World of Warcraft, the popular Massive Multi-User Online Heroin Alternative (MMUOHA) almost killed my friend. True story… sort of. My friend, I will call him John, has been playing WoW for a few month, and, like many players of the game, it has sucked away his life. Anyways, he recently had some surgery. Apparently, his arm started to hurt, so he went to the ER. The doctor came out and asked John if he had been in “an extended sedentary state.” John had developed a blood clot in his arm. I don’t know if this would have killed him, but it couldn’t have been good. I think there is only one word to describe this story: WOW. Granted, WoW had little to do with this problem, but it is true that WoW claims many lives each year, even if it is not in the physical sense.

Really, its amazing how addictive certain types of games can be. They tend to be games that allow players to have stats and doesn’t have any clear end game. When you add in the internet factor, it just means that one can find others who care about something so meaningless. Maybe people should carry around a notepad with “exp” written on the front. Anytime the carrier does something favorable in his (it is probably safe to assume that anyone who do this would be male) life, he adds some points to his score. Every so often, he can level himself up once he gets to a particular number of experience points. He could keep a board with various characteristics like dexterity, strength, etc… and just add a few points to a some of them each time he levels up. Would it be anymore absurd than those who spend months playing these games just doing tasks to level up? From what I understand, most of what you have to do is go around killing small animals. WoW.

I normally try to avoid Starbucks as much as my love for coffee will allow. I think the coffee is sub-par, their stuff is not exactly fair trade, the prices are too high, and I generally don’t like the overall atmosphere. Even at the drive-thru, they ask you “how can I get you started off today?” or something like that. Is the mere idea of phrases like “can I take your order?” so offensive that they have to act like they are providing in-store service? Anyways, I have been back home on Oak Ridge, TN for the last couple weeks, so I have occasionally gone by to get some coffee. I normally like to minimize my time in or around Starbucks, so I have been choosing to use the drive-thru. Anyways, I noticed that the window was not quite made for those in sedans, more so than most places. If the window was just a little higher than the usually amount, it would just be mildly annoying, but they added in a ledge, which makes it hard to get anything from them. I am fairly tall, so I have no problem as far as reach, but I can easily imagine people struggling with it. It is impossible to access the tips jar while sitting down (don’t know why you would want to. My latte was terrible!). Look at the picture, the top of the tip jar is just a few inches shorter than the roof of the car! Given that they serve hot drinks, I imagine that sooner or later, someone will spill coffee on themselves as a result of the height difference and sue. Sure sounds a hell of a lot more justified than that McDonald’s case a few years back. I am sure the height was determined by market research of some sort; I am sure that a lot of SUVs frequent Starbucks, but that doesn’t seem like justification for supporting those who choose to drive a gas guzzler. Besides, I went around and checked a bunch of other drive-thrus, and most to seemed to be at the same height, which was lower. For comparison, I went to sonic later and noticed that the ledge there was even with the side-view mirror. It seemed like a height ideal to accommodate everyone. I just don’t get what Starbucks has against sedans.

On the Google GTalk blog yesterday, a set of Google bots that translate was announced. I played around with a couple for a bit. It doesn’t seem to be anything special; it is just a bot interface to the Google translation services. I noticed that if you group chat with several of them, the one with the best answer would respond. So for example, when I was chatting with nl2en and en2nl, if said “hello”, en2nl would respond with “Hallo”, and if I said “Hallo”, nl2en would respond with “Hallo”. Anyways, the GTalk blog post does not include the full list of addresses, so I did. Here it is:


ar2en@bot.talk.google.com, de2en@bot.talk.google.com, de2fr@bot.talk.google.com, el2en@bot.talk.google.com, en2ar@bot.talk.google.com, en2de@bot.talk.google.com, en2el@bot.talk.google.com, en2es@bot.talk.google.com, en2fr@bot.talk.google.com, en2it@bot.talk.google.com, en2ja@bot.talk.google.com, en2ko@bot.talk.google.com, en2nl@bot.talk.google.com, en2ru@bot.talk.google.com, en2zh@bot.talk.google.com, es2en@bot.talk.google.com, fr2de@bot.talk.google.com, fr2en@bot.talk.google.com, it2en@bot.talk.google.com, ja2en@bot.talk.google.com, ko2en@bot.talk.google.com, nl2en@bot.talk.google.com, ru2en@bot.talk.google.com, zh2en@bot.talk.google.com

I also made a contact list suitable for import in gmail, which includes full language names in the contact name.

CSV File: Gmail Contact List (csv) with GTalk Translate Bots

Since I am not a big fan of spam, I normally do something to obfuscate my e-mail address whenever I put it up on a publicly accessible site in plain text. I usually don’t do anything special; I just do something like name {at} example {dot} net. As far as I am aware, spammers have not started to collect addresses formatted using such methods, but it has always bothered me, because it would be so simple to collect such addresses. Of course, that fear is far greater with any sort of compute-generated obfuscation. For example, mailman has a particularly dumb formatting. Every address is like name at example.net. Since spammers don’t have to worry about false positives, they could collect every address off of a mailman archive just by joining together every word immediately before an ‘at’ with the word that comes immediately after the ‘at’ with an ‘@’. Without reducing the accuracy, the false positive count could be reduced just by checking for a dot in the latter word. Really, the difficultly in extracting such addresses is incredibly minimal. The only reason that it is not an issue yet is that there are still enough people out there who put addresses up without any sort of obfuscation, so the task is still easy. I am think that spammers will have to start collecting such addresses soon enough, if they haven’t started already. So my goal is to determine exactly how I would go about an e-mail extraction system were I a spammer; this way, I can determine what sort of addresses could not be extracted easily. To start, let’s go through the assumptions we are making about spammers:

• False positives aren’t important. There will be plenty of bad addresses already, so a few more won’t hurt.
• Want to keep everything simple. The spammer is not looking for the theoretically best system, just something that works and is simple to write.
  • Want to write things for the most global cases. If someone does something unique, then we should expect the system to fail.
• Keep the system to the level of joining together strings. Don’t look for cyphers or anything like that.

So of all things, the obfuscation method is least likely to do anything to the actual text in the address. In the name@example.net example, ‘name’, ‘example’, and ‘net’ are never changed. The only constants here are the top level domains such as ‘com’, ‘net’, ‘org’, ‘edu’, etc…. On the web, the most frequent occurrences of these TLDs will be in URIs and e-mail addresses. The first step would be to filter out the URLs from this mix. Any address without a protocol specified would result in a false positive. First thing to do is find all the obvious addresses. With the rest of the TLDs found, if the match is connected by a dot to anything to the left, join the word to the word occurring two positions to the left with an ‘@’. Otherwise, join the word two positions to the left with a ‘.’, and then join that new string with the word two positions to the left of that with an ‘@’. The spammer surely could think of other methods like these I have outlined. This exercise makes it clear that the only way to avoid most trouble is to come up with some sort of encoding method that is human readable, but is obfuscated to these sorts of general extraction methods. With something like an e-mail address on a uchicago system, if it is listed on a uchicago site, it is possible to make abbreviations like uchic.... edu. These sort of obfuscations could still be detected by a sophisticated extraction system, but it would be too much of a hassle for too limited results. There are other tricks one could employ along these same lines; for example, the addresses name..../\7.....example#...#net or USER:(....name....) |AT| ADDY:(....example{dot}net....) . The problem with these is that they are just human-readable, and a means to extraction is not that far off.

What is the best solution? For all intents and purposes, I consider javascript obfuscation the equivalent to putting addresses in plain text without obfuscation. As I have previously discussed, it is pretty easy to extract the contents of the DOM from firefox. The first method that comes to mind is essentially a series of variations on the barely readable obfuscations. Basically, using php or something else server-side, addresses can be written as normal, and then encoded. The problem with this solution is that these methods are barely human-readable, and the text is still left unaltered. What sort of method could leave everything as human-readable but also modify the text itself? I haven’t been able to think of anything. Perhaps I will think of something soon…..

For the last few days, I have kept my Gmail inbox at 666 unread messages. When it first hit, I got a quick laugh; I am not at all religious, so its not like “666″ has any particular meaning to me, other than the fact that I think it’s a dumb thing to care about.

Since then, however, it has become a force far darker. I feel this compulsion to either read mail as soon as it comes in or to leave messages unread just so I can keep my inbox at 666 unread messages. I just can’t stop!

So I am guessing I am going to get tired of it in about four days tops, at which point I will go back to my normal routine of letting mail pile up and then mass archiving it.

I follow the local Python user group’s mailing list (see chipy.org). Though UChicago has prevented me from going to all but one meeting, I can say that it is a fun group. Anyways, someone asked a question that spurred a few hilarious responses. The two best are this one bit of coding absurdity and this one just hilarious response.

Without immediate work to do, and without a desire to do any, last Friday I decided to go see Beowulf in IMAX 3D at the only place in the city limits of Chicago playing Hollywood movies on IMAX: Navy Pier. Besides the other people in the theater, a particularly obnoxious group of tourists/Chicagoans, the movie was great. I can’t imagine that this film will do to great on DVD; unfortunately, the film seemed to demonstrate that the art of films in 3D has not moved far beyond waving random things around in front of the screen. Granted, with the amazing CG on IMAX 3D, I enjoyed the experience of watching it, but I have to agree with the many critics who point out how much more shallow this movie is compared to the original poem, as much as I like Vikings in any context.

Anyways, as the title of this post suggests, I wasn’t so satisfied with Navy Pier. Friday was in fact the third time I have sworn never to return to Navy Pier as well as the third time I have been there. I suppose it is little more than a tourist trap, but I think that gives it a little too much credit. The main problem I have with it is that I can’t think of anything that is actually there. There are plenty of crap shops there, but if you really want to get pointless Chicago junk, you are about a ten minute walk away from the most trafficked part of Michigan Ave (the so called “Magnificent Mile”, as I have never referred to it as). Why anyone would want to go to Navy Pier instead of Michigan for shopping is a mystery to me. There are boat tours that do down the Chicago river or go around Lake Michigan, but the benefit to these seems to be that they in fact take you away from Navy Pier to something more interesting. When it is not freezing cold outside, there are vendors along the paths. In the summer, I can understand the attraction to a point. On the one hand, you are on the lake, which is nice, but it is still kind of like going to Disney World for a drink: you just don’t do it. Likewise, the ferris wheel is all but useless outside of summer, given the freezing temperatures and gusting winds. As I wondered around for I while, I noticed that there was a sign that said something about how the ferris wheel was brought to you by McDonald’s, complete with there slogan, “I’m Lovin’ It.” Beyond the ferris wheel and the IMAX theater, there is the Chicago Shakespeare Company’s theater, for reasons that are far beyond me. If you have a kid who needs to go to the children’s museum (I am doubtful of the quality), then it might make sense, but all in all, Navy Pier is a worthless piece of trash. The restaurants are all chains of course, which adds to the pointlessness of this place. Again with Michigan so close, I don’t know why anyone would want to go the Bubba Gump Shrimp Company or to the McDonald’s of the future (complete with the generic science museum plasma ball). After I got my ticket, I wondered over to Billy Goat Tavern for lunch–always a good time. To an otherwise great city, I consider Navy Pier to be a pretty horrid blemish.