Web Site

Posts filed under Web Site

Unexpected Downtime

Filed in Web DevelopmentTags: Geekery, Web Site

Sorry for the absence the past few days. I hit a few snags upgrading to the latest version (2.3) of WordPress.

Everything should be working now; let me know if you run into anything amiss.

Blog Updates: Comments and OpenID

Filed in Web DevelopmentTags: Geekery, Web Site

I would like to phase out my use of Haloscan for comment and trackback management. To that end, I have enabled commenting from within the blog, and have enabled trackback verification and CAPTCHA comment verification.

For those of you who leave comments, the comment verification is just a simple math equation, the answer to which must be entered in order to verify that you are human. It is one additional step, but unfortunately necessary in order to prevent comment spam. I have also enabled comment moderation, meaning that the first time you post a comment, it will have to be approved before is appears. Once you have had a comment approved, future comments will not require approval.

Also, for this and all future posts, I am requesting that all comments be made using the comment form for each post, rather than using the Haloscan link.

If you don't know what a trackback is or how to use one, you won't need to worry about trackback verification. For those of you who do use trackbacks, the verification will simply require that you link from a valid web site with a reciprocal link to the post to which you are sending the trackback.

Finally, I have implemented this plugin, to allow comments via OpenID identity authentication. I will follow up with a later post, detailing what OpenID is, and why you should use it (and not just for my blog).

OpenID will likely become my preferred identity authentication method, so I encourage anyone who comments to look into it.

WordPress 2.2.1 Upgrade

Filed in Web DevelopmentTags: Geekery, Web Site, WordPress

Pardon any dust you may encounter. WordPress 2.2.1 was released, and I am in the midst of upgrading.

UPDATE: The upgrade is complete. Let me know if you notice anything amiss.

Sitemeter: Scandalous Site Statistics Systems

Filed in Web DevelopmentTags: Internet, Web Site

When I made my first web page, well over ten years ago, site statistics-gathering was limited to a very basic pageload counter (want to see "You are number 100 to visit this page"? Load the page and refresh 99 times; see also: how a college nerd spends his free time).

Now, however, site statistics-gathering has become much more sophisticated and elaborate. I have used SiteMeter for years to track my site's statistics, and I am able to know, for example, what search-engine search strings lead people to my web site, the entry and exit pages, duration of a visit, and what link a visitor clicks to leave my web site.

Unfortunately, it has come to my attention that SiteMeter is now pushing spyware browser cookies (specifically, the specificclick.net and variant tracking cookies) on unsuspecting visitors to members' web sites.

Therefore, I will be in the process of phasing out sitemeter, and in its place I am experimenting with both StatCounter and Google Analytics.

Bloggers are furious, and by all accounts are leaving sitemeter in droves. For the sitemeter-specificclick.net saga, see Eric Odom's coverage here, here, here, and here. See also Debbie's Blatherings, Progressive Gold, Phantom Scribbler, NetWizard (with follow-up), Small But Disorganized, and Geek News Central.

Thus far, SiteMeter's response has been one of damage control and implicit confession of the change, under the guise of a "feature" being passed on to SiteMeter member websites. To date, no response has been forthcoming on the company's official blog, but several email responses and blog comments have surfaced. The following is representative:

To be clear, SiteMeter fully vets out all potential 3rd parties that we work with to make sure that they are reputable companies that are completely above board and are industry leaders. In keeping with this, we did extensive due diligence on Specific Media and found them to be a trustworthy and reputable company. In fact, Specific Media is a board member of the Network Advertising Initiative (NAI) (one of 10 companies) which is tasked with the protection of consumer privacy on the Internet and related legislative issues. We found that Specific Media’s technology completely protects consumer privacy and also allows users to permanently opt out of the cookie if they so choose to do so via the NAI website, which was a big factor in us choosing Specific Media. In addition, many of the Internet’s biggest web publishers utilize Specific Media’s technology including Foxnews, CBS, NBC and Time.com. These companies utilize this technology in the same way that we are using it, to provide useful information about the users who visit their websites so that they can create relevant content on their websites. The only difference is that SiteMeter, which is primarily a free service, has licensed the technology and are passing it onto our customers.

The specificclick.net cookie is being inaccurately characterized as Spyware, as it is only a cookie and does NOT install any software. The specificclick.net cookie is NOT spyware. The specificclick.net cookie performs no such activities that can be construed as spyware. We cannot control the fact that anti-spyware software companies incorrectly mark cookies as spyware. However, the specificclick.net cookie IS a cookie that enables SiteMeter to accurately provide true unique user counts, user demographics, content interests, heat mapping and other useful information about your website’s visitors, see a full list here.

SiteMeter is a community driven company and we would never do anything that would compromise the integrity of our customers or their users’ privacy. All of our customers can opt out by requesting that we move them to a separate server that does not include the specificclick.net cookie or you can simply begin using the HTML version of our code which does not include the specificclick.net cookie. We have also posted a survey on our homepage where customers can vote if they think this type of information is useful. As previously stated, we are a community driven company, the SiteMeter community is what drives our innovation and development. We feel that this information will help our customers attract more users to their site and keep them engaged in relevant content offerings. If our customers vote on the site that they do not think that certain information is useful, then we will not provide that information.

We hope that clearly defines our use of the specificclick.net cookie and that SiteMeter has in no way sold out to Spyware, nor would we engage in any such activities. We are strictly committed to providing the best service to possible to our customers. We hope that this will help earn your trust and that we may be able to have you as a customer again.

Thus, sitemeter's response/defense is two-fold: 1) we're not doing anything wrong, because a third-party tracking cookie isn't "spyware" and doesn't compromise privacy, and 2) it's okay to use a tracking cookie because big-name websites use them and because we are providing a service/feature to our members. The former point uses semantics to avoid the issue, and the latter point is almost Orwellian in its spin.

First, on sitemeter's assertion that the specificclick.net cookie is not spyware:

The specificclick.net cookie is being inaccurately characterized as Spyware, as it is only a cookie and does NOT install any software. The specificclick.net cookie is NOT spyware. The specificclick.net cookie performs no such activities that can be construed as spyware.

This argument is purely semantic. According to strict definition, "spyware" refers to installed applications on one's computer, while a "cookie" is a snippet of HTML code contained in a web page served to a browser. Regardless, when the cookie in question is a third-party tracking cookie, the purpose of both spyware and the cookie is indistinguishable - to collect information about the user in question, to report that information, and to do so without disclosing its activity.

While third-party tracking cookies may not meet the strict definition of spyware, nevertheless, their purpose is considered to be an invasion of privacy equal to that of spyware. In the Web 2.0 website-as-application world of today, the argument that a tracking cookie doesn't meet the strict definition of "spyware" becomes ever weaker as the line between website and installed application becomes blurred almost to the point of imperceptibility.

On the company's assertion that their use of the specificclick.net cookie doesn't compromise security, sitemeter is on shaky ground at best with this claim. True, their use of the cookie conforms with their own privacy policy in that the cookie doesn't collect any personally identifiable information, as defined by that policy:

Site Meter may from time to time also authorize and facilitate the use of cookies from trusted third party business partners to gather and aggregate additional, anonymous, and non-Personal Information data from general internet visitors for the purpose of providing our customers with additional information about their viewing audience.

I challenge this assertion on at least two counts: 1) the nature of the information gathered by the specificclick cookie can be considered personal information, and 2) sitemeter cannot guarantee or ensure that such information cannot be correlated with truly personally identifiable information; therefore, this information cannot be guaranteed to be anonymous.

Sitemeter details what information is collected by this cookie when the company touts what information will be available to members due to use of the cookie. This information includes (but is not necessarily limited to) demographic information and information about visitors' interests. (Note that Specific Media advertises that it provides - or will soon provide - such information as age/gender/income/education demographic information, behavioral information, and country/state/DMA/city/ZIP geographic information. Many - if not most - people would consider such information to be personal, even if, without correlating information, it is not explicitly "personally identifiable."

First-party cookies can gather quite a bit of information; however, this information is limited to what is gathered/used on the site in question. It cannot be correlated with a visitor's other information gathered/used on a different web site. Therefore, the user in question has a reasonable expectation that he will remain as anonymous on any given web site as the information explicitly given to that site.

However, with third-party cookies, the same user has no such expectation of anonymity. Since multiple web sites can use the same cookie, the information gathered by that cookie on one web site can be correlated with the information gathered by that cookie on a different web site. This information can all be maintained in a database, resulting in a complete loss of anonymity across all sites. Consider the "big name" web sites using the specificclick cookie, indicated in sitemeter's response above:

In addition, many of the Internet’s biggest web publishers utilize Specific Media’s technology including Foxnews, CBS, NBC and Time.com.

Note that most/all of these web sites utilize some form of registration process that gathers a great deal of demographic and personally identifying information (including name, address, phone number, etc.), and realize that every site that you visit that uses this cookie now potentially has access to this information.

Therefore, sitemeter implicitly violates its own privacy policy, since it cannot ensure that it does not gather or use information about web site visitors that is not anonymous and non-personal.

On sitemeter's latter contention that the use of the specificclick cookie is an added "feature" for members:

These companies utilize this technology in the same way that we are using it, to provide useful information about the users who visit their websites so that they can create relevant content on their websites. The only difference is that SiteMeter, which is primarily a free service, has licensed the technology and are passing it onto our customers.

Instituting the use of a third-party tracking cookie on my web site and without my knowledge or consent, thereby making me an unwitting accomplice in the invasion of the privacy of visitors to my web site, is not something I consider a "feature" or an "added benefit" to my use of the sitemeter service. If this addition were such a beneficial added feature, why were sitemeter members not made aware of the specific nature of this "feature" prior to its implementation? Why is any reference to Specific Media in particular, or third-party tracking cookies in general, conspicuously absent from the sitemeter blog, privacy policy, and general correspondence with the company's users?

I do not buy sitemeter's justification for the use of third-party tracking cookies, and I cannot in good conscience partner with a company with either such a lack of understanding of the issues of internet security and privacy, or else such a lack of respect for the privacy rights of visitors to my web site and also such disregard for the trust relationship between those visitors and me.

The change will mean a loss of two years' worth of statistical information on the web site, but it will also mean that I will no longer be an unwitting pawn in the invastion of my site visitors' privacy.

Thanks, Richard from GoStats, for your clarifying email. P.S. - to the GoStats people who are comment-spamming every other sitemeter-related blog post in the 'sphere: please refrain from doing so here. This post is not an open invitation for you to advertise, especially when doing so under the surreptitious guise of a non-affiliated blogger/commenter. Thanks.

Upgrading to 2.1.3

Filed in Web DevelopmentTags: Web Site, WordPress

I'm upgrading to WordPress 2.1.3 this evening. If anything looks strange, bear with me.

Blogrolling.com Down

Filed in MiscellaneousTags: Internet, Web Site

It appears that Blogrolling.com is down, which means that several third-party blogroll scripts are failing to load. The following blogroll scripts have been temporarily disabled:

  • One Year Bible
  • Alliance of Free Blogs
  • Blogs 4 Bush
  • Condi Blogs
  • Christian Bloggers

I apologize for the inconvenience.

Update: Blogrolling appears to be working again, so the blog rolls have been re-enabled.

WordPress 2.1 Upgrade

Filed in Web DevelopmentTags: Geekery, Web Site, WordPress

I apologize if you've noticed any site down-time or other oddities. WordPress 2.1 has been released, and the upgrade has been less smooth than normal.

First off, after happily downloading the new version, I started reading the WordPress support forums to see if any common installation problems were cropping up. Good thing I did, too, because the minimum PHP/SQL requirements were increased for this release (and this critical information was - shall we say - not exactly made obvious in the version announcement and upgrade information).

I checked my server, only to discover that I was running older versions of both PHP and MySQL. Fortunately, I have an awesome, responsive host, because all it took was a request to upgrade PHP/MySQL, and they took care of it in less than 24 hours.

Unfortunately, upon upgrading, some of you may have noticed that the blog disappeared completely. As it turns out, my WordPress install with all of the plugins I'm using had gotten a bit bloated with PHP memory use. I had to disable several plugins temporarily to get back under the max PHP memory allocation. (Again, a support request to the host to increase the max memory allocation was responded to promptly, and the request should be taken care of sometime today.)

Having taken care of those issues, I went ahead with the upgrade last night. I probably should have done a bit more research, as the upgrade involved quite a few fundamental changes to the back end, including template tags and other gotchas. So, I've spent most of last night and this morning making several underlying changes to my blog template (the details of with which I will not bore you). Things should be working properly now, but if you notice anything broken or amiss, let me know.

Update: I'm glad to see that someone found some usefulness in this post!

Feedburner Test Post

Filed in Web DevelopmentTags: Geekery, Web Site

Just testing Feedburner feed integration...

Testing Zoomr

Filed in Web DevelopmentTags: Cats, Internet, Pets, Photos, Web Site
Princess 004Princess 004 Hosted on Zooomr

And, yes, this is a shameless attempt to get a free Zoomr Pro account (Hat Tip: Obvious Ideas)

Social Bookmarking Integration

Filed in Web DevelopmentTags: Geekery, Web Site

You may have noticed the row of (perhaps odd-looking) images at the end of each post. Thanks to the Social Bookmarks plugin, you now have the option of using one or several of the social bookmarking services with my blog posts. If you are so inclined, feel free to use them; if not, feel free to ignore them!