Is Your Web Getting Filtered? What's Blocked or Unlocked?

Entering our third full day here at Lucille Packard Childrens' Hospital with our twins, I have to say I'm impressed with the easy access to high-speed wireless Web. For me, wireless high-speed access is a must, and I don't have much to complain about. Interestingly, the hospital's system, by default, has instituted filters, in theory to protect them legally, and maybe to conserve on bandwidth. This doesn't bother me too much, but as I surf, seemingly with one hand tied behind my back, I find that the sites they've opted to block, and those they've allowed to go through at times have me scratching my head.

I noticed I couldn't log into my Mac Mail via the desktop application right away, but Webmail was fine. I later noticed some sites were blocked when I tried to visit Athletics Nation and follow yesterday's A's game. Safari reported being unable to visit the site. I checked other Sports Blogs Nation sites. Those too, were all down.


A Sample of Approved Sites and Those Blocked

Then, after many on FriendFeed had demanded some early photos of Sarah and Matthew, I tried to take the pictures I had from the last two days and post them to Flickr, feeding the beast. But they were blocked. Then, I tried to log on to my FTP site and upload them to louisgray.com directly. No dice, again.


Sorry, can't upload via FTP!
Luckily, I did find a work-around. By sending the photos via the great Mail2FF program, as attachments, the photos themselves were saved on Amazon's Web Service and archived there. (It's the same way I "cheated" and got FriendFeed to host the graphics in this post for me)

After last night's post on my 10 beliefs in blogging and the Web, I saw someone had posted the story to Hacker News. But I couldn't see who, again, thanks to it being blocked.

IM Blocked: iChat and Google Talk don't get through.
The blocking seems well intended, but random. It makes sense that I shouldn't have access to Fleshbot or AdultFriendFinder (mind you, I just checked them to see if they were filtered), but it makes less sense to have sites like Sports Blogs Nation blocked, when ESPN.com is approved, or to have Hacker News blocked if Techmeme is given a pass.

I'm lucky that I usually don't encounter Web filters. I have free-flowing access at home and at work, and this weekend's experience has been outside the norm. If you are filtered, whether it be at work, at school, or at the library, what sites have you found blocked that you think are wrongly stopped? I'm curious to see if this setup is too aggressive, or in line with your own experience.

Banning by Computer, Repairing by Hand, Google KOs TechWag

For many blogs, Google traffic sends the overwhelming majority of visitors. TechWag, a technology blog authored by Dan Morrill, claims Google constitutes upwards of 80 percent of traffic. Or it did... because earlier this week, Google identified his site as harmful, and instead of sending people to his site, would-be visitors are instead warned that by visiting TechWag, their computer could be harmed (See why). As a result, traffic has, as you would expect, evaporated.

Dan walked through his site, contacted his hosting company, and resolved the issue, before April 16th. But by the 19th, the issues still have not been resolved. As he writes in a post today (We are not a Malware Site), "Google is going to take its own sweet time cleaning up the disaster in their index. It does not matter how fast you clean it up... what matters is how fast Google can clear an erroneous flag in their database."


Google Warns Visitors to TechWag.com
Dan estimates it took five hours for Google to block his site, and another five hours to resolve the initial issue. But Google's Webmaster tools claim resolving the block will take "several weeks", and they "unfortunately ... can't reply individually to each request."

Google's not being evil, and was well-intended to steer would-be victims from what could have been seen as untrusted code. But the disparity of time taken to block and that taken to fix is going to have a real toll on Dan and his site. And while I may not be the biggest fan of ads on blogs, Dan does have them, and if he was looking to get any kind of paycheck off this week's activity, he's going to be sorely disappointed.


After Clicking the Link in Google...
As he writes, "Come on Google, if you are going to kill off a web site, at least have the courtesy to respond at Internet speed. Taking two weeks to check to see if we are “ok” is absolutely unacceptable."

Why can I read his site? Because I trust him and TechWag. It's a great blog. (Also I use a Mac, so I'm not too worried...) Too bad most visitors from Google are likely going to be scared away. I dare you to take the risk. Go to www.techwag.com and sign up for his RSS feed. It won't hurt. I promise.

The Data Ownership Wars Are Heating Up

You would have to have been in a cave or without Web access today to have missed Robert Scoble's one-day forced exit from Facebook, initiated after he utilized some pre-release software from Plaxo to pull down his friends' contact data. Without wanting to pile on that already fatigued story, it's an interesting salvo in what will be a heated, prolonged, battle between all the service providers, and their users, over who should gain access to what data, who owns it, and what they should be allowed to do with it.

Facebook's reasoning was that his efforts violated the company's terms of service. It's all well and good to bring your data into the site, but don't you dare try and get it out. FriendFeed's Paul Buchheit, doing some TOS sleuthing of his own, asks in response, Should Gmail, Yahoo, and Hotmail block Facebook? After all, Facebook users are all giving the site access to the same type of user information deemed so valuable, and just as in violation of the terms of services as Robert's stunt was.

And Facebook isn't alone in this yearning to import contacts from other services. LinkedIn does the same thing. So does Spokeo. You can synch up your Webmail contacts, or import a .vcf card from any application, like Microsoft Outlook or Apple's Address Book. But isn't this data yours? Shouldn't it be just as easy to get the data out as it was to get it in there in the first place?

This is bound to get even more intense in the coming year and beyond. Just look at what happened when the Google Reader team got a tad over-aggressive in deciding for you how you might want your shared link items distributed. There were calls from all corners of the Web for privacy and for Google to renounce the practice. With data being so easy to generate, and so portable, for different services and devices, and with so many companies' intellectual property effectively being from user generated content, they have a vested interest in keeping you and your data in, and the ability to export out.

With that being true, it's remarkable when some companies approach the issue in a much more transparent and beneficial way. Take Assetbar, for instance. In the company's product description, they write, "Don't worry, your data is yours. You can always delete everything and even export it as a .csv or XML file!" Assetbar knows that the data you brought in and you commented on, the data you shared and the private messages you created are yours.

I believe that users aren't going to stand for companies deciding just how they should be allowed to interact with their friends and their information. They are going to demand portability. They are going to demand transparency, and they are going to demand a rapid response when things go awry. That Facebook eventually got back to Robert today and restored his account is fine, but if he wasn't one of the highest-profile bloggers on the planet, there's no way it would have happened that quickly. This time, Facebook just may have done enough to save face. But there will be a next time, and a next, and a next, unless the policies change.

On the same wavelength, Scott Karp writes about:
The Coming War Over Data On The Web

As Google Relents, Spokeo Holds Tight to Auto-Friending

While Google Reader noisily backed off yesterday, stemming the tide of privacy complaints, other services, like Spokeo, are not changing their policies of automatically linking friends' data from one service to another.

In a post called, "Why we don’t require friend requests", Harrison, an occasional commenter on this blog, says that while some are uncomfortable with the idea their activities on one site will be shared with friends on another site, the service is simply utilizing public content, and as you don't need to ask permission to subscribe to somebody's RSS feed reader, you shouldn't have to ask permission to view their public Flickr photos, view their public Amazon Wish List, or view their public ratings of songs on Pandora, for example.

(See earlier coverage: Spokeo Upgrades RSS and Friend Tracker, Invites Available and PlugandPlay Expo Highlight: Spokeo)

New services like Spokeo thrive on transparency. If I have a friend on MySpace or Friendster, Spokeo will crawl popular services and find if I can get updates from their blogs or other activity. This can be done without the knowledge of the person being crawled, which is why I've heard other people refer to the company as "Spook-eo", remarking how spooky it is they can dredge up things you thought you had hidden away.

But Harrison brings up another great point, saying "We don't want to bother your friends."

I've complained ad nauseum about the stupid requests we get every day from applications my friends install on Facebook, or the countless e-mails from services I won't use, like Plaxo and Shelfari. If Spokeo sent out an e-mail to each friend to ask for permission to access each service, it'd be a nightmare.

It all comes back to the same issue, essentially, which we covered yesterday. If you have activity on the Web which is tied back to a single e-mail address or identity, it is public. That can range from posts on message boards years ago, to Google Reader shared items, to your del.icio.us bookmarks. There's no question I've probably said some silly things out there in the past I'd like erased, but we will live by transparency and die by it. I'm glad Spokeo isn't wussing out and changing its policy.

Google Reader Blinks, and the Mob Wins

As Google's features become more widely adopted, the company will have to transition from developing products an engineer would love to developing products that more mainstream, less geeky users can understand right away.

At times, it seems the company's high and mighty approach to software development can leave many guessing to their intentions, and the motto of "Don't Be Evil" just doesn't cut it any more.

As noted earlier today in my post "Forget About Privacy. Embrace Openness.", the blogosphere seemed up in arms over a recent innovation by the company's Google Reader team to tie in your "friends" list within GMail and GTalk with your shared items in Google Reader. While on its face, this innovation would more easily bring those things you find interesting to your friends, it instead raised holy Hell with those who never considered just who could gain access to a list of items they had made public. It had people screaming about privacy, saying Google had ruined Christmas, and had others demanding to know why someone they had a casual conversation with was somehow called their "friend".

While I believe the revolt was seriously overblown, and that those decrying the sharing need to wake up to the transparency of the Web, it looks like Google had enough bad press for one holiday, and cried Uncle. Tonight, the Google Reader team offered a new blog post, lightly titled "Managing your shared items", that enables you to make some of your "shared" items private. As they write, "Thanks to all our users for helping to make Google Reader better, so please keep your feedback coming!"

"Thanks for all the feedback" in Geek world is a euphemism for "Stop complaining and pointing out our problems!", slightly mixed with the angel dust of PR. And Google isn't a huge fan of bad PR, so they got this one fixed right away. For now... until their next innovation gets voted out by the TechMeme mob and non-expert netizens.

Forget About Privacy. Embrace Openness.

A couple weeks ago, when I was meeting with the Assetbar team, prior to getting my account, they asked, "How important is it for us to be able to block people from being able to 'follow' you?". I told them that it wasn't at all. If I join a site like Assetbar or FriendFeed, if I blog, or if I share items using Google Reader, I fully expect that content to be open to anyone capable of finding it. It's immediately in the public domain, as far as I am concerned.

That's why the ruckus over the last few weeks regarding Google Reader shared items is complete bollocks.

My Google Reader Shared Items has a public URL, which I've chosen to embed here on the blog. Others with shared items, including Arvin Dang, Jason Kaneshiro, Mark "Rizzn" Hopkins, Robert Scoble and Mathew Ingram, have similarly posted their shared items, in effect, giving you the option to surf the best of the blogosphere through their eyes.

But some are alarmed that people they didn't expect to read their shared items could. Some complained that competitors could see what they found interesting, and get to a story first. But cry me a river... if you've got some proprietary knowledge, keep it to yourself, and don't share it! That's why even though I read dozens and dozens of stories per day for work and have many search strings to find out about my company and the competition, I never share it in Google Reader, I never blog about it, and I never add those links to del.icio.us. Because when I do, it would cross the chasm from proprietary to public.

As a blogger, I am sharing my comments, insights, parts of my life and conversations with the Web at large, and through this, we've built a small community of frequent visitors and commenters. I do not believe I would be better served by putting my content behind a password-protected veil. I do not believe that I should be hiding my e-mail address or my cell phone number. I do not believe that my Google Reader shared items are not part of the public domain.

I believe as the Web evolves, the new generation of users will expect full transparency, and those of us resisting the change will be seen as dinosaurs. I want you to read my blog. I want you to subscribe to my RSS feed. I want you to befriend me on Facebook or follow me on FriendFeed. I want you to read my Google Reader link blog. I want you to follow me on AssetBar.

This is the way the Web is going, and we should take the blinders off our eyes.

See additional commentary:

Mathew Ingram: Google ruining Christmas? Get a grip
Robert Scoble: Google Reader needs GPC
Slashdot: Google Reader Begins Sharing Private Data
ParisLemon: Google Readers' Social Flaws Have Users Up In Arms

eBay Locks Me Out for My Own Good

I must receive dozens of fake phishing scam e-mails a week, from spammers who think I'm dumb enough to log in to their fraudulent Web sites to enter my login and password, whether for eBay or PayPal, Amazon or Wells Fargo. I even get junk e-mail asking me to update my information for banks I've never had anything to do with, including Bank of America, Washington Mutual, and others. That's why when I received a note from eBay on July 31st saying my account had been compromised and locked down, I deleted it. Obviously spam.

So last night, I tried to log in to eBay and it didn't work. And it wasn't an issue with my memory. I've used the same login/password combination on eBay since 1998, and I was sure I had it right.

I hit the "Forgot Password" button, and eBay asked me to get two of three things right, my mother's maiden name, my zipcode, and my primary phone number. Sounds easy, right? Wrong. Mother's maiden name I got right away, but if you keep in mind I registered my eBay account almost 10 years ago, I've moved a few times since, from my shared apartment in Berkeley to Belmont, Palo Alto and now, here in Sunnyvale. So I had to try a few zip code combinations, not to mention phone numbers. Those changed too.

Eventually, I figured it out, and luckily, the e-mail I had on file at eBay was current, or that would be yet another mess. Now back in eBay, I had a note that said "It appears the password for your eBay account may have recently become compromised. As a result of this, we have reset your password and secret question." That's why I had been locked out. But I didn't see any odd bidding, so I have no idea what triggered the issue.

Now, I have a new password. And now, unfortunately, this just may make me look at the phishing e-mail scams as if they might actually be real, and that's not an improvement. Although I have the utmost respect for Web leaders like eBay, Paypal and Amazon, I have to imagine the fraud business dramatically impacts their ability to do e-mail marketing and customer service, and that must be incredibly frustrating.

Power Back On After 2 1/2 Hour Outage

The only thing as startling as finding the power suddenly turned off unexpectedly is the whirring back to life of all the electronics and seeing the lights come back on throughout the house in the middle of the night when power is restored.

About 2 1/2 hours after we lost power tonight, we seem to be "all systems go", though a quick Google News search and Google Blog search don't turn up any reasons for the interruption. I guess if a power grid fails and nobody was awake to notice, did it really fail?

Issues like this, where the grid that keeps us going and connected seem to not be redundant or easy to disrupt, make me more nervous than any alleged weaknesses in our security systems, as far as hackers or terrorism are concerned. We've come to rely so heavily on the modernization of our communication and information systems that hitting our power and cable seems to be the best way to go to decentralize our knowledge base.

And yes, we were already awake past 2 a.m. Our dog continues to struggle after her recent issues and has managed to keep me up thus far. We may get some sleep tonight. Regardless, we do have power, and that's a start.

Update: Palo Alto Online reports a tree fell and hit a power pole before midnight, knocking out power from Sand Hill Road to California Avenue. Of note, their story says power was restored after 3 a.m. This blog post shows it was back before then.

Ack! Google Reader Update Wipes Out History

I am usually eager to embrace new updates, but when a vendor, whether a Web services provider, or a software developer, makes changes that mess with my data, it's not a good thing. This afternoon, it looks like the Google Reader team just made some updates, to enable more uniform reading of items, but with the addition came subtraction, as the update wiped out my historical data, showing which sites are most frequently updated and shared.


A very empty snapshot from Google Reader Trends this afternoon!

My Google Reader Trends page tends to be a wealth of information, acting as a blogosphere barometer for what sites are topical, and which offer new items rapidly.

Just last week, Robert Scoble posted a story on his "favorite 35 feeds for the past month", powered by Google Reader, but if he tried to do that test again, it's likely his data would be gone. I know mine is.

With Google owning more and more of my data, my present and my past, from my RSS feeds to my blog to my e-mail and news, the idea that the company could arbitrarily wipe out any part of my data without warning is very concerning. This is a nasty bug, Reader team.

Comcast Cable Internet's On the Blink

Typically, when we lose Internet access at home, my first inkling is to start the finger pointing toward our Airport Extreme base station from Apple. Despite a recent upgrade, it seems we lose all connectivity for about 20-30 minutes of each evening, often at the most inopportune times. But, in a flashback reminiscent of the 2000-2002 timeframe, when this happened all the time, tonight, in our corner of Sunnyvale, it's our cable modem that's literally on the blink, denying us connectivity.

All I have to say is thank goodness for nearby neighbors with unsecured wireless basestations that don't have a password. When our home network goes down, I just go to the Airport menubar and choose one of the available networks and keep going.

But truth be told, any time one of the key cogs to the Internet gets wiped out, it has me thinking how vulnerable our information delivery systems are. Prior to the Internet's pervasive presence, we could expect TV to always be available, or in the case of power outage, it was always a smart idea to have a battery-powered radio handy, to keep updated through an emergency. Now, we have made the Internet a key player in our communication, entertainment, news and commerce. Disrupting Web access for communities, regions or on a larger scale would have dramatic effect. Forget the obvious issues of forcing geeks to go outside of their cubicles without sunblock. It actually could stall the way we operate.

I'm not saying a mere blip in Comcast's uptime is the end of the world. I obviously found a work-around. But today's virtual highways are just as important as the real ones and disruptions or snarls could slow us down in a big way.

U.S. Web Traffic Down For Memorial Day?

This being a 3-day weekend and the traditional kick-off to summer vacation season, it looks like even the geeks have left the keyboards behind and headed for more enjoyable places - ostensibly without net access. Robert Scoble's on his way to South Lake Tahoe, and even TechMeme makes it look like it will be a slow weekend.

Of interest, I looked at my own traffic, and I see that nobody from within 1,000 miles has come to the blog in the last little while. Instead of the usual domestic traffic, with much of that from the Bay Area, I've been frequented by visitors from India, Egypt, Belgium, New South Wales, Poland, the UK and a flurry from Nova Scotia. I guess they didn't get the memo the rest of us are on holiday.



Also of interest, it looks like the Register.com laptop theft I mentioned yesterday is leaking to mainstream press. The Inquirer (UK) starts the coverage. Paul Ferguson notes the security breach as well.

Register.com Laptop Stolen, With My Credit Card Data

With all the stories in the news over the last few years of misplaced laptops and lost data tapes containing personal information, including financial details, such as credit card and social security numbers, it figures that is has now come time for me to finally be the victim. Register.com sent me an e-mail this evening saying that "while less than 2%" of the company's customers were believed to have their account and credit card data on a stolen laptop, that I was one of the lucky ones to be impacted.

As the company's customer service director writes, "you are receiving this letter because we believe that your customer data and credit card information was on this laptop."

Register.com, the domain name service by which I registered louisgray.com and host the site, says that the company has no evidence my data has been misused, that there is a low likelihood of my information being compromised, and that "appropriate third parties and law enforcement agencies have been notified." Yet, despite all of these things, the company still recommends I notify my credit card company, and enroll in an identity theft protection service from Equifax. Helpfully, Register.com is offering me the first 12 months free, though I have no doubts I'd be asked to pay up come a year from now.

Beyond the obvious annoyances this poses, the timing of the e-mail is extremely suspicious. The e-mail was sent after 4 p.m. on a Friday just before an extended holiday weekend. If there were ever a time to try and hide a major security incident from the press, now would be a great time to do so. And despite the potential for identity theft, mysterious charges and significant hassle, the company wraps up the e-mail by saying, "thank you for your continued business partnership with Register.com."

They can only hope so. We'll be watching this situation very closely. Have you ever been the target of identity theft or been alerted your data was at risk?