I’ve considered merging slack-tux.org with olstrom.com for some time, and finally decided to do it. If you notice many updates at to the feed post at the same time, this is a one-time effect of merging two sites. My apologies for any clutter this causes in your feed reader.

Some changes (under the hood):

• olstrom.com runs classic WordPress, while slack-tux.org ran WordPress-MU.
• The posts from slack-tux.org were merged into stream from olstrom.com while preserving paths.
• All comments transferred successfully and yes, IntenseDebate is the comment platform of choice here too.
• Linking to slack-tux.org will redirect to an appropriate page on olstrom.com, so this merge should not break any links.

The feed URL has changed. Please update your subscriptions to use http://feeds.whatthefork.org/ChrisOlstrom. While this is not strictly required as both draw from the same underlying source, it would simplify stats for me (something I would appreciate).

Post from: Chris @ Olstrom (.com)

Important Updates to Slack-Tux.org

© SiliconViper for Chris Olstrom (.com), 2009. | Permalink | No comment | Add to del.icio.us
Post tags:

When we talk about Short URL services, a “Custom URL” is the option to specify part of the shortened URL. Most often this is the latter part of the URL, but it is possible to set up a short URL service to use subdomains, or spanning multiple domains.

Example:

• http://c.olstrom.com/<custom-url>

WordPress users may recognize this as a “slug“. In the context of short URLs, it has effectively the same meaning.

Why does it matter?

The most significant gain is usability. Readers are better able to understand where a link will take them, leading to increased click quality for that link. It may also seem less blind,¹ even though it is no less revealing about the exact destination URL.

As an example, consider the following case where a short link points to a hypothetical announcement where Google buys Microsoft:

• http://c.olstrom.com/google-buys-microsoft
• http://c.olstrom.com/4c9f

Which one will receive more clicks?

The answer involves more than the URL itself, including some of the following:

• Where and how we present the URL.
• Trust with the poster.
• Relevance to the reader.

Assuming everything else is equal, the “pretty” URL would likely attract more clicks.²

When should I avoid using a Custom URL?

There are cases where a custom URL is not ideal. They are often longer, which is impractical under tight space constraints. Though I would argue that a more descriptive URL recovers anything you give up due to reduced introductory text.

It may also be preferred to avoid Custom URLs with intentionally blind links. Affiliate links are a common example of this (ethical issues with this aside). Consider the following:

• http://c.olstrom.com/4c9f
• http://c.olstrom.com/thesis
• http://diythemes.com/?a_aid=WhatTheFork

Of those, two suggest a connection between the person providing the link, and the destination.³ This may affect how a prospect perceives the link,⁴ and in cases like this, avoiding a custom URL is beneficial.⁵

If a user would not click a link knowing what it is, tricking them into clicking it is dishonest, and deservedly damages trust. If you feel differently, please share your opinion in a comment.

Post from: Chris @ Olstrom (.com)

What are Custom URLs?

1. I refer to a link as “blind” if it is not obvious where it leads without clicking on it.
2. I am speculating on this point. Feel free to disagree in the comments.
3. Admittedly, this is not clear to everyone.
4. Regardless of your stance in the “paid link disclosure” debate, there are people out there who feel that anyone making money at this is untrustworthy.
5. This applies more to links provided off-site. If presenting the link on your site, a custom URL is unlikely to negatively affect trust.

© SiliconViper for Chris Olstrom (.com), 2009. | Permalink | One comment | Add to del.icio.us
Post tags:

I’ve been told by more than one person that I take on too many projects. While there are elements of truth to that, I have no intention of stopping. Why?

I don’t like limitations.

Not that I don’t believe in them, but at any given time I can make a guess as to where my limits are and be wrong. If I sell myself short, I may have missed out by not trying. On the other hand, if I overestimate my reach, I may fail.

Given the choice, I’ll take failure over surrender every time. Why?

If I act and fail:

• I replace speculation with certainty. I know that I did not succeed.
• I gain the opportunity to assess what led to this outcome.
• Understanding how I failed, I can refine the skills required to succeed.
• I can change the actions¹ that led to failure, and succeed.

If I fail to act:

• I create doubt from uncertainty.
• I deny myself the ability to learn.
• I avoid risk, yet gain nothing.
• I still do not succeed.

So why do people give up before trying?

In a word, fear. The paralyzing fear that they are not good enough, that they may fail, and that they may have to face that as reality, rather than possibility. Anyone can claim anything, as long as no need for proof exists. When faced with an opportunity to prove those claims, fear begins to take hold, chipping away at confidence, sneaking questions in that serve no purpose: Can I really do this as well as I thought? If I can’t, what will people think of me?

Society has ground into us the (flawed) perception that failure is shameful. This suggests that it is something to avoid, when the truth is that facing failure head-on is an act of courage, one of self-reliance and trust in yourself.

We disguise this with clever terms like “risk management”, but a name doesn’t change what it is or what it means. To be ruled by fear is to accept that you will never be more than you are in this moment. And that is simply not acceptable.

Empower yourself.

“I can’t.”

A phrase that should never be uttered. “I won’t” is acceptable. It says “I choose not to”, accepting responsibility for the decision. If you are not confident in your ability to act, start by taking control of your decisions. Own your choices.

“I don’t have time.”

What you really mean when you say this is “I don’t want to make time”. If it were important enough, you would make time. You choose not to.

“It’s too hard.”

If a situation seems overwhelming, break it down into smaller elements and digest them one at a time. Establish a foundation and build from that. No problem is insurmountable, if you are willing to spend the time.

What about you? How do you handle self-doubt?

Post from: Chris @ Olstrom (.com)

On Limitations and Self Doubt

1. Very few opportunities never come again, despite what salesmen claim. It may take more effort, granted.

© SiliconViper for Chris Olstrom (.com), 2009. | Permalink | 8 comments | Add to del.icio.us
Post tags:

Traditional affiliate programs segment conversions into two (main) categories:

• Originating from an affiliate, which trigger compensation to the linked account.
• Everything else, where that compensation is gravy for the business.

The simple reality is that purchases without referrals are more profitable, at least in the context of that single transaction.

How then, do we handle non-referrals?

Keeping things as they are would mean doing nothing. Retaining the extra as profit, which the company is absolutely entitled to do, but that makes for a very boring discussion. Let us explore alternative uses for it.

Affiliate Rewards

Competition

Use it as a prize fund for an affiliate competition. Material prizes or cash may work well, but ask your affiliates which they would prefer! Depending on the number of affiliates competing, consider a multi-tiered competition. Discouraging new affiliates by pitting them against established veterans does not seem wise.

Bonuses

Apply it as a bonus to select affiliates based on predefined criteria, such as:

• Top performing newcomer (most leads, sales, revenue generated, in 30-45 days since enrolment).
• Most improved affiliate (raw metrics increase, percentages are too easy to game).
• Highest retention rate (based on some hybrid metric of referrals still active and ages of those accounts).

Random Prizes

Randomly gift it to affiliates. The pool of candidates could be drawn from:

• All affiliates.
• Active affiliates (made a sale in the last N days).
• New affiliates enrolled in the program for less than N weeks (inspiration).
• Veteran affiliates (loyalty).

Combining these methods would be effective too. Multiple draws with different criteria.

Client Rewards

Much like affiliate bonuses, except the rewards are given to clients instead.

• A free N months of service, for recurring billing situations.
• A license for another product offered by your company.
• An extra license to gift to another party.

Applying the criteria outlined earlier for affiliates (loyalty rewards for long term clients, and motivational bonuses for newer clients), these rewards can create a positive client experience.

Consider a product that offers multiple editions (Personal and Professional, for example). Offer gift licenses (for distribution to another party) to a handful of randomly selected clients who have the Professional Edition, then track upgrades from those gift licenses and treating it as an affiliate sale  or upgrade.

How effective would something like this be?

Post from: Chris @ Olstrom (.com)

Non-Referrals in Affiliate Programs

© SiliconViper for Chris Olstrom (.com), 2009. | Permalink | 2 comments | Add to del.icio.us
Post tags: affiliate, eclipsehosters, marketing, referral

“If the freedom of speech is taken away then dumb and silent we may be led, like sheep to the slaughter.” –George Washington

What the hell is a proxy, and why do I want one?

Proxies are best described as relays. You send a request *through* it, and receive them back in much the same fashion. Consider the following example, using the classic Alice and Bob characters.

Alice wants to deliver a message to Justin without revealing her identity. She asks Bob him to deliver it. Bob hands the message to Justin, who reads the message and replies to Bob. Bob takes this reply to Alice.

This is effectively how a proxy server works. In short, the important part for anonymity is that as far as the destination host understands, all messages originate from the proxy server, and the user(s) behind it are not exposed. As far as Justin understands, he is talking to Bob. The only way he would be aware that the message did come from Alice, would be if she indicated that in the message.

Similarly, a proxy server obscures the IP address of the sender. However, if you sign your messages, they can still be identified as coming from you. If you use a pseudonym that leads back to you then once again: you are not anonymous. In this way, proxies allow the bypassing of certain restrictions (such as accessing a public site that denies access to certain users).

Advantages of Proxy Servers:

• As long as you can connect to a given proxy, you can connect to any service it can connect to.
• So long as you do not leave any information that leads back to you, your identity is not revealed.
• Proxies are trivial to set up.

Real-world examples of proxy benefits:

• In China, a citizen can access a censored site by routing their request through a proxy that has not been blocked, bringing information in from the outside world.
• In Iran, protesters can use proxies to get information to the outside word, despite restricted media coverage.

Disadvantages of Proxy Servers:

• Proxies are easily blocked by network administrators.
• A compromised proxy server may pose a greater threat than no proxy at all.
• Your identity is not hidden from the proxy server itself.

Risks Involved with Compromised Proxy Servers

• The server may alter messages sent through it without the sender’s knowledge.
• The server may fail to deliver a message, either through intention or fault. The sender may not receive notification of this failed delivery. A malicious proxy may report success.
• A compromised proxy server may log data sent through it  and use this against the sender. This is especially problematic in cases where users want anonymity for personal safety.

An especially nefarious proxy may combine these methods, logging the messages sent through, but not delivering them in their original form. If the user checks to confirm delivery (such as refreshing a thread on a forum, or fetching an article on Usenet), the proxy may replay the logged message, and insert it into the content (this would be computationally expensive, and likely very tricky to carry out in real-time). As far as the sender knows, delivery was successful, but the contents of the message may differ.

What kind of proxy server should I look for?

Proxies come in three main flavours: Web-based, HTTP and SOCKS. Simply put, SOCKS proxies don’t understand what they are passing back and forth. It is protocol-blind, simply relaying from sender to destination with minimal alteration (the primary difference between SOCKSv4 and SOCKSv5 is that v4 is TCP only, and v5 supports UDP as well as TCP. UDP is useful for such things as proxied DNS queries). HTTP proxies have a few perks to them, as it relates to your privacy. Web-based proxies (such as CGI Proxy or Glype) are usually trivial to deploy, but can only be accessed through a browser. This limits their usefulness, but does not deny it entirely.

As an example of clever HTTP proxies, Privoxy performs several useful functions as well as acting as a relay. It can handle cookies, strip advertising from pages, and even un-animate animated GIFs.

The same capabilities that allow HTTP proxies to enhance your privacy can also be used to weaken it. As an example, a malicious proxy could rewrite the HTTP requests to include information that may expose the sender.

Either style of proxy is acceptable, though I would personally recommend a SOCKS5 proxy, as you can feed far more through it than HTTP, such as IRC for anonymous realtime communication or FTP for anonymous file transfer.

How do I set up a proxy server?

You may want to do this for a number of reasons. Perhaps you want to have full control of the server, to avoid requiring trust with a third-party. Perhaps you live in a country where your access to information is not burdened by regulation or censorship, and you wish to aid the free flow of information in places where that is not the case. A topical example would be a Canadian citizen wanting to support the protesters in Iran by setting up an anonymous proxy for Iranian bloggers.

The simplest to deploy would be a web-based proxy, which would enable information flow through web-oriented systems such as forums. This may have been a significant limit in the past, but today there are web applications to deal with most non-web systems (databases and IRC, for instance).

Assuming you have a server with PHP5 available (if you don’t, Apache and PHP are in no way difficult to install, regardless of your platform), Glype is the most robust solution I am aware of, and trivial to install.

Simply download the zip archive, and unpack it on any accessible directory on the server.

$ cd /path/to/www
$ wget http://www.glype.com/downloads/fetch/proxy/53 -O glype-1.1.zip
$ unzip glype-1.1.zip
$ mv glype-1.1 proxy
$ chmod o+w ./proxy/tmp


Point a browser at http://your-domain-or-ip/proxy/, and your web proxy is accessible.

I have set up an example of this at http://tools.olstrom.com/proxy/.

A few points of contention with simple proxies.

One serious concern with most proxies is the potential of compromise. With sufficient access to a network, an eavesdropper can analyze traffic in and out of a proxy server to connect actions out of the server with a user sending data into it. Non-SOCKS proxies also suffer from the issue of DNS queries not being proxied, and potentially linking back to the sender. HTTP and web-based proxies suffer from potential exposure via tracking cookies, sometimes not handled at the proxy level, but left to the client application.

We can compensate for some of these matters by adding random delays between send and relay actions (at the cost of increased latency), and padding the output with useless data (generally headers that would be ignored, but in many cases, padding content is practical too). Strong encryption is also a practical route, though it requires support on both ends. Given the minimal barrier to entry, it’s something of a mystery that encryption is not ubiquitous by now, but that’s a subject for another rant.

Onion routing is a solution that addresses many of these concerns. It works like a Matryoshka Doll, by encrypting data with several layers of encryption, and relayed across a network of many proxies (nodes). Each node decrypts a layer of the onion (having the keys to only that layer) and reveals the next point, sending the remaining data there. This process repeats until delivery of the original data occurs. Each node only knows anything about  the nodes before and after it in the route taken. As these nodes are often in different countries, the legal complexities of coordinating data collection efforts work to the beneficial to those seeking anonymity.

Tor is a prevalent Onion Routing network, and quite simple to set up. However, it is worth noting that the exit node on any given route still has access to the unencrypted data (required to relay it to the destination) unless the connection uses SSL between client and server.

Download Tor, install it with the included installer, and then reconfigure your browser to use it. FoxyProxy and TorButton are two extensions for Firefox to make it convenient to toggle between proxies. Configuration without either extension should simply involve setting “Use Proxy Server” to manual, and setting it to host 127.0.0.1, port 9050.

Proxies are one means of preserving some degree of anonymity, but they are not without their faults. I will introduce some concepts that may address those concerns. For now, this should offer some groundwork for setting up proxies, and using them.

Post from: Chris @ Olstrom (.com)

Proxies: What They Are and How to Use Them.

© SiliconViper for Chris Olstrom (.com), 2009. | Permalink | 5 comments | Add to del.icio.us
Post tags: activism, anonymity, censorship, free information, freedom, Privacy, proxy

The Problem

Privacy is about choice. To have the freedom to act without fear of reprisal, should you so choose. It does not imply that all things require privacy, or that secrecy is always the best alternative. Private citizens should have the choice, and that choice begins with knowing the options.

A (Partial) Solution

I will be distributing information on how to defend your right to privacy. Anonymous information exchange, strong encryption, and other means of staying below the radar. My focus will be on digital privacy. Meatspace is an entirely different bag of snakes, and one I will not make more than a passing attempt at addressing. I will make some recommendations with regards to building your personal privacy toolbox, favouring open source software, if only because it affords the transparency required to trust it with something as vital as personal freedom.

Why Now?

The current attempts to control media coverage in Iran now highlight the need for increased awareness of privacy. With major news entities such as the BBC having reduced access (if any) to the events on the ground, much of what we know comes from those involve in the events themselves. But in a country where controls on information flow are well-established, this puts the people sharing this information at risk. If they are unable to get information about what is happening out, the only remaining source will be state-controlled media. And with the eyes of the world on them, I am confident that they will sculpt the information to present an idealized account of events.

Without strong privacy measures, an uncomfortable choice between personal safety and the free flow of information exists.

Paul Jones outlines some myths about privacy that are unfortunately all too common.

Only Those with Something to Hide Need Privacy.

A dangerous thought process. Who defines what needs hiding? Common definitions include things that would get the person seeking privacy in some form of trouble if connected to it.

A problem exists when we base definitions on laws. When the lawmakers are corrupt, and information control furthers oppression, things become much less black-and-white.

Privacy Impedes the Free Flow of Information

Far from it! Only without fear of reprisal can information be disseminated freely. Take the violence between the pro-government Basij and the protestors in Iran over the past week. Those distributing pictures, videos, and personal accounts of the events do so at significant risk to themselves. Some have paid a high price to share that information with the media.

Technology Always Invades Privacy

Technology is one of the driving forces in ensuring privacy. While there are technologies that exist to impede privacy (for instance, we can thank Nokia and friends for aiding the Iranian government in controlling cellular communication in the region), there exists a counterpart to most invasive applications of technology.

We can overcome traffic shaping with methods such as embedding one data stream in another or wrapping data in a layer of encryption. We can fight unacceptable activities such as monitoring private email communications with strong encryption. Censorship of “unapproved” information falls to proxies or alternative distribution methods.

Privacy Costs Too Much

That really depends on how you define cost. Is freedom an acceptable cost? Without privacy, personal freedom becomes very difficult to protect.

Enough Privacy Protection is Already in Place

While it is true that measures exist to offer some assurance of privacy, the point is moot if information on how to use them is not widespread. My intention in writing this is to put that information into your hands, and give you the choice.

Knowledge and awareness are two things rightly feared by any would-be oppressors. An empowered, impassioned community will not go quietly.

Privacy is Already Lost, So Get Over It

Privacy is lost the moment we stop caring, and stop acting. If there’s one thing an oppressive regime would like more than a passive people ignorant of their ability to resist, it’s a people who have already accepted defeat as either inevitable or already complete.

“In war as in life, it is often necessary when some cherished scheme has failed, to take up the best alternative open, and if so, it is folly not to work for it with all your might.” — Winston Churchill

The state of affairs in some regions is dismal, yes. Governments deploy measures to deny citizens their right to privacy, and those who speak out suffer for it. Yet even under such circumstances, the opportunity to reclaim freedom exists. Concepts such as CipherSaber exist for exactly this sort of situation.

What Can Be Done?

In the same thread Edward Wesolowski expresses concern over how privacy may “fall into the are of ‘things I can’t control’.

Pick up the feed, and I’ll show you how wrong he is.

Post from: Chris @ Olstrom (.com)

Defend Your Right to Privacy

© SiliconViper for Chris Olstrom (.com), 2009. | Permalink | No comment | Add to del.icio.us
Post tags: cypherpunk, freedom, iran election, Privacy, protests

http://iran.whyweprotest.net
Twitter: #iranelection #gr88 #neda

Hello, leaders of Iran. We are Anonymous.

As the eyes of the entire world hold you under close scrutiny, the eyes of the internet have taken a similar notice of your recent actions. While the governments of the world condemn you for your suppression of human rights, Anonymous has taken a particular interest in your recent attempts to censor the internet, not only for your own people, but for the citizens of the entire world.

Such suppression of dissent cannot go unpunished. By cutting off communication of the Iranian citizens to the rest of the world, you have made it clear to us that the most revered of human rights – the right to free speech – is no longer important to you. By seeking to silence the voice of the people in an election and subsequently seeking to silence criticism of such a gross cover-up, you have perpetuated the anger and rage of your people. Anonymous has therefore made it our mission to see to it that the voice of the Iranian people can be heard around the world.

Just like another authoritarian religious extremist group, Anonymous will tear down the walls of silence using only the truth – the truth that you are trying so hard to suppress by use of violence, intimidation, and fascist laws.

As your people continue to riot and to speak out against you; as you continue to beat and shoot your own citizens in the street; as you continue to lie to the face of the entire world; know that the internet is watching – and we do not like what we see.

Knowledge is free.

We are Anonymous.
We are Legion.
We do not forgive.
We do not forget.

Expect us.

Anonymous Message to Iranian Government on YouTube

Post from: Chris @ Olstrom (.com)

Anonymous Message to Iranian Government

© SiliconViper for Chris Olstrom (.com), 2009. | Permalink | No comment | Add to del.icio.us
Post tags: Anonymous, freedom, iran election, protests

It’s been a while since I’ve worked on enBot (December ‘05, actually), but I still get people downloading it. It’s no less stable now than when it was last updated, I just haven’t seen a lot of need for changes to it.

I’ve published the source on Google Code, with the hopes that it will be more accessible to more people this way. I still consider it an Active Project, and will make any fixes needed, should the need arise.

I have also converted the development history to a series of Mercurial change logs. Those are also visible on the Project page, along with the documentation extracted from the README file, published on the suitable wiki pages (see the pages on Writing Modules and Installing Modules).

Please file bug reports with the Issue Tracker, and the source is available for checkout.

Post from: Chris @ Olstrom (.com)

enBot Published on Google Code

© SiliconViper for Chris Olstrom (.com), 2009. | Permalink | No comment | Add to del.icio.us
Post tags: bot, development, enbot, google code, irc, mercurial, perl, Project

I posted on Twitter earlier about Shoemoney’s new Xtreme Internet Marketing Program, and I’m surprised at the amount of cynicism I received via comments (on Facebook, which pulls from my Twitter feed) and direct messages (on Twitter). Paul Cross summed up the general response well when he said:

TANSTAAFL

That’s “There Ain’t No Such This As A Free Lunch” for the acronym-impaired. Geoff Metcalf elaborates on this, stating:

Everything you use or consume (other than fresh air) has to be produced or at least brought to you by someone. And that “someone” usually doesn’t do that gratuitously.

So let’s clarify this. Shoemoney is not doing this out of the goodness of his heart. He certainly is doing it to make money. But that doesn’t mean this program is some sleazy sales pitch, or worthless in any way. For those unfamiliar with how affiliate networks work, they tend to have a referral element. If you refer someone in, you tend to get a bonus based on their performance. The network wins because they have more marketers pushing their offers, so paying out a little bit extra doesn’t hurt them.

So what I imagine Shoemoney is doing, is handing out this information, and referring people into various networks as part of the offer. Most networks don’t cost anything to join (though many do have strict requirements on things like readership, traffic volume, promotional methods, etc).

By providing solid quality in his guides, he gets these new referrals performing well, which in turn provides him with some extra passive income. There really isn’t any incentive for Shoemoney to scam people, since the better these trainees do, the more money he makes. So really, he has every reason to make his Xtreme Internet Marketing Program top-notch, scam-free, and as easy to follow as possible.

Jeremy is not trying to scam anyone.

Post from: Chris @ Olstrom (.com)

Shoemoney Xtreme Internet Marketing Program – Free Lunch or Not?

© SiliconViper for Chris Olstrom (.com), 2009. | Permalink | No comment | Add to del.icio.us
Post tags: affiliate, internet marketing, make money online, marketing, referral, shoemoney

My mobile phone (with Telus Mobility) keeps me connected. This isn’t about the talk and text crap, you can find that anywhere. What I’m about to describe is why I chose to have a data device, as they are often referred to. This is not specific to Telus Mobility. I’ll leave the ranting about which carrier is best to people who care. I’m with Telus, I have no intention of moving elsewhere so long as the service offered continues to meet my needs.

When most of the people you communicate with have similarly powerful handsets, the communication game changes slightly. Traditional mobile chatter (voice and SMS) declines, as modern alternatives replace it. No longer burdened with the limited character-count of text messaging (tangent: 140 characters is more than enough to tweet, but not always enough to text), more interactive formats move in. XMPP (Google Talk or Jabber), Yahoo! IM, Live Messenger, ICQ, AIM, whatever the protocol¹, they all support similar features (why they haven’t been merged into a universal protocol is somewhat a mystery). Unlimited character count is a big one, and not just for long thoughts. SMS charges (when your plan doesn’t include unlimited usage) are the same for any length within the allowable limits. So a casual greeting has the same cost as a 160-character masterpiece. When your conversations consist predominantly of short statements, this is a big cost-saver.

So to me, SMS is dead. The few messages I get are either someone telling me to hop on another protocol (typically Google Talk), or notifications for various SMS-enabled services (Direct Messages on Twitter, for instance).

So with my shiny HTC P3050 (Touch or Vogue, depending on who you ask), I can stay connected to the crazy data feed that is the social network². And for non-instant communication, Tiny Twitter for Windows Mobile keeps me jacked in to the data stream by feeding me my regular dose of Twitter.

The P3050 also has a camera that tops the one my Blackberry 8130 had (2.0 megapixels vs 1.3 megapixels), and it can upload to Flickr³ too.

In addition to being a damned fine web browser (seriously, it eats Flash and AJAX apps for snacks), Skyfire keeps me “informed” of the lives of people so far removed from my social interactions that I barely remember who they are, let alone that they just spawned a child. Despite supporting other streams (including Twitter and YouTube), Facebook is the only one I use with it. I find the Twitter integration somewhat lacking⁴.

Post from: Chris @ Olstrom (.com)

Staying Connected

1. OctroTalk works for multi-protocol IM, but I would prefer something free, if only to recommend to others. If you know a good one, post in the comments!
2. Fuck web 2.0. A significant number of people I hear throwing this buzzword around can’t even describe what  they mean — are we talking about social media? Collaborative development? User-created content? Multimedia?
3. I use Yahoo! Go to upload pictures from my phone to Flickr
4. Tiny Twitter isn’t perfect either, but I have yet to find something like TweetDeck for Windows Mobile (or Android). If you know of something better, share it in the comments!

© SiliconViper for Chris Olstrom (.com), 2009. | Permalink | 6 comments | Add to del.icio.us
Post tags: camera, communication, flickr, htc, instant-messaging, mobile, photography, social media, twitter

CSV is a data exchange format that most software can export to, since it is a simple list of values separated by commas (hence the name). Spreadsheet programs like OpenOffice Calc, Microsoft Excel, Google Docs Spreadsheet and others commonly have an ‘Export to CSV’ option, often found under the File menu.

There are scripts that convert CSV to SQL, but most modern database systems support reading CSV data such as:

• PostgreSQL
• MySQL
• Oracle
• Microsoft SQL Server
• Sybase Adaptive Server Enterprise (which uses the same Transact-SQL dialect as MS-SQL).

As they all use different syntax to import CSV data, examples are provided.

Laying Out the Data

This reference relies on a few assumptions. Firstly, it assumes you have obtained your data in CSV format. Secondly, good sense assumes you would not be doing this if you had a better way. Important metadata is lost by using CSV as an intermediate format. Details like Foreign Keys, column constraints, and so on.

For the purposes of this guide, we will be using the following dataset.

"id","firstName","lastName"
12345,"Ingrid","Insert"
23456,"Eric","Example"
12543,"Dave","Dataset"

All examples that follow use this CSV set.

Creating the Table

A simple example of a table we are importing the CSV file to.

CREATE TABLE employees (
id INT NOT NULL PRIMARY KEY,
firstName VARCHAR(32) NOT NULL,
lastName VARCHAR(48) NOT NULL
);

Importing the Data

This process isn’t terribly complicated, but it does vary according to the database system you are importing to.

MySQL

LOAD DATA INFILE '/path/to/employees.csv' INTO TABLE employees
FIELDS TERMINATED BY ',' ENCLOSED BY '"'
LINES TERMINATED BY '\n';

Microsoft SQL Server and Sybase ASE

BULK INSERT employees FROM ‘c:\path\to\employees.csv’ WITH (
FIELDTERMINATOR = ‘,’,
ROWTERMINATOR = ‘\n’
);
GO

PostgreSQL

COPY employees FROM '/path/to/employees.csv' DELIMITERS ',' CSV;

Oracle

Offhand I don’t know a way to import a CSV file into Oracle using only SQL or PL/SQL, but there’s a great article on Dev Shed that covers how to do it with the Oracle 10G XE administration interface. Here is a convenient link to the good part, since if you’re reading this, you have likely already exported the CSV data, and want to know how to import that CSV to SQL.

Alternatively, you could convert your CSV file to SQL INSERT statements, and then execute those INSERTS. A simple CSV to SQL Conversion Tool can do this effectively.

If anyone knows how to import CSV files into Oracle without using the admin GUI or an external tool, please share!

References

• http://dev.mysql.com/doc/refman/5.1/en/load-data.html
• http://www.ensode.net/postgresql_csv_import.html
• http://blog.sqlauthority.com/2008/02/06/sql-server-import-csv-file-into-sql-server-using-bulk-insert-load-comma-delimited-file-into-sql-server/

Post from: Chris @ Olstrom (.com)

Importing CSV Files to SQL Databases

© SiliconViper for Chris Olstrom (.com), 2009. | Permalink | No comment | Add to del.icio.us
Post tags: bulk insert, convert, csv, export, import, insert, ms-sql, mysql, oracle, postgres, sql

Sometimes you need to replace text in more than one file.  Often a quick ‘find and replace’ with your favourite text editor (CTRL+\ in nano, for instance) can do this, and when multiple files is a small number, this is a practical method. When dealing with text replacement for large sets of files, a quick script could save you a considerable amount of time. A few examples of when you might do this are:

• Changing footer links in a template.
• Updating copyright information on a static HTML site.
• Replacing contact information in many files.

One solution is very simple shell script. It requires sed (a classic text replacement utility), which is available on any Linux or Unix system. We can feed it a very simple regular expression, dump the output to a temporary file, and overwrite the original with it.

Batch text replacement for multiple files with a shell script:

TMPFILE=./tmp.$$

for filename in *.txt; do
  sed 's/text_to_replace/something_to_replace_it_with/g' $filename > $TMPFILE
  mv $TMPFILE $filename # Comment this line out to not overwrite the original file.
fi

As mentioned above, this is just one way to carry out this task. Phil Dufault suggests two alternative methods (non-recursive and recursive)

Replacing one string with another in multiple files using sed:

sed -i 's,text,replacement,g' *.txt

Recursively substituting text in many files with find and sed:

find . -type f -iname '*.txt' -exec sed -i 's,this,that,g' {} +

Post from: Chris @ Olstrom (.com)

Replacing Text in Multiple Files with sed and Regular Expressions

© SiliconViper for Chris Olstrom (.com), 2009. | Permalink | No comment | Add to del.icio.us
Post tags: batch operation, find, for loop, linux, mv, nano, regular expression, script, sed, text replacement

I just received an automated email that I imagine many others have:

The Microsoft adCenter adCenter “>AnalyticsBeta team is announcing the end of the adCenter Analytics beta program. The program has been closed, but Analytics will remain available to you through December 31, 2009. Please note that all hosted services, data collection, and technical support will end at that time. If you would like to save your historical data, please use the export feature to download your reports before December 31, 2009.

The Analytics team wants to sincerely thank you for your participation and your contributions to the program. Our objectives at the outset were to serve the needs of small and midsize business customers, as well as evolve the Microsoft strategy to encompass web analytics.

The beta program was a success in every respect. The insights you’ve contributed through your use of the tool and your feedback have helped us immeasurably in shaping Microsoft’s future in web analytics. Your feedback has helped us confidently determine that we can serve advertisers and publishers best by offering a tailored solution that meets more specialized needs.

You can rely on our continuing e-mail support through December 31, 2009. We recommend that you use the coming months to evaluate your web analytics needs and begin searching for an alternative web analytics solution. Click here for a list of companies that offer comparable analytics solutions.

For additional information, visit the adCenter Analytics blog and its award winning content. The blog will be renamed “Insights and Analysis” and will remain focused on advertiser ROI and optimization.

Again, thank you for your participation. We appreciate your contribution.

Sincerely,

The Microsoft adCenter Analytics Team

This marks one less competing solution to Google Analytics. Though I preferred Google’s offering to that of Microsoft, competition tends to foster innovation (in cases where the competitors wouldn’t realistically opt to collaborate, of course).

Score one more point for the Big G.

Post from: Chris @ Olstrom (.com)

Microsoft abandons competition with Google Analytics.

© SiliconViper for Chris Olstrom (.com), 2009. | Permalink | No comment | Add to del.icio.us
Post tags: adcenter analytics, analytics, gatineau, google, google analytics, microsoft

The Problem

Apparently Microsoft SQL Server 2005 doesn’t offer a data type that stores date only, which is all sorts of inconvenient. I am certain this was not merely an oversight, and that it was actually the result of carefully planning and design. I wish I knew what the reasoning was, though.

From MSDN:

datetime (Transact-SQL)

Defines a date that is combined with a time of day with fractional seconds that is based on a 24-hour clock.

The Solution
If I want to store only a date in the database… a date without time (despite using the datetime object)…

This particular table stores the current date for any item inserted into it, so in the CREATE TABLE block, so I include:

CREATE TABLE table_name (
created_on datetime NOT NULL DEFAULT CONVERT(datetime, CONVERT(varchar, GETDATE(), 112), 112)
);

And to make sure that data manually specifying a date gets inserted cleanly too, a trigger is helpful.

CREATE TRIGGER trig_name ON table_name
FOR INSERT AS
UPDATE table_name SET created_on = CONVERT(datetime, CONVERT(varchar, created_on, 112), 112);


How It Works

From MSDN:

CONVERT (Transact-SQL)

Converts an expression of one data type to another.

Syntax

CONVERT ( data_type [ ( length ) ] , expression [ , style ] )

So we CONVERT the datetime object into a varchar object instead, and then back again. Using the style argument “112″ to use “ISO Standard with Century”, or (yyyymmdd), which does not include time (hh:mi:ss:mmm), the time data gets lost, and defaults to 0. The format isn’t important, so long as it’s the same for both CONVERT statements (otherwise we would be saying something like “Give me the date as YYYY-MM-DD” and then “read YYYY-MM-DD as MM-DD-YYYY”, which can have some unpleasant results).

Disadvantages

Since this method still uses a datetime object, it uses 8 bytes instead of the 3 that would be used by a date object. Unless resource limits are tight, this is not a deal breaker, but it’s still inefficient.

The two CONVERT statements may impose more overhead (okay, they WILL). I haven’t measured how significant, but unless the database is INSERT-heavy, I can’t imagine it being significant.

Also, casting like this feels dirty.

References

1. datetime (Transact-SQL)
2. CAST and CONVERT (Transact-SQL)
3. Data Types (Transact-SQL)

Note:This is not an issue in Microsoft SQL Server 2008, as it supports a proper date object.

Post from: Chris @ Olstrom (.com)

Storing date without time in SQL Server 2005

© SiliconViper for Chris Olstrom (.com), 2009. | Permalink | No comment | Add to del.icio.us
Post tags: datetime, ms-sql, sql, sql server, transact-sql

There has been some controversy lately over at Newzbin. Seems the MPAA is extending their witch hunt into Usenet. Through the debacle, community members have drawn parallels between torrents and NZBs, which is inaccurate.

There is a fundamental difference between torrents and NZBs. Torrents need the tracker to connect the swarm, to know who has which pieces and who needs which (though decentralized models exist).

With NZBs, they point to files located elsewhere. Those files are available independent of Newzbin. You don’t NEED an NZB to get a binary. You can grab the headers from your news host, and then grab the files that way. All an NZB does is save you the legwork by telling you that hey, these are the article IDs you want. Like somebody saying “hey, this is the ISBN of the book you’re looking for”. You can find the book without it, having the ISBN just makes it a bit easier.

Search engines should never be held accountable for the content they index. The distributors of that content should. If a search engine can direct you to objectionable content, great. If you want it taken down, now you have a way of finding that it’s there.

Without Newzbin (or another indexing service), it’ll be a lot more work to remove copyright-violating content from Usenet. I’d think that it would be better to use it as the tool it is, find the content you want removed, and send removal requests to the major news hosts. If I recall, Usenet servers support article cancellation (though under what conditions I don’t know), typically for spam removal.

Newzbin is not in the same boat as a torrent tracker (though both have legitimate purposes). It is much closer to a traditional search engine, but instead of indexing the web (HTTP), it indexes usenet (NNTP). Different protocol, same function.

You can’t fairly disallow search, because some people are using it for illicit purposes. Should we shut down a web search because people are searching for information on illegal things (manufacturing of drugs, explosives, whatever)? Should image searches be banned because people could search for unlawful images?

Disallowing these sorts of things is a dangerous blow to freedom. In any system, the innocent majority should not suffer for the actions of a guilty minority.

</rant>

Post from: Chris @ Olstrom (.com)

Usenet Indexing and Search Engine Accountability

© SiliconViper for Chris Olstrom (.com), 2008. | Permalink | No comment | Add to del.icio.us
Post tags: freedom, usenet

Justin Tadlock and others (including Dave Coveney) are buzzing about the recent decision by Automattic to pull 200+ from the Theme Library.

The problem here is that a lot of themes are allegedly being released under a GPL-compatible license (so they say) with terms that are actually incompatible with the GPL. It’s simple. You can include a footer link or other self-promotional element but you can’t prevent a user from removing it. Section 2 of the GPL (v2) explicitly permits unhindered changes, so long as you do not deny that same right to anyone you distribute your modified version to.

Many of the themes removed were attempting to impose exactly this restriction, which is violating the license of the themes in question. This raises at least two questions:

• In the case of original works, why would the author opt to license their works under the GNU General Public License if they did not intend to honour the terms of that license?
• In the case of derivative works (basing one theme on another theme, or reusing portions of the code in another theme), do theme authors not read the licenses for the code they are modifying? They are bound by the terms of those licenses to allow changes to their derivative works.

It isn’t like Section 2 is ambiguous about derivative works:

2. You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 [...]

The referenced part of Section 1 in that excerpt is:

1. You may copy and distribute verbatim copies of the Program’s source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program.

Simple terms, right? You can change or build on the code (or parts of it) and distribute those changes, as long as anyone you distribute it has the same rights you had. Creative Commons licenses refer to this as a “share-alike” provision. I’ve heard it called Viral Licensing before, which is the most appropriate descriptor.

This ability to adapt and remix code is where open source code draws much strength from. It permits rapid change, unsolicited contribution, and forking of abandoned works (or works where one or more contributors decided “I can do X better”).

If you do not appreciate the freedom GPL grants to users of your software, release it under a different license.

I applaud Matt and the crew at Automattic for their courage in enforcing this. I am certain they anticipated much of the unreasonable backlash they would receive, and chose to press on. If forced to choose between what is easy and what is right, the question should not allow more than a moment’s thought. And even then, only to question why we hesitated.

Post from: Chris @ Olstrom (.com)

Enforcing GPL Compliance

© SiliconViper for Chris Olstrom (.com), 2008. | Permalink | No comment | Add to del.icio.us
Post tags: derivative works, freedom, gpl, licensing, themes, wordpress

There are those who hold the view that being self-taught is a disadvantage. As an individual of this sort, my views will be inherently biased. Please forgive me for this, and look past it. If you disagree (or agree) with my rationale, add a comment. I will respond to all comments.

The situation is such that there are advantages to both sides. It is my view that self-taught people are more specialized in their chosen areas of practice, at the cost of versatility.

Consider the range of exercises most Computer Science students undertake. Many of these are tasks that illustrate a particular concept, and will likely never be (directly) applied to any future work.

Many self-educated folks will not opt to study areas outside those that interest them (and why would they?). At the same time, they are not wasting the time they save by not learning otherwise dull concepts. Replacing these with things that capture our attention, and hold it is a far more productive use time.

There are those who hold the view that those trained through traditional channels (universities, formal training programs, etc) are being ’shaped into drones by the system ‘. While I think this is a bit extreme, I agree somewhat, though I think the defining factor is motive, rather than environment. It just happens that most of those outside of traditional training models (the self-taught) share a common motive: Passion. We thirst for knowledge, and it is this that drives us to expand our understanding of a subject. A person who enrolls in a training program, or structured study of a field may share this interest, though it can safely be assumed that not all who take a course do it for the knowledge alone. Many undertake such training to secure positions in a related field.

I believe that one who learns something strictly for the sake of employability is setting themselves up to become a drone. The mindset required to know that ‘I spent four years studying to get this job’ sets the person up for direction. The goal was to get the job, and to fill a specific role.

The self-taught is more often driven by passion for their art. Where a classically trained developer may complete a project to the specification, the passionate developer is more likely to infuse their work with that extra spark that makes it truly exceptional.

Those trained in a traditional sense are often more versatile than the passionate programmer, and stronger in a wider range of tasks, the self-taught developer is often unparalleled in his ability in a select few areas.

The question I would pose is this: If you required critical brain surgery, who would you rather have done it? The surgeon who is very good at a range of operations? Or a neurosurgeon who excels at his chosen field, but only at his chosen field?

Written in response to:

• Who Needs a Computer Science Degree When There’s Wikipedia?
• University versus self-taught

Post from: Chris @ Olstrom (.com)

On the Benefits of Self-Taught Skills

© SiliconViper for Chris Olstrom (.com), 2008. | Permalink | 8 comments | Add to del.icio.us
Post tags:

So I’ve thought about doing this for a long time. I’ve written a game, which I call SimpleGame. It’s basically one game, written in as many languages as I can write it in. I’ve used it primarily to improve my skills with different languages, or learning new ones entirely. It’s always been my intent to share that code, as well.

Considering everything that’s happened with Libertas Infinitum (or the lack of happenings, depending on how you approach it), I wanted to do something to help others with similar visions. I’ll continue with Libertas Infinitum, and while that develops I’d love to see more independent developers start building their dreams.

If anything, now is the best time for new developers to get involved. As the internet has evolved, the potential for collaboration has blossomed into something amazing, and the resources available for small teams are mature and stable: Web-accessible revision control, free distribution channels, and open source development tools and frameworks all serve to lower the barrier to entry, or even drop it entirely.

Silent Arcade is a site dedicated to empowering those developers through knowledge. Check it out.

Post from: Chris @ Olstrom (.com)

Silent Arcade is Live!

© SiliconViper for Chris Olstrom (.com), 2008. | Permalink | No comment | Add to del.icio.us
Post tags:

As noted by Lauren Weinstein, Rogers is modifying HTTP data sent to their users as illustrated here:

Note: This is not speculation. Rogers’ Vice President of Communications, Taanta Gupta has confirmed that they are employing this technology (via Wired).

What this means is that they are embedding extra content in web pages served to their clients, without explicit permission. This is not something clients can opt into. As a privacy-aware citizen, I find this a blatant abuse of any Internet Service Provider’s power, for a number of reasons.

Security

When I connect to a site, my browser requests a page from the server hosting that site. I expect that the page I receive is the one that the server sent to me. What Rogers is doing breaks this implicit trust. As a user, I can no longer have faith that the pages I view are authentic, as the risk of corruption somewhere between the server that generated the page and me is now part of the security equation.

Such action (when initiated by an individual) is malicious activity, and controversial at best. When a telecommunications carrier is responsible, it is also illegal (in Canada).

Part II, Section 36 of the Telecommunications Act states:

[Content of messages]

36. Except where the Commission approves otherwise, a Canadian carrier shall not control the content or influence the meaning or purpose of telecommunications carried by it for the public.

Privacy

The example above illustrates this ability being used to send targeted messages to clients about their accounts. We learn two important details from this: That Rogers is in fact actively monitoring data that passes through their network (to not inject arbitrary code into incompatible content types) and that they are linking these data sessions to individual client accounts. It is hardly a distant thought for them to track the sites a client visits, and constructing a profile about that user from that data. Again, this occurs without explicit consent from their users.

Potential Impact

Right now, Rogers is using this technology to send ‘useful’ (but intrusive) messages to clients. In the future, it would not be unexpected for Rogers to add ‘relevant data’ to pages, or deliver contextual advertising (and they would likely make a killing from it). It is possible that this ability could be used to push software to the PCs of their users. Though local security policies would likely prevent this, it would be simple enough to install a browser add-on from the Internet Setup software that bypassed the usual security measures by considering such content ‘trusted’. In the case of users who opt not to use the setup software, such an add-on could be installed by exploiting any one of the vulnerabilities in their given browser (most commonly Internet Explorer). A user would not even have to go to a specific site, as the needed data could be embedded in any page.

In a more sinister scenario, it is also possible that Rogers could alter the owner attribute on existing on-page advertisements, effectively stealing that ad revenue from the page owners. Since this would occur after generating the page, but prior to it being served to the client’s browser, there would be no way for the site owner to notice this (since it is common for users to have ad-blocking software installed locally, many site owners expect a certain segment of viewers to not receive the advertisements), and no way for the client to notice it either, unless they had a list of advertiser IDs for all sites they visit regularly, and audited those values on each visit.

Extending this a bit further, it is not difficult to envision these capabilities used to change other content on-page. Altering unfavourable commentary about themselves, censoring content, adding content to pages and generally discrediting web’s validity.

Some of these examples seem unlikely, others not so much. Only time will tell, but if we do not voice our concerns, if we do not defend our rights to privacy, anonymity, and security, a bleak future is all the more probable.

Post from: Chris @ Olstrom (.com)

Rogers Violates Consumer Trust

© SiliconViper for Chris Olstrom (.com), 2007. | Permalink | 2 comments | Add to del.icio.us
Post tags: Privacy, rogers, security, threat, trust

For awhile, clicking the link on the Libertas Infinitum page labeled ‘forum’ was an exercise in futility, taking you nowhere (well, to an error page… but that’s hardly somewhere most people want to go). That’s been fixed now, and the Firebrand Entertainment Forum is online.

Post from: Chris @ Olstrom (.com)

Forum for Firebrand Entertainment

© SiliconViper for Chris Olstrom (.com), 2007. | Permalink | No comment | Add to del.icio.us
Post tags: collaboration, firebrand entertainment, libertas infinitum

I’ll fix it later…

We’ve all done it, and its bad enough when you’re maintaining your own code… but if you are working with other developers (or if someone may one day be working with your code), the ‘dirty hack now, fix it later’ way of coding is simply not acceptable.

Source is for human beings to read. Disregarding this truth is the first step on a dark path. Taking the time to do it right the first time pays off fast.

A lot of it isn’t even hard to do. Naming your variables clearly consumes mere seconds, and pays off by reducing the amount of documentation you need to write. For example, naming an object “scd1″ and not OverviewMenu creates the need for documentation that you can avoid. If you append an item to scd1, someone looking at your code may need to figure out what scd1 actually does to understand that, while appending an item to OverviewMenu probably means you’re adding an item to the menu. The code documents itself.

Indenting your code properly is trivial to carry out (and all but the most primitive editors make it very easy to do without thinking about it), and it simplifies understanding program flow.

Doing it the ‘easy’ way now and intending to fix it later is almost always a recipe for trouble, and more often than not it creates more work for you very quickly. Now you have ugly code that needs fixing, and replacing it can take longer than it would have to write it well in the first place. Besides, why write something just to throw it out? Your time is worth more than that.

If you are writing web code, don’t create JavaScript functions or complex code inside event handlers, or apply inline styles your HTML. JavaScript has functions, and the style tag exists for a reason. There are reasons for these things, part of which is making it easy to manage your code.

If it’s worth doing at all, it is worth doing right. Please, don’t create more work than you need to for yourself, and other developers.

Post from: Chris @ Olstrom (.com)

On Writing Quality Code.

© SiliconViper for Chris Olstrom (.com), 2007. | Permalink | No comment | Add to del.icio.us
Post tags: development, programming, quality, rant, teamwork

As it happens, another game exists with under the name of ‘Emperia’, and it’s been around since August of 2002. You can find its site here, and some technical details here, courtesy of MUD Magic.

Given that both projects are games, we recognized a potential for confusion and began discussing a new name. Some titles that didn’t make the cut were…

• Manifest Destiny
• Conquest of Fate
• Seven Sorrows
• Empires Return
• Return
• Bloodlines
• Land of War
• Revenge of the Sho’dai
• Free Play
• Freedom
• Liberty
• Redemption
• Sovereign
• Libertas
• Logos
• Terrenus

By a unanimous vote, we decided on the name Libertas Infinitum. This name derives from three comments:

• Name submission of ‘Libertas‘ by Jacob Hardin.
• Concept submission of ‘Free Play‘ from myself, Chris Olstrom.
• Suggestion from Matt Maclellan to work ‘Eternal‘ into the title.

Links redirect by 301, all content available at http://www.firebrand-entertainment.com/libertas-infinitum/.

Post from: Chris @ Olstrom (.com)

Emperia Changes Name to Libertas Infinitum

© SiliconViper for Chris Olstrom (.com), 2007. | Permalink | No comment | Add to del.icio.us
Post tags: collaboration, emperia, firebrand entertainment, game, libertas infinitum

The topic of copy protection, and how much is too much arose on Marc Hughes’ blog today.

Where is the line drawn, then? He asks about software phoning home, and the sorts of data that are proper to report, specifically inquiring about license keys, version reporting, and installation identifiers. Responding to each…

License Keys

A license key would be perfectly acceptable by my standards. It isn’t personally identifiable information that the content owner doesn’t already have. Any information a license key can offer was likely provided to get said key, right?

Software Version

A software version is non-intrusive as well, with most updating systems reporting this information to make sure patches get distributed to those who need them, unless the updater just queries the current version number, and compares it locally against your installed version. (On a side note, I would be interested to know how prevalent these methods are.)

Unique Installation Identifiers

A unique installation ID, though… since that information serves to target a specific user (or installation), and isn’t directly provided to the content author, and serves minimal benefit (if any) to the end-user… it just feels like data mining.

How to respond when there are more active installs than issued keys?

Regarding a threshold for disabling license keys, that really depends on how the disabling occurs. If it’s automatic, then it is probably too aggressive to disable the keys for limited apparent piracy. Especially if your software targets a corporate audience. Anything that slams the brakes on productivity is a good reason to start looking for another product.

Track the number of active installs for a given key, yes. Flag the key, absolutely. Disable it… manually?

Even better, pull the contact info for the offending keys, and send a friendly notification to them, offering the purchase of extra keys at a volume discount right based on the number of excess installations. This turns piracy into a potential sale.

Most of this post (aside from adding an introduction and headings, and a few syntax and presentation corrections) was originally featured as a comment on “What’s the right amount of copy protection?” at Marc’s Musings.

Post from: Chris @ Olstrom (.com)

Copy Protection and Use Reporting

© SiliconViper for Chris Olstrom (.com), 2007. | Permalink | No comment | Add to del.icio.us
Post tags: copy protection, copyright, data mining, licensing, piracy, Privacy