Tea
Storage? I am Storage!
Just wondering if anybody knows what Tannin's new avatar is?
idle thought
- Thread starter Tea
- Start date
Bozo
Storage? I am Storage!
Walabee??
Bozo :joker:
Bozo :joker:
Tannin
Storage? I am Storage!
Tea has gone to bed, guess I better help.
Wallaby Bozo? In a tree?
As Groucho would say (or was it the immortal Maxwell Smart? Both, I think) close but no cigar.
Wallaby Bozo? In a tree?
As Groucho would say (or was it the immortal Maxwell Smart? Both, I think) close but no cigar.
time
Storage? I am Storage!
Is this contest open to residents of Terra Australis? (Or in the case of Pradeep, former residents).
Bozo
Storage? I am Storage!
Lumholtz Tree Kangaroo
Bozo :joker:
Bozo :joker:
Tannin
Storage? I am Storage!
Tea, do you ever finish threads once you start them? Or just wander off vaguely into the sunset whenever you see something shiny?
Tea
Storage? I am Storage!
Sorry, Tannin. I forgot.
Bozo, you are 100% correct.
Bozo, you are 100% correct.
Tea
Storage? I am Storage!
I thought of running another little competition to see who could find it in this picture, but decided that this would be easier all around:
See the little dark brown dot the arrow points to? That be the tree kangaroo. Climbs nearly as well as I do! Only not as pretty.
See the little dark brown dot the arrow points to? That be the tree kangaroo. Climbs nearly as well as I do! Only not as pretty.
Tea
Storage? I am Storage!
By the way, they are about the same size as I'll be when I'm fully grown. Or, if you haven't had the pleasure of meeting me in the flesh yet, about the same as a small human. Weigh the same as petite adult woman or quite a bit more than a big dog. So, yes, that's a bloody long way up!
ddrueding
Fixture
That is a fantastic picture Tannin. I assume, considering how in-focus the tree kangaroo is, that it was the focus of the shot. How high a resolution is the entire shot?
Tea
Storage? I am Storage!
Oh, I had to zoom out a bit to fit Tanin's avatar into the 80 x 80. Here it is zoomed in a bit more.
sechs
Storage? I am Storage!
I'm getting two instances of browser_error.png in Firefox... Displays as well as may be expected in Internet Exploder.
ddrueding
Fixture
Works fine from here. Are you having DNS issues sechs?
Tannin
Storage? I am Storage!
That's almost certainly because your browser is misconfigured, Sechs. You probably are blocking referers. This means that my webserver can't tell whether you are are from Storage Forum (i,e., it is supposed to hand your browser the pictures) or some random scumbag stealing bandwidth. I thought I saw a setting for it in the Fox just yesterday, but now I can't find it. In Opera, it's preferences / advanced / network / enable reffer logging (which, of course, is ticked by default). Maybe I was thinking of Opera. But that's what it will be.
ddrueding
Fixture
I have not played with such a setting, and I use the fox, so it must be set to function properly by default.
Tannin
Storage? I am Storage!
Some third-party firewalls do it too. I think Zone Alarm is one, if I remember correctly. And yes, David, it is set properly by default on every browser I have ever heard of.
sechs
Storage? I am Storage!
You mean that my browser is more secure. It's configured correctly.
ddrueding
Fixture
How does blocking referrers make it more secure? How can something that doesn't work as expected be "configured correctly"?
sechs
Storage? I am Storage!
No one needs to know from where I'm coming. That's private information, and I'm securing it.
Now, the only thing not working as expected is the serving of the pictures. If something that doesn't work as expected isn't configured correctly, then, clearly, Tannin's host is misconfigured.
Now, the only thing not working as expected is the serving of the pictures. If something that doesn't work as expected isn't configured correctly, then, clearly, Tannin's host is misconfigured.
ddrueding
Fixture
Tannin choosing not to share his bandwidth with people linking his pictures without permission seems a pretty reasonable decision. And this purpose seems to be the most useful application of referrers that I know of.
sechs
Storage? I am Storage!
Perhaps he should have us ask for permission, rather than fishing around for our private information?
Keep in mind that the best of a bad thing is still bad. Just because it "seems to be the most useful application" does not make it a good one.
Keep in mind that the best of a bad thing is still bad. Just because it "seems to be the most useful application" does not make it a good one.
ddrueding
Fixture
I'd hardly consider the last page we visited private information. It's something that you can choose not to share, but that doesn't mean you should. I could go around in life not telling anyone my name, but it wouldn't be a good idea, and may prevent me from doing certain things.
Tannin
Storage? I am Storage!
Mate, you've got a pretty fair-sized misunderstanding happening here. Perhaps I better explain what a referer is and how it works.
The fundamental idea is very simple: a web server - any web server - needs to know where a request is coming from so that it can figure out what to do with it. For example, my server needs to know whether your browser requesting my image is a some random scumbag trying to steal my bandwidth (who can f*ck off elsewhere) or someone like you surfing Storage Forum, (who is very welcome to see it).
By blocking referers, you achieve no privacy increase whatever - the only thing a referer contains is the address of the page that is asking for the reffered object - nothing whatsoever about you, only the web page that is asking for (in this case) the picture.
Referers also provide the person running the website with aggregate information (i.e., non personally traceable info about hundreds or thousands of visitors) which is useful, and indeed essential, for all sorts of management tasks: without referers we would have no idea which site is sending how many visitors to what page.
Here, let's work an example. Let's say you run a small site about model cars. You pay US$50 a year for your hosting. All of a sudden, you have emails from your hosting company saying that you are over your bandwidth quota, your site shuts down, and you have heaps of extra visitors.
What should you do? Has the world + dog finally recognised that your model car site is the best one on the web and you are getting visitors from everywhere? Or is this a short-term thing because one particular major site has linked to you? Without referers, you have absolutely no idea what is going on, you can't make any sort of sensible decision. You are, in a word, rooted.
Enter referers: you hit your server logs and soon discover that 90% of your visitors are coming from one particular site. You have been Slashdotted. No problem, just wait a few days and most of the traffic will go away.
Let's work another example. You look at your site statistics and you discover that one particular page is getting masses more traffic than the others. Why? Is it that this page is the best one on your site and you should modify the others to bring them up to the same standard? Or are there problems with the other pages - people ain't visiting them much because they only work properly with Firefox and a lot of your visitors ae running IE, so they only go to the one part of our site that works for them? Or is it an external site that is deep-linking to you - in which case, you might need to consider modifying the linked-to page so that it provides a more generally useful introduction to your site, links to other pages you would like people to visit, and so on. Or is this the worst site on your page? Maybe the reason it gets so much traffic is that there is something very wrong with it and people go that far and then give up and go elsewhere.
A third example: you are running the web site for a motherboard manufacturer. You know that one of the most important things for your customers is to be able to find the driver downloads page. Now the raw page stats tell you how many hits the driver download page is getting, but where are they coming from? Are your customers finding the driver pages easily from the link on the front page? Or are people having to buggerise about endlessly using Google and/or your internal search engine before they get what they need? Or resorting to the site map? Or some other route you haven't even thought of? Once again, the answer is there in your site logs: because Apache records the reffering pages, you can see that (e.g.) only 5% of visitors get to the download page via the main page - so now you know that you better make the links and navigation a bit more obvious.
You can't answer any of these questions above - or any of the hundreds of others like them - without referers. They are there for a purpose. Indeed, this is the reason referers were invented in the first place all those years ago: they are useful and important, maybe not to you, but certainly to the people who provide the web pages you like to visit.
Now you can choose to block referers if you want to. But you need to be aware of three things that necessarily follow from this pointless practice:
The fundamental idea is very simple: a web server - any web server - needs to know where a request is coming from so that it can figure out what to do with it. For example, my server needs to know whether your browser requesting my image is a some random scumbag trying to steal my bandwidth (who can f*ck off elsewhere) or someone like you surfing Storage Forum, (who is very welcome to see it).
By blocking referers, you achieve no privacy increase whatever - the only thing a referer contains is the address of the page that is asking for the reffered object - nothing whatsoever about you, only the web page that is asking for (in this case) the picture.
Referers also provide the person running the website with aggregate information (i.e., non personally traceable info about hundreds or thousands of visitors) which is useful, and indeed essential, for all sorts of management tasks: without referers we would have no idea which site is sending how many visitors to what page.
Here, let's work an example. Let's say you run a small site about model cars. You pay US$50 a year for your hosting. All of a sudden, you have emails from your hosting company saying that you are over your bandwidth quota, your site shuts down, and you have heaps of extra visitors.
What should you do? Has the world + dog finally recognised that your model car site is the best one on the web and you are getting visitors from everywhere? Or is this a short-term thing because one particular major site has linked to you? Without referers, you have absolutely no idea what is going on, you can't make any sort of sensible decision. You are, in a word, rooted.
Enter referers: you hit your server logs and soon discover that 90% of your visitors are coming from one particular site. You have been Slashdotted. No problem, just wait a few days and most of the traffic will go away.
Let's work another example. You look at your site statistics and you discover that one particular page is getting masses more traffic than the others. Why? Is it that this page is the best one on your site and you should modify the others to bring them up to the same standard? Or are there problems with the other pages - people ain't visiting them much because they only work properly with Firefox and a lot of your visitors ae running IE, so they only go to the one part of our site that works for them? Or is it an external site that is deep-linking to you - in which case, you might need to consider modifying the linked-to page so that it provides a more generally useful introduction to your site, links to other pages you would like people to visit, and so on. Or is this the worst site on your page? Maybe the reason it gets so much traffic is that there is something very wrong with it and people go that far and then give up and go elsewhere.
A third example: you are running the web site for a motherboard manufacturer. You know that one of the most important things for your customers is to be able to find the driver downloads page. Now the raw page stats tell you how many hits the driver download page is getting, but where are they coming from? Are your customers finding the driver pages easily from the link on the front page? Or are people having to buggerise about endlessly using Google and/or your internal search engine before they get what they need? Or resorting to the site map? Or some other route you haven't even thought of? Once again, the answer is there in your site logs: because Apache records the reffering pages, you can see that (e.g.) only 5% of visitors get to the download page via the main page - so now you know that you better make the links and navigation a bit more obvious.
You can't answer any of these questions above - or any of the hundreds of others like them - without referers. They are there for a purpose. Indeed, this is the reason referers were invented in the first place all those years ago: they are useful and important, maybe not to you, but certainly to the people who provide the web pages you like to visit.
Now you can choose to block referers if you want to. But you need to be aware of three things that necessarily follow from this pointless practice:
- It will from time to time mess up your web surfing.
- It denies the webmasters of the sites you visit the information that they need to do their jobs properly.
- It makes you stand out like dog's balls in the site access logs - i.e., it reduces your privacy. It is exactly like wearing a full-face mask when you go shopping: everyone turns around and looks at you wondering who the idiot in the mask is. If you just wore a T-shirt and jeans like everyone else, no-one would even look at you.
ddrueding
Fixture
e_dawg
Storage Freak
Hiding in plain sight.
Good line. Never heard it before. Consider it stolen
We'll make an Aussie out of you yet
Bozo
Storage? I am Storage!
RE: referers.
How does a server handle someone who visits your site but is using something like TOR? Does it only see the last address?
http://en.wikipedia.org/wiki/Tor_(anonymity_network)
Bozo :joker:
How does a server handle someone who visits your site but is using something like TOR? Does it only see the last address?
http://en.wikipedia.org/wiki/Tor_(anonymity_network)
Bozo :joker:
Tannin
Storage? I am Storage!
The server only ever sees the last address, Bozo. So, for example, when you hit this thread, the SF server saw your refferring address which was most likely the SF Pub and Brewery. Your browser downloaded this page which, among other things, contains a link to my site. So now my server gets into the act. Your browser sends a request to my site, asking for the image. Your browser tells my server three things: (1) the URL of the image it wants, (2) the URL of the referring page, (3) the IP address to send the image to. All three are necessary: the desired URL (because otherwise my server doesn't know what you want and can't send it), the referrer (because otherwise my server doesn't know if you are allowed to have my image or not), and your IP address (because otherwise my server doesn't know where to send the image and you never get it).
A quick read of the TOR page suggests that the request is passed on by the TOR network intact, except that my server never sees your IP address, only one of the TOR IP addreses - which is, in most cases, just fine. As long as there is some way of you getting the data anyway, I don't need to know your IP address and neither does my server. (If you use a router at home, this is in fact exactly what happens anyway: your machine is something like 192.168.1.103 but my server sees the IP address of your ADSL modem, which is completely different. So long as your router is smart enough to sort it all out, it doesn't matter.
If it turns out that the TOR network starts being a cloak for abuse - DOS attacks, bandwidth theft, stuff like that, then it is a simple matter to tell Apache to deny all requests from that IP range. In practice, this is very rarely needed.
A quick read of the TOR page suggests that the request is passed on by the TOR network intact, except that my server never sees your IP address, only one of the TOR IP addreses - which is, in most cases, just fine. As long as there is some way of you getting the data anyway, I don't need to know your IP address and neither does my server. (If you use a router at home, this is in fact exactly what happens anyway: your machine is something like 192.168.1.103 but my server sees the IP address of your ADSL modem, which is completely different. So long as your router is smart enough to sort it all out, it doesn't matter.
If it turns out that the TOR network starts being a cloak for abuse - DOS attacks, bandwidth theft, stuff like that, then it is a simple matter to tell Apache to deny all requests from that IP range. In practice, this is very rarely needed.
sechs
Storage? I am Storage!
Tannin, I think that you misunderstand the situation.
If you want people to see what you're serving, then it behooves you not to block it. Stopping people who you consider to be valid users from utilising your website is not a solution.
This is to say that a half-assed solution tends to lead to half-assed results.
I am not here to provide you with information. In fact, you serve files to me to provide me with information. If you want me to see it, the onus is on you to work through any issues you may perceive having. And if you don't want me to see it, giving false and largely useless information is certainly not going to tell me anything.
While folks such as myself may stick out "like dog's balls," when folks look and see someone in a mask, they see a person in a mask. While you may wonder who this idiot is, most will simply wonder why he or she is wearing a mask and move on.
If you want people to see what you're serving, then it behooves you not to block it. Stopping people who you consider to be valid users from utilising your website is not a solution.
This is to say that a half-assed solution tends to lead to half-assed results.
I am not here to provide you with information. In fact, you serve files to me to provide me with information. If you want me to see it, the onus is on you to work through any issues you may perceive having. And if you don't want me to see it, giving false and largely useless information is certainly not going to tell me anything.
While folks such as myself may stick out "like dog's balls," when folks look and see someone in a mask, they see a person in a mask. While you may wonder who this idiot is, most will simply wonder why he or she is wearing a mask and move on.
Tannin
Storage? I am Storage!
Not even close.
OK, I tried being paitent and polite, even (remarkably enough) in the face of the offensive and plain wrong "fishing around for our private information" claim above. But I can see that that was a waste of time in your case. Lesson learned. So here is the plain, unvarnised version:
Like almost anyone else who runs a website I don't want people to see what I'm serving: I want honest, decent people to see what I'm serving, and I don't want to waste bandwidth on scumbags. It seems to be working pretty well.
OK, I tried being paitent and polite, even (remarkably enough) in the face of the offensive and plain wrong "fishing around for our private information" claim above. But I can see that that was a waste of time in your case. Lesson learned. So here is the plain, unvarnised version:
Like almost anyone else who runs a website I don't want people to see what I'm serving: I want honest, decent people to see what I'm serving, and I don't want to waste bandwidth on scumbags. It seems to be working pretty well.
mubs
Storage? I am Storage!
Tannin, I learned quite a bit from your post. Thanks for that; I certainly appreciate the lucid explanation. For someone with no background / knowledge of these things, I got a very clear picture of the situation.
sechs
Storage? I am Storage!
Tannin has resorted to back-handed attacks on my character. There's some classy behavior.