On Message with Ben Gross

New Ways to Read Messaging News: Twitter, Facebook, and RSS

By Ben Gross
in

We regularly look for new ways to make our content more accessible to our readers we now have more options for you to read Messaging News. We want to help you keep track of the latest industry news, events, webinars, whitepapers, commentary, and analysis.

 

As always, you can find everything we publish on the Messaging News website. In addition you can sign up for one of our weekly newsletters, the print or digital edition of Messaging News Magazine, or one of our webinars. You will also find job listings, or resource directory, whitepapers, and industry briefings.

Published March 19, 2010

Privacy, Large Dataset Research, and the Netflix Prize

By Ben Gross
in

Netflix recently announced the cancellation of the second Netflix Prize in a post on its blog. A large number of researchers entered the first contest as it offered an opportunity to work with a large real world dataset combined with the promise of a one million dollar prize and worldwide publicity.

The company’s decision to cancel the contest settled a private lawsuit described by Ryan Singel in his Wired article Netflix Spilled Your Brokeback Mountain Secret, Lawsuit Claims and closed an inquiry from the Federal Trade Commission explained in a Wall Street Journal blog post FTC’s Privacy Worries Prompt Netflix to Cancel Contest byJennifer Valentino-DeVries.

In an earlier column, The State of User Tracking and the Impossibility of Anonymizing Data, I described current research on de-anonymization and re-identification and in particular problems with the Netflix contest. Arvind Narayanan and Vitaly Shmatikov wrote An open letter to Netflix from the authors of the de-anonymization paper. The authors say they hope Netflix will continue to work with researchers in a way that allows for further advances, but that also preserves privacy through techniques such as differential privacy.

Bellkor’s Pragmatic Chaos, the team that claimed the prize wrote about the contest and the implications of their findings in the IEEE Spectrum article The Million Dollar Programming Prize. Dan Gillick further describes the winning solution in Predicting Movie Ratings: The Math That Won The Netflix Prize.

Published March 16, 2010

Markdown Simplifies Writing for the Web

By Ben Gross
in

Why I like Markdown

Several months ago I began format my articles using Markdown, a lightweight syntax designed to emulate the simple markup style commonly used in email messages. For example, if you would like to make text bold, just put asterisks around it. If you would like to make a list, just put a dash in front of each item. Overall, I’m happy with the change, as it has simplified the process for me to publish online. I can write with any text editor or word processor and then Markdown will convert my text to nicely formatted HTML.

Markdown is both a markup language and tool to convert markdown to HTML. The syntax for Markdown is simple and adds very little bulk to my text. Effectively, the only change made when I write was to add a tiny bit of formatting for the Markdown hyperlinks and headings. John Gruber, Markdown’s primary developer, wrote Dive Into Markdown, an essay describing his design goals, soon after he released the software in 2004. It is well written and worth reading.

I now prefer to keep my documents in Markdown rather than HTML as they are smaller, easier to read, and I can convert them to modern standards-based HTML on demand. I prefer this setup to WYSIWG tools or graphical HTML editors since the only real way to be certain how the HTML will appear to your readers is to view it for yourself with the same browser version. With Markdown, if the HTML specification is updated or the conversion tool adds features I like, I just install a new version of Markdown. I don’t need to modify my original text. Markdown is great for producing basic HTML documents like blog entries or simple web pages, but it is not well suited for long, complex, or highly formatted documents. There are several extensions to Markdown that add features to publish more specialized and complex documents.

If you would like to try Markdown for yourself right now, the Markdown Web Dingus or PHP Markdown Dingus will both give you a live preview of any Markdown formatted text you type. Markdown works on Mac OS X, Windows, and Unix/Linux and is widely supported as a plugin for most popular blog and wiki software. The reference version is written in Perl and developers have ported Markdown to Python, C, JavaScript, and other languages.

Gruber also wrote SmartyPants, which transforms plain text to include nice typographic elements such as curly quotes, en-dashes, em-dashes, and ellipses. Many implementations of Markdown include support for SmartyPants by default. Markdown has a liberal BSD-style license that makes it easy for developers to embed it in other packages. There are several Markdown test suites including one that ships with the reference version that can be used to test compatibility between versions. Wikipedia has a good technical comparison between lightweight markup languages if you would like to see how Markdown differs from similar projects.

Markdown Implementations and Utilities

These days, I write almost everything using the TextMate editor on Mac OS X, which includes support for SmartyPants, Markdown, and PHP Markdown extra. I use the QuickLook Markdown plugin when I want to quickly see a formatted version of a Markdown file from the Finder.

Markdownify converts from HTML to Markdown. The script is available as a web-based conversion tool or you can run the script on your own machine. It supports PHP Markdown Extra as well.

PHP Markdown Extra by Michel Fortin is an implementation of Markdown in PHP that lets you easily create definition lists, footnotes, tables, and intermix HTML with Markdown. The developer has also created a PHP version of SmartyPants unsurprisingly called PHP SmartyPants.

MultiMarkdown by Fletcher Penney’s is an implementation of Markdown that offers more conversion options and adds a number of extensions to the syntax such as footnotes, tables, bibliographic citations, image attributes, internal cross-references, glossary entries, and definition lists. MultiMarkdown first converts the plain text to XHTML and then uses XSLT transforms convert the XHTML into HTML, LaTeX, PDF, or RTF. It includes many features similar to PHP Markdown Extra. Penny’s MultiMarkdown Bundle for TextMate adds support for the MultiMarkdown variant.

Discount by David Parsons is version of Markdown, PHP Markdown extra, and SmartyPants all written in C that focuses on speed.

Pandoc by John MacFarlane can convert from Markdown, HTML, reStructuredText, and LaTeX to “reStructuredText, HTML, LaTeX, ConTeXt, PDF, RTF, DocBook XML, OpenDocument XML, ODT, GNU Texinfo, MediaWiki markup, groff man pages, and S5 HTML slide shows.” Pandoc includes Markdown extensions for definition lists, embedded LaTeX equations, footnotes, and tables. Pandoc is written in Haskell and currently Haskell and requires a bit of tweaking to make it work on Mac OS X 10.6/Snow Leopard.

Babelmark, the Markdown Testbed, allows you to compare the output of different Markdown implementations.

Published January 11, 2010

Printing Mailing Labels and Envelopes from Address Books and Spreadsheets

By Ben Gross
in

I recently spent some time researching how to print mailing labels and envelopes for a family member. I found that depending on your configuration the process could be simple or frustratingly complex. It is the time of year where many people are still agonizing whether or not they should send tardy holiday cards or last minute New Year’s cards. If this description fits you or you want to print labels or envelopes for another reason, read on, and hopefully I will be able to give you some tips or software recommendations to make the process go faster and more smoothly.

I primarily investigated printing labels and envelopes from the Mac OS X Address Book, but along the way I found a number of other solutions for the Mac, Windows, as well as options to generate label sheets on the Web.

Generating label sheets from the web, no software needed

The Avery Design and Print Online service is a free tool (registration required) that allows anyone to create label sheets online and download them as PDF suitable for printing. In order to use the online tool, you will need to export your address book as a CSV. How to do this can vary greatly depending on which system you use. For example, Apple Address Book cannot export directly to CSV, only to vCard and the Address Book Archive backup file. Microsoft Outlook can export addresses into a CSV file.

FileMaker Bento 3 ($50) can open the Apple Address Book directly and export it to a number of formats including CSV. Address Book to CSV Exporter can export the entire Apple Address Book or groups to CSV. It’s free and open source. There are a number of additional packages that offer additional flexibility for exporting from Apple Address Book. I’ll address those in a future article.

Mac OS X and Apple Address Book

My original goal was to figure out how to generate labels from data that was both stored in Apple Address Book and in spreadsheets. The Mac OS X Address book has built in functionality to print Avery Standard, Avery A4, and DYMO type mailing labels. Apple has two primary documents that discuss printing labels and envelopes. The documents are clear and useful, but surprisingly hard to locate either in the local Help Viewer or on Apple’s support site. Both documents have been recently updated for Snow Leopard and may be more up to date than versions in the local Help Viewer. The first document, AddressBook 5.0 Help: Printing, is a brief and useful introduction. The second document, Address Book: Printing mailing labels or envelopes with multiple names, covers a topic that people clearly find confusing given the number of posts to various support forums.

Tech Talk Point has a longer introduction with screenshots to better explain the process with their page on Printing Labels, Mailing List & Envelopes in Mac OSX with Address Book

PostCheck ($10) is a great little plugin for the Mac OS X Address Book by Brian Toth that will look up and add missing zip codes (and optionally zip+4 codes) to address book entries. PostCheck will can also bulk validate addresses and reformat address to conform to preferred USPS guidelines.

If the Apple Address Book does not print labels as you wish, you still have a number of options, some of which offer additional flexibility over the built in features.

  • Microsoft for Mac Office will print labels and envelopes using a mail merge in Microsoft Word with an address list stored in Microsoft Excel.

  • The Print Shop for Mac , $70, from Software MacKiev can print envelopes and Avery, CD Stomper, Memorex and NEATO labels using address taken directly from Apple Address Book. The application makes it simple to add graphics to labels.

  • pearLabelizer from pearworks is a free application that can take contacts or groups of contacts directly from the Mac OS X Address Book. It has an option to print individual labels from plain text using the Services Menu.

  • EasyEnvelopes from Ambrosia is a free Dashboard widget for printing envelopes. The EasyEnvelopes is attractive and straightforward to use. It integrates with the Apple Address book and includes support for USPS bar codes.

  • Apple Pages can print mailing labels using free label templates from Avery. This MacFixIt article, How-To: Using label templates in Pages, provides a step by step guide. My recommendation is to try the free Avery Design and Print Online service first, although you will need to export your contacts as CSV.

  • The iWorkCommunity Templates Exchange section on labels includes a variety of additional label types. The templates are free.

  • Avery DesignPro for Mac is a free application for designing labels, business cards, greeting cards, and many other types of print work. The application is a large download and can be somewhat unstable. Like the online version, you will need to export your address book as a CSV file. I would recommend trying the online version first.

Microsoft Windows

Microsoft Windows users will likely find that using a combination of Microsoft Word and Excel or Outlook is the easiest path to printing mailing labels. The following support documents on the Microsoft Support site clearly describe how to create mailing labels and envelopes using the mail merge functionality of Microsoft Word with data stored in Microsoft Outlook or Microsoft Excel. The examples provided are for Office 2007, although similar documents are available for older versions of Microsoft Office.

Published December 28, 2009

Why Does My Text Look Funny? Character Set Encoding Detection and Conversion

By Ben Gross
in

Character set encoding

Character encoding is the low-level representation of the letters, numbers, and symbols we see in our daily interactions with computers. Common encodings for documents in English are ISO-8859-1 (a superset of ASCII), UTF-8 (an 8 bit Unicode character encoding), and Windows-1252. There are a great number of character set encodings in use and a long and complicated history of how they came to be. This complexity often leads to problems. Typically, these problems are caused when the document is encoded with one encoding, but is interpreted as another.

If you don’t ever have to deal with character encoding issues, then consider yourself fortunate, as it can be a royal pain to decipher and correct large numbers of character encoding issues.

Why you might care

It is likely that you see character set encoding problems all the time. If you have ever opened an email, a web page, or document and some of the letters looked wrong then there this is a good chance this is due to a character set encoding mismatch. You are mostly likely to notice problems with curly quotes, bullets, and accented characters. If you are interested in learning more, there are some excellent sources at the end of this article.

Just to illustrate the extent of the problem—A composite approach to language/encoding detection](http://www.mozilla.org/projects/intl/UniversalCharsetDetection.html) is the original research paper by the Netscape employees who wrote the character detection algorithm that is still used in Firefox. The page is encoded as ISO-8859-1, but the meta tags in the page are set to UTF-8. In most browsers, you should see the resulting funny looking characters due to the character encoding mismatch. Email can have character set encoding problems as well. RFC 2047 defines MIME extensions for non-ASCII text and HTML email has the same problems as web pages.

The best tools I have found are primarily open source command line-based utilities. Specialized GUIs are hard to come by although as I will describe a browser and some text editors will work for many basic tasks. I only tested the command line tools under Mac OS X, Linux, and FreeBSD Unix variants, although most can be compiled under Windows with Cygwin or similar systems. Some of the tools are available as pre-compiled Windows binaries.

Detecting character set encodings

The absolute quickest way to check to see if you have a character encoding problem is to open the web page or file in Firefox and go to the Character Encodings option under the view menu. You can experiment by changing to a different character encoding and see if your document displays correctly.

If you are unsure of which character set your document is encoded in then that is a good place to start. I would first try the file command. It is a standard utility in every modern Unix system I have used. The program attempts to determine many characteristics about the file including types of line ending and the text encoding of the file.

If you need more sophisticated tests for character encoding than the file command offers, then chardet, the Universal Encoding Detector, is your most sophisticated option. The software is a Python port of the code from Mozilla/Firefox code base that includes multiple character encoding auto-detection mechanisms. The most recent version now has a limited command line interface. Previously, it was only accessible to developers willing to wrap their own code around the library. rchardet is a Ruby variant.

Converting between character set encodings

It is possible to use a text editor many character encoding conversions, if you know or can guess the original encoding. Simply open your text file in your favorite editor such as the built in TextEdit or TextMate on(Mac OS X, TextPad or the E - TextEditor on Windows, Yudit on Unix systems with X-Windows, and GNU Emacs on most systems. Then simply select a different encoding in the editor and re-save the file.

Uni2ascii can perform both ends of the conversion between UTF-8 and a large number of encodings and formats including many ASCII variants, quoted printable, HTML, XML, and escapes for POSIX and many programming languages. I like many options to decompose UTF-8 into other encodings. The -B flag creates best effort ASCII by decomposing UTF-8 characters into a reasonable plain ASCII alternative. For example, the copyright symbol becomes (C). In my experiments, there were minor problems where the following characters were not converted middle dot (0x00B7/U+00B7), next line (0x0085/U+0085), and line separator (0x2028/U+2028). Aside from these the program did a tremendous job.

iconv/libiconv is the standard for character set conversion. The application needs to be used as a filter so it can be less convenient if you would prefer to operate on files directly.

I have used GNU Recode for a number of projects. Recode relies on libiconv and can process files directly. The release version of Recode has not been updated in many years, however it is under active development and a recent beta of Recode can be found on the author’s site.

convmv converts the character encoding of filenames (not the contents of the files) and can work on entire directories of files.

The Commetdocs service (formerly known as the iconv.com) allows you convert between many character sets and files types. The service is currently free.

I have not tried either extensively, but Enca the “Extremely Naive Charset Analyzer” and UTRAC the “Universal Text Recognizer and Converter” both provide extensive support for conversion between non-Western character encodings.

Examples

Example — Convert files to UTF-8:

iconv -f original_charset -t utf-8 oldfile.txt > newfile.txt

recode UTF-8 file.txt

Example — Convert UTF-8 into readable 7-bit ASCII. The -B option is equivalent to the flag combination -cdefx.

uni2ascii -B file.txt

find . -type f -exec recode utf8..ascii {} \;

Example: use convmv to convert the filenames of a directory of files from IS0-8895-1 to UTF-8. The —notest flag is a dry run feature that can be very useful for testing.

convmv -f iso-8859-1 -t utf8 --notest  directory/

The Future

In general, I recommend that people use the UTF-8 for all new documents. UTF-8 is capable of representing the vast majority of alphabets and is a mature internationally accepted standard. More than a year ago, Google found that the majority of the pages on the web used UTF-8 character encoding.

References

If you want to learn more about character encoding, the following sources are good places to start

Published December 22, 2009

Three Pew Research Reports Analyzing Messaging Use

By Ben Gross
in

Three recent reports Pew Research Center’s Internet & American Life Project analyze current topics related to messaging. Pew reports are noteworthy for the size of their samples and the rigor they apply to both the data collection process and the analysis. Their surveys are conducted using random digit dialing and include both landline and cellular numbers in the United States.

The report Teens and Distracted Driving analyses the prevalence of text messaging and cell phone use by teenage drivers and teen passengers. Three quarters of American teenagers own a cell phone. Approximately one third of these have texted while driving, half have been a passenger while the driver was texting, and forty percent say they have been in the car while the driver was distracted enough by talking on the cell phone to put them in danger. The population for this report included 800 teens between the ages of 12 and 17 years old along with a parent or guardian.

Pew’s report on Social Isolation and New Technology takes a fresh look on early research computer mediated communication and social isolation. Contrary to previously well-publicized studies, Pew researchers found that American’s are not nearly as isolated as previously reported. They also find that online participation and social media often improve people’s civic participation and that cell phone users have larger core social networks. The population for this report included a representative national sample of more than 2500 adults.

The Twitter and Status Updating, Fall 2009 report found that 19% percent of US adults use Twitter or another service that allows status updates. This is a rapid increase from late 2008 and early 2009 surveys that found 11% use. Mobile phones owners are more likely to use status update services and social networks that those without. Individuals with multiple Internet connected devices use Twitter at a much greater rate. Only 10% of users with a single device use Twitter, while 40% with four or more devices do. The population for this report more than 2200 adults.

Published December 1, 2009

A Practical Attack and Fixes for Current SSL/TLS Vulnerabilities

By Ben Gross
in

New security flaws have put TLS, the Transport Layer Security protocol in the spotlight once again. Early in November, Marsh Ray and Steve Dispensa from PhoneFactor, Inc. published a security report detailing three new potential TLS vulnerabilities. Ray and Dispensa describe man-in-the-middle (MITM) type attacks that target the renegotiation feature of TLS that allows in-connection changes to keys and parameters. The TLS protocol specification supersedes the Secure Socket Layer (SSL) specification, although SSL is commonly used interchangeably with TLS.

The full report from PhoneFactor describing potential attacks on the renegotiation functionality in TLS is available on the PhoneFactor web site. The authors discovered the vulnerabilities in August, 2009. The Register, reports that Ray and Dispensa met with major vendors and distributors of SSL libraries in September, 2009. Developers immediately began working on fixes. PhoneFactor maintains a page on the current status of patches for major vendor’s SSL/TLS implementations.

Eric Rescorla and coauthors published a proposed change in the protocol to fix the vulnerability in an IETF draft specification titled Transport Layer Security (TLS) Renegotiation Indication Extension. Rescorla is well known in the security community for his work on secure protocols and is one of the authors of the current SSL specification. His guide to Understanding the TLS Renegotiation Attack is clearly written and informative.

Shortly after the disclosure, Anil Kurmus, showed that the vulnerabilities were not just theoretical. He illustrates a practical attack against Twitter API using the TLS renegotiation vulnerability. Twitter quickly made changes to prevent the attack from working again, but a practical attack means that vendors and and large web services are under significant pressure to implement fixes in a timely fashion. Netcraft reports that 24 of the 100 top HTTPS sites now safe from TLS renegotiation attacks.

Published November 28, 2009

TrackMyShipments Offers Simple Email-Based Package Tracking

By Ben Gross
in

The web-based interfaces offered by the various shipping services allow you to schedule shipments, offer integrated billing ,stored address books, online package tracking. A number of third party services offer simplified interfaces and allow you to track shipments from multiple carriers at once. Still, managing the process inputing multiple tracking numbers into multiple services can be cumbersome. I prefer the email-based input method used by the TrackMyShipments service.

Say you ordered a new hard disk online to get an early start on your New Years resolution to make regular backups and you want to see if it will be delivered today or tomorrow. The most common way to find out the status of your package is to search through your email to find the confirmation email from the store that contains the tracking number for your drive. If you are lucky the store has formatted the message so you can simply click on a link and it will take you directly to the page on the shippers site that has information about the state of your package. Unfortunately, I find many stores do not give their customers such an easy path and so must copy the number from the email and paste it into the web form for your package carrier. You might even already have an account on the package carriers web site that lets you save the number for future reference or set up email or SMS alerts to let you know when there is progress or problems. For most people, this somewhat cumbersome process is the norm.

TrackMyShipments is an email-based online package tracking service. I have been using the service for about a year and a half and have found it be the most streamlined method to track packages. The email-based component of the service is the interesting part. Once you have gone through a very quick signup process, you can begin to forward any email messages from vendors that contain tracking numbers to track [at] trackmyshipments [dot] com. The service will then let you know when the shipping status changes. Similar to the TripIt, TrackMyShipments takes advantage of the fact that you already have the tracking numbers sent to you in email, which is similar to the TripIt travel planning service I reviewed previously.

There are a small number of options to configure the level of detail about the status of the shipment. If you choose, the service will notify you about every hop the package takes along the route, but in my experience this is far too much information. I configure the service to notify me on the day of delivery and exception information. This means I get notified that the package is out for delivery and when it is delivered or if there are any problems with the delivery. All of the package carriers have pretty significant lag in their delivery status information and TrackMyShipments can not give you any more information than the carriers have, it’s just more convenient.

The basic TrackMyShipments service is free for tracking up to 9 shipments at a time. You will receive email updates about that status of your package or you can log on to the TrackMyShipments web site to see the status and location of all of your shipments at once. TrackMyShipments Pro costs $20 a year and gives you the ability to track unlimited packages and receive notifications about the shipping status via SMS. I suspect most people will find the basic more than adequate, although those with greater package tracking needs will find the pro service a bargain.

TrackMyShipments created an iPhone and iPod Touch application that gives mobile users the ability to see the current status of all packages tracked and the ability to remove any packages from tracking. Previously the service offered a free lite version of the iPhone application and a full version for $2. Currently, the full iPhone version of TrackMyShipments is available for free on the iTunes store. The iPhone application works with both basic and pro accounts.

Overall, I have found TrackMyShipments to be the most convenient way to track packages online. The service is simple to use and in my experience it just works. You simply send the TrackMyShipments your emails containing the tracking numbers and the service will email or SMS you when package status changes. While neither the TrackMyShipments web site nor the iPhone application will win any design or usability awards, there is little reason to use either unless you want an overview of all shipments at once. TrackMyShipments currently supports tracking DHL, FedEx, UPS, and US Postal Service packages.

Published November 20, 2009

New and Noteworthy in Passwords and Authentication for 11/09/09

By Ben Gross
in

The Electric Alchemy security consulting firm has an interesting post about Cracking Passwords in the Cloud: Breaking PGP on EC2 with EDPR describing their experiences running Elcomsoft’s Distributed Password Recovery tool across 100 Amazon Elastic Computing Cloud (EC2) instances. The goal was to crack the passwords of several files in the old PGP ZIP format. The results clearly show that the cost of recovering relatively simple passwords that are all lower case and less than 10 letters, has become affordable. Longer and more complex passwords with mixed case and symbols are still prohibitive to recover. The graphs make it easy to see that small amounts of additional complexity dramatically increase the difficulty of recovering the password. Electric Alchemy posted a follow up as Cracking Passwords in the Cloud Q&A.

In his post, Twitter, OAuth and Passwords – Oh My!, Terence Eden describes a potential risk with OAuth if a user changes their password on a service such as Twitter, but still has active OAuth tokens that are not invalidated. He proposes a scenario where a user believes he has lost control of his password and changes it, but does not realize that an attacker has also authorized other services to access the Twitter account and still has access. The OAuth developers point out that this is not a design flaw as typically users would not want to invalidate all of their OAuth tokens, but that they should check to make sure if they have personally authorized all the services linked to that OAuth site. The resulting discussion in comments and related posts is interesting. I do believe that when a user changes a password on a site, the service should all of their active OAuth tokens for inspection along with an interface to invalidate them at the same time in case the attacker created new OAuth-based authorizations. Eden’s points out a more complex problem where the attacker might have authorized an OAuth token for a service that the user has already previously authorized.

The article 30 years of failure: the username/password combination by John Timmer in Ars Technica describes a recent study published in the 2009 Proceedings of the Human Factors and Ergonomics Society Hoonakker et. al. The study included two rounds of focus groups and a survey given to the employees of a large organization that asked about password habits. They received 836 responses that illustrated a litany of problems users have associated with remembering and managing passwords. The results are not surprising, but detailed breakdown in the analysis is valuable for determining the scope of the problem. The authors indicate the tradeoffs between security and usability are significant and that we need to find ways to make it easier for users to maintain good security practices. The paper includes a nice overview of previous research and current options for improving the situation.

Published November 9, 2009

New and Noteworthy in Messaging for 10/19/09

By Ben Gross
in

In hist post Email Newsletters Are Serious Business, Jason Baptiste describes the focus, estimated number of subscribers, and profits for DailyCandy, Thrillist, Help a Reporter Out, Jason Calacanis’ List, and Ideal Bite newsletters. Baptiste reports that DailyCandy and Ideal Bite sold for $125 million and $20 million respectively. Some of the reasons he attributes to the success of email newsletters are that they are “opt-in and permission based, usually a targeted demographic or crowd, and that they provide utility or gratification to the reader.” The article is worth a look although I wish he provided more direct links for the financial numbers.

Denis Papathanasiou writes about his experiences of being Blacklisted as Malware: a Downside of using Amazon EC2. He says that when his startup launched their web service on EC2 they immediately found themselves listed on three web filtering lists. He was able to make an appeal to each of the blacklists and have his site removed after inspection, but wondered how me might find out about new blacklists in the future. Originally, Papathanasiou attributed the problem as specific to EC2, however commenters on his post quickly pointed that it was unlikely there was anything specific to Amazon’s services. For example, his IP address may have been recently used by someone else for purposes that may have attracted attention of the blacklists. In addition his domain name may well have had negative reputation from its previous owner.

Credit Karma created a graphic linking Credit Scores and Email Domains, which is intriguing, but ultimately a gimmick and not particularly useful as their 20k address sample is likely skewed enough to render the results meaningless. The comments are more entertaining than the original article. Quite a few comments lambast Credit Karma for both their data analysis and their visualization choices that create obvious distortions in the data. For example, the article does not take into consideration that many users may well have used a secondary email address to sign up with the service as they may have been worried about spam.

Published October 19, 2009