A Consuming Experience

Thoughts on my experiences as a consumer of products, services, people (well maybe not that last one...), from reviews to raves, rants and random thoughts - concentrating on technology, gadgets, software, product usability, consumer issues, customer service. Including some introductory guides and tips on various subjects (like blogging!) which stumped me until I figured them out. And the occasional ever so slightly naughty observation.

Deutsch | Español | Français | Italiano | Português | 日本語 | 한국어 | 汉语

Add this blog to Del.icio.us, Digg or Furl | Create Watchlist for this blog

Add this blog to my Technorati Favorites!


5 principles for Web 2.0 success - Jyri Engeström, Jaiku on social networking sites and social objects, London Geek Dinner 12 June 2007

Sunday, June 17, 2007
Deutsch | Español | Français | Italiano | Português | 日本語 | 한국어 | 汉语
Add this post to Del.icio.us, Digg or Furl | Create Watchlist




Ian Forrester, Geek Dinners organiser

How do you design a Web service which actually makes money? Jyri Engeström of Jaiku (pronounced Jay-koo) gave a fascinating and excellent presentation on that topic at the London Geek Dinner on Thursday 12 June 2007, organised by the inimitable Ian Forrester. I almost called this post "5 secrets of successful Web 2.0 businesses", because that's really what he talked about.

It was much more interesting than some others I've heard because Jyri, whose background is in sociology rather than technology, didn't really plug his Jaiku service, a Twitter-like site which allows you to add feeds (and hey Eurovision and hard rock fans, Lordi use Jaiku)!

Instead, Jyri (pronounced Yoo-ree) made some excellent and, I thought, very insightful observations on the key factors driving the takeup and success of new Net services, and there was a lively and sometimes heated discussion involving several of the attendees, notably moblogger Alfie Dennen and well known entrepreneur and blogger Jason Calacanis. Many of the great and the good of the Net were around because they were in London for the NMK conference the next day - Dan Gillmor was there too but had to leave before the speech, sadly I never got the chance to chat with him.

I managed to record the talk and discussion. Links to the podcast and a video are further below, but if you're more the visual quick scanning, non-linear type, like I am, here is a short summary of Jyri's points in (gasp!) old fashioned text. Not necessarily in the order it happened, I've rejigged things a bit to make more sense to readers.

Jyri Engeström's Five Secrets of Web 2.0 Success - Social Objects Theory


Jyri Engeström

Lots of social networking sites which emerged from around 2004 failed. What explains why some social networking startups succeed while others fail? What are the criteria that define successful Web services, which you should take into account when designing a new start-up Web service?

Jyri thinks there are 5 key guiding principles - just working principles, for now - for creating successful Web services, i.e. 5 points you should consider carefully when you're designing a new Web service.

UPDATE: Jyri's slides, from Slideshare, for the same talk which he gave elsewhere, are useful to follow his points:


1. Define the object round which your service is built.

Jyri approaches the first crucial design question from an object-centered sociology perspective. It sounds like jargon, but actually the principle is straightforward. What he means is this.

Successful Web 2.0 sites like Delicious, Lastfm and Twitter seem to be based on a new and different model. Now social networks theory believes in mapping relationships between individuals, but it assumes that the nodes are people, i.e. people connecting to other people. Object-centered sociology, social objects theory, takes the view that that ain't necessarily so - in reality, people are often connected together by shared objects: person, object, person. For example a date and a job will connect you to very different groups of people.

So you need to consider the social object round which it's assumed people will create social networks, the reason people connect to each other. With Flickr the object is the photo. Then you can imagine ways in which it's useful for people to social network around photos - commenting, tagging, geotagging etc. With Delicious, it's bookmarks. With Lastfm it's music, and YouTube videos. For a site like MySpace, Jyri believes the object is music, social networking around music is what differentiates it from other similar services, and he predicts that if MySpace ever lose sight of that core social object they will be in trouble. With Twitter the object is the tweets (similar to jaikus) - i.e. status. LinkedIn has been more successful since re-focusing on jobs as the object.

With Flickr, tags can link together lots of different photos. It's still being worked out how you generate networks through status messages. The revolution with blogs was social networking via commenting, trackback and Technorati tags. But many blogs also use the celebrity model, where the object is the person, the blogger has made a public object out of him or herself, e.g. Techcrunch or Buzzmachine.

2. Define the key verbs for that object

With Ebay the verbs are "buy" & "sell" - within 40 pixels of their logo, which he thinks is great design. With Dogster, a social networking community built around dogs, it's "Add a dog". With Flickr it's "upload a photo".

3. Make the object shareable!

The basic way to make an object shareable is to provide a permalink. This was revolutionary when it took place with blogs. Links to dynamic pages with different content on the same link is useless, yet there are still too many sites with that.

Widgets are an excellent innovative way to enable people to share objects. The most extreme example is P2P, where the objects are the files and files themselves are what get shared, which is very powerful.

4. To grow your userbase, think about what can you provide in terms of a gift users can offer their friends

For virality, a good example is PayPal. In its early days their facility to invite friends by email didn't work very well. Jyri learned from Reed Hoffman, founder of PayPal, that you need to figure out a way for the invitation to become a valuable gift that a person can offer to their friend. PayPal's virality shot up once they introduced a campaign where they credited the invitee with $10 to their new PayPal account. The gift need not be monetary, there are other forms of value. YouTube is the best example - even people still on Web 1.0 will email funny YouTube videos to their friends, giving them the gift of a smile during a boring day at work.

Another example, at an event Skype gave people not one but two headsets each, so they could give a headset to a friend - Jyri gave one to his mother, installed everything for her and taught her to use it, giving her the gift of free phone calls.

Exclusivity is another way, with many services being invite-only, so you're giving that exclusivity to your friend.

5. Work out a business model where you charge the publisher, not the spectators

The basic principle is "freemium". Joi Ito said a long time ago, well before iTunes, that there will be a time when people won't pay to consume music, but will pay to publish their playlists, tastes, recommendations - Lastfm seems to be going into that territory. Or take TypePad, where you pay for blogging services.

Habbo Hotel originally charged for a basic monthly subscription in Japan but people weren't really signing up until they changed their model (to one they now use everywhere) so that basic use was free, but once you wanted to have your own room, arrange stuff in there, invite your friends and orchestrate activities etc, then you had to pay.

That seems a fairer model - you can then bring in new cool features that heavier publishers (premium users) would want, e.g. Flickr has pro accounts.

Discussion

I'm not going into the discussion about how you prove return on investment and the like, you can listen to it on the podcast or watch it on the video, below.

Jyri also spoke on the same subject at NMK. Hugh McLeod has summarised Jyri's five principles on his blog and Kevin Anderson also blogged the NMK speech.

Podcast

So here's the podcast, which is well worth a listen. Note that the PA system didn't work at first, then it did, so the first couple of minutes isn't very clear, but just be patient. After that you can hear Jyri well, if a bit boomily. However, he had to compete from time to time with a live jazz band in the next room. I kid you not. So don't assume it was just Ian trying to introduce an interesting new kind of ambience for Geek Dinner speeches, though he is planning a Powerpoint Karaoke session soon!

Jyri Engeström podcast

Credits

Video

There's also a video of the proceedings, by Guy West (UPDATE: Guy has posted some other links related to this event). (Mike Butcher videoed it too I think). Here's Guy's video, thanks Guy:


People

I met a lot of interesting new people. Cristiano, Italian entrepreneur cum knowledge engineering student who recommends Tipit.To (I wasn't quite sure which of his many sites to link to!), Alex Watson of CustomPC, Wil Harris, Simon Collister from the interactive media division of PR firm Edelman (of London Olympics logo and, in the US, Microsoft Vista laptops for bloggers notoriety), designer and conference organiser Carolina Stenstrom (who's looking for conference sponsors by the way), Elmer Zinkhann from Hutchison Whampoa, and Tyler Crowley marketing director of Mahalo, a "human-powered search" startup with which Jason Calacanis is also involved (Jason offered me a job, but sadly only in jest as an "assistant" for the speed with which I type on my beloved Psion - I wondered whether I should have bigged up my shorthand speed too, equally in jest, but I didn't...!). I also managed to finally say a very brief hello to Hugh McLeod, I've attended several geek events he's been at in the past but never met him before.

Jason Calacanis (left), with Hugh McLeod

John Dodds the ubiquitous marketing man called me fan girl for taking photos of the speaker to illustrate this post, then promptly declined to be photographed himself! And disappeared before we had a chance to catch up properly. I'll take it out on him another time...

Elmer Zinkhann

UPDATE: More photos

Cristiano's photos are now up.

Many thanks to Ian for organising, as always. (UPDATE: and here's Ian's writeup of the event.)

Labels: , , ,

| View blog reactions | Links to this post | Post a comment or view 0 comment(s) | Subscribe to Post Comments [Atom] | Subscribe to all comments on all posts

Spyjax: websites can see your visited sites; browser history, and how to protect your privacy

Wednesday, June 06, 2007
Deutsch | Español | Français | Italiano | Português | 日本語 | 한국어 | 汉语
Add this post to Del.icio.us, Digg or Furl | Create Watchlist




A site can tell which other webpages or websites (from a pre-defined list) you've visited, just by including some script on the webpage you're viewing to look at the colour of links to them - using Spyjax.

Check out what the widget below displays:



Yep, that's a list of which ones of the top 10,000 sites on the Web you've been to (including Kirk's blog and Zo's blog, if you've been there before you came here - it's not in the top 10k, not yet, but you can add your own custom URLs to check so I added his as I know he won't mind - and you can even check the top 12 Google results for any search too, in this case whether you've done a search on Google for "Gmail alias" and visited any of the top 8 results). But no, I'm not going to insert the code in my sidebar or my blog generally, as I don't want to spy on my visitors like that! I've just added the script to this one post, so you can see it in action.

It's clever. When you've visited a site, as you know the link to the site will change colour in your web browser. The Spyjax script checks for visited links by injecting a list of links and then looking at their color - I quote: "All a website has to do to see what pages you’ve been to is place a list of links on the page [you're currently viewing] and examine the color of those links. Ajax can be used to retrieve a list of links to test and also send the results back to the server without the user ever knowing." (More on the a:visited pseudo-class in CSS.)

But strictly it doesn't spy on your full browser history - it just checks whether you've visited certain specified URLs, though given the power of scripting it can check against a list of thousands of URLs in just seconds.

The full code is on the Spyjax site.

Anyone can spy on their visitors by signing up for a free Spyjax account and putting the code in their blog (and then they can view reports, manually add URLs of their own choice to check, even add the top 8 results for any Google search with optionally 4 ads - which seems to be static, it's the top 8 results at the time you add a search to check, it doesn't seem to do a fresh search at the time of the visit). Plus, as you saw above there's code to display a widget to show the list of sites visited by a particular visitor too. Or else a site can just take the code and adapt it for their own use.

From a privacy / security viewpoint, this trick isn't good news; for marketers and nosy parkers, obviously it is. The Spyjax script by default only shows which domains you've visited rather than the exact pages, and only shows aggregated anonymous info - but it would be possible for a site to test for specific pages, and sites where you have to log in could well couple your "visited links" history with your login details to see whether you've been to certain specific URLs.

So how do you protect the privacy of your visited links?

The Spyjax site says the only sure way is to turn off Javascript, which of course stops you from benefiting from helpful uses of Javascript / Ajax on sites. I'd rather not do that.

So how else can you defend yourself against visited links spying? Stepping back a bit, there seem to be 3 basic ways to protect the privacy of your visited links:
  • don't save your visited links history
  • delete your visited links history, or
  • don't let websites check your visited links history.
However there's a gotcha to note: your history of visited links is not the same as your history of visited pages. So, depending on the browser, turning off storage of visited pages does not necessarily stop it storing (and revealing to Spyjax) your history of visited links. And deleting your history of visited pages from time to time will not necessarily delete your history of visited links either. As well as letting you delete your history wholesale, browsers let you view your history and then delete selected individual pages or sites from your history - however, again this may or may not delete your visited links history for those pages or sites.

Another gotcha: be warned before you try to set your browser to store 0 sites in your history that (1) it may not hide your visited links, as mentioned above, plus (2) it may delete your entire history in the process.

Different browsers deal differently with the saving or deletion of your history. Here's a table showing what I found after some initial testing of Internet Explorer, Opera and Firefox (I don't have a Mac so couldn't test Safari); if anyone has had different experiences I'd be grateful to hear about it:

BrowserSet "remember history" to 0After setting "remember history" to 0Deleting visited pages historyDelete just links history?
Internet Explorer 7Clears historyVisited links not savedDeletes visited links historyNo
Firefox 2Does NOT clear history until restart
Visited links not savedDeletes visited links historyNo
Opera 9Clears historyVisited links STILL savedDoes NOT delete visited links historyYes but best to restart
SafariSpyjax doesn't work??


Here's some more info, browser by browser.
Opera
This browser offers the best (finest) level of user control - but, you have to exercise it. In Opera 9.21, I found that deleting a site from the history panel manually doesn't delete it from the visited links history. Spyjax could still check that it had been visited.

Telling Opera to remember 0 history i.e. changing remembered addresses from say 500 to 0, clears your existing history - but only stops it from saving the visited pages history, not the visited links history.


The only surefire way with Opera is to delete the visited links history specifically, but fortunately it lets you do just that (though I found that sometimes even that didn't work, I had to delete visited links history, then close and restart Opera). It's the only popular browser that enables such selectivity:


Internet Explorer
You can delete your history in Internet Explorer (in IE 7 Tools, Internet Options, under Browsing History select Delete):


And also you can limit the number of days IE should keep your visited pages in history (in IE 7 Tools, Internet Options, under Browsing History select Settings, see the History section).

Killing or not saving history of visited pages deals with visited links history too. But you can't selectively delete just visited links history, unlike with Opera.
Safari
I don't have a Mac, but reportedly Spyjax doesn't work in Safari, which is good news for Mac users' privacy. Can anyone confirm further?
Firefox
Telling Fox to remember 0 days of visited pages doesn't automatically kill your existing history until a restart of Firefox (so you may have to manually delete that, or individual items from that, if you want to).

But disabling saving of history (Tools, Options) does seem to stop it from saving the history of visited links. And deleting the history, or individual items from the history, also seems to delete the visited links history for those pages too. So that's good.



Even better, with Firefox you can get the free Stanford SafeHistory extension (how to install Firefox extensions - was on Greasemonkey, but applies generally). This "protects your privacy by silently defending against visited-link-based tracking techniques. It allows offsite visited links to be marked only if the browser's history database contains a record of the link being followed from the current site." or, as per the description on the Mozilla site (though the software is more uptodate on the SafeHistory site):
Restricts the marking of visited links on the basis of the originating document, defending against web privacy attacks that remote sites can use to determine your browser history at other sites. A link on a.com pointing at b.com will only be marked visited if you previously visited the b.com page with a referrer in the domain of a.com. On-site links work normally. Checks cookie settings (allow, originating site only, deny) to determine your desired privacy level (segmented by origin, don't mark links visited in offsite frames, or never mark links visited).

Once you install it, you can access SafeHistory from the Privacy pane of your Tools, Options - although it's just one extra box to tick:


You can't selectively delete or not save just visted links history, but with SafeHistory you shouldn't need to.

Conclusions

Different browsers offer different levels of control as to the saving and deletion of your browsing history. As I mentioned earlier, to defend yourself in this context there seem to be 3 possible ways:
  • don't save your visited links history
  • delete your visited links history, or
  • don't let websites check your visited links history.
Choosing not to save your visited links history, just your visited links history, isn't currently possible with the most popular browsers (I'm not including Safari as I don't know much about it, sorry). You have to disable saving the history of visited pages too. That's pretty drastic. I use my history of visited pages all the time, and I don't want to lose access to it.

Of course you could turn off history saving altogether, and try to find your previously visited pages when you need to via something like Google Desktop Search (free with the Google Pack of Google-recommended software - ). Desktop search software automatically indexes webpages you visit and saves a searchable index on your computer separately from your browser history. But I've not found GDS to be reliable or consistent in capturing sites I visit via my main browser, Firefox.

Furthermore, in Opera 9 turning off remembering the history of visited pages won't help at all, because Opera still remembers your visited links history (that's just how Opera is) - so Spyjax can still spy on you.

Is deleting visited links history an option? In IE and Firefox you can't do that without deleting your entire history, or at least your "visited pages" history for the particular page or site. Plus, you have to remember to do the deletion periodically, and even with automatic calendar reminders or the like it's a bit of a pain. Opera does let you delete only your visited links history while preserving your history of visited pages, but that sometimes needs a restart of Opera to work for sure, and again you have to remember to clear out the visited links from time to time; and it's all too easy to forget or stop bothering.

What about not letting websites check your visited links history via Spyjax or similar? You could turn off Javascript in your browser altogether. But again that's pretty drastic.

My personal preferred solution is to use Firefox and the free extension SafeHistory to block other sites from checking your visited links. So, yet again, my favourite browser wins out. (If you don't already have Firefox - ).

(Via sl0wdjin's Clipmark)

Labels: , , ,

| View blog reactions | Links to this post | Post a comment or view 2 comment(s) | Subscribe to Post Comments [Atom] | Subscribe to all comments on all posts

Drupal 25 May 2007 meeting: podcasts etc

Tuesday, May 29, 2007
Deutsch | Español | Français | Italiano | Português | 日本語 | 한국어 | 汉语
Add this post to Del.icio.us, Digg or Furl | Create Watchlist





I went to the London Drupal user group meeting on 25 May 2007, at the kind invitation of Robert Castelo of Code Positive. I meant to go on to Minibar after, but stayed too long chatting... It was hosted by design company Imagination at their spiffy offices near Goodge Street, and a very nice meeting room it was too, wi fi, projector, comfy chairs. Thanks to Imagination for the drinks as well as the space and facilities. No prizes for guessing who's SuperDrupal in the pic above, but I thought I'd just keep you wondering for all of about half a second, or however long it takes you to scroll down and look at the other pics!

I'd heard of Drupal before but never used it: Wikipedia describes it as a "free modular content management framework, content management system, web application framework and blogging engine", and the Drupal site as an "open source content management platform".

The theme was very broadly, but not confined to, the use of Drupal in business - or enterprise, as seems to be the trendier way to put it. The presentations were very interesting and helpful, comprehensible (mostly!) even to a non-Drupaller like me. (Is there a generic word? Drupalites? A collective noun? Robert told me there's a Drupal song, surely there must be something...).

Below are the podcasts, in order of the speeches. One or two of the talks aren't so easy to follow without the slides, I'll try videoing them another time, but they're still well worth a listen if you missed the meeting. If the speakers would care to upload their slides somewhere, I could add the links to them? After hearing the presentations, I do mean to download Drupal and have a play, time permitting - it sounds excellent, and I like the modular nature of it, flexibility and user control are always good news as far as I'm concerned. So, here are the presentations and some pics of the speakers (UPDATE: Hmmmm. Playing the files using the Delicious Playtagger controls below makes them sound like, well, chipmunks. Sorry guys, I swear I didn't do anything, never had that happen before. Please click the MP3 links direct, or try the links on my Ourmedia page instead if you can't manage to listen for more than a few seconds without cracking up, well I couldn't! Still comprehensible though, talk about the podcast equivalent of speedread! Anyone know the fix, please drop me a line. You should still be able to tag a presentation on Delicious, though, while it's playing via Playtagger. FURTHER UPDATE: thanks to Markus Sandy who's working on Ourmedia and pointed out that Flash-based audio players only support a few audio bit rates properly e.g. 64Kb, but clearly not the 96 I used. Next time I'm switching to 64KB! ):

  • Jonathan Laventhol (above), head of technology at Imagination - welcome and why Imagination use Drupal: MP3



Robert Castelo, left; with Shakur (aka flk), winner in Google's 2006 Summer of Code
  • Robert Castelo of Code Positive - on his terms and conditions Drupal module (for users to accept before joining a site, including when terms change; may be hard to follow in part without the visuals): MP3

  • Giles Kennedy (above), of Gelst - illustrative use of Drupal (may be hard to follow in part without the visuals, I didn't edit out the "technical problems" interlude, you can fast forward through that!): MP3


People I met, as well of course as the speakers - forgive me if I can't recall everyone or misspell any names. Business cards are excellent memory joggers, I collected a few, but quite a lot of people hadn't brought any. So, based on cards gathered plus my sketchy memory: Jeff, David, two guys who are / were at the Law Society (Richard and Tunde??), Barry, Mike from Imagination, Colin from Futurescape (who I'd met before at the Tim O'Reilly geek dinner, trust Colin to remember where precisely), Matt, Shanyin, Clement, Shakur, ?Mamia, Richard and Eugene, and Charlie.

There were loads of others I'd have liked to meet, but just didn't get the chance to before I left (they all went on to a nearby bar, I think; I had things on the next day so I couldn't stay late). Everyone was mostly very friendly. I think it's easier to chat to people in a nice big meeting room where there's a relatively small group, than a dark noisy huge bar with zillions of people, so if there's another clash with Minibar I'm going for this one - assuming I get invited back, that is! I'll be downloading Drupal ASAP, I will, honest...

Credits
  • Photos taken with LG Shine cameraphone.
  • Audio recorded (on medium sensitivity) to MP3 at sample rate 44.1 kHz and bitrate 96 kbit/s, using a Zoom H4Handy Recorder, my new Klingon depilatory aid - I'll be posting a full review on it ASAP. Audacity for the audio editing (normalise and amplify are my friends, I should have put the Zoom's sensitivity on High for a couple of the speakers); and Stamp ID3 tag editor.
  • Audio files hosting - I tried to upload the files to Ourmedia, which I thought particularly apt given their Drupal connections, but it proved even more of a nightmare than trying to sign up for Ourmedia. The first file uploaded OK but still hasn't appeared on their site, 2 days later. For files after that, I kept getting "Specify valid file" even though they were in the same format as the first one. Then, I tried using their recommended software SpinXpress2 next, which took ages to install, plus I had to allow Windows Installer to accept connections from the Net, which I'm never happy with - and it wouldn't install unattended, I had to keep going Retry, I assume because the server it was connecting to was too busy. One file uploaded via SpinXpress2, but when I went back to its Publish view to upload another file, everything was greyed out. I finally managed to upload the rest via SpinXpress after contacting SpinXpress support who (thanks for replying so quickly!) said there was a bug and suggested I download an alpha of a new release, which did then work. But other than the copyright statement, the info I completed in the SpinXpress uploading wizard didn't get reflected on Ourmedia and I had to edit the details after upload (e.g. audio type, keyword, copyright holder, date created, format (stereo), intended purpose, date created). You can't in fact change date created even on editing the page for the file, it's stuck at date uploaded. Some links on the Ourmedia site to SpinXpress work (like http://www.ourmedia.org/tools from the audio upload page), but the link to http://www.ourmedia.org/tools/spinxpress on their general Upload page says I'm not authorized to access it though I was logged in. Pages on Ourmedia now don't look right in Firefox either, cut off on the right with no scrolling so you can't see the button to Browse for associated pic etc.
    My advice if you're trying to upload to Ourmedia: don't upload via their site, use SpinXpress (but use the alpha of the next release UPDATE: should be generally available today, thanks Eric), don't bother filling in more than the minimum accompanying info (metadata) as it won't "take", instead
    after it's uploaded edit the metadata on Ourmedia but ideally don't use Firefox (though hah the site won't even let me sign in via IE or Opera now, unrecognised user/password despite copy/pasting the same user/password as I used in Firefox!). If I sound grumpy, it's because I spent hours on a Bank Holiday weekend trying to upload the MP3s to Ourmedia and editing/re-editing the info. I tried a free file host Filenanny, and it took 5 minutes for all the files to upload successfully and they played fine. I love the concept behind Ourmedia, but there's clearly a lot they still need to sort out.

Tags: , , , , , ,

Labels: , , ,

| View blog reactions | Links to this post | Post a comment or view 2 comment(s) | Subscribe to Post Comments [Atom] | Subscribe to all comments on all posts

Googlepages.com files aren't private!

Thursday, April 19, 2007
Deutsch | Español | Français | Italiano | Português | 日本語 | 한국어 | 汉语
Add this post to Del.icio.us, Digg or Furl | Create Watchlist




Did you know that generally anyone can see all webpages, photos and other files on googlepages.com sites, even files not linked to from any webpages? All they need to know is your base URL i.e. yoursitename.googlepages.com, and they can sneak a look under your kilt.

Anyone with a Gmail account can have free webspace on Googlepages.com via Google Page Creator (which is itself at pages.google.com though it's also accessible via www.googlepages.com). I wouldn't be surprised if lots of people use it to store files (like pics) which they mean to keep private to themselves, or to those to whom they've chosen to reveal the direct URL of the picture or whatever it is they've uploaded. Well, those files are in fact open for anyone to access, if they know how.

How come people can view all files on Pages Creator sites? Because for every single GPC site, Google automatically creates and updates a basic sitemap, an XML file which lists all the files on that site (yes, even files you've uploaded separately yourself and not created or edited using Google's Page Creator webpage editor). Anyone can view that sitemap just by going to a standard URL: yoursitename.googlepages.com/sitemap.xml.

How can people know your sitename? Because by default, when you get a GPC account, it uses your Gmail username or login for your Googlepages site name. You can create other sitenames but I bet most people will generally use the original one, especially as it wasn't possible to get alternative site names when GPC was first launched; you had to use your Gmail user name, which wasn't necessarily good for privacy, but if you wanted Google webspace then you were stuck with it. So if someone knows your Gmail user name, they can view any files you have on GPC using your Gmail ID as your site name.

How to view any Googlepages.com files

Now, that sitemap.xml is pretty ugly and user-unfriendly to view in a web browser. Which is not surprising, as Web browsers are not generally set up to optimise viewing of XML files.

Fortunately, or maybe not so fortunately for some, Gilles Rasigade has produced GPExplorer (or Google Pages Explorer), a clever Google Gadget which clearly displays the files on any Googlepages.com site by making use of its sitemap.xml file. It's aimed at people wanting to manage their own Google Pages, but can of course be used to look at all the files on any site whose main Googlepages URL you know.

For instance, in Firefox just enter any Googlepages URL in full (including the .googlepages.com) the form box below, which makes use of GPExplorer, and hit Take a peek! to see the site's files (in a new window or tab), e.g. improbulus.googlepages.com:




(Note I said Firefox, because this doesn't work in Internet Explorer, not even IE7, no surprise (). Works fine in Opera 9.20. Sorry, no idea about Safari. You'd have thought that with IE7 Microsoft would finally have caught on that it's not necessarily a good thing to insist on doing things differently from every other browser in the universe, but nope. And it still doesn't support stuff one would hope it would by now, like :before, but - again, nope.)

As you can see, GPExplorer brings up a list of the files on the site, on the left; all you then have to do is click on a filename in the list to view the contents of the file on the right (if it's a webpage or image):


And of course you can rightclick a link on the left to open it in a new tab, etc.

If you want, it can show you the files from more than one GPC site, which you can then switch between easily. Just enter the URLs of the different sites but separate them with a | (no spaces) - e.g. improbulus.googlepages.com|phydeauxredux.googlepages.com:


Bottom line - how to protect your privacy?

If you're worried about the privacy or security of certain web pages, images or other files, don't store them on Googlepages.com, or you could be exposing your privates to anyone who wants to take a peek. Best to upload them somewhere else (even a Gmail account using GSpace aka Gmail Space, for instance).

Different, unguessable sitename?

If you have to keep your private files on GPC, don't use your Gmail email user name, maybe get yourself another sitename and use that. But even though you could make up a long obscure name and not give the URL to anyone, don't forget that nothing is ever truly 100% secure and if anyone is really determined they could e.g. get robots to try different combos of random characters fast. Unlikely that they'd do that and hit on your particular site, but you never know.

Hide your site?

It would be good if Google offered an option to turn off the automatic sitemap creation for those who want it (or allowed you to upload your own sitemap overriding theirs), perhaps. At the moment, I don't think that's possible.

Now you can hide your site (e.g. to reduce publicising your Gmail address) via site settings:



Hiding your GPC site is meant to hide it from web search engines and stop them crawling and indexing your site. But it also blocks access to your site's automatic sitemap.xml file. Some people may want to use this option.

However, one problem is that, as far as I can see, hiding your site also blocks, within seconds, all general Web browser access to all your site files, yes even those you want to remain public, even those whose direct URLs are known. If I try to go to the direct URL of a file I've uploaded to GPC after I've hidden the site, then I just get a "File not found" 404 error. Even when I'm logged in to Page Creator.

You can still login to Page Creator and access and edit your site from there etc - but it seems to me that if you've hidden the site, the only use then for Google Pages is just to upload and download files (i.e. as a sort of file host), and if you want to share certain files with a limited circle so that they can download the files too, they can't unless you give them your GPC login and password, which isn't generally a good idea especially as it'll give them access to your Gmail account email and your Google Account too.

So hiding your site is a bit of a blunt instrument. There's also a problem with Internet Explorer (at least IE7), in that if you tick Hide this site and then leave that page, when you go back to Site Settings you may find that it hasn't "taken" and the box has unticked itself, so you may have to do it several times and keep checking to see that it's worked. No surprise, again.

(Discovered by the inimitable Kirk, but of course.)

Labels: , ,

| View blog reactions | Links to this post | Post a comment or view 2 comment(s) | Subscribe to Post Comments [Atom] | Subscribe to all comments on all posts