Fri, 29 Aug 2008
MicroID bad for your health?
Slashdot can be prone to scaremongering as much as the tabloids.
This article is about someone
who has found a way to extract email addresses from MicroID hashes on
some sites. The idea of Micro ID is that it allows you to associate a user account on a site with an
email address without revealing that address. Then sites like ClaimID
can verify that you own a given account, as I have done for several. The idea has been
criticised, but I think it is useful in a limited way.
It is vulnerable to people working out what the email address was if they know your name and can
guess what domain it is on. Not too hard in my case as my email is hosted on my own site that I publish
in my account profiles. I'm not too bothered about this account as my email address has been heavily spammed
anyway for ages. I suspect it may have been harvested from a
key server as those publish all email addresses
without obfuscation. I would prefer to share my email address openly so that people can easily contact me, but
it seems that is not advisable due to others abusing it. As they already do should I be worried?
It seems that others take this threat more seriously as last.fm and
digg have stopped using MicroID. This is a shame.
identi.ca have handled it better by giving you an option of whether to
have a MicroID on your profile page. Perhaps someone can come up with a more secure protocol that does
not reveal private information. This is a complex field in which I am not qualified to dabble. Security
and encryption are very easy to get wrong.
Whilst looking into this I found that ClaimID was down. This could be a problem for me as I use them
for OpenID on a few sites. I wouldn't use it for anything critical or
financial, but it saves me having to come up with passwords for every site. As I let Firefox save
my OpenID password I rarely have to enter it. This makes me slightly more secure if some site tries to
redirect me to a clone of the log-in screen as that would not have my details.
I've had a GPG public key for years, but have not used it for much.
Very few people I know will send me encrypted emails. I keep expecting spammers to start doing that as
a way around spam filters. I'm not sure it is a big enough target for them. The only site that has used
my public key to verify my identity is Biglumber that deals with that
I'm generally interested in ways that we can publish personal information so that people can use it
to contact us, but still protect our privacy. Is there an answer? Perhaps email is too broken to
be of use. Closed systems like Facebook allow messages to be sent with options to block those you don't know,
but are not open enough for general usage.
Fri, 22 Aug 2008
Updating the reading list
I've just caught up on logging what I have been reading recently. I need to check if I have omitted
any books. The list is here or you can see
the latest ones in the sidebar. I'm using an add-on for Pyblosxom that requires entering the details
in a slightly contrived style. It uses more comment and category fields than I really need, but I haven't
tried to change that as yet.
I also added in some earlier books from the previous add-on that used a slightly different file format.
I probably could have scripted something to do that, but it took less time to do it manually. I know I lose
geek points for that.
Thu, 21 Aug 2008
My Stack Overfloweth
In my quest to learn more about the art of programming I have been listening
to the Stack Overflow podcast by
Joel Spolsky and
Jeff Atwood. These two seem to have
a lot of experience between them and are applying it to developing a new
Q&A site for developers. They are both entertaining talkers as well.
The Stack Overflow site is still in closed beta, but I managed to get in
on it. It's simple, but impressive. It uses cool technology like
OpenID, but can be used without registering.
Users can allocate ratings to all questions and answers, so the good stuff should
be easy to find. There is a complex reputation system, with badges, to encourage
people to participate. So far I have submitted a couple of questions about use
of wiki and email to manage information and received lots of good responses.
It will be interesting to see how it evolves when opened up to the world.
I'll be interested in hearing about other good podcasts on programming and
other technical subjects. I enjoy listening to them when driving to work.
I still need to get myself a car radio that can play from flash media. I still
have to burn an audio CD, which limits the duration of what I can listen to and
sometimes plays up. I don't think I can bring myself to buy anything that does
not support Ogg Vorbis. I'm not as principled as
some people I know when it comes to only using open formats, but I still like to
There are a number of reasons people go camping. A major one is cost, but
a side effect is that it can have a lot less environmental impact than other
sorts of holiday. We take a car full of stuff with us, but that should produce
a lot less CO2 than flying. This year we only travelled about 100 miles to
Kelling Heath in Norfolk. This was the biggest
camp site we've been to, but also one of the best. Far better than the Haven
site we visited. It consists of 250 acres of woodland and heath with spacious
camping pitches and many static caravans and lodges. The facilities were pretty
good. We used the outdoor pool. The indoor one meant paying a lot for use of the
heath club and that was over the top for kids. We only ate in one restaurant once
as we did a lot of cooking and ate out. We did use their cycle hire a couple of times
to explore the area. This was the first time we had cycled with the kids and they coped
well, even if the small hills could be tough on little legs. I really ought to do
We also visited the beach and some of us swam in the sea. It's really not too bad
once you are in. I was intrigued by the huge amount on flint on the beaches and elsewhere.
No wonder they build their houses with it.
Some other UK sites I've been to do not offer much, if any, recycling facilities,
but this one had plenty of bins. A few people need to learn what you should put in them.
I was also impressed to see solar water heating for the showers. That seems a perfect
application of the technology. I'm considering it for our house as gas prices shoot up.
I made sure I turned off as much as possible at home whilst we were away, including
the water heating and even the Wii, but that only uses a few Watts. I don't think
it made a huge saving, but there is no reason to not do it. I think it will barely
show up in my logs at The Carbon Account.
We didn't drive much whilst we were there and so did no more miles than I do in a normal
working week. Economy on that tank was pretty good at around 50mpg. It's been slightly worse
this week, but that's probably down to London stop-start driving.
Wed, 06 Aug 2008
Singing in the rain
Last Saturday I attended a singing workshop
with Dafna Dori from Jerusalem organised by my friend Malcolm.
I don't really consider myself a singer, but with what I've been doing with the drumming group I am getting a
feel for it and would like to explore the possibilities. There were about 16 of us there including my daughter and
another young girl. The rest ranged widely in age. We did some fun warm-ups and then proceeded to learn three
Jewish songs. There were the challenges of unfamiliar pronunciation and scales, but we seemed to do quite well.
For the last song we also learnt the circle dance that goes with it. I'm not sure what people would think of us
all dancing around in the wood outside the studio singing in Hebrew, but I enjoyed it.
The fact is that these songs are religious, but I didn't feel too uncomfortable singing them. That may
have had something to do with them being in another language, but they were fun to sing. I don't particularly
enjoy singing hymns on the rare occasions that I'm in church, but then a lot of those are pretty boring.
There is plenty of spiritual classical music that I enjoy, but the words, if any, are often in
other languages. Ultimately it is the quality of the music rather than the message that tends to move
me. I can be moved by lyrics, but generally because they reflect my mood or inclinations.
I recorded the session on my Zoom H4.
It was not ideally placed on the floor with a small tripod, but worked pretty well. I then had the challenge of editing over
an hour of material to extract the songs for people to listen back to. I've done some previous editing with
Sweep, but that was very slow and took up most of my memory.
Ardour would not even load the MP3 file, but that may be due to a lack of add-on. I didn't try
Audacity at first as I have been having issues with getting
sound on play-back, but this time it worked and was very easy to use. I noticed that it used a minimal
amount of memory. I just did the basics of cutting out the songs and saving each as a file without playing
around with effects, but that is something I need to experiment with. It's not something I have ever done much
with. I need to find time to check out some of the tutorials out there, but I expect there is no
substitute for experience. There is an interesting set of screencasts
on using Ardour.
Whilst writing this up I have been listening to free tracks from the new
Byrne/Eno album and bassist
Kev Cooke. All good stuff.
Sun, 03 Aug 2008
Another OGR milestone for me
Back in November I clocked up one
million giganodes on the OGR-25 project at Distributed.net. That took me
about 7 years. As predicted (roughly) I have doubled that in just over 8 months thanks to a speedy dual-core
processor in my main PC. It would have happened sooner if I had realised that my PC was
not running at full speed and had
implemented a proper shut-down script so that I did not lose work units each day. I was a little optimistic in
how long the project had to run. Current projections
give it almost another year, but I think that does not take faster computers into account. I wonder how many
people will upgrade in that time. I certainly do not intend to do so unless I suddenly find myself with enough
spare cash for a faster CPU. I could get something 25% faster for well under £100, but I doubt I would notice the
difference for normal usage. If I were building another PC I would probably look for something that used less
power rather than ultimate clock speed. I've not bothered keeping up with what's new in the processor world
for a while, so I don't even know what the state of the art is. These days software is more interesting than
For reference, the earlier slowdown may only have affected apps like dnet with a high
nice value as the
PowerNow daemon would ignore them and assume
that nothing important was running. By setting the '-n' flag in its defaults file I got back to full speed.
I used a script from here to make sure the client
shuts down cleanly. I could have been losing several hours of work in the past. I've at least learnt some more
about the workings of Linux through all this.
Wed, 30 Jul 2008
Back to Bassics
I'm a bit knackered after a late night/early start/long day sequence, but here goes with another exciting
post for my loyal reader.
Last night I returned to Darbuka for another gig by bassist Steve Lawson and
singer Lobelia accompanied by drummer
Ray Dodds. Support
was again from ukulele strumming social media man Lloyd Davis playing
some great old songs.
This time Lobelia and Steve each did some solo songs. Lo used some very night (bare) footwork to loop her
guitar and voice. One song was pure voice and wonderful to hear. Steve gig a great cover of
She Sells Sanctuary (on the seashore).
Ray joined in with some great drumming and percussion on assorted hardware. Finally they all played together,
which lent a new flavour to songs I feel I already know well. I chatted to them all as well as another
bassist, Simon Little, who I met via Twitter and sat with during the
gig. He's played with some well known acts and is doing his own solo work that I just obtained from his free
podcast and am enjoying now.
I bought Lobelia's solo CD from a few years back. It features some songs I've heard live, but in much
more conventional arrangements. I have to say I prefer them as performed now. I look forward to some more
I had some cool musical experiences on the internet over the last week. Firstly I watched Steve,
Lobelia and others perform at another gig via a live video stream on Ustream.tv. This included a chat
forum where I could exchange messages with other viewers and people at the gig. That was fun. A
recording of the gig is up now. This was followed
on Sunday by them performing some songs at home and uploading them to
Phreadz where others (with beta access) could post video
replies. That was enjoyable too, despite some technical issues.
At work the other day a friend lent me a CD by Martin Simpson.
Nice bit of folk with nifty guitar playing. I used QCD on my Windows PC
and it did its usual thing of posting the tracks to Last.fm.
I subscribe to an RSS feed there of gigs within a reasonable distance. Within an hour it included some
of his. Sites like Amazon recommend music etc based on what you buy, but this was based on what I was
listening to and with less commercialisation. I doubt I will go, but others would find that information
useful. I've been alerts to gigs I have attended via this service. Each gig has a page where people can post
comments and link to pictures etc. I've been on Last.fm for over four years and just clocked up 20,000
tracks. That's what I have listened to on the computers, but I do most of my listening like that. I often
use their music streaming services to find new stuff. I was on one based around what people who listen to
ELO like when I passed 20k.
My last cool musical link of the week is King Crimson Live.
You can buy downloads of various concerts, but they also give away the odd track via a podcast called
Hot Tickle. Cool or not I love a good bit of Prog.
Wed, 23 Jul 2008
I've been thinking that I need to learn some new tunes on my guitar, so I was poking around on
Youtube and found a series on the tune
Classical Gas (a song with its own web site!). I've done the
first couple and it's not sounding too bad, although I think I am missing a few notes that he
doesn't properly describe. I'm also consulting some tab versions that I found. I've not learnt many
tunes from video, but it's handy for getting the fingering right. I'll see if I can learn the whole
thing, but that may take a while.
Youtube has loads of musical tutorials for all types of music. There was nothing like that when I
started playing. The guitar magazines I bought didn't even come with CDs (or equivalent) so that you
could hear how a piece was supposed to sound. Total Guitar
was a revelation when it appeared with a CD. Now they do DVDs and video files on the CD. Budding
musicians have never had it so good.
I'm also trying to learn a few classical piano pieces by the old-fashioned method of sheet music.
I find that a totally different mental exercise, but the results are enjoyable. I also get some
benefit from coaching my kids on their respective instruments.
I'm on the lookout for any local musicians who want to cooperate. I'm listed on a couple of
musician sites, but the replies I've had have been from bands who need someone with more time
to commit. There's a new site dedicated to
the arts in my town. I've been in contact with them about setting up a noticeboard for finding
people to work with.
If you are really lucky I may eventually post some recordings when I've polished my technique and
gained some studio skills.
Mon, 07 Jul 2008
Close to home
Being a fan of web sites with a physical location I've felt the need for something that
would tell you what sites relate to your local area.
Groups Near You does this fairly well. You
can add sites and match them up to an area on a Google map. There's no log-in, but it uses
your email address to confirm changes and then that site is restricted to that email
account. Some real potential if people add enough sites. I did a couple. It's a shame they
don't make use of GeoURL to pick up the location of a site
and then publish that data on their pages. Maybe I should mail them.
My other toy of the last few days was MyBlogLog.
It's a Yahoo service that gives you some nice visitor tracking features for your site
and lets you build a 'community' around it. The stats are nice, but I'm not totally
convinced yet. I mainly joined in order to check out how their FOAF data appeared on
the FOAFster visualisation tool.
identi.ca has been much improved by allowing you
to see all your replies in one place. People had replied to some of my 'dents', but I had
missed them. I've picked up a few followers who share my interests. These spontaneous
communities are fun.
Thu, 03 Jul 2008
Opening up the microblogosphere
<< 1 2 3 4 5 6 7
I know, horrible word, but new worlds need new language. I've been playing with
Twitter for a while now. It's fun and I've made a
few friends there. I even found a nice client in TwitterFox
that lets me keep up with my updates from within Firefox. But there are some issues.
The site is still struggling with performance issues, so sometimes it doesn't all work. The
ability to post from XMPP/Jabber/GTalk has been down for weeks. I've been seeing a lot of
the Fail Whale when I go to the site.
Another issue with Twitter is that it is a closed source system.
This week I found out about identi.ca. It looks like
a Twitter clone, but lacks a lot of the features. That should change as it is running on
open source software. I've not checked it out myself, but I expect a few people will be.
That means that more people could set up their own microblog sites. The problem then is that
the network will be fragmented. They have an answer to that in the
OpenMicroBlogging specification to allow
messages to be sent between services. I'm not sure if you can actually do that yet, but
it's a good sign.
Other good signs are use of OpenID for those who don't
want yet another password and FOAF to make the
data accessible. It also works fine from my IM clients. There is a lot of work to do
there, but I have high hopes. I've even linked up with one of my Twitter contacts there.
I've picked up a few followers for unknown reasons. I'm unsure of their motives. The same
thing happens on Twitter as an attempt to get attention.
My other new web presence this week is at Whoisi.
This appears to be similar to FriendFeed, but with some
crucial differences. There is no ability to log in. Anyone can create and edit an account for
anyone they choose and associate feeds with it, but they have no ownership of it. That sounds
like anarchy, but we shall see. I've seen mention of them keeping history in case of vandalism.
On FriendFeed I created my own feeds for friends to track their various accounts, but that was
private to me. I could do the same on Whoisi and then anyone could follow them. Is that a good
idea or an invasion of privacy. Some people might not want their various on-line identities to be
linked. If they are not already making the connections public then I will not do so. You can still
select a group of people to follow, but that setting is only stored as a cookie or as a private
unique link that you need to save. As with identi.ca, some people I know are already there.
The site will suit those who don't want to have to set up more accounts, but lacks conveniences
I don't actually sign up for every service I hear about. There have been a few I have checked out
and then not used, but generally I only sign up if I see a real use. I have my core of useful
sites linked from the homepage of this site.
 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 >>