Tweets

Follow @pietrosperoni (390 followers)

Categories

Reading your mate passwords in Firefox

So, here is the quest. You need to discover the password of your best friend. Although this might seem morally reprehensible you are moved by nobel and deep reasons. You need to check in his email and discover if he is having an affair with your wife. You can’t just confront him if you are not sure. Nor can you run the risk of confronting your wife before you are sure.

We will assume that you have access to your best mate computer. After all he trusts you, right. And with reasons, you would never do anything against him… normally. But this time it’s different. If he has been seducing your angel, he deserves the worse.

We will also assume that your best friend is really into security, and since firefox is a more secure system, he uses firefox. Daily. And as a final assumption we shall assume that since he keeps his mail on the web, and accesses it through the browser. Let’s assume it’s on Yahoo.

This is what you need to do:

  1. Get his computer, in a moment he is out for launch (with your lady, bastard!), and lock yourself for the work. You will need privacy for this. If you are confronted you can always say Continue reading Reading your mate passwords in Firefox
March 2nd, 2006 | Tags: , , , , , , , , , , , , , , , , , , | Category: dead entries, root | 3 comments

Wikka installed

I have to say that I amvery impressed with Wikka. Wikka is a wiki software that I just installed on my web page. It is simple, yet full of plugins. Open source (or I would not consider it). It also permits to integrate freemind mind map inside it. More than this: for each page the administrator, (ehm, that is me!) can decide who is allowed to read, write and comment. I installed it about one week ago, and I avoided to make it public until I would found a way to deal with wiki spam. I already have too much spam on this blog. Finally I found what I think is the perfect solution:

  1. only registered user can comment and modify the wiki. It might not make it very fast, but at least I know who said what.
  2. I inserted a plugin such that to register people must write a password in the ‘registration code’. But the password is written on the same log in page.
  3. To write spam in the wiki they have to manually register. Which I feel is fair. I have no anger toward those that manually spam. Are the mechanical ones that ought to be stopped.
  4. If the spammers write something that automatically register, I will change the registration code.
  5. And if they write something that automatically grabs from the page the registration code I change the context (the phrase in which the code appears), making their software useless. I will move from:
    • registration code:”pippo pluto” to
    • registrati0n code:”pippo pluto”

As you cannot code for something that blocks all permutation of the word “Viagra”, so you cannot code for something that codes for all the permutation of the phrase: “Registration Code”. Ah! And this is the revenge of the mass!

I think the idea is so brilliant that I will look if I can find a similar plugin for wordpress.

The next think that impressed me in Wikka was the use of rss. It is actually very easy to integrate an rss in a page. Maybe it is the same in other wiki engines, I don’t know. But on wikka it is absolutely trivial. You just need to write {{rss url=”http://the.rss.net/address.rss” cachetime=”30″}} and the rss gets taken shown, and cached for 30 minutes. Now 30 minutes cache is what del.icio.us requires from you if you are going to connect an rss to your homepage. So now I have started to integrate all sort of rss from delicious to my web page. Check for example my Tag Cloud page. With the rss from my personal bookmarks tagged with tagcloud, rss from the popular page in delicious delicious/popular/tagcloud, and the rss from technorati (i.e. people who have blogged on Tag Clouds).

And all this is in the floating right bar. So I still can use the rest of the page as place for me to write content, and notes…

And as notes taker this wiki is slowly becoming. I started moving my Reading List to the wiki. And I added to the reading list, the rss of popular reading lists. You see, how it all comes together.

But this is not all! Wikka (and they should pay me after a post like this!) gives the possibility to set the privacy for each page. That is for each page you can chose who can read it, who can comment on it and who can change it. In this way I can use this not only as my personal notes but as the notes for project that I might be sharing with other people.

Come and say hello: http://wiki.pietrosperoni.it

November 23rd, 2005 | Tags: , , , , , , , , , , , , , | Category: dead entries, root | 2 comments

Why you shouldn’t use furl

We must be stupid. I am being serious, we must be REALLY stupid.

It is possible that after many years of people blowing the whistle against people collecting personal information we still fall for it. Who am I refering to? But to Furl, of course. Because, you see, we are often in good faith, and when someone says:

Privacy
Privacy is probably a top priority for you. It certainly is for us at Furl. When you mark an item “private,” we respect your expectation that no one else will be able to see its contents. Other members cannot see your private items when they view your archive, and Furl Search (search all archives) is restricted to public items only. We have designed the Furl system to ensure that your private items and topics are secure. We will not sell your email address or privately-stored information, nor share it except in very specific cases described in our Privacy Policy.

Access to the servers that house your archive is restricted to a very small number of employees. Procedures strictly prohibit accessing a member’s information, except when necessary to diagnose a problem or as specified in our Privacy Policy (such as when ordered by a court of law).

We’re members of Furl, too, and demand the utmost respect for privacy.

We kind of believe we are safe, right? Wrong! Let’s re read it:

We will not sell your email address or privately-stored information, nor share it except in very specific cases described in our Privacy Policy.

Again:

except in very specific cases described in our Privacy Policy.

We can put it in music:
except, except, except…
except, except, except in very specific cases described in our Privacy Policy.
And you should thank that this is no podcast.

But more, at the end of the same page:

Important Note
The contents of this page do not replace, modify or supercede Furl’s Terms of Service and Privacy Policy. Please read them carefully before using Furl.

Let’s go and look at the privacy policy. After all those people at furl have our privacy as a top priority. Guess why?
And we don’t need to look very far to understand the true nature of the service:

Who is collecting my information?

Furl usually collects the requested information. However, Furl has chosen select partners in order to provide certain services. In order to use certain services on the Site, it may be necessary to enter information that then goes to our partner and is not kept by Furl.

We contract with Coremetrics, a service partner, to provide us with a data collection and reporting service for our Site. If you access the Site, Coremetrics may collect information about you on our behalf. For further information, including how to opt out of such data gathering, please see: http://www.coremetrics.com/info_eluminate2.html.

In other words: We don’t gather data, we let Coremetrics do it for us. And guess who is Coremetrics:

The company’s flagship product, Coremetrics Online Analytics 2004, is the industry’s only online marketing analytics platform that captures and stores all customer and visitor clickstream activity to build LIVE (Lifetime Individual Visitor Experience) profiles that serve as the foundation for all successful e-business initiatives. Through a patent-pending browser-based data collection technology, the Coremetrics Online Analytics 2004 Data Warehouse gathers and stores behavioral information directly from the visitor’s browser and records interactions in real-time to build LIVE Profiles.

It can hardly get worse than that.

But let’s keep on reading Furl Privacy Policy. After all our privacy is their first thought in the morning. Or so.

How does Furl use my information?

Furl’s primary goal in collecting personal information is to provide you, the user, with a customized experience on our service. This includes, or may include in the future, personalization services, interactive communications, online shopping, and many other types of services. In order to provide services free of charge, we will serve ads using content-targeting technologies, based on the content of your archived items.

But this is not all:

The following describes some of the ways that your information may be disclosed. Please note that this is not a complete list. The ways your information may be disclosed will change from time to time.

So even the privacy policy is not complete.

Or read this:

Coremetrics: Coremetrics may store certain data that we received from visitors to Furl (which may include email addresses), so that we may access this information via their reporting service. Furl will only use information shared with Coremetrics for proprietary Furl purposes. Coremetrics does not have the right to transfer your information to any party other than LookSmart.

Business Partners: LookSmart may disclose your personal information to our business partners in order to provide you with the services on the Site. If you have questions regarding the privacy policy or data-collection practices of one of our business partners, please contact that partner directly.

We are told the information is disclosed to business partners, but we are not told to whom. Yet we are asked to look at their privacy policy to understand what use do they do of this information.

They also spy when are you reading their e-mails:

We may also collect information through the use of “pixel tags” included in email messages we may send to you. Pixel tags are tiny graphic files, not visible to the human eye, that are included in HTML-encoded email messages. When such a message is opened in an HTML-capable email program, the recipient’s computer will access our server to retrieve the pixel tag file, allowing us to record and store, along with the recipient’s email address, the date and time the recipient viewed the email message, that the recipient’s email program is capable of receiving HTML-encoded email, and other standard logging information. The pixel tag also may see or read cookies.

The policy goes on, and forgive me for not analysing it all. I just didn’t have the guts. I understoo what I wanted, and here are my conclusions:

Conclusions
Furl collects personal information, gives this personal information to online partners for commercial purpose, including your e-mail address. Thus I don’t want to use furl and probably neither do you.

In short: Furl Sucks.
Amen.

January 4th, 2005 | Tags: , , , , | Category: dead entries, root | 29 comments