Ho John Lee’s Weblog

Here’s the Bay Area Red Cross donation page for Hurricane Katrina relief funds. You might find it’s not responding, I tried it unsuccessfully several times today, finally got all the way through the process a little while ago. Hopefully that’s a sign that many other people are trying to donate online.

New Orleans is one of those places I always wanted to visit sometime but hadn’t gotten to yet. Looks like I won’t have that chance, at least not the way it was. The images and stories from the past couple of days look like outtakes from Escape From New York meets the Poseidon Adventure. Aside from the acres of flooded and shredded buildings, I find it astonishing that basic law and order has collapsed to the extent and duration that it has.

I hadn’t stopped by the SDForum Security SIG in a while. A few notes from last Thursday’s meeting in Palo Alto:

Gerhard Eschelbeck, CTO at network security company Qualsys, gave a presentation on his analysis of aggregated vunerability data. Their company provides network vunerability scanning and monitoring services, and the 2004 data set used in his study includes over 14 million IP scans, both within corporate firewalls and on the public network. They turned up over 3 million exposed critical vunerabilities, or just over 20% of the scanned systems.

He’s publishing a monthly list of the top 10 internal and external vunerabilities, along with his report on the Laws of Vunerability.

Google Announces Plan To Destroy All Information It Can’t Index. (via Batelle’s Searchblog)

MOUNTAIN VIEW, CA—Executives at Google, the rapidly growing online-search company that promises to “organize the world’s information,” announced Monday the latest step in their expansion effort: a far-reaching plan to destroy all the information it is unable to index.

I haven’t looked at the Onion in a long time. Good fun…

A couple of days ago I wrote about the unsolicited SMS message I received on my Cingular Wireless cell phone, inviting me to download some antivirus software from McAfee. Unfortunately, the source of the message was unidentifyable, meaning that anyone willing to downloaded the binary package would be just as likely to have picked up malicious code as an antivirus package from Cingular.

Apparently it really is from Cingular. I’m happy that they’re trying to provide a useful service, but this is a case where they’re educating the customers to behave in a counterproductive way. There’s no mention on the Cingular site, because this is a beta program.

Darla Mack writes:

On August 25th a small number of Cingular subscribers(including some Pre-Merger subscribers) received text messages alerting them of a new service provided by McAfee. Apparently, some of these subscribers had been infected by the Commwarrior virus. As you know, the Commwarrior virus can be spread via Bluetooth and/or MMS ad only affects devices running the Symbian OS.

• Splog Reporter : Cleaning up the blogosphere one splog at a time.
  new project to collect a list of user reported blog spam sites
  (tags: blogging spam search collaboration)
• The Old New Thing : A visual history of spam (and virus) email
  graphic and writeup of spam traffic volume over the past few years
  (tags: spam visualization)
• JHymn Info and Help
  open source utility for removing AAC DRM from iTunes downloads
  (tags: media music mp3 aac drm apple itunes ipod software tools)
• McSweeney’s Internet Tendency: Klingon Fairy Tales.
  titles such as “Jack and the Giant Settle Their Differences With Flaming Knives”
  (tags: geek humor startrek klingon fun)
• MESSENGER: MErcury Surface, Space ENvironment, GEochemistry, and Ranging
  Movie sequence of Earth, taken by departing space vehicle. Like Google Earth, but real.
  (tags: earth science space video visualization)
• One Week of Google Maps - Part 1 - John Resig
  seven part series on using the Google Maps API
  (tags: google googlemaps api howto mapping programming javascript)

Pandora officially launched this morning. It’s been over a week since I signed up for an account and I’m still using it. It’s specifically designed not to provide on-demand streams, but I’m getting the hang of steering Pandora into building playlists that have what I want, which is almost better than on-demand, since I don’t have to actually build the playlist myself.

What I really wish for is a sane way to make my personal digital media effectively (and legally) portable across my networked environment. Pandora will be providing $36/year streams of interesting-but-not-on-demand music, Rhapsody provides on-demand music subscriptions at $100/year, and iTunes Music Store provides downloadable purchases that may or may not work elsewhere on the network and won’t survive a computer transplant.

This weekend was the Palo Alto Festival of the Arts.

• magpiebrain - A comparison of Django with Rails
  detailed discussion on Ruby on Rails and Django (on Python) web development frameworks, deployment
  (tags: rubyonrails django python programming software ajax)
• Planet Planet!
  Feed aggregator and templating toolkit for building sites from merged feeds
  (tags: aggregator rss python blog software server tools)
• Cooking For Engineers
  an engineering-flavored interpretation of assorted recipes
  (tags: cooking food recipes geek blogs fun)

Today was equipment pickup day for the Palo Alto girls AYSO soccer league. Big pile of soccer balls.

• Behaviour : Using CSS selectors to apply Javascript behaviours
  how to avoid inlined
  (tags: ajax application development programming javascript howto css)
• Dan’s Web Tips: Graceful Degradation
  notes on web coding styles to accomodate recent and older browsers gracefully
  (tags: javascript software programming)

This turned up on my cell phone a few minutes ago.

I have no idea whether this is really from Cingular or not, but I’m sure some trusting people will go ahead and click the link.

It’s unauthenticated, sent to my phone via WAP push, with no way to verify that the originator is Cingular, McAfee, or an affiliate. They want me to download a binary and run it on my phone. Just lovely.

I hate the fact that its just as likely to be from an attempted security exploit as it is from Cingular. There’s no obvious mention of this on the Cingular public site, customer service site, or a quick Google search on Cingular and McAfee. Unfortunately, Cingular, like the other wireless service providers, tends to be poor at communicating with subscribers, other than attempting to upsell and cross sell services, so your guess is as good as mine whether this is authentic.

• Dorrian Porter’s excellent video summary of the weekend at Barcamp
  with CC-licensed soundtrack by My Morning Jacket (from Wired CD)
  (tags: barcamp fun video music creativecommons “palo alto”)
• Ojos
  interesting startup applying face and text recognition to auto-tag photo collections
  (tags: startups photos media search tagging)
• Top 10 External & Internal Vulnerabilities - Qualys
  list of top network vunerabilities, updated monthly
  (tags: network security)

Ojos is the working name for a startup that’s building a photo site with automatic tagging through face and text recognition. Here’s a sample photo of a Treo, annotated with the words their technology can recognize.

From Rob Hof on his blog at Business Week:

Munjal Shah, onetime cofounder of the auction services firm Andale, finally let slip on his new blog what he’s been working on since leaving last year. As he writes: “I am co-founding a company because I found I had 31,246 photos all named DSC0009.jpg.” In other words, his startup, tentatively named Ojos (Spanish for “eyes”), is creating a new way to search and organize photos.

Over at Munjal Shah’s new blog, he elaborates further:

Dorrian Porter has assembled a wonderful video (55MB .mov) capturing the feel of the past weekend at Barcamp, hosted by Laughing Squid . A great job of compressing the idea of the weekend into under 4 minutes, using commodity video and computing tools. It’s still beyond the casual consumer, but this level of production would have been remarkable (and expensive) even a few years ago.

Dorrian’s post discussing the selection and use of the Creative Commons-licensed music (in this case, “One Big Holiday” by My Morning Jacket) is also interesting.

Now, I am a lawyer and I have to say that it wasn’t as easy as the good folks at creative commons made it out to be to figure out my rights.

I’ve spent a few days now playing with the prerelease “friends and family” version of Pandora, the “music discovery service” demoed by Tom Conrad at Barcamp last weekend.

Summary
Some quirks, but overall really good, and easy to get going. Unlike some other services, I’ve been running it most of the time I’ve been at my desk for the past few days.

Discussion
My personal taste in music is simultaneously eclectic and encyclopedic in some areas, yet with odd gaps. Using Pandora, I’ve been able to think of one or two songs, albums, or artists that’s representative of what I want to hear, and it will come up with a fairly decent playlist of similar tunes.

• MedGadget.com — Internet Journal of Emerging Medical Technologies
  Like Engadget, but for interesting medical and bioscience devices
  (tags: medical gadgets hardware science health medicine)
• Discover New Music - Pandora
  demo at barcamp - streaming music service, find similar music based on music genome database of similar musical attributes
  (tags: music flash startups)
• Mobido - social photo sharing site
  demo at barcamp - send photos from camera phone or email to location based or interest based groups
  (tags: photos social web mobile cellphones)
• The Personal Bee
  demo at barcamp - builds a personal news site by aggregating and weighting keywords from user selected feeds
  (tags: rss aggregator tools feeds blogs)
• microformats
  presented at barcamp - lightweight structured data for embedding calendaring, contact, and similar data in web pages
  (tags: microformats web standards xml api blog software publishing tools)

I spent the whole day this past Saturday at Barcamp, arriving at 10am and not making it all the way out the door until almost 1:30am. I didn’t know any of the organizers beforehand, so it was nice to be met by someone (who turned out to be Andy Smith) keeping an eye out for new arrivals.

I’ve been working with so many either geographically dispersed or very buttoned down corporate teams lately that it’s been a long time since I’d spent this much time in non-stop, face-to-face, somewhat random yet unpredictably creative conversations with a bunch of just-do-it tech hackers. Spent the entire time there going from one interesting presentation to another, with several interesting discussions thrown in along the way.

It’s been a month or so since I filled up the tank, and we seem to be on our way toward European gas prices. A completely dry tank is a little more than 24 gallons, so the price of gasoline will have to hit $4.17 or so before cracking the $100 mark for a full tank. This week’s price at the local Arco is $2.92, so there’s still another 43% increase before that happens.

Our household is relatively insensitive to the changes in fuel prices, since we drive so little, but people who commute from places like Pleasanton, Modesto, or Los Banos into the Bay Area have got to be feeling like there’s a hole in their wallet.

On the positive side, if fuel prices stay high, it’s going to help alternative transportation and energy systems become economically viable.

See also: $62.25 to fill the tank

This week is the start of the Palo Alto school year. It’s earlier than usual this year, which makes for an abrupt transition from summer mode into school schedules. I always enjoy seeing how much the kids have grown over the summer, the flag ceremony, and the parents’ welcome coffee.

I had an excellent weekend at Barcamp. I’ll write a proper summary later, but wanted to say congratulations and thanks to the organizers, sponsors, and volunteers for putting together an outstanding, fun, and friendly event.

Flickr photos for barcamp or barcamp05

Update 08-26-2005 23:56 - My notes from Barcamp, and a pointer to Dorian Porter’s excellent video.