Daily tweets

  • Called for food delivery from X Sub.But they are actually Sub X. Which on the phone sounds like express mail (FedEx et al). #
  • Participated in an argument on a technical subject.Was wrong.Love it when it happens.Should.Learn.More. #
  • Watching a really nice movie about teenagers on Ajara TV. I wish I knew the title… #
  • The movie was "Late Night Shopping" – http://www.imdb.com/title/tt0250491/ <http://www.imdb.com/title/tt0250491/> . Very refreshing #

Chorizo security scanner

(Originally I wanted to tweet this, but it grew far longer than 140 characters.)

I tried a free version of Chorizo security scanner. It’s one of those tools that should make secure web applications much easier.

I liked the idea of the proxy setup.  Instead of downloading any software or scanning a web site generating lots of extra traffic, it works in a proxy mode.  You configure a proxy server in your browser, add the domain to Chorizo profile, verify the domain by uploading a signature file to the server, and then simply browse around.  There are a couple of nice windows hanging around, showing you things, etc.  It even works in Konqueror…

What I didn’t like that the scanner didn’t find any problems with an obviously problematic web site.  I can easily do SQL injections on the pages that I browsed and I am sure cross-site scripting isn’t any more difficult.  Yet, the scanner showed “0 vulnerabilities found” message.

There is also a commercial offering of the service, where you can add more than one domain and have some advanced reports and stuff.  But, I don’t feel like paying a couple of hundred EUR per year for something that didn’t find obvious problems.

Maybe they are a new service or have some temporary problems. Maybe I’ll give them another try some time later.  But for now the answer is  a definite “No”.  Pity.

Google Search utilization

One of the cool things about Google Search is Search History.  You can enable it for your account and Google will keep track of things your search for and pages you visit from search results.  (It sounds like a nightmare for privacy concerned citizens, but I’m not one of them.)  Together with a very useful browsing of past search queries and results, you can also see Trends of your own Google usage.  It comes in a variety of forms and provides both entertaining value and an insight on how you work.  Here is a partial picture of my trends for the last year.

Google Search trends

December was both a time of holiday preparations and a start of my own business affairs.  Together that produced a spike in my search activities.  In April I was busy with things I knew inside out, so my search activities dropped significantly.

The weekly breakdown gives a fair picture of how I work.  On Monday I getting used to the new week and catch up with email and feeds.  On Tuesday I do most of my work, so the search activity is at its pick.  Then it goes down, down, down…

Hour stats indicate that I never sleep.  I’ve been searching on Google at any our of the day and night.  Most of my searches are around lunch time (14:00-15:00 and 16:00-17:00).  Also, it’s easy to see how my work hours are split up.  I seem to average high between 12:00pm and 21:00, which is like a whole 9 hours of work.  And then I have another productive session between 23:00 and 02:00am.  And that’s about right.

There is also another chart which shows monthly activity.  It gives a day by day breakdown of number of searches, a total number of search for that month, and a quick link to see search queries and results for any particular day.  Here is how it looks:

Google Search trends (August 2007)

So, this month I had four days with more than 151 searches per day.  Most of the days these month I generated between 76 and 150 searches per day.  A total so far is 5,194 searches.

I’m sure there are people who do much more Google searching.  But even with this numbers, it’s obvious that I’m dependent on Google.  Every single day, every single hour, I count on it to be there and to give me the results I expect.  What if one day it disappears?  I don’t even want to think about that…