August 2003

I was surprised by how dominant USC was against Auburn yesterday. They absolutely killed them, 23-0. USC’s strength was definitely its defense, which held Auburn’s high rated rushing offense to 43 yards. The Trojans looked pretty solid, which doesn’t bode well for my Bruins. However, the Trojan quarterback Matt Leinart did make some sloppy passes. For the most part, he was effective, and he led his team to a solid victory.

It’ll be interesting to see how we do against Colorado next week. I’m sure this year will be a building year but if we can pull off a top five finish in the Pac 10, I’ll be happy.

Yesterday I snuck the car out in front of the apartment and washed the car down. Rose Marie freaks out if we wash the cars because she thinks it makes the front sidewalk look bad. It’s just water, get over it. The first time, Adam and I washed out cars with a hose and she claimed that the hose is a “safety hazard.” She then went on to say that “people could trip and sue the owner.” Unlikely. However, we had to wash Adam’s car with buckets of water.

When I washed my car the second time, I didn’t use the hose because Rose Marie could tell me off, saying she told me once that we weren’t allowed to use a hose. I thought about putting up cones, but we don’t have any at the apartment and I didn’t want to drive out to a hardware place to get some. Instead, I used the buckets. It took about six buckets worth of water but I finally got the car washed. It wasn’t a great job but it got the dirt off. The car had been sitting out on the street because Josh got a parking ticket for not having a front license plate. That issue has since been resolved and I’m parking in the garage again. Thankfully, I won’t have to deal with stealth washing as often as I would when parked out on the street.

I’m tempted to stop using Microsoft Outlook. Blame it on John Gruber and his article “Good Times.” For one, there is no built-in Bayesian spam filtering like Mozilla Mail. The developmental Mozilla Thunderbird is a great program, except for the fact that it prompts you for a password unless you have the global Mozilla password manager enabled. Secondly, Outlook has been hammered by e-mail viruses such as SoBig.F and Blaster. Thirdly, I don’t use a lot of the features in Outlook since I’m not on an Exchange server like my dad. I can understand why companies like Del Monte (where my dad works) use Microsoft Outlook on an Exchange server because it’s easy to set up calendar appointments, etc.

However, I’m not a power e-mail user. I use it to keep recipts of my purchases on Amazon, track down lost passwords, and communicate with the occasional weblog visitor. Most of the time when I’m communicating with my friends, it’s via IM. Outlook is a bit bloated for my needs but for the most part it works fine. I like the way it is organized and that I can turn off the preview pane — a feature I’ve hated ever since they introduced it. If you use it, you’re just asking to get a virus.

I guess the last straw for me is that I read today that the Mozilla Calendar development team is working on getting the program to synchronize with Palm handhelds. Score. I’ve used PocketMirror Professional with Outlook for three years now and it works perfectly with Outlook, but now that Mozilla has a calendar with Palm syncing, I’m very, very tempted to drop Outlook.

I found this bit of code on webmasterworld.com and added it to my site. It’s a gem. It contains a list of known spambots and will effectively block them from your server by delivering a forbidden error code upon access. Regular users won’t notice anything. I modified it so that the expression matches are properly formed, reducing server load a little bit. If you really want to minimize the amount of load placed on the server, I recommend putting this code in your httpd.conf file instead of the .htaccess.

RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} ^BlackWidow [OR]
RewriteCond %{HTTP_USER_AGENT} ^Bot\ mailto:craftbot@yahoo.com [OR]
RewriteCond %{HTTP_USER_AGENT} ^ChinaClaw [OR]
RewriteCond %{HTTP_USER_AGENT} ^DISCo [OR]
RewriteCond %{HTTP_USER_AGENT} ^Download\ Demon [OR]
RewriteCond %{HTTP_USER_AGENT} ^eCatch [OR]
RewriteCond %{HTTP_USER_AGENT} ^EirGrabber [OR]
RewriteCond %{HTTP_USER_AGENT} ^EmailSiphon [OR]
RewriteCond %{HTTP_USER_AGENT} ^Express\ WebPictures [OR]
RewriteCond %{HTTP_USER_AGENT} ^ExtractorPro [OR]
RewriteCond %{HTTP_USER_AGENT} ^EyeNetIE [OR]
RewriteCond %{HTTP_USER_AGENT} ^FlashGet [OR]
RewriteCond %{HTTP_USER_AGENT} ^GetRight [OR]
RewriteCond %{HTTP_USER_AGENT} ^Go!Zilla [OR]
RewriteCond %{HTTP_USER_AGENT} ^Go-Ahead-Got-It [OR]
RewriteCond %{HTTP_USER_AGENT} ^GrabNet [OR]
RewriteCond %{HTTP_USER_AGENT} ^Grafula [OR]
RewriteCond %{HTTP_USER_AGENT} ^HMView [OR]
RewriteCond %{HTTP_USER_AGENT} ^HTTrack [OR]
RewriteCond %{HTTP_USER_AGENT} ^Image\ Stripper [OR]
RewriteCond %{HTTP_USER_AGENT} ^Image\ Sucker [OR]
RewriteCond %{HTTP_USER_AGENT} ^InterGET [OR]
RewriteCond %{HTTP_USER_AGENT} ^Internet\ Ninja [OR]
RewriteCond %{HTTP_USER_AGENT} ^JetCar [OR]
RewriteCond %{HTTP_USER_AGENT} ^JOC\ Web\ Spider [OR]
RewriteCond %{HTTP_USER_AGENT} ^larbin [OR]
RewriteCond %{HTTP_USER_AGENT} ^LeechFTP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Mass\ Downloader [OR]
RewriteCond %{HTTP_USER_AGENT} ^MIDown\ tool [OR]
RewriteCond %{HTTP_USER_AGENT} ^Mister\ PiX [OR]
RewriteCond %{HTTP_USER_AGENT} ^Navroad [OR]
RewriteCond %{HTTP_USER_AGENT} ^NearSite [OR]
RewriteCond %{HTTP_USER_AGENT} ^NetAnts [OR]
RewriteCond %{HTTP_USER_AGENT} ^NetSpider [OR]
RewriteCond %{HTTP_USER_AGENT} ^Net\ Vampire [OR]
RewriteCond %{HTTP_USER_AGENT} ^NetZIP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Octopus [OR]
RewriteCond %{HTTP_USER_AGENT} ^Offline\ Explorer [OR]
RewriteCond %{HTTP_USER_AGENT} ^Offline\ Navigator [OR]
RewriteCond %{HTTP_USER_AGENT} ^PageGrabber [OR]
RewriteCond %{HTTP_USER_AGENT} ^Papa\ Foto [OR]
RewriteCond %{HTTP_USER_AGENT} ^pcBrowser [OR]
RewriteCond %{HTTP_USER_AGENT} ^RealDownload [OR]
RewriteCond %{HTTP_USER_AGENT} ^ReGet [OR]
RewriteCond %{HTTP_USER_AGENT} ^Siphon [OR]
RewriteCond %{HTTP_USER_AGENT} ^SiteSnagger [OR]
RewriteCond %{HTTP_USER_AGENT} ^SmartDownload [OR]
RewriteCond %{HTTP_USER_AGENT} ^SuperBot [OR]
RewriteCond %{HTTP_USER_AGENT} ^SuperHTTP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Surfbot [OR]
RewriteCond %{HTTP_USER_AGENT} ^tAkeOut [OR]
RewriteCond %{HTTP_USER_AGENT} ^Teleport\ Pro [OR]
RewriteCond %{HTTP_USER_AGENT} ^VoidEYE [OR]
RewriteCond %{HTTP_USER_AGENT} ^Web\ Image\ Collector [OR]
RewriteCond %{HTTP_USER_AGENT} ^Web\ Sucker [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebAuto [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebCopier [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebFetch [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebReaper [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebSauger [OR]
RewriteCond %{HTTP_USER_AGENT} ^Website\ eXtractor [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebStripper [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebWhacker [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebZIP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Wget [OR]
RewriteCond %{HTTP_USER_AGENT} ^Widow [OR]
RewriteCond %{HTTP_USER_AGENT} ^Xaldon\ WebSpider [OR]
RewriteCond %{HTTP_USER_AGENT} ^Zeus
RewriteRule ^.* - [F,L]

Jeffrey Zeldman reported today that the W3C has released a new beta version of its popular HTML validator, now with human error messages. Right on. I’m in complete agreement with Zeldman that previous versions had confusing, almost meaningless error output. I tried the new beta validator and all my pages worked okay so I couldn’t check out the new error message system. I’m going to go hunting for some bad HTML pages to see what exactly is in store for this new release, but it definitely sounds good.

Good job Zeldman and W3C, I’m much obliged.

I’m now doing research for the Jacobsen Lab here at UCLA focusing on gene silencing. It sounds like it’s going to be a lot of fun. It’s the first time that I’ll be doing genetics research at UCLA and I’m excited. At the moment I’m going to have to tend the plants and do some genetic analysis, probably running Southern blots. Maybe in the future I’ll do PCR if Simon, the post-doc I’m working with, lets me. For the moment, I’ll be doing the typical undergraduate lab gruntwork but that’s fine with me.

A few of my readers have inquired about how they could stop people from copying their images posted on their web site. A previous article entitled Image Bandwidth Theft linked to a guide on thesitewizard.com that deals with “hotlinking.” Hotlinking is when a webmaster directly linking to images hosted on your site for pages on their site — a great way to leech your bandwidth.

Mod_rewrite can defend against this by serving up an error 403 (Forbidden) response. I’m using a modified version of the one mentioned on thesitewizard.com but it essentially does the same thing. Here’s my version:

RewriteEngine On
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?yourwebsite\.com/.*$ [NC]
RewriteRule \.(gif|jpg)$ - [F]

If you have subdomains, you should add this line before the RewriteRule:

RewriteCond %{HTTP_REFERER} !^http://.*\.yourwebsite\.com/.*$ [NC]

This will prevent other webmasters from jacking your images. However, this doesn’t prevent the average user from stealing your images. There are four methods I know that prevent people from easily copying material from your site.

The first is to disable the image toolbar in Internet Explorer 6+. Paste this meta tag into the <head> of your HTML pages (XHTML version posted — for HTML 4 remove the end slash):

<meta http-equiv="imagetoolbar" content="no" />

Also, make sure that image indexers such as Google Images aren’t indexing your images. Add this meta tag to prevent that from happening:

<meta name="robots" content="index, follow, noimageclick, noimageindex" />

JavaScript can also be used to prevent image theft. You can disable the right-click function, which prevents Internet Explorer users from using the “Copy” command or Mozilla users from using the “Show Image” command. I’m not a big fan of this method but I thought I should mention it. DynamicDrive has a disable right mouse click script that is free to download. Just remember that it disables everything else in the right click menu, not just the copy commands.

Noah Grey has a no right click script in action on his site and I find it as tasteful as those scripts get. They still annoy me though.

Some web sites use JavaScript mouse-overs to change the image when the cursor is over it. I find this to be a really dumb tactic and I’m not posting any examples of its usage because it’s visually distracting.

In the end, images are almost impossible to protect because visitors can always take a screenshot using “Print Screen.” At best, display a copyright at the bottom of the page or get a Creative Commons license. Then you have stated explicitly what can and can’t be done with your images, giving you legal empowerment. On my weblog, I let people do what they want with my photos as long as they give me proper credit according to my Creative Commons license.

Follow-up: Thwart Hotlinkers with a Replacement Image

One of baseball’s greats passed away yesterday.

Bobby Bonds was a legendary baseball player for the San Francisco Giants and father to Barry Bonds, arguably the greatest player who has ever played the game. He fell victim to lung cancer and subsequent bouts with pneumonia. He was 57 and will be missed greatly. The San Francisco Chronicle has a great write-up on his life.

If you have .htaccess and mod_rewrite enabled on your server, you can force the www. out of your URLs with a little rewrite trick. I’ve seen this used on a few servers, notably Slashdot. Try accessing the aforementioned site and see what happens. Notice the www. disappears. I like this trick because I’ve always found the www. to be a little redundant. Doesn’t the http:// in the address designate to the server that a web page should be requested? What has been the point of the www. then? It’s time we move on and get rid of this antiquated part of the URL that is so common on the Internet.

With that in mind, I give you my code that will clean up your URL a little bit (paste this into your .htaccess file):

RewriteEngine On
RewriteCond %{HTTP_HOST} ^www\.domain\.com$ [NC]
RewriteRule ^(.*)$ http://domain.com/$1 [R=301,L]

Note that [R=301] redirects the request to the new URL and returns a 301 permanently moved reponse.

This trick will validate your site with no-www.org as a Class B domain.

If you use this update for a Movable Type blog, make sure you change the URL information in your Weblog Config and in mt.cfg. If you don’t, comment submission won’t work and your server will have to do a lot of unnecessary redirecting.

I downloaded a copy of Lynx from Jim Spath today to make sure that my site is accessible in it. I had used the Lynx emulator online but it isn’t the same as the stand alone program. Lynx is a pretty powerful application and it can process XHTML/CSS designed sites without a hitch. Download it today and see how your site looks when it’s stripped down.