The Road to MDA

The most expensive phase of software construction is coding and this is because it’s the less intuitive: it requires constant attention and reasoning, errors (logical or not) are difficult to spot because they are immersed in text that often is long, separated in more than one file, and not written by us.

Continue reading The Road to MDA

Proof that Microsoft SQL Server 2005 Profiler causes no harm

If you ever wondered if SQL Server Profiler can influence negatively your production database servers that you watch every day with love and attentions, then stop wondering because I have an empirical proof of the fact that it causes no harm.
Continue reading Proof that Microsoft SQL Server 2005 Profiler causes no harm

Laws of Software Development

Another interesting post about project management: Laws of Software Development.

Pidgin Portable 2.0.2

Updated with Pidgin 2.0.2. You can find it here.

Pidgin Portable 2.0

Another quick fix. You can find it here.

Simple anti-mail-harvester Javascript code

In my continuous quest to fight spam, I think I’ve found a simple solution to an aspect of this problem. It isn’t the definitive one, and we can consider it a variation on the theme of the captcha, even if there’s no image involved, because there must be a “human intelligence” involved in the interaction.

We know that one of the problems behind spam are mail-harvesters: servers that search for email addresses in the Internet (see Project Honey Pot). I don’t know exactly how they work, but I think that they find a web server someway (trying IPs or searching for HTTP addresses on search engines), then they start to suck every accessible page on it and search in the HTML text for acceptable email addresses. But we know that a web page can have a behaviour, too: I think it’s very difficult that mail-harvesters “run” the pages they get, because that would be very resource intensive and slow. Besides running them, they should fire all registered events and follow their consequences: definitely too much work.

That said, my idea is simple: manually encrypt your email and embed the encrypted string in the page; it will be decrypted on demand based on user action and opportunity. An example is the link with my name under “Author” in the sidebar of my blog site: when you pass on it with the mouse, an event is fired that decrypts my email and puts it in the href attribute with the mailto protocol; then you can click on it and send me an email with your email client.

It seems at least strange that a harvester can do these actions in a timely fashion.

To encrypt the email, I used a simple ASCII Encryption Javascript source file found somewhere (thanks to David Salsinha). I choose this algorithm because it has the interesting property to produce a different encrypted string every time for a given input string.

If you want to use this trick, you can encrypt your text here , and copy the result from here directly in your page source.

Then use this code (or a similar one):

<a data="...encrypted string..."
onmouseover="this.href= unEncrypt(unescape(this.getAttribute('data')));">
Diego Caravana

[EDIT] Changed slightly the script to obtain a stronger separation between the encrypted data and the code to decrypt it; now to reach that point, there must be at least a partial DOM of the place, besides a Javascript engine.