RSS Addiction and Recovery
kid drooling over information
A while ago I was more than a little addicated to checking my news feeds... regularly. I had 191 indispensable feeds.
Were they all really that good? No, definitely not... but how to decide which ones to keep, and which to toss? I didn't want to miss out on any good information, so I formulated a plan.
For 60 days, I only read the web through my feed reader (NetNewsWire on the Mac and Reeder on the iPhone, both of which sync with my Google Reader's list of feeds).
Why did I use a feed reader?
- It lets me star or flag articles I find particularly insightful or relevant
- It automatically copies those articles to a special folder, so I can see JUST the articles I've found insightful & relevant
At the end of 2 months, I discovered that I had flagged 352 articles as insightful or relevent (6 per day). Armed with this data, I could begin to bring an end to the insanity.
I went into the Flagged items folder, and sorted by feed name. That let me count how many "insightful or relevant" articles I had found in each feed (I will post my actual numbers below).
Thinking about this data let me make some smart decisions:
- I don't need to follow 7 different Apple blogs. I found that I had flagged more articles on 9to5Mac.com than on any other Apple-related group blog. I can now safely unfollow the rest and not worry about missing anything important. The same goes for gadget sites, where Engadget beat Gizmodo..
- I should NOT put aggregator sites or group blogs in my feed reader! The unread count is ever increasing, and there is no way a mere mortal can keep up. The increasingly high "unread" count causes stress. I'm talking about: reddit.com, hacker news, gizmodo, wired news, boingboing, the new york times, and other mass-content-producing sites/networks.
- I do not have to abandon aggregator sites & group blogs, I just need to NOT track how much of their content I have not read. The easiest way to do this is to put them all in a bookmark folder and simply right-click and "open all" when I want to browse random (previously deemed worthy) information.
- I should make a policy of only subscribing to sites run by a single person. They usually have a much higher ratio of awesome posts to crappy posts. That person is either a good writer, or they're not. With group blogs & aggregators this is definitely not the case. Also, because individuals publish less, it's less to keep up with.
The next logical (but tedious) step would be to see how many articles were published by each feed during those 2 months, so that I could then figure out the signal to noise ratio and then trim down my feeds based on that data.
For example, if Hacker News (an aggregator) published 2000 articles in the last 60 days, and I found 20 of them insightful or relevant, the signal to noise ratio would be very low at 1%. By comparison, ASmartBear (blog run by 1 person) might only have published 10 articles, of which I found 3 insightful or relevant. The signal to noise ratio there would be 30%. Definitely high value.
Here's my raw data, by the way.
I put *** beside aggregators & group blogs. Their numbers are lower than they would be, because at some point I became overwhelmed by them, and stopped reading & flagging their articles. I will be unsubscribing from them later today, and putting them in a bookmark folder, as I mentioned. I would have linked them all for you, but there were just too many!
- 38 - *** news.ycombinator.com
- 22 - *** search engine land
- 16 - *** AllFacebook
- 15 - *** phpdeveloper.org
- 10 - *** planet php
- 10 - *** reddit.com
- 8 - daringfireball.net (john gruber)
- 9 - entrepreneurs-journey.com (Yaro Starak)
- 8 - dumb little man - tips for life (jay white)
- 8 - seth's blog (seth godin)
- 7 - *** 9to5mac
- 7 - *** Ajaxian
- 7 - *** engadget
- 7 - *** wired news
- 6 - *** the unofficial apple weblog
- 6 - zen zhabits (leo babuta)
- 6 - *** readwriteweb
- 6 - *** real UFO videos and news
- 6 - *** signal vs. noise
- 6 - *** gizmodo
- 5 - dilbert.com blog (Scott Adams)
- 5 - *** arsTechnica
- 5 - chrisbrogan.com (social media marketing)
- 5 - *** boingboing.net
- 5 - mixergy (Andrew Warner on entrepreneurs & ism)
- 5 - *** macNN
- 5 - freelanceswitch (may give it at *** in future)
- 5 - small business marketing blog (John Jantsch's duct tape marketing)
- 5 - *** smashing magazine
- 5 - the single founder (Mike Taber of Micropreneur Academy & Startups for the rest of us Podcast)
- 4 - 47hats (Bob Walsh of StartUpToDo.com)
- 4 - the personal excellence blog (Celestine Chua)
- 4 - bobulate (Liz Danzico on Intentional Organization)
- 4 - I, Cringely (Robert X Cringely on technology)
- 4 - *** inside facebook
- 4 - *** mashable
- 4 - mysterious universe (awesome podcast)
- 3 - the launch coach (Dave Navarro)
- 3 - unclutterer
- 3 - *** lifehack.org
- 3 - *** lifehacker.com
- 3 - *** onstartups
- 3 - *** appleinsider
- 3 - *** cultofmac
- 2 - tynan.net (Tynan on life outside the box)
- 2 - @TheKeyboard (Chris Hartjes on PHP & Python)
- 2 - boxofcrayons.net (Michael Bungay Stanier on Good Work)
- 2 - scriptingnews (dave winer)
- 2 - high scalability
- 2 - About.com's Paranormal Phenomena blog
- 2 - interesting monkey
- 2 - startup lessons learned (eric ries on lean startups)
- 2 - venture hacks (good advice for startups)
- 2 - wil wheaton
- 2 - rotten tomatoes: new DVD releases (I flag the ones i want to see! super-handy way to remember)
- 1 - software as she's developed
- 1 - software by rob (Rob Walling of Micropreneur Academy & Startups for the rest of us Podcast, author of Start Small Stay Small - A Developer’s Guide to Launching a Startup)
- 1 - steve blank (customer driven development)
- 1 - ted talks
- 1 - the art of non-conformity (Chris Guillebeau)
- 1 - the startup success podcast (Rob Walling & Mike Taber)
- 1 - todd sattersten (100 best business books of all time)
- 1 - workhappy.net (Carson McComas)
- 1 - xkcd.com
- 1 - *** NYT > Technology
- 1 - penny-arcade (Mike Krahulik & Jerry Holkins)
- 1 - chris shifflett (PHP)
- 1 - raphael stolt (PHP)
- 1 - asmartbear (Jason Cohen)
- 1 - About.com's UFOs/Aliens
- 1 - ash maurya (practise trumps theory - lean startup + customer dev + bootstrap)
- 1 - blog.stackoverflow.com (Jeff Atwood & Joel Spolsky)
- 1 - JoelOnSoftware (Joel Spolsky)
- 1 - bob martin's object mentor blog
- 1 - codinghorror (Jeff Atwood)
- 1 - dan pink (author of Drive, Free Agent Nation, & others)
- 1 - david hayden (?)
- 1 - howard rooijen's blog (work smarter not harder)
- 1 - Ilia Alshanetsky (PHP)
Dave W(h)iner on Blogs
Dave Winer
Dave Winer is a scripting legend, but he's also curmudgeonly, out of touch, and wrong.
In his latest insight, he says he's "almost 100% sure" his blog was the first to have comments. Well, mine had'em in 2000, which was before the term "blogging" existed. I looked through Internet Archive and I couldn't find any versions of his site that had comments, either before OR after that time. Don't trust me, though. I'm just a country boy from small-town Ontario. Go look for yourselves.
Anyway, Dave says we need a "new kind of blog comment system" that should only allow comments within 24 hours of publishing a post, and that until the 24 hours is up, all comments remain invisible. You can edit & refine your comments until the time's up, and then they're all published at once. Oh, and there's a 1000 character limit. He thinks if you want to go over that, you should get your own damned blog. Why does he think this? Because, he says, people tend to get off topic, and into flame wars, and generally not contribute what he would consider "value". Also, moderating all those comments was a pain in the butt.
WTF, Dave?
I understand that you want to keep people on-topic, and that you want to avoid flame wars, and that you don't want a high volume of comments, but that's the cost of being a blogger! The comments often offer more insight than the blogger, not only because they contain more than one person's opinion, but because through dialogue the commenters opinions & arguments often get flushed out and further developed, such that what you have at the end is a highly honed version of some core insight. It also helps build a sense of community. You know, community? It's one of the main reasons the web took off in the first place; it helped small niches of people find one another. Is turning off "interaction" worth losing community?
Then Dave said "I know some people think that blogs are conversations, but I don't."
That's where you're wrong, Dave.
Blogs are conversations, right to their very core.
If your "blog" isn't a conversation, it's not a blog.
It's print media.
It's static, and formal, and portends authoritativeness.
It tells everyone else "I don't care what you think. This is what I know."
To top it all off, he ended by saying "Twitter is not a conversational medium . . . because of the 140-character limit".
I hate to break it to you, Dave, but the reason Tweets are limited to 140 characters because that's the length limit of SMS messages on cellphones. Do you have any idea how all North American teenagers and most Europeans communicate nowadays? Yep, text messages on phones. Given that Tweets are the same length, I think you've lost that argument.
I don't know what crawled up your butt and gave you a mad hate-on for the social aspect of the web, but you should come down off your high horse sometime and have a Coors Lite with the rest of us.
Fixing my WordPress Malware Problem
dive into the code
You probably notice that for about 10 days, whenever you tried to visit my site, you saw a bright red page that said the site was dangerous, and was hosting malware. Google put that page up, not me. It did so because it tries to ensure you have the best surfing experience possible, and part of that means not getting your computer infected by anything.
I can't blame them for doing so, BUT they could have been MUCH more helpful in fixing the problem.
Essentially, what Google Webmaster Tools told me was "Your site is infected. Fix it." Much easier said than done. The site is complex, and there are about a thousand posts, and many more comments. While Google *did* point me to a few of the posts it had problems with, it did NOT tell me what the problem was, so I literally had no idea what I was looking for. It was SO frustrating.
Google's warning to me mentioned 3 sites that my code somehow referenced. I won't repeat their names here for fear that I'll get blacklisted again. So, I connected to the database and did a bunch of queries (listed at the bottom of this post) for the sitenames, as well as script & iframe tags, but didn't find any results.
Eventually I thought "there must already be solutions for this out there", so I Googled (ironically) and found the "WP-MalWatch" plug-in, which I promptly installed. It indicated a mysterious file (included at the bottom of this post, for your inspection) in my uploads directory, located at: html/wp-content/uploads/2009/09/446365.php
Anyway, I removed it and resubmitted my site to Google to be taken off the blacklist... BUT they didn't take me off the blacklist. Apparently something was still wrong, so I kept digging.
I found that my host (MediaTemple) has had more than a few security issues with WordPress installs on their network. MediaTemple was aware of the issue, and suggested using a 3rd party service called Sucuri to fix the problem. Apparently Sucuri is getting a lot of business from MediaTemple, because the offer MediaTemple customers a $10 discount. Unfortunately, that only brought the price down to $79 USD, which I thought was ridiculous, so I kept looking for fixes.
A blog post by Kyle Brady told me to look for eval(base64_decode in my files. Sure enough, I found some, and removed them, and re-submitted to Google, but again was not taken off the blacklist. No idea why, but it meant I had to keep digging.
I found another plug-in called "Exploit Scanner". It found some more problems. Specifically, it indicated that there were 4 administrator accounts. I am the only admin, so I deleted the other 3 and then changed all passwords.
Then there was the Pharma Hack, which it turns out I had also been hit by. So I removed that stuff and re-submitted to Google, but again was not taken off the blacklist. No idea why, but it meant I had to keep digging.
Then I found a blog post on Uhleeka.com, which pointed me toward using grep, a unix-based commandline file searching utility. I've used grep lots of times, but in this case I had no idea what term I should be searching for. Uhleeka helped. Here is the command I ran to find the final culprit:
grep -R "document.write(unescape" *
Here is the result it returned:
html/wp-content/plugins/google-analyticator/external-tracking.min.js:var st1 = 0;document.write(unescape('%3C%73% whole bunch of this crap was here 9%70%74%3E'));var gr0=0;jQuery(document).ready(function(){jQuery('a').each(function(){var a=jQuery(this);var href=a.attr('href');if(href==undefined)
As you can see, someone somehow embedded some malicious code in my Google Analytics plug-in's external javascript (where database queries wouldn't see it). Would I have thought to look there? Nope. I took out the line starting with document.write, and resubmitted my site to Google for the 4th or 5th time. 3 hours later I was off the blacklist.
I found this entire process EXTREMELY frustrating. In all, I spent 4-5 hours on it, but never did I feel like there was a direct path to follow to get to the point where "for sure" my site would be fixed. I can't imagine how a non-programmer would cope with this. I guess they would just pony up the $79 to Sucuri and be done with it.
The obvious insight from this is that there's a huge business opportunity in this market for someone who can write & sell a simple to use anti-malware/hack service or plug-in for $20-$50 USD.
P.S. -- my facebook account just got broken into somehow, and it posted an "ipad giveaway" to my wall, and emailed all my friends about it, and invited all my friend to an "ipad giveaway event hosted by derek martin". WTF? I hope it's easier to fix than the malware problem was!
Here are the contents of the file detected by WP-Malwatch:
And here are the queries I used when trying to find the culprit. Simply replace BADSITENAME with the names of sites indicated by Google Webmaster Tools:
- select * from wp_options where option_name = 'wp_check_hash'
- select * from wp_options where option_name = 'class_generic_support'
- select * from wp_options where option_name = 'widget_generic_support'
- select * from wp_options where option_name = 'ftp_credentials'
- select * from wp_options where option_name = 'fwp'
- select * from wp_options where option_name LIKE 'rss_%' (EXCEPT: rss_language, rss_use_excerpt, and rss_excerpt_length)
- select * from wp_comments where comment_author_email like '%eval(%' or comment_author_url like '%eval(%' or comment_content like '%eval(%'
- select * from wp_postmeta where meta_value like '%eval(%'
- select * from wp_posts where post_content like '%eval(%' or post_title like '%eval(%'
- select * from wp_comments where comment_author_email like '%base64_decode%' or comment_author_url like '%base64_decode%' or comment_content like '%base64_decode%'
- select * from wp_postmeta where meta_value like '%base64_decode%'
- select * from wp_posts where post_content like '%base64_decode%' or post_title like '%base64_decode%'
- select * from wp_comments where comment_author_email like '%BADSITE1.biz%' or comment_author_url like '%BADSITE1.biz%' or comment_content like '%BADSITE1.biz%'
- select * from wp_comments where comment_author_email like '%BADSITE2.name%' or comment_author_url like '%BADSITE2.name%' or comment_content like '%BADSITE2.name%'
- select * from wp_comments where comment_author_email like '%BADSITE3.us%' or comment_author_url like '%BADSITE3.us%' or comment_content like '%BADSITE3.us%'
- select * from wp_comments where comment_author_email like '%<script%' or comment_author_email like '%<script%' or comment_author_url like '%<script%' or comment_author_url like '%<script%' or comment_content like '%<script%' or comment_content like '%<script%'
- select * from wp_comments where comment_author_email like '%<iframe%' or comment_author_email like '%<iframe%' or comment_author_url like '%<iframe%' or comment_author_url like '%<iframe%' or comment_content like '%<iframe%' or comment_content like '%<iframe%'
- select * from wp_postmeta where meta_value like '%BADSITE1.biz%'
- select * from wp_postmeta where meta_value like '%BADSITE2.name%'
- select * from wp_postmeta where meta_value like '%BADSITE3.us%'
- select * from wp_postmeta where meta_value like '%<script%' or meta_value like '%<script%'
- select * from wp_postmeta where meta_value like '%<iframe%' or meta_value like '%<iframe%'
- select * from wp_posts where post_content like '%BADSITE1.biz%' or post_title like '%BADSITE1.biz%'
- select * from wp_posts where post_content like '%BADSITE2.name%' or post_title like '%BADSITE2.name%'
- select * from wp_posts where post_content like '%BADSITE3.us%' or post_title like '%BADSITE3.us%'
- select * from wp_posts where post_content like '%<script%' or post_content like '%<script%' or post_title like '%<script%' or post_title like '%<script%'
- select * from wp_posts where post_content like '%<iframe%' or post_content like '%<iframe%' or post_title like '%<iframe%' or post_title like '%<iframe%'
SSD in my 2008 MacBook
OWC Mercury Extreme Pro SSD
I got my OWC Mercury Extreme Pro SSD yesterday, and aside from needing a Torx-8 screwdriver to install it, everything went smoothly. (I actually did have one, but had to hunt for it in the basement). When I unpackaged it, I put it in my Thermaltake BlacX dock and connected it to the MacBook. Then I used SuperDuper to clone my current internal drive (Macintosh HD) onto the new drive. This took about 4.5 hours, due to the slowness of USB. When it finished copying, I renamed the new drive to "Macintosh HD", and shutdown my Mac. Then I followed the instructions from this youtube video on how to install a new drive in a MacBook. That's all there was to it. It booted up first try.
So, is it fast? Yes. Yes it is.
Here are a bunch of measurements I took by videoing the Mac, and then watching the frames in slow-motion in iMovie. All times are in seconds.
Boot time to items in menu bar near clock
HDD - 110
SSD - 58.5 (1.9x faster)
iTunes time to launch with 220GB music
HDD - 12.9
SSD - 4.7 (2.7x faster)
Zend Studio time to launch & complete all progress bars (refreshing workspace, syncing svn cache, etc)
HDD - 222.5
SSD - 44.5 (5x faster)
I didn't take the time to measure a bunch of other applications on the HDD, but I will give you some rough estimates. The SSD *really* shines:
NetNewsWire with 191 feeds & 8000 unread items
HDD - 10
SSD - 1 (10x faster)
OmniFocus with 28 projects & tasks
HDD - 15
SSD - 1 (15x faster)
I use Zend Studio all day every day. And it needs restarting quite a few times each day. At 222 seconds, multiple restarts sucked up a lot of time. Not only that, but waiting for the progress bars to complete throughout the day was torture. While I was waiting, I would get distracted, and my productivity would plummet. With the new SSD, it launches & completes progress bars 80% faster, making me 80% less likely to get distracted. I am SO excited to see how this effects not only my productivity, but my mental status throughtout the day. Waiting was frustrating, and now I'll be doing a lot less of it.
P.S. - the SSD is rated at 3Gbps, but my MacBook only supports 1.5Gbps. So, next time I upgrade I'll probably get another speed boost with this very same drive. Awesome.
Apple Predictions for 2010-2014
Steve Jobs
People always make predictions right before an Apple event, when the rumour mill is all abuzz, and leaks are coming out left & right. I decided it was high time someone made some predictions well in advance. Like, years in advance. While most of my predictions are evolutionary, a few will be revolutionary/huge/unbelievable. Here they are:
- Like the iPhone & iPad, MacBooks will support SIM-cards for on-the-go surfing. Apple's cost on SIM-card hardware is dirt cheap now.
- When carrier-exclusivity with AT&T ends, Apple will enable MiFi base-station functionality on all hardware capable of receiving data via cellular networks. The best consumer experience means not paying for more than one cellular data plan, and not needing another gadget (MiFi) just to share a connection.
- When carrier-exclusivity with AT&T ends, Apple will allow any app that can run well over 3G to do so.
- The Apple Keyboard will get backlighting similar to that found in the MacBook Pro.
- The Apple Keyboard will lose its numeric keypad, just like the Apple Wireless Keyboard.
- The Apple Keyboard will have 2 optional magnetically attachable modules: numeric keypad & magic trackpad. They attach to either the left or right of the keyboard, or both can attach to the right, linked to one another. They are powered by the keyboard. The numeric keypad module will also work with MacBooks.
- All Apple displays will be retina displays (iPad, iPod, MacBook & Cinema Display).
- GPS will come to the Mac & iMac. Location is important, even when you're stationary.
- All Macs support multiple-user accounts. Soon, iDevices will too. This will help when deploying to schools, small businesses, and in families that can't afford multiple devices.
- FaceTime will come to the iPod & Mac, and phone <-> computer calling will be 'normal'. The concept of a 'phone' will fade away. The iPhone was a trojan horse which let Apple get its tech onto carriers networks, but it is not the endgame. Non-phones on their networks is the endgame (i.e. iPod Touch with mic, iPad with mic, MacBook with mic).
- All Macs & iDevices will have iSight built-in, with a front-facing LED light for when lighting sucks. This will help FaceTime look good AllTheTime.
- All Macs & iDevices will ship with a noise-cancelling microphone, to ensure crystal clear calls.
- The iPhone4 & all recent Macs have OpenCL-capabilities, which is designed to help them process data MUCH faster, especially visual data such as 3D. Apple will start using it, probably with some innovative 3D or augmented reality interface (I've yet to see one that wasn't lame, but if anyone can pull it off, it's Apple). It will also be brought to the iPod & iPad.
- All iDevices & MacBooks (portables) will gain the iPhone4's six-axis sensors
- Apple will release a new input device, similar to the Wiimote/PSMove/Kinect, optimized for interacting with 3D & augmented reality interfaces. We may also be able to use our iDevices as input devices for our Macs.
- All iDevice & Mac displays will gain pressure sensitivity, again, facilitating depth interaction, but also catering to artists -- Apple's longtime base.
- All iDevice & Mac displays will gain haptic feedback. You feel what you touch. It touches you back (in a good way).
- All iDevices & Macs support bluetooth & Wi-Fi. Based on patent filings, Apple may be designing an immersive glasses-based display & earphones that connect wirelessly to your existing device, which it will rely on for sensing & processing. This could be the key to a 3D or augmented reality interface that isn't lame, and it's why propagating iPhone4's gyroscopic sensor to other devices is key.
- Syncing will be moved out of iTunes and into its own application.
- Huge updates to how file syncing works. iDisk will be re-engineered to be more 'dropbox-like'.
- Over-the-air sync will happen sooner than later
- Some things will begin to be streamed on-demand, instead of sync'd ahead of time (Apple is building a huuuge data centre to facilitate this). This will help reduce the storage requirements of its portable devices.
iLife & iTunes: Boom!
- iTunes goes back to being all about audio.
- iVideos is the new home of all your videos (iLife now consists of: iTunes, iVideos, iBooks)
- iLife apps are about consumption, not production. For this reason iMovie will be merged into Final Cut, which will have 2 operating modes: beginner & pro. Alternately, Apple could bundle iMovie as part of iWork, which is also about creating things. This would have the additional benefit of bringing more users to the iWork suite.
- Just as iDevices are touch-optimized & Macs are mouse-optimized, AppleTV's final incarnation will be optimized for remote control by an iDevice running touch-based apps from the AppStore. The apps control what the TV displays, completely replacing Cable Channels & TV Guide. The remote device will have very limited storage, no cameras, no extra sensors, and no mic. It will be very basic, and will come bundled with the AppleTV. Also available separately for about less than $100. (I wrote this yesterday, before the rumour of an app-capable AppleTV surfaced, but didn't publish until today, because Google had flagged my site as containing malware, and that took a little while to resolve).)
If you have any more predictions, I'd love to hear them. Please post'em in the comments.