My father In memorium

Veteran’s Day

For my father, Captain Russell H. Kesselman, U.S. Air Force, 1927 – 2009.

The loss and sorrow does not diminish. I think of my father every single day. I miss him so much. I wish I would have been a better daughter.

My father was not always tactful. He could say hurtful things, carelessly. He was often unhappy, moody. Yet he was absolutely consistent about this: When I was unsure about myself, he always told me that he believed in my ability to accomplish things. It never felt like reassurance, but rather, certainty. If I could, I would say,

“You were a good parent! I was so fortunate, yet never realized that. Thank you for constantly encouraging me. You never led me to doubt myself. I am so proud that you were my father. You worked for 50 years, helping people, working for the Veteran’s Administration as a cardiologist, going on house calls for your elderly patients even though you were 75 years old yourself. I love you, Father.”

I can’t though. My father is gone from this world.

Don’t be like me. Tell your parents that you love them, now, while you can. Don’t be obstinate (as I often was), particularly if there is no good reason for it.

Don’t do what I did, and feel such regret, more than I have words to describe.


The problem with randomness

How to generate random numbers from spam

I found SecurityDump’s WPRandom the other day:

Generating random numbers is pretty complicated if you need them for cryptographic algorithms. This software generates them based on spam comments…


Things fall apart

Read Quote of Ellie Kesselman’s answer to Neo-Jeffersonianism: Is Occupy the right structural model for neo-Jeffersonianism at the “movement” level? on Quora

    Turning and turning in the widening gyre
    The falcon cannot hear the falconer;
    Things fall apart; the centre cannot hold;
    Mere anarchy is loosed upon the world,
    The blood-dimmed tide is loosed, and everywhere
    The ceremony of innocence is drowned;
    The best lack all conviction, while the worst
    Are full of passionate intensity.

    Surely some revelation is at hand;
    Surely the Second Coming is at hand.
    The Second Coming! Hardly are those words out
    When a vast image out of Spiritus Mundi
    Troubles my sight: a waste of desert sand;
    A shape with lion body and the head of a man,
    A gaze blank and pitiless as the sun,
    Is moving its slow thighs, while all about it
    Wind shadows of the indignant desert birds.

    The darkness drops again but now I know
    That twenty centuries of stony sleep
    Were vexed to nightmare by a rocking cradle,
    And what rough beast, its hour come round at last,
    Slouches towards Bethlehem to be born?

— The Second Coming W.B Yeats

And what rough beast, his hour come round at last,
Slouches towards Washington to be sworn?

 via big trouble is on the horizon

Obama talks new world order at DNC funder last night— Zeke Miller (@ZekeJMiller)

July 23, 2014

The center cannot hold.


Authentication and Authorization

Access control has two components, referred to collectively as auth.

Third-party applications often require limited access to a user’s Google Account… all requests for access must be approved by the account holder.

via Authentication and Authorization for Google APIs.

Authentication services

Authentication refers to the process of allowing users to sign in to websites. In the context of this blog, it also refers to sign in to applications using a Google Account, or an OpenID 2.0 based protocol. When Google authenticates a user’s account, it returns a user ID to the web application. This allows user information to be stored and collected. Open ID also allows access to certain user account information, with the user’s approval.

Authorization services

Authorization is often confused (by me, maybe others) with authentication. Authorization lets a user authorize access by applications to specific data associated with the user’s Google account.

OAuth 2.0 Protocol

The OAuth 2.0 open-standard protocol allows users to authorize access to their data, after successful authentication. Google supports the OAuth 2.0 protocol with bearer tokens for web (and installed) applications. Regular Google account data and Google Apps account data are accessible with OAuth 2.0. OAuth 2.0 relies on SSL for security instead of direct cryptographic signing that would otherwise be necessary for such access.

Note that OAuth 2.0 has not been finalized, according to IETF (version 13). Google cautions that it’s OAuth 2.0 support is in an early preview and may change at any time, or as the final specifications evolve. Google considers OAuth experimental.  However, “experimental” does not have the same tentative connotation associated with Google Labs projects.

OAuth 1.0 Protocol

There is also an OAuth 1.0 for web applications. OAuth 1.0 can be used for authorization to user data by all Google API’s. Google continues to support OAuth 1.0.*

OAuth 1.0 is sometimes referred to in documentation without version number, only as OAuth.

Other protocols

The OpenID-OAuth hybrid protocol provides authentication and authorization in a single-step process. Open ID provides authentication services, and OAuth provides authorization to Google APIs.

AuthSub API is Google’s proprietary protocol. It is mostly used for Google APIs. AuthSub is similar to OAuth. OAuth is more generally applicable and Google recommends that developers use OAuth instead of AuthSub API.


Registering a web application is optional. It is also free and straightforward. Web applications that are not registered with Google can still use OAuth 1.0 or AuthSub interfaces. However, registered web applications are recognized by Google and receive a correspondingly higher level of trust designation. This is communicated to users on the login screen.

Example of access request screen for OAuth or AuthSub web app

Sample Google access request screen for unregistered web application


These are the three levels of registration:

  1. Unregistered These applications conduct transactions at a lower security level.  Google flags the user login page with a precautionary message.  See image above with yellow-shaded advisory.
  2. Registered and recognized but not configured for secure requests
  3. Registered with enhanced security These applications have a security certificate and can use secure tokens.

War on Content Farms Now in Progress

Google Declares War on Content Farms:

Google has announced a major algorithmic change to its search engine. Impact on users will be subtle while dramatically improving the quality of Google’s search results…

Google is targeting content farms.

This update is designed to reduce rankings for low-quality sites — sites which copy content from other websites or sites that are just not very useful…. It will provide better rankings for sites with original content, such as research, in-depth reports, thoughtful analysis and so on.

The change should make it easier to find high quality sites.

Google did not give details of the change, which should impact 11.8% of Google’s queries (currently only in the U.S., with plans to roll it out elsewhere over time), but it does say that it will affect the ranking of many sites on the web.

The list of related articles I have hand selected (just like I dredge through string beans in order to find the very best ones) may be of further interest to those with a sense of humor. Or without a personal stake in content farming.

Related Articles


f you’ve ever looked at an open-source development project hosted by Google servers, usually on sites, Mailhide will be familiar. It is a less well-known application of the reCAPTCHA detection challenge.

Mailhide conceals part of an email address

This is how it prevents spammers from accessing email addresses using automated programs. Typically, the first few letters, or numbers, of the username part of the email is visible, followed by an ellipsis i.e. three dots, and then the domain name.

Most Google employees* use Mailhide. Mailhide is offered as an option to developers using Google Code sites.

Mailhide type functionality is also offered by Slashdot for user accounts. Slashdot is not necessarily using Google reCAPTCHA for encryption, however. There are other Turing tests besides reCAPTCHA.

reCAPTCHA is a Google product. It was not developed by Google, though. Google purchased the reCAPTCHA algorithm from Carnegie-Mellon University a few years ago, in 2008.

reCAPTCHA Mailhide API

Are you running a web application that lists users’ email addresses? Do your users a favor by shielding them from spam with reCAPTCHA Mailhide.

Google will give you an API (cryptographic) key. Use it to encrypt user email addresses. Google supplies full documentation for the Mailhide protocol. Everything is free of charge.

I am uncertain whether API restrictions on usage apply. That is a familiar restriction for applications developers relying on the Twitter API. It should not be a binding constraint in this case, as Mailhide is far less transactional that Twitter. Unless one is very, very popular!

reCAPTCHA comes in many flavors!

Libraries are available for PHP, Perl, Ruby and Python programs.

*Google employee accounts in the U.S.A., and many but not all other countries, have the format  [email protected].  Non-employee Google mail accounts are  [email protected].


Bing and the Global Ortho Project

Bing Maps lags Google Maps in market share. However, Microsoft has worked hard to catch up.

Quentin Hardy of Forbes Magazine recently featured some very clever and original work by Bing in his article about the Global Ortho ProjectThe project goal is to create

a uniform, detailed map of the Continental United States and 17 countries in Western and Central Europe

Microsoft’s focus in investing so heavily in mapping services may be for the enterprise market.  Mr. Hardy notes that Google has just announced a cloud based mapping service for business.

By air not by sea

Nor by land.

Google Maps is known for its street view feature and use of land-based vehicles for mapping (among other things). In contrast, Bing Maps is approaching by air. The Global Ortho Project uses high-resolution cameras to fly over and capture images. It is the culmination of a long-term effort to automate and improve aerial imagery mapping techniques.

The Global Ortho Project is based on innovative and original technology. Bing might match or even surpass competitors in creating high quality photographic maps.


Legends of Logo Design

Murky origins: Chrome logo satire

The Google Chrome browser logo changed in March 2011. This set at least one inquiring mind (mine) to ruminating,

Hmmm… I wonder what the story behind the Chrome browser logo REALLY is?

Theory 1

ThinkFree versus Google Chrome

Logo comparison

The ThinkFree company’s ThinkFree Office 3 logo is a strong contender. ThinkFree management was rumored to be aggrieved over the flagrant misappropriation of their original design work. Consider this side-by-side comparison on the right. The similarity is striking.

ThinkFree Office 3’s set-up wizard offers an opportunity for closer inspection. The logo is depicted here without a charcoal bezel. The version without the bezel more closely resembles Google Chrome’s distinctive four-colored orb, even though the color placement is not identical.

ThinkFree Office 3 logo

ThinkFree Office Logo

Theory 2

Let us refer to this theory as the Pokemon Possibility. It is actually a hybrid sort of affair, combining elements of the real world, that Simon game from the 1980s, with Pokemon.

Theory Two

Theory 2: Basic equation

Theory 3

Let us refer to this theory as Multi-source Mashup.

Observe the combination of the physical world with the virtual world. Physical world representation is provided by both the Simon game (also present as a term of the equation in Theory 2) and a traditional web camera. The virtual world is represented by the round orb of the Firefox logo and the tangible presence of Google in its most general case, the Google corporate logo.

Multi-source origin of Chrome logo

Combining real and virtual worlds

Pokemon has not dropped out of the equation! Pokeball has equal weighting with Simon, as both contribute to the embedded orb within the Chrome design.

Theory 3 lemma

The lemma to Theory 3 is a multi-source mashup without Google. It contains an unknown quantity which will be, of necessity, left to the reader to investigate.

Theory 3 more Simon and Pokemon

Mystery lemma

Necessity is motivated by my inability to figure out what that grey world globe surrounded by pointy-colored arrows is.

Theory 4

Theory 4 is the most controversial of all, almost too unsettling for a rational mind to contemplate. Could the progenitor of the Google Chrome logo be… Windows Vista?!

The Windows Vista unorthodoxy



There is no conclusion.  ThinkFree’s design seems to have the closest resemblance in my opinion. More conjecture is available from this pleasant 2008 post, The Inspiration Behind The Logo Design of Google Chrome from Digital Inspiration (tech a la carte) blog by Amit Agarwal.


Upon further reflection, the Simon game is more innovative than I realized. Until now, I remembered it as an object of derision from when it appeared briefly in a 1980 movie about 18th century pirates living in the Caribbean titled, The Island (starring Michael Caine and based on the novel and screenplay of the same name written by Peter Benchley, the Jaws author). After raiding, boarding, pillaging, and incinerating a beautiful racing yacht and hanging the crew, the pirates inspect their ill-gotten gains. A Simon game is part of the bounty.

Simon is notable in its own right. It was introduced by Milton Bradley as a computer game in 1978, making it one of the earliest computer games.


Google Labs for Enterprise Search

Google Enterprise Search now has a lab of its own ! Actually, I first noticed this in February 2011, but just got around to writing about it. I was too busy collecting cool images of Google Enterprise hardware to put together a post.

What does Google Enterprise Labs offer?

Recall that Google Enterprise refers to these products:

  1. the Google Search Appliance (GSA)
  2. Google Commerce Search for larger online businesses
  3. Google Intranet search, and
  4. the Google Mini, a less powerful, blue-colored version of the yellow GSA.
GSA connector

GSA connector

Google Enterprise Labs offers many enhancements such as open source connectors to improve GSA connectivity with file systems, databases or documents. Cross-language Enterprise Search is an interesting project too.

GSA enabled for open search also caught my attention. OpenSearch is a collaborative venture led by Amazon, and includes the major search engines. Its goal is to set up common standards for internet search. Unfortunately, there doesn’t seem to be a lot of activity at the moment, but that’s just my personal impression. Google gives this description (via the Enterprise Labs page that goes on to describe how to implement open search with browser integration):

OpenSearch is a collection of simple formats for the sharing of search results. OpenSearch… format can be used to describe a search engine so that it can be used by search client applications. Such search client applications include all major browsers.

In other words, you can send search queries right from your browser (Firefox, Internet Explorer or Google Chrome), after registering your GSA as a search provider.

GSA for Enterprise

GSA and Open Search

The same sort of browser integration is possible for Intranet Search (with Windows 7):

If your Intranet content e.g. Windows file shares or SharePoint, have been indexed by a GSA, all Windows clients will be able to submit search queries from Windows Explorer.

Be careful, though, as Secure Search cannot be used from within Windows Explorer.


Google Apps discontinues support for old web browsers

As of August 1, 2011, Google Apps will support modern browsers ONLY

Users of Firefox 3.5, IE7 and Safari 3 (and their predecessors) take note! Gmail, Google Calendar, Talk, Docs and Sites will not work correctly on these older versions. Eventually they will stop working at all if you do not upgrade your browser to a more up to date version.

What is a modern browser according to Google Apps?

For Google Apps, “modern browser” has two parts. “Modern” refers to current and prior major releases. Support will be maintained on a rolling basis going forward.

Opera browser

The second part is “browser”, specifically, one of the following:

  • Chrome
  • Firefox
  • Internet Explorer
  • Safari

Opera is conspicuously absent, which may irk some European users.

Web browser market share

The following is a chart of desktop browser usage rates. Data was provided by StatCounter.

Desktop browser usage, Oct 2010 – Sep 2011

Safari is twice as popular as Opera, though a 4.26% market share is small compared to the top three. Safari is part of the larger Apple product line. Maybe that is the justification for Google’s decision to include Safari but not Opera.


The modern browser support announcement was specifically for Google Apps, though it may include all Google accounts at some point. I am uncertain. Perhaps Opera is not as often used by Google Apps and enterprise customers as Safari?