Blog archives for June, 2007

Web server fuzzing

Dr. Dobb’s Journal runs an article discussing the tools necessary for fuzzing (testing the system by generating random input in order to cause program failure or crash).

You are fuzzing a Web server’s capability to handle malformed POST data and discover a potentially exploitable memory corruption condition when the 50th test case you sent that crashes the service. You restart the Web daemon and retransmit your last malicious payload, but nothing happens.Was the issue a fluke? Of course not: Computers are deterministic and have no notion of randomness. The issue must rely on some combination of inputs. Perhaps an earlier packet put the Web server in a state that later allowed the 50th test to trigger the memory corruption.We can’t tell without further analysis and we can’t narrow the possibilities down without the capability of replaying the entire test set in a methodical fashion.

Google Answers relaunches, so far in Russia only

Google Answers launched today for the Russian market, as announced in Google Russia blog by a product manager from Mountain View, so it looks like expansion to other languages is only the matter of time. The service is not entirely unlike a competing answers service from another Internet company in Silicon Valley, but does feature some Google-specific features, such as tagging and prominence of search (do a view image to see the full screenshot).

Front page of Google Answers

Every new user to the system starts off with 100 points, and can spend those points asking a question. The cost of the question can be 10, 20, 30, 50, 80 or 100 points. A daily login to the site will earn you 5 points, every answer to the question will earn you 2 points, and ever rating for a specific answer will earn you 1 point.

One can also specify the number of days before the question is considered closed. The values are 1, 2, 3, 5, 10, 20, 30 with the default of 5 suggested. The best answer gets all the points paid by the user who asked that question, so there’s motivation in answering higher-priced questions first. If in process the answer gets high rating from other users, the author of the answer gets additional points. If the answer is “dugg down”, the author of the answer can lose points.

Google Answers - ask a question

The sidebar links allow you to browse the questions you’ve asked, the answers you’ve submitted, the tags you’ve subscribed to (Google will probably call them labels in English UI), and the starred Q&A.

Google Answers - answer a question

Choose your success stories wisely

Today USA Today brightened my day with the news that new semantic search from Xerox will make finding information easier and faster. So that’s super, even though it will launch next year. So what kind of improvements can I expect?

For example, common searches using keywords “Lincoln” and “vice president” likely won’t reveal President Abraham Lincoln’s first vice president. A semantic search should yield the answer: Hannibal Hamlin.

Mmm, that sounds good, so let’s see how sucky my experience is nowadays:

Lincoln Vice President

Say what? Not only the first three links point to the documents that contain the Vice President’s name, the second description actually provides the name right on the search engine results page. What was the problem FactSpotter was solving again? I am sure their technology is all cool, but perhaps someone could come up with a better illustration.

David Weinberger on everything being miscellaneous

David Weinberger, the author of a new book Everything is Miscellaneous spoke at Google regarding categorization in the digital age. While the physical store has to make a quick decision regarding product placement, i.e. “New Books”, “Bargain Books”, “Romance”, etc., a virtual store can have multiple pathways of getting to the information, therefore allowing the casual browser to go into some categories like “Products between $300 and $400″ or “Products manufactured on African continent”.

In a nutshell he seems to be thrilled with user-driven categorization patterns, like those exhibited in Del.icio.us or Flickr, and thinks this is the wave of the future - produce content, allow others to categorize it for their own purposes, allow the rest to derive value from this user-driven categorization.

Somebody from Google Toolbar team at the end of the video asks Weinberger regarding proper defaults, as with toolbar there are always discussions on how to originally group the buttons - by frequency of usage, by their actions, by the sites they relate to. Moreover, it seems that a slim minority of users actually reconfigures the toolbar buttons. His answer was basically to try to introduce the value not only in customizations to the toolbar, but also in allowing others to benefit from this customization.

Java jackets and Jay Jorensen - the history of invention

Java jacketsEvery time I get a cup of hot coffee, I am always curious about the coffee sleeve, usually featuring the patent 5,425,497. It’s a pretty simple, yet incredibly useful invention that obviously was scratching an itch that many people have had whenever buying hot coffee.

The inventor is Jay Jorensen and the one-product company is Java Jacket out of Portland, OR. You get the coffee sleeve for free whenever you buy a beverage at a coffee shop, but according to Entrepreneur magazine, the company’s revenues were estimated at $12-15 million dollars back in 2003. The company got started with $15,000, back in 1993 when the patent got granted. The venture got started after an unfortunate accident with hot coffee, Fast Company magazine says:

One morning, I spilled the coffee in my lap. I didn’t get burned badly, but I thought, Maybe there’s a better way of doing this.