The last week has seen two major failures on the Internet. The most important difference between the two failures is not what failed or why it failed or how it failed, but how the organizations handled those failures.

Last Tuesday, Google’s web-based Gmail service was out for about 100 minutes. 100 minutes is a long time on the Internet, and an eternity when you consider that there are 150 million Gmail users. That is a lot of people unable to check their mail. Google identified the problem quickly, but it took them the better part of two hours to get the solution deployed.

Also in the last week, a worm has been wandering the Internet attempting to break into WordPress-based sites, and has succeeded in a number of cases, including Robert Scoble’s Scobleizer.com.

Google and WordPress.org both had egg on their face, but only one of them handled it well.

[read more]

A few months ago, Google made a fairly fundamental change to how AdSense works. The change was a move to what Google calls ‘Interest-Based Advertising’ (IBA), which is advertising with targeting based on a user’s interests (duh). This might sound like not much of a big deal. After all, AdSense ads always targeted on web page contents and people tend to look at pages they are interested in. If you’re at a sports site, you’ll probably see sports ads. If you’re surfing a political site, you’ll probably see political ads. No big deal, right?

Yes and no. That is an accurate description of the old AdSense, but IBA changed the focus from the page to the person. Google serves ads everywhere so they know a lot about where you go on the web. From that, they make a guess (a good one) about what you are interested in, generally. IBA uses this interest information as the core of targeting rather than the content of the sites. So, you might see the same old ads, but you might also see political ads on your sports sites and vice versa.

Kind of cool, right? But also kind of unsettling. I mean, how well does Google know you?

[read more]

This past Thursday, early afternoon, after much tweaking and adjusting and adding obscure personal touches to the style sheet, I switched HostScope over to a new theme. If you are looking around the page and thinking “hmmm… it doesn’t look different”, you would be right. I have since switched back, despite preferring the new look in a lot of ways.

Let me explain.

[read more]

[Update: WordPress 2.8.4, which fixes this, has been released.]

We have a problem, folks. It turns out there is a way for anyone to reset your admin password without your permission. This exploit will not give them the new admin password. Nor will it permanently lock you out, as the new password will be mailed to your email address. Even so, it is still annoying to find yourself locked out of your own blog.

How do you do it? No, I’m not going to tell you. If you really want to know, I’m sure you can find out. Unlike some fishy programmers (read: jerks), I don’t really feel the need to propagate instructions for causing problems for other webmasters.

That said, I will happily provide the solution. I might even hack it into quick plugin tonight if I get the time, for people who don’t feel like either modifying their source code or waiting for a 2.8.4 security release.

[read more]