I got caught by a bit of a bug today when I was trying to add a custom wallet item in 1Password. I was in the process of copying one of their templates after realizing they were just simple json, but couldn’t find the file where the description strings were stored. The file, Localizable.strings, that the above article eventually led me to turned out to be UTF-16, which grep cannot … grep through. After a little bit of googling, I came up with the following solution, which does a recursive case-insensitive grep in UTF-16 files on OS X.

for f in `find . -type f | xargs -I {} file {} | grep UTF-16 | cut -f1 -d\:`
        do iconv -f UTF-16 -t UTF-8 $f | grep -iH --label=$f ${GREP_FOR}
done

Update: I also put an accompanying shell script on github (ugrep.git) in the event that I need to make it a bit more flexible.

My del.icio.us tags tell quite a bit about me. Wonder if I could integrate this with TweetStats somehow…

For whatever reason, there aren’t many examples on the net of Python code that can be used with the Google AJAX Search API. I’m not really sure why this is and perhaps I’m missing something, but for future reference here’s some sample python code.

#!/usr/bin/python
import urllib
import simplejson

query = urllib.urlencode({'q' : 'damon cortesi'})
url = 'http://ajax.googleapis.com/ajax/services/search/web?v=1.0&%s' \
  % (query)
search_results = urllib.urlopen(url)
json = simplejson.loads(search_results.read())
results = json['responseData']['results']
for i in results:
  print i['title'] + “: ” + i['url']

See, this is why I love Twitter. One of my gripes with Firefox is that it automatically assumes any RSS or atom feed I enter into the address bar is one that I want to subscribe to using some sort of feed reader like Google Reader. While this is true 90% of the time, there is that occasional instance where I actually want to see the plain text of the feed. I posed my question to the Twittersphere and merely moments later, somebody replied with just the right solution:

I gave it a shot and it worked perfectly, but the only problem was that it required a few too many keystrokes for my liking. With that in mind, I whipped up a quick bookmarklet to take care of it for me. Here’s the source in, conveniently enough, less than 140 characters.

javascript:(function(){s=location.href;location.href='view-source:'+unescape(s.substr(s.indexOf("feedurl")+8));})();void(0);

You can also just drag this View Feed Source link to your bookmarks.

Thanks, @popthestack!

The best time of the year to visit Croatia, at least for me, is sometime in May. The crowds aren’t too thick, the weather is just right and not too hot for this Seattle guy.

Definitely not too bad. I went to Split at the last minute to take advantage of a long weekend. The picture above was not at all the image of Croatia that I had in my mind when somebody on Twitter suggested I visit there for the weekend. One hour after Googling “Split, Croatia” and seeing some of the results on Google Images, I had my ticket and hotel booked within the hour.

I arrived in Split on Saturday morning and even before I landed, I knew I had made the right choice for a relaxing weekend.

I quickly realized after landing in Croatia that I would need some shades after having lost mine a couple weeks earlier. After finding the hotel (not the easiest task given the streets of Split), checking in and procuring some shades, I started simply wandering the streets of Split. I easily found myself basking under the blue skies both under cover and right on some stairs leading into the Adriatic Sea.

And that was really all I ended up doing on my first day. I was pretty tired from all that sun (oh woe is me) and passed out early in the evening only to wake up around 9pm and find someplace to settle down for some fresh octopus.

Day 2 was more of the same with the exception that I got up early intending to go for a run and ended up hiking through a park, finding churches set into cliffsides and relaxing on a beach.

I settled down into an afternoon pizza, relaxed some more and then checked out a sweet concert by the coast. The band, Kries, was very unique and the bagpipes were the most authentic ones I had ever seen.

The last day was mostly souvenir shopping, checking out the cathedral and the tower next to. Now I’m not usually prone to a fear of heights, but this rickety stairway up the tower definitely made me happy once I was back on solid ground.

You can check out more pictures of my Split, Croatia trip on Flickr.

*****

This is a hack.
This is not guaranteed to work.
Twitter may change their website at any time.
I am not responsible if something breaks or you decide to delete all your DM’s.
Nor am I responsible if your friends get mad at you for deleting your sent DM’s from their Inbox.

*****

That being said, I’d like to introduce my DM Whacker, DM Deleter, DM Sniper, whatever you want to call it I created a tool to delete your direct messages en-masse on Twitter. After the recent debacle regarding direct messages being exposed, I definitely saw a need amongst some Tweeters do delete their direct messages.

I need to thank @chris4403 who posted his awesome Twitter Translate bookmarklet recently. Were it not for that, I would not have had the motivation nor the codebase off which to build my first bookmarklet.

With that introduction, I’d like to point you in the direction of the new DM Deleter. Simply drag the link that’s in that page up to your Firefox or Safari bookmark bar, navigate to your direct messages, click the bookmark and select your options to delete your DM’s once and for all. The tool allows you to delete all of your messages, or just messages from certain friends.

My apologies for the additional link, but I just wanted to reinforce the point that this tool will delete your direct messages forever. So, use it with care.

Feedback welcome. The ability to delete sent messages will be added in as well soonhas been added in version 0.2.4.

OK, I figure it’s time to throw my hat into the ring.

I’ve posted in the past about Twitter spam and I run what I think to be a pretty fun website about Twitter Stats, but there seems to be a lot of conversation recently about Twitter and the noise ratio.

Obviously, people are trying to figure out how best to use Twitter given its recent surge in popularity and accompanying spaminess. Louis Gray made a blog post about his noise ratio and Stowe Boyd followed up with a post about the noise ratio and conversational index, but there’s one thing that seems to be common across both these posts:

There is a super-fantastic problem in that both posts discuss one, one ratio!

That’s right - one ratio to describe the entire activity of Twitterites. One ratio to rule them all, one ratio to find them, one ratio to bring them all and in the darkness bind them.

OK, perhaps these posts were intended to be their own personal way of determining a proper reputation structure on Twitter, but there is so much more data available to play with. Shall we? Yes, let’s take a look at all the numbers we have to play with:

• Friends
• Followers
• Favorites
• Updates
• Date joined Twitter
• Number of updates over time
• Number of updates in the past month vs. when the first joined Twitter
• % of updates that contain links
• % of updates that are replies
• Number of mentions of the word “awesome”

These are just a few of the numbers that Twitter provides and while the noise ratio is a nice statistics, it is most definitely not a holistic means of providing a method by which to rate the reputation of a Twitter user. And there never will be such a means. Myself and @wardspan had a conversation this evening where we discussed the top three things we use to determine if we’re going to follow somebody. I think we only shared one in common of our top 3 and we tend to be pretty similar-minded. But we use Twitter for different reasons.

And it is with this post that I call out for a reasonable reputation system across our many services. Twitter is one such example, but there have been others in the past (yes, those other social networks) that have dealt with the same reputational issue, not to mention spam.

And it’s not getting better. I signed up for FriendFeed today and created a profile of my real self’s online activity. The scary thing is…I could have created the same profile for anybody else and the question to ask yourself is would anybody have known any better? In addition, in their case - does it even matter? Or are they redirecting their trust to the other systems they are using to generate their content.

Just imagine, if we could create a reliable reputation system across the services that we use to provide us with better and more interesting, targeted content on a daily basis. If only…

A brief update - top 3 things that can be done to help users weed out spam:

1. Make the block functionality more accessible - did you find it underneath the “Following” legend?
2. Provide basic stats about a user in the notification email - location, bio and some ratio information
3. Use backend monitoring/analysis to `killall -9` spammer accounts (block ratio, usage trends indicative of automation, etc)

As with any social network, spammers appear to take advantage of the collective masses that are gathered and interacting with each other. This is no different on Twitter, where numerous people have complained recently about massive follows from spam accounts. These accounts typically take the form of a high following:friend ratio and a low number of updates. There is even a site devoted to Twitter spam, twitterspam.com. There’s quite a bit of other information we can examine, but let’s tackle this in order of the two main types of spam I’ve come across.

The first is embodied in the @castlebaths account. Statistics that indicate this as a possible spam account:

• 20% of links in the first 20 updates are the same as the bio link
• There are zero replies in the account (note: not unlike a new Twitter user)
• There’s an average of 1.15 updates/follower
• The users “Friends” account for 95% of the aggregate friends and followers

Now this account may very well be legitimate, but I doubt many people want to follow somebody on Twitter that is simply hawking a product and not contributing much beyond that. Taking these values and creating an aggregate score would probably score pretty high on the spam card.

Let’s take a look at another account, @kendra2. This account is a little bit more difficult to identify as spam through the numbers:

• 5% of the urls in the first 20 updates are the same as the bio link (that’s one url for those not counting)
• This account has actually replied to people
• There are only 14 updates, but
• The users “Friends” account for 95% of the aggregate friends and followers

This is an interesting account since it seems to be an actual person trying to interact, but the bio link is actually the telltale sign here - videochatonline is a webcam site and @kendra2 is obviously trying to bring traffic to that site. The numbers do not clearly mark this as spam, but the last two statistics seem to indicate this account has been created solely for the purpose driving traffic outside of Twitter. Other signs are the “pretty girl” avatar, bio link to a commercial site and potentially similar profiles.

As a Twitter user, what other statistics can I use to identify spam that Twitter (or somebody else…) might be able to provide?

• # of my friends that _also_ follow the account
• # of accounts without autofollow that are following the account
• # of inactive accounts being followed by the new user
• Are consecutive accounts being followed?

There’s also a number of back end statistics that can be utilized by Twitter such as unique IP addresses in use across large numbers accounts, clickstream rates and patterns and other similarities across multiple accounts. Reporting spam isn’t always useful, but observing the (generally predictable) behavior of spammers and the interaction of the users with those accounts is a step forward.

Is spam an easy problem? Obviously not or we wouldn’t have blog, email, trackback, comment and postal spam. Will there be false positives? Sure. However the numbers above can help in both the automatic identification of spam accounts and providing users with enough topical information to make smart decisions to help alleviate their frustration as well. Furnishing an easy means by which to report/block spam is also a necessary evil. Twitter has hummed along relatively under the spam radar until now, but it seems it has to accept that spammers will try to take advantage of its users. Giving users the power to identify and avoid spam through the use of statistics will hopefully make Twitter a fruitless source of successful spam.

I’m nearing the end of my first six weeks in Germany, and I’ve really enjoyed it so far.

I feel like I should be better versed in German, but I’m quite satisfied with the simple ability to walk into a restaurant, order and pay in German (both in language and custom) and be able to understand most of what is said. I’m familiar with greetings, some common phrases, and know my numbers relatively well.

That’s the easy stuff, though. It’s predictable. It’s the same. And I’ve probably done it about sixty times in the past six weeks. Not to mention that the locals are fairly patient if you’re willing to make a fool out of yourself and speak a language you are only picking up in bits and pieces.

It’s those little things, though, that make life just a little bit easier when you’re in a foreign country and missing your usual support system. It’s the ability to interact with people, if only on a basic level, that makes each little bit of German I learn that much more enjoyable.

The weekends are also very enjoyable here. Sundays are a day of rest when most stores are closed and families take walks through the countryside and spend time together. I recently went walking around the town where I’m staying on a brisk (50°F) Sunday and masses of children on their bikes were congregating outside the ice cream shop, families were enjoying the sun, and it seemed as if everybody in the town was walking down main street and enjoying the day. I’ve spent my time here doing some fun side projects, venturing through the countryside to castles, and walking around aimlessly like everybody else.

I’m looking forward to being back home for a little, but I will definitely look forward to coming back to Germany. (And that has nothing to do with Black Hat Amsterdam when I get back…no really. ;))

A few interesting tips for eating out

• Tipping is not required, but acceptable and appreciated in moderation.
• It is common for the bill to be broken up among dinner guests. When you pay, regardless of whether you tip, you tell the server how much you want to pay, not how much change you want.
• You also have to ask for the bill when you’re ready. German etiquette is to let you sit and chat for as long as you like without interrupting you. While it can be a little frustrating for us impatient Americans, it is nice to be able to enjoy a three-hour lunch with drinks, cappuccino, good friends and good conversation.
• Many bathrooms in Germany have an entrance fee, particularly at tourist attractions, roadside stops, or in the evenings. Sometimes there is an automated machine, but more often there is an attendant sitting outside. €0,50 is the standard fee.
• The bathroom is most often located in the basement

One humorous story of how I’ve made a fool of myself before I leave to relax for my last evening here.

I was heading out to dinner with four friends and three of us entered the restaurant while the fourth parked. Thinking I would exercise my newfound counting skills, I looked up as the waitress came over and tried to indicate we would need four menus by saying “vier” while holding up four fingers. She replied in German, to which I replied with a resounding “ja” even though I had no idea what she said. Next thing I know, four beers showed up at the table.

I really can’t complain, but I’ve since learned the word for menu…grin

This is going to be a quick post, mostly because I’m tired from working on that other site and I really need to get some sleep.

I’ve been doing some serious pcap analysis lately. You know the type…where you’ve dumped numerous pcap’s with tcpdump and the wonderful -C parameter. Being the type of guy that I am, I wanted to visualize the traffic I’d captured to identify what was going on. Here’s a few argus commands I used to get the job done. Note I’ve used back slashes (\) to separate the commands onto multiple lines

# Extract specific src mac addresses I'm interested in
for i in `ls ~/captures/pcap*`; do
  /usr/local/sbin/argus -mAJZRU 256 -r $i -w src_macs.argus - \
  ether src 00:00:00:11:22:33 or ether src 00:00:00:33:22:11;
done

Fantastic - now I’ve got an argus data stream that contains traffic solely from a mac or two I was interested in.

# Now let's take a look at top usage for each IP address
racluster -r src_macs.argus -m proto saddr dport -w - | \
  rasort -m saddr pkts -s saddr dport pkts | more

Now that we’ve manually looked through that data and found the top ports (argus used to have a -topN option, but I couldn’t seem to find it) let’s draw some nice-looking graphs. This splits the graph out into directories by date and generates graphs in each directory representing traffic for each particular mac address.

# For each mac address, generate daily usage for the "interesting" ports we saw above
macs="00:00:00:11:22:33 00:00:00:33:22:11"
ports="23 53 80 139 389 443 445 3389 1521"
filter_string=`echo $ports | sed 's/[[:digit:]]*/dst port & or/g’ | sed ’s/ or$//’`

for mac in ${macs}; do
  rasplit -r src_macs.argus -M time 1d -w “archive/%Y_%m_%d/${mac}.arg” - \
    “(${filter_string}) and (ether src ${mac})”;
done

find archive -name *.arg | xargs -I {} \
  ragraph pkts dport -M 1m -r {} -fill -stack -w $(dirname {})/`basename {} .arg`.png

It’s not perfect and it took me quite a while to understand the intricacies of argus (-w - is different from just not specifying an output file, for example), but it’s definitely a start down the road.