A mi en particular me parece un tema tan obvio que hasta me resulta estúpido discutir sobre él. Más discutible en todo casi sería el concepto del matrimonio en sí, que el del matrimonio gay. Pero bueno, se ve que hay gente que no lo ve asi.

Si alguien está en duda, creo que este excelente video de 8 minutos (en inglés) del profesor Lawrence Lessig (el mismo creador de las licencias Creative Commons, bajo las cuales se rige el contenido de este blog) trata el tema de forma muy inteligente y objetiva.

Nada más, solo resta esperar que la humanidad siga su curso y evolucione…

La típica expresión en estos casos es: “Whooops!”

Y es que hay que tener cuidado con lo que se escrapea. El problema con Google News es su propia escalabilidad, ya que en definitiva no es más que el buscador de Google ligeramente modificado estéticamente y funcionalmente (en cuanto al algoritmo de crawling y scraping) y restringido a ciertos sitios. Algo muy similar a lo que es el Google Blog Search para los blogs. La gran diferencia es que, tanto para el buscador principal como para el Blog Search, este tipo de “bloopers” pasan desapercibidos. Quién no ha visto alguna página totalmente irrelevante colarse en los resultados de búsqueda de Google?. Pasa todo el tiempo, y nadie pierde mil millones por eso :).

Pero con Google News es diferente, porque la calidad importa mucho más, y ésta se ha venido sacrificando a costa de la escalabilidad.

Por eso Froogle (ahora Google Product Search) nunca progresó mucho como servicio, ya que los sitios de “Shopping Aggregation” tienen los mismos requisitos de calidad, y Google se enfoca en escalabilidad, que es lo mejor sabe hacer.

Pero bueno, Google es asi. Tiene muchos proyectos, algunos germinan, otros se secan, y otros quedan es un estado latente intermedio, como es el caso de Google News o Google Product Search actualmente.

We believe it is, and I’ll explain the reasons here by detailing the exact process used to store the notes in the database. I did try to explain it before in this post but unfortunately the explanation was obfuscated at best, and incorrect at worst.

So here’s what happens when you create a note in Privnote:

1. You write the note and click the POST button
2. The server generates a random note id, let’s call it the NoteID. This is the 16 chars ID you see in the note link
3. The server hashes the note ID and gets a HashedNoteID = Hash(NoteID). We’re currently using SHA-1 as the hashing algorithm, but the particular algorithm is not very important here
4. The server encrypts the note contents (and also the email and reference, if there is any) using the NoteID, and stores the encrypted version in the database using the HashedNoteID as the database primary key

If someone with access to the database would like to read the note she would be unable because she doesn’t have the key to decrypt it (NoteID), only the database primary key (HashedNoteID). The HashedNoteID cannot be used to “go back” to the NoteID because hashes are “one-way”. So the only person who can actually decrypt (and thus see) the note is the one who has the original NoteID or, in other words, the one who has the link to the note.

For completeness, this is what happens when you view a note in Privnote:

1. The server extracts the NoteID from the URL
2. The server hashes the NoteID and gets the HashedNoteID. This is the same HashedNoteID used when generating the note, since the NoteID used to make the hash is the same in both cases
3. The server retrieves the note from the database using HashedNoteID as the database primary key and decrypts its contents using NoteID as the encryption key
4. The server shows the page with the decrypted note
5. The server permanently deletes the note from the database, keeping only a record of the HashedNoteID, the time when it was read, and the IP address where it was read from, to show it when someone tries to see the note again

I apologize for not being clear in my original explanation, and hope to have explained myself better this time. Thanks to everyone who corrected me and provided a better explanation, both here and in other blogs.

Finally, I must say that we have received a lot of great feedback these days, and that motivates us to keep improving Privnote as well as making it available in more languages.

• it’s already written in the “official” App Engine platform (Python+Django)
• it’s entirely based on a request/response mechanism
• we would forget about scalability problems forever

So we give it a try and implemented a prototype, just to see how it goes, but, in the end, GAE didn’t work because:

• it doesn’t have support for SSL, which is mandatory for Privnote
• it doesn’t support third-party Python C extensions (which we use in Privnote) unless they’re pure-python modules

As for scaling Privnote, we”ll have to try other alternatives, but it was a good experience to gain some knowledge about Google App Engine and cloud computing, which are very hot topic these days.

So I’m happy that I finally made a choice. From now on, I’ll write everything here. I can always aggregate the articles in the Insophia blog, if I see the need. My original idea with the Insophia blog was to be written by all Insophia people but, after a year, there are only 3 articles and all of them written by myself. Why did this happened?. Not much bloggers at Insophia, I guess. In any case, the “new” Insophia blog will be more like a “News” section (with quick short posts) and all articles (well, at least mine) will be published here.

In the future, if some people at Insophia become interested in blogging (blogging should be encouraged, but never -ever- enforced) we could aggregate all their blogs into the Insophia blog.

All you have to do is enter the site, write the note and click Post. Then you get a link that you can send to the only person you want to read it.

What makes it so secure then?.

Two things mostly:

• SSL encryption makes sure the note contents never leaves your browser (neither arrives at the recipient browser) in plain text
• When the note is read (by clicking the link) it automatically self-destructs so no one else who clicks the link could read it. If the note was not read by the intended recipient, at least he/she will known that someone else did it and that the content was compromised

What about the site administrators, you may ask, those ones who always seem to have “full power” over your data. Well, with Privnote, those cannot read your note either. The explanation is a bit more technical, but here it goes: When the note is received by the server, a note ID is created (the same ID you see in the link to read the note). The note contents is then encrypted and saved in the database but (and here’s the magic) the salt to encrypt the note is not the note ID but a hash of the note ID. Hashes “one way” so you cannot go back to the note ID from the hash. So the note gets stored in the DB encrypted with a token that only the person which has the note link can read it. Oh, and we also have web server access logs disabled which makes impossible for any administrator to decrypt the note contents. So, as you can see, the only person who has the key to decrypt it is the one who has the link to the note.

As an additional feature, you can get notified when your note gets read, something that (even today) is not possible with any email or instant messaging software.

Also, I want to mention that the application is available in English and Spanish. By default, it works in the language of your browser, but you can change it using the language selector in the top right corner.

I would like to hear your thoughts about it, feel free to post any comment, criticisms and suggestions.

favicon de pablohoffman.com (desde 2004)

nuevo favicon google.com

Voy a contar los pixeles iguales y si superan el 50% los demando!

You have to run the following commands with the guest PC turned off:

VBoxManage setextradata "Guest PC" "VBoxInternal/Devices/pcnet/0/LUN#0/Config/ssh/Protocol" TCP
VBoxManage setextradata "Guest PC" "VBoxInternal/Devices/pcnet/0/LUN#0/Config/ssh/GuestPort" 22
VBoxManage setextradata "Guest PC" "VBoxInternal/Devices/pcnet/0/LUN#0/Config/ssh/HostPort" 2222

Where “Guest PC” is the virtual machine name, the same name you see in the machines list (in the VirtualBox main window). Those commands add a local forward from TCP port 2222 (on the host) to TCP port 22 on the guest.

So now you can access the guest PC via ssh by running “ssh localhost -p 2222″

If you want to make it even simpler you can provide a quick shortcut by adding these lines to your ~/.ssh/config:

Host guestpc
    Hostname localhost
    Port 2222

After that, you can connect by just typing “ssh guestpc”

A couple of things that come to my mind now:

• If you’re running a hosting company, you should re-consider your business, specially if it’s a python/django one
• This is a huge booster for Django and, at the same time, a big blow for Rails
• Guido joining Google was a good idea

Let’s see how it goes, but I foresee a promising future for this one.

First of all, “fidsk -l” won’t show all your FreeBSD disklabels, you’ll have to do “cat /proc/partitions” to find the partition you wan’t to mount. If the Kernel has support for disklabels (it comes by default on modern Kernels) you will see all your BSD disklabels.

Example:

# cat /proc/partitions
major minor  #blocks  name

   8     0  195360984 sda
   8     1     104391 sda1
   8     2    1044225 sda2
   8     3  194209785 sda3
   8    16   78184008 sdb
   8    17   78180291 sdb1
   8    32  117220824 sdc
   8    33  117218241 sdc1
   8    37    1048576 sdc5
   8    38    2097152 sdc6
   8    39    3145728 sdc7
   8    40    1048576 sdc8
   8    41  109878209 sdc9

Suppose I want to mount /dev/sdc9 (it was /usr in my old FreeBSD) on /mnt. This is the command to do it:

mount -r -t ufs -o ufstype=ufs2 /dev/sdc9 /mnt

Support for UFS2 is read-only.