September 5th, 2008
Okay, so we’re more than halfway through 2008. I’m a voracious reader, and I wanted to share my favorite books that I read in the first half of 2008.
1. American Shaolin. Matthew Polly grew up in Kansas and decided to go study martial arts in China with Shaolin monks. I dare you to read the first chapter and then try to stop reading. Polly sets up a hook — the beginning of a fight in which he is over-matched — that is irresistible. Whether you want to learn more about Chinese culture or kickboxing, I think anyone would enjoy this book. Polly’s book is rewarding and genuine.
2. Little Brother. Cory Doctorow has written a book that is both thrilling and (gasp) educational. The story revolves around a inchoate hacker named Marcus who is wrongfully imprisoned and humiliated in the aftermath of a terrorist attack. Marcus’ experience crystallizes his opposition to the overreaching security measures in the post-attack hysteria, and Marcus dedicates himself to exposing the flaws of the brave new world in which he finds himself.
Let me add a detour about books that educate: I’ve always wished that more fiction authors would slip in just a few tidbits to teach readers. Usually such attempts miss their mark, either because the education feels just a little too heavy-handed (e.g. Hackerteen), or the material is too easy. For example, Kaplan started a line of comic books with SAT vocabulary, but the words are stuff like roster and barricade. Sorry, not hard enough. Give me meretricious and quotidian and calumny and inchoate, but not roster.
I love that Little Brother is able to throw some education into the mix of entertainment and adrenalin. A friend of mine is reading it and remarked that it made her want to learn more about cryptography. I have to think that those little epiphanies are exactly what Doctorow is trying to achieve with his book. The book ends with an afterword by Bruce Schneier, a well-known security researcher. In his afterword, Schneier discusses what a “security mindset” is and why it’s important. Schneier has written a very good article online about the “security mindset,” and I encourage everyone to read it.
In the past, I’ve been on the fence about Cory Doctorow’s writing. I enjoyed Down and Out In the Magic Kingdom for its description of “whuffie” (think of whuffie as a reputation measure like PageRank, but it exists along a richer number of dimensions instead of as a single number). But Eastern Standard Time didn’t grab me enough for me to finish it.
In Little Brother, Doctorow’s writing is crisp and sure. I read William Gibson’s Spook Country at the same time, and it really felt like Gibson has passed the torch to Doctorow. Spook Country built to a satisfying conclusion, but deliberately embraced the technology of the past few years. In Little Brother, Doctorow skips forward into a paranoid future just a little bit, and the result feels ripped from next year’s headlines.
So: I think you’ll like Little Brother and I think you’ll learn at least a couple neat ideas from it as well. Little Brother is not just an enjoyable book; it’s an important book.
3. How to Rig an Election. This is a book by Allen Raymond tells a political operative’s experience with trying various tricks to affect elections. At one point, he veers into the blackhat arena by effectively mounting a denial-of-service attack against the competing campaign’s phone bank on Election Day. The blackhat experiment ends very badly (along with the competing campaign, the phone lines also belonged to some firefighters) and the author spent time in jail.
How to Rig an Election is compelling to me for a couple reasons. First, it will appeal to anyone who is interested in security or how to make a process (whether it be search or elections) robust against cheating. Second, this book has an amazingly raw and honest voice. From the tone of this book, you can tell the author has burned all his bridges and contacts to the ground and never expects to work in politics again. How to Rig an Election is a breath of fresh air, even as it makes you think about what things might be going on during other elections.
What books have you enjoyed so far in 2008?
I’d be curious to hear what you liked or disliked.
Read Original Post Here
Posted in SEO | No Comments »
September 5th, 2008
Update, 12:49 p.m.: You can try Google Chrome at http://www.google.com/chrome and I hope every Windows user takes it for a spin. It’s only a seven megabyte download, which means it’s really fast to download and try.
Update, 12:46 p.m.: Chromium, the site dedicated to open-sourcing Google Chrome is now open at http://www.chromium.org/
According to a press release this morning, Google will host a webcast press briefing and demo of Google Chrome at 11 a.m. Pacific time today. I think this link (Windows Media Player) or this link (Real Player) will get you there in case you want to watch.
I plan to be in the room and I’ll comment on tidbits that especially catch my ear.
10:58 a.m.: Just got out of another meeting and now I’m sitting in the room with all the press. I see Google Folks like Brian Rakowski and Ben Goodger along the wall. Linus Upson and Sundar Pichai are here too.
11:07 a.m.: Google Chrome will be available at noon today.
11:09 a.m.: Sundar Pichai will talk for about 10 minutes about why Google built Chrome.
11:10: Sundar is contrasting Web 1.0 to Web 2.0, with “rich, interactive AJAX applications.”
11:11 Sundar: “I do pretty much everything inside a browser.” What are the sorts of things you could do if you rewrote a browser from scratch?
11:12: Talking about the simplicity of Google Search. Shows a snapshot. The browser is called Chrome because it tries to minimize the amount of “chrome” (surrounding stuff) in the browser. “The user should enjoy surfing the web, and the browser should stay out of the way.”
11:15: Because Google Chrome uses WebKit, we’re not adding a new rendering engine to the web. It should render just like Safari.
11:17: Multi-processing make each tab independent, so the browser is much more robust to harmful pages.
11:18: “V8 executes JavaScript much much faster than current technologies.”
11:19: Available for Windows Vista and XP at start. 43 languages, 122 countries. “We are working very hard on Mac and Linux platforms.”
11:20: Open under a BSD License. The name of the project to open-source Google Chrome is Chromium. Ah, chromium is used to make chrome in the real world. 
11:21: Sundar Pichai takes a seat and Ben Goodger is up: Says the goal is “A modern platform for windows and applications.”
11:22: Live demo begins with Ben talking and Brian Rakowski driving. Tabs are on top.
11:23: Brian is talking about how Google Chrome handles tabs. You can grab and drag tabs. You can grab and drag outside the existing window.
11:24: Brian is clicking on the close-tab box. The next tab moves exactly under old tab, with the next close-tab box under your mouse. The tabs don’t resize until your mouse leaves the tab strip.
11:24: Ben Goodger says “Where’s the search box in this?” Research showed that people got the address bar and the search box confused, because you had to decide what you wanted to do before you chose which box to type in.
11:26: The Omnibox combines a search box and an address bar. Brian says that it’s a “little bit psychic.” As a long-time Google Chrome user, I can vouch for this.
11:27: Brian demonstrates autocomplete with a -> amazon.com. He types [alaska cruise] in the Omnibox, hits enter, and it does a search.
11:28: Brian does a search on Amazon.com. Then hit types ‘a’ and Tab in the Omnibox and searches on Amazon directly. You go straight to Amazon’s search results without touching Google search in any way.
11:29: Ben is talking about reducing mental overload on users so they can just start doing what they want and Chrome will keep up. Here comes the New Tab page!
11:31: New tab page shows most frequently visited page, most frequent searches, bookmarks, and recently closed tabs. You can choose whether a bookmark strip follows you as you surf (in case you want to save screen space).
11:32: Ben/Brian talk about Incognito window, aka “porn mode” 
Brian demos with the query “toe fungus”. Nothing is saved in your history, cookies don’t persist.
11:34: Ben wants the browser to be convenient, e.g. making downloads easy. Brian shows clicking on a file makes a friendly download arrow appear. You can drag/drop files from browser into file system.
11:35: Crap. Getting slash/digg/something-dotted.
11:35: Ben/Brian demoing Prism-like functionality. You can turn Gmail into something that looks exactly like an application. No useless chrome such as address bar.
11:37: Ben stands down. There’s a lot of deep magic in the Google Chrome UI that people will appreciate the more that they use it. Now Darin Fisher is up to talk about things that are underneath the hood.
11:39: Darin says that in the same way that crashing apps shouldn’t hurt your desktop experience, a crashing tab shouldn’t ruin your browsing experience.
11:41: Darin is discussing the Google Chrome sandbox. In Google Chrome, you have to find a bug in the rendering engine *and* a bug in the sandbox. Here comes the Google Chrome task manager, which shows all the processes in Google Chrome.
11:42: Darin/Brian are showing the full-fledged process manager. Each plug-ins is in a separate process. If you want to kill only Flash on a YouTube page, that’s trivial to do and the rest of the web page runs perfectly fine.
11:44: Brian demonstrates a stuck/hung tab. You can still switch tabs! You can kill the tab from the tab strip or from the process manager. When you kill the tab, you see a “sad tab.” If you reload the page, Google Chrome will even remember the scroll position.
11:44: Brian kills Flash on a YouTube page and you get a “sad plug-in.” Just hitting refresh will reload the page and the plug-in. Much more stable and robust.
11:46: Ooh, here comes the speed demo! IE is loading content from local disk. 220.64 ms. No try the same pages in Chrome. In Chrome, it’s 77.28 ms. That’s static content.
11:47: Lars Bak is visiting from Google Denmark and up to talk about dynamic page speed because of V8, the JavaScript virtual machine. He’s been doing virtual machines for 20 years and this is one of the most exciting times he’s seen.
11:48: Hidden classes watch as things run. Shared objects in a class can be optimized more.
11:49: Three different design ideas to make JS faster. #1 is a native compiler for JavaScript. #2 is using classes and inline caching. #3 is an efficient memory management, including fast object allocation and better scalability. Lars made a funny joke about how every must certainly understand what he’s talking about (it’s a bit dense).
11:52: Dynamic speed test! IE does 7.5 RPH while Google Chrome does 602.8 RPH, where “RPH” is a measure of how many benchmarks could be run per hour.
11:53: They’re publishing 11,000 lines of JavaScript performance benchmarks on code.google.com/p/V8 .
11:54: Sundar is back up. *Chrome has no tie-ins to Google search services.* “Chrome is configured to be used with any search provider.” It’s been over two years of work.
11:55: Marissa urged the Chrome team to write the desired Google Chrome press release two years ago.
11:56: Larry Page is up. Chrome is his primary browser (no surprise). He uses it on an older computer to make sure that Chrome works well there. I can vouch that Larry is a bit of a freak about wanting everything (Google, browsers, the web) to work faster for users.
11:58: The open-source model allows anyone to make the world better. Mozilla can take any of Google’s work and incorporate it if they are interested.
11:59: “A ton of Googler using it [Google Chrome] that were happy” was the criteria for why Google Chrome was launched now.
Noon: Q&A starts.
Christian Grant: At Blackhat Defcon conference, you could browse using Tor so that no one could see your IP address. How anonymous is your web browser?
A: I can answer that right now. You can set a proxy, so I’m sure that you could set a proxy that used Tor. I’ll have a post up about just how Google Chrome protects your privacy soon.
Larry Magid from CBS News. It’s easy to drag a tab, but you can splash them all over. Can I snap them back in place?
A: You can drag them back into the tab strip.
Jason Kincaid, TechCrunch. How does Android interact with Google Chrome?
A: (Sundar) Both share the WebKit and V8, but they will have different interfaces.
Rick Mayer? Plans beyond the x86 architecture?
A: V8 has been ported to ARM as well and different operating systems. Doing another port is doable (anyone could do it with skills and 3-4 months).
Niall Kennedy: How will upstream commits work, along with standards and ECMA and such.
A: Fully committed to doing upstream commits. We want to build off of tip-of-tree of WebKit.
Follow-up: Do you intend to be an HTML5 implementation?
A: Missed it, but I’m pretty sure we want to be good netizens here.
Nikkei: Next-generation web apps will be possible–what sort? Is Chrome the operating system of web apps?
A: (Sergey) I wouldn’t call Chrome the operating system of web apps. It’s a fast engine that can run web apps. We think open-source + Google can make Chrome even more robust and powerful.
Wired: How do plug-ins work?
A: (Sundar) Chrome supports plug-ins such as Flash. As far as extensions/add-ons, we don’t have that in the beta right now, but we do definitely plan to have an API.
A: (Sergey) And anyone can extend it because it’s open-source.
Follow-up: How hard is bug testing?
A: We’ve incorporated the same Web Inspector as WebKit and V8 has a JavaScript debugging console.
Wendy Tanaka, Forbes: How does Incognito relate to ads?
A: (Sundar) The session is private to your computer to keep your session/cookies out of history, but it doesn’t block ads.
Miguel Helft from NYT: Plans for non-download distribution (bundle, partnerships)? Why decide to take on a whole effort yourself?
A: (Sundar) Willing to look for opportunities where users can use Chrome. The current binary is around 7 megabytes, so it’s very easy for users to download.
A: (Sundar) We will continue the path of helping open-source and other browsers. We saw an opportunity to rewrite the browser from scratch (to bring our point of view and without imposing our point of view on anyone else).
Q: Want people to copy you and incorporate parts of your technology?
A: Absolutely. Would love if every browser had better/faster JavaScript technology.
Q: Still ongoing support for Firefox?
A: (Sundar) Will continue to support e.g. with malware/phishing and will share code. (Darin) We love sharing code, e.g. BreakPad for crash reporting.
(Sundar) Starting today, everything is open-source, and he hopes for more sharing. “We are all very grateful” to Mozilla. There is no doubt that Mozilla will remain at the forefront of browser development. Larry adds to that saying that they love Mozilla.
Greg Sterling: No personalization or other tie-ins to Google.
A: (Sundar) Nope.
Greg Sterling: How about location awareness?
A: (Sundar) Location awareness isn’t in there, but there are efforts in Gears to let people have location awareness.
John Furrier: Any innovations/speed-ups around video?
A: (Darin) Generally that’s plug-ins, which are supported as in any browser (except in a different process for more protection). HTML5 has more functionality in that respect.
A: (Sundar) Google Chrome is optimized for speed from an end-to-end perspective.
Q: When did the project started?
A: (Sergey) After hearing for a couple years “Google should build a browser,” that compelled Google to work on it. Sergey uses a Mac + VMWare but wants a native port soon.
Q: How many users had used Chrome without leaking?
A: Just a lot of Googlers being very careful. We don’t comment on team sizes, but it’s been a huge effort in terms of people for about two years.
Q: Stephen Shankland, CNET. In a perfect world, would Chrome vanish into other browsers?
Q: Is there direct financial benefit to Google? Is this new ad real estate?
A: (Sundar) Only in the sense that people use Google more and that the web gets driven forward. But nothing like ads that directly help Google.
David Louie: What sort of market share do you hope for?
A: (Sergey) We want a diverse and vibrant web ecosystem, with several viable browsers. There’s still 80% market share with one player.
Q: Why should people switch?
A: Faster, more robust, safer web experience. It’s not a huge decision. It’s seven megabytes, it smartly imports all your settings, and it pretty much instantly makes your work faster.
Brian: You spend more time in your browser than in your car. You wouldn’t buy a car without a test drive.
Q: Kara from WSJ: How do you see this as a business? What reaction do you expect?
A: We’re competing against a product that is given away for free on almost every computer.
Q: Were you worried about IE8?
A: We started two years ago, before IE8.
Q: Okay, were you worried about IE7?
A: Choice is important or else there’s no progress made. Everyone gets to Google through a browser, so that’s an important part of our ecosystem.
Q: Would it be a success if IE9 included large parts of Chrome?
A: Absolutely. And if IE9 is just much faster, that’s fine too.
Sergey: Our business does well if there’s lots of healthy internet access. That’s why it’s in Google’s interest to have better cell phone browsing, open air waves, the internet in developing countries. Any improvement to any browser is probably good for Google.
Larry: Making our site faster generates more usage of Google. If you can search/work faster, probably people will use Google faster.
Miguel Helft: Cannibalize Firefox instead of IE?
A: (Sundar) By adding our voice, we hope more people will realize that there’s choice, and we hope it will be a win for both Firefox and Chrome.
Christian Grant: Spoke with a hacker in Vegas, who said that the internet is unsafe. It seems like you’ve innovated in the security and privacy space. 10-15 open ports on a browser is scary.
A: (Sergey) Process model + sandbox really reduces the vulnerability surface area and makes for an inherently more security browser. DNS and BGP exploits are scary, and things like using HTTPS/SSL more might help. Go Sergey, dropping the BGP acronym.
And that wraps it up. Jazzy music starts back up.
Read Original Post Here
Posted in SEO | No Comments »
September 5th, 2008
For better or worse, my blog is popular with the Google conspiracy-theorist demographic. I knew that as soon as Google Chrome launched, some readers would ask tough questions about privacy and how/when Google Chrome communicates with google.com.
So I decided to tackle this issue head-on. I talked to the Chrome team to find out if there’s anything to worry about. The short answer is no. For the long answer, read on.
- If you’re just surfing around the web and clicking on links, that information does not go to google.com.
- If you are typing a search or url in the address bar, Google Chrome will talk to the current search service to try to offer useful query/url suggestions. I love this feature, but you can turn it off. Right-click in the Omnibox/address bar and choose “Edit search engines…”. Or click the Chrome menu (it looks like a wrench), then Options->Basics and then the “Manage” button. Either way, you’ll see this box:
Uncheck the checkbox at the bottom of the dialog box that says “Use a suggestion service to help complete searches and URLs typed in the address bar.”
- By default, crash reports and other anonymous usage statistics (e.g. which features are used most often) are not sent to Google. The Chrome team would love if people opted-in to send crash report data though, because it would improve Chrome for everyone. To opt in, click on the Chrome menu (it looks like a wrench), then click “Options.” On the “Under the Hood” tab, check the box that says “Help make Google Chrome better by automatically sending usage statistics and crash reports to Google.” You can read more about this opt-in option on this support page.
- I believe if Google Chrome sees a very short, stock 404 page (less than 512 bytes), it talks to Google in order to try to suggest other possible pages and options. My understanding that this is the same underlying technology that I talked about earlier this year. I think if you have a helpful 404 page (> 512 bytes), Google Chrome doesn’t modify that (this 404 page isn’t changed for example), but Google Chrome does try to help with very short/unhelpful 404 pages. If you still don’t like this feature, you can turn it off. Go to Chrome/Wrench menu->Options->Under the Hood and uncheck the box that says “Show suggestions for navigation errors.”
By the way, just as a quick plug: if you as a site owner want to improve your 404 pages, Google offers a nice snippet of JavaScript (well under 20 lines) to offer this functionality to site owners. See this 404 page blog post for more info.
- Google Chrome checks for automatic updates every 25 hours. Other modern browsers check for updates as well, e.g. to plug security holes. Given today’s sometimes-hostile web, I think checking for updates like this is a very smart choice.
- Every 30 minutes, Google Chrome downloads a list of 32-bit url hashes of urls thought to be dangerous (malware or phishing). That is a download of data from google.com, not to google.com. As you surf around the web, if you happen to hit a url whose hash is in the dangerous list, the 32-bit hash is sent to Google and Google replies with a full 256-bit hash of the dangerous url in question. Not only does this happen very rarely, but Google Chrome doesn’t send a url to Google, it sends a url hash, so Google doesn’t learn the url from this exchange. By the way, this is essentially the same protocol that Firefox 3 uses to protect its users from malware/phishing urls as well.
Update, September 5th 2008: A friend pointed me to this nice public description of Google’s Safe Browsing protocol in case you’re interested in more details.
- When you choose your language in the user interface, Google Chrome downloads a spellcheck dictionary. Again, that is a download of data from google.com, not to google.com.
To the best of my knowledge, this is the only communication that happens between Google Chrome and google.com. I thought it would be better to write down all the communication that happens so that people wouldn’t invent conspiracy theories. As Louis Brandeis said, “Sunlight is the best disinfectant.” Luckily, you can double-check me because the browser is open-source. I hope this helps in case anyone has any privacy-related questions about Google Chrome.
Update: David Pogue writes this of Google Chrome in the New York Times:
Will Google ensure that its own services run better in Chrome than in other browsers? Is this part of Google’s great conspiracy?
That’s a no and a no. Chrome is open-source, meaning that its code is available to everyone for inspection or improvement — even to its rivals. That’s a huge, promising twist that ought to shut up the conspiracy theorists.
That’s a good way to put it.
Read Original Post Here
Posted in SEO | No Comments »
The Ciao shopping and price comparison sites, operating in seven European countries and languages, will now be the property of Microsoft. This follows the deal reached between the software giant and Greenfield Online, operator of Ciao, for $486 Million.
According to 