Security through obscurity never really works; when I use it, I at least know what I’m doing, and that it could bite me. I had thought any halfway informed administrator knew that same thing. Apparently, some folks still don’t get it. Let’s see… a company puts a file on its Web site that isn’t in any way protected except in the sense that there are no links to the file, and someone else figures out the URL, which leads to advance publication of the information. That’s not breaking into your site, it’s being smarter than you. From Intentia’s own press release: “The incident has severely damaged confidence in us as individuals and in Intentia as a company,’ says Björn Algkvist, CEO of Intentia International AB.” That’s almost certainly true. I know I wouldn’t trust my company’s data to a firm that made so obvious a mistake.
Posts from October 2002
As I write this, the first snow of the season is lightly falling from an overcast sky. It probably won’t last more than a few minutes, and the flakes are melting as soon as they hit the ground, but it’s still a welcome sight. The seasonal cycle is one reason I settled down in Cleveland; it gives the year a rhythm and variety I would sorely miss in warmer climes.
Hey, By Designers For Designers (BD4D) is coming to Cleveland on November 15th! The featured speaker is Derek Hess, a local guy with national exposure, and the co-sponsor of the series is New Riders, the people who published my latest book. Assuming no major upheavals in my schedule, I’ll be there—how about you?
Speaking of Eric Meyer on CSS, it appears to have sold out its initial print run of almost 7,000 copies, and a sizeable second print run should be done within a few weeks. So if you’re on back-order waiting for a copy, your patience should soon be rewarded.
I’ve spent the last week balanced on a number of knives, it seems like, and I don’t expect it to end any time soon. People dear to both Kat and me are in poor health, and we can’t help but worry about them. The worry does them no good and does us harm, but what choice do we have? We steel ourselves for possible bad news and furtively hope that it will turn out all right in the end. In the deepest corners of our hearts, we wishfully imagine a future time when the sun is shining warmly, all our loved ones are sitting with us in an idealized communal space, and we shake our heads over that time when things were bad for a little while. And we realize that no matter how hard we wish, the actual future will probably turn out to be a lot less bright and comfortable than we’d like.
Refinancing a home involves a lot of paperwork, as I was reminded yesterday. Hopefully this is the last time I’ll do it, because frankly, if interest rates drop far enough to make another refinance worthwhile, I’ll be very concerned about state of the global economy.
For those of you thinking about syndicating my entries here, the RSS feed has moved from its old location. You can get the new feed in either RSS 0.91 or RSS 2.0, as well as access the archives, on the new Eric’s Archived Thoughts page. Those of you who already syndicated me should have seen a note about the move.
The W3C has released a public beta of a major upgrade to their HTML validator, and authors are very much encouraged to try it out—I did! It adds a lot of new things to the service, including better handling of document MIME types (like
application/xhtml+xml) and more. One of the validator’s lead developers e-mailed me about it, and then dropped this comment in at the end of the message:
The new CSS is loosely inspired by your stuff (well, that’s probably true for most CSS these days I suppose).
Pardon me while my ego starts beating its chest and howling. (And Kat’s not home to keep it under control, either.)
The stress hasn’t ebbed yet, but a few good people have thrown me lifelines over the past couple of days. I feel a touch better about life in general thanks to a few kinds words from those folks. “I just wanted to say thanks, and let you know that your work is much appreciated,” said one. Another one wrote:
So here’s a bit of my thanks and appreciation for taking [list administration] on, AND for all you do to forward the use of CSS, including the writing of books, especially your most recent!
And a while back, Jeff Cohan e-mailed me to say:
…for what it’s worth, that I really appreciate not only the wisdom/expertise that comes through in your CSS-discuss and [newsgroup] posts but also the respectful tone you consistently use. (I just read your “Table design (was Re: Is there a way to “synchronize” div heights?)” response in CSS-discuss.) Folks like you (and Linda Rathgeber, whom I put in the same boat) set a great example, I think.
All of which reminds me that whatever stress I feel, whether I brought it on myself or not, and no matter how much I might sometimes want to just walk away from everything, I’m doing things that make a difference. As I wrote to a correspondent a few days back:
I figure everyone has three choices in life: they can work to effect positive change, effect negative change, or do their best not to make any change at all. I’ve chosen the first of the three, to the best of my ability.
I’d like to thank Jeff, Adam, Peter, Darinda, and others for reminding me that effecting change is always difficult, but that it yields rewards beyond measure.
Oh, and I ended up choosing Pinnock and the English Concert yesterday. That may have helped a little bit, too.
We all have fluctuating stress levels in our lives, and I’m currently fighting through a relative high tide. Starting a few days ago, all kinds of pressure came flowing in, and I keep waiting for the ebb. A while back, I assembled the “Fear” quadrology in iTunes, and it was the first thing I fired up this morning.
To you—is it movement, or is it action? Is it contact, or just reaction? And you—revolution, or just resistance? Is it living, or just existence?
Nevertheless, I’m still interested in hearing about outbound traffic rates for large sites (see Saturday’s entry). I’ve found a few plans that charge a nickel per megabyte—is that about the average? Anyone paying a lot more or less than that?
Kat and I just got back from a week in Boston, where Molly and I presented at User Interface 7 East. The gang at User Interface Engineering put on an amazing conference, and I’m really looking forward to the next one.
As usual I’m trying to catch up with my e-mail, but in a bid to make it worse, I have a question maybe some of you can answer. If you pay for your site based on the bandwidth its traffic consumes, how much are you paying for that bandwidth? I’m not interested in the monthly charge for flat-rate plans so much as I am the per-megabyte fee for large volume accounts, or what you pay for exceeding your monthly quota. Please let me know.