Categories
internet media

The thing about ad-blocker popups

I’ve been, in the past, a firm distruster of ad blocking software. I still am, to a large extent. I don’t trust any company whose finance model is based on inserting exceptions for advertisers they like. But I installed Ghostery, whose model is to use the stats of what gets blocked to offer consultancy to companies to make their adverts less horrific. I like this idea, so I support it. My Ghostery install is fairly open, blocking only sites that offer page-takeover, popups, autoplaying videos, and other stuff that annoys me a lot. So I get a bit annoyed when I’m scrolling through a Wired article and get something like this:

Fine. I don’t disagree with the sentiment, but I don’t read Wired often enough to care about being a member, so yeah, ad supported isn’t unreasonable. Do you know what’s unreasonable, Wired? This is what happens when I whitelist your site:

That’s *forty* scripts you’re loading in for tracking, advertising, affiliate marketing, analytics, comments and display fonts. Up from twelve that I had whitelisted already, and – and here’s the best bit – if I leave the tab open to (say) write a blog article about this bullshit, it goes up to FIFTY NINE.

I‘m not militant about never being tracked, nor being advertised to. I’ve worked for web marketing companies, and I’ve attempted the shit soup that is making bank from content on the internet, I know there aren’t any good options. But this isn’t about any of that anymore, it’s making your site _worse_ by installing dozens of these things and slowing everything down. It’s unchecked – the number of these things that duplicate functionality is just crazy – and to put your sanctimonious little message over the top of the remaining bits of actual content when your users try to filter it is actively user-hostile.

Last and maybe worst, each one of these externally installed scripts is – potentially – an unvetted bit of code you’ve added to your page. Javascript isn’t the security nightmare it once was, but every new script is a new vector, and you can’t tell me that every single one of those – checking the tab again – eighty four snippets of code has been reviewed against all the others for security flaws or side effects which might make the user experience worse or unsafe.

It just needs to stop.

(Final count: 86. Tab has been open 20 minutes)

 

Categories
computing Imported From Epistula internet

A traditional post – Geekcode 2016

A tradition doesn’t stop being a tradition just because it’s lost all relevance to the modern age. That’s what Christmas is all about!

And one I’ve got is that every couple of years I update my Geek Code. The Geek Code is an old and established tradition, a one line incomprehensible block of symbols that represents your opinions and state on many geek things that mattered in 1995 when it was last updated. As such, it’s missed an awful lot of pop-culture advancement, including the bit where the inclusive nature of geek culture took over the world, and then the toxic nature of it burned some of it down. There’s probably a better article about that, somewhere. Anyway, here on the first day of 2016, the traditional geek code block:

-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GCM$ d s+:+> a C+++(++++)$ ULS++++$ P- L++++$ E- W+++$@ N o+ K w+$ O- M+ V- PS++ PE-(--) Y++(+++)$ PGP+() t 5+ X R++* tv+ b+>++ DI---(++) D++ G++ e+ h--- r++ z? 
------END GEEK CODE BLOCK------

The rules:

  • Done with the most recent 3.1 release of the Geek Code
  • Phrasings are as I understand them as I take the quiz, and formatted according to my whim.
  • I don’t look at previous geek codes before taking the test again.

All the geekcodes, 1998 -> 2016 are here

Observations:

  • It kind of amuses me how I reinterpret the “Dress” section every time, given that my general style hasn’t changed much.
  • My confidence in Computing & Unix varies over time.
  • That you can track down my addiction to Usenet as you can track up the things with “gets paid for this” ($) signifiers amuses me.
  • Watch my opinion of Dilbert do a ski-course impression, as the writer asserts his opinions more.
  • You can basically track my entire relationship history though the (r) column on this graph.
  • I care a lot about security now I’m being paid to.

In the beforetimes:

I’m going to try to resume the weekly posts thing. We’ll see how that goes.

 

Categories
computing internet

DNS for people who just want to own a domain

Often I’m working with people who own a domain, but don’t really know what that means, or how it connects to the real world. Or at least the internet. Here’s a basic guide to how stuff plugs together. There are four roles involved:

  1. The Owner
  2. The Registrar
  3. The DNS Host
  4. The Server

The Owner

The owner is you. Hi. The person or persons unknown who put down their credit card and said “That one” and bought a domain.

The Registrar

This is who you gave your credit card details to. They put a record for that domain up in the global DNS system that says “the owner for this domain is The Owner, and the DNS Host is”. This information is public, though a lot of the time Registrars will sell you the ability to use redirecting email addresses and blanked out physical addresses.

The DNS Host

Domains are text – aquarionics.com – but traffic is routed on the internet to IP addresses – 5.9.98.12. DNS, the Domain Name System, is the method by which this translation occurs. Very simply, a request for www.aquarionics.com will make a request of your DNS host as to where that means, like a taxi driver reliant on a GPS.

For most people, your DNS host will be your registrar. They host your Name Server, and that’s something you set on the domain with your Registrar. For example, Aquarionics.com is registered with Namecheap, but my DNS is hosted by Amazon’s “Route 53” DNS service. With Namecheap, I set my name server settings to point at Amazon’s service.

Generally, as I say, this is something your registrar does for free as part of your domain hosting, it’s likely you have a “host name” admin section of your registrar.

This is one of the common points where your hosting company might ask you to change your domain settings.

Very simply, a domain record is made up of four things: a name, a type, a value and a TTL or “Time to live”:

Name Type Value TTL
www.aquarionics.com.
A
5.9.98.12
3600
dailyphoto.aquarionics.com. CNAME dc80vpukp1283.cloudfront.net 300

Name: The domain to match. By the point we’re here, the system already knows the “aquarionics.com” bit, but there will be seperate options for “www” and any other things underneath it, including nothing at all.

Type: “A” records link the name (www.aquarionics.com) to an IP address (5.9.98.12). “CNAME” records link it to an alias. So in the above, going to dailyphoto.aquarionics.com looks up that record, sees a CNAME for dc80vpukp1283.cloudfront.net, so it goes to find out what that means, which comes back as “54.230.2.28”. It’s worth noting that this isn’t a redirect for the user, it’s making the request of another DNS service. The answer is always eventually going to be an IP address where the full “Send me this website” request will be made. (Other record types include TXT for arbitrary text strings, AAAA for IPv6, and some others. They’re beyond the scope of this article)

Value: What comes back

TTL: How long to keep this information, in seconds. In the above, the record for www.aquarionics.com should be kept for an hour, but for dailyphoto you should ask again in five minutes.

The Server

The actual computer at the other end of this, numbered 5.9.98.12, which gives out the website.

Because you've made it this far, have a picture of Oolong the rabbit with a waffle on his head.
Because you’ve made it this far, have a picture of Oolong the rabbit with a waffle on his head.

How does this fit together?

If someone’s never visited your site before, like this: (I’m simplifying this quite a bit)

You type in “www.aquarionics.com”. Your computer asks the DNS system what IP address that means. The global DNS system goes “You should ask The DNS Host”, the DNS host goes “The answer is currently 5.9.98.12, but ask me again in an hour”, your browser sends a request to the server at 5.9.98.12 saying “Can I have the front page of www.aquarionics.com, please” and that’s the end of the DNS bit.

There is stuff that makes this more complicated. For example, at any point you can get more than one answer. If you ask for dailyphoto.aquarionics.com, for example, you get an answer like this:

;; QUESTION SECTION:
;dailyphoto.aquarionics.com. IN A
;; ANSWER SECTION:
dailyphoto.aquarionics.com. 300 IN CNAME dc80vpukp1283.cloudfront.net.
dc80vpukp1283.cloudfront.net. 60 IN A 54.230.0.17
dc80vpukp1283.cloudfront.net. 60 IN A 54.240.166.182
dc80vpukp1283.cloudfront.net. 60 IN A 54.230.0.63
dc80vpukp1283.cloudfront.net. 60 IN A 54.230.1.191
dc80vpukp1283.cloudfront.net. 60 IN A 54.230.3.11
dc80vpukp1283.cloudfront.net. 60 IN A 54.230.1.201
dc80vpukp1283.cloudfront.net. 60 IN A 54.230.2.28
dc80vpukp1283.cloudfront.net. 60 IN A 54.192.3.191

Which translates as:

You asked for dailyphoto.aquarionics.com. It’s aliased to dc80vpukp1283.cloudfront.net, which has these records. Multiple answers for the same question means they’re all right, and you can pick any (but usually from the top down, trying each until you get an answer)

Mail works exactly the same way, but instead of “A” records and “CNAME” records, you have “MX” or “Mail eXchange” records which dictate servers that accept mail for this domain:

aquarionics.com.        300     IN      MX      10 alt1.aspmx.l.google.com.
aquarionics.com.        300     IN      MX      10 aspmx.l.google.com.
aquarionics.com.        300     IN      MX      20 alt2.aspmx.l.google.com.
aquarionics.com.        300     IN      MX      20 aspmx2.googlemail.com.
aquarionics.com.        300     IN      MX      30 aspmx3.googlemail.com.

Unlike the records above, MX records have priorities attached, so you should only go for alt2.aspmx.l.google.com if alt1.aspmx.l.google.com isn’t responding.

Changing hosting providers

This is where this usually comes up as a thing. If you’re moving where your website is hosted, your new company will almost certainly request this DNS change.  This is where TTL comes in. A while (days) before this is coming, you should lower the TTL for the website’s records to 30 seconds or so. This will mean that when you do actually make the change, the rest of the internet will not try to keep the old answer for ages.

This doesn’t always work perfectly. Your computer keeps its own cache of DNS answers, and is almost certainly using your router as a DNS server. That in turn is making requests of your ISP’s DNS servers, which are probably asking the global systems. That’s a moderate number of systems that need to be honouring the times correctly for this to work properly, which is why the standard advice of “2 days for changes to flush though” is still so common. You’ll get 80% in the first half hour or so, but the remaining 20% might take a bit longer.

@ and *

@ is a little overloaded, and this is one of the places where it is. Some hosting providers will give you a record with the Value “@”, which stands for the unadorned domain itself, so just “http://aquarionics.com”. Notably, this isn’t allowed to be a CNAME, or alias, it needs to be an actual IP address.

* is a wildcard domain. So having a record for “*.aquarionics.com” pointing at  109.74.193.20 would mean that going to anything like that “fakedomain.aquarionics.com” up to “supercalifragilisticexpialidocious.aquarionics.com” would all resolve to 109.74.193.20

Conclusion

That’s it, I think. Slightly more tech than it should ideally be, I know, but with any luck a useful reference.

Categories
computing Current Affairs internet media

SOPA for Brits

So, Wikipedia is shutdown today. Reddit, ICHC and a large number of other sites will be showing their irritation at SOPA and the concepts surrounding it by joining them in going dark for between 12 and 24 hours, US time.

Annoying, isn’t it, how these international websites are going dark internationally for a US law? Well, that’s kind of a large part of the problem. How do you define a site that is under US law? Is it where the servers are hosted? Is it where the company who owns the servers are incorporated? Is it where the person who accesses the data lives?

I (in the UK) rent a virtual server from Linode that’s hosted in London. Linode are an American company. I host an episode of the Daily Show, owned by an american company. Whose copyright laws apply?

In this case, SOPA defines a “Domestic” site as one with a US registered domain name (.com/.net/.org or .us) or IP address. So because my IP address is owned by Linode, it counts as Domestic under SOPA, but also because most of the domains that point at the server (but not all) are top level domains controlled by US parties.

That may not matter, since there is a precedent for charges against British citizens being able to be brought by US companies under US law and for them to be extradited to face them.

The reason why it affects us is that it starts to make a lot of resources unviable, because it places the onus of proof of copyright onto the “host”:

The owner or operator of the site is “committing or facilitating the commission of criminal violations punishable under section 2318, 2319, 2319A, 2319B, or 2320, or chapter 90, of title 18, United States Code.” Those sections primarily deal with copyright infringement and counterfeit products.

This means that sites like Tumblr and YouTube suddenly have a problem, because instead of the person who uploads a copyrighted image, text or video being liable for committing an act of computer piracy under US law, suddenly the websites are, and since the sites are far larger, more obvious and richer targets for lawsuits it will mean the cost of running a site where people upload things starts to have to include fighting thousands of lawsuits against copyright holders, while the user who lied when they clicked the “I have permission to post this” checkbox continues to do so.

It would be interesting to see what the percentage of YouTube/Tumblr etc. uploads that are copyrighted content is, and what percentage of that can be classified as “Fair Use” and what percentage of the rest the copyright holders don’t mind being published, since it brings more exposure. In addition, a lot of posters to YouTube seem to believe they *do* have the legal permission to post things so long as they post a magic mantra about “Not claiming any copyright on any of this video or characters or anything!”. If YouTube, to take a single example, is now legally responsible for every video it hosts, the simple “I’m allowed to post this” legal figleaf stops sufficing, and they suddenly need actual legal proof of copyright, and how do you prove that?

I have a video of tea being brewed,  which I took myself with my very own iPad. It has a soundtrack which I didn’t actually have permission to use, but which I replaced with a public domain track later. I *took* the video, and I can’t legally prove my ownership beyond a sacred vow that that really is the state of the tiling in my kitchen. My video channel also includes some dancing santas and a dancing raccoon suit. The wonder and the beauty of YouTube is, in part, that it’s quick, it’s easy, and it doesn’t require you to log your original tapes with a legal authority before uploading, which is what SOPA runs the risk of requiring.

You can argue that that’s fine, because Google’s huge and can afford to fight those bills, but I host websites on my little server, and if someone with an account on my server decides to upload a jpeg owned by someone else, the idea of me being personally and legally liable for it, able to be extradited to the US for prosecution for it,  is actually terrifying.

And this is hyperbole, to some extent. It’s the ultimate extreme of what the bill would require of hosts if it was misused by the large media companies to attempt to set fire to the stable and set a sniper on the horse, long after it bolted for the hills. They say, as they always say, that the strict rules and the draconian requirements are there not to use against ordinary people, but *bad* people. You know, those other people. They said the same thing about the DMCA when that came in, and those are horribly misused to break free speech, fair use, parody and commentary already.

There’s room in the world for better piracy controls and especially education on what copyright actually *is* and how and why it’s enforced, and for real actual *change* from both sides on how intellectual property and pure-digital creations can have proven ownership, but SOPA and its associated bills are a really bad idea that only really benefit the international mega-global media corporations who lobbied for it, and not just for the US, but for every person in every country that uses a US-based site and looks at cat pictures on the internet.

Categories
2008 Current Affairs Imported From Epistula internet Metablog MLP

Magic Trees, Level II

A while ago, I invented a concept of “Magic Trees”, named after the story of a vicar who chopped down a 140 year old tree and justified it by saying “A paedophile might have been hiding behind it”. This was later expanded to include invisible terrorists.

This morning a different story caught my attention. A social network site I’ve never heard of has recently banned a large number of its users over 36, possibly all of them, because:

Having discussed the use of our website with the home office and the police, and further some pretty serious crimes caused by older users, we were left with no option but to terminate a huge amount of accounts, and without notice, immediately. We understand that only a minority of older users are sex offenders, but you must understand that we cannot tell which – we can only delete all to make the site safe and we apologise for that. However, we are following the law and you cannot think we are wrong for doing that.

Basically, there is the the new legislation requiring sex offenders to have their details held by the government (Under the “But we would never let that data leave officialdom” clause we know so well) and there is a blindingly stupid proposal to require social network sites to validate against a pre-existing list of known email addresses belonging to sex offenders. The original database is scary in and of itself, I have enough trouble getting off SMS spam lists, and those have a documented legal procedure. If your address – physical or metaworld – is in that database you’re many degrees of screwed, but the blindingly stupid addition of requiring email addresses?

I have currently got three email addresses I look at on a day to day basis. Without thinking too long about it, I can think of a dozen that will get to me eventually, plus another few that won’t anymore (like my old uni address, or my Evolving Media or BrowserAngel addresses) I could have signed up for another dozen in the time it’s taken you to skim-read this article.

Not only that, but this proposal is just that, a proposal yet to go though the bad ideas filter. Now, the social network providing this story, which is known as “Faceparty” and I’m not going to link to, claims they were dived upon by “A gang of paedophiles” who attacked their younger audience. If I was uncharitable, and I’m tending towards so, I’d wonder if this actually happened, or is a pre-emptive strike, or – even less charitably – if it’s all an attempt to get people to realise they exist. Browsing their site as a non-user, it does appear that they enjoy pushing a reputation for “edgy”. Their front page featured article links though to a page using the current-most-forbidden word (Four letters, begins with C, Rhymes with stunt, as in “Publicity”) as punctuation, and it’s all… very…

…interesting…

Of course, it’s entirely plausable that this is a genuine over-reaction to a genuine problem they were having with paedophiles and my cynical analisis that it’s all a publicity drive under the pretext of chopping down a magic tree could be entirely off the mark, but I’m not linking to them anyway.

Categories
Current Affairs Imported From Epistula internet

Freedom of Cycling

So. I was checking my comics this morning (Or the important ones right now, which are Narbonic, Schlock, QC & S*P) when I saw on the latter an advert for FreeMesa.org, an organisation devoted to small groups of people in various local areas who give things they don’t want to each other instead of chucking them out.

Golly, I thought, first tea still unfinished, that sounds familiar. Isn’t that what Freecycle do?

You may not be familiar with Freecycle, but that is, basically, what they do. Or, actually, that is What Freecycle Is. A Freecycle List is a list on Yahoo Groups where people give things to each other. Upon a little research I discovered that Freecycle itself is a trademark of a non-profit organisation with corporate sponsorship.

And by “Research”, I mean “I read their web site”. This is the modern meaning of the word, as far as I can tell.

So The Freecycle Network is an organisation which is basically a directory of mailing lists hosted on someone else’s technology with volunteers running them about people giving things away for free. What could anyone possibly object to enough so go so far as to set up a rival? All they can do is have the name.

Oh. Right.

Freecycle, who have seen what is happening with the verb to google (look at the link very carefully for bonus irony points) have decided to Take Action, and said

In legalese, the use of the term ‘Freecycle’ denotes a gifting service which is officially approved by the nonprofit organization ‘The Freecycle Network,’ and one that the public can expect to adhere to certain standards. The Freecycle Network must approve any e-mail list or web site that uses the term ‘Freecycle’ in its name and provides any sort of exchange service. (A relevant point for us to note internally is that we have to demonstrate a “concerted” effort.

Cite, plus bonus ‘How you should talk bout FC’ stuff

Grist have a good story on the Freecycle group turning into arseholes. Note that up until recently the Freecycle home page talked about freecycling.

I’m torn on this. On the one side, I can see the group wants to protect its trademark. On the other, it’s basically saying “That thing about the process being ‘freecycling’? Yeah, we’ll sue you for that now”. Also, whereas Google is a huge corporate entity now, I’m not entirely sure why Freecycle – a movement devoted to giving things away for free and using other people’s (freely given) resources to do so – is becoming one.

Categories
Humour Imported From Epistula internet Larp MLP Personal sport

We three things

  1. I am going to Maelstrom for the hotest weekend of the year (Not that there’s a hell of a lot of competition). How would you like your Aquarion: baked, boiled or fried?
  2. For the They Who Evolve World Cup Sweepstakes, I have drawn the Ivory Coast. Who are doomed, for no better reason than their connection to me.
  1. Every so often I obsess over songs and grab all the covers I can find. iTunes’ Music Store is bad for me for this reason. I am not, apparently, the only person to do this. Thirteen covers of The Smith’s ‘There is a light that never goes out’

    More things:

  • The new Aquarionics design (v12) is mocked up and sitting in PSP. Soon, I will get around to implementing the blasted thing.
Categories
Imported From Epistula internet

Advert

Since I appear to have forgotten to do this entirely, and I really did mean to:

If you’re looking for an ADSL provider with Actual Real People on the other end, that doesn’t suck in any way, shape or form and will regrade your line upon request within 24 hours.

Black Cat ADSL

I cannot recommend them highly enough if you’re just looking for “Bare wire” ADSL without any excess services beyond an outgoing mail server.

Advert ends

Categories
Imported From Epistula internet Politics

Warbussing

I went Warbussing today.

Warbussing, soon to be the next big event in the weblogging/interweb world, involves, having finished todays episode of CSI (the husband did it) turning on Airport as we swish though the countryside, clicking every so often to see if there were any wireless networks open.

There was one. It was called “Silvar” and is fortunately located just outside a set of traffic lights by the College, allowing me to collect my email quickly while we paused. Everything else required a password.

In other news: George Galloway? Wrong statement.

Categories
Imported From Epistula internet Those who evolve

Short Notice.

There is a very special level of hell reserved for hosting companies who issue the 72 hours notice of planned downtime at 11:30 on the saturday of a bank holiday (ie, Long) weekend.

My impressedness level is not high. Pipex, I mean you.