Brian Layman’s Weekly Twitter Update for 2009-09-27

September 27, 2009

  • RT @pburghstever @sportsguy33: Clip of Lynn Swann jumping a car during a 1979 #Steelers – #Browns game. No, really. http://bit.ly/4a9cR8 #
  • For you SEO Gurus out there: Google does NOT use the #KEYWORDS meta tag in web ranking. http://bit.ly/35rpP3 HT @joetek #
  • RT @joetek: comScore is partnering with Omniture to combine their beacons. Interesting. http://bit.ly/1hDIBP (methinks Adobe knew this – b) #
  • In case you didn't understand my Adobe reference: Adobe to acquire web analytics firm Omniture http://bit.ly/11zqm4 AKA #
  • So for those playing along at home Whereas Adobe=flash & Omniture=Comscore & Adobe=Omniture, therefore 98.99% of web traffic goes thru Adobe #
  • Adobe pwns The Internet. Game over. #
  • Has anyone used wp-smushit? http://bit.ly/liYDI Any thoughts? #
  • RT @blogworld: Dr. Horrible takes over the emmys http://bit.ly/utArN #
  • Oh.. look at that, Butts on the Creek B-B-Q has a website. http://bit.ly/TaNCW Apparently you love or hate it. It has some good reviews too #
  • RT @joetek: RT @mashable: Yahoo Planning to Sell Corporate Email Service Zimbra? http://bit.ly/zA6Ku (whoa Cool! – b) #
  • RT @marsroverdriver: http://twitpic.com/io6b5 – Me, showing Ray Bradbury our rover model. Not pictured: me. :-) I'm kneeling, to the left. #
  • RT @joetek: RT: @markjaquith: If you're a WP developer & ever typed action=<echo $_SERVER['PHP_SELF']?>please read: http://bit.ly/qaCN5 #
  • Hey folks.. Be sure to block all the people who are tweeting the "I heard on the news Google was hiring" scam so that those accts are closed #
  • I love how twitter now reports who is updating via API only… *coff* bot *coffcoff* #
  • Are you a SuperNatural fan? I've never watched, but this post is skyrocketting: "The End"-Promo Pics http://bit.ly/141Nx2 #
  • RT @technosailor: Gonna be on Webmaster Radio in 5min w/ @yoast. Come chat at me & listen in on WordPress, #wpbible, etc http://bit.ly/om1wN #
  • “Give a person a fish and you feed them for a day; teach that person to use the Internet and they won't bother you for weeks.” – random sig #
  • RT @dlayphoto: Museum Day is this Saturday! Get FREE admission to 100s of museums: http://bit.ly/ERV1y OH:Rock&Roll Hall of Fame & 40 others #
  • RT @blogworld: WARNING: Twitter Worm Spreading via Direct Messages – http://bit.ly/Z2ROc (twitter.secure-logins01.com is NOT twitter.com -b) #
  • RT @StephanieSmanto: http://twitpic.com/iunhh – Fire undergound downtown Akron #
  • RT @josue: YO MICROSOFT IM REALLY HAPPY FOR YOU AND IM GONNA LET YOU FINISH YOUR LAUNCH PARTY BUT APPLE HAS THE BEST OPERATING SYSTEM VIDS.. #
  • RT @marsroverdriver: Mark Davis's Emmy-winning documentary "Five Years on Mars" is on Hulu: http://is.gd/3BXqm *AWESOME* #
  • "That depends upon what the meaning of the word "is" is…" http://www.rockwoodcomic.com/ #
  • RT @pburghstever: Another $4B of your tax dollars thrown away at the Post Office like pocket change http://bit.ly/9ZEYS Yes that's $4billion #
  • RT @joetek: Wayne Gretzky steps down as coach of the Phoenix Coyotes. (via tsn.ca) http://bit.ly/jnRZq #
  • 7 yo in the hall playing… "Dude, let's go! This party is sick!" #
  • My bad, the 7 yo in the hall playing was rly saying "Dude! Bro! This party is sick!" That's cause we hang at so many sick parties together #
  • Hanging with @blakeurmos at the NEO Wordpress Meetup. Most of the regulars are on vacation, but we're talking plugins, security & joomla #
  • Sneak Rhett and Link video preview now on http://bit.ly/3waDRw with @chrispirillo & @snoopdog & @leolaporte & others.. playing now. v cool. #
  • V cool @rhettmc and @linklamont are gonna play their first video, from middle school. I've never seen this.. http://rhettandlink.com/live #
  • sigh.. everything I've touched today.. breaks, fries or bricks Not good… #
  • RT @kindle_blog: ProBlogger – B5 Media – Kindle Edition. http://tinyurl.com/mrlhsc #
  • RT @joetek: Nielsen: Ad spending on Social Networks and Blogs up 119% annually. Entertainment industry spend up 812%! http://bit.ly/3K4NXS #
  • Helping my sister move furniture to storage. Getting dark chocolate covered coffee beans as payment.. yummmmm – http://bkite.com/0ch2G #

Posted by Brian | Filed Under My Journal | Leave a Comment 

Brian Layman’s Weekly Twitter Update for 2009-09-20

September 20, 2009

  • Brian is life castng from his phone again? What's that all about??? http://qik.ly/gIBM #qik #
  • Brian is life castng from his phone again? What's that all about??? http://qik.ly/gICN #qik #
  • bah.. There's nothin' like nailing a 10 minute deep tech screencast on the first take, only to realize the wrong soundcard's mic-in was used #
  • I've been meaning to ask, are we supposed to recognize anyone other than Whoopi in the TMobile MyTouch 3G commercials? #
  • "It isn't fair. Most people have a little money left at the end of the month; I always have a lot of month left at the end of the money" #
  • RT @campingblogger: 2 neat pics of late 1800's camping at the Little Hokum Rag http://tinyurl.com/p2yyce #
  • RT @joetek: Wow! Adobe to acquire Omniture for $1.8 Billion http://bit.ly/11D5SQ (WHOA – b) #
  • RT @adamisacson: Check it out! I'm texting while bicycli #
  • RT @MicroBilt: New Rhett&Link Local Commercial Series Launched Sponsored by #MicroBilt http://bit.ly/tRLXI #
  • RT @rhettandlink iLoveLocalCommercials Launches! « Rhett&Link: Internetainment http://bit.ly/14Eh7g #
  • RT @rhettmc & @linklamont Live Kast Tonight at 9pm ET « Rhett&Link: Internetainment http://retwt.me/1EQi #
  • Time keeps on slippin slippin slippin… I think "MafiaWars" has just official been pushed out of my schedule… Ah well it was fun… #
  • RT @wptavern: Congrats to @sivel and @viper007bond for being added as Ops to the WordPress IRC channel by Matt. Long time coming. #
  • Yo Yo The http://RhettandLink.com/live Kast going on now is great, but #Beyonce had the best live Kast this year! #
  • RT @Bwana – Show #200 Celebration: We're celebrating show #200 of Bwana.org Radio! In this episode, I talk… http://ping.fm/6dm7g #
  • Everyone should please wish my wife @Sorka a Happy Anniversary! Thanks! (please RT) #
  • For those who asked, @Sorka and I have been married for 16 years now and were together for almost 4 years before that.. #
  • Buying DOT approved #helmets instead of Snell could save 20% of lives lost in #motorcycle crashes http://bit.ly/ew1z8 #
  • Contest: Please wish my wife @Sorka a Happy 16th #Wedding #Anniversary! (She thinks her knitter friends will RT more than my #geek friends) #
  • Maybe @StaciJShelton will help get out the word… #
  • RT @trishussey: Friday thought: RT @megfowler: social media is to marketing what eye contact is to a handshake. (Possibly -b) #
  • RT @technosailor: There is something morally wrong with buying my son a Lego DthVader TIE Fighter for his bday. I should be buying it for me #
  • RT @dudeman718: RT @GeekTyrant: Patrick Swayze Almost Had A Cameo In Zombieland! http://bit.ly/JeMIB (No, it's not some morbid joke – b) #
  • RT @dudeman718: RT @GeekTyrant: Penn & Teller Get a New Show on ABC! http://bit.ly/gwcTQ (Rebo&Zooty ride again!-Can u name that SF show?-b) #

Posted by Brian | Filed Under My Journal | Leave a Comment 

Brian Layman’s Weekly Twitter Update for 2009-09-13

September 13, 2009

Posted by Brian | Filed Under My Journal | Leave a Comment 

Brain Storming on Blocking Bad-ads

September 6, 2009

I’m just jotting down some notes about using the Google Safe Browsing API to prevent a site from serving malicious/bad ads.

Problem Defined

  • Ads are put on a site via javascript by calls as simple as “getad(‘adposition1’)”. JavaScript is executed via the client’s browser after the page is served.
  • Those calls don’t touch any of our servers, they go from the client to the Google/Glam/Whatever Ad Server. So we don’t see the ads before they appear on the customer screens.
  • The ads being served may be malicious
    • Any ad that is served can link to a site that has been infected. We will want to block this.
    • Any ad that is served can “take over” the page and redirect the page to a site that may or may not have malware. We want to block ALL take over attempts.
    • There may be other types of ads that we wish to block.  Potentially we might wish to block specific ads on specific sites (i.e. a sexual connotations in ads on pre-teen audience sites). This may be beyond the initial scope and/or incur unwanted execution expenses.
  • Serving a malicious ad can get a site listed as “infected” even though your server has had nothing to do with ANY of the ad content.

Obstacles

  • Any extra calls WILL slow the page load process.
  • Each page load MUST call the ad serving script again
  • If an ad can be identified as bad, some other type of content must be served in that position to ensure page integrity.
  • The request for ad content HAS to come from the customer side because many ads are geo-specific and the customer’s IP determines what ad shows at what time.
  • You don’t want to set up a system where the site itself can submit a site as “bad” as anyone could sniff that info and seed our black list with bad data.
  • The results of the first getad() call could result in more javascript which must, in turn, be processed by the browser to produce the final ad. Potentially, several layers of JS could exist before the real ad is served. (e.g. 2 layers of indirection before ad: Google Ad Manager JS —serves—> Glam Ad embeded JS call —serves—> JS call to 3rd Party Ad Server —serves—> Ad). This pattern is real and happens often.

Possible solutions

  • Status Quo: As problem sites are reported to us, determine which ad is bad, report it to the ad server & hope they fix it before google sees it and lists the site as a dangerous site in it’s tool bar and in chrome.
    • Unless you are “lucky” you don’t get the badad.
    • Once you get the badad, it is hard to determine the initial JS that caused the problem
  • Embed everything JS with its own iframe
    • Will block take overs
    • May or may not prevent Google from listing the site, probably not.
    • Will break ads that are contextual based
  • Check the ad entirely on the client side via a black list: GSB API (http://code.google.com/apis/safebrowsing/) or PhishTank (http://data.phishtank.com/data/online-valid.xml)
    • This Good/Bad check could be done with a single call with the API call
    • Calls to external servers are dependent upon the health/bandwidth of that server
    • This could also be done via downloading the black list and checking off of that: http://code.google.com/p/jgooglesafebrowsing/wiki/Quick_Start_Guide
    • Blacklist downloading would cost time and would have to be updated periodically.
  • Implement a hybrid solution where a call is done to our servers to see if the an ad is good or bad.  (Server side base code: http://lampsecurity.org/php-google-safe-browsing-api )
    • Ad call is processed in JS eval (Will have to be checked for nested JS calls)
    • MD5 of ad is sent to the server. The results are Good/Bad/Unknown.  (Pass the url?)
    • If the result is Good, ad is served and process exits
    • If the result is Bad, either go to step 1, or serve place holder/known good ad & exit.
    • If the result is Unknown, send the JS to the server for verification. The server processes the code and returns a Good/Bad result.
    • If the result is Good, ad is served and process exits
    • If the result is Bad, either go to step 1, or serve place holder/known good ad & exit
  • Other solutions?

Reading

Anyway, I had this going through my head and wanted to get this all written out. So I can have a place to check back on this tomorrow…

Posted by Brian | Filed Under Random thoughts | Leave a Comment 

Brian Layman’s Weekly Twitter Update for 2009-09-06

September 6, 2009

Posted by Brian | Filed Under My Journal | Leave a Comment 

Cave Drips...

Graffiti

Recently Stored

viagra 50 mg indian version of viagra cialis cheapest viagra india online viagra cost comparison viagra for sale without prescription generic tadalafil online buy viagra in korea indian levitra discount cialis online viagra prescription over the counter vardenafil cialis otc cialis no rx cialis 30 mg viagra ranbaxy buy levitra in uk cialis low price tadalafil tablets 10mg cheap viagra fast shipping cheap generic levitra cialis discount cialis 5mg viagra discount prices buy levitra without prescription vardenafil online generic levitra canada viagra professional price cheapest sildenafil citrate indian version of cialis viagra lowest price viagra online prescriptions tadalafil 10mg levitra over the counter levitra prescriptions online buy viagra without a prescription liquid tadalafil citrate buy viagra prescription online tadalafil 20mg india india viagra generic sildenafil citrate for sale vardenafil hcl 10mg cialis discount coupon buy levitra australia viagra over the counter in canada liquid sildenafil tadalafil price comparison viagra cost in india cialis mail order sildenafil sales buy vardenafil cialis offer cheap vardenafil generic cialis no prescription viagra tabs generic indian names viagra price canada vardenafil hcl 20 mg generic viagra without prescription viagra by scilla biotechnologies buy generic cialis free viagra viagra over the counter viagra pills kamagra 100 mg cialis from india tadalafil australia tadalafil 20mg tablets tadalafil soft tabs sildenafil pills viagra no prescription required generic viagra paypal tadalafil online indian viagra cost tadalafil online pharmacy generic soft viagra sildenafil soft tablets viagra generic names buy viagra in ireland levitra without prescription levitra online purchase cialis pill indian tadalafil levitra 5mg cialis cost per pill tadalafil oral jelly sildenafil no prescription vardenafil price generic cialis 10mg cheap cialis no prescription order sildenafil citrate indian generic viagra blue viagra buy cialis usa apcalis 20mg tablets viagra overnight delivery sildenafil india purchase viagra without a prescription viagra prescriptions order viagra without prescription viagra with no prescription levitra for sale purchase viagra canada discount levitra viagra 200mg cheap viagra 100mg cialis overnight delivery buy sildenafil online viagra made in india cialis tabs 10mg viagra indian pharmacy viagra for sale in ireland viagra uk prices buy viagra in europe generic cialis india levitra online viagra for sale india buy viagra in dublin generic cialis soft tabs viagra 50mg cost generic sildenafil 100mg tadalafil generic viagra super active 100 mg kamagra 100mg sildenafil 100 mg tablets cialis no prescription viagra low price online cialis suhagra tablets buy cialis daily use tadalafil sample cialis prices viagra prescription online buy cialis pill kamagra from india cialis online levitra mg vigora india vardenafil 10 mg sildenafil citrate 100mg buy viagra in india buy cialis professional viagra in india buy viagra in singapore generic revatio viagra substitutes sildenafil canada viagra no script cheap kamagra viagra retail price cheap lovegra order viagra uk buy cialis in mexico viagra prescription price purchase cialis online without prescription online cialis prescription ranbaxy caverta buy viagra in hong kong sildenafil price cialis mastercard buy viagra in england viagra mail order canada cialis tablets for sale order cialis cialis soft tabs generic levitra india tadalafil prices cheap sildenafil citrate tablets cialis online prescriptions cialis 5 mg daily levitra prices prescriptions viagra viagra over the counter alternative cialis 20 mg tablets cialis generic india cialis prescribing cialis 20mg daily sildenafil 50 mg viagra drug prices tadalafil generic india cialis sale viagra prices buy viagra 50 mg levitra pharmacy buy viagra generic viagra prescription drug cialis daily cost vardenafil uk viagra soft tabs online buy viagra super active cialis 10mg price 25mg viagra silagra 100mg online viagra prescriptions cialis prescription cheap cialis india revatio 20 mg indian equivalent of viagra tadalafil india viagra capsules cheapest viagra buy cialis without prescription tadalafil overnight cheap tadalafil online purchase viagra online no prescription