Category: Web/Tech

Bofra explot hits The Register’s ad server

Published on by Nick Bradbury10 Comments

Early Saturday morning, the baner ad service used by The Register became infected with the Bofra/Frame exploit. If you visited The Register Saturday using Internet Explorer, and you’re not using XP SP2, it’s possible that you were infected. More details on the exploit are available here and here.

I’m posting about this since many people read The Register’s feed in FeedDemon. However, please note that this exploit would not affect you if you viewed The Register’s feed in a FeedDemon newspaper, since FeedDemon strips all suspicious code before displaying a newspaper.

LinkDump: Oct 29, 2004

Published on by Nick Bradbury

Here’s a collection of links that have been in a FeedDemon news bin, waiting patiently for their turn to be blogged here:

RSS

WebDev/CSS

Other

Ramblings on Google and the Internet OS

Published on by Nick Bradbury34 Comments

The more I look at what Google is doing, the more convinced I am that we're witnessing the birth of the next Microsoft.  Seems to me that Microsoft is more interested in defending itself against new ideas than actually coming up with them, and over the next few years Google will be the company that Microsoft will most need to defend itself against.  I have to give credit to Google for using seemingly simple ideas such as the Google Toolbar to achieve their goals (using IE's ActiveX capabilities to take on Microsoft – you've got to love that).

The big problem for Google – and the big advantage for Microsoft – is that the vast majority of computer users have all of their data on their Windows-powered desktop computers.  So what does Google do?  Try to get people to move their data to the web (through Google, of course).  Google has already identified email and digital photos as two of the primary uses of desktop computers, and they've responded with Gmail and (to a much lesser degree, so far) Picasa.  Then they release the Google Desktop, which further blurs the line between the web and your desktop by enabling you to search your hard drive using the familiar, simple Google interface.  What will we see next?  GBrowser?  GDocuments?  Regardless, Windows is being marginalized piece by piece, and Microsoft can't stop it.  The internet is the next OS, and Google is becoming a primary force behind it.

I have a lot of concerns about this as I look many years ahead.  Yeah, most of us like Google now, and we're glad to finally see a company really take on Microsoft.  A number of developers want Google to win simply because we look forward to playing a role in the development of an internet OS, and Google is making it happen.  But what are we actually building here?  A lot of people in my profession wear rose-colored glasses and believe we're helping to make information free to the world, but some of the early proponents of television believed the same thing.  Are we really just building the next version of TV, one even more powerful because it knows your name and shopping habits?  More to the point, are we simply creating a potent tool for controlling the next generation of mass-market sheep?  I've been told I'm too young to be so cynical, but I like to think I'm too old to be so naïve as to ignore this possibility.

So what can programmers such as myself do now to make sure this doesn't happen?  I honestly don't know.  Some would argue that I switch to building open source software, but (no pun intended) I don't buy those arguments.  I believe that open standards are far more important than open source, since open standards mean you can share your data regardless of whether you access it through commercial or open source software (and regardless of which OS you're using).  The software doesn't matter: the data does.

With HomeSite, TopStyle and FeedDemon, I've relied on – and promoted – open standards.  I would hate to look back and realize that all I really did was play a small role in helping build yet another tool for keeping people fat, dumb and happy.

Software gnomes

Published on by Nick Bradbury33 Comments

Every now and then I’ll receive an angry email from someone lambasting me for installing my software on their machine, which always surprises me since you have to download TopStyle and FeedDemon and then manually install them – so it’s not like this is something I force people to do. I’ve talked with other shareware developers – none of whom do anything remotely spyware-like – who have run into the same problem, and we’re never sure how to respond.

It usually turns out that the person downloaded a trial version, installed it, then completely forgot about it. When they find it again, they assume that I somehow secretly installed it on their computer. Like I’m some sort of software gnome who visits people during the night, installing my products while they sleep.

This morning I received two such emails, which is especially strange since they’re usually so rare. The first was short and to the point:

“Stop installing software on my machine goddamnit!!”

The second threatened to contact the FBI:

“Hello, today I discoverd your crappy software on my machine. I just wanted you to know that you have a f—-d up piece of s–t for a product. I plan to forward your company information to the proper authorities since you think it is OK to install it on peoples machines without permission. I consider this kind of thing disgusting and will make sure you are not allowed to continue this practice. Promise.”

Usually I provide a canned reply letting them know that our software doesn’t install itself, etc. But since I received two complaints in the same day, I have to wonder if I’m missing something here. Perhaps there really are software gnomes running wild?

Induce act dead (for now)

Published on by Nick Bradbury2 Comments

You might think that as a shareware developer, I’d be in favor of any bill that penalizes copyright infringement. After all, I’ve made my views on piracy quite clear. However, the induce act introduced by Orrin Hatch went waaaay too far by making developers of file-sharing software liable for “inducing” their users to commit copyright infringement. I’m no fan of file-sharers who pass around pirated copies of my software, but holding the developers of P2P products liable is incredibly wrong-headed.

P2P is a pirate’s dream at the moment, so I guess I can understand why some politicians and their Hollywood sugar-daddies want to see file-sharing software crushed. But over the next few years P2P will increasingly be used for legitimate – and important – purposes, and I’d never favor any bill that stifles the innovation enabled by P2P software (BitTorrent in particular). So I’m glad to hear that the induce act has been shelved. I wish I could dance on its grave, but I’m quite certain it will pop up again in some other form.

As an aside, I’m also bothered by how fair use has been swept under the rug not only by politicians, but also by many software developers. There’s absolutely no reason why you shouldn’t be able to create backups of your software, and you should be permitted to use purchased bits on any device you like. Many companies require purchasing separate licenses for each computer you install their software on, whereas the licenses for TopStyle and FeedDemon permit you to install them on any computer you use. This makes anti-piracy techniques harder since I can’t limit my software to a particular CPU, but I’m not about to criminalize legitimate usage of my work.