES_NEEDED = 5;
}
Now should you deploy a change to the value of CYCLES_NEEDED, the console application will pick up the change without needing to recompile it. This is especially important in cases where it’s much easier to deploy a dll rather than the entire application.
The only drawback to this approach is that the value needs to be obtained at run-time instead of having the value compiled into the app which is a slight performance hint. Well if you’re worried about this, I’d suggest that you’re suffering from a case of premature optimization and you need to go read Rico’s blog where he’ll tell you to measure measure measure. As McConnel states repeatedly in Code Complete, the greatest impediment to performance is most likely to be the overall architecture of your system and not minor code issues.
Of course, if you have full control over your libraries and clients of the libraries, this may not be as big an issue to you. However, if you have several production systems deployed, it's nice to apply patches via deploying the least amount of code as possible.
We finally have a moment to sit down and make a donation to the relief efforts under way in South Asia. With the death toll at 141,000 and rising, it's impossible to grasp the amount of devastation caused by this disaster.
Although it's easy to just not think about it, I hope you consider taking a small moment and making a small (or big) donation. We chose to contribute to the UNICEF relief effort. You can also contribute to the American Red Cross via Amazon.com which is convenient if you're an Amazon user.
I read with interest Dare's post on the quandary social software finds itself in today. In a nutshell, the current crop of social software tools are not very sociable once you step outside of the particular tool. It's really like one big world wide cliquish high-school. Your orkuts won't talk to the friendsters who won't talk to the Amazons and so on...
As Dare points out, there's really no business incentive for these companies to allow users to export their social networks. They probably contain teams of marketers who drool at the personal information they are gathering and the opportunities of marketing. Why share?
I've tried to flesh out some ideas before on how I see social software evolving, but it occurred to me that there's two possible solutions. The first is to create a profit motive for sharing. Once you give Google an incentive to allow users networks to be exposed outside of Orkut, they'll do it.
Ok, that's obvious. The question is how? Well first, users have to demand more control over their own data. Unfortunately, users don't have that much leverage right now. They can threaten to leave Orkut, but only to move to Friendster? That only trades one closed network for another. My answer is to not leave social software soley in the hands of profit driven businesses. I think as tools like DasBlog and .TEXT evolv, it's possible to create a social network that is completely based on open standards.
Take a look at RSS Bandit. As an open source RSS aggregator, it has no incentive (nor capability) to keep its data private. Thus it supports exporting feeds as OPML as well as many other standards. Another example is the Jabber protocol. Although it's not widely adopted, the jabber protocol for instant messaging is another step in the right direction as its communication format is an open standard. Anyone can make a client to the protocol. Contrast this to the IM wars seen between Trillian, MSN, AIM, and Yahoo.
If these tools can gain traction and users start to demand control over their data and leave the closed systems for these open systems, we may see a move by these companies to open their systems in order to maintain a piece of the action. Hopefully these companies will focus on providing the best tools for navigating the various open networks as their point of distinction, rather than holding users data hostage.
After a wonderful time with my family in Anchorage, we flew back to Los Angeles for a day, dropped Twiggy off at a doggy day care, and flew into Tokyo. Below is a picture of Anchorage from our airplane as we were leaving.
The transition from 2004 to 2005 was quite uneventful this year. I think I was asleep when we crossed the international date line. Unfortunately we didn't have a countdown or bubbly. Well there's always next year. New Years Eve is a special day for my wife and I as that is the day we met in 2001/2002.
In any case, to my pleasant surprise, my mother-in-law's building has been outfitted with wi-fi internet access! I was expecting a severe case of internet withdrawal, but my RSS Bandit installation is humming along nicely and I'm able to post a blog post or two while here.
But even nicer was the exquisite meal that awaited us when we arrived. Here's a pic of a small plate of sashimi we had. Along with the sashimi we had some onigiri and tempura. Akumi's mom is a phenomenal cook.
Well I better be off to bed and let the fight with jet lag begin. I wish you all a happy new year and hope we all can make some exciting things happen in 2005.