Obvious Ideas

Judging by the fact that I’m not the only one who received the exact same message today, I guess someone figured out how to harvest emails from GitHub repositories. Probably from the readme files people post or from some metadata in the repositories (the email address is part of the username in the commit history).

I don’t understand how the originator of this spam attack thought that someone will fall for that, but oh well.

Hopefully next time Gmail’s spam filter will catch this kind of spam.

Arik

And, like other disruptive technologies, it’s getting better all the time.

This, after all, is the typical pattern with disruptive technologies.  The disruptor enters at the low end of the market, providing a simple service that is cheaper and more convenient than incumbent alternatives and “good enough.”  The low end of the market adopts the technology–and the incumbent players, which serve the profitable middle and high-end of the market–snigger and point out that their products are “better,”

But then the disruptor improves its product, the way the Huffington Post has improved its product for the last few years.  And soon the disruptive product is useful to the middle of the market as well–and it’s still simpler and more convenient.  Soon, the incumbent player, under attack from below, is forced to migrate to the higher end of the market, seeking to preserve its huge profit margins.  Eventually, the disruptor takes over the middle of the market, and the incumbent player collapses.

(from: Five Years Later, The Huffington Post (And Online Media) Are Coming Of Age)

I really recommend reading the full article which talks about how the Huffington Post is soon (in 2-3 years) to become bigger than the New York Time in terms of traffic and probably revenues. And to think that the Huffington Post is a 5 years old blog and the New York Time is a 120 years old publishing house. It sure is a great example that disruptive technology is more about disruptive use of technology (I’m sure that in pure terms of technology NYT is better than the Huffington Post).

It looks like that Jeff & Joel gave up on finding a viable business model and just went after the VC money. I get that. But what I don’t get is why they have’t tried a very simple, but in my opinion good business model – let people pay for answers?

One of my clients is having connection problems between their application servers and the database servers. It looks like some TCP configuration issue, but I’m no expert in that so after trying to figure it out by my own, I posted a question on ServerFault. The question got only one answer which wasn’t that helpful.

Now my next step is to hire someone on ODesk to solve the problem. But what if I could just pay for someone to answer my question on ServerFault? For me that would be perfect, because that’s what I’m going to do anyway with the freelancer I find on ODesk, as I can’t trust him enough to give him access to the client servers.

I know there is a bounty feature on StackOverflow, where you can give someone some of your reputation (points) on StackOverflow if they answer the question. But the thing is – I’m not that active on ServerFault and don’t have enough reputation.

Maybe I should just create this marketplace, where valued users can offer paid answers and people can hire them. That might work, but after seeing what happened with the Twitter ecosystem I learned my lesson – no more filling holes for OTHERs. Because it is obvious that if my marketplace works, the StackExchange team will be motivated to create their own version.

What do you think?

UPDATE: Dan (who is too cool to comment) sent in his thoughts by email:

Google answers failed and it was a paid system. The main problem is the subjectivity of the quality of the answer. How do you judge that?

That’s a great point. I think that it will be basically the same as it is today with point bounties:

1. Once you put a bounty you already give in the points (or in my case – the money), so you have no incentive to “lie” and say that the answer you got isn’t good enough just to save yourself the payment.

2. You decide which answer is “the” answer and gets money.

If you don’t get a good answer, you can always keep it around or raise the bid.

Another concern someone might raise is the same that Joel & Jeff usually raise – what’s a good price for an answer? While many people don’t mind sharing knowledge for free, once you start attaching a price tag it becomes a whole different story. Well, I acknowledge that and I don’t think that the whole StackOverflow site should be paid, but it should have a paid option.

People will still have a great incentive to answer questions just like today (they increase their reputation), but this will give another option for those who ask more esoteric questions.

Now, what do you think?

Read about Gmail’s version for the iPad? Curious to try it yourself? Don’t have an iPad? No worries.

All you need to do is to change the user-agent string of your browser to be the same as the iPad Safari:

Mozilla/5.0 (iPad; U; CPU OS 3_2 like Mac OS X; en-us) AppleWebKit/531.21.10 (KHTML, like Gecko) Version/4.0.4 Mobile/7B334b Safari/531.21.10

I’ve done it with Safari on my Mac with the developers tools enabled (after enabling the developers tools, go to Develop->User Agent menu and pick other). If you have other browser/OS, just google “[your browser] change user agent string”, pick the best result and follow the instructions.

Once you done with changing the user agent string, surf to gmail.com and enjoy. The iPad UI is less useful on a non touch screen, but it’s interesting to play with and see Gmail in two columns.

Obviously, this trick will work with most (all?) other iPad web apps.

Microsoft really outperformed themselves with Windows Phone 7. They took the best ingredients of both the iPhone and Android, added some of their own and created something that has a lot of potential. I’m saying potential, because until we see the actual device and feel the experience, it’s impossible to know if they succeeded or not.

I really like their attention to details/perfection in the UI for this device and the effort they put in conveying this to the developers. Windows developers are usually less UI-centeric (as opposed to Mac developers), so extra work required here.

I also love the fact that they didn’t just create another take on the iPhone experience, but created something of their own. Because when I say they took elements from the iPhone and Android, I mean just concepts – like the attention to details and one-consistent experience from the iPhone or the back button and multiple integration points from the Android. The overall experience is completely theirs and I like their concept that an application is one wide canvas, that part of it is being revealed at a time.

I’m really curious to see what affect the release of this phone is going to have on the mobile market. This phone isn’t iPhone-killer, but it certainly has the potential to be the Android killer…

What do you think?

We started using MixPanel to get realtime statistics on user engagement in our application. We’ve been using MixPanel before for funnel tracking, but you can’t really appreciate their service until you start using their event tracking. It is truly realtime (as advertised) – the second the user performs an action on your application, you see it on your dashboard.

Besides the realtime reporting what I really like about MixPanel is the fact that they allow easily reporting from your backend and not only from frontend/Javascript (as opposed to Google Analytics).

Within their documentation they have code samples in many languages, including Python. But their Python sample requires ability to start new processes on the server you’re running – something not possible on App Engine. Therefore I changed it to use URLFetch in RPC mode (so that calls to Mixpanel won’t block the call):

It could be re-factored more, like allowing setting the project token outside the function call, but that I will leave for you to do (and if you do, please share with us)

Arik

I recently started using deferred tasks in my App Engine application. I’m using them mainly for two things:

1. splitting user requests into two pieces – one that being done immediately and one that being done in the background, to speed up the response time.
2. mapping (iterating over) all my entities to calculate various statistics.

I won’t provide here details on how to use deferred tasks, because this is described in detail in a great article by Nick Johnson, which I highly recommend reading. One thing I do want to share from my experience, is my implementation of the Mapper base class:

This implementation is taken from Nick’s article mentioned above, but I made some changes to it. The first change is giving subclasses the ability to set the property to order the entities by. I needed this, because I found out that when your entities have custom key names ordering by key breaks for some reason.

The other change is re-factoring the way the next batch starts. It seems to me that in the sample provided in the article there’s an error in the indentation, resulting in the code not doing batching properly and can even break in some situations. In my version every task run maps only one batch (or less). This is sub optimal in terms of # of tasks it takes to map all your entities, but as long as you don’t have really a lot of entities this is not such an issue.

I really would love to hear others’ comments no my changes and about how you use deferred tasks or map your entities.

Arik

I’ve been doing quite a lot of Facebook development in the last few months. At first I was using my own account to do most of the testings for the apps I was working on. I always have (at least) two versions of the app – production and development. The development version is marked as sandboxed, so any action I do in it (including posting to the newsfeed) isn’t shown to my friends.

At first I felt that this is enough, and didn’t feel the need for a test account. But after some time I realized that while developing, anytime I get to my profile or newsfeed, I get distracted by my friends’ posts. So I started using another account to do the testings. This way, whenever I get to the profile or newsfeed I practically see nothing there that can distract me from what I’m working on.

Another benefit of using a test account is that whenever you test something on the production (un-sandboxed) version of your app and need publish a lot to your newsfeed, you don’t spam your friends (or reveal upcoming features).

Of course, we can rely on our self discipline to avoid this distractions, but who are we kidding?

Arik

This is another way to protect your software - just ask politely. (Photo by penner42 on Flickr)

A friend of mine sent me this question by email today:

I have  a software written in visual C++ which is compiled into an .exe file and I wish to distribute (sell) it in a “secure” (anti pirated) way.  How can I “lock it” so it will be able to run on only one computer (the one of the person who purchased the software)?  Is there a software to turn .exe files into protected ones, or good tutorials on what to do from the coding side?

I thought that for the general good and in order to get more views on the topic, I will post my answer to him here:

I can think of mainly four ways to protect your software -

1. Some serial number authentication mechanism – this is the most traditional way and it fails big time. All of the documented techniques to protect yourself in such a way are already broken, and if you’re not in the field of software security you probably won’t find anything better. This might be a good way if you know that your target market is non-technical people who probably won’t bother breaking your authentication mechanism themselves and usually don’t know someone who can do it for them.
2. Serial number authentication and online check – this is what Babylon do. When their application connects to their server it verifies the serial number it has with their database, if they see some misuse they either lock your application or just stop providing you answers. Microsoft use similar technique with XBox Live accounts – whenever you connect to XBox Live they check if the games you run are legal – if not they take actions against you. In recent check they disabled 1 million pirated accounts. But not only they disabled their access to XBox Live, they also disabled the hard drive in their console. This is quite good method as long as your software requires constant communication with your server. If not there are ways to override this protections (like disabling access to the Internet from your application).
3. Good target market – like in mentioned in (1) a lot depends on your target audience. If you create a truly great product and price it in reasonable and achievable price, most people are likely to pay (unless your target solely to the Israeli market…).
4. Online service – if you convert your software into an online service (like the 37Signals products, ZoHo, GitHub and many more), you are fully protected up to the extent that people will use stolen credit cards or hack your system in some way. But this actions are considered as “real crimes” by most people and they will less likely use them or spread the knowledge about them.

This are the four ways I can think of. If you ask me what would I do, I would go with option #4 – all other ways (besides #3) require you to invest unreasonable time and money in protecting your software instead of improving it. While it can be a nice mouse&cat game, it highly unproductive.

That’s what I think, I’m not sure if it really helps my friend, but maybe one of the readers will offer some better insights & tips on the topic.

Arik