The other day, I had the honor of sitting down and rambling endlessly with Michael Kimsal in this podcast.  It was a lot of fun, despite the overly loud announcement system in the background (“…table 3, your order is ready” type of thing).   Michael is one of those insanely smart kind of guys that has a really balanced view of technology and a lot of fun to talk to.   Michael publishes (among other things) jsmag, a must read for javascript developers.  Check it out!   Also, if you use coupon HITNEY on the site, you can get a free issue!  (Thanks Michael!)

I’m on a FAIL kick lately, and this one deserves a post.  I used to be a huge fan WinRAR, a file compression tool that was easy to use and supported a wide array of options like file spanning and encryption.

I’m all for integrated ads – that is, ads that leverage the same font/color scheme of the site.  Now, both of these ads in the page below are for the same product, RegistryBooster 2009.  The ad in the top right is obviously an ad, but it’s pretty close to crossing the line.  What do I mean by crossing the line, and how integrated is too integrated?  Crossing the line is when there’s a strong likelihood users will accidentally or inadvertently click on a link, not realizing it’s an ad. 

The second arrow (the ad in the middle) crosses that line.  While it’s true that it’s marked as “advertisement,” it’s done in a clever enough way that attempts to trick the user to click on the link (let’s face it: we usually skim pages).  This is because the placement of the wording would make users feel that clicking “download now” is actually downloaded the intended WinRAR application.  Further, the green “run system scan” link implies I’ve clicked this link before, and consciously or unconsciously, we feel safer in clicking previously visited links.

So what do you think?  I’m not claiming this is the worst I’ve seen, but it’s enough that makes me question the integrity of both RARLabs and Uniblue (makers of RegistryBooster). 

Any takers as to what is going on here?   Little things like this can be so frustrating and yet funny at the same time. 

So quick background:  cancel wife’s old cell phone, decide to get a new pay-as-you go plan because she never/rarely uses it.  Most carriers have a plan that for $100, you can add a bunch of minutes that expire after a year, so, it works out to be about $8/mo.   I already have an AT&T account, so decide to go through them. 

I go through checkout, yadda yadda:

Um, where’s North Carolina?  It has my zip code already and prepopulated the city.   For that matter, where is New York??   Now, remember, I already have service here, there’s plenty of coverage, stores all around, etc., so I know there is service here.  Clear everything (including cache), start over, same issue.

Next I load the site in Firefox:

Ah!  There we are.  And New York is back, too!  As best as I can tell, I followed the same procedure for selecting the plan.  Maybe a rendering issue?  Let’s look at the source…

First up, what is with all the white space in the document?  This is in both browsers (I highlighted part of the document to show the blank spaces):

Next is the state selection in IE8.  Why the gap(s)?  And why is Minnesota selected??  (NOTE: I’m not suggesting the gaps pose a problem other than wasting bandwidth … but it does seem to indicate some kind of processing change … server side code would tend to be more predictable):

And now in Firefox:

Weird, huh?   Because of the white space and layout, it seems something is going on during server side rendering. 

UPDATE:  Seems like it’s fixed.  I tried several times in IE8, clearing the cache, with the same result.  Then, I tried Firefox with the IE8 User Agent, and it worked – but then when I went _back_ to IE8 it seems to be working.   So for now, I guess it will remain a mystery.  I’ll venture a guess that it had nothing to do with the user agent and rather something else, such as hitting a different server or server farm altogether, despite having cleared the cache as I went back and forth. 

Maybe it’s because I just returned from Vegas.  Maybe it’s because I used to live in Idaho.  Maybe it’s because I’m not part of the 20% who can’t locate the US on a world map, but geez, how do graphics like this get on air?   

I've noticed a disturbing trend lately and not quite sure if it's just me, or happening more in the industry.  Or, maybe it's because my credit card, for the 2nd time in less than 2 years, was compromised by someone (Visa won't tell me who -- and with today's BI, it's pretty easy to figure out I would image). 

So, I'm seeing a number of sites on the internet not using SSL when capturing PII.  Clearly, this is crucial for credit card transactions, but it's also important for PII.  Of course, SSL only encrypts the traffic between you and the domain, and ensures the domain is who it says it is -- what the host does with your data is out of your hands.  It's a little like going into the kitchen at a restaurant. :)

The other day I was lamenting with a colleague about my lame internet connection while we were playing around with the cool sharing features in Office Communicator.  (Bottom line was my connection chokes on camera and desktop sharing.)  The best I can do on my internet connection is, sadly, 512k upload:



The chart is fairly amusing on various levels but seeing that I'm out of luck in going beyond 512k, I decide to contact customer support to see if there's anything I can do.  Heck, even 768k upload would open a lot of opportunities.

But when I go to ask a question on the support page, I see this page:



No SSL?   No credit card information but surely enough PII to make me feel SSL should be required here.  Now, this scenario is a bit different since I'm a customer, so I did a traceroute to see where my data was going:



So, fortunately, as long as I'm sending the data from my house, it seems my data is reasonably secure as it's staying within Time Warner's domain and frankly, that's the best you can get from SSL. 

I didn't submit the data, but it made me realize how many sites I've run into that don't use SSL, or access points that are insecure.  I recently permanently borrowed Glen's HTC Touch Pro, and it has built in wifi.  I left it on and as I drove around, I was completely stunned at home many times the phone would ding that a new wireless network was available -- and most were insecure. 

So is this my imagination, or is security really this bad?