Around about Sunday I realized that I was still replying to email and having a hard time being on vacation without reading about search. So I decided to leave the computer behind for a few days and read some books instead; I’ve been in “a book a day” mode with very little computer time, so here’s a few mini-reviews of books I’ve read since Monday.

Altered Carbon, by Richard K. Morgan. As much a detective novel as cyberpunk, but there’s nothing wrong with that. Morgan’s twist is that people’s memory can be backed up and then “sleeved” into a new body. I traded another Googler for this book, and now I’ll be checking out what else Morgan has written.

JPod, by Douglas Coupland. You’ll want to read Generation X or Microserfs first to acclimate to the style. The reviews that I read complained that Coupland introduces himself as a character in the book, but I thought it was fine. Another reviewer complained about things like prime numbers or digits of pi being thrown into the book, but it’s not as quirky as it sounds. The book still works.

One surreal part of JPod is that on page 73, Coupland starts listing languages from the world. By the time he got to Catalan, I suspected that Coupland cribbed it from Google’s language page. By the time I got to “Elmer Fudd,” I was sure. But then Coupland starts hiding other words and languages (Cockney, Fortran, Ikea, Stepford, Vanna White) in. Double-plus surreal. I objected to page 397 (you’ll have to pick up the book to see why), but otherwise it was a fun read. I dunno know about you, but I like reading books where the author changes the font and throws in some different stuff from time to time.

Out of the Woods, by Chris Offutt. A collection of eight stories by a native Kentuckian, about Kentucky. In the first story, “Out of the Woods,” a Kentuckian journeys to Wahoo, Nebraska, to pick up a brother-in-law who died. The lead character ends up hauling the dead man back to Kentucky in his pickup truck, along with some nice dirt he finds in Illinois. Many of the stories center around Kentucky in some way. I enjoyed this book, but I think readers would enjoy No Heroes: A Memoir of Coming Home more. Bear in mind that Offutt exaggerates and takes some artistic license in his representations of Eastern Kentucky.

Sharper Than a Serpent’s Tooth, by Simon R. Green. The sixth (?) book in the “Nightside” series is a quick/fun read, and not terribly deep. In the Nightside (tucked away in the heart of London), it’s always 3 a.m. and dark forces wait behind every corner. If you wanted a deeper/darker picture of a fictional London where magic courses through the Underground veins of the city, you’d be going for Neverwhere, by Neil Gaiman. But if you’ve already read Neverwhere, Stardust, American Gods, Anansi Boys, The Sandman series, and Good Omens, then you might be ready to try this series.

White Wolf, by David Gemmell. A pretty standard “swordmaster meets axmaster and quests to save someone” book. With Gemmell, many of his books are set in the same fictional land at different times. The benefit of that is that many books stand on their own; you don’t have to read them as a trilogy, quadrilogy, or dodecalogy. Nope, with Gemmell, you can usually count on each book wrapping up individually. A fine summer read, especially if you or someone you love finds it at a book sale (which is how I got it).

Quite Ugly One Morning, by Christopher Brookmyre. This was another reader suggestion, from Domas Mituzas, and I have to say that I really enjoyed it. It’s set in Edinburgh, so some of the lingo is a little hard-to-follow. But if you press on, you’ll find a nice tight little detective story. I liked watching things unwind for the killer, who is gradually injured more and more until he’s practically a walking zombie.

So far, I’d say that JPod was my favorite, followed by Quite Ugly One Morning and then Altered Carbon. Now I’m trying to decide what to read next. If you have more suggestions, chime in. :)

Lazy Saturday afternoon

So what am I doing on the first day of my vacation? That’s right, reviewing 2-3 papers for AIRWeb. Grrr. That’s the last thing left though. One more paper to review and then I’m going to try to stop thinking about work or search-related stuff for a while. I’ll try something like a good book. Or Kingdom of Loathing:

Mount Noob

Hope everyone else is having a good Saturday too.

Rules of thumb

I’ve been collecting a few common-sense rules that I wish the whole world followed. See what you think.


- When you take user input, allow as much leeway as possible. Let people do things like add spaces or other whitespace to the beginning or ending of their input. Or if you’re expecting a domain name, allow users to type in a url; just extract the domain from the url.

- If you have output files with dates, you should name things in the order YYYY-MM-DD, not MM-DD-YYYY. That way, whenever you sort a list of filenames, they’ll be in chronological order.

- If you think you’ve found an issue or bug, when you tell someone about it, give them enough info to recreate the problem.

- If you get bitten by a bug or an issue, fix the immediate problem. Then ask yourself “How could I keep this bug or problem from ever happening again?” Maybe it’s as simple as adding monitoring so that things don’t fail silently. Maybe a poor UI causes bad input. Maybe your code needs to do more safety checks or stricter input checking. Don’t just fix a problem–try to go to the root cause and make it impossible for that problem to reappear.


- When you’re sending out an email that several people are reading, don’t use pronouns. “He should be able to tackle this afterwards” may make a ton of sense to you, but don’t assume other people will know who “he” is, what “this” is, and what “afterwards” refers to.

- If you’ve got a file you want to show that’s less than 100,000 lines or so, put it into a web directory and just send out the url. Then people can access the raw file if they want, or look at the file in their browser.

- If you email many people and ask for someone to do something, no one’s responsible. It’s better to ask one specific person to take the action.

- If you’re sending out an email with links in it, check your links by clicking on them before you send that email.

- As soon as you type “I’m cc’ing (someone)” in an email, go up and cc them right then. You look silly when you say you’re cc’ing someone and then you don’t.

- Try to keep hyperlinks short enough so that they don’t wrap around or get cut off by someone’s mail program.


- It can be difficult to keep a secret on the web. If you are working on some innovative, amazing product that no one has ever seen before, strip your referrers. Also, sanitize any PowerPoint you make available. You probably shouldn’t change how you handle new subdomains or urls either. Remember, if a url is supposed to be private but anyone can access it on the web by visiting the url, someone will stumble across the url; use an .htaccess file to provide password protection on Apache servers. Because if people are interested enough, they will dig through your source code, monitor your robots.txt, and study which domains you buy, even if you buy them through another company. Plan according to how much scrutiny you expect. Update: Some people are even willing to go through the internal text files that you provide for translation/localization.

- When doing any messy task like cleaning out your cat’s litter, do it with your mouth closed.

- If you ask 100 people to do something, only about 25 will do it. If you threaten death and dismemberment, about 60 people will do it.

- When you’re in a conversation about something that you want, and you’ve gotten approval: stop talking and leave.

What rules of thumb would you suggest?

Goodbye, Blue Frog?

According to the Washington Post, sounds like Blue Security is giving up. Blue Security provided an encrypted list of emails that spammers shouldn’t harass. If an email spammer violated that, Blue Security could send thousands of requests from users’ machines to the email spammer. It was almost like an opt-in botnet that protected its users against unsolicited email.

So how did the do-not-spam email list work? Well, if you just provide a list of email addresses and say “Don’t mail these people,” that’s giving a tour of a beautiful house to a thief and saying “But don’t rob this house.” So Blue Security provided a one-way hash. Someone could check if an individual email address was on the do-not-spam list, but they couldn’t recover the full list. Smart, huh?

Well, there’s a problem with that. Imagine that you’re a scuzzy email spammer without any, you know, ethics. You could mount a dictionary attack against the Blue Frog do-not-email list. A dictionary attack in the world of passwords would be guessing the most common passwords for a set of user accounts. Given all the email addresses you know of, plus any you can guess, you can check if each email address is on the do-not-email list. After several hundred million attempts, you could probably recover a large fraction of email addresses on Blue Security’s list. Then you just do evil things: spam those email addresses, send them viruses, etc.

That’s why Blue Security is giving up: the email spammers have probably recovered a large amount of the email addresses that people gave to them. And the email spammers are threatening to do really malicious things to users that asked not to be emailed. Kind of a shame. What’s interesting to me is that the email spammers were seeing enough of an impact that they decided to attack Blue Security.

Via Threadwatch.

Thoughts on Alexa data

I saw my first Apostolos Gerasoulis commercial tonight, and it reminded me that I meant to check on Alexa’s traffic data for Ask. Then I threw my site in too. Here is what I saw:

Alexa traffic graph for Ask

I take two lessons from this graph: First, the TV advertising isn’t jolting Ask’s traffic. The biggest spike was when they dropped Jeeves at the end of February. TV advertising didn’t seem to benefit MSN much last year either.

Second, there is some serious webmaster skew in the Alexa data. There is no way that I have 1/4th the daily reach of Ask. I think my site gets a little boost because tons of SEOs install the Alexa toolbar.