Right, that's out of the way then. So, i work at Netflix. Specifically, i work in the API group. The guys that offer http://developer.netflix.com and various services tied to it. Anyone who knows me (or just reads this blog) also knows that i'm more than a little paranoid about security and privacy.

Some time ago, a company called Jinni started collecting Netflix customer ratings so that they could store them on their servers and do things with them. Unfortunately, since Netflix doesn't offer a way to pull those ratings directly, Jinni decided that they'd use one of the worst anti-patterns possible, and ask for the user's account name and password, which they store on their servers.

This, not surprisingly, is a violation of the Netflix Terms of Service. Netflix, for those not aware of the company, is a subscription based movie rental company. You set up your subscription via a credit card which is tied to your account by… your user name and password. Netflix, also not surprisingly, doesn't want potentially thousands (or really, even one) credit card to be stolen out of it's service by any site that's suddenly been compromised.

You see, regardless of the sort of encryption being done to store user credentials on a remote site, if you're entering a username and password, it must be transmitted (and therefore stored) in plain text and therefore it's easy to steal via any number of mechanisms. This is why services like OAuth are better because they provide the three parties (you, a third party program acting as your agent, and your data service) to all agree on a common set of alternate credentials that have access to an explicit set of information. For instance, i can use these alternate credentials to let PocketFlicks access my reviews and movie watching history, but not have access to my credit card info. Plus, should i ever distrust a given service, i can have the data service revoke access at any time.

i'll toss in that OAuth is just one solution. There are others, including Yahoo's BBAuth, Google's Auth, and Facebook Connect which all provide similar function (although those are tied to specific vendors). This is what's known as balanced security, and frankly, if you're using either an agent or a data service that doesn't provide that sort of balance, i'd seriously question the goals and aims of that service. (Twitter, thankfully, has recently joined the OAuth bandwagon after having had several accounts compromised by various less than upstanding services.)

So, it both confuses and saddens me when i see companies like Jinni slinging fud. To them, the obvious reason that Netflix is "demanding they remove the import ratings feature" is obviously because Netflix see them as a threat. Well, i'd guess Netflix does, but definitely not in the sort of way that they seem to think.

Netflix's income comes from subscriptions. Netflix's main goal is to increase subscribers. In order to do that, Netflix want's to provide a service that folks are happy enough to both continue to use and to recommend to others. One of the ways that we've found to make our service useful is by recommending movies that you might enjoy watching. We do a fairly good job, but we're about to award some guys $1,000,000 for a way to make it just 10% better than it was before, so we know that others might do a better job than we can. We just want more subscribers*. Heck, if you like watching movies based on random words in the dictionary, we don't care so long as you become a subscriber. Honest, that's the sum total goal.

Now, there are also laws in place that we have to respect dealing with ensuring your privacy. For instance, we can't share your movie rental history without your consent. Every time we look at offering a new service, we have to make sure that it's not potentially violating laws or existing privacy policies. That means that the reason somethings are offered before others isn't always because it's technically challenging. Is it frustrating? Oh man, is it ever, but that's the reality we have.

i'm quite sure that the Jinni folks are fine, upstanding citizens with only the best of intents. That said, i'm still paranoid as hell, and frankly, you should be too. Heck, be rightfully paranoid about Netflix, that's why security experts recommend having unique passwords for every service you use. (Just note that Netflix is required to be SOX compliant and regularly audited by our credit holding insurance agency where i don't believe Jinni is.)

We i believe that Netflix doesn't care if someone wants to store and use their customers movie ratings. Heck, when they're allowed to provide them, i personally hope Jinni does a better job than Netflix does because that will also increase Netflix subscriptions. Netflix just can't provide them yet.

As for giving them, or any site, credentials that could access your stored credit card personal info? Well, that's just stupid.

(*Oh yeah, those stupid pop-up/over/under ads? Those are from affiliate partners. They're not supposed to do that.)

Take, for instance, a note they published yesterday Several Facts about Google. They note that they're very happy with the fact that Google is testing out HTTPS connections for gmail, since that means that the connection between you and Google is secure. That's very nice. Granted, SMTP, the method of delivery of your mail, is generally unencrypted, but that's probably beside the point. Kind of like how it's great to have a locking mailbox, but your mailman can still get mugged or just bury your mail in his backyard.

The other part that really had me scratching my head was that they were pushing to have Google use HTTPS for searches.

Again, i really like EFF, but i really wish they'd consider what they're asking for.

HTTPS means a secure connection. That means that so long as you're holding a connection open, you've got a mutual, trusted handshake between you and the box you're talking to. That's important to think about so make sure you remember that.

When you make an HTTP request to Google, the first thing that happens is that your request goes to a DNS balancer. This machine tries to figure out the closest server to you and hands you off to that machine. That machine is probably a VIP or "Load balancer" who's job it is to hand you off to a machine that can actually service your request. How you walk that path is kind of dependent on a lot of things like how busy a given server is. All of these hand-offs are done in nanoseconds because none of these needs to keep the "line" open. In fact, with some things, you may not even get to google because you wanted something that exactly matched what someone else just asked for (like "Ed McMahon Memorial" or something). That's called Caching and it means even faster delivery of data to you.

When you switch to HTTPS, however, you introduce a good deal of security and a lot of extra steps. Your machine will only exchange information with a machine that identifies itself correctly. It also means that every request and response has to be encrypted and signed and then checked and decrypted.

Think of it this way, let's say you wanted to get a quart of milk. Currently you go to a local grocery store, and grab a jug. (We'll pretend that milk is free and unlimited, so you don't have to worry about checking out.) That's pretty much how HTTP works.

HTTPS means driving to an approved Milk Distributor, showing your ID at the door, calling the FDA to ensure that the person you've shown your ID to is who he says he is, handing him a cryptogram that contains your request for a jug of milk, he walks into the store, and sometime later returns with a locked safe which he hands you. You depart, drive home, enter the combination to unlock the safe and pull out your jug of milk. That, of course, presumes that nobody else wanted milk, eggs, meat, or laundry detergent that day and you had to wait in line to talk to the clerk.

Why would you have to wait in line to talk to the clerk? Well, because he costs a lot more than the fridge (even though he's basically walking up to said fridge to grab the milk), and even if you're the most successful grocery store on the planet, you can only realistically afford so many highly trained, FDA approved clerks. Plus, you have to pay for new training for them every year.

i'm sorry EFF, but that's just a really dumb idea. Particularly since your fridge, err, computer could still be seized and the store's receipts , err, search engine's logs can also be subpoenaed.

There are lots of existing ways that you can cover your tracks should you need to. Just ask anyone in China or Iran how to do it. But for the bulk of us, i think we can live my life with my milk in a normal, non-reinforced carton.

This kinda lead to the next question: What should i get as a DVR?

It's actually more complicated than it sounds.

You see, i kinda got used to the idea of having a second DVR that i could use to record my geek-tastic shows on and have playing while i wrote code. It was also sometimes useful to have something that could encode video and audio when i wanted to save something that didn't come on CD or DVD. i have a Hauppauge 1600 that came with my desktop computer, but it's only recently kinda/sorta supported under Ubuntu, and frankly, i still can't get it to work quite right. i also had a crufty old USB video capture plugin device i'd picked up sometime in the past for $30, and let me say that it's capture ability rivals that of an etch-a-sketch. Plus, neither of these had a decent IR Blaster so having it change channels for me was kinda out.

One thing i've also kind of learned over the years is that it's often better to have dedicated devices rather than farting around with trying to get something else cobbled up and working. Instead of trying to get wireless networking operational on a given device, it's cheaper and far easier to just go get a dedicated access point.

To that end, i ordered a Neuros for $99 (oddly, cheaper than the PVR base add-on for the Archos5, when it was in stock). Toss on one an old 60GB drive i slapped into a USB shell or a spare CF card i've got and i figure it'll suit just fine (Hell, if i really wanted, i could probably just plug in a cheap 1TB USB in a few years and be good to go for quite some time.)

Plus, if i ever do get that 1600 working right under Ubuntu, i can move this thing to the bedroom. Which is something i'd have a helluva lot more problems doing with my desktop.

i'm sure that it's strange to a lot of folks in this era of convergence, that i'd be happier heading in the opposite direction. i won't argue that it sucks that i need something like a bandoleer to haul around the various gadgets i'd like to have, but then again, i'm not terribly upset when the latest version of the phone i just bought gets video either. (Or really that upset when my camera stops working and can't swap it out.)

Of course "easier" is a fairly relative term, but it's stuff that i prefer to use that doesn't overly complicate matters. For quite some time, that included using Yahoo Instant Messanger (Y!IM) as my messenger client of choice. Sadly, those days have come to an end.

For various reasons, i can't run the default Yahoo Messenger Client, nor do i want to dedicate a web page or flash app in order to do messaging. What's more, i don't want to see a bunch of ads or have cute smiley faces appear in code snippets. For the past two years, i've been using Pidgin as my client since it's far smaller and talks with all the messaging services. (Well, almost all. Facebook is still closed. Whaddya Know…)

Pidgin makes my life easier, so it's a good tool to have. What's more, it encouraged me to dig up a lot of my older messenger accounts because i could finally run one program that let me talk to anyone on any other network.

Up until a few days ago when Yahoo decided to be dorks.

They changed the method they use to authorize connections. Mind you, they do that from time to time to prune back spammers and others with malicious intent. It's a fair enough cause since their stand is "It's our network, so we control what goes on it". i can't argue with that, but it does tell me something else. It's their network, not mine, so i use it at their discretion, not mine.

So, much like my decision about getting a Facebook vanity URL, i decided to switch things around.

XMPP (or Jabber) is an open protocol that's been out for a few years. There are dozens of free (both in cost and in not ad driven) clients that can use it. What's more, i can add a Jabber server to my domain and publish my client connect without worrying about being spammed to death.

So here it is: jabber@jrconlin.com It's not an email address, and before you can send your offers of s3xy weeb camz, i have to agree to get messages from you.

That's going to be my new main IM address. It's mine, lives under my control, allows me to log in and run on multiple machines, and i don't have to worry about it not working in the future because someone wasn't making enough money.

Something Yahoo has been in the habit of doing quite a bit lately.

One thing that has always bothered the hell out of me was, what exactly did "A Whale of a Dad" mean?

• Here you go Dad, you're bloated and can only survive while buoyant.
• Dear Dad, i hope you don't die on a beach.
• Father, look! Eskimos! Run for your life!
• i love you Dad, Sorry about the harpoon.
• Hope you enjoy the cake Daddy. It was either this or a bucket of krill.
• i learned so much from you Dad, like how to hold my breath for 45 minutes and battle giant squid.

Come to think of it, any of those would be better than the usual assortment of cards about golf, watching TV and farting, so maybe there's a market…

The point was driven home today at the lighting store when the guy helping us out told us that we were the most well adjusted folks he's met who were this far along in their remodel. He told us that most couples come in at the start, very much in love and as the project progresses and more and more of their time is consumed, eventually someone is abandoned at the store in tears while the other tries to get the employees to come to the divorce hearing.

A remodel is a fairly big affair, particularly in an older home, even more so if you happen to be living in it at the time. Figure it's going to take at least a month longer than the estimate, cost around 20% more than you figured, and involve a minimum of two major issues (half of which will be your fault). If you're not living a profoundly good life or have a habit of "Making sure that these losers do what i tell them to", increase those numbers exponentially.

It also helps to plan accordingly and stay flexible, but that's true regardless of what you're doing.

i thanked the gent (and later realized that i screwed up my order slightly with regard to the connector cables), and went about the rest of my day, knowing a little bit better why the divorce rates are so damn high.

• My Archos 605's battery exploded (ok, nearly exploded) it swelled up enough to pop the back off. No word back from customer support as to whether or not i can clip the wires and still use it, minus battery.
• If anyone has any experience installing Kichler Design Pro Undercabinet LED lights and wouldn't mind answering a question or two within the next 24 hours, i'd be greatly appreciative.
• Alrighty, so i need to tear down and pack up my office and bedroom as well so that the circuits can be installed that will prevent me from setting fire to my house, all before i head into work this morning. Whoo-hoo!
• i also finally figured out what was so damn frustrating about the code i was working on. It just needs one thing. To die in a fire.

So no, it's not that i hate you or don't want to talk to you. It's not that i don't find you charming. It's not that i enjoy kicking your puppy out of my way. i'm just a little stressed at the moment and not my normal super happy self.

Of course, going forward was kinda out of the question too.

i speak of my old, black and white, portable TV. i got it as a college gift from my parents (i'm old). As a bonus, it can also run for a few hours off of eight (count'em) D batteries. It saw me through a fair portion of my adult life, kept my group up-to-date during 9/11 and even functioned as a monitor for a few things, but now… well… now it's just kinda sad.

With the transition to Digital TV, it's now just a radio. i've also got a portable TurboGrafix (yep, i sure can pick the winning consoles) that had the TV option as well. Now, it's also useless. What's more, should i decide to bury them in the ash heap of history, i've got to drop them off as the hazardous materials they are.

This kinda got me thinking about what sort of crap we're going to leave behind as antiques.

Think about it. There are crap antique shops stuffed to the gills with the junk our fore-parents never got around to getting rid of. Heck, there are even stores that specialize in selling high priced reproductions of the crap that we used to get yelled at for breaking. So, what kind of crap are folks going to remember about our era? LCD monitors? iPhones? Porcelain reproductions of biggie sized Wendy's fries containers? i suppose, but then most of that requires batteries and hazmat suits for disposal.

Huh, perhaps that's what they'll stock in those shops come 2100.

That or some USB sticks full of pirated copies of Windows 7.

My vanity domain is a professional face for myself. It's what i put on personal business cards or tell people when i want to be more than some idiot with a blog. Granted, one can get vanity domains for countless other services as well, and in fact, i have a slew of them. The reason that services like to hand those out is because they're link bait for their own services. (Why not have "facebook.com" appear as the domain of choice for folks doing a search for stuff?)

Still, i don't like the idea of someone else holding sway over me, particularly someone who could cut my account off for any reason. So, no, i'm not going to use that as my on-line calling card, even thought they REALLY want me to. Instead, i'm going to use them to promote me.

What i did was write a tiny bit of PHP that checks the paths of 404 documents against a database. If there's an entry, i redirect to the URL for that entry, if not, i do a search for that term plus my name.

E.g. to get to my amazon profile, you can go to http://jrconlin.com/amazon. Likewise, you can go to flickr, linkedin, or anywhere else i may have an account. LIkewise, if you're looking for stuff about me and "hacking", just go to http://jrconlin.com/hacking yahoo. Heck, in about two seconds, i can set up vanity URLs for services that don't have vanity URLs, and best of all, they get the privilege of being on my site, not the other way around.

It's trivially simple to set this up, by the way, and damn cheap. i know mookie hates them, but Dreamhost is running a sale again. (if not, wait a bit. They're always running some sale).

So, yeah, that whole facebook vanity URLs thing? Not really that impressive.

i'm not quite sure that applies to software developers.

Torvalds knows i'm just as guilty of it as anyone else, but one of the things that constantly infuriates me is tripping over unused code. Mostly because i have no idea that it's unused before i trip over it. Trying my best to not reinvent any particular wheel, i'll discover something that may be reasonably close to what i want, spend time tweaking it to suit my needs, and then discover that it actually doesn't do anything near what i want because it was abandoned months ago and nobody ever got around to cleaning that part up.

It's even worse on larger projects where folks are constantly rushing to meet deliverable timelines. Truth is, it's easy to add a note like "//Todo: Finish This", and then forget entirely about "this" for months.

i think the problem is that code is amazingly cheap for a developer. It's what we use, kind of like how an electrician can blow through reels of wiring without thinking about it, only unlike an electrician, raw code doesn't have a price tag hanging off of it at Home Depot. Of course, it really does because code takes time to craft, test and deploy, and that's time that could be spent on other projects. It honestly is worth it to clean up bad code, or at least label or just drop things that aren't being used.

Heh. i call it "picking up the toys" since that's kind of what it feels like.

i just need to remember to do that myself before i cry that other folks aren't doing it.