Year: 2011

Google Plus (Picture Reviews)

Five Pictures should be equal to five thousand words- ergo here is some pictures from Google Plus duding. the only free advice for the boys of mountain view- the check your hair in Hangouts is bad for balding people. But Seriously.

Google Takeout rocks!

I love the new Google Takeout. Just take out all the data stored within Google and download.

and unlike Facebook – it kind of builds this almost within a minute thus showing they are serious on privacy. Facebook takes too long to build the archive.

I would also prefer to download the data as a torrent or anything which is resumable if the connection breaks

 

Coming up-

yet another preview of Google +

 

Google Product Launches

So dear G launched a whole new set of Products. Some thoughts-

1) Join up the Social Invite List here – it is called Google Plus. We hope it doesnt end up like Buzz http://www.google.com/buzz or Orkut https://groups.google.com/group/opensocial-api/?pli=1 or Plus One http://www.google.com/webmasters/+1/button/ or Wave (email killer) http://googlewave.blogspot.com/

When the biggest cloud computing company in the world announces a phased rollout to a product- we wonder if they are really sure on launching the product rollout or just were in a hurry again.

Machine learning wont work with social , chaps. Well not everything in social. And the Google Social Blog forgot to write about it http://googlesocialweb.blogspot.com/

Well anyways, even Google Finance’s automated announcements feed failed to pick many of their own  product launches (or it does in an automated manner depending on which time period you choose – yes still no social buttons up http://www.google.com/finance?q=google

BACK TO GOOGLE PLUS

https://services.google.com/fb/forms/googleplus/

Google+

Thanks for stopping by.We’re still ironing out a few kinks in Google+, so it’s not quite ready for everyone to climb aboard. But, if you want, we’ll let you know the minute the doors are open for real. Cool? Cool.

  • First Name *
  • Email *

Google+ Privacy Policy

2) Google Web Fonts- Great product, how and hey http://googlewebfonts.blogspot.com/ when do you plan to monetize uhm  web fonts. Not that would be awesome. Not even a single ad on those pages- not even for philanthropy. or poor poets. or even Google Book Authors who self publish . Sound of silence….

http://www.google.com/webfonts/v2

 

3) Google Analytics gets some groove back. I really want to see much better integration of Google Apps and Google Analytics and Google Desktop search. Ditto for the interface. Enterprise software uses different fonts than retail software, dude. More fries, http://analytics.blogspot.com/ ?

Feature 1- Custom Reports for metrics I can slice and dice on my own

Feature 2 Awesome analytics for In-Page Analytics (beta feature) Beta is boring if overused. Try Theta maybe?

Feature 3 Daily Automated Alerts for Unusual Server /Traffic Activity

Feature 4 event Tracking is cool esp for understanding social media impact

 

It is still too early for mobile (in terms of traffic) as well as tablet analytics (?)

4) Angry Birds is still the best feature in Chrome  (but there are lots others at http://chrome.blogspot.com/) and esp http://googlecode.blogspot.com/2011/06/working-with-chromes-file-browser.html

Try http://chrome.angrybirds.com/

There are ways to make software that are not evil. Very very disappointed at total lack of monetization of this chrome app. Not even a T Shirt for me to buy ad . sighs

Funny thing- the product manager forgot to take off Facebook like button or even add the +1 button or even the Tweet this button.

Quo Vadis ?

 

5) What do you love?

http://www.wdyl.com/#

Analytics 2011 Conference

From http://www.sas.com/events/analytics/us/

The Analytics 2011 Conference Series combines the power of SAS’s M2010 Data Mining Conference and F2010 Business Forecasting Conference into one conference covering the latest trends and techniques in the field of analytics. Analytics 2011 Conference Series brings the brightest minds in the field of analytics together with hundreds of analytics practitioners. Join us as these leading conferences change names and locations. At Analytics 2011, you’ll learn through a series of case studies, technical presentations and hands-on training. If you are in the field of analytics, this is one conference you can’t afford to miss.

Conference Details

October 24-25, 2011
Grande Lakes Resort
Orlando, FL

Analytics 2011 topic areas include:

Top 25 Most Dangerous Software Errors

If you cannot measure it, you cannot manage it- Peter Drucker

Here is a RSS feed/website  for all security incidents

http://www.us-cert.gov/current/ and http://www.us-cert.gov/cas/techalerts/

You can also see http://www.onguardonline.gov/tools/overview.aspx for tools to be secure online.

But the new measuring system is http://cwe.mitre.org/cwss/ to help being secure. It basically creates a score or an anlytical approach for measuring vulnerabilities.

Common Weakness Scoring System (CWSS)

The Common Weakness Scoring System (CWSS) provides a mechanism for scoring weaknesses in a consistent, flexible, open manner while accommodating context for the various business domains. It is a collaborative, community-based effort that is addressing the needs of itsstakeholders across government, academia, and industry. CWSS is a part of the Common Weakness Enumeration (CWE) project, co-sponsored by the Software Assurance program in the National Cyber Security Division (NCSD) of the US Department of Homeland Security (DHS).

CWSS:

  • provides a common framework for prioritizing security errors (“weaknesses”) that are discovered in software applications
  • provides a quantitative measurement of the unfixed weaknesses that are present within a software application
  • can be used by developers to prioritize unfixed weaknesses within their own software
  • in conjunction with the Common Weakness Risk Analysis Framework (CWRAF), can be used by consumers to identify the most important weaknesses for their business domains, in order to inform their acquisition and protection activities as one part of the larger process of achieving software assurance.

and the top 25 errors in software are

http://cwe.mitre.org/top25/index.html

 

Rank Score ID Name
[1] 93.8 CWE-89 Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’)
[2] 83.3 CWE-78 Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’)
[3] 79.0 CWE-120 Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’)
[4] 77.7 CWE-79 Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)
[5] 76.9 CWE-306 Missing Authentication for Critical Function
[6] 76.8 CWE-862 Missing Authorization
[7] 75.0 CWE-798 Use of Hard-coded Credentials
[8] 75.0 CWE-311 Missing Encryption of Sensitive Data
[9] 74.0 CWE-434 Unrestricted Upload of File with Dangerous Type
[10] 73.8 CWE-807 Reliance on Untrusted Inputs in a Security Decision
[11] 73.1 CWE-250 Execution with Unnecessary Privileges
[12] 70.1 CWE-352 Cross-Site Request Forgery (CSRF)
[13] 69.3 CWE-22 Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’)
[14] 68.5 CWE-494 Download of Code Without Integrity Check
[15] 67.8 CWE-863 Incorrect Authorization
[16] 66.0 CWE-829 Inclusion of Functionality from Untrusted Control Sphere
[17] 65.5 CWE-732 Incorrect Permission Assignment for Critical Resource
[18] 64.6 CWE-676 Use of Potentially Dangerous Function
[19] 64.1 CWE-327 Use of a Broken or Risky Cryptographic Algorithm
[20] 62.4 CWE-131 Incorrect Calculation of Buffer Size
[21] 61.5 CWE-307 Improper Restriction of Excessive Authentication Attempts
[22] 61.1 CWE-601 URL Redirection to Untrusted Site (‘Open Redirect’)
[23] 61.0 CWE-134 Uncontrolled Format String
[24] 60.3 CWE-190 Integer Overflow or Wraparound
[25] 59.9 CWE-759 Use of a One-Way Hash without a Salt

 

You can use the list at http://cwe.mitre.org/top25/index.html and check your own corporate vulnerabilities. It is better to sweat in cyber peace than bleed in cyber war, huh.

 

 

 

 

Chrome

If you are new to using Chrome, there are many delightful features just beneath the surface.

If you are an Internet Explorer or Firefox or Safari or Arora or Opera or Sea Monkey browser user- this is one more reason to test, just test Chrome.

Ok so who Made chrome- (note the link i.e about:credits is what you type in chrome to see features)

about:credits

Credits

David M. Gay’s floating point routines
dynamic annotations
Netscape Portable Runtime (NSPR)
Network Security Services (NSS)
purify headers
google-glog’s symbolization library
valgrind
xdg-mime
xdg-user-dirs
google-jstemplateshow licensehomepage
Launchpad Translationsshow licensehomepage
Mozilla Personal Security Managershow licensehomepage
Google Toolbox for Macshow licensehomepage
ActiveX Scripting SDKshow licensehomepage
Almost Native Graphics Layer Engineshow licensehomepage
Apple sample codeshow licensehomepage
Google Cache Invalidation APIshow licensehomepage
Compact Language Detectionshow licensehomepage
OpenGL ES 2.0 Programming Guideshow licensehomepage
OpenGL ES 2.0 Conformance Testsshow licensehomepage
hunspell dictionariesshow licensehomepage
IAccessible2 COM interfaces for accessibilityshow licensehomepage
Chinese and Japanese Word Listshow licensehomepage
ISimpleDOM COM interfaces for accessibilityshow licensehomepage
modp base64 decodershow licensehomepage
NSBezierPath additions from Sean Patrick O’Brienshow licensehomepage
Cocoa extension code from Caminoshow licensehomepage
OTS (OpenType Sanitizer)show licensehomepage
Google Safe Browsingshow licensehomepage
XUL Runner SDKshow licensehomepage
and of course
so thats who made chrome.
  • Will Google be able to monetize Chrome the way it has monetized Android (Atleast by locking in both search,computing and browsing platforms)? I like the Adblock extension- and I would be happy to see more paid extensions. or even two versions one free and other freer (in choice) browsers for ads /security etc. maybe even a premium paid browser which has tor embedded in it , adblock enabled in it, and encrypted chat (like Waste Again) as an extension…. Hmm Hmm Hmm There is a SOCIAL version of Chromium called Rockmelt used ironically by Google Social Nemesis -Facebook (see http://blogs.ft.com/fttechhub/2011/06/facebook-partners-with-rockmelt-on-building-a-social-web-browser/)
  • Will Google share more revenue with open source contributors and thus create a new path in open source revenue generation just like it did with online advertising as an industry? Hmm Hmm Hmm. or Will Facebook continue to lead the way with extensions and applications (which did predate the mobile app place- so thats one innovation u gotta give to Zuk’s boys 😉
Back to Chrome-
To change settings- chrome://settings/browser
but to check what Autofill Data is stored within chrome (thats your credit card and your web form information)
chrome://settings/autofill and chrome://settings/content has all your content settings
Well Chrome is very very secure, or as secure as a browser can be in 2011.
You can set up Google Sync to keep all your data in the cloud, and it has an application specific password as well.
So hopefully you will have much more fun enjoying hacking Chromium 😉
See these

Workflows and MyExperiment.org

Here is a great website for sharing workflows – it is called MyExperiment.org and it can also include Work flows from many software.

myExperiment currently has 4742 members270 groups1842 workflows423 files and 173 packs

Could it also include workflow from Red-R from #rstats or Enterprise Miner

Continue reading “Workflows and MyExperiment.org”