So finally I managed to get in the NSFW Corporation beta – after some back-and-forth involving a mysterious bug that caused my email to not make it in the beta on time. I have one word to start off this review: awesome.

It’s hard to describe what it is – my best description, aside from the official line of being “a news-weekly that’s published daily“, is that it’s a mix of witty articles on a variety of topics, complimented with an audio podcast (Lord, do I hate that word – if you have a better one, let me know, Paul!). NSFW is Paul Carr’s brainchild, founded after a string of startup failures and literary successes, and is showing promise. The first literary success is ironically based on the string of startup failures, but I digress.

Two articles from the pilot issue are titled This is Why They Hate Us: The Meat Monster, a funny take on why the rest of the world hates the United States and 10k-kcalorie burgers, and Best Practices For: The New Secret Service, which includes tips such as “An agent should now wrestle his partner to the ground at the first hint of an erection“. It is hilarious and entertaining reading, with a touch of political incorrectness that I witnessed only in UK media while I was living there, plus the right dose of swearing. It’s not called NSFW for nothing.

NSFW Live is the audio part of the site, with Paul and Josh Ellis, a contributor with a deep, movie-trailer voice, which reminds me of Beau Weaver (check out his free In A World ringtone). Josh makes the intro, and the back-and-forth with the guest begins. In the first episode, Patrick Sauer is invited to opine on whether Ron Paul masturbates to ‘Atlas Shrugged‘. A touchy subject if there is one (no pun intended… sort of). The clips last for around 30 minutes, and are highly entertaining.

Once it becomes live to the general public, a yearly subscription will cost $26, which is very good value for money. Right now, content is optimized for the iPad, but you can still read it in a desktop browser such as Safari or Chrome – Firefox was quirky at times, with random Javascript events being triggered for no apparent reason. Maybe it’s Firebug, but I didn’t investigate further.

Grumpy old git – things that could improve

As I’m an anal-retentive asshole when it comes to user interfaces and usability, I have a few constructive criticisms to make. First, on being iPad-optimized, and the very first thing you see when you arrive at nsfwcorp.com – the login form.

Before digging in, one curiosity for those technically-minded: there is almost no “normal” HTML in the site’s source. Each page is a collection of Javascript includes, which generate content dynamically. This has one advantage in being able to adapt to user browser & device specifics without much server-side heavy lifting, for example, by making use of jQuery’s deviceAgent.match (in this case, to send iPhone users to comingsoon.html – bastards!).

So without further ado, here is the Javascript-generated login form:

Nothing really much to it – however, this is the HTML source for the two fields:

<input name="username" id="loginUsername" placeholder="Email" type="text">
<input name="password" id="loginPassword" placeholder="Password" type="password">

So by now you must be thinking “yeah, you really are an anal-retentive asshole, what about those?!“. Simply put, they are not iPad – or more exactly, iOS – optimized. One of the neat things Mobile Safari gives web developers is extra form field tags, which make the device aware of the type of input being sought, so it can adapt the keypad accordingly. This is how the login form looks on an iPad, once you tap on the ‘Email’ field (click for large version):

There are two issues here: first, we capitalize the first letter of the user’s email address, which is not really A Bad Thing™, but doesn’t look pretty. The second, and most important, is regarding usability. By using type=”email” instead of type=”text” in the form field, the user gets to see this:

which is how iOS optimizes itself for email address entry. Depending on your particular concoction of underscores and dashes, this can save you some time. The whole list of supported form types can be found here.

My second irk is the amount of screen space the header graphic takes once you get in:

Of course, you can scroll down right away and see the various articles, but having the titles of the first two cut off doesn’t look that good.

The third issue has to do with scroll position between page transitions. If you scroll down, say about half-way down, and want to read Who’s The Leader Of The Club That’s Made For You And Me (if you’ve seen Full Metal Jacket, the answer is of course Mickey Mouse):

you are dropped just below mid-page into the article, thus:

instead of here:

If you’ve read the article, the answer is, of course, Walt Disney’s head filled with blue water, a sort of eerie Magic 8 Ball.

The final issue has more to do with strategy and people’s spelling abilities – or lack thereof. Allow me to explain: how many of you have typed nswfcorp.com in your browser and have landed in a “server could not be found” page? OMG! Someone has registered that already by the time I’m typing this, I hope it’s not a spammer trying to take advantage of those who cannot spell or type that well, a-la-holders of .cm domains. Or a pissed-off ex-girlfriend of Paul’s who re-directs the domain to goatse or meatspin or worse.

Worry not, as I was typing this, I thought I’d do Paul a favor (OK, maybe he doesn’t give a shit, so maybe not) and register the domain, which I’ll transfer to him for free. When I started Whisher, it didn’t occur to me that a competitor could buy wisher.com (the correct spelling) and redirect it to his own site – a point our first VC painfully reminded me of, and which cost us $30k and convincing the Wisher sisters, owners & operators of a real estate agency in the US, and owners of the domain.

In all, nothing extremely hard to fix – I’m really looking forward to the next issue!

This is a short post distilled from hours of frustration at the mangling of App logos by Facebook. Basically, if you want this:

instead of this:

make sure you flatten your image in Photoshop, and save as a 75×75 pixel GIF, with the dithering applied in “Save for web…”. Otherwise, Facebook will take your nice, transparent PNG and convert it to GIF with whatever dithering they choose, with results usually quite crappy. Feed the right GIF, and no conversion is required nor performed.

After frustration with FreeBSD’s ports system on a slow box such as the net6501 (it took literally 7 hours and endless “continue” buttons to get subversion installed), I decided to try and install Ubuntu. No clear instructions can be found on the net as to how to do it over a serial terminal, the only option available with the Soekris, so after some mix & match of various hints and pointers, I managed to do it. Here is how.

1. My setup

My particular net6501 is the mid-range version, with a 1GHz processor, 1Gb of RAM, and an internal Transcend 16GB flash drive. I also got the case & power supply, of course.

2. Get the Ubuntu Server ISO

Easy, just grab it here (32-bit version).

3. Create a bootable USB drive

You will need at least a 1GB flash drive, 2GB is recommended. I use Sandisk or other well-known brands, less likely to give headaches. The easiest way to create the bootable USB drive is to use Ubuntu’s own Startup Disk Creator, found under System in your standard Ubuntu desktop distribution. I use Macs so I run mine inside Parallels, with no issues at all.

4. Edit the boot menu configuration

You need to find a file named txt.cfg in your bootable USB drive and open it in a text editor. You will find a line that reads:

kernel /install/vmlinuz

The line after that begins with append – it needs to end up like this:

append console=ttyS0,19200n8 file=/cdrom/preseed/ubuntu-server.seed initrd=/install/initrd.gz

You need 19200 as that is the default speed on the Soekris serial port.

5. Connect a serial cable to the Soekris

A null-modem cable is needed. I use a DB9 adapter male/female adapter and a normal serial cable.

6. Open a serial terminal

The terminal needs to support VT100 emulation. Unfortunately all terminal apps for Mac that support this are payware and suck. I ended up using Hyperterminal in a Windows XP Parallels VM. It was rock solid throughout the procedure.

Set the terminal to 19200/8/N/1, no flow control, VT100 emulation.

7. Connect the bootable USB to the Soekris

The external USB port next to the DB9 will do fine.

8. Boot up the Soekris

Once you see the 5…4…3… countdown, hit Control+P, and then type

boot 81

and hit enter. Check that 81 is your USB drive, it should appear at the start of the boot log in the terminal. Adjust as required. You should now see a boot: prompt, type “install” and enter – an Ubuntu text-based install should follow, continue with the normal setup procedure after this.

That’s all folks – the toughest part was to find the terminal settings for the menu, if you get errors related to unknown video modes, you have not edited the right file or have done so incorrectly. Enjoy!

For the record, apt-get installed subversion on the same box in 30 seconds flat. FreeBSD needs to fix its package management system. Vim on FreeBSD requires over 500 individual file downloads with over 500 fixes/patches to the base version – ridiculous!

I am befuddled by how @Twitter can miss some blatant cases of spam accounts. So much that I have come close to conclude that these are paid accounts, thus won’t be removed no matter how much they are flagged and/or blocked. Here are some suggestions, based on what I have observed with spammers on Twitter, for spam-matching rules to improve the catch ratio. The accounts I use as examples have been hand-picked, so my points are open to interpretation, and could be way improved with data that Twitter has, such as tweet rate, number of spam flags and blocks, etc. These checks could be triggered in escalating order according to the number of users flagging an account for spam, as an example.

[Update] @Ed has replied to my tweet and part of this post:

I said “I have come close to conclude…”, not that they are paid accounts. But, it defies all logic how an account like @kredits can still be up and running after close to 64.000 (yes, that’s sixty-four thousand) spam tweets that break many of the rules/filters I have written about below. It is not a question of writing an algorithm for every variation, but a set of rules which give individual scores, and a minimum score to suspend an account. Basically, x-spam-score followed by an x-spam-status that determines account suspension, or lack thereof.

Follower to following ratio

Some spam accounts use aggressive follow techniques to try and spread their trash, and this gets reflected by auto-follow bots. The result are accounts with following/followed ratios close to one. Case examples: @Bqe1212 with a ratio of 1.01, or @vidalconsulting with 1.04. Others do not follow this approach, and only follow few accounts, for example, @kredits, with only 168 followers and following 49.

Tweet rate

One case I observed (the account is now suspended, so kudos there) had the particularity that tweets were pushed out every three minutes exactly. Twenty-four hours a day. This is something -very- easy to catch (and equally easy to defeat, but hey, some spammers are dumb).

Tweet content

We can split this check into various sub-checks:

1. Keywords

In the case of @jenlock1014, the word ‘money’ appears in almost every single tweet pushed out. The actual text of the tweets vary, as do the linked URLs, but the keyword is there. Other usual keywords are ‘free’, ‘cash’, and so on.

2. Linking the same URL

In some cases we see links to the same URL in every tweet, such as @Bqe1212, with tweets like:

http://twttr.me/dbxV Q&A: HOW CAN I MAKE MONEY FAST ON THE INTERNET FOR FREE!! NO …: by Chri… http://bit.ly/aJVi6Whttp://twttr.me/dbxV

and

http://twttr.me/dbxV How to Make Money Online With Online Writing Sites: There are many sites … http://bit.ly/cichxl http://twttr.me/dbxV

The target site’s linked short URL is different, but every tweet contains (two in this case!) copies of the same short link. Again, both tweets would also trigger rule #1 above for keywords.

3. Linking the same URL with differing URL shorteners

One technique often used is to spread the target link among various URL shorteners. This is the case of @kredits, which uses snurl.com, ej.uz, short.ie, bit.ly, and others, all of which redirect to the same final URL. A simple check, once an account is flagged for processing, is to follow all shortened URLs and look for patterns. For example:

• Exactly the same URL.
• Same host, same path, but varying query string (oft used to track sources).
• Same host, varying path, but same query string.
• Same host with both varying path and query string.
• Varying subdomains of the same host.

A combination of the above can be used to determine a spam score for a set of given URLs. An extra check when fuzzing techniques are used on the final URL is to parse the target site’s content, looking for similar headers, keywords, image URIs, Google Analytics account IDs, etc.

Reaction tweets™

Many times a spammer searches for certain keywords, and sends a reaction tweet when one is found. As an example, when I sent this reply to Ed Shahzade (@Ed) in reply to his tweet about auto-follower bots and spam, I received this other tweet from @atraiskredits:

@mikepuchol Problēmu var atrisināt ātrais kredīts? Izvērtēs kredīta piedāvājumu! Atver www.opencredit.lv un gaidi naudu savā kontā.

Obviously this is not English, and thus it was sent as a blind reply to my tweet mentioning @kredits without caring much about my original language, or wether I understand the content of the tweet.

On a flagged account, it should be very easy to check when response tweets are sent, by accumulating the words used in the original triggering tweets, and testing the occurrence of each word in all, or a high percentage, of them. As another case example, 10 minutes after @djsandman813 was sent this tweet by @kredits, and he replied this, @atraiskredits sent this reaction tweet. Screenshots below in case they go missing:

* OK “Reaction tweets” is not really trademarked, but maybe it should be!

Account aggregation

Spammers can try to avoid being flagged, or delay detection, by spreading their activity across multiple accounts. The way to detect this is to run a check among flagged accounts for the above filters, eg. catching various accounts all sending reaction tweets with the same short URL.

Account name

Many spammers are not too creative and simply throw random words and letters into the account name – this can also be an indicator of a spammer account.

Reaction flags

When a user receives a spam tweet, his initial reaction may usually be to block flag the sender as spam. An accumulation of such flags, particularly with other indicators such as single tweets towards a user followed by a flag (denoting not a conversation but a directed one-way message), should be enough to suspend an account.

What else?

I’m sure there are many other checks possible, but I have to get back to work – so, @delbius, do I get a job offer? Just kidding – was thinking of the guy who got offered a job at YouTube after writing ‘YouTube Instant’.

It has been nine years. On that day, 343 brave men lost their lives while saving thousands more at the World Trade Center, New York. Never forget. Below is the full list of those who never made it back from the towers.

A
Joseph Agnello, Lad.118 Lt. Brian Ahearn, Bat.13 Eric Allen, Sqd.18 (D) Richard Allen, Lad.15 Cpt. James Amato, Sqd.1 Calixto Anaya Jr., Eng.4 Joseph Agnello, Lad.118 Lt. Brian Ahearn, Bat.13 Eric Allen, Sqd.18 (D) Richard Allen, Lad.15 Cpt. James Amato, Sqd.1 Calixto Anaya Jr., Eng.4 Joseph Angelini, Res.1 (D) Joseph Angelini Jr., Lad.4 Faustino Apostol Jr., Bat.2 David Arce, Eng.33 Louis Arena, Lad.5 (D) Carl Asaro, Bat.9 Lt. Gregg Atlas, Eng.10 Gerald Atwood, Lad.21

B
Gerald Baptiste, Lad.9 A.C. Gerard Barbara, Cmd. Ctr. Matthew Barnes, Lad.25 Arthur Barry, Lad.15 Lt.Steven Bates, Eng.235 Carl Bedigian, Eng.214 Stephen Belson, Bat.7 John Bergin, Res.5 Paul Beyer, Eng.6 Peter Bielfeld, Lad.42 Brian Bilcher, Sqd.1 Carl Bini, Res.5 Christopher Blackwell, Res.3 Michael Bocchino, Bat.48 Frank Bonomo, Eng.230 Gary Box, Sqd.1 Michael Boyle, Eng.33 Kevin Bracken, Eng.40 Michael Brennan, Lad.4 Peter Brennan, Res.4 Cpt. Daniel Brethel, Lad.24 (D) Cpt. Patrick Brown, Lad.3 Andrew Brunn, Lad.5 (D) Cpt. Vincent Brunton, Lad.105 F.M. Ronald Bucca Greg Buck, Eng.201 Cpt. William Burke Jr., Eng.21 A.C. Donald Burns, Cmd. Ctr. John Burnside, Lad.20 Thomas Butler, Sqd.1 Patrick Byrne, Lad.101
(more…)

So I got a MiFi 2352 from Vodafone, which at 40€/mo unlimited data at up to 7.2Mbps seemed like a good deal, but it actually sucks where I am right now, getting at best, during the night, 300kbps. But I digress.

The MiFi is sold by Vodafone factory-unlocked, which is also like a good deal as there is no penalty for contract cancellation – naturally, it came with firmware version 5.15, which is ancient, and suffers from many drawbacks, one of which is poor HSUPA support. The one that caught my eye however was that the MiFi comes with a built-in GPS, which in theory provides positioning data to devices such as the WiFi-only iPad.
(more…)

[Update] After a tweet from @GadgetDon I thought I’d try to fix things, and thus deleted a couple of tweets that could have been offensive, and removed this post, with the thought of emailing Dave to ask what offended him so much. However, during the few hours since, I have been reading and researching Dave Winer’s background, and it seems I am not alone in what happened. It doesn’t seem to take much to be blocked out of Winer’s world, ergo, Winer’s world is by definition boring, uninteresting and dated. I have been going back through his Twitter feed (hint Dave: anyone can read your tweets just by logging out of Twitter, so blocking is pointless, duh!), and there hasn’t been anything that I didn’t find through other means, meaningful opinions or worthy information. Looks like I’m not going to be missing much. I’m moving on and re-posting this, there are tons of interesting people to follow on Twitter and blogs.

(more…)

En primer lugar, y dado que sé cómo se siente Albert en éstos momentos, darle tódo mi ánimo en su nuevo proyecto, el WebSeries Festival. Por otro lado, no puedo quedarme al margen de la mucha tinta que se ha versado respecto al modelo de WebTV, el capital riesgo, y los emprendedores, tanto para bién como para mal. Yo mismo he experimentado el que te digan “no” en repetidas ocasiones, escuchar que el proyecto no está teniendo “tracción”, o que le faltan cosas. Como última consecuencia, el “no” repetitivo forzó la venta de Whisher en condiciones no demasiado óptimas (por mucho que lo intente maquillar mi ex-socio en su perfil de LinkedIn, aunque ésa es otra historia que no viene al caso).

Me apena decir adiós a series como Cálico Electrónico, que en sus inicios nos hizo contactar con Albert sobre la posibilidad de que nos creasen un video animado de introducción a Whisher – aunque al final no se hizo por cambios sustanciales en nuestra página web. El cierre de Nikodemo & Co. viene forzado por no encontrar financiación que pudiese sostener el proyecto, que todavía tenía resultados económicamente negativos – aunque positivos en cuanto al público y lo social. Albert se queja de la falta de “riesgo” en la ecuación “capital riesgo”, aunque quizás el primer error fue la elección de las fuentes de financiación. El capital riesgo (en adelante, VC, como en los contratos) puro, tal y como se entiende en el mundo de los emprendedores, es desgraciadamente muy escaso en España. Me vienen a la cabeza unos pocos fondos, como Nauta, Debaeque, Adara, o Perennius. Más abundantes son los “business angels”, que son como un VC pero sin un garrote tan gordo para cuando van mal las cosas. Por debajo de aquí tenemos ya a los innumerables fondos, créditos, ayudas, viveros, parques tecnológicos, y pseudo-VCs. Los más preocupantes son éstos últimos, ya que en los primeros casos las cosas están bién claras desde el principio. Cuando accedes a un préstamo tipo NEOTEC, los términos son claros:

La empresa devolverá la ayuda a CDTI según vaya generando cash-flow positivo. Para ello, la empresa se compromete a facilitar a CDTI anualmente las cuentas anuales cerradas. La cuota anual de devolución será de hasta un 20% del cash-flow positivo generado hasta la amortización total del crédito.

Es decir, no corres riesgo. Si la empresa no llega a afianzarse, no tienes que hipotecar o vender la casa e irte a vivir debajo de un puente para devolver préstamos. el CDTI también se blinda un poco en cuanto a su riesgo de esta forma:

CDTI anticipa a la empresa, a la firma del contrato que regula la ayuda NEOTEC, entre el 40 y el 60% de la ayuda aprobada. El resto se entregará a la empresa a la finalización y justificación técnica y económica del proyecto-plan de empresa aprobado.

Si tus cuentas no dan resultado, el CDTI habrá perdido un máximo del 60%, de a su vez el 70% del coste total del proyecto, que es lo que otorgan. Otros tipos de ayudas oficiales se rigen por términos similares, y se convierten en una buena opción de capital semilla. El único problema es el arduo proceso de solicitud y trámite, que en ocasiones, puede alargarse meses, demasiado para una startup. Para solucionar en parte este problema, han aparecido una serie de empresas que se dedican a asesorar a startups en el proceso, a cambio de cuotas mensuales y/o porcentajes del capital conseguido – también otro tema para tratar en otro momento.

(more…)

Finally, I received the new PCBs from the manufacturer, after the first batch were found to be defective on track continuity (possibly due to too aggressive etching). This is a short video showing how the first one I assembled and programmed works:

Enough said.