Well, not really: I clicked a link expecting Facebook (I have an account for work, not private use!), but the unexpected destination offered me free SMS text messages. Sp*m, but not an overt attempt at identity theft.

It does reinforce how easy it is to be fooled: a half-credible message (that someone had commented on 'my' profile picture) induced me to click through without adequately checking – the sender's reply address wasn't even properly masked as Facebook. And, without boasting, I'm fairly experienced, having used email since 1993 and the web since Mosaic later that decade, professionally since 2000.

Be careful out there.

Neven Mrgan reports a few other instances, whereby people plainly do a Google search for 'facebook login' (not merely 'facebook', which would work) and follow whatever appears in the top results, even when that's a third-party news blog article about Facebook's login system. The landing page looks nothing whatsoever like Facebook, yet there's a thread of ~80 angry comments from people complaining that they can't use it to login (then ~1,300 more comments mocking them). It even reached the point that the site owner considered it necessary to insert an extra paragraph into the article, explicitly stating that 'This site is not Facebook'.

That instance has become fairly famous over the past couple of days, but some of Mrgan's other examples are even worse: Flickr comment threads which reveal that people have been confused enough to try to log into thumbnails of Facebook screenshots.

Via BoingBoing I've discovered a Firefox add-on which automates that superfluous click and eliminates the delay: SkipScreen.

Grab it while you can, as ad-displaying sites are trying to have it banned, citing spurious excuses.

Those are surprisingly large numbers – I hadn't realised that some of my favourite webcomics are so popular, nor that I'd ever visited such sites as Xinhuanet.com.

It also reminds me which popular Twitter profiles I've visited and which specific news articles I've accessed at the Guardian, The Register and BoingBoing.

I haven't visited any p*rn, banking or dating sites, apparently, but I knew that already, not least because this is my employer's PC and network connection.

Wait; how could a remote website even access my browser history?
It's elegantly simple: the testing pages include non-visible links to the websites of interest, then log whether my browser responds by 'rendering' them as visited links.

And any website could do the same. This demonstration investigates usage of general-interest sites, simply to illustrate the technique, but others could target specific, more personally-sensitive sites.

Solutions? Well, four that wouldn't work are disabling Flash, Java, JavaScript or cookies, as the browser sniffing can operate using CSS alone. To repeat: disabling JavaScript DOES NOT work.
Those which do work are:

• Disabling one's browser history.
• Disabling CSS styling of visited links. This is only straightforward in Firefox.
• Installing a browser extension. HistoryBlock looks suitable.

And another thing: never perform a Google search for your own name....

It's still not enough for last night's Proms performance of Beethoven's Ninth, though.

My own results overwhelmingly confirm Google's supremacy, though Yahoo! performed well. Bing, however, didn't win even once in ~20 tests. Admittedly, blind testing omits thumbnails, usability tweaks and ancillary elements of each original interface, but this doesn't look good for Microsoft. Even 33% success wouldn't be enough to break into the market, and 50% wouldn't be enough to dislodge Google: a new search engine would need to be distinctly better than the market-leader, not merely 'as good', which is the very best review I've seen for Bing.

As Microsoft already knows: for years they've relied on user inertia to prop up Internet Explorer. It took a markedly superior product, such as Firefox, to tempt people into switching from the browser pre-installed with Windows. Similarly, people are unlikely to abandon the familiar Google interface other than for a marketedly better alternative.

For example, Bing has this overall site as the no.1 result for its name, and this blog as no.6. Flattering as that may be, I'd be the first to say it's more appropriate to rank genuine government ministries, and generic pages about them, higher.

[Kordahi openly states that he's a Microsoft employee, but claims to be acting as a private individual in this context.]

This attitude is why I disliked MS products for so many years. Just provide what I request, and nothing more, please: I'll deal with the 'key task' myself, thanks.

Not that I'd consider using a search engine which republishes entire Wikipedia entries as 'reference' material, anyway.

Incidentally, is Mr. Buggia an example of nominative determinism?

Specifically, MS installed a '.NET Framework Assistant' add-on; I'm not entirely sure what it does and, frankly, don't remotely care. It's uninvited, so it's not staying, on principle. The problem was that it was installed on an 'all users' basis whereas Firefox's Add-ons manager operates on a 'per user' basis, which means the 'Uninstall' button was greyed-out.

The Register reports that the offending MS utility has been updated, and can be uninstalled, though for some reason the newer version isn't being pushed out via Windows Update so those wanting to remove the unwanted software will need to visit an obscure page on MS's website.

Once per computer:

• Follow the instructions there, checking your copy of Windows has the prerequisite other updates, then downloading and installing the update.
• Reboot.

• Open Firefox. '.NET Framework Assistant v.1.1' will be installed, but you'll need to restart Firefox for it to take effect.
• Open 'Add-ons', find '.NET Framework Assistant', and hit 'Uninstall'.
• Never use Windows Update again.

The Register reports that content providers will be able to post metadata claiming that their ad-supported sites don't feature 'invasive' ads, prompting Adblock to pass on a request for repeat visitors to whitelist ads from those sites.
As a matter of principle, my response would, without exception or hesitation, be negative, so pop-up whitelist requests would merely be annoyances.

Thankfully, as El Reg fails to mention, it'll be possible for users to permanently disable that functionality and continue to ban any and every advert.

Then the amendment was reverted, restoring the false name and citing documentary evidence that it's true: Der Spiegel.

My immediate response was to wish the glorified discussion board would just acknowledge that it's totally unreliable and close outright, but that's a little – but only a little – extreme. Wikipedia is a fair starting point for research, but no more than that: a guide to search terms one could use when searching for more reliable information elsewhere (anywhere). It's certainly not a quotable information source itself.

I discovered this as an aside in a report of a similar issue. Yesterday in Parliament, the Conservative Party leader 'corrected' the Prime Minister's claim that Titian died at the age of 90 by saying he actually reached 86. Shortly afterwards, a user located in Conservative Central Office, seemingly mistaking Wikipedia as a meaningful publication, amended Titian's death date to support his/her leader's unfounded claim (Titian's true lifespan isn't known, but 90 is considered* more likely). So that's tweaking a web page in order to 'confirm' a preferred opinion, in order to use that web page as supporting evidence of the original claim. I despair.

*: By 'considered' I mean by qualified experts, not the meaningless consensus of amateurs, whose opinions don't remotely matter.

Instead, I discovered that many of the game's menu items were disabled:

I'm the potential customer: I get to set the preconditions, not the person seeking income from me/my actions. I will not pay for online content, and I will not view adverts on the web. If a developer can't find a monetisation model that accommodates those non-negotiable limitations, that's not my problem.

Simply provide an e-mail address here in return for a download link. Needless to say, I used a temporary GuerrillaMail address, which expires within an hour, nullifying the spam risk.

I don't have a laptop, nor a wireless connection, and I'm pretty good at separating online time from 'real life', but the cartoon is certainly thought-provoking.

There is a logical flaw in adopting these recovery measures afterwards, which I won't highlight publicly. However, don't misunderstand (as I nearly did, initially): in this context, configuring the recovery process is about preventing its use as an attack vector.

So what happens if your webmail is compromised and the standard recovery procedure fails? I can't speak for Yahoo! or Hotmail, but GMail has a secondary system which identifies a genuine user by long-term account usage rather than questions an attacker could influence.
Again, it requires a little preparation. The form asks about other Google products associated with the webmail account, including their first usage dates. Collecting such specific information would be more challenging if one loses access (it's not easy with access!), so do it now.

Even more importantly, perhaps, one might wish to seriously consider the consequences before using webmail for anything really important or confidential.

Iron has been thoroughly de-Googled: no unique user-ID is set, no user-specific information is returned to Google (including crash reports) and the updater is disabled to prevent subsequent official downloads reinserting trackers.

The download page is in German, but I'm assured the browser itself operates in English if one's PC is set up in that language.

In 'about:config', find the line 'browser.download.manager.showAlertOnComplete' and set it to 'false'. Simple as that.

When I get a moment, I'll try to do the same with Thunderbird: for some reason I find the similar 'mail arrived' flag disproportionately irritating. I'll discover whether I have new mail when I specifically choose to look for it, thanks; I don't want any immediate notification whatsoever.

I was a little concerned at first: was this a new spidering technique to reach deeper into my archives (a good thing) or an investigation of a (spurious!) complaint, preparatory to a blacklisting (a bad thing)? However, I've realised what it is: Chrome. A feature of Google's new browser is an ability to capture individual sites' search boxes, so a user can now directly search the Ministry from his/her browser's address bar.

I have no particular opinion on that, but I'm glad to have worked out what may be happening.

Maybe developers will create/port plugins replicating the functionality of Firefox extensions for Chrome, but what about ad blocking?
One of the key reasons I use Firefox is to view the web without any adverts – any adverts at all, and that very much includes Google AdWords/AdSense. What are the chances of that being possible in Google's own browser?

The multi-threaded approach* and improved javascript handling seem to be good solutions... to problems I haven't encountered. I know Firefox has (had) a reputation as a memory hog but I genuinely haven't noticed a problem even once, and I very rarely experience browser crashes; even when I do, I regard them as utterly trivial, barely even an annoyance. Hence, I don't find such performance refinements particularly compelling.

I'm less neutral about the GUI: my initial impression is negative.
The argument is made that since the tab is the primary operating unit in the way people use a browser, the array of tabs should go across the very top of the window, above the menu and address bar, in effect giving each tab its own menu/address bar. My view is that the standard layout is more usable, for precisely the same reason: the tab bar is the next-most-important element after the body a web page, so I want a tab bar directly adjacent to the browser pane, without a menu/address bar interposed. We'll have to see, but I think a change would be a design error, which only makes theoretical sense when over-intellectualised or when seeking change for change's sake.
It seems it'll be possible to omit the menu/address bar altogether in some cases (such as when accessing Gmail), but that's not really what I want either.

As I've mentioned, I don't like autocomplete functionality, particularly on shared computers, so the new GUI's focus on integrating past web activities into the address bar and a dynamically-generated default/home page would be something I'd want to disable completely, immediately. I think that'd be possible via a 'privacy mode', in which browsing activity isn't saved for future customisation or display. That might address my concern, if it can be set as the default rather than a 'per-tab, per-instance' setting.

The 'sandbox' model of security, whereby any malware process would be confined to a single infected tab (apart from those using third-party plugins), looks promising, but I don't know anything like enough about the topic to really comment.

A theme running through the comic strip is that most features and the overall architecture are open source and/or available as web apps to other developers, including developers of other web browsers. The implication is that Google want to redesign the web itself, and web browsers as a class of software, rather than merely produce another browser: to define a new baseline rather than just add their own product to the existing market. A baseline and developers' mindset which favours Google, of course, but that's only to be expected; they're not a charity.

So. I'm interested, but my main hope is that Mozilla are more interested, and this kick-starts a partial revision of Firefox – I'm no Firefox fanboy, but I'm still more likely to follow that route than switch to Chrome.

*: I know; threads aren't processes, so 'threaded' is technically the wrong term, but it's more readable in this context, okay?

It is possible to completely disable auto-complete via the 'about:config' interface* but identification of the relevant parameters isn't immediately obvious. There are two, browser.urlbar.matchBehavior and browser.urlbar.maxRichResults, both of which need to be set to '-1'.

Incidentally, if you want to keep auto-complete but dislike the number of suggestions offered (12 by default), browser.urlbar.maxRichResults is also the parameter which defines that feature.

*: Type 'about config' into the address bar (aka Smart Location Bar, aka Awes... oh, you get the idea) and accept the warning, then find the correct settings. Double click on each name to open the preference-editing box.

The response to that episode was that a revised Apple Software Updater moved Safari into a distinct text box, cursorily clarifying that it was new software rather than an update, but it still shouldn't have been pushed via the Software Updater at all and preselecting it for download was unacceptable. At least there was an option to deselect it and instruct the Updater to never display it again.

Yet that was too narrow a definition. True, the Updater remembered my wish to never again be informed about Safari 3.1.1, but it popped up again today to tell me about Safari 3.1.2, with the download 'helpfully' preselected.

I don't want to download Safari. I don't want to download any version of Safari. I will not want to download any future version of Safari. Clear?
Given a company ethos purporting to focus on a "it just works" user interface design, the opt-out should behave as a user might reasonably expect i.e. a permanent, unequivocal opt-out rather than merely declining one specific sub-version of the package.

These cheap tricks will not wear me down and tempt me to 'give it a try' – they're merely going to harden my distaste for anything from Apple, and decrease the likelihood of my sticking with iTunes and Quicktime. I happen to think those packages are adequate, and would be happy to keep using them – so long as Apple shuts up and leaves me alone.

I'm not complaining about having to install Fx3, just not yet. Four key extensions are still incompatible, as is my favoured theme, so I've lost functionality in a GUI I don't particularly like – hardly an 'upgrade', and I won't be inflicting it on my home machine for now.

There was also the issue of finding time for customisation, so I'll make a quick note of what I did, for my own future reference as much as for others' possible interest.

Initially, I repeated the same tasks as when I upgraded from Fx1.5:

• Checked the 'Options' submenu. My selections had been carried over from Fx2.
• Checked 'about:config' to verify the customisation I'd applied according to Lifehacker's instructions had been carried across:
  • Decrease the minimum tab width, to minimise scrolling. Fifty pixels (half the default) is enough for me.
  • Restore the Fx1.5 style of tab closing: one 'close' button at the right of the entire tab bar rather than one button per tab.
  • Prevent prefetching of unselected pages.
  • Remove the 'Go' button from the address bar.
  They had.
• Similarly checked the built-in search facility:
  • Removed engines I don't use, via the dropdown menu.
  • Reconfigured the ones I kept, by manually editing the .xml files in /Program Files/Mozilla Firefox/searchplugins/.
    Specifically, I renamed 'Amazon.co.uk' and 'eBay.co.uk' to 'Amazon' & 'eBay' (I'm in the UK, so I know they're .co.uk sites)
  These amendments hadn't been carried across, so I had to reset them.

• Hide the search box magnifying glass and location bar 'Go' button.
• Hide the 'Edit' (but not 'Help') menu, as I already know the standard Windows keyboard shortcuts.
• Hide the 'Open all in tabs' item in bookmark folders.
• Remove the 'throbber' (the 'page loading' indicator - there's one in each tab, so the one at the top right is irrelevant).

Next, I double-checked my extensions.

• I removed two I don't really need – including two of the incompatible ones.
• I checked the remaining two via their developers' websites.
  • As last time, a compatible update of one (the indispensible 'Clone Window') was available, just not via the official Mozilla interface.
  • The other wasn't, but I found an alternative offering much the same functionality.

• Adblock. Not 'Adblock Plus', the less compromising 'Adblock'.
• Clone Window.
• Menu Editor – refines context menus, so, for example, I can't accidentally 'Send Image...' when trying to 'Save Image As...'.
• Undo Closed Tabs.

Maybe for specialists and the self-proclaimed 'blogerati', but back in the real world: rubbish. Even in Lifehacker's own poll, the current results show that 74% of respondents still make extensive use of browser bookmarks.

I have a pool of less than ten links I visit frequently so have bookmarked both at work and at home. Beyond those, I wouldn't want one unified set of bookmarks. I may need to visit other universities' websites for work, but I have no interest in doing so in my own time. Conversely, I wouldn't want my private browsing activities to appear on my work PC, not because they're illicit (though I wouldn't like to argue the 'NSFW' status of one or two) but simply because they're private.

So:

• If you don't already have IE7, install SP3 first.
• If you have IE7 and doubts about whether to keep it, uninstall it (with the obvious consequences for customised features), install SP3 then reinstall IE7.
• If you've already installed SP3 after IE7, it is possible to uninstall both then reinstall SP3, but that could be onerous.

Whenever anyone uses the Apple Software Update utility, or whenever iTunes does it automatically, Safari will appear on the list of available updates. The 'Install' box is ticked by default. How helpful.

If I want a new browser, I'll deliberately seek out and download a new browser.
If I want to update existing software, I expect the company's 'update' facility to check for available updates to software I already have installed. And nothing else. At all.

This isn't merely a 'Firefox vs. Safari' issue, and it's perhaps unfortunate that Lilly happens to be the chief executive of Mozilla. The core issue is security: users need to be able to trust software manufacturers to provide essential patches against vulnerabilities and perhaps improve functionality of existing software. This trust should never be abused as a marketing tool – at best it'll annoy users, but at worst it could cause them to regard Apple Software Update as malware and disable updates altogether.

In this instance, the better alternative is to select the 'Ignore Selected Updates' from the Update utility's 'Tools' menu.

[Update 18/04/08: Apple has belatedly reworded the Updater's interface, clarifying that it's offering Safari as new software rather than as an update. Some have suggested that Apple deserve credit for responding to massive criticism, but I disagree: I'm offering no praise for their correcting an error that shouldn't have happened in the first place. This amendment is only partial, anyway: the 'Install' checkbox is still pre-selected by default. Unacceptable.]

[Update 05/05/08: El Reg reports that Apple's trick worked (under a very loose definition of 'worked'), tripling Safari 3.1's 'market share' (I think that's installations, not necessarily usage), relative to that of Safari 3.0, to a 'massive' 0.21% (Firefox: 18%).]

[Update 15/07/08: Be aware that the 'Ignore Selected Updates' option is pedantically limited: one can ignore, say, Safari 3.1.1, but Safari 3.1.2, etc. won't be blocked; indeed, they'll be preselected for the unwary to accidentally install.]

It couldn't have been easier: a setting under Tools -> Options -> Privacy -> Cookies allowed one to 'Allow sites to accept cookies' and 'for the originating site only'. However, it seems a number of cookie providers were exploiting a workaround to bypass the block, ignoring the user's wishes. Rather than encourage user complacency about a functionality which couldn't be relied upon, Mozilla removed third-party cookie blocking from the Firefox 2.0 user interface.

However, the functionality remains, for those fulfilling two conditions:

• A willingness to edit settings via about:config, a powerful interface presumably designed to deter those who don't know what they're doing!
• An understanding that it'll still allow some third-party cookies through.

• In about:config * , search for the network.cookie.cookieBehavior line. Right-click on this option and select 'Modify' from the pop-up menu.
• The setting accepts three values:
  • 0: accept all cookies
  • 1: only accept cookies from the same server
  • 2: disable all cookies.
• Choose '1'
• Click 'OK'.

Despite it's unreliable performance, the third-party cookie block is popular with users, so the Mozilla development community have been re-examining it recently, and it seems a tightened block will be available in Firefox 3.

Thanks to T'other Neil for bringing this to my attention.

*: I'm deliberately not saying how to open 'about:config' – if you don't know that, you probably shouldn't be playing with the settings anyway....

Quite simply, add 'www.webwise.net' to your browser's Blocked Cookies list. If I discover any aliases, I'll let you know; I'd appreciate it if others could reciprocate.

That's naïve rubbish, of course: it does nothing to prevent the more insidious data collection at the ISP's end of one's net connection, but again it eliminates any ambiguity about alleged tacit approval.

[Update 06/04/08: Re-reading that, I suspect it's a bit misleading.

Blocking the tracking cookie prevents a unique identifier being passed back to Phorm, so prevents targetted adverts being served, but it is not an opt-out, and is considered a tacit opt-in to other forms of tracking. As mentioned, Phorm still has access to data collected from ISPs' servers, and user agents (that use port 80, anyway) other than one's browser are still tracked. For example, if one uses the Apple Software Update utility (which connects to the internet independently of a browser), that's theoretically still trackable. That's even more of a risk with MS Office, as it uses the IE user agent.

To properly opt-out, one needs a specific 'opt-out' cookie from Phorm; obtaining that may also count as an opt-out from the server-side tracking, but I wouldn't rely on that.

An alternative for Firefox users would be to install the 'Dephormation' plugin, which generates a Phorm opt-out cookie with every page load and randomises the unique identifier, so even if Phorm ignore the opt-out, they get nonsense data.

Again, truly opting out by these means relies on the instruction being honoured by a company with a history in the spyware industry. You may wish to take the more reliable step of changing your ISP, from one working with Phorm to one which doesn't. If a sufficient number of people make this decision, perhaps the ISPs will get the message too.]

Since when has Facebook been a verb?

More to the point of professional interest, how long has it been a preferred means of internal communication?

The browser will still be available for download on an unsupported basis, and I doubt user-run support forums are about to close, but the official advice is for netizens (ahem) to migrate to Firefox.

It's a little sad for historical reasons, and I hadn't realised the decline in user base had been so drastic, but the reason I hadn't realised may be that I haven't actually used the browser since, ooh, 1998-ish.

[Belatedly via BoingBoing.]

I was doing pretty poorly (around 50) until I ran through the depricated stuff – B, FONT, U, S, etc., so if you try it yourself, don't forget them!

Of those I didn't get, I was pleased to see I didn't recognise them anyway (though I'll research them now) apart from two foolish omissions: ADDRESS and, as the title says, BUTTON. Damn.

It also allows one to delete persistent data (analogous to cookies, but not cookies) set by Flash embedded in certain sites, if one wishes. Let's not get excited: I'm not suggesting this data is set maliciously, and Macromedia claim they don't have access to it, but it is a record of sites one has visited, which mightn't be desirable in certain circumstances.

I'm sure Neil will correct me if I'm mistaken, but I'm not aware of this facility being available within browsers' native settings – I haven't tested it, but I don't think Firefox's 'Remove All Cookies' touches Flash's proprietory 'cookies'-equivalent. Counter-intuitively, it seems that one needs to visit the Macromedia website to configure a local installation of the Flash Player plugin.

That sentence was doing so well until the final clause: Mozilla's intention is to integrate the look & feel with the OS 'house styles', not to replicate specific browsers.

Still, why would I wish Fx to look like a native WinXP application? I hope the announcement merely refers to the default theme (which probably would be useful for easing the transition for new Fx adopters), and that custom themes can still completely overwrite the default interface.

Incidentally, I use and recommend Orbit Grey Custom. Which, also incidentally, I was startled to subsequently discover is remarkably similar to the iPod Classic's on-screen iconography.

Page Saver is a streamlined way of taking screenshots, saving either an entire web page or just the visible portion directly to .jpg or .png, bypassing the laborious process of 'Print Screen', pasting into a graphics package and manually saving.

I don't particularly like the default settings (saves to .png by default, saves .jpg at 50% compression, and makes a cheesy 'camera shutter' sound at the moment of capture), but the configuration interface is straightforward.
It also adds a toolbar icon, but I removed that, preferring to access it only via the right-click context menu. Considering the likelihood that I'd want to use it on sites which have disabled the right-click, I might regret that....

The one disadvantage is that it doesn't capture the output of plugins, such as Flash, but I understand that's integral to Firefox rather than being a deficiency of the extension itself.

*: Because:

• Firefox ain't broken.
• No AdBlock? No way.
• Safari uses a Mac-type GUI.

If anyone found that a little daunting, you might be interested to know that most, if not all of the customisation can now be completed via the more user-friendly interface of a Firefox plugin, 'Configuration Mania'.

Unless there's a problem, it's as simple as using Windows' integral 'Add or Remove Programs' function, but the linked page (from Microsoft itself – this isn't a third-party hack) offers an alternative technique (IE7's own hidden uninstaller) as backup.

Why do it, especially as I only use IE for 'Windows Update'? Quite simply, I intensely dislike the user interface (the 'Refresh' button is in the wrong place) and it seems to mess around with my Windows Explorer and general internet settings. Nothing major; I just don't like it.

[Via Lifehacker.]

Which strengthens my resolve to use Firefox and AdBlock, removing all adverts from my browsing experience.

Perhaps more importantly, this entry could help to counteract the subliminal effect, simply by disseminating the knowledge that it exists. One of the researchers' conclusions was just that: if a viewer becomes aware that he/she might be being influenced, the measurable effect vanishes.

It collects the usual user stats, but goes a step further. Randomly-selected sessions are recorded in full, even to the extent of logging the movement of a visitor's cursor over the page, which is subsequently presented to the site owner as a Flash movie. It's advertised as the 'next best thing to organised user testing', though since the user won't know he/she is being 'watched', it could be a truer record of actual usage.

Some of my peers (particularly in Scotland, for some reason) have reacted unfavourably, considering it an excessive invasion of privacy. As you may have noticed, I'm certainly a privacy advocate, but I don't think I have a problem with this. Considering we already monitor platform, browser, screen resolution, entry/exit pages, residence time, even geographic location, amongst several other data, the movement of a visitor's mouse pointer is one of the least personally-identifiable parameters collected. Ultimately, whilst there may be an argument against collecting data at all, I doubt whether these additional data are a different, greater problem. They just feel more invasive, somehow.

Actually, now I think about it, this technology may offer an extra level of detail. We already know a visitor's entry page and the page from which he/she arrived, and the same combination when a visitor leaves, but I suppose if we were to track cursor movement and clicks, we'd have a record of movement within the site too.

As I've been writing, I've been discussing the issue with J, the (print) Publications Assistant in my office, who was initially startled to discover what we're already logging. She identified two potential conflicts: would a staff member want it to be known he/she had visited specific pages within the Counselling Service's section of the site, or had been searching the Employment Vacancies listings?

Any thoughts?

By default, IE7 hides the standard toolbar ('File', 'Edit', 'View', etc.), and when one restores it (View->Toolbars->Menu Bar), it's displayed below the navigation bar. As Lifehacker says, that's just wrong.

Chris Hanscom has written a simple registry hack to change that. Note, however, that this is a Registry hack....

Luckily, the interface relies on JavaScript, which is readily disabled on a site-by-site basis. In Firefox, it's as simple as appending the following to one's user.js file:

I thought I knew it all ;) , but one tip was new to me.
Use the '~' operator to search for synonyms; the example given is to use '~elderly' to search for 'elderly', 'senior', 'older', 'aged', etc. This can be combined with the better-known '-' operator: '~term -term' will find synonyms of the term whilst excluding the specific search term itself.

However, pushing it as a 'your-computer-is-at-risk' Critical Update, with red flashing text when one declines the download, seems less reasonable.

If one has no intention of using IE whatsoever, sticking with the preinstalled IE6 (and not using it) seems perfectly adequate. I use Firefox (other non-IE browsers exist), and have no interest in switching, so I'm not going to be sucked into Microsoft's bogus panic and accept a 15 Mb download (via dialup, at home) of a package I DON'T WANT.

I may need to install IE7 on my work PC eventually, solely for testing purposes, but there's no way it's invading my home machine.

Last time it was items configured through 'about:config'; this time it's items configured through 'userChrome.css'. The focus of the article is to streamline and remove extraneous items from the header bars for maximum viewing area. That's of limited importance to me at present, but I did remove one annoyance: the 'magnifying glass' button beside the search box.
Firefox 2 also displays the name of the chosen search engine in the box unless one enters a specific search term. Does anyone know how to remove it? I'd prefer it to remain blank until used.

Speaking of the search box: in the earlier entry about how I upgraded Firefox 1.5 to Fx2 and refined the result, I mentioned changing the default Google search box URL, 'www.google.com/firefox' to 'www.google.com/'. This is probably a bad idea. I thought I was removing unnecessary branding, but that doesn't seem to be the case, and it's been suggested Mozilla receives financial support if people use the dedicated '/firefox' URL.

[Update 13/06/07: If directly editing files is a little daunting, try the more user-friendly interface of a Firefox plugin, 'Configuration Mania'.]

I suppose I should have timed it, but installation and configuration were really straightforward; ten minutes at most, and that counts time spent reading menus in case anything had changed.

• Installed the basic package over Fx1.5, using the 'Custom' option to decline the DOM Inspector & Feedback Agent. Incidentally, ensure Fx is fully closed (check Task Manager to verify 'firefox.exe' really isn't running), as there's a risk of losing Bookmarks in the 'handover'.
• It automatically verified compatibility with extensions & themes and checked for updates but, as usual, an additional 'forced' check for updates found more. Unfortunately, some important ones were missing.
• Checked the 'Options' submenu. My selections had been carried-over from Fx1.5, so I only made one additional amendment: turned off automatic spellchecking.
• Following Lifehacker's instructions, I used 'about:config' to:
  • Decrease the minimum tab width, to minimise scrolling. Fifty pixels (half the default) is enough for me.
  • Restore the Fx1.5 style of tab closing: one 'close' button at the right of the entire tab bar rather than one button per tab.
  • Prevent prefetching of unselected pages.
  • Remove the 'Go' button from the address bar.
• Configured the built-in search facility:
  • Removed engines I don't use, via the dropdown menu.
  • Reconfigured the ones I kept, by manually editing the .xml files in /Program Files/Mozilla Firefox/searchplugins/.
    Specifically, I renamed 'Amazon.co.uk' and 'eBay.co.uk' to 'Amazon' & 'eBay' (I'm in the UK, so I know they're .co.uk sites) and changed the Google URL from 'www.google.com/firefox' to 'www.google.com/'. [No. Don't.]

[More tweaks.]

[Update 16:36: The 'Undo Closed Tabs Button' extension satisfactorily replaces 'Undo Close Tab' – the option is added to the context menu when in the tabs bar. 'Clone Window' is almost replicated by 'NewTabURL', though with significant problems, so I'm only using it as a stopgap.]

[Update 16:51: Yay! 'Orbit Yellow 2006' replaces 'Someorbityellow_nb'.

That was a little more fiddly than I initially thought, but I think I've almost replicated all the functionality of Fx1.5, with the bonuses of FX2's security updates and additional features. I'd still recommend waiting a while, though, as the stand-in extensions I found aren't quite as good as the ones I had originally, which hopefully will be updated to Fx2 compatibility soon.]

[Update 17:16: Nope, 'NewTabURL' is more trouble than it's worth. Avoid.]

[Update 27/10/06: My mistake: I'd been using 'Clone Window 0.2.5' which was incompatible with FX2's 'Find Updates' utility. By downloading a fresh copy of version 0.2.8, it's updated perfectly.
That may be worth trying for any other apparently incompatible extensions/themes: check the numbers of the most recent versions available from Mozilla or the plugin authors' websites. If they're newer than you have, download them afresh.]

[One more update 13/06/07: If 'about: config' is a little daunting, try the more user-friendly interface of a Firefox plugin, 'Configuration Mania'.]

The link above is to the British English (i.e. English) version, but be aware that due to licencing issues (says Neil) the British English dictionary for the new spellchecker has to be downloaded separately.

Or perhaps not. One of the things I like least about Microsoft Office software is spellchecking as one types. Though I haven't tried the Firefox version yet, I anticipate disabling it. Not something I would have chosen as a core, 'out-of-the-box' feature of the updated browser; an optional third-party extension would have been more than enough.

It kind of goes against my principles to knowingly exclude minority browsers, but I'm afraid I can't rewrite entire pages for less than 1% of a site's visitors, especially considering it's temporary: the bug is fixed in Safari 3, allegedly. Upgrade whenever you get an opportunity!

To a PC....

Worth reading, it broadly restates (or at least overlaps) the endless 'prog'-or-progressive debate, mainly in the context of Marillion.

On the initial topic (e-mail groups vs. online fora), I definitely favour the latter, for one main reason: threads. For me, that's the 'killer app' of fora, with which e-mail lists can't compete. I drastically prefer to read the topics I choose, rather than an undifferentiated stream of all traffic.
I liked the pt-darkmatter Porcupine Tree Group at Yahoo!, but found that I gravitated to the PT Forum instead when that became available. The 'signal-to-noise' ratio is probably no different, and I suspect pt-darkmatter has slightly better-informed participants, but at the PT Forum I don't need to read anything off-topic (e.g. last night's US TV programmes), nor on-topic subjects that don't interest me (e.g. musicians' technical discussions).

[Via Tim.]

This site experienced an odd traffic spike on Tuesday morning (in the UK; 22:00 Mon – 01:00 Tues in N.America), with ~17% of all visitors – that's a few hundred people – arriving via searches for the phrase 'crop circles in the carpet', an elegant lyric from 'Hide And Seek'. I thought it was just eastern Canada initially (most hits were via Google.ca, where I seem to have the no.1 spot for the search term), but it's just that the western US visitors (e.g. from Salt Lake City or Houston) had gone to bed by the time I glanced at the log.

Curious. It's a lot like the time hundreds of visitors were asking about the Trough of Bowland, presumably for a quiz, but this time the spike has had a persistent tail – the contribution to total traffic hasn't dropped below 2% for ~36 hours.
To give a little perspective, that's about the same traffic volume as a page specifically about the late-2006 Jethro Tull tour, on an ostensibly specialist Tull website (well, part-website) during the late-2006 Jethro Tull tour.

*: Just checked: no, she's on tour in the UK. Maybe 'Hide And Seek' was used in a N.American TV soundtrack again.

For example, if I see the following as an entry page:
file:///S:/Projects/Town Centre M60 Gateway/Projects/George Perrin/Talks/Matt/Gas holder, St George's Quay, Lancaster, UK, 2 June, 2004.htm
it rather suggests someone at 193.112.136.# (i.e. Stockport Metropolitan Borough Council) may be 'borrowing' my copyrighted content without asking.

I hope that's not a public talk being prepared, as that'd be unauthorised republishing....
Remember, web-published content has the same protection as printed matter – it's not automatically in the public-domain, and it's not okay to just take it.

If you do insist on registration, and I do happen to return months or years later, I'm likely to need to use your password retrieval facility – I'm not going to make the vaguest effort to remember login details I didn't want in the first place.
This facility must respond immediately. It is simply unacceptable to say you'll send me an e-mail within one working day. Database technology eliminated that delay a long time ago – if the password is not in my mailbox within 5 minutes, you have lost my custom. Period.

Well, without illustrating the usability and aesthetics of a large, blunt instrument, anyway....

I use Firefox, but strongly doubt this is a flaw in Fx – I have no reason to think that any other browser behaves differently. If anything, Fx-users are at an advantage, as the Form History Manager plugin allows one to check the log and delete sensitive entries.

If individual entries are annoying (e.g. mistype a username once and autocomplete will suggest the misspelling every time one uses a 'username' dialog box), it's possible to deal with them individually, without plugins. Simply type enough for the autocomplete suggestion to appear, then select the offending option using the cursor keys and press 'Shift'+'Delete'. In IE, don't press 'Shift'.
It's a useful feature, but I still recommend installing Form History Manager, as it allows one to see what else was logged, perhaps inadvertently.

I wouldn't have ascribed numbers, but now it's been mentioned, I suppose I have been aware of the trend, which inspires a thought: what does this mean for Web 2.0?
Beyond the hype, is it likely to remain the preserve of the 'engaged elite'? The media breathlessly report that n million people have signed-up to Flickr, etc., but if 89% are only there to passively view the output of the 1%, raw membership statistics clearly don't equate to interaction and content generation.

I'm not an especial fan of user-led, interactive web development anyway, and prefer the prior model of provider-led publication by individuals to readers. However, this entry isn't meant to subtextually gloat that Web 2.0 is 'doomed to fail' – I'm genuinely curious how the aspirations of an active minority will extend to a passive majority.
I wouldn't be surprised if, ultimately, very little changes and few people experience more than 'Web 1.5': standard Web 1.0 publishing with a degree of feedback, rather than routine interactivity.

Any thoughts? Can you be bothered to express them?

I've been active on the web for over a decade, and have seen a huge number of such virus warning e-mails and forum postings. None – not even one – have been genuine. If you receive a warning, whether forwarded by a stranger or your closest friend, visit the website of a well-known manufacturer of anti-virus software and check the details of the alleged threat.
Think about it: how likely is it that your anonymous friend-of-a-friend has discovered something that's totally eluded every anti-virus professional on the planet? Really?

If (when) you discover it's a hoax, delete the e-mail: take it out of circulation. Never circulate another e-mail telling people it's a hoax – that's just as bad! Simply let it die.

If, by some miracle, you find the warning is about a genuine threat, delete the e-mail. Do not pass on the warning. Yes, really. If the anti-virus companies know about it, their updated software will handle it, so there's absolutely no point in telling people.
If people have outdated or missing anti-virus protection, well, they're on their own. If they can't handle the routine basics, they're unlikely to respond to the exceptional.

Bottom line: if you receive an anti-virus warning, even from someone you trust absolutely, delete it.

I'm registered with the Mailing Preference Service and the phone equivalent, I don't read leaflets pushed though my door, I favour a cinema that doesn't show adverts, I tend to video TV programmes then fast-forward through ad breaks, and I refuse to do business with companies which contact me uninvited.

And when browsing the web, I use Adblock.
It's wonderful. It blocks all advertising content, whether banners, pop-ups or text, and if a new ad evades the barrier, it can simply be added to the blacklist.

Slightly confusingly, AdBlock.org¹ is a site campaigning against blanket blocking of all adverts.

Besides, users of adblocking software like me are extremely unlikely to click on an an advert even if we see it, so a site owner relying² on 'per click' income is going to get nothing from such visitors anyway. Hence, the visitors might as well block the ads from loading at all – it'll make no difference to the site owner, and vastly improves the browsing experience.

To be fair, on deeper investigation it seems that Adblock.org mainly opposes utilities which indiscriminately block all adverts without the knowledge or express intent of users with limited tech-literacy. It does acknowledge the right of more rabid users like me to knowingly block all adverts. It's the 'knowingly' part which is worthy of investigation.

¹: Note that the link to Adblock.org is a fair citation for the quoted content, not an endorsement or advert.

²: Not that I believe site owners justifiably 'rely' on ad-revenue. If it's a commercial site, hosting is paid for by company income. If it's a private site, it's a matter of personal choice to expend money on a hobby. If one was a recreational skier, would one expect other people on the slopes to pay for one's skis and lift pass?

Conversely, when including an attachment, attach it first, before writing the covering note. Otherwise, it's too easy to send only the covering note.

[Via Lifehacker.]

Wikipedia: wonderful idea, appalling execution. And before anyone says "if you don't like it, change it yourself", I did try, but my amendments, supported by verifiable citations, were immediately edited out by those with personal, or in at least one case, commercial, interests. Kind of discouraging. If certain people choose to appoint themselves 'lead editors' on specific topics, and delete anything challenging their personal perceptions of those topics (however well-intentioned), I really can't be bothered to challenge them; I offered my assistance once, and was rejected. Their loss. If that experience is repeated across the entire site, I have limited confidence in the information published.

*: Go on; update too. If you're on Fx 1.5, subsequent updates are of only the files to be amended, rather than a fresh download of the entire package. It only takes a moment.

[Update 11/5/06: Coincidentally, here's Neil Gaiman's view of Wikipedia.]

Now I know what to look for, there's certainly been an anomalous increase in visits from IP addresses based in Alexandra, Va., attributable to the US Dept. of State....

For a moment I thought something drastic had happened – that the site had been removed from the index, perhaps for illegitimate SEO tactics, but it's simpler than that. Apart from the three words 'AnathemA Official Website' in the <title> tag, the home page contains no text or html links. At all. It's a frameset containing Flash files; the navigation menu is in Flash, as is the introductory text. There's absolutely nothing for a search engine spider to index or follow.

'Make It Right (FFS)'. Is a song on the 'Judgement' album.

*: It's probably there somewhere, but I gave up after the 150th result....

It's literally that: go to any URL beginning "http://cl1p.net/" (invent your own), paste in the content* to be transferred, and upload it. Then visit the same URL from anywhere else in the world and copy the content.

To clarify a point which eluded me for a moment, one doesn't need to go to the c1ip.net home page, log-in and use a specific user interface: go straight to the URL you invent and the interface is already there. There's no account sign-up, and no hoops to jump through. Use a different URL each time, if you want. Subdirectories are possible e.g. 'http://cl1p.net/test/test', so one could be systematic.

This has possibilities for collaborative working (it that's your thing), but if you don't want the risk of people accidentally wandering into a publicly-accessible page (and theoretically modifying the content), the chosen URL can be password-protected.

*: Attachments of up to 2Mb are fine too, but are automatically deleted after one download.

[Via Lifehacker.]

This would probably be an appropriate opportunity for me to mention one of my favourite Firefox extensions, Adblock. This filters web pages as they load, removing all adverts. Yes, all of them. Imagine browsing without banner ads, AdSense text blocks, etc. That's how I see the web all the time. The advertising content is simply ignored, so 99% of pages look as if they were never meant to include ads – there are no ugly and equally distracting gaps or broken images. Firefox itself eliminates pop-up ads, of course.

Adblock works by matching content to a blacklist. To save the effort of training your own, download the latest Filterset.G, a collectively-derived pre-populated blacklist.

I presume the advertisers and host site owners still benefit from serving the ads, which is fine with me, so long as I don't have to see the ads! The providers won't get any clickthrough revenue, though. Tough.

Since I last looked, Adblock seems to have been adopted by Mozilla (as opposed to being developed by an independent individual), which might be considered an indication that it could become incorporated into the core product eventually.

• N.America: ARIN
• Europe: RIPE
• Asia/Pacific: APNIC

In Control Panel, select 'System', the 'Advanced' tab and the 'Error Reporting' button. This route might be slightly different in XP Home, but only slightly. Select the 'Disable Error Reporting' radio button.

Simple as that.

The article invites suggestions for a term to replace 'cyberspace', but I'd argue that the very nature of the conceptual change means there's no longer a need for any specific name for 'virtual space'. I agree with Neil Gershenfeld, Director of MIT's Center for Bits and Atoms (now that's a bad name!), who proposes calling the computer-orientated environment simply 'the world'.

Then again....

At BoingBoing, Cory Doctorow describes cyberspace as the "place of the mind", a concept with which I can identify.
If I'm participating in an online discussion, or reading a blog entry written, published and hosted on the other side of the world, or indeed whilst writing this, my consciousness doesn't really have a meaningful geographical location. Maybe the concept of 'out there' does still apply.
If so, it predates the internet – If I speak to my father in Norway, via a standard 'land line' phone, just as I have done since the 1970s, where is my mind? My full concentration is on the conversation, so it doesn't matter that my head is in the UK.

Hmm. I suspect one could think too hard about such metaphysics – and then where would one be?

I haven't downloaded IE7 myself (and won't whilst it's in beta), but I don't see a single thing advertised in the demo that isn't already covered by Firefox and the main extensions. It mystifies me why Microsoft's attempts to catch up with the functionality of real browsers would be sufficient motivation for people to consider switching. Being 'as good as' real browsers simply isn't good enough; it'd have to be better.
I suppose I'll need to install it eventually, for testing purposes, but I doubt I'll use it any more than IE6 i.e. less than monthly.

Not that I think a Mac designer would have done a better job of the IE7 GUI.

Actually, I've become used to the slightly unwieldy 'Move To Deleted Items' option on the drop-down menu, so it's not that important to me, but still, it'd be good to streamline usage.

[Update 27/03/06: It became available to UK users this morning.]

If anyone's unaware of Bugmenot, it's a means of evading 'compulsory' web registration. Want to read an article in, say, the New York Times, but without providing your contact details for marketing purposes? With Bugmenot installed, simply right-click on the login/password field and a fake ID will be drawn from a global database.

Remember, the domain's inactive at the time of writing, so the link in the foregoing paragraph will be dead (well, sleeping heavily). Give it a few days and try again.

Admittedly, there were three sp*m flood attacks, but I still think ISS (Uni. 'tech support') need to improve their spam filters.

Another annoying thing is that the filters merely identify suspected sp*m, but still deliver it to mailboxes. That's of limited value....

I can see how CC might be seductive to some: "Freedom! Community! Sharing! Love!". However, on a legal level, it means very, very little, and anyway, I don't remotely share those ideals.

Long-term readers of this blog will be aware that my priorities are the rights of the provider, not of the recipient. For example, I object to Google AutoLink and greasemonkey scripts which attempt to modify my content. If I'd intended additional links, I'd have put them in myself: my rights as author extend to what I choose not to say.

In as much as I'm aware of an audience at all, I publish text and graphics/photos for readers and viewers i.e. their (your) role, so far as I'm concerned, is mostly passive, and the relationship is primarily one-way.
Nothing personal, folks, and in my wish to be unambiguous, I suspect the previous sentence might come across as aggressive and overstating my true views. I hope visits to the Ministry are enjoyable, and welcome comments; I merely withhold permission for visitors to redecorate or wander off with the teaspoons!

So; to be absolutely clear:
all material, textual and graphical, published at the Ministry is protected by copyright. All rights reserved. Nothing is placed in the public domain, and I do not offer Creative Commons rights.

As anyone who can see beyond CC-evangelist propaganda will understand, that's far from a blanket ban on usage (fair use, remember?), merely being a clarification that this is my property, and remains such unless I specifically say otherwise, on a case-by-case basis (and I'm actually quite approachable).

There'll be an overlap, with both sites being updated in parallel for the rest of the month, but from December, the original address will only be an archive.

I only visit occasionally, and catch up about a month at a time, but the web comic is well worth reading; a bit 'American' in places (not a criticism, more an acknowledgement that some references mean little to a UK reader).

That page isn't part of the blog, and I don't have a guestbook; the messages (2-3 per day at present, but these things tend to multiply) aren't published anywhere, they merely go to an e-mail account, and there's no way I'm going to follow dubious links from strangers.

Either some troll is ****ing around just to annoy me, which won't work – I never feed trolls, irrespective of provocation – or some sp*mbot is getting confused.
I suspect it's the latter, as the 'subject' header of each e-mail is identically malformed, as if an automated script is garbling the output in a way a manual submission wouldn't. At least it enables me to set a filter in Thunderbird, and all mail with that header is directed straight to Trash.

I'm pretty sure it is a robot mistakenly 'thinking' it's found a blog comments form, as each hit is preceded by an internal search of the blog for the URL of October's archive – no human would be doing that 2-3 times per day. That clue is drastically easier to trace. Now I have a phone number for the spammer's ISP in Kiev, Ukraine. Pity I don't speak the language....

It looks useful for accessing the web when away from home (that includes foreign visitors to the UK) or if one's usual provider experiences an outage, but they also promote it as 'anonymous' web access.

Bookmark it now, though not somewhere like del.icio.us, as you'd need to be online already to get to the bookmark....

I've still been receiving notification e-mails from the Groups I moderate, requiring me to authorise member activities; I just haven't been able to act on them. This evening, I lost patience, and signed up to Yahoo! afresh, using the same contact details as before, just with a new username and password. I thought I'd have to join my own Groups as a new member, and ask my fellow Moderators to upgrade me back to admin positions with the new ID.

However, that wasn't necessary. As soon as I'd registered and validated my e-mail addresses, Yahoo! informed me that there were existing memberships associated with those addresses, and let me readopt them as if nothing had happened, without my even having to inform the other Moderators that I was back. Great!

Maybe.

I'm no trouble-maker or sp*mmer, but I could have been. What if my Yahoo! membership had been cancelled for a genuine reason? Is it a good thing that I'd be able to adopt a different screen name and log right back in, totally unrecognisable to the other members and Moderators until the next time I struck?

[Update 3/11/05: A full week after my summary expulsion, I've received some explanation.

Several years ago, I had a 'holding' site at Geocities for a month or so, just to make some files available temporarily. When I abandoned it (on 15 May, 2001 – that's the date of last editing access), I cut it down to one page, merely a redirect to the Ministry itself. I didn't realise, and maybe it wasn't at the time, but that's against Geocities (i.e. Yahoo!) rules.
This morning Yahoo! told me that, and reinstated my account, giving me until Monday to make the site compliant. I deleted it outright: sorted.

Why couldn't that have been done a week ago? A warning and ultimatum would make drastically more sense than 'shoot first, accuse later'.]

Fair enough, but the first point that concerns me is that if this other company pushes the issue, existing '@gmail.com' addresses might have to be withdrawn; Google hope that won't happen but can't guarantee it. They recommend everyone re-register the '@googlemail.com' varients of their existing account names, just in case.
The second point which concerns me is that the varient of my existing account name, and the four most obvious permutations of it, have already been registered by other people....

Should I expect a cybersquatting problem?

[Update 18:00: I may have misunderstood; see comments. If correct, it means those with existing UK-based '@gmail.com' accounts won't need to re-register, and the reason I can't register the '@googlemail.com' varient of my current address is that it's already reserved for me!]

No, ignore that utter rubbish; this is the part I want to comment upon:

Personally, I have no problem with a private-sector US company holding the contract to provide admin facilities to the internet, so long as the US Government has no regulatory role – none whatsoever. It's utterly fundamental that no one nation 'owns' the internet, and particularly not the Bush government. That's not a party-political thing, and certainly not an anti-American thing; I'd feel the same way if, say, New Zealand was attempting to annex the internet, but the idea that this specific presidential administration might attempt to regulate the world's internet according to its own perverted morality is simply repugnant.

The 'deep web' refers to:

Very William Gibson....

'Fraid it's a bit late for me, as I'm happy with Firefox, and not looking to switch, but I'm happy to remove the company from my personal blacklist, and I might look at their browser one day.

Incidentally, that means the title of this entry will break in some browsers. That's a deliberate joke, okay?

[Via Lifehacker.]

Bollocks.

The example that triggered this thought was that someone visited the Ministry earlier today via a Google search for "discussion of Marillion's Angelina".
Fine, but one has to remember that the search engine doesn't read the meaning of the enquiry, nor that of the target page; it'll search for the word 'discussion', rather than text discussing the song.

Consequently, the search found the 'Memes' archive page, which includes the word 'discussion' in one entry, and no more than the song's title in another, but missed an entry entirely about the 'Angelina' single, which doesn't happen to feature the word 'discussion'.

One tiny criticism, which I don't think is avoidable, is that one does have to trace the route, selecting points connected by straight lines – one can't just select the start and end points, and expect it to follow the roads. Hence, it is a pedometer, suitable for short, detailed trips rather than for plotting intercity journeys (though that's possible, if very time-consuming). It's also far more suitable for the purpose than Multimap or Google Maps itself, which calculate distances along automatically-selected routes optimised for cars.

I discovered this issue via The Register, at which a correspondent makes the point that:

I haven't implemented it yet, as it's an unexpectedly sunny afternoon and I fancy a bike ride, but I might add it later, and in the mean time, want to spread the word.

It isn't an absolute block, of course, as there are always workarounds, but at least one can stop the less tech-literate using Greasemonkey and make it annoyingly inconvenient for those who can work around it.

Yesterday afternoon, an 'updates available' alert popped up in Firefox, and I updated two extensions. Very annoyingly, I'm not certain which. From the next restart, there were problems. Fx would crash, then if I closed it using Task Manager, it'd restart basically okay apart from an inability to open new windows or necessary popups.

This morning, nothing. The browser would open, but no page would be displayed and the menus were inaccessible.

I've uninstalled Firefox and deleted the entire /Program Files/Mozilla Firefox/ directory, and taken the opportunity to reinstall using Fx 1.0.3 (I was on 1.0.2), but still nothing.

The big problem is that this is at work - I don't know WinXP Pro nearly well enough to know what else to try, tech support don't support Firefox, and I have work to do, so can't spend time experimenting. I've had to just break out the emergency copy of IE. Ugh.

Any suggestions?

Please note the warning: I don't recommend updating third-party Fx extensions just for the sake of updating. I'm fairly sure that's what killed my installation, as I'd changed nothing else.

Update 11:13: False alarm! Stop panicking, everyone! I may have revived it!

In case anyone else experiences a similar problem, try launching Firefox in Safe Mode (without themes or extensions). At the Windows Start Menu, 'Run':
"C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode
If that works, it rather indicates an extension/theme is the problem. Disable any suspects then close and restart Fx normally. Rather rashly, I've deleted all eight of my extensions (not counting Mycroft, though that seems to have gone anyway – as Neil commented, Mycroft is stored in the program folder, not with extensions, so went when I deleted that directory), and Firefox seems to be back – I'm using it to write and send this update, anyway.

[Update 11/6/05: I finally relented, and updated several extensions to my home installation of Fx 1.0.4 last night, and experienced the same problem. Uninstalling extensions one by one, I identified User Agent Switcher as the apparent culprit. Without it, everything works as normal.]

Okay; that's facetious. The real point, which I do find genuinely interesting, is that entirely 'non-existent' property is beginning to acquire real-world value, and real-world society is having to adapt to the virtual. I'm not simply referring to intangible property – text, images, music and data stored in purely digital formats have been with us for a while, but interaction with them is in the real world. Material only relevant to the online world, with which one can only interact in-game... that's the sci-fi part.

I put 'fictional' and 'non-existent' in quotes in foregoing paragraphs because in some ill-defined sense such items aren't quite fictional any more and, in certain practical terms, exist.

That covers legal, paid-for downloads and the sharing of unofficial recordings, but recent searches seem to have been for downloads of tracks from, and indeed the whole of, that imminent album, 'Deadwing', so I'd better clarify my view of illegal downloading of commercial recordings, paraphrasing my side of a recent discussion at the PT Forum.

It's theft, and I don't condone it whatsoever.

It's been a while since I was last willing to buy an album 'blind', without hearing online samples as a guide to whether I'd like it, but I don't regard that as sufficient justification to illegally download a leaked/ripped copy of the entire album.
I restrict myself to the samples (extracts from songs, at low-res, not retail-quality full tracks) the artists choose to provide online. Beyond that, I feel one should take the risk by buying an album, then decide whether to keep it. Sometimes one mightn't like it after all. Tough. Return it to the shop, sell it on eBay (without keeping a copy!) or give it to a friend.

Having said that, I'd be naïve to deny that people are going to download, leading to five possibilities:

1. Someone illegally downloads and likes the album a lot, and buys a legitimate copy.
2. Someone illegally downloads and likes the album a lot, and just keeps the download.
3. Someone illegally downloads and rather likes the album, enough to keep the download but not to pay for it.
4. Someone illegally downloads and doesn't particularly like the album, but keeps the download anyway.
5. Someone illegally downloads and dislikes the album, and deletes the download.

It's been argued that:

I can dismiss two other arguments outright:

As Neil notes, it isn't a perfect solution. Jeffrey mentions the superior alternative would be:

Update 24/02/05:

Aw, ****.
Some **** has produced a bookmarklet to disable the JavaScript.

On to Plan 'B'. There's an even simpler way to prevent AutoLinking: don't provide linkable content in the first place. Google links from ISBNs? Fine; don't expect to see any ISBNs at this site.

It's kind of retrograde to have to withhold information to prevent tampering, but if that's what it takes....

Unless, of course, we all simply rename the JavaScript function, defeating the bookmarklet. Sorted!

Update 04/03/05:

Threadwatch now has an array of AutoLink blockers.

'Apologists' (heh – just teasing) point out that the functionality isn't imposed. It's not turned on by default, the user needs to press the AutoLink button before anything happens. Don't want extra links? Don't use the button. Simple.
However, I seem to be unique in approaching this from an entirely different viewpoint: my concern isn't the ability of users to avoid unwanted links but the right of content-providers to opt-out or block links.
As a designer and site owner, I provide some links from my pages, and withhold others. It's my decision, not that of a visitor, and certainly not that of a third-party. If I want to link to Amazon, I'll do so myself; the absence of a link means I don't want there to be one.

You might now realise that my omission of a link in the first sentence of this entry was an illustration of this point. Hypothetically, the technology could (it doesn't now, but it could) be used to convert a mention of the Google toolbar into a link to its download site. A visitor might find that convenient, but as I mentioned in the second sentence, I have a reason not to provide it. The visitor mightn't agree with that reason, but here's the point: I'm not asking the visitor's opinion. This is my website, and I demand the right to offer and withhold links as I choose.

Another hypothetical situation would arise if the ISBN-to-bookshop linking was extended to give the user a choice of retailers, and Waterstones was one of them. Since the hypocritical sacking of Joe Gordon, I'm unwilling to have anything to do with that company. I wouldn't be preventing the visitor from going to the Waterstones website via a different route, but I'd certainly object to my web content – my intellectual property, to get a little precious about it – being used to assist the process. If AutoLinks then linked to the retailer anyway, my site would be generating traffic and revenue for Waterstones, directly against my will. Personally, I don't regard that as acceptable, and don't believe that a visitor's convenience should override my wishes.

This is another example of the (in my opinion) flawed ideology practiced by too many web designers, that the user always has to have control. I disagree, particularly in the case of private, personal sites.

Follow-up: Two anti-AutoLink measures, and one anti-anti-anti-AutoLink measure which blocks AutoLinks even if the user is trying to circumvent the block.

No-one's saying the pyramid schemes are total scams; people have received their free items. However, someone (sorry, I've lost the link) has calculated that even under ideal conditions, 85% of participants will be unable to complete their sign-ups, so the company will only have to send out a relatively tiny number of, let's face it, inexpensive items, in return for many thousands of e-mail and postal addresses, even financial details in some cases. Marketers would pay much more for those details than the cost of a few audio players.

"But I can unsubscribe from the offers as soon as I've received my iPod."

Well, yes, you can try. But be honest (with yourself): do you truly believe the companies will just discard your contact details when asked, and more importantly, do you really think the companies you signed up with are the only ones who received your contact details?

No, by signing up you're only assisting the marketing industry and actively inviting spam.

*: Having investigated further, I've found an assertion from the 'free iPods' parent company that TRUSTe is planning to recertify them after a training programme. If this is true (and it might be), it suggests that future participants may face fewer obvious problems, but that's a bit late for the existing participants.

[Via Neil's World]

It's no surprise that comments spammers exploit unsecured proxies i.e. redirect attacks via underprotected servers, so their true IP addresses are masked. No surprise, but hopefully a reminder that online security is important beyond just protecting against viruses. As I've said earlier, I'd support the idea of network administrators banning unsecured computers from all internet connectivity. Cars without adequate brakes or exhaust systems (see the pollution analogy?) wouldn't be allowed on the public highway, so why allow computers to jeopardise others?

One of the spammers' tricks is to identify the folder and script names associated with blogging packages, which firstly assists in identifying targets and secondly provides routes to comment 'by the back door' i.e. avoiding the usual user interface to post comments straight to the database. This can be avoided by renaming key files/folders (I've done that to some extent, but I should have done it at installation - some can't change now), which set me thinking.
Would it be technically possible for publishing packages to generate unique names for each installation, at first installation? For example, rather than every single installation of Movable Type calling its comments script 'aardvark.pl', a given installation might call it '5j3e5p.pl'.

Incidentally, MT-Blacklist has stopped 147 spam attempts within the last 75 minutes.

If you ever find a broken link on a website, and are kind enough to let the maintainer know, please be aware that the important part is to identify the page containing the fault, not necessarily the non-existent destination. That is, it's less useful to know that "the link to Page X, '../dept/oldlink.htm' is dead" than to know that "the link from Page Y '../core/directory.htm' to Page X is broken". The latter more accurately describes the fault to be repaired; the former requires a lot of investigative work if 'Page Y' could be any of several hundred!

However, as I said, responsible web maintainers welcome fault notifications - even if you don't have the full information, that's better than nothing ;)

Okay, any shift away from IE is to be applauded, but Firefox is free anyway, to everyone. The ad-free version of Opera may be offered to education establishments for free, but anyone wanting to use it at home is still going to have to pay (or accept adverts).

I suppose my real question is: why does a paid-for browser have any market share, when perfectly adequate, comparible if not superior, alternatives are available for free? I've never understood that.

In the case of Internet Explorer, when the last window is closed, Windows will automatically disconnect a dialup connection to the internet (it may even ask first). The short answer is that Firefox can't do this, but it's not really a flaw on the part of Mozilla. IE is an integral part of Windows, so has something of a 'head start', unavailable to non-Microsoft packages.

Essentially, the alternatives are:
Get used to it. I have. To disconnect manually, right-click on the 'Internet Connection' icon in the System Tray (bottom right, next to the clock) and select 'disconnect' from the context menu, or double-click (left mouse button) on the icon and select the 'disconnect' button in the resulting popup window.

Use a third-party utility. There's a good summary of the main ones at MozillaZine, with step-by-step configuration instructions for one, 'HangUp.exe'.
Hmm. I don't seem to be able to access the download site for HangUp; I hope it's a temporary fault. Also note that 'hangup.exe' is a known alias of the 'Win32.Nocan.B@mm' worm - that's a different 'hangup.exe'!

However, El Reg has a more serious interpretation of the announcement. Basic economic sense suggests that following the beta period, Microsoft will wish to charge a subscription fee for the service (anti-spyware packages are of limited value without regular library updates). If that supposition is correct, not only will Microsoft continue to make everyone's PC vulnerable, it will probably attempt to profit from its own failings.

When preparing a navigation structure, please use intuitive, unambiguous titles.
A visitor can normally scan down a menu bar quickly, identify likely routes to the required information, and judge which of two similar-sounding options is the more appropriate. However, anyone using a screen reader (blind/partially-sighted) or tabbing through a drop down menu (typically because of an inability to use a mouse or other pointing device) will only 'see' menu items one at a time. As soon as a credible option is reached, that link is followed, whereas an item further down the list might have been better.

It might be argued that the visitor should check all possible choices before selecting one, but:
a) the responsibility for sensible links should really lie with the designer, not the visitor, and:
b) there might be 30-40 links on a page - it can be needlessly onerous to tab through them all twice.

It should be obvious (but plainly isn't) that links should be intuitive to the visitor, not only the site owner.

A basic example is the phrase 'current year'. To anyone already in the UK higher education sector, the year runs from October to September, not January to December. It's fairly common for someone speaking in, say, September 2004, to refer to October 2004 as 'next year', probably confusing anyone operating outside the university system.
Worse, anyone working in undergraduate admissions, again speaking in September 2004, might refer to October 2005 as 'this year', since the admissions cycle works at least 13 months ahead, maybe even 21 months if one counts the pre-application stages.
At the time of writing, December 2004, my boss' current project is the undergraduate prospectus for Entry 2006; her 'current year' is 2006. That's October 2006, not January. Obviously.
Still clear on the definition of 'current year'? Imagine when this sort of ambiguity accidentally reaches a web page for external publication....

So, which is better: pedantically correct, or intuitive? I mean in general; I'm no longer talking about the numbers example. This is a fundamental design issue, which applies to everything from web pages to road signs.

Another example would be the issue of web standards compliance. IE is less compliant, but if it serves the needs of users better, does that matter? Should one adhere to strict standards simply for the sake of complying, or provide what people really want?

These are partly devil's advocate questions, of course. Personally I have no problem with the more accurate 1,10,11,... numbering (I'd have used 01,02,03..., which eliminates confusion), and loathe the 'helpful' attitude built into Microsoft products. For me, more accurate generally is more intuitive.

But (and this is an important point) that's just me. People differ, which makes design such an... interesting activity. Which should take priority - meeting current expectations, or educating towards imposed conditions? To rephrase: if standards are a valid concept at all, should they be set at the existing level of the majority, or at a 'best practice' level to which the majority can aspire?

User Agent Switcher

Sometimes a website objects to Firefox, and claims to be IE-only. However, the objection is usually just an over-zealous browser detection script, and the website itself is entirely usable by Firefox users. This extension simply fools browser detection scripts.

IE View

Ideally, the previous extension would be unnecessary. Less ideally, that extension would allow Firefox into all sites. However, some sites really are IE-only, apparently (I've yet to find one), so IE View, which resides in the right-click context menu, could be useful.
Regretably, my web host's ftp server is temperamental and crashes pretty much every client I've tried, except IE, so I do have to use it once or twice each week. At least this way I don't have to have IE on my 'Start' menu or desktop....

Clone Window

When I open a new tab, I like the content to be a clone of the parent tab, rather than a blank, fresh tab. This extension provides exactly that. As the name suggests, it does the same for new windows, but I don't remember the last time I wanted a new browser window!

BugMeNot

I'm not prepared to provide personal details in order to access web content; I won't contribute to customer profiling or market research. Hence, I use this extension, which accesses the bugmenot.com database of user-submitted fake usernames and passwords to bypass login pages.
The user interface has improved from the version I was using with Firefox 0.8, now integrating with autocomplete rather than requiring usernames/passwords to be retyped or cut-and-pasted. However, it's initially confusing. Previously, 'Bugmenot' appeared in the right-click context menu anywhere on any page (or was it just login pages? I forget). Now it only appears in the context menu when the mouse pointer is already in the username/password box.

Focus Last Selected Tab

As the name says, when the active tab is closed, focus automatically returns to the last selected tab .

CTC

This simply adds 'Close Tab' to the context menu.
I installed this for Firefox 0.8, and unquestioningly installed it again when upgrading to Firefox 1.0, yet I don't think I've ever used it.
Never mind; it's only a 2 kb download, so it might as well stay.

Mycroft

The built-in Firefox search bar accesses Google, but this extension, er, extends it to others. Thirty are installed by default, but I've trimmed that back to six: Google, Amazon UK, eBay UK, the Cambridge dictionary, IMDb and Wikipedia.

All-In-One Gestures

This is a comprehensive package of customisable mouse gestures, rocker navigation, tab and history scrolling, and autoscrolling, but I only use one tiny aspect: when I have multiple tabs open, I like to switch from one to the next (or previous) using the mouse scroll wheel.

Macromedia Flash Player

Not exactly an extension, but worth remembering to install; it's not part of the default Firefox package.

And that's it. Have I missed any good ones? Could I achieve the same results from a different combination of extensions? Let me know!

The best metaphor for this approach might be the cover of a mass-market paperback book, which seeks to capture a potential buyer's attention with a compelling image. Unfortunately, there's a better metaphor for blogs: daily newspapers. In this model, the aim is to attract the potential readers' attention by presenting content - current text and perhaps associated images. However pretty the masthead, graphics merely diminish the space available for fresh material.

This is an old concept, and a daily consideration for newspaper designers/editors (especially for large-format broadsheets). A key objective is to get as much important information above the fold i.e. in the top half of the page, where it'll be seen immediately by those walking past the news stand. Anything below the fold won't be seen until the reader has already committed to the purchase.

Exactly the same principle applies to blogs, especially in the crowded 'news stand' of Blog Explosion. People are fundamentally lazy. If there's something good 'above the scroll', they might investigate further, but in the absence of that 'hook', one can't rely on a willingness to scroll for content.
Blog owners also only have thirty seconds to grab a BE visitor before they click on to the next site - don't waste that on loading images. There have been some occasions, particularly when browsing via narrowband at home, when a page's graphics haven't even loaded within thirty seconds.

An attractive layout and masthead obviously matter, but try to retain some balance. 'Content-led' consistently outperforms '(graphic) design-led' and, after all, top-heavy things do tend to fall over.

*: Or rather, a large number of sites, the designs of which are drawn from a depressingly small pool, once one gets past the most superficial aspects.

Can it hurt to ask? Definitely. If unsolicited requests annoy someone, you're likely to be added to a spam blacklist. If and when invites are offered subsequently, your e-mails will be filtered out - you lose.

I realise few of those reading this will be accustomed to the practices of trading unofficial concert recordings by 'weeds' or 'vines', so this won't be as second-nature to you as to me, but here's the rule:

Wait until the resource is offered, and respond to the offer. The person making the offer always starts the process; the person wanting the resource never instigates contact. If the resource hasn't been offered, consider it unavailable - never ask unless offered.

[Update 20/02/05: All Gmail members now have a permanent supply of numerous invites to give away, so this entry has been superceded. Feel free to contact me!

The general point stands, though: speculative enquiries about scarce resources are unwelcome.]

My main concern is the potential effect on real browsers such as Firefox (that's the Firefox 1.0 completed release, not the 0.9.3 beta used by the new Netscape). If people can be persuaded to dump IE, great. If they switch to a brand they already recognise, Netscape, it seems they mightn't be getting as much of an improvement as they might elsewhere. If they then notice that it's based on (an earlier version of) Firefox, a negative browsing experience might damage the reputation of 'real' Firefox, or indeed other non-IE browsers.

There was one point which occurred to me, and which Cory didn't address. If Canada Heritage plans to levy a usage tax on behalf of copyright holders, what mechanism will exist to distribute the money to authors?
If I was Canadian, an owner of copyrighted material and a web user, would I receive royalty cheques, or would royalties be ofset against the tax payable?
I'm British, writing this in the UK, but I'm sure Canadians will see it in Canada, and may even quote it elsewhere. How will I be paid?
Or will Canada Heritage just collect and keep the money?

A particularly scary aspect of this incident is that The Register itself, a site by and for the technically literate, might be expected to be safer than most, yet the infection vector wasn't El Reg itself, it was a banner ad provided by an entirely different company, whose server equipment had been hacked. The infection was triggered by loading the banner (which happens automatically, of course), not by clicking on the link.

Bottom line: do not use IE. It. Is. Unsafe.

A key paragraph:

Anyone concerned about making the switch might like to glance through an earlier posting (about Firefox 0.8; few of my criticisms in that posting apply to the 'finished' version 1.0): for IE users, transition to Firefox can be seamless. I don't even know if Firefox is the best proper browser, but the aspect which convinced me initially was that, 'out of the box', the user interface feels like IE, only with the confidence of a proper back end.

I can't think of any reason not to switch.

A little further investigation unearthed a disclaimer that the .net cover disc deliberately doesn't support Netscape (I use Firefox, not Netscape, but never mind) because it isn't possible to run executable files direct from the html pages. I'd say that's an advantage, and the fact that IE does allow executables to run is a potential vulnerability. However, I can see that such a security measure would be a disadvantage for the cover disc.

This would be a good reason for .net to use a proper CD-ROM GUI, rather than lazily opting for IE-only html. I happen to have IE on my PC for error checking when writing web pages, but what about those who have dumped IE altogether, especially Mac or Linux users? Does that mean the coverdisc is unusable by anyone with a secure, standards-compliant browser?

Secondly, why are the html pages coded so badly? Okay, they're intended for display in IE, but they could still be written in valid html/xhtml and css. Even if the links to executable files were to be disabled in all but IE, the navigation and pages themselves should function and display properly in any modern browser.
This is the coverdisc of a magazine devoted to web authoring - shouldn't its own material be an example of high-quality coding? A quick glance at the source code of a random page reveals basic errors (mainly in nesting, which IE can forgive but which break the page in Firefox et al.), but also heavy use of deprecated/obsolete tags and tag attributes, strongly suggesting that the author learned html before 1999 and hasn't developed his/her skills since then. It's conceivable that those new to the subject might study this source code for learning purposes, yet it'll lock them into bad habits, if it doesn't actively mislead.

Very disappointing, and a poor reflection on a useful magazine.

When people first approach the internet, they may wish the assistance of a hand-holding, all-in service such as AOL, yet as they become more experienced and realise they can use market-leading firewalls, antivirus software and superior browsers for free, and can obtain all the information they might want from the 'wild' web rather than spoonfed by AOL's own network, without having to pay subscription charges (and can dump the '@aol.com' e-mail addresses which are the mark of dangerously incompetent newbies), they might abandon AOL in favour of 'real' ISPs.

It's a learning process, and despite that tongue-in-cheek dig at users of AOL e-mail, I don't have a problem with people undergoing it. As the previous posting mentions, I started with free hosting from Lycos Tripod, and Hotmail's webmail. The point is that I moved on as soon as I discovered superior options. Hence, I'm speculating that a large proportion of AOL's customer base might be transitory - as people 'graduate', fresh newbies join, learn, then in turn leave.

In short, maybe general web literacy is approaching a point where even entry-level users have sufficient background knowledge to simply skip the early learning stages, typified by AOL, and go straight to more advanced usage which itself has become more user-friendly than it once was.

• The flood attack occurred some time on 30 Oct; I didn't note the time.
• My visitor logs show an atypical increase in traffic on 2 Nov., so it seems obvious Google had indexed the site and large numbers of people were er, 'researching' a wide variety of sexual fetishes.
• I returned on 3 Nov. and removed all the spam comments by about 14:00.
• From periodic checks of my referrer logs, I'm fairly sure the last erroneous visitor left disappointed by about midday on 5 Nov.

Incidentally, after the clean-up, I received two aggrieved e-mails from people complaining that there were too few (i.e. none) stories about, well, practices distinctly illegal in the UK. It ought to be instantly obvious that the blog does not - and will not - provide such material, so accusations of false advertising (as if I'd posted the comment spam myself!) are treated with the contempt they deserve.
Actually, I have the e-mail and IP addresses of potentially dodgy people now. I wonder what I can do with them....

No, I don't have a problem with sexual fantasies (so long as the extreme ones are never acted upon) or fetishes; everyone has them to some extent, and careful readers might even catch a few vague allusions in this blog, but that's all you're getting. Anyone looking for 'exotic' material (and some search terms were truly bizarre) needn't bother.

Yet, astonishingly, it is plain from the readers' comments posted at the end of the BBC report on the attack that Worldpay customers (i.e. small online retailers) do blame Worldpay for its "inability to stave off attacks." Two examples:

This must be so frustrating to Worldpay, not to mention financially crippling. Yes, retailers are annoyed by lost orders, but to lash out at the victim of the DDOS is utterly unfair. There are no lessons to be learned by Worldpay. To anyone with the vaguest hint of technical comprehension, is is obvious that the ultimate blame lies with the perpetrators of the attack, though if it wasn't for the incompetent/negligent owners of the 'zombie' machines, there could be no attack, so I'd certainly ascribe the majority of the blame to people like my mother.

As Bill Thompson at the BBC, amongst others, have frequently argued (he mentioned it again yesterday), it is socially irresponsible to leave your computer open to attack.

This piece refers to another Thompson article from about a fortnight ago. I recommend reading that too, particularly the latter third, which makes a very valuable suggestion:

As is fairly obvious from the home page, the Ministry now uses Google's Free Site Search. Yes, it's supported by context-sensitive adverts alongside the search results, but Atomz was about to introduce that anyway, and the fact that Google has the whole site indexed removes the need to use MT's built-in Search for the blog and a separate Search for the other departments.

After a considerable struggle I've managed to customise the appearence of the Google results page to approximately resemble the rest of the site. If you're tempted to try it at your own site, be aware that customisation is neither as straightforward nor as successful as one might expect.

As technology journalist and author Andrew Orlowski is quoted in a BBC report:

I like lobster. Others may loathe the very idea of eating 'giant lice'. Should there be a surcharge on everyone's water bills, so I can eat lobster for free?

NP: Amplifier (Amplifier, 2003) - on a legitimate CD.

Some people get a little... excited about this.

To return to the point: I have major problems with the 'rule' that the user always has to have control. In some 'genres' of website, particularly in the commercial or public sectors, that's very true, but not all.
If I, an information provider, am offering material to a passive audience, without any interaction or 'audience participation' (heh), I get to decide how it's presented. There are entirely valid, practical reasons to permit a visitor to change the text size and colour, but beyond the requirements of accessibility legislation (which I meet, and on the whole exceed) I feel no moral obligation to surrender control of my website to the whims of visitors.

Jakob Nielsen called the technique 'hostile' (though he was writing before the widespread introduction of tabbed browsing, which almost eliminates the alleged disadvantage of the technique, so might offer a different comment on the user experience in newer technology). He's perfectly entitled to hold whatever view he chooses, but Nielsen isn't a web deity, and his pronouncements aren't to be slavishly adopted. On this point, I don't think his criticisms are even accurate. By all means read his advice, but question it. If you agree, great, but think for yourself, eh?

The standard advice is that there's a patch available from Microsoft without having to install the full SP2, but I'd recommend also following the non-standard advice of dumping Internet Explorer outright and using a real browser such as Firefox.

I would still recommend installing the patch anyway. I would, but I can't. I just tried installing it myself and was able to download something which scans my PC and tells me if it's vulnerable. It is, so I was referred back to Windows Update... and SP2, which I'm not permitted to install. So much for a standalone patch.

And I do mean a little - there's a wide spectrum between entry-level and 'web guru', and I'd say browser migration is well within the capacity of the lower end of the range.
On a scale of 1=my mother to 10=well, Adam Kalsey, where I'd rank myself, a non-techie web designer, at 5 or 6, I think the current state of Firefox is fine for everyone above, say, 3. For this 'low-intermediate' level of user on upwards, this is a prime time to push Firefox, to establish, or rather, increase a sizeable user base before the next incarnation of IE. There's also nothing to stop a 'level 5' person installing Firefox for a 'level 1' person, as I plan to do for my mother next time I'm in Wales.

One of the aspects which sold Firefox to me was its apparent similarity to IE, and near-seamless transition for the user. Entry-level users mightn't appreciate the advantages of tabbed browsing (at least not immediately) and probably wouldn't want to play about with adding plug-ins, but they can still gain the benefits of a superior back-end via an 'IE clone' GUI.

Adam argues against aiming a browser switch campaign at entry-level users. As I've said, I don't think any such campaign is directed at them, and Firefox's proponents (not evangelists - their attitude is unhelpful) shouldn't hold back from persuading 'low-intermediate' users to give it a try. However, to go off at a tangent - and I do acknowledge this is a separate issue - the main reason for IE's level of market penetration is simply that it automatically ships with Windows PCs, and a relative minority bother to change. Entry-level users become familiar with IE because that's all they experience.
If manufacturers started including Firefox in factory installations (okay, I agree with Adam in that context; Firefox isn't quite ready for that yet. But nearly.), there's no reason why Firefox couldn't benefit from the same user apathy, and the effort entry-level users put into learning IE could be invested in Firefox instead.

To paraphrase: several websites solely function in the Windows version of IE because designers claim that's the browser, used by a majority of people, and that it takes too long to develop sites which render and function in alternative browsers. There's an overlapping claim that development for non-IE/Windows is too expensive.
These erroneous impressions often arise when initial development and verification work is done in IE, then only checked in other browsers as a final stage. This leads to the perception that any 'bugs' are in the other browsers, when it's IE that's idiosyncratic, and the developer has built in the flaws to accommodate its foibles.
IE's interpretation of css is less strict than its competitors, so is more forgiving of bad coding. Consequently, designing in IE means problems with development work will be missed as they arise. Starting with IE then retrofitting for other browsers will indeed increase overall time and cost. So:

I've been using it occasionally for a few months, but have just discovered that an extension has been written for Firefox, incorporating the Bugmenot functionality into the browser's context menu (i.e. right-click and select it, to get a login and password for the site currently being visited).
This extension has been adopted as an official part of the Mozilla development project, which is an indication of the community's distaste for such demographic/marketing tactics as compulsory registration.

Oh, there's a version for IE too, if you must use an inferior browser.....

As the byline on the Bugmenot home page says: "tell everyone you know".

On the whole, the article is a good review of Firefox's key features, including its similarity to IE's look-and-feel, but there's one annoying statement to be rebutted: Microsoft didn't 'win the browser war' by providing a better product, it achieved a high market share by shipping IE with every copy of Windows, and relying on consumers finding it insufficiently offensive to bother loading something else. That's success through customer apathy, not superior engineering.

The <acronym> tag provides definitions of quoted terms (not only acronyms and abbreviations). For example, if you hold the mouse cursor over the letters 'IE' in the preceding paragraph, after a moment you should see the words 'Internet Explorer' pop up as a tooltip next to the cursor. I also use it to provide translations of non-English terms. Great, eh? Really useful, except for one thing: how would one know to hover over the acronym for it to be spelled out in full? In Firefox, items in an <acronym> tag are indicated clearly with a dotted underline, so they stand out from both plain text (non-underlined) and hyperlinks (solid underlined). In IE, nothing; the visitor is offered no indication.

I've inserted an ugly CSS quick-fix: all <acronym>s, like 'CSS' in this sentence, now appear with a dark green background (except for the example above; I rigged that specially). It's not ideal, as visitors still mightn't realise why the text has a background, but it might be enough to tempt people to try hovering over text and give them a helpful surprise.
This applies retrospectively, of course, so you might like to re-read anything you didn't understand earlier. If the confusing terms don't have a green background and tooltip on hover, my writing is at fault rather than the coding or browser. Sorry.

IE itself doesn't comply with web standards, so in order for pages to render as intended, it may seem an author has to deliberately deviate from the standards, optimising exclusively for IE. That's somewhat short-sighted, and not recommended. There is a view that since IE is the market leader, an author's efforts should focus on it, but as I said in the first line of this posting, valid code should work in all browsers anyway.
A trivial example: today I found that IE placed a <h3> page title flush with a header graphic, where as Firefox left a decent gap. I could have inserted a <br /> line break so that the page looked okay in IE, but that would have added excessive padding in all other browsers. The alternative was to use CSS to specify spacing around <h3> elements, which is effective in all browsers.
In order to identify such issues, it's necessary for an author to view new pages/modifications in IE, even if he/she ordinarily uses a real browser.

A third issue is that IE supports its own proprietory coding and integration with 'back-end' software, so a small number of websites really are IE-only, particularly those involved in e-commerce (e.g. some web stores, banks and utilities companies). Hopefully software evolution and customer pressure will remove this incompatibility eventually.

Although I'd always advocate that people switch from IE to a modern browser, clearly there are cases when one really does have to use IE. Hence the ieview plugin for Mozilla and Mozilla Firefox: a simple extension which opens IE and loads the current page or a selected link. Very handy, but I hope it won't get much use!

I was initially sceptical (who, me?) about the near-evangelism of Mozilla supporters, but having tried Firefox for myself, that's the browser I recommend. The selling point, for me, was that the transition was seamless: the user interface and initial browsing experience were near-identical to that in IE, so there was no learning curve. The immediate benefits are unseen, in protection against popups, ad- and spyware, plus reliable, standards-compliant processing of web pages. In that respect, Firefox is IE's better-performing twin. If you're happy with IE, there's no reason not to try Firefox.
I didn't 'get' tabbed browsing for a while, and it's entirely possible to continue opening pages in new windows, as in IE, if one prefers, yet I've certainly taken to the new technique, and when I have to use IE occasionally, I find the experience clumsy.

It's worth mentioning that though I personally consider IE obsolete, I'm certainly not going to exclude visitors because of their choice of browser. IE users should not receive a lesser browsing experience at the Ministry than those using real browsers. My criticism of Ben Goodger (one of the lead developers of Firefox) for deliberately blocking IE access to his personal site stands: that is not a reasonable way to proceed. See this earlier post, and the associated comments, which also provide further arguments for making the switch to Firefox.

Again emulating Neil, I encourage other website owners to pass on the same message to their visitors; "Let's get together and encourage people to adopt better browsers." The code used to generate the message at the top of the blog's index page uses a javascript browser detection function, so is only displayed in IE. I'd gladly offer a copy to anyone wishing to use it, but it's customised to the 'house style' and omits links to alternative browsers I don't recommend personally (Opera and Safari). It would probably be more appropriate to visit Neil's site and download his version of the script, as he suggests.

A good move, and I'm not about to criticise the BBC for pragmatism. I can't help wondering about the cost of debranding, though - all those letterheads and print publications that mentioned BBCi. The change to the website itself should be straightforward, merely modifying the header graphic, master stylesheet and CMS/publishing package. I remember the public criticism when the BBC changed its logo from three tilted rhombi containing the italicised letters to three squares containing the upright letters, at massive expense: tens of thousands of pounds to remove a tilt.

The licence states that though the design is not a template, and may not be reproduced without written permission, the CSS itself may be used freely for anything one wishes. Anyone may use the .css files, but not the specific graphics: the .jpg, .gif, and .png files. Yes, the precise wording really is "The CSS itself may freely be used for anything you wish".

The problem is that as the CSS Zen Garden project demonstrates, the CSS is the design, defining far more than the positioning of graphics files.
It seems that the designer's intention was to allow personal use of this CSS code for private learning purposes, and permit reuse only if substantially changed (define 'substantially'...), but that's not what his CC licence specifies. His argument is that the design and the technical means of its expression are independent intellectual properties, yet unfortunately that makes little practical sense - it's impossible to use the CSS without generating that design. By expressly permitting use of the code, he put the design (colour scheme, layout, detailing) into the public domain too, apart from the specific graphics. It's certainly unethical to use it commercially, but legal. Claiming it as one's own work is less acceptable, of course.

A parallel would be a car (automobile) manufacturer making the full technical plans and specifications of its latest model - every single detail a rival company would need to perfectly reproduce the car - publicly available and totally free for anyone to use in any way so long as the company logo isn't used, then complaining when copies go on sale.

Morally, I'm with the original designer, but this is a valuable reminder that one should consider very carefully the implications and alternative interpretations of licensing one's work. In order to separate design from means of expression, much tighter licensing is required, if that's even possible.

Brian Blessed is probably little-known outside the UK, at least by name, but readers might recognise him as the king of the Hawkmen (or whatever) in the 1980s film 'Flash Gordon' and his was the voice of Boss Nass in 'Star Wars: The Phantom Menace'. A smaller number might recognise him as the actor who made three attempts to climb Mt. Everest, the first retracing the steps of Edward Mallory, using the authentic Victorian mountaineering gear and reaching 28,000ft, the highest a man of his age (at the time, 56) has achieved without (bottled) oxygen. In 2004, he's 67 years old.

As an interview in an in-flight magazine says, he's a large man, with a large beard, large voice and oversized presence. In short, not the sort of actor to have done nude scenes, or inspire searches for such images, yet in a straightforward search for 'Brian Blessed', note the item ranked seventh.

I'll hastily mention that this observation was the result of a posting at Neil's World; I'm not in the habit of deliberately searching for photos of underdressed Yorkshiremen!

This isn't the sort of thing that brought Google to its present dominance of the search engine industry, but it is the sort of thing that might cause its long-term failure.

The most immediate impression I received was that the default look & feel is near-identical to that of IE6 - and that's a good thing. Two approaches might tempt me to adopt new browser:

• A browser that, within the first couple of minutes of investigation seems so wonderful that time invested in learning to use it is obviously worthwhile.
  
• A browser that, from the default installation, operates in precisely the same way as my previous browser, everything in the expected places and (properly coded) pages displayed as in the previous browser; no initial learning curve at all.

Three significant criticisms:

• At least under this week's connectivity conditions (I've been using Firefox for four days), pages load much slower in Firefox than in IE. Maybe this isn't noticable on a broadband connection, but I use dialup at home.
  
• Firefox doesn't integrate with the auto-disconnect feature of WinMe. I'm used to closing IE and being asked if I want to disconnect, but Firefox leaves me online indefinitely. It's only a matter of time before I forget and run up my phone bill unnecessarily.
  
• This site, and others I've designed, use custom-coloured scrollbars. Disappointingly, they don't appear in Firefox. That's quite a major design feature to lose.

Two very minor negative cosmetic points:

• The Firefox tab in WinMe's Start bar doesn't have its own icon, instead using the 'flying Window' from the default 'Start' button. Maybe this will be fixed before the v.1 release.
  
• The 16x16px Firefox icon, as rendered in WinMe's Quick Launch toolbar and Windows Explorer, is unattractive: an orange circle overlaid by a grasping blue claw (I know it's supposed to be the orange firefox curled round a blue globe, but that's not what I see!)

I was really glad to find that this site (the whole Ministry, not just the blog!) looks okay in Firefox, near-identical to in IE, in fact. I'd been apprehensive about looking, in case differently rendered text sizes threw out page layouts, or similar, as I've experience in earlier versions of IE & Netscape. Thankfully I only had to change one line of my page templates, and that was to correct sloppy coding on my part.

I'll have to stick with IE at work for another week, as I'm being upgraded from Win2000 to XP on Thursday (so there's no point installing anything new beforehand), but I will be switching to Firefox afterwards, which proves I'm pleased with the experiment.
To summarise, the initial impression is that the GUI is a virtual clone of IE's, which is what I wanted, but with the reassurance that 'behind the scenes' it's standards compliant.

Whilst acknowledging that this is his personal site and he is perfectly entitled to restrict access as he wishes, and that IE isn't as standards-compliant as it ought to be, I certainly can't applaud the decision to ban users. As Chris B. says in a comment at Neil's World:

After all, whilst Firefox is still only at the pre-release preview stage, a massive 97% of visitors to the Ministry do so using IE v.4 and above; it's hardly reasonable to demand people abandon the market-leader, irrespective of the quality of the alternatives.
Don't get me wrong: Firefox was sounding pretty good until I read of this 'my way or the highway' attitude from a lead developer. I know this is his personal choice, not 'the company line', but it doesn't exactly endear his product to me.

• Imagine what you want - "it may sound obvious, but you have to search Google for the words that will be on the page you want, not for a description of the page or website."
• Use quotation marks.
• Use the + sign.
• Use the - sign. A particularly valuable usage is '-merchant' to eliminate vendors from a search for information alone.
• Try a wild card.
• Use the 'site:' command.
• Use the operators - 'filetype:', 'author:' 'location:', etc. These were new to me!
• The 'Advanced Search' page offers much of the functionality noted above, saving the need to memorise syntax or shortcuts.
• Other enhanced searches are being developed.
• Try a different search engine, too.