Month: May 2004

Delicious! A Great Bookmarks Manager [en]

Delicious is an online bookmark manager. It makes it very easy to add and categorize bookmarks, as well as share them with other users. You can also extract your bookmarks from delicious and integrate them in your blog to create a linklog. When I say ‘easy’, I really mean it!

Now, why on earth didn’t I start using delicious ages ago, when I first stumbled upon it? Maybe it didn’t look pretty enough, and didn’t flaunt its features loudly enough for me?

A couple of days ago I paid delicious another visit. See, somebody on #joiito mentioned my Keeping the Flat Clean post, and I suddenly found there was a bunch of people from delicious visiting that article. I thought: “My, people are actually using this thing!” and signed up for an account.

So… what does delicious do? It allows you to easily add pages you visit to your bookmarks, using intelligent bookmarklets (two clicks and no typing to add a link if you want to be minimalist). This is already easier than what I have to do to add links to my LinkBall.

You can categorize your bookmarks very easily by typing words in the “tag” field of the bookmarklet. No need to define categories — delicious takes care of it all for you. You can then view your bookmarks by category or (and this is where it gets interesting) all the bookmarks marked with a same tag. Each bookmark in your list is one-click editable, and each bookmark in somebody else’s list is one-click copyable. For each link, you can also view a list of all the users who have bookmarked it.

Does it stop there? No. All the bookmark lists (by user or by tag) are available in RSS and can be subscribed to within delicious. As a user, you have an Inbox which aggregates the feeds you have subscribed to. You may subscribe to a “user feed” or a “tag (category) feed”. On top of that, bookmark lists are available in plain html, and many users have contributed various hacks which can help you integrate your bookmarks with your weblog. (Update 02.06.04: one thing you shouldn’t do, though, is simply include that HTML feed with a PHP include or an iframe, as this will cause the delicious server to be hit each time somebody views your page.)

If you aren’t a user of delicious yet, you need to go and register right now.

Paypal Scam Nearly Got Me [en]

How I almost got scammed by people masquerading as PayPal. Remember to always type https://paypal.com in your browser, and never to click links!

I consider myself pretty web-savvy and spam/hoax-aware. Today I very nearly got fooled into giving my PayPal information to some shady characters.

This morning I got an e-mail from PayPal — or so I thought. It looked nice and branded, no spelling or grammar mistakes, security warnings telling me not to give my password or anything to anybody, and even a link inviting me to go and see PayPal’s Security Tips page. It was just asking me to login on the site and check my data there (that’s what I understood then, re-reading it now, it says they will verify the information I have entered, which is much more fishy).

I had already made a mental note of one of the PayPal warnings, which is to not trust any other site than https://www.paypal.com/ (I’m not linking it so as not to encourage you to click on links which seem to point there — you’ll understand why in a minute). Now, remember this was early morning for me (don’t you also check your e-mail in the morning?). I clicked on the login link, and noticed the browser was sending me to a website identified by an IP address (194.183.4.23 in this case). I stopped everything, and clicked the nice blue link that said https://www.paypal.com/us/cgi-bin/cmd=profile-update. The login page looked furiously like the real PayPal login page, and I was about to login with no second thoughts when I noticed the name in the browser bar was http://www.ssl2-paypal.com/support/update.html — not the link I had clicked on!

I had seen this address before, in another “PayPal” e-mail I had got a couple of weeks back. Already then they had managed to fool me, even though the e-mail was less well crafted than this time. I smelled a rat, so finally typed https://paypal.com/ in my browser and logged in there. Nothing special happened.

I dug out the previous e-mail, slightly worried now. You see, although I had been suspicious about this first e-mail, I do remember that I had logged in somewhere. But to this moment I’m not sure if I logged into the fake website or if I had the sense to point my browser to the real PayPal website myself before logging in. I think I did, I hope I did, and in any case I just checked my account for fraudulous activity and changed my password. The first e-mail was really bad, but I was convinced enough that it came from PayPal to forget about it, just making a mental note that their copywriting was really really poor.

This made the second scam e-mail seem all the more real: when I got it, I thought “oh, so that last e-mail must really have been a fake, this is what a real one looks like.” Poor unsuspecting me.

At this point, I still thought the second e-mail was a “real” one, but that the ssl2-paypal people had someway managed to hack a redirect on the official PayPal site. I hadn’t looked at the e-mail source yet, see?

Anyway, I decided to report the first e-mail I had received.

Coming back home at the end of the day, I had an automated response from PayPal regarding my complaint. It again stated all the security measures to take, in particular the one about always typing https://paypal.com in your browser. And I thought: “you doofuses, you had better stop putting clickable links in your e-mails if you want people to get used to typing the address!”

I was going to respond to them with a more politically correct comment in that direction when I went to have a second look at the e-mail (which, I remind you, I still thought legitimate) I had got in the morning. And that is when I realised that the beautiful blue link was in fact a fake link, disguised as a real one. You can put anything in the href attribute of an achor tag — the catch here is that their link looks a lot like the blue links e-mail reading programs create when they encounter plain-text URL’s.

So, there we go. I was nearly caught by those not-that-dumb spammers. Remember the golden rule:

Always TYPE the address in your browser, don’t CLICK on links in PayPal or other e-mails.

Urgent: chambre à  louer à  Lausanne [fr]

Chambre à  louer à  Lausanne, 310.- par mois, urgent.

Ma copine Christine et son colocataire cherchent d’urgence une colocatrice pour occuper la troisième chambre de leur joli appartement. Quartier Montelly, à  côté de la Migros et de la pharmacie, TSOL et poste à  deux minutes, Centre à  15 minutes. Prix: 310.- par mois charges comprises!

Si ça vous intéresse, envoyez-moi un e-mail ou lancez-moi un coup de fil, et je transmettrai.

Bollywood au Flon [en]

Main Hoon Na, film hindi projeté lundi qui vient à 20h30 au Flon.

Un petit billet en vitesse avant de m’écrouler de sommeil: la semaine a été bien remplie (plus à ce sujet prochainement), mais je ne pourrai pas dormir avant de vous avoir annoncé la projection de Main Hoon Na lundi soir au Flon (à 20h30, hindi sous-titré anglais).

Si l’envie vous prend de passer une soirée un peu indienne (et de découvrir peut-être sur écran un de mes acteurs de films hindis favori), réservez votre soirée!