Category Archives: Web Stuff

Podcasting at Dragon*Con 2011

My Dragon*Con this year was far more packed than normal, so I’m splitting my normal recap post into several, divided by topic. First up is podcasting! We did our usual live episode of WhatTheCast, which was raucous and fun. We had Patrick Jarrett calling in as our roving sports reporter from Philadelphia, where he was covering the Magic: The Gathering Pro Tour as part of his job as Editor in Chief of Gathering Magic. We got to meet Lizzie Lynch, who learned about Dragon*Con from WhatTheCast years ago and was attending the con for the first time.

Oh, yeah, and we won one of these:

That’s a Parsec Award for Best Speculative Fiction Fan or News Podcast. It’s a juried award, and I was thrilled that we won it.

That would have been plenty to make this Dragon*Con special, but Sunday night topped it all in terms of sheer surreal wonderfulness. Colin Ferguson, who plays Sheriff Carter on the sadly-cancelled Eureka, agreed to be part of Disasterpiece Theatre, my other podcast.

So of course we had to cast him in the Eureka movie as directed by Michael Bay.

Colin Ferguson with Alex White, Brooke Fox and Stephen Granade

He was an excellent guest, funny as hell, and was quite willing to invent terrible things for his fellow Eureka cast members to do in the movie, like having Felicia Day play a villain with an over-the-top German accent.

I will note that the above is not the first picture we took with him. When we asked him if he’d be willing to take a cast photo with us, he said, “Sure! We should do it in the bathtub. We can all pretend to be passed out.”

Colin Ferguson with the cast of Disasterpiece Theatre

I believe this will now be the picture I use for my professional science gigs.

How to Make a Password Encryption Card in One Easy Step

A while back, when talking about password managers, I mentioned that I didn’t store any of my financial passwords in a password manager. Instead, I have a card that assigns three random characters per letter or number. For each bank, I use the first five letters of the bank’s name and then use the card to encrypt those letters. As an example, for “Acme Bank” I’d use “acmeb” and translate that into a fifteen-character-long password using my card.

The website that generated the card for me isn’t around any more, so I re-created the code for anyone who’d like to use a similar scheme.

GENERATE PASSWORD CARD with symbols or without symbols

When you click one of the above links, you’ll get a new webpage with three copies of your randomly-generated password card. Print out that page and cut it into three pieces. Laminate one and stick it in your wallet. Put one of the others in a safe place. The third is for back-up or if you have two people who need to have access to the password card.

Why Companies Care About Twitter

In the comments to yesterday’s post, Jim mentioned how interesting it was that Twitter had finally gotten companies to pay attention to what customers were saying about them. I got to wondering why that was. Why didn’t this happen with blogs, or Facebook? Both of those use the same one-to-many broadcast model as Twitter. Facebook and Twitter share the concept of friends, as do blogging platforms like the venerable LiveJournal.

The key difference is that Twitter messages spread easily, and it’s simple to watch over all of Twitter for any mention of a company. Blogs stand alone with only links or individuals’ comments tying them together. Blog owners added blogrolls and similar list of favorite sites to encourage cross-pollination, but lists of sites with little context don’t drive many visitors to those sites. Posts on low-trafficked blogs got little attention, and were passed around mainly if a high-traffic blog linked to it.

Facebook aggregated people together into groups of friends and explicitly encouraged posting short, pithy status updates. This in turn made people much more likely to vent, but that venting didn’t travel far beyond the person’s friends. If you’re motivated, you can create a Facebook page to express how much a company sucks, but those pages are more like blog posts, and you’re back to hoping that enough friends spread the link to the page. And there are barriers to searching Facebook’s content. You have to have an account, start a search, and then explicitly set it to be searching status updates.

Twitter has similar group aggregation to Facebook and, by virtue of its 140-character limit, greatly encourages its users to share short messages about anything and everything in their life. Even more importantly, people using Twitter quickly latched on to the practice of retweeting — rebroadcasting someone’s message. Retweeting has become such a standard practice that Twitter clients and the Twitter webpage allow you to retweet someone’s message with one click. One person’s rant about Comcast can now be passed around Twitter widely and quickly, spreading from group to group. The barrier to re-broadcasting is far lower than with Facebook and especially with blogs.

Twitter has made additional design decisions that further drive these network effects. Twitter now lists trending topics — topics that a lot of people are talking about. Twitter also lets you search all tweets for mentions of you, your company, or any topic you care about. Companies can monitor what people are saying about them easily, and feel compelled to do so because complaints about them can spread like a brushfire.

That’s the one-two punch that distinguishes Twitter from other publishing services. If Twitter hadn’t made it so easy to re-broadcast people’s messages, or if content on Twitter was as hard to search for as it is on Facebook, then I don’t think companies would care that much about Twitter.

eHarmony Pays Attention

Over the holidays, eHarmony released apps for iOS and Android that give you access to their site. They chose an unfortunate tagline, though.

eHarmony mobile helps you find someone wonderful "in the palm of your hand"

Since I am a twelve-year-old boy at heart, I had to make a joke about the tagline on Twitter.

[blackbirdpie url=”″]

To my surprise, eHarmony responded!

[blackbirdpie url=”″]

[blackbirdpie url=”″]

[blackbirdpie url=”″]

I’m impressed that eHarmony was paying attention, responded, and is changing their tagline. Now only one question remains: what should I use my new-found Twitter power to do?

Yahoo Closes, the social bookmark service that we’ve used for our Shrapnel links, is getting the bullet to the head courtesy of Yahoo. If you still need a cross-browser bookmarking service, take a look at Xmarks. There’s also Diigo, which not only stores bookmarks but also lets you store the whole web page and annotate it. Both will let you import your bookmarks.

Update: Several friends also pointed me to Pinboard, which bills itself as “socal bookmarking for introverts”.

Start Using a Password Manager

On Sunday, it came to light that Gawker had experienced a long-term break-in that leaked the username and passwords for commenters on Gawker and its related sites like Kotaku, Gizmodo, and Lifehacker. Now we know that a lot of people use “123456” and “password” as their password.

Why should you care? You may not care about a Gawker account, but if you use the same username and password for that as for, say, your Amazon account, you could be in for a world of trouble. That’s why you should use a password manager.

Ideally you should use a different password on every site. Each of those passwords should contain 12 or more randomly-generated characters and include uppercase characters, lowercase characters, numbers, and special symbols. Now: try remembering all of those. Fun, huh?

That’s where a password manager comes in. You pick one strong password to encrypt all of your other passwords and let the manager generate random passwords and remember them for you. Ideally the password manager integrates with your browser so it can automatically fill in your username and passwords once you’ve opened your encrypted password database.

If you want a solid free option, try the unfortunately-named KeePass. It saves your password to a local database that you can put on a thumbdrive, and it has a Firefox plugin that automatically fills in login forms for you. If you’d prefer something more user-friendly, try LastPass. It’s web-based, which is a little worry-making, but given how they’ve set things up that I’m comfortable using them for web passwords to services other than my email or bank sites. Pick a password manager, install it, and select a primary password for your manager. It needs to be a strong one, one that’s hard to remember, so consider writing it down and putting it in your wallet. As security expert Bruce Schneier has long been pointing out, we know how to secure bits of paper.

Ironically enough, Lifehacker has a good beginning and intermediate guide to using LastPass. They’ve also got a tutorial on using KeePass, if that’s what you’ve chosen instead.

Once you’ve installed your password manager, you should upgrade your “123456” passwords to something much stronger. LastPass and KeePass will both generate random passwords for you to use. It’s time-consuming and annoying, but it’s worth it. Use a password with a length of 14 to 16 — hey, the password manager is remembering it for you, so you might as well use something long and hard to crack — and use every symbol possible.

Update: The LastPass blog has a tutorial on replacing old, sad passwords with shiny new ones.

Going Google

I inevitably complicate any computer setup I’m involved in. I’ve mentioned how I made ripping CDs an easy six-step process. It’s like I’m made of entropy and duct tape, frantically trying to keep everything together even as I’m making it fall apart.

So it’s been with our email. I’ve owned for nearly a decade, beginning when I was in graduate school at Duke. Initially our kind-hearted department admin and the Duke University Linux User’s Group helped host my email. When I moved to Huntsville, I began hosting email myself.

That sound you hear is 2002-era me cracking open a 55-gallon drum full of worms. See, at Duke I had Internet via DSL and a stable IP address. After the move I had a cable modem and an IP that moved around, so I registered for a dynamic DNS address and got two of my friends to relay mail to me via that DNS address.

Then we had Eli and Liza. Suddenly, my free time to fiddle with a cantankerous Linux server evaporated. The box would die and we’d be without email for a day or two. I wanted web access to my email instead of having to SSH into the box and run mutt, and one thing led to another until I was forwarding all of mine and Misty’s email directly to a gmail account and backing the gmail up on the Linux box.

I just learned that mail forwarding wasn’t working for my brother’s family, so I’ve finally bitten the bullet and signed up for a Google Apps account. On the plus side, now my server doesn’t touch my mail at all, and I can rest comfortably in the warm, soft, big-brothery arms of Google.

On the minus side I have two email accounts, one of which is using POP3 to grab email from the other, and two sets of Google Docs, and two sets of Google Calendar, and…

Man, it’s a good thing I’ve simplified my life.

Future News Articles About Twitter

From the “You Know It’ll Happen in the Future” department:

(AP) Popular Twitter service may have cost a young woman her life

Authorities are now reporting that Allie Sutherland was potentially lured to her death through messages posted on Twitter, the popular online messaging service.

Allie received a “tweet,” or message, from someone known only as “goslo11” shortly before she left her apartment. Two days later, her body was found in a ravine several miles away. Police have not released details of how the 22-year-old was killed.

Sutherland was a history major at Oberlin College. Friends stated that she had been spending more and more time “tweeting” with strangers recently.

(Reuters) “Twexting” teens on the rise

With states such as Vermont still prosecuting “sexting” – sending nude pictures via text message – under strict child pornography laws, more teens are now using the Twitter online service to broadcast their nude photos.

Twitter allows users to sign up with fake email addresses and names, and it includes a service to make photos available freely online. The combination is proving irresistible to teens seeking a way to share shocking photos anonymously.

Nearly 10 percent of teens admit to “twexting,” according to a survey by the Pew Internet & American Life Project.

Using Regular Expressions to Match Twitter Users and Hashtags

If you want to find Twitter usernames and hashtags in tweets and do something with them, like turn them into links when you’re displaying them on your website, the most compact way of doing so is through regular expressions. However, most of the articles I looked through on the web mess up the regexp.

Usernames start with a “@”, while hashtags start with a “#”. Since usernames and hashtags will only have letters, numbers, or underscores in them, most all of the examples on the web use a regexp like so:


There’s only one problem: if you have an email address in a tweet, it’ll match on that. Run that regular expression on “Email me at” and you’ll match on “mailinator” as a username when it’s not. What you really need to do is make sure that there’s nothing in front of the “@” or “#” but whitespace or the beginning of the string.

For completeness, here’s example code to add links to both usernames and hashtags in a bunch of different languages.



function linkify_tweet($tweet) {
    $tweet = preg_replace('/(^|\s)@(\w+)/',
    return preg_replace('/(^|\s)#(\w+)/',


import re

def linkify_tweet(tweet):
    tweet = re.sub(r'(\A|\s)@(\w+)', r'\1@\2', tweet)
    return re.sub(r'(\A|\s)#(\w+)', r'\1#\2', tweet)


$s =~ s{(\A|\s)@(\w+)}{$1@$2};
$s =~ s{(\A|\s)#(\w+)}{$1#$2};

(Javascript approach taken from Simon Whatley)