cellio | Entries tagged with internet

I found out today, via a notice provided by one of my add-ons (Stylish), that the next version of Firefox (57) is going to break most add-ons, which they are now designating "legacy". Firefox, like Chrome, automatically updates itself (I'm not sure that can be turned off any more), and these changes are coming "in November". I found this blog post from Mozilla from August, but I never received any sort of notification as a user and I don't make a habit of seeking out blog posts from vendors of software I use.

Why the hell didn't I get some sort of notification from Firefox? Is this news to you, too?

So now, the hunt for replacements commences. Gee thanks, guys.

Here's what I've found so far, untested unless otherwise noted:

Stylish replacement (notice pushed by Stylish, apparently): Stylus. Listed as beta. I don't know whether styles will just work (after being manually imported, it appears) or if changes will be needed. ETA: I needed to rework one style, which had several blocks applying to different sets of (related) sites. I had to break that up. The style I was using to make tooltips bigger doesn't work (not supported by Mozilla's new API), but I found a workaround. The day after I got all this migrated to Stylus, I got a Stylish update -- but it couldn't read my existing scripts either, so I would have had to migrate to it in exactly the same way I'd just migrated to Stylus. (The UI was even the same.) So I punted that; I've already got Stylus working.
Greasemonkey: Google led me to ViolentMonkey. Ditto about not knowing if things just work or require adjustments. ETA: ViolentMonkey is slow and times out about a third of the time for me, but TamperMonkey (which I already know from Chrome) exists and works fine. I had to manually add each of my scripts (to either), but I didn't need to modify them.
NoScript: it looks like they're migrating, but I don't know if I'll have to do anything. ETA:* Seems to be broken in 57; supposedly they're working on it.
Session Manager: is this built into Firefox now? It's very important that when I restart Firefox, I get the tabs and windows I had before. Can anybody who doesn't use an add-on for that confirm whether that works out of the box now?
AdBlock Plus: this is my one extension not listed as legacy, so I assume it will keep working.
Classic Theme Restorer: um, I found this github repository; haven't waded too far into the readme yet. ETA: this page explains how to move the tabs below the URL/extensions bar where they belong. The other look&feel stuff it did isn't as critical. (One could make a good argument that the URL bar belongs below the tabs, but all the other stuff the browser puts in that horizontal slice is more global, and having those reversed confuses me.)

I get email sometimes that is presumably the result of somebody using my email address (erroneously or intentionally) to sign up for services like Facebook, Twitter, dating sites, etc. (Also the occasional hotel booking confirmation.)

Today I got email from Twitter with a subject line of something like "please confirm your account (account name that is not mine here)". I figured anti-confirming might be helpful (at least to me; don't know about the other guy), so I looked. The body of the message was in Portuguese.

The text that looked most like "not my account" passed muster with Google Translate, so I clicked -- and worried that I'd have to navigate a Portuguese confirmation page. But no! The page was in English. Yay; with luck that email stream will stop now.

So I guess when they sent the mail I thought I was that other person, and that account has a default language or a language setting, so they used it. But they weren't sure enough to also use Portuguese in the subject line. (Correct call: I wouldn't have opened it if it weren't in English.) And then when I indicated "nope" they either chose a language based on my IP address or just used English on the assumption that everybody on the web is used to that. I wonder which it was.

Making decisions about this stuff is probably harder than it first appears. I think they made all the right calls here (except they might have repeated the "nope, not me" link in English), and they didn't just pick one language and go with it.

Yesterday Cloudflare, a service that increases reliability (and speed?) of web sites, shut down the Daily Stormer web site. Daily Stormer, if you haven't heard, is the site for the a hate group with broad impact in the US, most recently in the violence and murder in Charlottsville.

Their CEO's blog post announcing the termination isn't just a "they're evil and they're gone" announcement like you sometimes see. It's a thoughtful post that explains the dilemmas faced by the organizations that, by and large, make the Internet work, and what dangers this decision opens up.

Our team has been thorough and have had thoughtful discussions for years about what the right policy was on censoring. Like a lot of people, we’ve felt angry at these hateful people for a long time but we have followed the law and remained content neutral as a network. We could not remain neutral after these claims of secret support by Cloudflare.

Now, having made that decision, let me explain why it's so dangerous.

[...] Someone on our team asked after I announced we were going to terminate the Daily Stormer: "Is this the day the Internet dies?" He was half joking, but only half. He's no fan of the Daily Stormer or sites like it. But he does realize the risks of a company like Cloudflare getting into content policing.

I also found this tidbit interesting:

In fact, in the case of the Daily Stormer, the initial requests we received to terminate their service came from hackers who literally said: "Get out of the way so we can DDoS this site off the Internet."

After finding that post I found this post on Gizmodo that, among things, quotes from internal email he sent.

This was my decision. Our terms of service reserve the right for us to terminate users of our network at our sole discretion. My rationale for making this decision was simple: the people behind the Daily Stormer are assholes and I’d had enough.

Let me be clear: this was an arbitrary decision. It was different than what I’d talked talked with our senior team about yesterday. I woke up this morning in a bad mood and decided to kick them off the Internet. I called our legal team and told them what we were going to do. I called our Trust & Safety team and had them stop the service. It was a decision I could make because I’m the CEO of a major Internet infrastructure company. [...] No one should have that power.

I don't have a coherent opinion yet. On the one hand, policing content is a dangerous game and why I support net neutrality. On the other hand, private companies (and individuals) should be free to act (legally) in their own interests; companies have been refusing service to unacceptable customers on a case-by-case basis for years. On the third hand, there are differences between competitive markets and monopoly markets. (Within monopolies there are government-sponsored ones and we're-big-and-drove-everybody-out ones too.) Balancing all of that is hard.

I'm home from Pennsic. Brief notes in the form of bullet points:

My good friend Yaakov HaMizrachi was elevated to the Order of the Laurel! Yay! The Laurel is the SCA's highest award (peerage) for arts and sciences. He's also now known (additionally) as Yaakov HaMagid, Yaakov the Storyteller. The ceremony felt like a reunion of old friends, and it was a nice touch that they had his son chant the scroll (in Hebrew).
The part of Atlantian court that I attended (because of the previous) was very well-done and engaging. I don't live there, I don't know most of those people, and yet I was not bored. They moved things along without it feeling rushed, and everybody speaking from the stage could be heard clearly. They also mixed it up, instead of doing all recipients of one award and then moving on to the next. Sprinkling the peerages throughout the court works well and, really, it's not a big deal for order members to get up more than once in an evening. (Also, if peerage ceremonies are burdensomely long -- theirs weren't; ours sometimes are -- it's nice to be able to sit down between them.)
I don't think I've ever heard "we're ahead of schedule; let's take a 10-minute break" in the middle of court before, though. I wonder if someone on the stage had an urgent need?
They elevated another bard to the Laurel, and that one sang his oath of fealty. While he was doing so I wondered if the king would respond in song -- and he did. That he used the same melody suggests some advance coordination (beyond "we're singing"), I wonder which of them wrote the king's words.
I had long, enjoyable conversations with both Yaakov and Baron Steffan. I miss the deep email conversations I used to have with both of them, before the great fragmenting of the digital-communication world (some to email, some to blogs/LJ/DW, some to Facebook, some to Google+, some to Twitter, some to places I don't even know about). It's harder to track and stay in touch with people than it used to be.
No I am still not going to start using Facebook. It's frustrating that by declining to do so I miss more and more stuff, but I'm not ready to let yet another thing compete to be the center of my online life. Also, Facebook in particular is icky in some important ways.
SCA local group, that means you too. Plans for a baronial party at Pennsic were, as far as I can tell, announced only on Facebook. (I've checked my email back to the beginning of April, so no I didn't just forget.) And thus I did not bring a contribution for your pot-luck. I do not feel guilty about that.
The Debatable Choir performance went very well. I conducted a quartet singing Sicut Cervus (by Palestrina), which I think went well. Two of the four singers had not previously done a "one voice to a part" song with the choir, and I'm proud of them for stepping up and doing a great job. I hope we got a recording.
I went to a fascinating class on medieval Jewish astrology (taught by Yaakov in persona). I've seen zodiacs in ancient (and modern) Jewish art and in synagogues, and a part of me always wondered how this isn't forbidden. It turns out that astrology is more of an "inclination", a yetzer, than a hard-and-fast truth -- there are stories in the talmud where astrology predicted something bad but the person, through good deeds, avoided the bad outcome. Also, in case you're wondering (like I did, so I asked), the zodiac signs get some solar smoothing, so if there's a leap-month (Adar Bet) there's not a 13th sign in those years.
Our camp has two wooden buildings (besides the house on the trailer, I mean), which we wanted to sell this year because we're making a new kitchen trailer that will replace both of them. We succeeded in selling the larger one (yay!). Maybe we'll be able to sell the other next year. (We'll set it up and use it for something else, because potential buyers would want to see it set up.)
Overall the weather was good. There were big storms on the first Friday ("quick, grab snacks and alcohol and head for the house!" is our camp's rallying cry), but only occasional rain after that and it wasn't sweltering-hot, which makes a huge difference.
The last headcount I saw was around 10,500.

We've all seen text on the web that looks almost like ASCII, but it's really very-similar characters from other alphabets like Cyrillic, right? These can appear in domain names too, and your browser will helpfully display them in Unicode.

So, yeah, that can be exploited. It's called a homograph attack.

Browsers display a URL with some special characters in its uglier, non-translated form, so you can tell. But there's a bug or feature, depending on whom you ask, that if the domain consists entirely of special characters from a single language, it all gets translated. You can see how that would be helpful to Internet users in Russia or Israel or China, but for those who surf using the Roman alphabet, it's a risk that even careful security-minded people can miss.

Chrome version 58 reportedly fixes the problem. Firefox isn't going to fix it, but there's an about:config setting you can change (set network.IDN_show_punycode to true).

This post from Ars Technica explains the problem in more detail.

I have some things collecting in tabs, so here's a hodge-podge:

First, border-crossing. You've probably heard by now that border control in the US has gotten aggressive, including demanding passwords for encrypted devices and then taking them out of view for an extended time. You don't have to give up your password, but if you don't, they can confiscate your device for weeks or months for "review". The rights you have against unreasonable search and seizure in the US are not the same as those you have at the border. While they can't deny entry to US citizens, they can to others.
It's important to know what you don't know. David Director Friedman has an interesting idea about applying economics to teaching -- specifically, grading exams.
A lot of the Rands article The New Manager Death-Spiral sounds very familiar.
We all know one of the Internet rules: don't read the comments. The parts of the net I frequent tend to be better than, say, a random sample of YouTube, which is due to a mix of conscientious participants and comment moderation. A while back I came across a comment-moderation policy described as "Victorian Sufi Buddha Lite": they require a comment to be at least two of true, necessary, and kind.
I'm not sure that philosophy applies to windshield notes, but they sure are funny.
How do we know Humpty Dumpty is an egg? The rhyme doesn't say so. Huh, I never thought about that.
Speaking of things I hadn't thought about, have you ever noticed the similarities between fantasy-adventurer settings and westerns?

Crossposts: http://cellio.livejournal.com/1070924.html

Can you believe that I've been online since the ARPAnet and yet, in 2017, do not know the nuts and bolts of domain-name management? Perhaps you, dear reader, will point me toward the clues, and I promise not to be offended that you're quietly snickering there.

The recent LJ upheaval is far from the first signal that really, if you care about durable links, you need to own your own domain, but it's the one that's finally gotten through to me. Instead of relying on Livejournal or Dreamwidth or Medium or whomever else to provide a durable path to my stuff, I ought to control that, so if a service goes belly-up, the old, public URLs still work (with content migrated elsewhere).

What (I think) I would like (please tell me if this is flawed): some domain -- I'll use cellio.org as my example, though that one is taken so I'll need another -- where www.cellio.org points to my ISP-provided web content (which I can easily edit), blog.cellio.org points to my DW journal, medium.cellio.org points to my Medium page, and I can set up other redirects like that as needed. So I can't do anything about links that are already out there, but I can give out better URLs for future stuff (stop the bleeding, in other words). Bonus points if the durable URL stays in the URL bar instead of being rewritten (unlike pobox.com redirects), but that might be hard.

I do not want to run my own web server.

Now I already pay pobox.com for, among things, URL redirection, but it's to a single destination. And it's not at the domain level -- www.pobox.com/~cellio redirects to my ISP-provided web space. It'd be ok, though a little kludgy, if I could manufacture URLs like www.pobox.com/~cellio/blog that do what I described above, but unless there's something I can drop into my own web space, without requiring access to my ISP's web server, I don't think I can do that. Also, this leaves me dependent on pobox.com; owning my own domain sounds like a better idea. pobox.com has been solidly reliable for 20+ years, but what about the next 20?

I understand that I need to (a) buy a domain and (b) host it somewhere, and if I were running my own server then (b) would apparently be straightforward, but I don't know how to do that in this world of distributed stuff and redirects. Also, I'm not really clear on how to do (a) correctly (reliably, at reasonable cost, etc).

So, err, is this a reasonable thing to want to do and, if so, what should I do to make it happen?

Crossposts: http://cellio.livejournal.com/1067186.html

TIL #1:

Somebody linked to this question on Stack Overflow about some unexpected results when doing math on dates in Java. The problem, according to Jon Skeet, is that the date being used in the calculation is near midnight on December 31, 1927 in the Shanghai time zone -- when Shanghai moved its clocks by 5 minutes and 52 seconds. So the time in question existed twice, and Java chose the one that the programmer wasn't expecting.

That answers the programming question, but my question from that was: why in the world would somebody move clocks by 5 minutes and 52 seconds? I understand shifts of an hour (that happens all the time), and there are timezones out there that have 30-minute offsets and even one with a 15-minute offset, so that wouldn't have much surprised me either. But 5:52???

So I asked Google, which led me to a question on History Stack Exchange about this, where an answer explained that 1927 was not a good year for political stability in Shanghai, and one of the side-effects was a change in who had control over the central astronomical institution, with the result that the reference point moved east from Beijing to Nanjing. Greenwich was apparently not yet a thing as far as they were concerned.

A comment on the answer, from Taiwan, casts doubt on whether there was a time shift at all -- but, if not, doesn't explain where Java got the idea. Curious.

TIL #2:

A few days ago on Mi Yodeya somebody asked if, during the Exodus, the commandment to place the blood on the doorposts and lintel was just on one door or all of them. (Is it like mezuzot, which are on every door, or like the chanukiyah, which we place next to one door only?) My first thought was that there might have only been one door in ancient Egyptian slave housing. Last night I learned a little about ancient architecture and then wrote an answer about the four-room house, which appears to have had one outside door. I argued that we're given the reason for the commandment: it's to mark which houses are to be passed over. To me, that says blood on exterior doors, of which there was one.

Not TIL #3:

Today on Mi Yodeya somebody asked how many people the Pesach offering would feed. The torah says to use a lamb or kid, that it all has to be eaten that night, and that if you don't have enough people to do that, get together with your neighbors. So how big a group are we talking about? One can find plenty of information (not always in agreement, mind) about the weights of modern livestock animals, but animal husbandry has worked its magic over the centuries -- heck, even within my lifetime we've seen "standard" chickens for food get a lot bigger. So knowing how much a yearling lamb weighs today doesn't necessarily tell us what it might have weighed in ancient Egypt or in the time of the first or second temple, when this was done.

I considered asking on History SE, but I haven't yet. Anybody happen to know?

"Don't read the comments" -- common, often-correct advice when browsing the Internet. But comments are important, if you want to build community instead of just publishing stuff.

The Guardian looked at trends in the 70 million comments they've received. Not too surprisingly, articles posted by identifiable women get more abusive comments than those posted by men -- except in the fashion category. About 2% of the comments they get are blocked by moderators as way over the line; I'm surprised it's not rather higher, actually.

People who find themselves abused online are often told to ignore it – it’s only words; it isn’t real life. But in extreme cases, that distinction breaks down completely, such as when a person is doxed, or SWATed, when nude photos are posted of the person without consent, or when a stalker assumes the person’s identity on an online dating site and a string of all-too-real men appear at their door expecting sex. As one woman who had this experience said: “Virtual reality can become reality, and it ruins your life.”

But in addition to the psychological and professional harm online abuse and harassment can cause to individuals, there are social harms, too. Recent research by the Pew Centre found that not only had 40% of adults experienced harassment online but 73% had witnessed others being harassed. This must surely have a chilling effect, silencing people who might otherwise contribute to public debates – particularly women, LGBT people and people from racial or religious minorities, who see others like themselves being racially and sexually abused.

Is that the kind of culture we want to live in?

Is that the web we want?

They talk about their research methods.

Dear LJ brain trust,

I use the Ghostery browser extension to notify me of (and disable until approved) third-party trackers on web sites, because I don't really want random sites snooping on my browsing habits. I just restarted Firefox, picking up some updates in the process, and the notifier thingie has gotten super-annoying and hard to dismiss. I looked at the configuration options and set it for the shortest period of time before (supposedly) auto-dismissing, five seconds, but it's still taking more than that. And it's bigger and more intrusive than it was, on every single site regardless of trust settings:

New Ghostery notification

I want big and intrusive on untrusted sites, or if something new has shown up, but for sites I've said I trust, where nothing special is happening, I want it to just shut up already.

Is anybody else seeing this? If so, do you know how to fix it or revert, or are my choices to live with it or disable the extension entirely?

Is Ghostery actually still useful? Are there better tools for this?

The Worldbuilding blog, Universe Factory, is still fairly small; we're new and trying to grow. So I was surprised when my latest article, Worldbuilding As You Go: A Case Study, in which I describe a process by analogy with train games, got lots of views in just a few hours. (I mean hundreds, not hundreds of thousands, but more than I'm used to.) Curious about where it was linked (it must have been linked, right?), I looked into the referrers and found Reddit. I didn't know there was a worldbuilding sub-reddit, though I guess I shouldn't be surprised. There are sub-reddits for practically everything, after all.

I've not used Reddit before. Is bookmarking that page and occasionally visiting it the best way to keep an eye out for other interesting material on this topic? Assuming I don't want to commit a large amount of time to that, is just going with the community voting to cull the vast pile of material the way to go, or are there easy personalization options?

Dear Charities¹ That I Already Support,

I sent you a sizable donation this year. Recently, even, because I mostly do that at year-end when I know where the annual finances ended up. You acknowledged receipt.

So stop bombarding me with email asking for donations, will you? If I weren't inclined to support you the repeated appeals would not change that -- in fact they would drive me away, as they've done with some of your predecessors. And even though I am inclined -- I like you and support you, after all -- I'm starting to weary of this. It feels like the left hand doesn't know what the right hand is doing. Get your fundraising people in sync with your receipts people, please. I want to support you, but your methods are growing frustrating.

¹ Yes, the use of the plural is correct. I have gotten several email requests this week from each of two organizations I have a long record of supporting with single, annual donations.

I see a lot of phishing attempts and more than a few spear-phishing attempts, but a recent one is leaving me wondering what the phishers were trying to do.

A couple days ago I got email, purportedly from eBay, acknowledging my new account. The email came to my Gmail address, which I don't publicly use but is easily guessable. The account had a goofy name starting with the first few letters of my email address.

Whenever I think there could be an unauthorized account in my name on a real service I try to reset its password, just in case. So I fired up an incognito window and went to eBay (really eBay, not using the link in the email), went to the login page, gave that account name, and clicked "forgot password". This generated email to me -- which means, I think, that an account of that name really was created (not by me). I reset the password.

While I was there I checked the transaction history and looked for private information. That was all clean. I initiated an account-deletion request, choosing "concerns about identity theft" from their menu of reasons. (Aside: eBay's short list of deletion reasons includes "concerns about identity theft"!) eBay holds such requests for a week to ensure that transactions close, even if there are no transactions (I consider the latter a flaw). I set a reminder to check back in a week.

A day later (just about 24 hours, in fact), I got password-reset email, identical to the email my own reset request had generated (other than the specific link).

Now if the phishers tried to log in and clicked "forgot password", they should already know that that would only work if they could intercept that email. I am as confident as I can be without server access that my Gmail account has not been compromised (I'm very careful about that), but I nonetheless changed my password and reviewed recent access logs. No new devices had accessed my account in this timeframe.

It is always possible, of course, that I am dealing with somebody who is just inept. But if this is a viable attack vector, what's the deal? How is it supposed to work? How does creating an account on eBay attached to an email address you can't access help you?

When I was in college, some people thought it was a right fun prank to sign other people up for wildly-inappropriate catalogues and suchlike. These days they use the Internet for that. Any site that blithely accepts an email address without sending confirmation email to that address is contributing to the problem, big-time.

I know that already, but reading this article about a victim of the Ashley Madison breach -- spoiler alert: not an actual user -- reminded me how problematic this still is. Definitely worth five minutes of your time.

I want to ask you, Internet, to please stop taking all of this [supposed evidence] at face value. Please stop taking things like lists of names stolen from a company as a reason to abuse others — online or offline. When you see a story about someone doing something you think is either wrong or even just lame, it’s not a reason for you to abuse, stalk or attack someone you don’t know.

A friend whom I trust quite a bit not to be using their services is also on that list. So if you don't believe a random person on the Internet, there's that.

It used to be that if you put out a software product, and particularly as you produced new versions of it, people might complain about things that were hard or different (change bad!) or broke their workflow, and you'd decide whether to add some configuration parameters or redesign it again or just tell them to suck it up. There wasn't much they could do within the scope of your software if you didn't give them hooks. (They could, of course, take their business elsewhere if your breaking change was important.)

Then, if what you were developing was a web site, you had to cope with some variations ("IE did what to our site?"), but you still had a lot of control. Well, until browser add-ons became a thing, and people could block your ads and trackers and make you use HTTPS and your site had better still work if you didn't want people to surf away.

Now, quite aside from the multitude of browser add-ons that might be relevant, we have tools like Greasemonkey and Stylish that empower users to rewrite your site to their heart's content. For some of us this lets us turn unusable sites into usable ones ("you chose what font? and assumed I had a 1500px-wide browser? feh!"). But it goes beyond that; Greasemonkey, by allowing JavaScript injection, lets us add, remove, and redefine functionality. I have several Greasemonkey scripts for Stack Exchange that make those sites easier for me to use and moderate, scripts that let me add shortcuts and override assumptions the designers made that don't quite fit my circumstances. I like SE's designers and, mostly, the designs of the sites I use, but some things just don't work so well for me out of the box. I'm not picking on SE; I think this happens with lots of sites.

All of this got me wondering: how do you develop web UIs in that kind of world? Are there some best practices that designers use to say "ok, if you're going to hook into the site and change things, we'll make it easy for you to hook in here and here to try to guide and contain you"? Is there some way of doing defensive design, so that if people do add scripting they can reduce the chances that that'll break something important? Or do they mostly just not worry about this, figuring that the Greasemonkey heads know how to use the browser console and will reverse-engineer their pages and, anyway, if you're going to mess with our site it's ok to say you're on your own? (I don't actually know enough to write those Greasemonkey scripts myself; I use scripts that others have written. So I don't have a good perspective coming from the developer-user side here.)

I'm curious about how the expansion of user-driven variation, on top of the browser-driven variation we already had, is affecting the field.

Yesterday we got word that one of my fellow Stack Exchange moderators (not on a site I moderate, but a different one) had died. I didn't know him well, but we had talked in our moderator-only chat room intermittently, we'd read each others' posts, and I felt like I'd gotten to know him some. It seems like that was mutual. The last conversation we had started with him telling me he respects me "a heck of a lot" (that's mutual) and ended with plans for him to come to Mi Yodeya with a question he was forming. And now he's gone. We found out because somebody -- we don't know who -- updated his profile, and investigation showed it not to be a cruel prank.

I've been on the net a long time, and I still manage to be surprised by how much I grieve people who I may have only known as names and gravatars. But they are still people, people who shared their thoughts and knowledge and aspirations, people I got to know, and online communities -- the ones that are really communities, not drive-bys and transient places to post comments and stuff like that -- cause us to form connections that are every bit as real as those we form with the people we see, speak with, hug. It blows my mind.

And as we grow more and more connected, and frankly as I get older and have online friendships that stretch from years to decades, I know there's going to be more and more of this. Affable Geek wasn't the first in my digital life by far, he won't be the last, and we knew each other only casually, and yet his passing still touches me deeply. I still expect to see his digital face pop up on the network, but it won't any more.

I asked a question over on the Community Building site on Stack Exchange and I suspect some of my readers might be interested or even have relevant knowledge: Detecting and preventing hostility to women? Excerpt:

I recently had a conversation with one of the users who stood by during [personal attacks directed at me], in which he said approximately: "Well what did you expect? That's how guys work -- if a woman pushes back against a guy all the other guys are going to rally to his side".

It's true that I was one of the only identifiable women -- perhaps the only identifiable woman (don't remember now) -- on the site at the time. In the 21st century and in an online community not prone to attract teenagers (the average age was probably over 30), it never occurred to me that this could be an issue. Some of the ad-hominem attacks I received take on whole new meanings in light of this.

How much does this still happen? (Any recent research?) And if I'm in a community where I don't think this is happening to people (but who knows, maybe I'm just blind), how do we keep it from happening?

Most of my online communities are well-behaved, polite, and AFAIK gender-, race-, and religion-blind. But not all communities are, obviously.

I've been using cnn.com for my daily national/world news roundup, but they just redesigned the site and made it ugly and bloated. So I'm in the market for a news site that isn't.

I'd like a list of headlines that I can click through, not junked up with videos and audio files, animations, partial news stories on the main page (putting a highlight in a tooltip is fine), or other "improved design" -- just headlines linking to text stories, ideally sorted for US and world news, and if they want to put other categories on there like sports or entertainment I don't care so long as they're labelled so I can skip most of them. (I'll look at "tech" if it's there. I have never cared about sports or celebrity gossip.)

It should not require a humongous browser window and shouldn't break accessibility. Bonus points for working (as a web site, not an app) on my phone.

All news sites are biased, but I'm looking for one that's not too out of whack in any direction -- I want to have some reasonable confidence in the credibility of the news I'm reading, knowing that if something's important it calls for additional fact-checking.

Any recommendations?

For the past few years I've used Beer Advocate, and specifically its rating system, to keep track of beers I've sampled. I am not an expert; one number for an overall rating is just my speed. I'm not interested in breaking that down by look, smell, mouth feel, and so on. (Frankly, I don't care what it looks like anyway, only how it tastes.)

They've now changed their system to take away that one-number rating, requiring breakdowns. I can just use the same number for all of them, but that's hacky and more work, especially if I decide to change a rating later. (I suppose it could be userscripted.)

The value of a site like Beer Advocate, rather than just keeping a file, is having access to the descriptions (including categories like "winter warmer" and "amber ale" and suchlike), other items from those breweries, and, out of curiosity, the variance between my rating and the average for people who rated that beer. Also, I want to be able to see and add ratings from multiple locations, so if I just used a file it would have to live in the cloud I guess.

An Android app would be an acceptable alternative, if one exists.

Any suggestions?

(And yes, I would have left this feedback for Beer Advocate if there were any visible means of doing so. Apparently I haven't contributed enough to the site to be allowed to comment.)

I have a personal Skype account, which I use very rarely via my personal tablet. That's all fine, or was the last time I checked, anyway.

I also need Skype for work, so to prevent mingling I created a work account (6+ months ago), using my work email address for the account name. I log in to Skype using that email address and password on a (work) tablet all the time. That's all fine.

It would be convenient for me to also have a Skype client on my work laptop, so I went to download one. Along the way I tried to sign into the Skype web site, using that email address. Whereupon it told me that my account name can't be an email address and I need to either give it a proper account name or sign in with my Microsoft account. I've no idea what they think the former is nor do I have one of the latter so far as I can tell. There's a "forgot user name?" link, but it leads to a login page for a Microsoft account. After making a few failed guesses about all of this I found my way to their support page.

Their help pages are useless for this particular situation (no I didn't forget my password). They don't publish any email addresses for support, of course, but there was a link for "support request page". Great, I thought -- so I clicked on it. And it demanded that I log in.

Earth to Skype: If you require login for people to get support, you aren't providing support for identity/password issues! Sheesh.

I verified that I can still log in on the tablet, then went back to their web site for one more try at "forgot account name". At which point it told me I've tried too many times and come back tomorrow.

By the way, neither help@skype.com nor support@skype.com is a valid address. I'm not even going to bother with postmaster or webmaster; most customer-facing sites I've tried to contact send those into a black hole, never mind that at least the former is supposed to always be defined.

Grumble. It was to be expected that Microsoft would be bad for Skype in the end, but this particular set of failures puzzles me.

By the way, I tried downloading the Windows client anyway just to see if I could log in there with my email address -- break the tie vote between the tablet (yes) and the web site (no). But it wants to make Bing my default search engine (no obvious way to turn that off) in every browser on my machine, so, um, no thanks. It has a checkbox (on by default but can be unchecked) to change my home page (again, in all browsers), but there's nothing about disabling the Bing thing. I'm willing to give IE over to Microsoft (and/or corporate IT) to violate however they like, but I draw the line at inviting tampering with the browsers I actually rely on.

Skype: this is not the way to build customer engagement. Maybe I'm better off just using my cell phone.

Dani and I were discussing sha'atnez, the torah-forbidden mixture of linen and wool, over lunch. (No, I don't remember how we got there. These things happen.) I said that word has too many letters in it and what's the root? (Almost all Hebrew words have, at their core, a three-letter word. This word has five letters, only one of which I could tentative parse as a prefix -- incorrectly, as it turned out.)

That led us to Wikipedia, which says it's not of Hebrew origin and also says that the mishna understands it as an acrostic of three other words. Wikipedia doesn't say where it says that, so I tried Google, which told me that sha'atnez is discussed in Kelayim 9:1. It is, but the Hebrew there doesn't use that word. So that led me to start to ask the question on Mi Yodeya, where just about all Jewish questions get good answers, but after typing the title I saw a suggested match here, which points to a little farther down the page to Kelayim 9:8, where I found my explanation. Excellent; my question was already answered before I asked it.

So today I made my first-ever Wikipedia edit, to add that citation. (It was an anonymous edit because it seems like my usual account name is already in use but the "lost password" email hasn't come back yet. So maybe it's somebody else or maybe their server is slow, but I'd kind of like to find out if I already have an account there before I use a non-standard name that I may not remember. Demonstrably, I don't log in there often.)

Today I was wearing my there's no place like 127.0.0.1 shirt, and thus found myself explaining as much of how the Internet is put together as will fit in an elevator ride in a tall office building. I explained to my inquirer that while he's used to referring to sites by names, computers also have numbers, like this, and that this particular number is very special: it refers to "this computer that I'm typing on right now". Oh, he said, like "home base". Ding.

At that moment the elevator arrived in the lobby, so we did not get into IPv6.

I moderate a few online communities, and occasionally something gets flagged as offensive that doesn't strike me that way -- but, in a large heterogeneous community, it can be hard to know whether I don't see it because it's not there or because my own perspective blocks it. Put another way, is that my privilege speaking?

Today I decided to ask that question on the fledgling community-building site on Stack Exchange. If you have experience mediating such issues, please consider answering there. You could comment here too, of course, and I'd like to hear what y'all have to say about this, but I hope that if you can speak from actual experience you'll consider sharing your knowledge over there where it will help people other than me too.

I'm oft fascinated by how online communities work (or, sometimes, don't work) and I'd like this site to succeed. Also, I've written some good stuff for it that I'd hate to have disappear from the network if the site doesn't reach critical mass.

FiOS has finally come to my neighborhood, years after many others in the city. The installer is here now. It sounds like a big production; I hope there aren't too many surprises. One surprise already: my "HD" TV package won't actually deliver HD signal unless I pay to rent a fancier box. This was not disclosed. The guy I called about it today offered me three months of movie channels but I'd have to remember to call and cancel that or they'll start charging me; not interested in that. I only got the bundle with TV because (for the next two years) it's cheaper than just getting phone and internet, so in that sense it hasn't particularly harmed me, but it still leaves a bad taste.

If you've been caught up in the "AOL/Yahoo email addresses not playing well with mailing lists" problem, or if you haven't but you've heard something about it, you might want to read this summary of the problem from

siderea. I guess some people assumed that mailing lists don't matter any more and everybody does web fora, or something.

Last week was Shavuot. There's a tradition of staying up all night studying torah; we have a community-wide study that runs for three hours (from 10PM to 1AM) and then several local synagogues take it from there, for those who want. The community one has 6-8 classes in each 50-minute slot, so there are choices. There seems to be a tradition of giving them not-very-informative names; I went to one called "speed torah" just to find out what it meant, and it turned out the rabbi leading it had prepared several very short texts to look at in small study groups (ideally pairs, but people seemed to want to do trios), moving groups every 3-4 minutes and moving on to the next text. So "speed torah" in the "speed dating" sense, but without the scorecards to keep track of who you'd like to meet again. Cute. There was also one on social media, which the rabbi had expected to be populated primarily by teenagers. He did get some teens, but mostly us older folks. He did a credible job of adjusting his plans on the fly.

I started a new job a couple weeks ago. It's a good group of people; I'm looking forward to getting past the administrivia and initial-learning phases and doing work that really contributes. My manager (who's not local) spent a day with me here, during which he observed that I needed a better monitor or two (because of vision) and no of course he understands about things like Shabbat and Jewish holidays. (Pro tip: if you observe Shabbat, try to never start a job in Standard Time -- let them see that you're good before you start disappearing early on Fridays. But we were talking about Shavuot and why I needed to take a day off so soon after starting.) This week I got email from him: the 24" monitor I wanted (key features: 16:10 aspect ratio, can rotate) wasn't available, so would I accept the same monitor in 30"? Yeah, that should work... (Getting one now, and after checking it out we'll decide what to do about the second one.)

I recently read the first two of Rick Cook's "Wiz" books (Wizard's Bane and Wizardry Compiled). They're great fun, even if they feel a little like geek-flavored "Mary Sue". A programmer from our world is whisked away into a world that has magic -- for reasons unknown, and the guy who summoned him is now dead. While there he figures out that magic spells can be implemented in a way akin to programming; he doesn't understand magic, but he understands programming. So... The books have some nods to programmers that others might not pick up on, but they don't seem like they'd get in the way for those who aren't. They're quick reads, and I was looking forward to continuing on with the third one, until... brick wall! Baen published the first two as ebooks and has published the rest as ebooks but not currently, and they're not to be found in ebook format now as best I can tell. (If you know otherwise, please help.) I don't expect free (I happily paid for one of these); I do want to read them on my Kindle -- because yes I read paper books and ebooks, but I'm finicky about keeping sets together. (I don't even like mixing hardbacks and paperbacks in a series because it messes up the shelving.) There's not even an explanation on Baen's site; just "not currently available" where the "buy" button should be. Drat.

Dear LazyWeb, please guide me gently into the 21st century.

As part of another blog project, I need to be able to host a handful of images (for use in <img> tags in posts) in a way that's not clearly tied to my identity. (This blog is separate.) I'm doing the blog on Dreamwidth, which doesn't offer image hosting. I don't really trust LJ's long-term reliability, so setting up another account here just to use the scrapbook doesn't seem ideal. G+ is tied to my name, as is my personal web space. I don't do Facebook.

What I don't want is "photo albums" and "browse all our hosted images" and stuff like that. It looks like Flickr really wants to be a browsable photo album. I just want a place to stick a few images in an otherwise-ignored corner of the internet, for deep-linking in some blog posts. They're not secret or anything; they're just uninteresting to most people.

Where do I do that these days?

Monica

Firefox breaking many add-ons soon

What do you call somebody who speaks two languages? Bilingual. One? American.

policing the Internet

Pennsic

URLs can fool you; watch out

link round-up

domains for dummies

today I learned...

the comments problem

Ghostery just got annoying :-(

I wrote a thing and Reddit noticed

charity fundraising

what's the deal with this phish?

Internet harassment in the modern age

UI development in a dynamic world

the Internet is made of people

women online: it's 2015; how broken is this still and what can a community do about it?

recommend general, skimmable news site?

alternatives to Beer Advocate?

Skype is customer-hostile now?

in search of Hebrew etymology

bite-sized education

offensive or over-sensitive: how does a moderator judge? (can you help?)

random bits

image hosting?

Expand Cut Tags

Syndicate