Archives for August 2008

My favorite books of 2008 (so far)

Okay, so we’re more than halfway through 2008. I’m a voracious reader, and I wanted to share my favorite books that I read in the first half of 2008.

1. American Shaolin. Matthew Polly grew up in Kansas and decided to go study martial arts in China with Shaolin monks. I dare you to read the first chapter and then try to stop reading. Polly sets up a hook — the beginning of a fight in which he is over-matched — that is irresistible. Whether you want to learn more about Chinese culture or kickboxing, I think anyone would enjoy this book. Polly’s book is rewarding and genuine.

2. Little Brother. Cory Doctorow has written a book that is both thrilling and (gasp) educational. The story revolves around a inchoate hacker named Marcus who is wrongfully imprisoned and humiliated in the aftermath of a terrorist attack. Marcus’ experience crystallizes his opposition to the overreaching security measures in the post-attack hysteria, and Marcus dedicates himself to exposing the flaws of the brave new world in which he finds himself.

Let me add a detour about books that educate: I’ve always wished that more fiction authors would slip in just a few tidbits to teach readers. Usually such attempts miss their mark, either because the education feels just a little too heavy-handed (e.g. Hackerteen), or the material is too easy. For example, Kaplan started a line of comic books with SAT vocabulary, but the words are stuff like roster and barricade. Sorry, not hard enough. Give me meretricious and quotidian and calumny and inchoate, but not roster.

I love that Little Brother is able to throw some education into the mix of entertainment and adrenalin. A friend of mine is reading it and remarked that it made her want to learn more about cryptography. I have to think that those little epiphanies are exactly what Doctorow is trying to achieve with his book. The book ends with an afterword by Bruce Schneier, a well-known security researcher. In his afterword, Schneier discusses what a “security mindset” is and why it’s important. Schneier has written a very good article online about the “security mindset,” and I encourage everyone to read it.

In the past, I’ve been on the fence about Cory Doctorow’s writing. I enjoyed Down and Out In the Magic Kingdom for its description of “whuffie” (think of whuffie as a reputation measure like PageRank, but it exists along a richer number of dimensions instead of as a single number). But Eastern Standard Time didn’t grab me enough for me to finish it.

In Little Brother, Doctorow’s writing is crisp and sure. I read William Gibson’s Spook Country at the same time, and it really felt like Gibson has passed the torch to Doctorow. Spook Country built to a satisfying conclusion, but deliberately embraced the technology of the past few years. In Little Brother, Doctorow skips forward into a paranoid future just a little bit, and the result feels ripped from next year’s headlines.

So: I think you’ll like Little Brother and I think you’ll learn at least a couple neat ideas from it as well. Little Brother is not just an enjoyable book; it’s an important book.

3. How to Rig an Election. This is a book by Allen Raymond tells a political operative’s experience with trying various tricks to affect elections. At one point, he veers into the blackhat arena by effectively mounting a denial-of-service attack against the competing campaign’s phone bank on Election Day. The blackhat experiment ends very badly (along with the competing campaign, the phone lines also belonged to some firefighters) and the author spent time in jail.

How to Rig an Election is compelling to me for a couple reasons. First, it will appeal to anyone who is interested in security or how to make a process (whether it be search or elections) robust against cheating. Second, this book has an amazingly raw and honest voice. From the tone of this book, you can tell the author has burned all his bridges and contacts to the ground and never expects to work in politics again. How to Rig an Election is a breath of fresh air, even as it makes you think about what things might be going on during other elections.

What books have you enjoyed so far in 2008?

I’d be curious to hear what you liked or disliked.

Three tips for “company blogging”

This is my personal blog. I don’t run my draft posts by Google’s PR or legal team, other than maybe 2-3 times when I thought a post might have legal implications. But I have learned a few hard-won lessons. So, when someone recently asked me for tips about talking to the public, I couldn’t resist. Whether you blog for the company officially or unofficially, here are my top three rules of thumb:

  1. Don’t make hard promises about the future. One of the beauties of web-based software and services is you get to decide when to push out changes. Don’t give up that freedom by promising a feature to the outside world by a certain deadline. Maybe later you’ll decide that a different feature is a bigger win. Or you may want to hold off for a week to polish down the last rough edges on a product.
  2. Don’t trash talk a competitor. Your product should be strong enough that you don’t have to diss a competing company. Back in 2002, an article in the Boston Herald showed up about another search engine. The article claimed that “The entire XXXXXXXXX Catalog is updated every 9 to 11 days.” I knew for a fact that wasn’t true and at first I wanted to rip that claim to shreds like a bulldog. But (with the advice of some wiser Googlers), I decided to take the high road instead of picking a fight. In fact, claims like that motivated Google to be fresher and faster. Now I believe Google has the freshest index of any of the major web search engines.

    Sometimes other companies will throw dirt in your direction. In that case, the challenge is to correct any misperceptions without picking a fight. But first ask yourself: do you really need to respond at all? If not, then maybe it’s better not to get pulled into an argument where everyone involved loses a little credibility. So far I’ve written 10-15 draft posts (and who knows how many I’ve written in my head) where I was snarky about another search engine, and then not published the post. Each time when I look back after a few months, I’m glad that I didn’t post.

  3. Don’t post when you’re angry. This is probably the most important tip. If you have to write something, go ahead, but don’t press publish until you’ve slept on the situation or had a chance to calm down completely.

I’ve broken each of these rules, and regretted it almost every time. What tips would you suggest when blogging about your company?

Digging out from SIGGRAPH and L.A.

I’m up to my ears in email from last week, but I had a great time down in Los Angeles and at SIGGRAPH:

3d duck

I’ll try to write up a little bit about the trip, but for now I’m gearing up for SES San Jose. Places to find me:

– I’ll be on a keynote panel on Tuesday. By the way, I don’t know who put my title as “Software Engineer Guru,” but it wasn’t me. 🙂
– I’ll be at the Google Dance on Tuesday night.
– I’ll be roaming the halls and attending sessions, especially on Tuesday and Wednesday.

If you see me, please walk up and say hello! I’d love to hear your thoughts about things that Google should be doing.

By the way, the LED cube in this image is this project.

What to do in Los Angeles?

I’m going to be down in Los Angeles for the SIGGRAPH computer graphics conference next week, but I hope to have a little sightseeing free time. What would you recommend seeing or doing in Los Angeles?

A Quick Tutorial on JavaScript Bookmarklets

Bookmarklets are very handy pieces of JavaScript code that you can bookmark. In HTML, if you want a link to open in a new window, you’d write it like this:

<a href=”” target=”_blank”>Matt Cutts</a>

Go on, try it on this link: Matt Cutts

If you wanted to create a bookmarklet to open a new window or tab, you’d do it like this:

javascript:(function(){‘’); })();

so the actual bookmarklet link that would appear in your HTML as

<a href=”javascript:(function(){‘’); })();”>CNN</a>

and if you want to play with it, here’s the trivial CNN example bookmarklet. On Firefox, you can drag the bookmarklet to your bookmarks bar. On Internet Explorer, you can right-click and select “Add to Favorites…”.

The reason I mention this is that is a url shortening service that I like, and they have a bookmarklet, but it replaces the page that you’re shortening. Their bookmarklet looks like this:


So suppose you find a new page that you want to twitter about or shorten the url for some reason. You want a bookmarklet that opens the url in a new window or tab instead of replacing the current page. Combining the two bookmarkets, you’d get

javascript:(function(){‘’+encodeURIComponent(location.href)); })();

and here is a bookmarklet for that opens your url in a new window or tab. You can just drag the bookmarklet to your bookmarks folder.

That’s enough to get you started with bookmarklets, but you can find more info about bookmarklets by searching or by looking at example bookmarklets around the web. For example, industrial-strength bookmarklets often load JavaScript dynamically from a webserver. That way if you want to upgrade or improve the functionality of the bookmarklet, you can change the code on the webserver instead of asking every user to update their bookmark. On the other end of the spectrum, some quick-and-dirty bookmarklets don’t even bother escaping the url.

I want to open a new tab, not a new window!

Some webmasters want to choose between a link opening a new tab vs. a new window. I believe that you don’t get that choice — it’s up to the user and their web browser. For example, in Firefox a user can select their desired behavior under Tools → Options → Tabs → “New pages should be opened in:” and choose “a new tab”. Or to tweak the setting directly, the user can type “about:config” into the location bar/address bar and then modify the “” option to be one of the following values:

1 = open new windows in the existing window
2 = open new windows in a new window
3 = open new windows in a new tab (this is the default in Firefox 2 and Firefox 3)

See this about:config page for more info.

Likewise in Internet Explorer, the user can go into Tools → Internet Options → “Settings” button in the Tabs section and then under “When a pop-up is encountered:” choose “Always open pop-ups in a new tab”.