Privacy Tip #3: Block Referer Headers in Firefox

Saturday, October 21st, 2006

When you follow a link from one page or site to another, the browser usually sends a Referer [sic] header to the server to tell sites where you came from:

GET /test.phtml HTTP/1.1
User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.8) Gecko/20051130 Firefox/1.5
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive

In general this is a good thing. However, unscrupulous sites can and do abuse this information to violate visitors’ privacy and track them across the Web. In combination with cookies, it’s especially dangerous. In Firefox, you can disable the sending of the Referer header completely, and in general I recommend you do so. Here are the steps:

Flipping Slides with JavaScript

Friday, October 20th, 2006

I’ve been writing my talk notes in XML and delivering them in HTML for years. These days I rarely if ever use PowerPoint. Especially since my talks tend to be quite code heavy, HTML works much better. It’s much easier to put a decent amount of (still legible) source code on an HTML page than a PowerPoint slide, plus I can scroll if I need to.

One of the most common questions I get when I give one of these talks is how I make the slide advance from one to the next by just hitting one key. It’s actually not that hard, but it does surprise people, so I thought I’d show you.

Privacy Tip #2: Mailinator

Thursday, October 19th, 2006

Companies are really fond of collecting information from you they don’t really need before letting you read their website, check out demos, and download free-as-in-beer software. Occasionally they ask for this for free-as-in-speech software. One technique they use to make sure you give them your information is to e-mail you your username or password or license key. That way, even if the user is named “Barney Rubble” they’ve got a pretty good idea of your real e-mail address.

Certainly you good set up a free account on HotMail or GMail, and use that to register. However that takes time and effort. If you use the account more than once, they can cross-correlate your registrations on different sites. There is, however, a better solution: Mailinator.

Autosave Considered Helpful

Tuesday, October 3rd, 2006

Over the last ten years or so, a new metaphor for saving data has slowly developed in some applications such as iTunes, Apple’s Address Book, iCal, and Eudora: the automatically saved document. In this model, the user rarely even sees the document as such. They simply open the program, enter new data, and close the program. There is neither an explicit open nor save step. They do not distinguish between the program and its documents.