Apr 28 2011

Random Thoughts April 2011

Google Buzz is more Safe for Work (SFW) than Facebook in the sense that it looks like a a typical GMail account and the URL to access it also resemble GMail’s URL. Employers don’t typically block personal email access but do block networking sites. Its so easy to switch between Google Buzz and GMail.

Gutenberg died broke, his problem was that when he invented the printing press he printed the Bible. Ben Bernanke learned that lesson and instead of printing religious tomes he prints cold hard cash.

Between easy and hard, you’ll see a lot less competition if you go for what is difficult and you’ll see a lot more adoption if you make easy what was once hard.

First they seized crack warez sites and I didn’t speak out because I wasn’t a cracker. Then they came for the torret sites and I didn’t speak out because I don’t pirate content. Then they came for offshore online gambling sites and I didn’t speak out because I don’t play poker. The they came for my blog and there was no one left to speak out for me.

Reading about the recent Dropbox security issue and I realized that I have more valuable and personal information in the cloud than in my home. I have family pictures, calendar events for contacts, tax documents, inner most personal writings and journal entries, and much more on Google Docs, Dropbox, Yahoo Mail, and whatever other cloud service I use. Yet police agencies do not require a warrant to access that information but they do to come into my home and conduct a search. The search warrant is now obsolete. Google and other online services has made the search warrant obsolete.

It was recently reported that the US State Department is developing a mobile phone panic button, probably in the form of an app, for pro-democracy activists in foreign countries to erase a phone’s contents when they have are detained by the secret police. At the same time, the US Department of Justice and California’s Supreme Court have upheld the right of police to search the contents of a detained person without being arrested or having a warrant. Police are using digital equipment that can read all of the data in a phone in minutes at the point that police has stopped someone. Welcome to the future of pre-crime proactive policing.


Feb 2 2011

Dude, Where’s My Search Results

Google just hit a new low by accusing Microsoft of stealing their search results. This just seems like an unbelievable link bating ploy on part of Google that might have back fired. At first I thought I had read the headline wrong. If I would think of any tech company would air their dirty laundry in a public forum I would have thought it would be on Microsoft’s part.

Here is how this tech “he said, she said” came to be. Danny Sullivan of Search Engine Land wrote a blog post where Google acknowledged that it ran a covert Bing sting operation that proved that Microsoft’s Bing’s search results are in some way influenced by what users search for and click on Google’s search engine. This whole secret operation ran by Google reminds me of the HP spying scandal of 2006. Amit Singhal, a Google Fellow in charge of this operation, went on to compare Microsoft Bing’s actions to copying and cheating and other mean evil stuff.

Apparently, all this came about because of misspelled search terms. As Danny Sullivan of Search Engine Land describes, Google noticed that Bing’s search result for misspelled terms were similar to Google’s. Over at the official Google blog, Amit Singhal went on to describe the methodology used by Google to prove that Microsoft’s Bing uses Google search results in some capacity. To prove their hypothesis, Google gave engineers Windows’ laptops with Internet Explorer with Bing Toolbar installed and invented crazy words like hiybbprqag that when searched on Google would return completely unrelated search results. These same search results where found in Bing some time later for these made up search queries.

If this is true, this does prove to a high degree of certainty that Microsoft Bing uses, to some capacity Google search results, at least for made up search queries, or “synthetic queries” as Amit Singhal described them. This does not prove that all or 80% or 10% or any significant percent of Microsoft Bing’s results are copied verbatim from Google, as Amit would have you believe. What is also clear but downplayed behind the link bating headlines and accusations is that Bing does not scrape in any scale Google’s search results. In fact, Bing does nothing more than what Google already does. Google has a large number of tools in its arsenal where it collects online traffic and user data no matter what search engine was used. Google is monitoring and tracking the whole web with its search, analytic, ad network, browser, and mobile products and platforms

What I find amusing, is that gall and hypocrisy of Google to accuse Microsoft of monitoring the search terms and queries on search engines and the websites visited from those search results. Every time you search for a term on Google, that is recorded and associated with your account. Every time you click on search result from Google, that is recorded and associated with your account and your search term. If Google collects this data, I am think it might be fair game. Not only does Google collect this the search term and corresponding website you visit, but does the website you visit and their ad network.

I would also question the timing and the motive of publishing this now and this manner. Google has recently come under fire for the spam results taking over their search results and on how they tracks and monitors users’ online activities. It’s widely known that Google collects and uses just about every piece of information it can gather from end users in the development of their products. Google Voice is improved by having millions of users correct Google’s automated voice translations. Improved speech to text translations are then rolled out into other products and projects, such as this speak2tweet Twitter account that transcribes voice messages left on free public phone numbers and tweets them. It is also known that Android, Google’s mobile platform, is a used to improve Google’s local service and I’ve already written about how Google’s Chrome OS laptop will be used to feed even more user data into the Googleplex.

Instead of spending over a half a year on a sting operation of this size and scope they could have better spent their resources. This smells of bad PR to deflect some of the heat Google has been attracting for their spam-ridden search results and privacy issues. Google is just calling the kettle black.

The links below are additional coverage, analysis, and opinions of what one Blogger has dubbed Bing-gate.


Jan 4 2011

The Google Chrome Notebook

Google publicly announced Chrome OS in back in July 2007. They’ve been busy building a lightweight browser-powered and cloud computing-enabled Operating System. Recently in, December 2010 Google announced a test pilot program for a Chrome OS notebook dubbed Google CR-48. On the day of the announcement, some insiders already had the CR-48 in hand but Google also opened up the test pilot program to the general public via a signup form. The signup was targeted to developers, educators, and individuals alike. By way of a Christmas miracle, I was able to land a Google CR-48 and have been using it for days now.

As soon as the details of the Google Chrome Notebook were made available I was immediately in love with the Google CR-48. It’s basically an ultra light weight cloud computing client running a slimmed down web enabled Operating System. The CR-48 is as portable as an iPad but with a full keyboard. The CR-48 has a smart track pad that supports iPad-like touch gestures. The CR-48 is always on, just like an iPad or Mac Air, so there is no boot up time when all you want is just check your email or post a tweet. That said, the CR-48 is not a official product and that is evident by the simple black frame, it’s even without a trace of corporate logo or Intel inside sticker. Because the CR-48 is not a official product, I won’t say much about the industrial design and finish of the hardware other than to say that unlike the iPad, it has a USB port and a SD slot.

Google Chrome CR-48 Notebook

Google Chrome CR-48 Notebook

As soon as you open the CR-48 it turned on magically and prompted me to sign in. Unlike the iPhone or iPad, the CR-48 doesn’t require you to connect to a computer before you can use it. After some setup steps, you can sign in and take it for a run. As soon as you log into the device, you will see a Chrome browser taking up the whole screen with a single tab. It does take some time to realize that the CR-48 is a laptop with just one application, a browser. That is all it is, a browser. There is nothing to see, move along, it’s only a browser. Your desktop is your default page as shown in a Chrome browser. It merits repeating, the Chrome CR-48 only has one installed application, a Chrome browser.

As soon as you log into the CR-48 you find a browser in full window mode and if configured correctly with your home’s WiFi, you can start surfing the net. I’ve been using the CR-48 for reading blogs, checking email, liking status updates on Facebook, and accessing the web applications I use on a daily basis. Google does have a Chrome specific Web Store where you can install free and paid applications but I’ve not found anything of interest.

Aside from the technical specification of the Google Chrome CR-48 notebook, what is more interesting for me is that this is the first cloud computing client, a sort of Web 2.0 Thin Client. I am a avid user of Google Docs, GMail, WordPress, and other online services that have a large amount of my data in their respective ‘cloud.’

Realizing that this is a cloud client, privacy issues and data mining concerns immediately become apparent. It is already known that Google saves user searches and that with this and other identifying data they modify search results. It is already known that Google Adsense ads are targeted to the sites you visit. Can you imagine how valuable your browser history and usage statistics is to a company like Google? Google has a large amount of identifying information with from all angles of your browsing experience, from Google Search, Google Adsense, Google Analytics, and now Chrome and it’s Chrome notebook. I can see a future where Google would be giving away Chrome and Android-based devises for free because they can collect so much valuable information and up sell users with highly targeted ads.

The CR-48 is a great little notebook but a machine like that would never replace my laptop. At this time and with it’s current specifications, it can’t handle the hundreds of pictures I am known to take over a weekend, it can’t handle the gigabytes of video I take on a trip, and as great as Google Docs is it’s still not Microsoft Office. I see the CR-48 as a great web surfing machine while TV surfing.


Mar 28 2010

Check if Someone Hacked Your GMail Account

The Chinese government might not be trying to hack your Google Mail account but maybe your ex has. The most common security violation is a significant other or an ex hacking into, logging into without authorization, into a email account. Google Mail has a small feature that allows you to check the activity for your GMail account to see if there are unauthorized logins.

Once you have logged into GMail, scroll all they way to the bottom, between the Google copyright and the available storage capacity you will see a line that reads like the following: Last account activity: 33 minutes ago on this computer. Details.

Clicking on the Details link will popup a window that shows you activity history for your GMail account. The Details page will list the IP address of each time you account was accessed, the date/time of each login, it will show the number of logins from the current session.

You will get a different session each time you login, for example when you use a different computer, etc. Since you can track the date/time, IP address, and session for each login you should be able to verify the activity of your GMail account. This should be enough information for you to spot irregular activity.

From the account activity Details page you can log out from all sessions by clicking the “Sign out all other sessions” button. This will log out all sessions from all computers, for example if you forgot to logout from your schools computer, etc. Signing out from a session would require users to sign back in with your username and password. If you spot irregular activity in your mail account, you should consider changing your password.

If you find mysterious IP addresses in you account activity you can Google for any number of web sites that can track an location to your IP address. These services are not accurate to the city, it might report a city 20 miles away from the actual location but location to IP address services might provide additional hints to track down the location of where your account was accessed.


Mar 8 2010

Facebook, Zuckerberg, and Plain Text Passwords

Speaking about the public allegations that Mark Zuckerberg, alleged founder of Facebook, hacked into Harvard school email accounts of rivals and school journalists Kevin Rose said that the allegations don’t even sound technically possible. The way the allegations are described, Mark Zuckerberg used the passwords of Facebook users he wanted to track on other systems. Since many online users tend to have one or two different username and/or passwords, if you have the password for on online service you might guess a the login password to another service for that same user. Clear text passwords are a real security concern. On This Week in Tech # 238, Kevin said, “I doesn’t make sense, I don’t see it happening. … Nobody really stores passwords in plain text anymore, I can’t imagine Facebook would have done that.” I’m a fan of Kevin’s Diggnation podcast but I have to call him on this social media bullshit on technical grounds. It might be that his social graph is clouding his judgment. The sad truth is that even today, some large companies have be called out for storing passwords in clear text. In fact, a long time sponsor of Diggnation, Go Daddy was recently accused of storing passwords in plain, clear, simple to read text. Surely, he must have known or heard of the Go Daddy privacy mishap. His explanation that no one really uses clear text passwords anymore is very naive, it sounds like the advice given in the many tech conferences that Kevin is known to attend. I very much doubt that some “copy and paste” programmer in some college dorm room in 2004 would develop a website with 2010 best practices and user experience.

I would hope that Facebook does not employ practices such as these now, but I sure don’t trust them with my account and do the bare minimum on Facebook that is required to keep up with friends. An anonymous Facebook developer in an interview stated that any Facebook developer can impersonate any user and all data is unencrypted so any developer can possible run SQL queries to look up your data.

You have to think about it, for a social networking site, why can’t you befriend it’s founder, Mark Zuckerberg, like in other sites. I mean, Tom is in my top eight on MySpace. Don’t trust the 800 pound gorilla as far as you can trow it especially if it is riding the elephant in the room.