The Stochastic Game

Ramblings of General Geekery

Posts tagged with web

Microsoft password fail

Almost 4 years ago, I wrote a short article on dumb websites who have a maxiumum password length.

Now, in 2012, there are still websites with such stupid policies. One of the most famous is none other than Microsoft’s Live Account service, which serves as the authentication hub for all things Microsoft. Basically, your Live ID, or whatever it’s called, can’t have a password longer than 16 characters.

Read more...

Announcing PieCrust

You may have noticed that this blog has changed its look, and has migrated its comments to Disqus. You may also see at the bottom of the page something about some pie crust baking… here’s what’s happening.

I have a few websites around and most of them don’t have much in them (e.g. I use the domain name for other things). There’s clearly not enough content to use a proper CMS, but there’s a bit too much repetition for my tastes if I write HTML files by hand. Also, I wanted to take advantage of libraries like Markdown or SmartyPants to make my text look nice with no effort. Basically, I needed some micro-CMS that would handle some basic layout and formatting.

Then there was the issue of this blog. It was running with WordPress, which I’m very happy with usually, but it wasn’t geeky enough. Also, syntax highlighting for code snippets felt dirty and over-complicated. I stumbled upon the whole “static site generation” underground scene and figured I could find something in between: a micro-CMS (for my small sites) that could also bake its own contents into static HTML files (for this blog).

pie crust

Enter PieCrust.

There was already a shitload of static website generators, but none that could also work as a “dynamic” micro-CMS. Also, I’m a programmer geek, so it’s kind of my duty to not be happy with existing solutions and write one myself (“this one uses curly braces, but I want to use brackets instead! Surely now I have to write my own!). Anyway, isn’t the whole point of home projects to write stuff for yourself, to learn something new or just have fun with a new subject, regardless of whether it’s productive? I was bored, too.

I ended up writing PieCrust in PHP not because I like PHP (it mostly sucks), but because it’s still the most widely used web application language out there. And also because I’ve already got other home projects aimed at having fun with Python and Ruby.

So there you have it, go check out PieCrust. The code is on BitBucket, and mirrored on GitHub.


Facebook’s privacy issues

Everybody knows, or at least says without really knowing, that Facebook has a few privacy issues, but there’s one thing I never quite realized until recently…

It all started with my friend Bertrand opening his new personal blog. He wanted a dedicated place to post personal stuff, which he previously posted alternatively on his professional blog or on Facebook. I’m pretty sure he also wanted an excuse to play around with his new cool baby, Orchard… Anyway. In order not to start completely from scratch, he imported those previous articles he wrote, along with their comments, to the new blog.

I immediately sent him an email to tell him he could work at Google Buzz, seeing how he just disclosed Facebook comments to the public… but as I was writing it, I wondered… were his notes already public in the first place? You see, Facebook gives you a lot of control over your content’s visibility. You can specify exactly who gets access to what, who gets to comment on what, etc. The problem is that, although the content creator knows what the privacy settings are, the content consumers don’t. Being on Facebook, I just assumed that those notes were, at best, visible to friends of friends… but of course, it wasn’t the case. Bertrand’s notes were public all this time, and as I commented on them, I unknowingly posted completely public stuff.

None of those comments being public bothers me, mind you. But it’s just annoying how, when you participate in your friends’ online social life, you don’t really know what kind of privacy level you’re dealing with. Obviously, Facebook should add some kind of indicator whenever you post a comment, telling you who will be able to see it. I’m surprised this hasn’t been such a big deal so far. Maybe people are too busy with “Company XYZ is evil!!”-type generalities to bother with actual details.


Spam your friends with Yahoo! Pipes

You know how it goes: you’re an internet hipster with blogs and Twitter feeds and all that kind of new age stuff, but only other internet hipsters read them. Your friends (at least the ones that are not internet hipsters) only stick to Facebook. So how can you bring your stuff to them?

At first, it seems easy: Facebook can pull “stories” from various websites and services. Go to your profile, and under the status update box, click “Options” and then “Settings”. You get the following interface:

facebook_stories

That’s cool for most people. You bring in your Flickr photos, and your blog articles, and maybe a few other things… but what happens if you’ve got more than one blog? The “Blog/RSS” site can be only chosen once. Also, notice how you can choose Google Reader as a story source. Sure, this works, but the way your shared items appear on your wall is not optimal: they appear as “secondary activities”, presented like your comments or likes, sometimes merging several ones together which adds extra clicks to get to the actual article (e.g: “Ludovic shared 2 new items on Google Reader”, with only a link to your shared items page, which means you don’t know which 2 items were shared, as they may not be the last 2 ones if there have been other, newer ones since then). At least it was like that a few months ago (maybe they fixed it in the meantime, you tell me). That’s not proper spamming, so let’s do it the power user way.

A few years ago, Yahoo launched Yahoo! Pipes, a website that lets you build feed mashups. I decided to use that to aggregate all my stuff and post it on my Facebook wall.

It’s pretty simple, at first. You just go to the Yahoo! Pipes website, log-in, click “Create a pipe”, and add one source node for each site you want to pull data from. You’ll most probably use “Fetch Feed” nodes with the direct URL to your blogs and shared items RSS or Atom feeds, but you can also use some “Fetch Site Feed” nodes, too (they will find the actual feed URLs like any feed reader would do). Now pick the “Union” node from the “Operators” category, and plug all your sources into it. Plug the “Union” output into the “Pipe Output” node that should have been created by default for you. Voilà, you have an aggregated feed that you can import on your wall on Facebook!

pipe2

Or do you?

One problem you’ll notice right away is that all the items from the first feed are displayed, and then all the items from the second feed, and so on… The “Union” node only built a, well, union of those feeds. You need to re-order them by date so that all the items from all the sources are correctly mixed together. For this, add a “Sort” node, as shown above, that will sort items by “item.pubDate”.

There. Fixed? Nope… not yet.

Now you have a user experience problem. All those items appear as “notes” on your Facebook wall, with their contents directly readable. If you’re pulling feeds from your own websites and feeds from elsewhere at the same time (e.g. your Google Reader’s shared items feed), it becomes difficult for your friends to figure out which stuff was written by you, and which stuff is just cool shit you found on the web and wanted to share. You need to create a differentiator, like for example prepend “Shared on Google Reader:” in front of each of your shared items’ titles.

I’m still evaluating different options but at the moment I’m using something a bit less user-friendly, although definitely more friendly to the websites from which I share stuff from: I completely replace the contents of the item with a link to the actual article on its original website. This means that people can’t read the item right there (they need to click on the link), but it also means the people who posted the cool shit in the first place get a visitor that will potentially start clicking around on links and ads if he linked whatever I shared.

For this I created a different pipe, although I could have hard-coded it in the first one.

pipe

This pipe basically gets my Google Reader shared items feed and processes it in a loop: for each item, I replace the contents with a link whose text is just the title of the item. Inject this new pipe into the first one (you can reference a pipe inside another pipe) and, at last, you’re done!

The only problem I’ve had so far is that, after adding my aggregated feed to Facebook for the first time, the mobile version of the website did something funky. Instead of weaving all those notes into my friends’ timelines, moving the older items behind the more recent updates from other people and applications, it put everything it could at the top. So basically, I really spammed all my friends with dozens and dozens of items that were several weeks or even several months old. This bug didn’t affect the normal website, neither did it affect the iPhone application, as far as I could tell, so I only got a couple complaints. And hopefully they fixed the bug since then.

That’s pretty much it. You can find the 2 pipes I showed here and here.


Some more contacts love

There’s been a lot of improvement in communications in the past few years, from better services to brand new ones, but I still feel like contact management is lagging behind. I mean, isn’t it important to be able to find how to contact somebody in the first place?

Here are a few things I think could be better.

Read more...