Spoiled by Ruby

I’ve been doing a lot of Ruby work lately and love the concise yet readable syntax. But its also tainting my appreciation for other languages. Instead of writing this in Ruby…

return if (!something)

… PHP/Delphi/C++ makes me write something like this:

if (!something) {
    return false;

Of course you can pull off this one-liner PHP/C++, but its nowhere near as readable as the Ruby version, especially when something is an expression of any complexity.

if (!something) return false;

Ah well.

Fear MSN More Than Google WIFI

Scoble is afraid of Google WIFI because Google could mine usage data to build a better search engine. His fear seems rooted in the prospect of MSN falling further behind Google in the search engine wars, but he mixes in a little "big brother is watching" too.

Well, if you own the last few yards in between people and the Internet you can really learn a lot. You can watch everything those people click on, what pages they visit, what browsers they use, how often they turn on Skype, and a lot of other stuff.

Does anyone else see the irony in this? We’re supposed to fear a micro-ISP when Microsoft could be monitoring many more users through its mega-ISP MSN. How much attention data is MSN mining? Are we supposed to trust Microsoft more than Google? Is MSN watching "everything people click on, what pages they visit, what browsers they user, how often they turn on Skype…"?

When Will Gmail do RSS?

I’ve been using Gmail exclusively for personal email over the last few weeks. The transition was easy – just forward legacy accounts to Gmail and setup Gmail to send/reply using these addresses too. Fast, super-threaded email available from any connected computer. No more synching gigantic Outlook PST files between desktop and laptop.

I’m struck by the relevancy of the Adsense ads I see next to my email conversations – soccer ads, triathlon ads, programming ads…

It begs a question – why isn’t Google making money off of RSS feed content? They already use context-sensitive ads to monetize search, web and email content – so why not RSS feed reading? I’m not talking about embedding Adsense in feeds (written on that before) but about a Google-powered feed reader. Like Gmail it’ll be as fast and functional as a desktop app but accessible from anywhere.

Google’s leaving money on the table by not making it easy for me to read my feeds from Gmail, and Google doesn’t leave money on the table. That’s why this is a WHEN and not a WHY question.

Fooling the MS Phishing Filter

About a month ago I predicted the death of the IE7 phishing filter based on sketchy details of the MS implementation. Since that time, MS has also released an antiphishing plugin for the MSN toolbar and the IE blog has released more details about how the phishing filter works. After analysing the blog posts I stand by my prediction.

My previous reservations still stand and I have several others I will cover later. Here’s the zinger for today: for sites that aren’t on the block list, the MS approach will be easy for phishers to circumvent.

A little background. In an attempt to "anonymize" the data it sends home, IE7 removes query strings from URLs. The query string is anything after the (?) in the URL. Instead of phoning home http://example.com/?username=adam they will send home http://example.com/. Its great the MS wants to protect privacy, but they’ve also opened up an easy way for phishers to beat the system.

A smart phisher will return different content to end users (browsing the URL with the query string intact) than it will to the MS phishbot. The end user gets a scam site and the MS phish bot gets innocous content.

The fundamental flaw in the MS approach is that the analysis is performed on a server instead of on the client, and the client and server may be looking at entirely different content. Smart, client-side phishing detection engines like ScamAlarm don’t have this problem.