The little bumps of the first time user

July 3rd, 2006

As you can see, well read actually, I have about 0 time to do stuff. I haven’t the best idea why but I’m guessing it has something to do with work and heat. The immense heat in this part of the world.

I have a few stories to share and I’ll try to get around to posting them this week. In the meantime let me say this – Feed Demon is great. I’m currently testing it and I think it’s the first piece of software that I really liked from the start. And still like it. If it were documented better it’d be perfect.

On a side note, there seems to be a lot going on about Flickr. I haven’t really used it ever, but I’m doing it while writing this – I’ve been trying to get around to posting my pics from @media for some time now.

The first annoyance was the authorization of the Uploadr. Good thing I have the CTRL+S reflex (well ‘Save and Continue Editing’ anyways), since it opened over my WordPress tab. Then I figured there has to be a limitation to the free account even though I never heard about it. I have no idea if I really wanna go pro at this stage you know. So I find but I can only upload 20MB per month. C’mon you’re Yahoo! now. You could easily say 250MB per year (500MB would be even nicer you know?). Well, I thought the Uploadr would ease the tagging process but since it didn’t all my images have “needstags” tag now (picked up from Tantek).

All in all my experience wasn’t that great. I guess Flickr is a nice tool/app but it ain’t all that nice for a first-timer. And it’s really common to forget about these people since when you’re testing you’re not really one. So do test on your family & friends. Once only, then change friends or get more. Well, just for testing part.

Update: I updated the info on all pics – titles, tags, licensing. The only problem was that I kept adding the tags to the wrong picture – the field bellow the description just didn’t work for me. A bit more copy-pasting than needed. How about “zebrastriping” the entries?

So much going on…

June 22nd, 2006

There’s so much going on lately that I really can’t keep up. To make matters worse it’s also damn hot around here. So these are some of the links missed in the last couple of days:

There’s actually more but…

@media2006 report (part 1)

June 18th, 2006

As I already said in the blurps I was at @media 2006 this week. It was absolutely amazing. I had that ‘5-year-old-kid-rush’ seeing all these people I read about and respect. Then I managed to take it all in and actually talk to some. I met a bunch of people who were really nice. Even though there was 800 attendees it was quite cosy on the parties. All in all it was a great experience.

The conference itself was great too. Amazing speakers with great topics. Mostly what I got was a confirmation that I am on the right path and I also got some new information. I’m sorry I missed Nate Koechley’s Yahoo! vs. Yahoo! – I hear it was amazing. Hopefully the presentation will be online soon.

I guess I should start off at the first day. Not the first day of the conference but instead with the pre-party. It was held in The Feathers on wednesday evening. Parties are where it all happens.

At first it was a bit weird – I knew nobody and most of them were grouped up in what seemed to be company based groups. After some wandering around and a pint of Stella I met Christoph from Germany and another guy from the Netherlands (sorry, I forgot your name, didn’t get your card). We chatted for a bit and as I was about to leave I met more interesting people outside. One of them, Ken Himschoot, actually took a picture of me and posted it on Flickr.

Ken introduced me to Glenda and they were both trying to convince me to come to Texas for the next SXSW conference. We’ll see, but it’s still in US. Maybe after I get fingerprinted by my own country. At the party I also saw Eric Meyer, Richard Rutter, Peter Paul Koch and a bunch of other great people.

To be continued…

@media

June 13th, 2006

I’m off to @media to win my Playstation 3. If you’re there say hi (and act like you know who I am). I’ll be wearing these.

This page contains both secure and nonsecure items

June 9th, 2006

Sometimes creating a secure page is easy – you just change the http to https and you’re done. On other times you open the page in Internet Explorer and it starts complaining about unsecure items on the page. It’s annoying because many users get scared away thinking something wrong is going on. Or it’s just annoying since you don’t want to click ok every time you load a page.

To remove this alert follow these simple rules. After you do something reload. If there’s no more alerts you succeeded. Otherwise go on. If you get in a jam leave a comment and I’ll try to find one and add a rule.

  1. Change all http:// resource links to https://. The doctype is not a problem. All others (images, css, javascripts, iframe pages) should be https://.
  2. Change all about:blank links (yep, these are unsecure) to a blank file that exists and is a https:// link.
  3. Install Fiddler and check if there are any hidden requests to http:// (it won’t show https:// requests with the default setting). Change them to https://
  4. Check if any iframes have # for src or the src is left blank. Change them to something that is a https:// link and exists. Looks like # is actually an alias to about:blank.
  5. Find any resources that return an error (404, 500). This one is tricky since it’s not really easy to set up an SSL proxy. Try checking the server’s access logs.

The trick behind these is that any data that comes from an unsecure source triggers the alert. Unsecure data might come from a http:// link OR a built in page. Built in pages are for example about:blank. BUT what you wouldn’t expect is that also Explorer’s built in error pages are unsecure. So if you get a 500 or 404 error and Explorer decides to display its internal error message you will get an alert.

This might not be all but I think it should be enough.

Abstracting passwords

June 7th, 2006

Joel was saying something about the abstraction that goes on in a company that most people don’t see.

Recently we had some decisions made at the company I work for that show some people here have no idea how to make things easier for developers. One of the things that cost a few minutes on every login (and I do it quite often since I lock the computer often) is changing the password on a certain time interval. This never works and I have no idea why administrators really insist on this. Either they have no idea what people are doing about it or they’re just ignoring it.

Let’s see how it works. You get an alert that tells you that you’ll need to change your password in the next week or so. You decide to do it now. First thing most people try is to add a number. If this works we have a number added to the old password that doesn’t make it any more secure. If the system does not allow similar passwords we have a few other scenarios.

  • The first option is to change the password many times so that the system forgets what you’re actually changing and then go back to the old password. Not secure.
  • Another one is to use things you see from your workplace as a password (for example monitor model name, poster in the back,..). This is not secure either but might work if the cracker doesn’t know where you work.
  • The next option is that you try to think of a new strong password. You’re going to forget it or you’ll have to write it down. At best you’ll write it down on your phone or PDA. Not that secure either.

There are of course other options – you might actually be able to remember the new password. Congratulations, you’re a rare kind.

Whatever the argument for this I still can’t remember the password and I’m losing time, concentration and nerves everytime I enter my previous password instead of the new one.