42 Quirks

Surprised? Well, read on…

Early this morning, someone submitted a story on Netscape.com. And Digg fans all over the world erupted in laughter and glee. Ever since the story was submitted, this is what appears, when Netscape is loaded into your browser:

The first is a four word expletive, and the second greets “all you Diggers out there!”

The culprit?

A story titled “Unbearable Cuteness”. Ironical,eh? Here’s the what and why of the entire fiasco.

Analysis:
A quick check of the JavaScript on the page reveals this script:

via a
title=”http://www.cute.com”>script>alert(”fuck”);
alert(”Hi to all you Diggers out there ;)”);script>”
href=”http://www.cute.com”>script>alert(”fuck”);
alert(”Hi to all you Diggers out there ;)”);script>”
onclick=”trackOutbound(15475);”>cute.com”>script>alert(”fuck”);
alert(”Hi to all you Diggers out there ;)”);

The link that was submitted with the story exploited an XSS (Cross Site Scripting) vulnerability. PacketStorm had already published this vulnerability a month ago on the 6th of June. Apparently netscape.com does not sanitise its inputs before they are submitted. As a result, specially crafted JavaScript (like this one) can be used to send ‘malicious code’.

While Netscape is looking into the matter, Diggers across the globe are having a field day running multiple ‘Ha Ha! Netscape gets hacked!!‘ stories. Most of the l33t Diggers are already publishing their insightful comments on the stories, too.

What can I say? There is a child in all of us…

Technorati Tags: netscape, digg, exploit, XSS

powered by performancing firefox

My last post on WebOSes and the corresponding comments on ZDNet and Performancing resulted in interesting conversations.

Performancing users and authors had very interesting opinions. Dave, for instance, said:

…they could bring down the price of computing massively. All you would need on a desktop is effectively a thin client that handles inputs and outputs, and
connects to the internet.

… while georgemanty was worried about security:

Do I really want a third party to have access to everything on my computer’s hard drive???

searchengineblog put it really well with:

The problem is that there is no problem to be solved. In 2006, fat clients (read: PCs) aren’t expensive - bandwidth is.

The security concerns do make a valid point. But I guess, with the way things are moving, third-party storage (read: online storage with desktop synchro) is the thing to watch out for in the near future.

Technology has not only enabled cheaper and communication, but it has also been revamping the field of transportation. As travel becomes cheap, we will find ourselves at different places at different times. And then we will need one central location to store our data. Which is where third-party storage comes in.

One option would be a personal FTP server. Like your hard-disk away from your PC. Again, the only hindrance I see currently is the band-width (in terms of access). Thus it boils down, essentially, to two things:

1. A radically new, faster method of accessing the internet.Condition: It must support huge amounts of bandwidth so as to enable each one of the 6 billion people whoo will soon be online in the near future.
2. A safe and secure online storage system.Condition: The privacy concerns of the users must be put to rest. Each such third-party supplier must be liable for any leakage of information (intentional, or otherwise) occurring from their servers.

On ZDNet, 3D0G said:

There are still far to many people out there using computers who have no
clue how computers work and don’t want to know. They just want to browse the web and read email. There are also many people who know they know nothing about computers and so don’t buy one. Something like this would at least open the internet and email up to them

This would be like saying, we need hand-cranked cars because some old-timers cannot adopt to automatic transmission. Not a very good analogy, I agree, but just because people don’t know how to use the net does not mean we step back to thin-clients.

A similar attempt was made (if my memory serves me correctly) with public Internet Access kiosks (at least in India) But it was a huge failure, simply because:

1. People did not want to make their ignorance of the Internet public.
2. The kiosks were not supported by adequate bandwidth. They were too slow.
3. The thin clients were actually confusing and they allowed only one browser window - no tabs back then.
4. Around 25% of the screen space was consumed by ads that were run to support the costs of running these kiosks.

I have realized that, the more you attempt to make technology easier for people, the lazier they become. “Give a man fish to eat, he will eat for a day. Teach him how to fish and he will never go hungry for the rest of his life.”

If there are any such laymen, we need to teach them how to surf the waves and not try and make things easier for them. Simplicity does not always mean simplifying the product. It could also mean simplifying the process.

Let’s face it, the internet is a skill and not a toy. You have to learn it and the more inquisitive can even attempt to master it. Any attempt to simplify things further will only allow the lazy to become lazier. Do we really need WebOSes? The argument of thin-clients and simplification of things seems pretty thin to me…

I mean, is it really that difficult?

(It’s a pity that I have to summarize my Blogosphere Conversations here.)

The WebOS Market Review by Richard MacManus delves into the WebOS market, which is currently being played by small-timers like YouOS, eyeOS, XIN, etc. A WebOS is an OS on the Web that allows you to browse, eMail, chat, etc. Basically, the online counterpart of your desktop OS.

Ok. Stop. Let’s go back to that last one. Online counterpart of an OS? uhh, erm…

Hmm. Let’s try Wikipedia. Wikipedia defines WebOS as:

More generally, WebOS refers to a software platform that interacts with the user
through a web browser and does not depend on any particular local
operating system.

What? Let’s go through this one more time, step-by-step:

I boot my desktop OS. I fire my desktop browser. I connect to the World Wide Web. I access the WebOS. I see my WebDesktop. Now what? I fire up my WebBrowser and access the Internet again?

Er, excuse me, but isn’t that where I am already? So, which one is my, ‘true’, definitive OS? The one I booted to fire the (desktop) Browser, or the one that I accessed on the web? Moreover, how would you access such an OS in the future, given this logical inconsistency?

When I put forth this question, AutomanG replied with the following:

One solution would be to have something, say…, linux embedded into a box that’s sole purpose is to fire up a browser and initiate a tunnel to a remote server (where your webOS of choice is located.) It would be a borderless browser so to you, it would look just like you booted a computer arriving at a desktop.

This sounds really weird! No offense meant, but I just want to explore this a bit further:

Currently, looking at the larger picture, we have three OSes in the Desktop Market. Windows, Linux and MacOS. With this proposal the intention to make Linux a standard (irrespective of whether all people want it or not). Or Windows or MacOS. Some OS which can be universally accepted and moulded as and when need be. Which inevitably brings us back to Linux.

Agree though, the argument that Automan provides makes some sense on some level. Okay, it doesn’t matter what boots the embedded browser as long as what they see on their screens is the same all throughout. Interesting point, I admit.

But again, then there are many options for WebOSes now. There will come a time when we will have to choose one of them as a standard, or maybe, define some standard specs for a WebOS. How do you do that, then?

And if you were to do it later, why not do it now for the desktop OSes? And if you intend to write embedded software to run the necessary hardware, it still is an OS!

I still can’t fathom the need for a WebOS. The ability to store data online, more than makes up for the inability to access my personal desktop everywhere. After all the applications that you intend to put on the Web will be run by their desktop counterparts. What is the point?

Ok, I guess, I oughtta stop. I sound almost desparate now!

Technorati Tags: WebOS, ZDNet, OS

Over at ZDNet, Marc Orchant has this to say in his article Foldera: Measure twice… cut once:

I applaud this strategy. The more forethought and preparation put into the launch, the better.

Marc was talking about the eMail sent out by Foldera CEO Marc Orchant stating that Foldera is postponing its launch, simply because:

“we didn’t have the firepower in our datacenter to handle the sort of demand indicated by so many registrations.”

I wish to make it known for the record, I haven’t received the mail, this snippet has been extracted from the mail extract that Marc posted in the article.

Marc goes on to say that even after the resounding success of Gmail and the early frustrations of Gmail users, Google did not learn. The result was apparent for everyone to see with the initial pull-backs of Reader and Pages.

Some (personal) observations:

1. Personally, I believe Google did not pull back Pages because of high demand. It was probably due to a bigger glitch, something I have previously blogged about.
2. Foldera may be stretching the public interest a little too far. Going by the conversation on Mike Arrington’s Techcrunch, Foldera should have been launched and here many times over by now.
3. However, interesting a tool may be, the longer you take to launch, the shorter the buzz post-launch.

At least that’s what I think happened with Origami. Of course, Origami was a little early, about three years early, by my guess. In a world where laptops and palm-pilots have not yet become commonplace, introducing a gadget that was a level up in the futuristic scale seemed to me, a crazy idea.

One thing I have realized so far is:

“You can’t hurry up or slow down the future. It comes when it comes. You better be prepared for either case.” Probably that’s what Foldera is thinking. Or are they?

PS: I have decided to be a little more regular now. Hope to live upto my words…

Technorati Tags: foldera, google, peeves, launch

The Big Brother launched Google Pages yesterday. Of course, it is in Beta.

Here’s how they are plugging it:

Want to create an online photo tour of your vacation to Bali? An overview of the South American precipitation cycle for your science class? A shrine to your pet ferret?

Google Pages comes five days after Microsoft’s Office Live, which was recently launched amidst fanfare among the A-list bloggers. That’s fast.

Compare this to the launch of Pages and the blogosphere opinions on Google Pages:

1. “Google Pages Released” by Nik Cubrilovic on Techcrunch
2. “Google Page Creator” by Matt Cutts of Google
3. Jeremy Zawodny’s Google Page - Spammers hit the Motherlode!!
4. None from Scoble… Interesting…

Some first impressions:

• Google Pages follows Google’s clean design policy.
• Ajaxified Geocities?
• There is a 100 MB limit. ‘Nuff said…
• Intuitive working interface.

What struck me initially as pleasant and later as funny was this: Google Pages in OPEN beta. Seems like they are sending a message across to someone…

So, now, with its foray into personal pages, Google has literally become an all pervading force on the Web. I think I’d better create a list of Google products on listible. Wait, they are gonna buy that one too, right?

There seems to be a 100 page max limit on each user account. Hmmm…

Currently the user accounts are stored as yourgmailusername.googlepages.com which, I admit is ugly. C’mon guys, unleash the spam upon me! Would you be willing to risk that?

But I suspect, they are in the process of securing a deal with one or the other hostname providers to get your own domain name for free.

My bet is it will be either GoDaddy or Register. The former because it is the most popular, the latter because it’s, uhh well, never mind…

There are they haven’t yet incorporated Google Analytics into Google Pages. I suspect it won’t be too long before they do that.

It remains to see how long Pages remains in beta. But I do admit, pages is pretty slick even for a beta. Although it kept going offline quite frequently (every hour or so, frequent by Google standards) You can access mine here.

By the way, I don’t know how many of you have noticed, but all our clicks in Gmail are redirected through this site. Read through the content. eMail marketing, eh? Seems my fears are turning out to be right. Well, time to shut down my Gmail account or what?