Solutions for my unique needs

From Navision.com:

Use Microsoft Solution Finder to search for solutions developed by Microsoft Certified Partners to meet the unique needs of your business or industry.

Well, if my need is unique, it does not seem likely than anyone has developed a solution, does it?

I love marketingspeach.


the vulnerabilities that might be exploited by the threats

In BS7799-2:2002 4.2.1.d.3 I read the following:

d) Identify the risks
  • Identify the assets [...]
  • Identify the threats to those assets.
  • Identify the vulnerabilities that might be exploited by the threats.

The standards document does define a few terms, but not threat, vulnerability and exploited.

Now, my computer is an asset that is threatened by interruptions in electric power supply. But it does not make sense to say that the power supply exploited a storm to stop my PC?

Is BS 7799-2:2002 written on the assumption that all risk is caused by deliberate attacks?

Looking at Security in Computing by Charles P Pfleeger, ISBN 0-13-799016-2 section 1.2:

[...] an exposure is a form of possible loss or harm [...] A vulnerability is a weakness in the security system that might be exploited to cause loss or harm. A human who exploits a vulnerability perpetrates an attack on the system. Threats [...] are circumstances that have the potential to cause loss or harm; human attacks are examples of threats, as are natural disasters [and] human errors[...] a control [BS 7799-2:2002 3.11 risk treatment] is a protective measure

By BS and Pfleeger definitions, my power line is vulnerable to sabotage, but not to storm damage. Hardly a useful definition. I can't say that the storm is a threat that exploits the vulnerability of the power line. I need a new word. the storm is a threat that xxxes the vulnerability of the power line. Any suggestions?

I want to remove exploit from the definition:

vulnerability
a weakness in the security system that might cause loss or harm

tags: BS 7799-2:2002 threat exploit vulnerability security ISMS Information Security Management System security ISBN 0-13-799016-2


sitemaps.org

Sitemaps.org - very much less than RDF

It does e.g. not seem possible to state that two URL's return the same resource? That is how I read the FAQ, anyway?

Several different loc elements in one url element should be the obvious way to do that. Then again, if you were thinking like me, you would use other element names, I'd say that one page element should contain one or more url elements.

Much less is this protocol able to say that the different sizes of the same image is indeed the same image.

tags:


AKG Hearo player SE

My comment to on the Hearo Player SE:

OK. But I really don't want a PC dangling from my earphones. What about a version that can convert .wav or .mp3 files to headphone friendly format, for playback elsewhere?

Hearo player screen shot?

tags:


CMS language management

Sansir.net sprogstyring describes that they can manage different content for different languages. To me, that sounds like isolated sites for each language, rather than 'management'.

If you don't read Danish, clicking the Union Jack will illustrate my point. You will not be taken to an English description of their language management, you will be taken to the home page of the English site.

To me sprogstyring (language management) implies that pages with the same content in different languages are linked to each other.

sansir.net

tags:


Sender ID Ineffective Against Spam ?

Research Determines Sender ID Ineffective Against Spam

They determined that e-mail coming from an IP valid for the sender address may well be spam. Of course it may - the SPF record is only useful in connection with a white list of addresses or domains. But once white lists can be trusted, we can apply stricter filtering on email from non-verified addresses.

They further complain that validating the sending IP yields 8.6% false positives. Maybe so. But these false positives are mainly from large organisations - they are the ones who send mail from an IP different from the one listed in their MX record. Once a significant number of receipients require IP validation, the senders will get their SPF records in place within hours.

Sender Policy FrameworkSender Policy Framework

tags:


RDF and http: URIs

I just had a look at the RDFa Primer 1.0 working draft.

I generally appreciate this plan for embedding RDF data in XHTML. But I still have a problem with RDF's use of http URIs to identify non-digital resources.

E.g.

<p class="contactinfo" about="http://example.org/staff/jo">

to indicate that this is contact information for the person described at http://example.org/staff/jo.

The URL http://example.org/staff/jo retrieves a digital web page, not a living person. Thus, the URI http://example.org/staff/jo identifies that web page. Not the person.

Using http://example.org/staff/jo to identify the person, is at best ambiguous. (Common sense may tell us that the contact information is for the person, but all this is about interpreting data without common sense.)

We are in bad need of some way to specify if http://example.org/staff/jo is to identify the retrieved resource, or if it should be further de-referenced to identify the subject of that resource, in this case Jo Smith.

Tags:


Trackbacks and the semantic web

Trackback links define the structure of blog entries that are commented, and the entries that comment them. This is usually a small tree structure. (In principle it is a directed graph.)

There are three kinds of links involved:

  • The trackback URL of the commented entry. In this blog, it is not even coded as a href, but as text. The machine semantics are well defined: This is where the commenting blog's application reports to the commented blog's application. But the machine will usually have to rely on the human to find the trackback URL

    The trackback URL has no other meaning for the human.

  • The link from the comment to the commented entry. Not always present, but it usually makes sense to say what you are commenting on.

    Mainly for human use, but would also be useful for applications that map the comment structure in a database.

  • Links from the commented entry to the comment. Automatically created by the trackback ping, but might be subject to filtering.

    Again - mainly for humans, but could also be useful for spiders.

I suggest that these three kinds of links should carry semantic attributes:

  • The trackback URL could maybe have rel="trackback". A new link type is needed, it does not fit in with existing link types listed at W3C. More link types are available at Dublin Core's DCMI Metadata Terms, but nothing that gets close to describing a trackback ping URL.
  • For the link from the comment to original entry, I suggest rel="dc:references". That is a more general term than comments, but that should not be a problem
  • The link from the original to the comment, is the same type, but in the opposite direction, so rev="dc:references" is a natural choice. (dc:references has an inverse, dc:isReferencedBy, but I think a rel/rev pair is more elegant. dc:references is also a more direct property than dc:isReferencedBy)

What to gain:

  • Third party applications could supply the tree structure found in on-line forums to the - usually linear - discussions found in blog comments
  • Verification: Pretty much anyone can fake a trackback ping from anywhere. If the pinged blog can find a rel="dc:references to itself in the comment, that is proof that the trackback is intended by the comment's publisher.
  • Vanity: It the comment does not link to me, I will not link to the comment.
  • Deletability: If the commented application demands a rel="dc:references link, the commenting application could delete the trackback by removing the rel attribute, and re-ping.

Tags:


HaloScan trackback encoding problems

Technology Evangelist has a trackback to Of Paddles and Planes.

But the HaloScan.com page that keeps track of Frogma's trackbacks has encoding problems. In the original post there is an en dash: home base ? Salina, Kansas. In the trackback list, this is represented as the windows-1252 string home base ā?? Salina, Kansas. (The trackback list is declared as iso-8859-1, but that character set does not include the Euro-sign.)


I have two error reports for blogspot.com

I have two error reports for blogspot.com. As I don't know where else to send them, I post them as comments.

  1. http://frogma.blogspot.com/2006/03/of-paddles-and-planes.html is XHTML, but it is not well-formed XML. The problem is that the system lets you write unescaped ampersand, "fast & manueverable" rather than escaped: "fast &amp; manueverable".
  2. The trackback page is declared as iso-8859-1, but contains invalid characters. In iso-8859-1 the hex bytes 80 and 93 are control characters. In windows-1252, they are the EURO SIGN and the LEFT DOUBLE QUOTATION MARK. But in this case, they are probably the result of failure to decode UTF-8 ?

Could you please forward this somewhere?

(I discover such nerdy stuff because I am considering an ASP.NET/xml application for mapping trackbacks as an exercise.)

Submitted to Google Groups: Mal-formed XML and unescaped ampersands Trackback contains iso-8859-1 control characters


A strange F-16

Frogma has an article on aircraft wings and paddles. With a photo of a strange F-16:

F-16XL?

Does not look like the F-16s roaming my native Norwegian skies, they have a cropped delta along with horizontal tail surfaces .

Might be the F-16XL. Not that this affects her argument in any way - the delta-winged aircraft in her photo is a better illustration than the 'normal' F-16 would have been.

Publicity photo from the Royal Norwegian Air Force:

332 squadron - united we fight


Scraping our own site

Scobleizer tells about Feed43.

Took a bit head scratching to get the patterns right. But as long as the CMS behind the page does not supply feeds, landsbank-fo.xml seems a reasonable alternative.

more feeds:


Art by accident

In IE6, I feel like output.xml is art by accident. (IE6 does not quite handle the CSS table styling defined in table.css.)

Art by accident


Looking at Steganos Internet Anonym

I have had a look at Steganos Internet Anonym. Some remarks:

  • You have to trust Steganos itself; if Steganos is corrupt, you are better off without it. But small fry need not fear - if they out too many customers, their cover will blow.
  • It is terribly slow. Which again means that Steganos use is an indication that you really have something to hide.
  • I tried to use an echo script to see what happens to e.g. COOKIE and REFERER. But the response was so slow, I did not hang around to see the response.
    Update: After a 602LAN SUITE č limitato! error, I finally found that cookies, referers,user agents etc. are still present in the HTTP header.
  • Steganos is incompatible with my HTTPLook sniffer. So I suspect that a http request travels unencrypted from my browser til the Steganos server. If so, that leaves me vulnerable to net based sniffing in the local ethernet or wifi. Which is where spouses and bosses usually lurk. As spouse & boss will probably not tolerate the presence of Steganos, there might be a market for a version running uninstalled off a USB memory stick? (Anyone with a net based sniffer care to comment?)
  • I suspect that Firefox RSS bookmark requests somehow slip around Steganos, I'll have to look into that.
  • The Steganos servers will attract intelligence services like honey. They don't even need to infiltrate them, they can just watch the request traffic entering the server. Or - if requests are SSL-encrypted, they can still learn a lot by comparing the traffic in with the traffic out.
  • If I ran an intelligence service or were fighting child porn or just terminally curious, I'd offer a service like this to collect information. And I'd make sure it was slow, to improve on my signal-to-noise ratio. (I once had a summer job that included listening in on phone lines for diagnostic purposes. Believe me: random eavesdropping is not very entertraining.)
  • Steganos is running a HTTP server on the client. I fail to see the wisdom of that. Not that I suspect malice - they can spy on their customers at their servers, and need not install spyware.

    But running a server is always risky - one risk is that people may scan it and see that you run Steganos.

To conclude: Probably OK to stay anonymous at the server side. But maybe less effective when hiding from The Spouse or The Government. Could be useful for congressmen's aides who engage in Wikipedia edit wars? No, Wikipedia would block the IPs.

tags:


Exporting Excel graphs

The graph in graf.xls is jagged on screen, but looking OK when printed to PDF or paper. Even at 800% zoom, it looks OK in PDF. But if I export it from Acrobat to PNG, it gets jagged again.

A screenshot from Acrobat is a lot smoother than the Excel screen. But it is not perfect, and it is quite a detour to get a graph image from Excel.

Is there any easy way to extract good images of graphs from Excel?

The graph in graf.xls is jagged on screen, but looking OK when printed to PDF or paper. Even at 800% zoom, it looks OK in PDF. But if I export it from Acrobat to PNG, it gets jagged again.

A screenshot from Acrobat is a lot smoother than the Excel screen. But it is not perfect, and it is quite a detour to get a graph image from Excel.

Is there any easy way to extract good images of graphs from Excel?

Update 1:

exports nice GIF-graphs. from WMF copied and pasted from Excel.

But Xtreme can't handle all Excel metafiles, it can't paste the metafile that is pasted into metafiles.doc in WMF and EMF versions.

Update 2:

Incredibly fast response from Xara, the answer arrived on the heels of the autoresponse. They tell me that there are problems with older Excels too, but that OpenOffice Calc works fine.

I tested Excel 97, and that didn't work. OpenOffice 2.0 worked fine, but Calc does not display all our graphs like we are used to from Excel.

Update 3:

Adobe Illustrator loses the styling of the axis. The graphs are soft and nice, but so are the characters.

Update 4:

The solution is probably to wait for Excel to render smooth curves on screen. (Or for the displays to get enough resolution to render fonts that are meant for paper.)

tags:


Memory stick cap

memory stick vs pen caps

I still have the cap of my USB memory stick. But I will probably lose it quite soon.

At least since the Duofold from 1921, pen caps have been parked at the other end of the pen when not in use.

Moving that idea to the memory stick should be quite a nobrainer? Or is someone sitting on a U.S.patent for "Structural adaption of electronic computer memory stick to prevent accidential loss of protective connector cover"?

tags:


Frappr! Friends map (β)

Frappr! is a web site for mapping friends, e.g. friends of Qajaq USA.

But my attempts to add Greenlands Nights at Flatoyri 2003 fails, because Flatoyri is invalid city. Fair enough, they can't possibly list the names of every little place where you can have a kayak.

But I know that Flatoyri is at 66ŗN 23ŗ30'E, and I have coded that information in the HTML head. When Frappr! comes out of beta, I hope it offers at least one way to use that information. I could type it directly in the form, but I'd prefer Frappr! to get the position directly from the HTML head, like geoURL does.

tags:


http://af/

Åge Utnes told me to look at the workings of http://af/ in various browsers. The results will probably vary with user configurations, but here are the results for my account on this PC:

IE6

Does not find the host af, and does no HTTP request at all. Surprisingly clean behaviour for a Microsoft application, but that is because I have configured IE not to search from the address line. Even an ayatollah like me could accept a silent retry at http://www.af/.

Even with address line search enabled, IE will not search when http: is specified. Good!

Firefox 1.0.7

Firefox 1.0.7 used Google to figure out that AF means Arbejdsformidlingen.

I'm pretty sure I disabled that once, but I can't remember where to do it.

On another machine, I ended at the U.S. Air Force, which has a certain perverted relevance.

Opera 8.5

The slightly outdated Opera 8.5 makes a guess at www.af.com, without warning me. I think http://www.af/ would be a much safer guess, because the host www.af is under the authority of the domain af

Yes, I said safer guess, having a browser silently going to another place than the one I asked for, is a security issue. But in general, substituting www.[domain] for [domain] should be safe, if the administration of the domain is doing its part.

What does http: mean?

Unlike IE, both Opera 8.5 and Firefox 1.0.7 will search, even when I explicitly type http:.

Even worse, they start searching silently on the link to http://af/, that is incredibly stupid. If I want to link to a Google search, I do so.

In this respect, Internet Explorer is clearly the serious browser. Maybe too serious, in not suggesting http://www.af/ as an alternative to http://af/.

tags:


Cleaning up my 10MB corner of the world

Two useful tools to find the blubber at my web site:

Flash and SVG

Adobe SVG Adobe buys Macromedia. What does that mean for and ? Maybe Flash will use the open SVG format? Maybe Adobe will kill its SVG support?


Fahrkunst

Fahrkunst This little animation is my contribution to the public's understanding of the noble .


Who's Got My Keys?

Newsweek International Edition

In Who's Got My Keys?, Newsweek's John Sparks hopes that

By the end of the decade, biometric security measures could put the keyloggers out of business

Sorry - biometrics are of little use in protecting transactions from a home PC. You can steal the input from a biometric device just as easily as from a keyboard.

While my password is secret, my biometrics are more or less public. My fingerprints are all over the place, my DNA can be picked up from my coffee cup.

I do not use the same password at my bank and on suspect discussion boards. But I only have two eyes, once I have used my retina to identify at one site, that site can impersonate me at another.

While we wait for a total remake of input device security in the operating systems, one-time passwords provide a low-tech, but much safer solution than biometrics. One-time passwords can be stolen by hand, but not wholesale by spyware.

tags: keylogger security biometrics


Spot the error in the Fahrkunst

Spot the mechanical error in the . (You will need to look at the full size animation.)

tag:


128 milligram memory stick

The lightest USB memory yet:

BARENAKED ON A STICK!
... is a USB flash memory drive containing songs, videos, and exclusive content from the Barenaked Ladies, and will go on sale November 22, 2005! Essential for any BNL fan?s collection, the 128mg USB flash memory drive (about the size of your pinky finger) is a fast and easy way to share music, videos, pictures and other data.


Google Base v. microformats

My comment on Google Base v. microformats

tags:


base.google.com: invalid Atom

Fixed

One of Google's example Atom feeds is not wellformed XML because it contains

<g:label>Staffing<g:/label>

The correct code is of course

<g:label>Staffing</g:label>

tags:


rev-tags

Microformats.org defines the rel-tag: links with rel="tag".

When you define a rel link type, you automatically define it for rev too. From W3C:

Consider two documents A and B.
Document A: <LINK href="docB" rel="foo">
Has exactly the same meaning as:
Document B: <LINK href="docA" rev="foo">

So when I tag this entry with , Technorati could use rev="tag" on the link back.

And I think they should. Because the Tags page contains many links. Some are links to pages with the tag, others are not. A human can see the difference from the layout, but robots don't read layout. It would be useful for a search robot to know that all links with rev="tag" have something in common with each other, and with the last segment of the page's URL.

At Technorati, anyone can get a link back when they tag their own page. At sites like http://hoppa.com/, anyone could also tag their page as e.g. http://hoppa.com/Search_Engines/. But that will not give an automatic link back, because Hoppa is edited. In such cases, rev="tag" would be even more valuable to search engines.

But to be tag compatible, the URL should probably have been http://hoppa.com/Search+Engines/. Still, Hoppa is better off than DMOZ, where the page that is listing weblog search engines has the tag Search_Engines, which is far more general than the content of the page.


Microformats for Micropublishing

All the services I have seen assume that the entire blog is about the same place.

That does not fit this blog. Most entries, including this one, has no geographic significance. Those who have, refer to different places. Generally in about the same corner of the world, but I have also refered to both Tórshavn and Phnom Penh in the same sentence.

So I'd like the blog location services to look for positions in each blog entry, rather than finding the position in the head element of the HTML page.


Micropublishing

Micropublishing: Publishing small pieces of information that do not get their context as part of a larger document?not as part of a larger text, nor pointed to from the previous part, of from a table of content. Rather, piece gets in context from indexing, tagging and searching.

This blog entry may serve as example. It is part of a blog, but is unrelated to most of the other items. The context is given by the tag and whatever search result or other link that might have led you here.


Trustable TLDs ?

We may need more s because there may be some level of trust in a TLD. You can trust a .fo second level domain to use only ASCII letters, you can trust a .no second level domain to use only English, Norwegian and Sami letters.

But what if grants something like the .сом? That would open for for funny domains like microsoft.сом


ICANN of worms

ICANN is said to have opened a can of worms by approving the 'language' top level domain .cat application. However, I do not find any such approval in the official ICANN announcements page.

The reality of this seems to be the the nation of Catalonia tries to get itself a kind of country code Top Level Domain under cover of the language code .cat.

What can I say? I live in the Faroe Islands, another stateless nation, but one that has its own ccTLD: .fo. So I find it very reasonable that Catalonia should have its own ccTLD too. Spain may be opposed to the idea, but so is Norway to the ccTLDs .bv and .sj. (The Bouvet Island is uninhabited. The unilaterally claimed Norwegian military base at Jan Mayen shares the .sj domain with the demilitarized Svalbard, which is under Norwegian control by multilateral treaty.)

I foresee a lot of creative applications for my.cat, everything.for.the.cat and everything.but.the.cat.

More interesting is the rush of political TLD applications to come. The Commanche nation will try to reclaim the .com domain. The Basque may settle for the .eus language domain, or try to reclaim the .eu domain. There is no general ISO language code for Sami, only codes for each language: sma, sme, smj and smn. Thus, the Sami clearly need the .sami TLD.

non-ASCII domain names

With the introduction of IDN and non-ASCII characters in domain names, there is a case for language based domains. Under .com, you can use the homoglyph pair c and с to mimic a famous software company: Miсrosoft.com.

ccTLDs are generally safer for IDN domains. E.g. .no specifies that only English, Norwegian and Sami characters can be used. Mixing Norwegian and Sami in one domain name is allowed, like in besųk-kįrįsjoga-biblioteahka.no. (IBM's demo page does not detect that the į and the ų are from different languages, because they are both from ISO-8859-1.) Homoglyphs betseen Norwegian and Sami is hardly any problem. But the .us domain may have a hundred or so native languages, and the .com has to deal with the entire UNICODE set.

So language based domains may reduce the danger of homoglyphic fakes by restricting their sub-domain names to one language. However, these language domains need not be top level domains. They could be sme.no, com.us, ca.es or no.no. (Many of these domain names are of course already taken.)

tags:


Hybrid SUV from Sweden

Hägglund SEP 6x6

This is a hybrid SUV. Both a diesel/electric hybrid, and a SUV/tank hybrid.

tags: http://hoppa.com/Tanks http://hoppa.com/FourWheelDrives


Blog metaentry

The blog entry Blog metaentry is about itself.

In other words, this entry is about itself.

Or, in RDF:

<rdf:RDF
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:dc="http://purl.org/dc/elements/1.1/"
>
<rdf:Description rdf:about="http://styrheim.weblogg.no/220905190056_blog_metaentry.html">
<dc:title>Blog metaentry</dc:title> <dc:subject rdf:resource="http://styrheim.weblogg.no/220905190056_blog_metaentry.html"></dc:subject> <dc:isPartOf rdf:resource="http://blog.styrheim.com/"/>
</rdf:Description>
</rdf:RDF>
tags:

A validator for HTML with non-HTML namespaces

Relaxed is an html/xhtml validator that allows non-HTML elements in an HTML page.

This is consistent with browser behaviour: Unknown tags (tags, not elements) are ignored—only element content (if any) is displayed.

It will e.g. accept the use of <vCard:TEL> and <rdf:value> elements in http://landsbank.fo.

It also does WAI validation.

Relaxed logo

(And when I reported a bug, it was fixed incredibly fast)


Yahoo! is indexing RDFs

Yahoo! is the only search engine that is indexing my stadium.rdf . The RDF is found by searching for Local links for the village Eiši

Google and MSN does not find this RDF page.

But Yahoo! does not yet 'understand' that the RDF says these local links are at the URL http://xn--eii-4ma.com/ and has title eiši.com. If it did, it would not link to the RDF page, but directly to eiši.com.

Please: Go ahead! This is something Google does not do, and will not do unless forced to by the competition. (But I'd fear that their code is ready to roll when they make the decision.) If left to Google, the semantic web will never happen.

eiši.com

Update: Yahoo! doesn't seem to find my RDF anymore. This is not moving in the right direction. While I do not really want the raw RDF in the search result, I want the search result to link to the page that the RDF told about.


Zooming in with Google Local beta

Searching for kayak within 15 miles from Orcas, WA finds Body Boat Blade at 0.1 miles from Orcas.

But closing in to a 5 miles radius arbound Orcas does not. Very strange.

I also note that the address is given as Prune Alley Rd, which is not shown on the map.


The invention of the Kayak

The August 2005 US Patent D508,011 describes a so-called kayak. Appearently, the invention in question is the structural design of a single-user human powered vehicle for maritime use.

The proud inventor's own comment.

Kayak Patent

tags:


PestPatrol - the Blind Man at the Helm

First impression of PestPatrol Corporate edition.

  • After running an interactive scan on a workstation, and finding nothing, the workstation is marked with a check mark icon, that's good. (I also get a last scan of ... found 0 pests in the bottom pane of the management console.)

    But the log for that workstation does not report the negative result, the last log entry is the last pest found.

  • After a scheduled workstation scan, I get no information at all on the management console if nothing was found. While reporting positives are most important, my peace of mind requires some way to see

    • that a workstation was negative at its last scan
    • when that last scan was done
  • I can schedule scans, and delete them. What I cannot do, is see which scans that are scheduled.
  • I don't know if a scheduled scan will run if the workstation is disconnetced. (It probably will, as an attempt to schedule an offline workstation will fail.)

To conclude: Nice idea. Spyware damage is not limited to the individual workstation, the real threat is to the security of entreprise data. But the product needs some polishing of the user interface. Right now, I'm afraid I'd feel better with standalone PestPatrol on each of my 15 workstations.


Paradox: Antispyware is Spyware

I guess we have to live with that: The police can do what would be crime if done by anybody else. And antispyware is spyware.

Still, the following quote from the PestPatrol help file smells of a nice little paradox:

The first time you scan a client system, the Management Console automatically installs the Workstation Agent on the client. It runs in the background and accepts commands from the Management Console. The agent does not require user interaction or rebooting of client.


Taking signatures seriously

Caution: Pets Patrol Inc. asserts that this content is safe, but do you trust them? Computer Associates offers free spyware scanning, which is nice.

To run the test, you have to let a signed ActiveX control run in Internet Explorer. That's OK.

But they do essentially tell me to ignore the security dialog: This screen lets you know that eTrust PestScan is a signed or certified ActiveX application that you can trust. That is more than the signature actually tells me. The signature tells me that some company—in this case Pest Patrol Inc.—says I can trust it.

Problem is: I never before heard of Pest Patrol Inc. While I trust Computer Associates, I do not trust a company I never even heard of. If I am this sloppy with signature authenticaton, there is little wonder that I get infected with spyware.

And this is not only CA—hardly anybody expects their end users to check a signature.


Dell child safety

Push the big one

Any child will go for the biggest and brightest button, and push it.

But Dell is prepared: the Precision 300 is equipped with a big, bright decoy. Nothing happens when (not if) the child pushes it. The real power switch is the small one above.

Cognitive modeling of the user, resulting in a safer UI.


...is a Verisign Secure Site

Verisign logo

This page claims that ONLINE.TOLLSKATT.FO is a VeriSign Secure Site.

Is that true? While https://online.tollskatt.fo/ seems to be signed all right, http://online.tollskatt.fo/ is not signed or encrypted in any way.


Exact location of the Atlantic Ocean

Atlantic & Arctic Oceans, Norwegian Sea

Microsoft MapPoint gives the exact location of the Atlantic Ocean. On a good day, it should be possible to cross this Atlantic Ocean in a kayak.


Mergers and acquisitions

On February 2nd 2004, pf. Elektron acquired Toll - og Skattstova Foroya (Faroe Islands Customs and Tax Authorities).

As certified by Verisign, Toll - og Skattstova Foroya is now an organizational unit under Elektron.

Unless Verisign has made a slight mistake here, this bank owned data processing center has gained control over the national tax authorities. (The data center probably is authorized to run the tax web pages for the government; that makes the tax authorities a customer of Elektron, but hardly an organizational unit.)

I would expect Verisign to look for Elektron in the domain registration info, before accepting Elektron as owner of the domain?


Steel Bridge

Iron sheet bridge in a Tórshavn park

A bridge in a Tórshavn park, made from a single sheet of steel.


Windows protocol handler

Why is there no competition to write Windows protocol handlers?

I would expect Skype, Microsoft Phone Dialer and others to engage in stiff competition, offering protocol handlers for tel:298123456 and wtai://wp/mc;+298318305 links.

For Amazon to write handlers for urn:isbn: and urn:asin:B000071IYQ should also be a no-brainer.

Wikipedia has URLs like http://en.wikipedia.org/w/index.php?title=Special:Booksources&isbn=1880654113 in place to handle ISBN references, all that is missing, is a protocol handler to make the connection from urn:isbn:1-8806-54-113. As long as Wikipedia does not handle the urn:asin: protocol, those links should probably be delegated to Google or Amazon.

How to register an application to a URL protocol


GeoURL.info

GeoURL.info is a new (or reborn) geographic search engine, based on geo.position META elements in the HTML HEAD.

While Google is still stuck with US zip codes.

Surprisingly poor performance by Amazon

Amazon does not know the difference between authors with the same name. The Far Islands and Other Cold Places and My Love Affair with Jewelry are written by different authors, both named Elizabeth Taylor.

To my surprise, both books link to the author with Elizabeth Taylor, resulting in a list with all 215 books by authors having that name.


URI, URN and URL. Still confused after RFC 3986

I am still confused about URIs and URLs after reading RFC 3986 1.1.3 (via RAW).

Can http: URIs be used to identify non-digital objects? The W3C clearly thinks so: the namespace for this code is identified by the URI http://www.w3.org/1999/xhtml.

But the same string is the URL for an HTML page.

Quoting RFC 3986:

The term "Uniform Resource Locator" (URL) refers to the subset of URIs that, in addition to identifying a resource, provide a means of locating the resource by describing its primary access mechanism (e.g., its network "location").

My problem: The web page and the namespace are different resources. Something is located on the network, but that something is not the resource identified by the URI. The difference will be more obvious if the URI http://ships.reg.fo/FD/530 identifies a ship. Whatever you access by the link http://ships.reg.fo/FD/530, it will not land some 20 tons of ship on your desk.

Still, I find it very useful that http://www.w3.org/1999/xhtml describes the object identified by http://www.w3.org/1999/xhtml. Otherwise, we'd have to google for pages with DC:subject="http://www.w3.org/1999/xhtml". But the RFC says the resources identified and accessed are the same, it does not allow for accessing the metadata of the identified resource.

How do I express in RDF that the HTML page http://www.w3.org/1999/xhtml has the namespace http://www.w3.org/1999/xhtml as DC:subject?

One possibility might be placing the HTML description at http://www.w3.org/1999/xhtml.html, and make http://www.w3.org/1999/xhtml redirect there. But even a redirect is a resource, and a redirect is certainly not a namespace.


Grokker.com

Grokker - interesting GUI, but not worth paying for

I have just tested Grokker.com. The user interface looks very interesting. But the clustering data displayed are too bad to really evaluate the GUI. I did a cluster in Eiši, Grokker assigned clusters to common words like viš and , that is equivalent to clustering on the, and and I in English. There were two clusters inside each other, both labelled Viš, none of them contained any links. When clustering on tank, Grokker identified storage, but did not identify any cluster for main battle tanks.

I'd very much like to see the Grokker interface applied to the data of music map, or maybe the late hoppa.com directory.

But the clustering of Grokker is—in its present pre-alpha state—not worth paying for. Clusty.com from Vivisimo is free and better. (Or was when I first wrote this in 2005. Many a good idea have died since then.)


Official URI


SPARQL and finding books by painters

My first stab at SPARQL is an attempt to query the semantic web for books written by painters. Actually, I think it is a search for anything created by a painter. But I can't test it, so who knows.

We still need Loran C as a backup

Much as I'd like to get rid of the AM noise from the Loran C at Eiši, we do need Loran as a backup for the satellite navigation systems.

Quoting Megapulse:

  • dissimilar failure modes to Satellite Systems
  • difficult to jam due to high power levels

OpenOffice documents may now have one root

According to Committee Draft 2 section 2.1, the OpenOffice format will now support OpenOffice documents in one single XML document.

This is good news.

The present format, with five or more XML files zipped together, is really--like Microsoft Office--only suitable for human editing. The single root XML format will make XSLT based processing possible, combining human editing with automated workflows. One XSLT may extract chapter headers form a text document, another create a spreadsheet from a naked data XML. The sky's the limit. For the first time, OpenOffice has something MS Office has not. And will never get - Microsoft won't ever use an open format for Office.

Update: OpenOffice 2.0 beta supports the OASIS OpenDocument XML format as the default file format.


Representing taxonomies in OWL

I have a hard time representing a taxonomy in OWL.

The syntax is XML, but the structure is relational database.


eiši.com is online

eiši.com is now online with a link collection for the village Eiši in the Faroe Islands.

With a properly coded link, eiši.com, it will even work in Internet Explorer. (See IBM for encoding.)

There is also an attempt at representing the same information for the semantic web (i.e. machine readable) at eiši.rdf. Where someone using a semantic search engine should be able to find e.g. two books that are written by painters. Which would be considerably more powerful then what Google can offer now, near the end of 2004.


The X in XHTML

The X in XHTML means Extensible. And in the browsers, it really is. If I add an element of my own, maybe mine:something, an HTML browser will ignore the mine:something tags, and display the mine:something content, if any.

But if I try to validate such a page, I get a problem, because it is invalid. Which is a real problem, because my blog will force validity on my entries.

What I need, is a DOCTYPE that accepts HTML as valid under the following two conditions:

  1. The page is wellformed XML
  2. The page would be valid XHTML if all tags from other namespaces were removed

Note that testing removal of elements from other namespaces would be too liberal, test by removing foreign tags with their content left in place.

Work by W3C is addressing ways to specify conformance for documents involving multiple namespaces. But they seem concerned with specific extensions like MathML, I want a DOCTYPE to handle general extensions.

I want my validator to say: The way you use your extensions may be bullshit, but at least it is wellformed bullshit placed in a valid XHTML context.

An example of the problem, is the G O Sars page. It contains a pair of geo:lat and geo:long elements, but to make the page valid, I had to place them in CDATA. That transforms them from elements to text. Fortunately, they are still treated as geo: elements by Blogmapper


Internet Explorer is the fastest for huge XML

IE6 is very much faster than FireFox or Mozilla, when it comes to locating words in huge XML files like http://www.cyc.com/2003/04/01/cyc.

I didn't test Opera, because Opera doesn't display unstyled XML very well.

(IE is still a slow loader, though.)


Make Love, not Spam

I really do feel like executing a spammer.

But spam should not be fought by counterattack, that will cause mostly collateral damage. Is a dDoS attack on viagra.com really a good idea?

Spam should be stopped with sender verification, by requiring costly CPU cycles to send an email, and -- as a last resort -- content filtering.


Convert characters to character entities

I have written a script to convert some (or all) characters in a string to character entities. There are many reasons to do that:

  • The character is not representable in the encoding of the document
  • The character is not to be parsed as markup, but would be, if it isn't escaped as an entity
  • Documentation: If the character may not have a glyph in the font used by the UA, or if the user may not recognize that glyph, the character entity is a documentation of what character you are looking at. E.g. ᚱ is coded as the character entity &#x16B1; and the character name can be found at IBM.
  • The string doesn't allow spaces, so they must be encoded as &#x0020;
  • Two consecutive hyphens are not allowed in HTML comments; but legal if at least one of them is a character entity.
  • "Encryption ultra lite"

Runic character names

My NATO-style spelling script has been expanded to display the names of Runic characters.

If you look at one Rune at a time, and don't need the name, then macchiato.com has a more elegant tool. Once you have found the hex code at macchiato.com, IBM can help you with the name. Not only for runes, but for all of public Unicode.


JPEG vira - told you so in 2001

OK, GIF not executable? Sure? is not about JPEG, but GIF. Same von Neumann principle, though.

Vivisimo - clustering search results

Vivisimo is a search meta engine, whose main feature is the ability to cluster the result pages, based on content. This is especially useful when the search word has two or more distinct meanings. One such word is tank, meaning either a (usually large) receptacle or armoured battle tank.

Searching Vivisimo for tank gave 198 hits. Most, if not all, really belong in two main clusters, receptacle and armoured battle tank. These two clusters are not detected by Vivisimo, only their smaller sub-clusters. Still, this is a very impressive performance by a machine. (The movie Tank Girl may be about both water tanks and battle tanks, if so, it belongs in both main clusters. I can't tell from the web page, so we have to wait for a new release of Vivisimo - one that watches movies.)

Such clustering would be facilitated by metadata in (or outside of) the web pages. Suitable Dublin Core DC:subject URIs for these clusters could be

and

Webmasters may be less than truthful in their meta markup, so analysis of content and incoming links will stay important.


Calling the 112 test center

When stolen mobile phones are sold, they are often tested by calling the emergency center, number 112, because that is the only number that works without the SIM card.

Suggested solution: Detect the IMEI of all mobiles calling the emergency center without a SIM card (no IMSI identification), and block them for all non-emergency calls. (Blocking emergency calls is too dangerous, unless the phone is constantly harassing 112.)

This should not bother legal phone owners, because the SIM card is usually present. If I get blocked anyway, I'll have to apologize for my dog removing the SIM and calling 112, and hope the police believes me.

The IMEI of a stolen phone should of course have been blocked by its owner. But few of us have saved our IMEIs. It is found by typing *#06# or looking under the battery. Take a note of it and keep it, but keep it secret, unless you want some practical joker to have your phone blocked as stolen.


GSM abord the Norröna?

Here is something for Smyril Line and their ship Norröna: Maritime Communications Partner delivers public cellular telephony services for passengers and crew onboard cruise ships and ferries.

Not that I really need ship-to-shore communication, not if the ship is on schedule. But communication with fellow passengers would be most useful.


Locating blog entries

Blogmapper has realized that there is more need to localize each blog entry, than to localize the entire blog as a localized unit.

This blog

I find the positions with Multimap, and welcome corrective comments from anyone who has been on location with a GPS.


Š in Faroese (.fo domain) host names

I believe š.landsbank.fo is the first host name in the .fo (Faroe Islands) domain to have a non-ASCII letter in it. 62.0207-6.7783 ]]>

Prepaid GSM: User Interface

I don't know about the rest of the world, but for customers of Faroese Telecom, the procedure for pre-paid mobile phone is the following:

  • call (+298) 801010
  • Listen to instruction to type 1 to add money to the account
  • Remove phone from ear
  • Type 1
  • Put phone to ear
  • Hear instruction to type code followed by #.
  • Remove phone from ear
  • Type 056471505418#
  • Put phone to ear
  • Listen to confirmation of the transaction

Why can't I simply call (+298) 801010 056471505418?

Or send an SMS containing 056471505418 to (+298) 801010 ?

(In both cases, I'd expect to receive SMS confirmation of the transaction)

The charm of the SMS method, is that I could SMS 'money' to my broke child, who could forward the message to 801010 to reactivate his phone.


Pagaj vs Paatit - tuku and sinaiming

In Danish, a kayak paddle is called a pagaj. That is strange, as the main part of Denmark, Greenland, has the most advanced kayak culture in the world, and there it is called a paatit.

A European pagaj usually has between 60 and 90 degrees angle between the blades, while the paatit has both blades in the same plane. That could be part of the explanation.

But the only reference I find to pagaj outside Denmark, are two islands in Mentawai near Sumatra: North and South Pagai. They do indeed have some quite notable paddles: The dolphin shaped tuku and the diamond shaped sinaiming. Both are operated with one arm only; the top end is locked in the armpit like a crutch.

So far, I have found no information on twin-blade paddle traditions in South-East Asia. Does anybody know anything about this?


Defragmenting the global village

There will never be a global village, we are not interested in communicating with everyone, and we are simply too many people.

But the fragmentation into global ghettoes should be caused by lack of interest, not by borders in the infrastructure.

At the moment, I am member of three kayak-related communities at orkut.com alone, and two more at the Norwegian Kayak Association and Qajaq USA. That's ridiculous. Most of what I say in one of those, might as well be said in any of the others.

To defragment those ghettoes, we need the following:

A blog each. The blog needs HTML and news feed interfaces. It needs trackback tools to thread discussions. It needs user authentication, some times to limit an item's visibility to friends only, always to protect the trackback from being abused by spammers.

User authentication should be integrated between HTML and news feed versions of the blog. I see two ways to do that:

  • SSL client certificates
  • Cookie level integration between web browser and news reader. Once logged on via HTML, the news reader will have access until the cookie expires.

And we always need ever better search engines.


Orkut - Evaluation

Closed Architecture

According to Newsweek, the Orkut project is typical Google big-think.

I disagree. With its closedness, this kind of big-think is more typical of Microsoft or a telephone company (and maybe IBM in the old days).

Newsweek writes as if Google was the first search engine ever. I started with Lycos, quickly switced to AltaVista because of its precise search criteria, then to Google because of its larger index.

These switches were possible because search engines are open, with Google the most open of them all. Now, imagine if I want to switch to an Orkut competitor. That would leave all my Orkut friends behind at orkut.com. Even if all my friends left with me, we would leave what was written in Orkut behind.

Compare this with Upcoming.org, where you also have to register to be allowed to register an event. But anyone can see the RSS feed of events in e.g. Tórshavn, and syndication is encouraged. (Upcoming could also be more open, they can't aggregate other feeds, and they do not list time and space data for events in standarized form.)

Privacy

The idea that messages can be limited to 'friends' only, is fundamentally a good one. But I think the long term solution is news feeds with SSL client certificate authentication. Meanwhile, I think email is the way to go for friendly communication that is not intended for the public.

I don't like the idea that anyone can surf my social network at Orkut. The government intelligence agencies will know anyway, from telephone and email traffic analysis. But the amateurs will not, and the amateurs are probably more dangerous than the government.


Like: Il segno del comando

Il segno del comando it.kelkoo.com suggesting alternatives to the film "Il segno del comando". Amazon recommendations may also be off, but these are obviously based on the phrase "il segno" being present in all the titles. OK, maybe we do buy DVD by title...

Danish, the official language of Danishia

Danish translation.

Those of us who make mistakes on the internet, should think about coding <meta name="ROBOTS" content="NOARCHIVE" />


Thwarting spam - it's not rocket science

Information Asymmetry and Twarting Spam:

Filling in the values, it is easy to see that...

Still, I will read it - the economic approach seems more promising than the legal.

"wealth transfer from senders to recipients" -- that sounds like "money". From what I hear, it's an old Heinlein idea; applied to telephone calls, in some book of his.

Any economic approach to reducing spam, will need a technical infrastructure. If this one involves money, it is too complex to be feasible.


HTTP headers of Nokia 3410 ?

I have a WAP page that is listing the HTTP headers sent from the gateway to the HTTP server.

It works fine with Nokia 3510i, Opera, validator.w3.org etc. But not with my Nokia 3410.

Anyone out there have any idea of what's wrong? Does anyone have a 3410 that works with this page? Is there any other page that will echo the HTTP headers from a WAP phone?

Navigation: http://landsbank.fo, Tools and HTTPheader.


Good use of favicons

The host names of the Danish Military is quite a mess. But they do use a common favicon:

Danish Armed Forces Logo

In pages like http://hoppa.com/eu/nor/Military/index.en.pl.gz?, the consistent use of the favicon made the Danish military sites stand out as a group. As do the Alvis sites.

More on favicons.


Nokia doesn't accept UTF-16 Unicode?

0 bytes

My UTF-16 test page doesn't work on Nokia 3410 connected via Faroese Telecom's gateway 212.55.32.49, nor via the built-in gateway of Nokia Mobile Browser 4.0 emulator.

Both FT and Nokia gateways return 0 bytes for this page. They get the Last-Modified right, though.

Openwave 5.1 removes the encoding declaration, converts to UTF-8 but gets it wrong, and complains that the input ended before all started tags were ended.

If anyone has any ideas about using UTF-16 in WAP: Don't.

Getting there:

Open http://landsbank.fo/, choose Tools, Encoding and UTF-16.


Warning: Office 2003 Imaging destroys TIFF files

I opened original TIFF in Microsoft Office 2003 Imaging.

That image needs ot be rotated 180 degrees, so I rotated 90 degrees twice, and tried to save. Invalid file, but it still let me save it.

The resulting file is unreadable.

In true Microsoft style, if I try to open the old Wang/Microsoft Imaging with Start/Programs/Accessories/Imaging, the old program is gone, replaced with the new and dangerous one.

Flashback: Many years ago, I renamed IE to keep the production version while installing a beta.

Guess what? The beta installation found the old version anyway, and overwrote it. Given the chance, those guys would have tried a nuclear device right on their desk. (wishful thinking...)

btw, the Quicktime plugin is not very good at reporting its inability to read the image


Amazon postal optimism


Amazon sent my stuff today, and estimates that I got it today, or earlier in December.

DAML - reinventing Prolog ?

DAML (DARPA Agent Markup Language) looks a lot like Prolog to me.

I didn't like Prolog. It looked like it could apply logic. It could, but in an extremely unintelligent way.

We'll see about DAML. At this time, it seems overambitious. Google can't even do a decent search for events in timespace, and DARPA wants logic?

Bouvet Island - Little Known Facts

> server NN.UNINETT.NO
Default Server: NN.UNINETT.NO
Address: 158.38.0.181

> bv.
Server: NN.UNINETT.NO
Address: 158.38.0.181

bv nameserver = nac.no
bv nameserver = server.nordu.net
bv nameserver = nn.uninett.no
nn.uninett.no internet address = 158.38.0.181
nac.no internet address = 129.240.2.40
server.nordu.net internet address = 193.10.252.19
server.nordu.net AAAA IPv6 address = 2001:948:0:f005:0:0:0:42
> server server.nordu.net
Default Server: server.nordu.net
Address: 193.10.252.19

> bv.
Server: server.nordu.net
Address: 193.10.252.19

*** server.nordu.net can't find bv.: Server failed
>

New advances in spam

For the first time ever, I have received spam that is addressing me with my real name, not some guess based on my address.


Not perfect yet - they put my name in the subject header, not in the to header.


The surprise is that it didn't happen long ago.


hits