Category Archives: Web 2.0

How we’re feeling

Posted on by

Here’s a clever Web 2.0 application — a site that reads blogs looking for certain kinds of phrases denoting emotions…

At the core of We Feel Fine is a data collection engine that automatically scours the Internet every ten minutes, harvesting human feelings from a large number of blogs. Blog data comes from a variety of online sources, including LiveJournal, MSN Spaces, MySpace, Blogger, Flickr, Technorati, Feedster, Ice Rocket, and Google.

We Feel Fine scans blog posts for occurrences of the phrases “I feel” and “I am feeling”. This is an approach that was inspired by techniques used in Listening Post, a wonderful project by Ben Rubin and Mark Hansen.

Once a sentence containing “I feel” or “I am feeling” is found, the system looks backward to the beginning of the sentence, and forward to the end of the sentence, and then saves the full sentence in a database.

Once saved, the sentence is scanned to see if it includes one of about 5,000 pre-identified “feelings”. This list of valid feelings was constructed by hand, but basically consists of adjectives and some adverbs. The full list of valid feelings, along with the total count of each feeling, and the color assigned to each feeling, is here.

If a valid feeling is found, the sentence is said to represent one person who feels that way.

If an image is found in the post, the image is saved along with the sentence, and the image is said to represent one person who feels the feeling expressed in the sentence.

Because a high percentage of all blogs are hosted by one of several large blogging companies (Blogger, MySpace, MSN Spaces, LiveJournal, etc), the URL format of many blog posts can be used to extract the username of the post’s author. Given the author’s username, we can automatically traverse the given blogging site to find that user’s profile page. From the profile page, we can often extract the age, gender, country, state, and city of the blog’s owner. Given the country, state, and city, we can then retrieve the local weather conditions for that city at the time the post was written. We extract and save as much of this information as we can, along with the post.

This process is repeated automatically every ten minutes, generally identifying and saving between 15,000 and 20,000 feelings per day.

Thanks to Tony Hirst for spotting it.

Doodling with a purpose

Posted on by

Here’s a really good idea — Doodle: a site that makes it easier to schedule meetings involving several people.

How does it work?
1. Create a new poll with a title, description, your name, and possible dates and times.

2. You get a link to your new poll. Send this link to all participants.

3. The participants use the link to visit the poll and select suitable dates.

4. You use the same link to watch the poll’s progress and the result.

And it’s free!

Left hand down a bit

Posted on by

From today’s New York Times

“I’m used to being in companies where I am in a rowboat and I stick an oar in the water to change direction,” said Mr. Berkowitz, who ran the Ask Jeeves search engine until Microsoft hired him away in April to run its online services unit. “Now I’m in a cruise ship and I have to call down, ‘Hello, engine room!’ ” he adds with an echo in his voice. “Sometimes the connections to the engine room aren’t there.”

MyTrojan

Posted on by

Here’s something from Insecure.org to make Rupert Murdoch choke on his muesli.

Overview

========

Myspace.com provides a site navigation menu near the top of every page.

Users generally use this menu to navigate to the various areas of the website. The first link that the menu provides is called “Home” which navigates back to the user’s personalized Myspace page which is essentially the user’s “home base” when using the site. As such this particular link is used quite frequently and is used to return from other areas of the website, most importantly from other user’s profile pages.

A content-replacement attack coupled with a spoofed Myspace login page can be used to collect victim users’ authentication credentials. By replacing the navigation menu on the attacker’s Myspace profile page, an unsuspecting victim may be redirected to an external site of the attacker’s choice, such as a spoofed Myspace login page. Due to Myspace.com’s seemingly random tendency to expire user sessions or log users out, a user being presented with the Myspace login page is not out of the ordinary and does not raise much suspicion on the part of the victim.

Impact

======

Users are unexpectedly redirected to a website of the attacker’s choice.

Users may be tricked into revealing their authentication credentials.

Affected Systems

================

Myspace.com: http://www.myspace.com

Here’s GMSV’s account:

Some MySpace users are getting their first taste of an STD — a socially transmitted disease. Identity thieves are using a vulnerability in the popular social network’s navigation to spread a particularly virulent worm that steals log-in credentials and lures users to phishing sites. Attacks begin with a rigged QuickTime video. “Once a user’s MySpace profile is infected (by viewing a malicious embedded QuickTime video), that profile is modified in two ways,” WebSense explains. “The links in the user’s page are replaced with links to a phishing site, and a copy of the malicious QuickTime video is embedded into the user’s site. Any other users who visit this newly-infected profile may have their own profile infected as well.” MySpace hasn’t revealed the extent of the infection, but an informal scan of 150 user profiles by FaceTime Communications found that close to a third were infected. That same ratio probably doesn’t translate to MySpace’s 73 million registered users — if it did we’d have a Black Death-style Web pestilence on our hands. So in the end this mostly serves as a reminder that everyone needs to pay more attention to security. “We’re continuing to make the same mistakes by putting security last,” Billy Hoffman, lead engineer at Web security specialist SPI Dynamics, recently told News.com. “People are buying into this hype and throwing together ideas for Web applications, but they are not thinking about security, and they are not realizing how badly they are exposing their users.”

The dictatorship of the presentation layer

Posted on by

Bill Thompson is eloquently sceptical about Web 2.0. (I prefer the term techBubble 2.0 btw.) Here’s a sample of his Register blast:

If Web 2.0 is the answer then we are clearly asking the wrong question, and we must not be fooled by the cool sites and apparently open APIs. Most of the effort is – literally – window dressing, designed to attract venture capitalists to poorly-considered startups and get hold of enough first-round funding to build either a respectable user base or enough barely runnable alpha code to provide Google or Yahoo! with yet another tasty snack. We need to take a wider view of what is going on.

Back in the 1870s Karl Marx outlined the steps through which he believed a capitalist society needed to pass before it could reach socialism. After the revolution came the dictatorship of the proletariat, a painful but necessary stage of oppression and correction, during which the organs of the state would whither away as humanity achieved its true potential and coercion became unnecessary.

Web 2.0 marks the dictatorship of the presentation layer, a triumph of appearance over architecture that any good computer scientist should immediately dismiss as unsustainable.

Ajax is touted as the answer for developers who want to offer users a richer client experience without having to go the trouble of writing a real application, but if the long term goal is to turn the network from a series of tubes connecting clients and servers into a distributed computing environment then we cannot rely on Javascript and XML since they do not offer the stability, scalability or effective resource discovery that we need.

There is a massive difference between rewriting Web pages on the fly with Javascript and reengineering the network to support message passing between distributed objects, a difference that too many Web 2.0 advocates seem willing to ignore. It may have been twenty years since Sun Microsystems trademarked the phrase ‘the network is the computer’ but we’re still a decade off delivering, and if we stick with Ajax there is a real danger that we will never get there…M/blockquote>