Mint 2.0: Pirate Version
I came across the following code in a Mint installation today, and was pretty shocked. I’d never really considered that someone would want to pirate a $30 php product, but apparently I was quite wrong:
/* Code removed at the request of Shaun Inman, although technically it’s not his code anymore, just something someone (who knows who) hacked up around it… */*the usual bypass authorization by modifying the function to always validate hack*
Mint Piracy is a well-known problem to Shaun Inman, so I emailed him a potential solution to the problem of having to release his source code to users, but still needing some control. Hopefully in the future, we can work to bring piracy of Mint to a quick end.
Update: Inman isn’t a fan of the technique (which I think is perfect):
There is a simple way for you to track the origin of Mint pirate releases, and that is to add information to downloads in a way that looks normal, but actually can be later used to authenticate the source.
Person x buys mint, and you assign them id 123456. In base 2 you have 011110001001000000. So, the trick is, you now need to find 18 places in the code where you can choose one thing over another. So for every person x, you generate a unique download, choosing different adjectives in the comments in different places, etc, depending on the id you want to steganografically encrypt. The key to this is that you don’t tell anyone you’re doing it, and they probably won’t notice.
What do you think? Would this cause more grief?
Identity Theft & Mistaken Identity
Ever since my name and address became basically public information, and my blog decently read, I’ve had interesting experiences with various kinds of identity confusion. Some of it is cute, some of it is malicious, and some of it plainly scary. It’s strange that the content of blog, which sometime is just a mirror, can confuse me with otherwise notable individuals! Perhaps if I had some way of absorbing the identities, brains, and bank accounts of the people confused with me I’d like it more.
Christopher Paolini
A beautiful photo of a dragonfruit, which looks difficult to eat
The author of award-winning children’s fantasy novels Eragon and Eldest is certainly not I, and yet a post which was supposed to clear the matter up only made it worse. Here is a small selection of the fanmail I’ve received over the years:
- A short story titled Warriors of Lost Time. The story is obsessed with adjective razor-sharp (“… me with a scimitar and small gladiator shield that’s razor sharp all around, Drake with a razor sharp crescent blade …”), includes completely unbelievable events (“That’s when we realized that we had slept for 45 years without knowing it…”), and abuses narrative surprise (“So we went to the mountains and tried to mine but we found dwarves. Dwarves! We couldn’t believe our eyes.”).
- Many short inquiries of the nature, “if this is christophere paolini please email me back cos i want to ask some questions and i love ure books.”
- International fanmail, “I am 17-aged Corean girl, (do you know ‘Corea’ anyway?).”
A Wedding Photographer
A couple being married; hopefully happy
It was interesting when I received an email asking for wedding photography services:
My wife and i are planning to have our wedding on September 27th, 2006 at St Paul’s Church Bow Common Burdett Road,. I am looking for the best photographer who will come and snapshot on the D-day and when i came across your email i was impressed.
It could have been a complicated bit of spam, but why would spam bother to ask me how much it would cost to have the photographs taken?
A Bored Housewife / Teenage Music Lover / Sickly Man
While I love listening to music and reading…
Apparently, I’m the kind of guy who needs to test his blood sugar frequently because of diabetes, because I was signed up for telemarketing information calls about blood meters. However, one call was all it took to get my name off their list.
I was also surprised to get “Jack Black: Welcome to BMG Music Service!” in my inbox one day. I would sign up for a CD club scheme, and yet somehow someone signed me up. A quick email took care of that problem.
The most recent “I’ve been signed up for services I didn’t want” episode was today’s Home & Garden magazine bill. I ask you–do I look like I’d read H&G?
Flemming Rose
Fire’s a bad way to die–aparently it’s quite hot.
According to the Nation, a Saudi Arabian newspaper claimed that an “Elliot Back” was the notorious editor of the “Mohammed Cartoons” and perished in a fire in his apartment. Unfortunately, neither is true. The actual culture editor of Jyllands Posten is Fleming Rose.
Various other Elliott, Elliot, Eliott, or Eliot forms
Someday someone is bound to think that I’m Missy Elliott. w00t!
Because I’ve owned the address elliott@cornell.edu for some time, people wanting to email any of the other e(l)+io(t)+@cornell.edu have often addressed me incorrectly. Moreover, I’ve had companies interview me and send congratulations to a different elliott@ email address, which has been a big turn off. The problem with being an Elliott is that there are so many ways to spell it. And that’s even without the Bäck/Back/Black/Beck problem. If there’s just four ways to spell my first name and four to spell my last name, you arrive at a good fifteen ways to ruin my name.
That’s right–you’ve got a 6.25% of ever getting it right.
ClaimID: Your Online Identity
For Alexander Wrege, Claim ID, a new identity Web 2.0 project, is a complete success. After setting up a profile on Claim ID, a search for his rare name turns up the new profile in first place:
Not everyone is as lucky as Alex. About half of the claim ID profiles I surveyed did not appear in the first page of Google search results. However, as the domain is nearly a year old, its profile should begin ranking well on Google.
What exactly does Claim ID do? It let’s you associate hyperlinked material (web pages) with your name and a brief personal-biographical statement. In their own words,
ClaimID is a service that lets you claim the information that is about you online. That information is then associated with your name, providing folks an easy way to see what is and isn’t about you online. In doing so, you get to influence the search engines, and provide people more relevant information when they search for you. It’s time to reclaim some power back from the search engines. ClaimID is about letting you have some say in what search engines say about you.
Features
You have control over the following elements of your online life:
- Associate any URL with your name
- Claim websites you own as your own, and verify them
- Associate a biographical statement with your name
- Associate an image with your name
- Organize URLs into groups
There’s also a bookmarklet to help you collect links related to you, a very pretty AJAX-based interface, and a blog to keep updated on Claim ID related news.
Problems
Their privacy policy dictates how account deletion works:
Users may delete their information from our database by deleting their accounts. All personal information will be deleted, but the user’s name will be “locked” so that another user cannot use this name.
This could lead to a large number of names being permanently tied up. Without some form of name recycling, people will have to sign up with “Elliott Back 7889898.” A denial of service attack could be used to void large numbers of names, as well.
Also, the only thing it does right now is create a (name, {url}) binding. While useful, hopefully Claim ID will expand its features in the future.
Conclusion
If you want to see what Claim ID should look like, take a gander at my claim ID profile, which is just a few links and my photo. In a couple years, this will be a powerful identity service.