All change

I’ve been using the nick ‘jerakeen’ for at least… hmmm… 13 years? A long time, anyway. It was a pretty good name, I think – it’s decently unique, quite easy to spell, it’s a slightly-obscure and yet nerdy reference, and (crucially) pretty unique; It’s been pretty easy to maintain myself as the top google hit for the word.

But that was 10 years ago. For a while now I’ve considered this whole ‘handle’ thing quite childish. And there are other Jerakeens now and the mis-addressed twitters and delicious links are getting annoying, not to mention the fact that I’d quite like my work to be associated with me. It’s clearly time to do what all the other Serious People have done, and just use my actual name everywhere.

Thus, I’m retiring jerakeen as a nick/handle/whatever it’s called. In hindsight, using the same name for myself and my domain was a mistake, so I’m retiring this domain entirely as well. I’m renaming myself on all the services that will safely let me do so, creating new accounts on most services that don’t, and just putting up with it on the few services (hi flickr!) that I’m pretty much tied to.

So, the new me can be found as

I’m going to move my web output to the movieos.org domain, which I’ve had knocking around unused for a while now. It’s in a terribly rough state, but I don’t expect I’ll break it too much. This gets me a new email address as well, which will probably be the most

This site will obviously stay around. Permalinks are important. But I’m going to bake it out to flat files and retire the terrifying CMS that powers it. Likewise, I assume I’ll keep watching the old accounts for a few months in case anything still gets @jerakeen-ed to me. And I’m sure I’ll forget things. But in so far as much as you have to pick a line and say ‘this is when I’m changing my name’? This is it.

Running your own blog

in Blogs and baked goods John August simultaneously uses a new and incompatible baking metaphor about blogging, and argues that..

Most people shouldn’t be running their own blogging software

I agree. Except that I do run my own. In fact, not only do I host my own blogging software, on a machine that I admin myself, but I wrote the whole thing too. Every time I want a feature, I can’t just look for a plugin, I have to crack open a text editor. I’m crazy!

I’ve pondered changing this a few times, and indeed, I’ve re-written the software a lot in the past, and ported it around various different off-the-shelf systems, and nearly just canned the whole thing and moved to Tumblr on a couple of particularly bad days in the past, but I don’t. And I think it’s worth explicitly writing down the reason.

I don’t really care about the bread. I make ovens and baking trays. The bread (recent inexplicable blogging frenzy notwithstanding) is just a demo of the software. Look! I can syndicate a Flickr photoset and my twittering and Dopplr-driven maps and integrate them into a single page for the trip then tie them into an article about something, then provide a link to put all the photos on a map! The words aren’t the important bit.

So that’s why I bake. Except that I fry. Whatever.

On blog comment spam

Blog comment spam, the scourge of the internet. Having written yet another CMS to power jerakeen.org, I wanted comments on pages again. Django rocks hard – adding commenting was easy. And a day later, I have comment spam. Bugger.

From a purely abstract point of view, I find this interesting. There must be a spider looking for forms that look like things that can take comments. And the robots must be reasonably flexible – it’s not like my CMS is an off-the-shelf. But from a more concrete, ‘spam bad’ point of view, it’s bloody annoying.

So begins my personal battle against spam. Others have fought this battle, but of course the downside of rolling your own site is that you can’t use anything off the shelf. My plan was to forget trying to recognise and filter spam, and preferably I don’t want to have to moderate anything – I don’t want the spam to be submitted at all. And this really can’t be that hard. Unless there’s a human surfing for blogs and typing in the spam themselves, this should really just be a measure of my ability to write a Turing test. Right?

My first plan was to require a form value in the comment submission, but to not include that field in the form itself – instead, I added it with client-side JavaScript. This should stop simplistic robots, at the cost of requiring JS to be turned on in the client, which is something I’m willing to live with, frankly. Alas, it didn’t work. Clearly too simple – either there’s a human typing spam into the box, or the robot doing the work is using something like Mozilla::Mechanize that’ll do the JavaScript. Or maybe they just handle some obvious cases. After all, my ‘clever’ code was merely document.write("<input name=......

Or perhaps they figure it out once, and use a replay attack to hit every page? Not really a good assumption with hindsight, but never mind. I added prefixes to the form fields that were generated from the current time, and checked at submit time that the fields weren’t more than an hour old. This saves me from having to store state anywhere, and gains me forms that exipre after a while, unless you reverse-engineer the timestamp format. But I’m premising the existence of some automated tool, perhaps with a little human interaction. I don’t need to be perfect, I merely need to be not as bad as everyone else… But no, this failed too.

Ok, so the JavaScript is too obvious. I split it up into sections, and also write the wrong value into the form, and change it to the right one using a regular expression later (BWHAHAHAH). At the same time (and I suspect this is the important bit) I changed the names of the fields completely. Calling them ‘name’, ‘email’ and ‘comment’ is a bit of a giveaway, really. ‘foo’, ‘bar’ and ‘baz’ they are, then. Now it should be practically impossible for an automated tool to even figure out that I accept comments. Sure, you could probably think ‘hmm, two small input fields, and a textarea, on a page that has an RSS feed’, but I’m assuming that, for 90% of the blogs out there, this isn’t needed, so no-one does it.

And yes, I’ve received no blog spam comments since I did this. On the other hand, I’ve also received no normal comments either. Hope I haven’t raised the barrier too high. If the situation stays good, I may remove the client-side JavaScript requirement. Or figure out a noscript fall-back solution for people using lynx. Poor souls..

Blog-Mail convergence

Muttley caused this train of thought. Blame him.

Thoughts for a blogging toy

Here’s something I might do. Every time I post a blog entry, people on a list could get a mail with the subject, contents, etc, just like I actually just sent the thing to a mailing list. People can reply to the mail, and their replies get put as comments on the blog entry, as well as mailed to the rest of the list. People posting comments from the web page, their comments go out to the list. So if you ignore the mail aspect, it’s a traditional blog, and if you ignore the blog aspect, it’s a traditional mailing list, albeit with the caveat that only the owner of the blog can start a thread. And hell, that’s optional, you could allow free posting…

Once you do that, of course, the blog could be viewed as merely a web based archive for the mailing list, just with a much nicer web interface than most mailing list archives. Blogging software has put a lot of effort into managing date-based information archives, much more than mailing lists. On the other hand, mailing lists have put much more effort into managing threaded conversations than blogs have.

This blurs the line about what it is, of course. I’d probably initially implement it as a blog, with a bit of mail glue attached, but I suspect the more elegant way would be to have a mailing list with a very sophisticated web archive attached to it, one that handles threads as entries, and that allows you to post to the mailing list through the archive page. The distinction between the two rapidly becomes moot, of course.

Hmmm. Must play with siesta

(later) More Rambling

So, muttley has rambled as well. Interesting. He has some ideas about multiple blogs tying together somehow that I’m not seeing a way of making work in my head, and I hate talking about things I can’t construct a nice working mental model of, but he’s right, it would be nice to have a system of mutliple blogs tied together. Like this.

You get thread ownership problems, though. As things stand, I control a conversation on my blog completely. (well, if I had comments working yet…). That’s ok if the blog is also a mailing list, because I’d control the mailing list server completely as well. But if, say, threads I started were hosts on my blog, and threads paul started were hosted on paul’s blog, we get issues of potential censorship, and people picking the thread to comment on based on who’s blog the start thread was on.

That issue asside, it’s quite easy to adapt the first model espoused above to this sort of thing. All the participating blogs would send stuff to the same mailing list, and the mail reciever would use some smarts to determine which mails were replies to which blogs, and post comments appropriately. All doable. For the second, more elegant, solution, where the blog is merely one way of representing the ‘message’ objects that the back-end understands, we’d either need to host all the blogs in one place, or have a distributed server, or something. Not sure.

Tell you what. I’ll actually implement something at some point, and we’ll see how easy the collaborative stuff is then.