greg hughes - dot net
Note that the contents of this site represent my own thoughts and opinions, not those of anyone else - like my employer - or even my dog for that matter. Besides, the dog would post things that make sense. I don't.
 Monday, 07 August 2006
UPDATE - AOL apologizes (not as if it makes a difference at this point, though):
"This was a screw-up, and we're angry and upset about it. It was an innocent enough attempt to reach out to the academic community with new research tools, but it was obviously not appropriately vetted, and if it had been, it would have been stopped in an instant," AOL, a unit of Time Warner, said in a statement. "Although there was no personally identifiable data linked to these accounts, we're absolutely not defending this. It was a mistake, and we apologize. We've launched an internal investigation into what happened, and we are taking steps to ensure that this type of thing never happens again."
AOL, over on their research wiki site, on Sunday posted an article describing their release of search data collected for more than a half million AOL users over a three month period. They claimed the data was made "anonymous," and that it was being released for research reasons. Problem is, it's not anonymous enough. Each unique user was replaced with a unique random identifier. That means you can see everything that user 336072 searched for. What if someone examined everything you searched for over three months? Even without knowing your name explicitly, do you think they might be able to find out some interesting things? Have you ever done a "vanity" search?
It's just not anonymous enough. I have a copy of the data that I downloaded before it was taken offline, and I've poked around in it a bit, so I know. Not only that, but spammers and search engine "optimizers" out there are going to have a field-freakin-day with this data. No, I won't share it with anyone else. It never should have been released in the first place, so I am not going to add fuel to the fire.
Michael Arrington at TechCrunch wrote about it in his blog entry entitled "AOL Proudly Releases Massive Amounts of Private Data," and updated his post a couple times as AOL mysteriously removed the data file from the web, as well as the page announcing the availability.
Arrington: "AOL must have missed the uproar over the DOJ's demand for "anonymized" search data last year that caused all sorts of pain for Microsoft and Google. That's the only way to explain their release of data that includes 20 million web queries from 650,000 AOL users."
When you consider that AOL search is - get this one - actually Google's search with a different face on it, you can imagine what the emails and phone calls that went flying around between the two companies on Sunday afternoon might have sounded like. Ouch.
Yeah, and so much for the privacy of AOL's users. If you're an AOL user, is that what you signed up for, to be a guinea pig in AOL's poorly-planned foray into academia? I think not. This is identity theft just waiting to happen, that's what this is. Again from Arrington:
"The data includes personal names, addresses, social security numbers and everything else someone might type into a search box. The most serious problem is the fact that many people often search on their own name, or those of their friends and family, to see what information is available about them on the net. Combine these ego searches with porn queries and you have a serious embarrassment. Combine them with "buy ecstasy" and you have evidence of a crime. Combine it with an address, social security number, etc., and you have an identity theft waiting to happen. The possibilities are endless. "
Google says "do no evil" and keeps this kind of data under wraps when challenged in federal court. AOL? Not so much.
Any would-be AOL boycotters better be prepared, though. Last we checked, you can't even cancel your account at AOL without being put through the ringer. Several years ago when I canceled mine it was a several-months-long experience before I was able to decipher enough to get the billing truly stopped. Coming and going, that's how they get ya in Dulles... There's a reason PC Magazine ranked AOL "Number One" in a list of things you'd really rather not be on...
Technorati : AOL, privacy, private data, release
Saturday, 05 August 2006
The U.S. Senate on Thursday ratified the first and only international treaty designed exclusively to combat computer crime. You can read the full text of the Council of Europe Convention on Cybercrime here.
What does this mean? Well, a lot of things. But all told, it means law enforcement officials from around the world will have a more agile, speedier, and more capable framework for cooperating in combating bad guys that are out to hurt others on the Internet. For those of us working to stop bad guys, it makes doing so more possible and can help remove some barriers that tend to get in the way. For those of us in the United States, the provisions are not really anything new. But for other countries that ratify, it means a much enhanced ability to work together.
The Senate did not consider an optional provision of the convention that deals with combating Internet hate speech, which would likely have run afoul of the First Amendment to the U.S. Constitution.
Summary of the Senate activity is in an article at news.com.
Technorati : cybercrime, fraud, treaty
A new spoof video on YouTube take a different direction (as in, levity used to make a point rather than get a laugh) on making fun of the Apple marketing TV campaign and, well... just watch it. Not sure how accurate it is (but I bet someone will research this and let me know).
"That's iLife!" OUCH...
Click to watch:
(via MacSpoofs)
Technorati : Mac, advertising, pc vs mac, spoof
Friday, 04 August 2006
There are a couple interesting security-related headlines on ZDNet this morning, coming out of the Black Hat event. The first discusses how Microsoft's handing out a beta version of Vista to Black Hat attendees and says their security testing of Vista is the largest commercial penetration vulnerability test in history. In the other article, SPI Dynamics points out that many potential threats and gaps exist today in the use and consumption of RSS and ATOM feeds, and that many feed readers don't do security checks to ensure a feed is not malicious before - for example - running script that is delivered in an entry. A large number of common feed aggregators/readers (including the one I use) are on the list. This is something for the authors of those programs to address, for sure.
Microsoft issues Vista challenge
News Focus: Software giant wins over the Black Hat crowd by stressing its commitment to Vista security--and asking for help.
Blog feeds may carry security risk
Popular RSS and Atom feeds could carry malicious JavaScript code that would compromise a PC, an expert warned.
Technorati : ATOM, RSS, black hat, security, vista
 Add/Read:
|
|
Thursday, 03 August 2006
I just downloaded and installed Zoundry's Blog Writer over lunch, a free and ultra-feature-filled blog editor. This thing is slick! I am writing this post with the new editor.
I think I found my new blog editing app that I have been dreaming of for so long. At least it's going to get a real trial run. I have fought with Rocketpost so many times (it has never worked for me, and the authors don't seem to answer email anymore), and while I love BlogJet, the feature set in Zoundry is pretty incredible.
I'll write more about it tonight, after I get a chance to play around with it some more.
 UPDATE: I am having a hard time getting the app to play nicely with my web hosts's FTP. Seems to upload image files, but the "test" mechanism says it does not work correctly, which is kind of strange. I have filed a post on the support forums, we'll see how that goes. I can upload images, as witnessed at right...
UPDATE AGAIN: One super cool feature I noticed was that Zoundry totally used the newly-implemented blog autodiscovery calabilities that have recently been baked into dasBlog by Omar. None of the old manually setting up and remembering the URL for the blogger API or any of that stuff. Nice!!
Wednesday, 02 August 2006
I have a tendency to bleed a little on this blog, meaning I grab the latest source code version and compile it myself to run it on the server almost all the time. The last official release of dasBlog (which is an open-source .NET blogging server application) was v1.8 and it was born nearly a year ago (wow, that long?). But for those who compile it themselves from source, it's been changing regularly over the past year and we've been enjoying the trickle-flow of feature enhancements.
And sometime soon now, says Scott, the official dasBlog v1.9 release will be out.
v1.9 will include some significant feature enhancements. Here is a mostly complete list (at least at this point -- the list is blatantly stolen from Scott's blog):
- Much better multi-user/blogger support including a Top Posters macro and total comments - from Christoph De Baene
- TagCloud - from Scott
- Huge (100x+) speedup in Macro execution - from Scott
- Support for If-Not-Modified to speed up execution, improve RSS bandwidth and CPU cycles - from Scott
- Direct Feedburner Support with 301 redirection for RSS and Atom feeds. Don't lose a single subscriber. We're the only blog with direct support for Feedburner and Feedflare I believe. - from Scott
- Delete comments directly from your mail reader - from Omar
- New themes out of the box, 18 at last count - from Many Folks
- New XML-RPC support for newMediaObject - from Omar and Giuseppe Dipietro
- New support for RSD so client software can autoconfigure itself - from Omar
- Pluggable Rich Text Editor, choose from FreeTextBox or FCKEditor or write your own adapter - from Josh Flanagan
- Support for CoComment - from Scott
- Organized source, build, and packing for clarity - from Josh Flanagan
- New Feed Icons - from Omar
- Automatic disabling of Comments after a certain number of days. Also manual "close comments" support - from Omar
- ContentLookAhead show future dated posts - from Josh Flanagan
- Other misc fixes and suggestions from Tomas Restrepo, Jason Follas, Rene Lebherz and Steven Rockarts. Added entry CPU usage optimizations from George V. Reilly.
- Better strings and support for Portuguese, Turkish and Vietnamese from Ph?m Ð?c H?i.
If you're a sourceforge nut, know how to use Subversion and want to compile it yourself, go for it. Or wait a bit longer for the release. I am running the latest code on this weblog, and it's pretty darned slick.
© Copyright 2012 Greg Hughes 
This work is licensed under a Creative Commons License.
 | This page was rendered at Sunday, 03 June 2012 12:31:56 (Pacific Standard Time, UTC-08:00)
newtelligence dasBlog 2.1.8015.804
|
"Computers used to take up entire buildings, now they just take up our entire lives."
- Unknown
"So how do you know what is the right path to choose to get the result that you desire? And the honest answer is this... You won't. And accepting that greatly eases the anxiety of your life experience."
Syndication [XML] and .net Alerts
For lazy, highly-technical or enlightened people, get this site's content without the use of a web browser. I use FeedDemon for this, but you can choose your own. Subscribe - click the icon for my feed... or sign up for Microsoft Alerts to receive updates through your MSN Messenger, e-mail, or mobile device. Click the orange button thingie to sign up with your Passport account: 
Contact
Drop me an email: Phone: 503-766-2258
Add me to MSN Messenger
Monthly Archive
| November, 2011 (1) |
| October, 2011 (7) |
| July, 2011 (1) |
| May, 2011 (1) |
| April, 2011 (1) |
| January, 2011 (2) |
| December, 2010 (3) |
| November, 2010 (2) |
| October, 2010 (1) |
| September, 2010 (1) |
| July, 2010 (1) |
| June, 2010 (13) |
| May, 2010 (4) |
| April, 2010 (10) |
| February, 2010 (1) |
| January, 2010 (2) |
| December, 2009 (1) |
| November, 2009 (2) |
| September, 2009 (2) |
| August, 2009 (1) |
| July, 2009 (2) |
| June, 2009 (4) |
| May, 2009 (7) |
| April, 2009 (3) |
| March, 2009 (5) |
| February, 2009 (1) |
| January, 2009 (10) |
| December, 2008 (7) |
| November, 2008 (7) |
| October, 2008 (18) |
| September, 2008 (18) |
| August, 2008 (18) |
| July, 2008 (35) |
| June, 2008 (16) |
| May, 2008 (12) |
| April, 2008 (16) |
| March, 2008 (22) |
| February, 2008 (32) |
| January, 2008 (9) |
| December, 2007 (6) |
| November, 2007 (4) |
| October, 2007 (19) |
| September, 2007 (36) |
| August, 2007 (19) |
| July, 2007 (17) |
| June, 2007 (16) |
| May, 2007 (13) |
| April, 2007 (11) |
| March, 2007 (5) |
| February, 2007 (14) |
| January, 2007 (16) |
| December, 2006 (16) |
| November, 2006 (4) |
| October, 2006 (23) |
| September, 2006 (14) |
| August, 2006 (21) |
| July, 2006 (34) |
| June, 2006 (25) |
| May, 2006 (20) |
| April, 2006 (20) |
| March, 2006 (17) |
| February, 2006 (34) |
| January, 2006 (30) |
| December, 2005 (23) |
| November, 2005 (39) |
| October, 2005 (30) |
| September, 2005 (49) |
| August, 2005 (31) |
| July, 2005 (21) |
| June, 2005 (35) |
| May, 2005 (53) |
| April, 2005 (54) |
| March, 2005 (60) |
| February, 2005 (27) |
| January, 2005 (59) |
| December, 2004 (70) |
| November, 2004 (58) |
| October, 2004 (55) |
| September, 2004 (64) |
| August, 2004 (53) |
| July, 2004 (65) |
| June, 2004 (50) |
| May, 2004 (49) |
| April, 2004 (26) |
| March, 2004 (20) |
| February, 2004 (26) |
| January, 2004 (28) |
| December, 2003 (12) |
| October, 2003 (8) |
| September, 2003 (11) |
| August, 2003 (1) |
On this page
Search and Translate this Site
Blog Posting Categories
Navigation Links
Blogroll
 Scott Adams' Dilbert Blog
Scott Adams is the creator of Dilbert, and his blog is an incredibly smart, clever and often funny (sometimes very serious) look at the world. Everyone should read this blog. |
Alex Scoble
Alex is a former coworker who blogs about a variety of IT-related topics. |
Brent Strange
Brent is a cool dude and a great QA guy that I used to work with. His blog is, appropriately, focused on QA and testing technology. |
Chris Brooks
Chris was formerly my boss at work and is an avid board gamer and photographer. He always has some new info about top-notch board games you may have never heard of, so if you're into them, you should check out this blog. |
Chris Pirillo
Lockergnome by trade, Chris is always up to something new. If you are not familiar with the Lockergnome newsletters, be sure to check them out, too. |
Matthew Lapworth
Matt's a software developer and friend. He seems to enjoy extreme sports. That's fine as long as he doesn't, like, die or something. |
Milind Pandit
Milind writes about all sorts of interesting stuff. We worked toegther for eight years, and he worked at our employer longer than I, which pretty much makes him old as dirt in company time. :) |
MSFT Security Bulletins [RSS]
RSS feed for all Microsoft security bulletins provides an always-up-to-date list of updates along with complete descriptions of each. |
neopoleon.com
Rory Blyth is one of the funniest and most thought-provoking bloggers I read. And I blame him for everything. Literally. |
Scott Hanselman
Scott's computerzen blog is a popular spot for all things .NET and innovative. I used to work with him, but then he went off to Microsoft. He's one of the smartest guys I know, and arguably the best technical presenter around. |
Sign In
Who Links Here
Total Posts: 1888
This Year: 0
This Month: 0
This Week: 0
Comments: 3447
Android (7) Apple (67) AudioBlogging (42) Aviation (2) Blogging (154) Fireworks (5) Geek Out (130) GnomeDex (20) Google Voice (1) Helping Others (27) Home Servers (5) Humor (144) IT Security (217) Kineflex Artificial Disc Surgery (16) Management (8) Microsoft Office (4) Mobile (139) Movies (31) Mt. St. Helens (13) Office 2003 (52) OneNote (29) Personal Stories (163) Photography (29) Random Stuff (642) RSS Stuff (47) RunAs Radio (28) Safe Computing (38) SharePoint (56) Tablet PC (42) Tech (1035) Things that Suck (69) Windows (6) Windows Media Technology (27)
|