Entries for October, 2007

Yo Borst, get on it:

Amazon Makes You Lie to Log Off:

The reader was particularly bothered by what appears to be the only procedure now for logging out of an Amazon account. "Amazon offers a moronic - i.e., counterintuitive -- solution to signing out. You have to find a page on the site that has 'If you're not (your name), click here' and click on it, thereby saying you're not you. This convoluted procedure is too bizarre to be unplanned or mere Webmaster gaffe, so something's going on."
Posted by roy on October 2, 2007 at 11:49 AM in Web Development | Add a comment

I got my new long-sleeve t-shirt yesterday, and I'm enjoying rockin' it today. What does the shirt look like, you ask?

"It's not lupus!"

Hellz yeah. There's a whole page devoted to this House meme. It even embeds an awesome video:

Posted by roy on October 2, 2007 at 02:27 PM in Ramblings | 3 Comments

Check out this awesome video by El Cuarterto de Nos:

I've been really enjoying videos with strong typographic elements lately (starting with the original, of course, Bob Dylan's "Homesick Subterranean Blues")... just something about that style which really draws me in. Then again, this should be no surprise if you look at the pseudo logos I create for my own personal projects.

One thing I noticed while watching that video is that it must be really easy to be a Spanish rapper - I mean, how hard is it to rhyme? You just pick a bunch of verbs and conjugate them into the same tense. Easy!

(It occurs to me I should start wrapping my entries in fake HTML to indicate levels of joking - I don't think people understand that literally 99.99% I write in this journal is tongue-in-cheek and sarcastic - somebody might really think I'm an asshat! And that'd be <SUPER SARCASTIC>nothing</SUPER SARCASTIC> like real life (<serious>I'm actually kind of a dick in real life</serious>)...

I bought their Raro album on iTunes (for some reason, I could purchase each individual track w/o DRM, but not the whole album??), and I think it just has the coolest album cover:

The whole album is pretty nice, too. A nice change of pace from my normal American pop music listenings.

Posted by roy on October 2, 2007 at 10:15 PM in Music | 5 Comments

I love Woot. I got a hilarious private email from them to lift my spirits, regarding a $99 Zune!!!!:

Hello Zune Wooters,

Thank you for supporting the amazing new social ecommerce entertainment web community 2.0...er, well, thanks for picking up the cheap Zune deal at Woot.com the other day. We hope you are enjoying it as much as we enjoy your cash. We have some updates just for you:

First, as many of you may have heard yesterday, your Zune woot just got better - Microsoft will offer automatic software upgrades to improve the functionality and feature set of the Zune(s) you own. Yes, you heard correctly - Microsoft. Early-adopter support. Whoa. You can be assured that Woot staff will stay tuned and report the amazing developments in this area-for now, we're consolidating all previous Zune threads to the latest sale here. Please share any information you have with the rest your fellow new Zune owners there. There's a nice Zune news roundup post here.

Second... shhh... don't tell anyone! We have a limited quantity of official factory-refurbished black Zunes (now aka Zune 30's) to offer effective immediately. Our elite strikeforce of pirate-tongued, ninja-trained negotiation commandos worked their powers of persuasion to obtain every single official factory-refurb Zune 30. No, no blackmail, extortion, or coercion was involved (as far as we know). The point is, you won't see these anywhere else. These units are Microsoft-certified with full accessories, full warranty and even factory fresh retail packaging. And - in an ironic twist you're sure to enjoy - you get the scoop first. In fact, as a previous buyer, we're notifying only you (and your fellow Zune buyers) of a VIP behind-the-scenes event prior to their hopeful full day in the Woot sun: http://www.woot.com/special.aspx?k=vipzune. Slide on in past the velvet rope - these units are available immediately on a first-come, first-served basis at $99.99 each + $5 shipping. Sneak a friend or two in if you want - this is indeed an exciting chance to join the Zune in-crowd, but please, no "Welcome to the Social" jokes. (Unless you're as good at satire as fake steve jobs, that is.) We'll hold this sale open for as long as we can, but as with most Woot items (infocus projectors aside), quantity is limited.

Hey, cheapskates: don't forget your credit! Some of our own "early adopters" may have missed our follow-up Zune event, Open Letter spoof and all. Make no mistake, though, all buyers at $149 have real $10 credits on their accounts, ready to use on any sale over $40. Your discount code is BUMPYROAD. (Before you ask, yes, it will work on the VIP Zune sale, 2 magnums of Polyphemus, 3 yet-to-be-reckoned Woot tees, or anything else you can find that we sell for more than $40.)

On a final note, I've been asked to forewarn our newest members that the shop may be a bit busy on Friday - not to tip you Wooters Off or anything...

Thanks for your support,

Matt Rutledge
Woot CEO

This led me to this post from Gizmodo that basically says that all existing Zune customers get the software capabilities from the upgraded Zune lines. Awesome! I wish I still had a Zune ... but hey, at least Han can enjoy it!

Of course, some more digging led me to the funny Zune comment of the day:

Looks like "Turd Brown" has been replaced by "Diarrhea Green"

Unfortunately, I think my iPod nano's headphones port is starting to blow out, so I'm the market for a new MP3 player ... the iPod Classic looks like the right fit for me.

Posted by roy on October 4, 2007 at 02:01 PM in Ramblings | Add a comment

An internet meme floating around depicts the differences between Chinese culture and German culture. Political-correctness aside (some of images are pretty spot-on for Korean culture), I think the images are very well done and portray the differences quite well; one of those rare examples where the joke goes beyond cultural borders and can be understood due to good usage of common symbols.

Posted by roy on October 8, 2007 at 12:06 AM in Ramblings | 1 Comments

So a comparison of our Gooseberry release and the current dev bits on my machine:

Deki Wiki file sizes

(Total filesize of PHP library files)


$ du -bcs *.php
2037635 total


# du -bcs*.php
1181533 total

Deki Wiki PHP include() count

(Count of total library files)


$ ls -1 | wc -l


# ls -1 | wc -l

Article rendering

(Specific example cause I just made a huge check-in which slimmed this down even further)


$du -bs Article.php
108823  Article.php


# du -bs Article.php
28646   Article.php

Sort of pointless, but it's pretty cool nonetheless, and sets us up nicely to release a real easy to understand and extend lightweight PHP app. The numbers are slightly misleading, because a lot of the hardcore logic has been shifted to other layers, but it still is a testament to what I've been doing :)

Posted by roy on October 8, 2007 at 04:50 PM in MindTouch | Add a comment

Ah, Buffalo. Only you can help me relive my childhood. Being 1-3, I thought to myself tonight: "Hey, the Bills won't toy with my emotions again! Let me go watch some MNF." I even took Cowboys +10.5 to make sure I wouldn't get too emotionally invested with the Bills.

Boyyyy was I wrong. If you missed the game, here is a recap of the final 3:45:

  1. Dallas starts on their own 20, down 24-16
  2. SOMEHOW, Romo shreds the defensive and scores a friggin' TD with 22 seconds left
  3. Given that Dallas is down by 8 points, they need to go for the 2pt conversion
  4. Dallas FAILS the two point conversion.

At this point, I'm ecstatic. The lowly Bills have defeated the America's most hated team, the Cowboys.

NOT. (This would be not-so-subtle foreshadowing)

Dallas RECOVERS the onside kick with 18 seconds left. Their first play to TO (which got down to Buffalo's 25) was reversed by the booth. Somehow, with 13 seconds left, Dallas runs two plays to get to Buffalo's 25.

And makes a 53 yard field goal as time expires to win, 25-24.

I want to shoot myself in the knees.

. . .

If you're not familiar with Bills history, let me give you a short re-cap: Buffalo Bills, from 1991 - 1994, went to the Super Bowl *4* times:

  1. Their first time, they missed a 47 yard field goal with 8 seconds left to lose by 1 point to the NY Giants
  2. Their second time, they got beaten soundly by the Redskins
  3. Third time, a 52-17 blowout at the hands of the Cowboys
  4. Fourth time (which I couldn't bear to watch) was another 30-13 loss to the Cowboys

. . .

I was 8 years old when they lost their first Super Bowl. Let me tell you, that stuff sticks with you for LIFE. It's brutal.

. . .

To make matters worse, a few years later, the Bills fell victim to the "Music City Miracle"

. . .

I know this game is gonna stick with me for a while. Sure, the Bills are 1-3 and have no chance at the playoffs ... but I just want some HOPE, damnit!

Posted by roy on October 8, 2007 at 09:29 PM in Sports | 8 Comments

From the list of Google acquisitions, how many of them could you actually consider successes?

Clearly there are a few cases where things have gone horribly wrong ... where have things gone horribly right?

. . .

Today's rofflecopter:

. . .

Today's fact of the day: avoid using the word "nonce" in your web applications. We were using it for:

"In cryptography, a nonce is a random, arbitrary number that is generated for security purposes and is used one time only."

But in the UK:

British slang word nonce, meaning a sex offender.
Posted by roy on October 10, 2007 at 10:40 AM in Ramblings | 3 Comments

Max Mass: "It's not a full day unless it ends in TJ (Tijuana)."

Posted by roy on October 11, 2007 at 06:52 PM in MindTouch | 3 Comments

I'm so weak sauce. I remember when I lived in North Carolina, I'd often wear shorts into 30 degree weather. But living in San Diego for a better part of a year has turned me ... soft. I was griping to my co-workers about how cold it was last week; when I went to weather.com to check the temperature ... it was 62. Kill me now.

Anyways, I got a coupon from Gap this week (30% off for GapCard members, wowza!) so I figured I could pick up some "San Diego winter" clothes. Unfortunately, my North Carolina winter clothes are too warming to serve any use here.

So I went to Gap and did some more shopping. I bought enough clothes now to allow me to only have to do my laundry once every other week - hooray for laziness!

What was especially cool was my cashier was the one who opened my Gap Card in the first place the last time I went to Gap! Hooray for convergence!

Anyways, my question to the world: At what age should I stop shopping at Gap? I think I'm in the Banana Republic demographic, but man ... when I can pick up a buttload of clothes for like $150, I just can't resist (especially when the quality of clothes from Gap dn Banana don't seem too different).

Posted by roy on October 13, 2007 at 06:42 PM in Ramblings | 3 Comments

Blockbuster dropped me TMNT today, so while folding like 3 loads of laundry (I went on a cleaning binge today) I gave it a watch. It was surprisingly fun, and brought back a lot of fond memories of TMNT dominating my childhood.

As is standard with any movie viewing, I Wikipedia-ed TMNT after watching the movie and was reminded of their studio album! I had completely forgotten about this album until tonight ... I remember listening to this cassette over and over and over again. So, obviously, I decided to search Google to see if I could find more information on the album ... and stumbled across the whole album for download.

Does anybody else remember this album? As soon as I started downloading the album, I start humming random tracks (Walk Straight and Pizza Power mostly) from the album ... amazing how much crap my mind can remember :)

. . .

Apparently Zhang Ziyi did the voice-over for the Karai character:

Not really digging the deep breathy voice ... I hope that was digitally altered, cause that'd really ruin my celebrity crush on her.

. . .

This is probably the best music video I have ever seen, and the song absolutely rocks (I love extravagent, rock operas):

Posted by roy on October 14, 2007 at 01:55 AM in Ramblings, Music | 1 Comments

"I keep the 40-cal on my side / steppin' with the mind state of a mobster / got glocks for sale, RED tops for sale / anything that you need, believe me I'm gone lace you, yeah / just don't, whatever you do, snitch / 'cause you will get hit, pray, i don't lace you, yeah" - obie trice feat. akon "snitch"

. . .

Gamblers Anonymous: 20 Questions

(Bolded questions are ones I answer "yes" with much gusto)

  1. Did you ever lose time from work or school due to gambling? I had this EPIC 24 hour session when I was Carolina - Yush came back from class one day and was like .. "Uh, dude, have you been gambling all day?" I think I gambled close to 20 hours straight that day
  2. Has gambling ever made your home life unhappy?
  3. Did gambling affect your reputation? I guess?
  4. Have you ever felt remorse after gambling? Every time
  5. Did you ever gamble to get money with which to pay debts or otherwise solve financial difficulties? Luckily I've never gambled to the bottom, although I've gotten close plenty of times...
  6. Did gambling cause a decrease in your ambition or efficiency? Um, can you say ... YES?
  7. After losing did you feel you must return as soon as possible and win back your losses? LOL. Are they tailoring these questions for me?
  8. After a win did you have a strong urge to return and win more? How do you think I end up blowing poker and sports bet wins away?
  9. Did you often gamble until your last dollar was gone? And then some
  10. Did you ever borrow to finance your gambling?
  11. Have you ever sold anything to finance gambling?
  12. Were you reluctant to use "gambling money" for normal expenditures? HAH! I had a separate poker fund for a long time - this is actually a good idea and I highly recommend it.
  13. Did gambling make you careless of the welfare of yourself or your family?
  14. Did you ever gamble longer than you had planned? Hmm... 24-hour marathon while at Carolina, yes?
  15. Have you ever gambled to escape worry or trouble? Not really a surprise, but there's a high correlation between my gambling binges and times of great stress
  16. Have you ever committed, or considered committing, an illegal act to finance gambling?
  17. Did gambling cause you to have difficulty in sleeping? I have trouble sleeping anyways
  18. Do arguments, disappointments or frustrations create within you an urge to gamble?
  19. Did you ever have an urge to celebrate any good fortune by a few hours of gambling?
  20. Have you ever considered self destruction or suicide as a result of your gambling? This is a loaded question - I'd say people who have gambling habits are naturally self-destructive

Most compulsive gamblers will answer yes to at least seven of these questions.

I scored 13/20! Do I win something????????

. . .

MindTouch will be presenting some great stuff at Blog World Expo in Vegas, but given my self-imposed exile from anything gambling-related after have a few moments of weakness, I had to turn down the free trip to Vegas!

. . .

I've always been somewhat light-hearted by my gambling habits, cause I've known I've had a problem, and I've been able to convince myself it's a somewhat minor character flaw. But the frequency of my gambling binges have been increasing lately. I need to protect myself (from myself).

The problem with gambling is that one sniff of anything related to wagering sets off the whole she-bang.

I used to be horribly addicted to online poker, but managed to squelch the problem by uninstalling the applications and forcing myself to find a new hobby (I think this coincided with the first [crappy] version of Swarmf).

When I moved to San Diego, I went to Viejas Casino a few times, which snowballed into something a little more. It got really bad over President's Day weekend. I had built up a huge bankroll by playing diligently once a week the previous few weeks (I started with $100 and ended, at the height of the 3 weeks, with around $1200). Then over every day of President's Day weekend, I started playing some mid-limit games (3/6 with kill pots) and got reamed by aggressive players who loved to raise all the time. I hit a few bad streaks in the tourneys I played (got busted in the bubble once, and generally got reamed on some bad beats in the other tourneys). I lost it all. Luckily my bank account was tapped out, so I had to drive back President's Day with my tail tucked between my legs.

I also remember that day because it rained (pretty hard!) in San Diego. That was also the day I got into my car accident. It was at that moment, after all the bad beats had happened, the bad weather, and the bad accident ... that I convinced myself, "If God could tell me in so many ways to stop gambling, this would be it."

. . .

When the football season started, I put in some money. After Week 4, I had it 4x my initial stake. I was pretty happy with myself. After the huge Patriots win over the Bengals on MNF after Week 4 (I took a parlay of the points and the over), I decided to celebrate my victory with some Bodog blackjack. At some point, I had turned the doubled my gains, and then I started doing some really stupid shit. Long story short, I lost my whole football stake, along with some more (in my futile attempt to "win back what I lost" coupled with the "the dealer cannot possibly win again!" is a dangerous combo).

The following week, I put in some more money to try to win a little so I could continue betting on the weekends. Of course, Week 5 was the statistical evening-out I had managed to avoid in Weeks 1- 4; I think the only game that covered outright was Washington (I got in late with the Patriots and took the +17 line, which pushed).

Long story short, after Week 5, I told myself... no more. No more. Nothing even remotely resembling wagering.

. . .

So no Vegas trips. No more sports betting. No more poker. Nothing. Nada. Unfortunately, this sucks, cause I always got friends who are trying to get me out to Vegas ... and the answer to the inevitable question after they hear I have a gambling problem: "Yes, I know you can take my wallet. But are you gonna hold my wallet when we come back and I need to release the gambling urge by going to Viejas? Or signing up for Pokerstars online again? Or by checking the point spreads every weekend?"

Temptation is never limited to the time when I'm exposed to my vice. Once an idea is planted in my mind, it festers inside until I do something (which usually is gambling).

I write this post only to hold myself accountable. Can't fight the problem unless you admit it, right? :)

Posted by roy on October 16, 2007 at 01:30 AM in Personal | 7 Comments

A pet peeve of mine: header text which states the obvious. It doesn't help when scanning text, and it sure doesn't add any value to the article. Is it that hard to write a short phrase to encapsulate the following paragraph?

Posted by roy on October 17, 2007 at 11:16 AM in Ramblings | 1 Comments

"For sale. Baby shoes. Never worn." Hemingway (supposedly) wrote this 6-word short story to settle a bar bet. The Intarwebs tells me that Hemingway prided himself on this story (it's actually very good). To relieve a little stress and reduce the monotony of my life, I'm going to try to write as many (crappy) six word phrases as possible on my new journal. Unfortunately, the current story is a poop joke. Oh well.

Supposedly by looking at this picture of a dancer twirling, you can tell if you're right or left brained.

I can't get the dancer to go counter-clockwise, no matter how hard I try.

Posted by roy on October 17, 2007 at 11:28 PM in Ramblings | 7 Comments
Duke vs. North Carolina has been the one dominant rivalry in college basketball. USC vs. UCLA has all the components of a great rivalry. Tim Floyd knows it is now up to his Trojans to consistently excel to make this the next must-see rivalry. (via)

USC v. UCLA will *never* be like Duke v. North Carolina. You know why?

Because Southern Californians are not true sports fans. Period. Californians define bandwagon fans. It doesn't matter if USC v. UCLA becomes a hot sports rivalry - USC and UCLA lack the passionate (crazy) sports fans that UNC and Duke create.

Look at the Chargers - I remember coming in December and hearing Chargers this, Chargers that. Now? Not so much. Baaannnddwaaggggooonn fans.

Posted by roy on October 18, 2007 at 07:48 PM in Sports, San Diego | 8 Comments

Yay for open APIs! Some users of Tabulas noted that spam comments were increasing in frequency ... so it was obviously time to pick a solution that didn't involve my time, or some convoluted test (i.e. captcha).

At first, I wanted to implement my own Bayesian filter, but then I realized that'd take too much time to set-up. So after hearing a lot about Akismet (run by the guys who do Wordpress, an excellent product), I decided to give it a shot.

What's so great is not only their REST API, but the fact that other people had written the wrappers around the API already! I gave the PHP one a quick install, and then ran it through with some spammy comments. It got them all!

Well, that convinced me to open up my wallet and pay the $50/month for 50,000 requests. After hooking in the code (didn't take more than 20 minutes) I retroactively checked all comments since Septemer, and found close to 2000 spammy comments. Good lord!

Anyways, a fine job to the Akismet guys. What I really loved about the whole process was that within 20 minutes of making a decision, I could test their API (for free). And when I needed more queries, it was super easy to pay.

Of course, compare this to what a company like Yahoo! does when you run out of queries for any given API: you can't get anymore. Period. You can't pay, you can't ask ... all you can do is hijack another computer with another IP and get a new API key and cheat the system for more. You can't even pay for more or anything. How dumb is that? How does Yahoo! expect us to build stuff on top of their APIs if there's going to be a ceiling to what we can do? Sheesh.

So great job, Automattic, on a most excellent service!

Posted by roy on October 18, 2007 at 11:13 PM in Web Development, Tabulas | 16 Comments

When did Flickr become the eBay of the photo world? You can literally type in a phrase for anything and get pictures back. For example... marshmellow aliens. The search isn't perfect, thought: hamburger trees doesn't return quite what I imagined in my mind, although the fourth result is pretty promising!

Feeling both brazen and bold (sorry, couldn't resist the alliteration, even if it's repetitive!), I gave Flickr one last gauntlet: roy kim's girlfriend. The search results were quite satisfying. The threat of SkyNet is averted (for now).

. . .

Something a little more serious: Chasing the Chinese Dream: "For a growing number of the world's emigrants, China -- not the United States -- is the land where opportunities are endless, individual enterprise is rewarded and tolerance is universal."

The times, they are a'changin'.

Posted by roy on October 22, 2007 at 01:17 AM in Ramblings | Add a comment





Posted by roy on October 22, 2007 at 02:13 PM in Ramblings | 5 Comments

This picture was taken 4 blocks east by my co-worker last night:

Pretty scary stuff. Downtown San Diego has largely been unaffected; we've been fortunate enough to only have to deal with the smoke that drifts from the east towards the coastline. Let's hope this situation improves.

I lifted these images from the CBS8 site, which shows the multiple fires burning around San Diego:

Posted by roy on October 23, 2007 at 10:38 AM in San Diego | 2 Comments

As a currency devalues (like the US dollar against nearly every currency), it makes it much more expensive for companies based in other countries to compete - the weak dollar means that when they sell their goods here, they can't get as much money for it.

One graph that has held my interest for the past week is a comparison between the Japanese yen currency stock (FXY) and Toyota Motors (TM):

One expects that as the yen gains on the dollar, Toyota stock to be affected ... but at this rate? A 5% gain for the yen yields a 20% loss to Toyota's market share? Don't forget we've been in one heckuva market lately.

So what's to explain this discrepancy? I took a peek at Honda Motor Company vs. FXY as well:

This graph is much in-line with what I expected. So what's to explain such a huge divergence for TM?

Are they underperforming as a company? (earnings seemed alright) Is this an indication that the Japanese economy is going to be adversely affected by the weak dollar? (Tracking the Euro vs. Daimler-Chrysler didn't give me the same divergence) Is the poster boy of hybrids not expected to perform as well?

What's the deal? I've got an academic itch I can't scratch, and Bert offered no insight (jerk!).

Posted by roy on October 24, 2007 at 07:46 PM in Finances | 3 Comments

An uplifting music video from one of my favorite bands, Sigur Ros:

I vaguely remember watching the Staralfur music video a long time ago, but for the life of me, I can't find it on YouTube. Has anybody else seen it?

Speaking of lost videos that are found, do you remember when I talked about watching a version of Verve Pipe's "The Freshmen" which involved a spinning room? Originally, I couldn't find it anywhere (I could only find the official video). I thought I was going insane, because the version I had seen had gotten so much airplay. Well, I finally found it on YouTube! Apparently this was a live performance on the Jenny McCarty show on MTV:

This version should have been the official music video - it's great.

Posted by roy on October 26, 2007 at 04:46 PM in Music | 2 Comments

"Turns out Facebook employees can (and do) check out anyone's profile. Not only that, but they also see which profiles a user has viewed -- a major privacy violation." - via Valleywag.

IF this is true, these are pretty serious allegations. It's one thing for a DBA to go into SQL and look at the data in there; it's a whole another thing if they've developed features specifically for all employees of Facebook.

Posted by roy on October 27, 2007 at 02:57 PM in Ramblings | 2 Comments

It's very amusing to me that the first night I've ever gone out and hung out with people (not from work) happens in LA, of all places. I met up with a friend of a friend for dinner (I was really craving some Korean food in LA), and it was with a pretty sizable party. I got invited out to play poker with them after dinner ... so I figured, what the hell (not like I got a life to run back to in SD). Anyways, the people were really nice and cool - I should really go out and meet more people.

Posted by roy on October 28, 2007 at 01:14 PM in Ramblings, Poker | 2 Comments

I bought some houseplants today. It's the first time in my life (since I was 7 years old), where I'll be taking care of a living thing. I'm been meaning to do this for a while, but it's only recently with the wildfires (I've been coughing my lungs out) that I decided to finally do something about the air quality of my loft by buying some houseplants. Today, I cut off the dead leaves, watered the plants for the first time ever, and gave all the leaves a nice cleaning.

If they look healthier after next week, I'm going to go down to the nursery (I bought these at Lowes) to pick up a few more houseplants.

If all my plants are still in good shape by December, I'm going to buy an aquarium and some fish.

Unfortunately, my longing for dogs probably won't happen until I move out of the city - the poor things would probably be miserable cooped up all day.

This is all part of my plan to stop being so selfish (in so many different aspects of my life). I've got to learn to take care of other people; I'm hoping my houseplants will at least break me out of the me-first mentality that consumes my schedule.

Posted by roy on October 28, 2007 at 06:50 PM in Personal, Ramblings | 5 Comments

Amusing comment from my last entry by Aaron:

Roebot (guest)
Comment posted on October 29th, 2007 at 10:46 PM
LOL, "Today, I cut off the dead leaves, watered the plants for the first time ever, and gave all the leaves a nice cleaning." Did you do it in the nude while you weeped sweet sweet tears?

Yes, after setting the mood with some scented candles and my Fiona Apple CD!

. . .

So one Tabulas-related feature I've been working on are domain aliases. After switching over to sub-domains, it finally became possible to map domains to their sites. After a little bit of hacking tonight, I created a test Tabulas site: http://kidwest.tabulas.com and mapped kidwest.net to it.

The two hardest problems for this feature is smart URL mapping and cross-domain cookies.

Smart URL mapping means that when you come into your domain, it doesn't map to some other domain. TypePad doesn't do very smart URL mapping - take a look at CuteOverload.com; the home page is an iframe to the account http://mfrost.typepad.com/cute_overload.

One can assume if a Tabulas user pays money to map some domains to their account, they want their URLs to be correct - they want to seem like they "own" the site, not that they want to own a domain which is an iframe to their real site (LAMMMMEEE).

You'll notice when you come in through either the kidwest.net domain or the Tabulas URL (kidwest.tabulas.com), the URLs smartly rewrite themselves. One place that has not been updated has been the friends' list - if kidwest is your Tabulas friend, when that link appears on your friends' list, it should link to kidwest.net, not kidwest.tabulas.com (this will be done, eventually). The goal is that getting a domain name for your Tabulas will make it seem like you don't run Tabulas at all! (No URLs or ANYTHING!).

This poses the second problem: How do we handle cross-domain authentication?

A short background for those of you who are not tech-savvy: cookies are a short snippet of information that your browser stores that identifies you. When you log-in to any site (like Tabulas), your browser stores a little piece of information that says "You are Roy of Tabulas". Unfortunately, a website can only set cookies for its domain - Tabulas could never set a cookie for Yahoo! (or vice-versa).

In the case of Tabulas, what you see depends greatly on your logged-in state. There are many users who rely on friends-only (or friends-locking) of journals; if visiting your domain-ed Tabulas account logged your friends out every time, it'd quickly render your Tabulas pretty useless!

I had been tossing this idea around for a while - there seems to be a few ways to approach this:

  • OpenID - the easy one, but it doesn't handle automagical login component, plus Tabulas doesn't have OpenID support yet
  • Google seems to use iframes to do some magic when logging in - frankly I know nothing of this process, and my short 20 second Google search yielded no results, so I passed. Embedding an invisible iframe onto every Tabulas page didn't seem viable - a lot of users really take liberty to the "You can embed anything into your template" mentality by doing all sorts of crazy overrides - I've long since given up trying to force any type of markup loading with all the crazy templates out there.
  • Use some sort of tricky cookie-detection and crazy 301 redirects to accomplish this task

I decided to take a stab at using 301 redirects and using a pseudo time-bombed hash to try to accomplish this. This is how I hacked it up:

  1. You request kidwest.net and Apache forwards the request to Tabulas
  2. Tabulas checks to see if you've already been authenticated into this domain with a cookie (You'll notice visiting kidwest.net when you're not logged in creates a "tabcheck" cookie with a "true" value)
  3. If this authentication check cookie doesn't exist, then create it, and redirect to the tabulas.com domain - which then sees if you have a valid tabulas.com cookie
  4. If you do, it creates a time-bombed hash and stores your cookie information on the server and redirects you back to a special location on your domain, which retrieves the stored cookie information and issues it to you.

Sort of simple, sort of hacky, but it seems to work in my 10-minute tests. Of course, the caveat is that if any browser isn't accepting cookies, this whole process gets hosed - you'll be stuck in an endless loop on step 1. That's totally not cool, so I'll have to rack my brain a bit more to figure out a way around that.

The problem after you issue the cookie becomes cleaning them up - how can you know when you log-out that all your cookies across all your domains have been cleared?

There are two approaches here:

  1. The server actually stores the state of which cookies have been duplicated across which host names - upon logout, I can keep 303 redirecting between all the domains you visited, cleaning those cookies up.
  2. When you log-in, the cookie hash generated uses a server salt; I created a server salt so that I could invalidate all logins at once by changing a string. I can extend this to create a user-specific salt which gets blown up every-time you logout: in this situation, logging out from the main tabulas.com domain would implicitly hose all your logins from other domains.

Option 1 seems safer, but it's a total mess to code (maintaining constant states is annoying). Option 2 seems much easier, but it'll have to be thoroughly tested to make sure that cookies don't collide with one another.

If anybody else knows a better way to solve this problem, please drop in on the comments. I'm going to continue experimenting with this feature, cause I'd really like to release it on Tabulas soon! :)

Posted by roy on October 30, 2007 at 12:50 AM in Web Development, Tabulas | 1 Comments

While signing up for my GapCard online account, I was presented with this challenge:

What the heck is that thing?

Posted by roy on October 30, 2007 at 07:38 PM in Foolishness | 3 Comments

Who wants to test domain mapping for Tabulas? Leave a comment and help me out! If you want to start the process, you can point the DNS A record for your domain (or subdomain) to; leave a comment with your (sub)-domain you're pointing over, and I'll set it up.

. . .

I decided that not displaying the site when a browser doesn't accept cookies is a pretty shoddy implementation. So I tried out something new today.

Whenever a request to a non-standard hostname comes in (a non-tabulas domain name), and the user is not logged in to that domain, a javascript is embedded from tabulas.com. This script will detect if you're logged into tabulas.com or not; if it detects you are, it will redirect you to tabulas.com, which then does some magic and redirects you back to your domain name asking it to set some cookie credentials. The only drawback is that this requires Javascript, but that seems to be a pretty decent trade-off.

I switched out the logout code path for Tabulas to also reset a user-specific salt (which is used in generating your cookie hash); this means that logging out once will log out all your sessions on all other domains, since the salt will have changed.

All in all, a pretty productive two nights for Tabulas.

If you've like to help test out domain mapping to Tabulas usernames, please drop me a comment. I expect the feature to be slightly buggy, so it'd really help me out to have more eyes look over it.

Posted by roy on October 30, 2007 at 10:20 PM in Tabulas | 27 Comments
« 2007/09 · 2007/11 »