In the new, digital economy, security is becoming more and more important. Online accounts are available everywhere. Your data needs to be safe. Security engineers have been paying a lot of attention to online security lately. Here are some trends in online security that are making the Internet a safer place.

1. Security Keys

Multi-factor authentication, or a way of using MORE than a username and password to prove your identity, is making serious advances.

Security keys are one popular multi-factor method of securing online accounts. Basically, you’re issued a device that contains a unique code generation algorithm. On the keychain-sized device, a 6-digit code changes every 30 seconds. The algorithm is shared between your device and the server that you’ll be authenticating with, so the server can generate the number, too. When the time comes to login, both ends of the transaction are able to generate THE SAME NUMBER and authenticate.

Currently, eBay/PayPal is mass-marketing these security devices. You can secure (not that it already isn’t) your account for a one-time fee of $5.00 USD. After your account is secured, it needs a username a password AND 6 digits that change every 30 seconds.  Unfortunately, this is ONLY available in the United States, Germany, and Australia.

PayPal.com

2. Key-Based Authentication

Another advance in the identity-proving arena is key-based authentication. Rather than a username and password, a user has a login key that contains a unique set of information–unique only to the visitor.

The authenticating server is equipped with a public-safe variant of that private key giving the user the digital equivalent of a padlock/key system. When a connection is initiated with a server, your computer encrypts your key in a securely-encrypted tunnel, sends it to the server where it is then decrypted (if you added a password) and matched against the key file (padlock). If successful, you are securely authenticated to the service. Essentially, rather than a short password that you have to type in, you have a long (1024 bits isn’t out-of-the-ordinary) password file that takes the password’s place.

Public implementations of this are still in the works; however, SSH has been using it for a long time now.

Learn more: http://www.laubenheimer.net/ssh-keys.shtml
Secure Shell on Wikipedia

3. OpenID

Attempts at central online identity management have been attempted in the past, but many experts say that OpenID is the best, most efficient and most flexible unified sign on system to bless the internet so far.

Logging in with OpenID couldn’t be easier. Rather than a username/password prompt, you’re asked to provide your OpenID identity URL. This URL can be anywhere. AOL, WordPress, and many other websites host your login identities as OpenID identities. In emails I have exchanged with Facebook, I know that they, too, are working to become an OpenID provider.

After entering your OpenID identity URL, you’ll be sent to your OpenID provider (eg: AOL) to verify your identity. It is up to the particular provider to determine the challenges that grant you access to your account. Verisign Labs, who licensed the PayPal Security Key, is providing OpenID solutions WITH your PayPal security key.  Most challenge with a simple username and password.

More information here: http://openid.net/
VeriSign PIP: http://pip.verisignlabs.com

4. Ambiguous Password Failure

When programming an authentication system, care must be taken to not reveal the underpinnings of the system and its structure.

Many websites will reveal the existence of an account to a potentially malicious user by saying “incorrect password.” The problem exists that with that type of verification, a malicious user knows that an account exists under the requested name and can proceed to breaking in with a brute-force or dictionary attack.

Now, many websites are just saying that the username/password is incorrect. Not only does this foil malicious cracker logins, but it causes the user to reassess his or her login credentials.

Conclusion

If you’ve seen good online security practices in the wild, let the world know in the comments area.

ONE OF THESE DAYS I will get Dugg. Being Dugg is a word used to describe when your site hits the front page of social-news über-phenomenon digg.com, where “democracy” picks the best content.

I always try to write articles that are Digg-worthy, but I never get promoted. I have submitted stories that were subsequently promoted to the front page, but they were both videos.

I would do anything, short of killing myself. I write awesome content (including Top 10 lists!). I try to make the site fun-to-read and easy-to-navigate.

In order to make digg/popular, I would…

• Skip graduation.
• Kill an adorable kitten.
• Vote for Hillary.
• Swear at the Pope.
• Quit my jobs.
• Drop out of school.
• Cancel my Facebook account, even though it’s virtually impossible.
• Embezzle money.
• Edit my own (non-existant) Wikipedia entry.
• Buy Adobe(R) Photoshop(TM).
• Stop wearing underwear.

Situation: You’re sitting at your computer downloading stuff. You paid for it, and you received digital copies instantly. There were no humans, except you, involved, and there was virtually no labor involved in distribution.

Background

Supply and Demand is an economic concept that states that the best price for an item is found where a supply curve and a demand curve meet. It’s a very accurate way to determine how much to charge for an item–it’s the economic concept that drives the United States.

However, with globalization and the popularization of digital assets, such as a media file, the typical supply and demand curves are difficult–if not impossible–to chart.

The two parts of the S&D concept are, of course, supply and demand.

Law of Demand

When a price for an item is higher, demand for that item is typically lower. the relationship is inversely proportional. Basically–If people want something, they’re willing to pay for it.

Law of Supply

When a price increases, production must also increase to maintain profits.

Elasticity

Where changes in factors cause change in supply and demand relations an availability of a substitute is a great influence of Elasticity–if a competing product is stealing your business, you’ll change some factors (price, probably) to get them back.

You can see how a delicate balance of these laws would be good for the economy. This balance is referred to as equilibrium.

A recent example: The Nintendo Wii game console’s impossible-to-find status during the 2007-2008 Holiday season. Even at an estimated production of 1.8 million consoles per month, sales of over 400,000 kept the shelves wiped out.

An un-example: Fuel prices. They’re high because the oil companies want the money. Demand hasn’t risen, but it has fell due to high prices. But, if a dramatic decrease in fuel prices occurred, demand would raise–and then the price would have to skyrocket, yet again.

That’s great, but consider a digital economy:

Supply

Infinite. Rather than distributing goods, copies of the goods are automatically made and then distributed.

Demand

Variable, depending on the price set, and how the items are desired.

So does digital supply and demand exist?

Some say “No.” When using the traditional model of supply and demand, an infinite supply makes it impossible to calculate equilibrium–any calculator would return an ERROR.

But in a way “Yes.” You cannot sell a product without demand. Without demand, there would not be a buyer. Without a buyer, supply is not necessary. Therefore, without demand, supply is not necessary. You must have demand if you expect to sell your supply.

Therefore, an unlimited supply should not be factored into digital economics. Rather than a supply, a goal has to be set. How much did this production cost? And how many people do I expect to buy it? When those questions are answered, profit can be calculated.

Production cost:     $25,000.00  # I don't know how much money it takes

Desired cost         $      .99

Units Sold:              25,253
Actual Cost Per Unit	  $0.99  # Production Cost / Units Sold

Profit Per Unit	          $0.00  # Desired Cost - Actual Cost

Profit	                  $0.47  # (Desired Cost * Units Sold)-Production Cost

I built a digital economics toy that requires Microsoft Excel to play with. If you don’t have Excel, download this and upload it to Google Documents–the equations will work.

Digital Supply and Demand Spreadsheet

If you use Microsoft Excel, you can use the “Goal Seek” function to help you solve for values. In Office 2007, click “Data > What-if Analysis > Goal Seek” and set the values. You’ll find the calculator rather interesting.

The cost of producing these goods is the same for one item sold as it is for 2 million. The profit is what softens the blow. Interestingly, with these numbers, after 33,310,474.71 copies of this item, the Actual Cost Per Unit reaches $0.00.

Digital Rights Management (DRM)

One parallel that cannot be drawn between online items and real, tangible items is the ability to sell and redistribute.

For example, if I purchased a CD from… say… Wal*Mart, I could use that CD a few times, and then I could take that CD and sell it or give it away. Online-purchased media, however, comes in sealed-to-your-identity packages.

You have NO means of giving that digital media to a friend. You have NO means of selling that digital media back to the market in ANY way. If you decide for any reason that the product is defective, you can’t take it back, you can’t get a refund–because it’s impossible with the current state of online markets.

In Conclusion

I think that supply and demand exists in a digital economy–but not in the same way as it does in the analog world. Items must be sold to meet a quota, not to meet market demand. After the quota is reached, all earnings are PURE PROFIT. Products aren’t being sold to us in a fair way, either. Rather than having the right to distribute a digital product.

Being in college means I’ve got to be even more of a penny-pincher than I already am. I’d love to go out for coffee with my friends everyday, and there’s a whole lot of movies I’d like to buy–but I’ve got to restrain myself. But when one of my friends brought over his copy of Super Smash Bros. Brawl and three Wiimotes to play with, I was sold. Heck yes, I dropped a paycheck on the game (and an extra set of controllers so my roommate could play).

I’ve barely scratched the surface of the game, and it’s already been so worth it. The Smash Bros. franchise is ripe with replay value, and its unique combat system–increasing damage in order to knock an opponent off a stage, rather than emptying their health meter–makes it a little more unpredictable and fun. It’s a Grade-A party game, but just as fun to play on your own. The Wii version of the game (the third in the series) enhances the experience with beautifully-rendered visuals, a wide selection of new characters and items, and many more different ways to play.

Characters’ attacks have been upgraded as well. Instead of being cumbersome and annoying to handle (N64 version), Donkey Kong is now actually pretty fun to play. Yoshi now packs a bit more punch, and most other characters now have improved mid-air recovery moves to help them get back on the stage when they’re knocked off–very nice!

Another fun little addition: characters now have three different “taunts” (i.e., expressing your pride in kicking someone’s butt) instead of just one. Some of them are pretty funny. My personal favorite is Snake’s (Metal Gear Solid) taunt. While most of the other characters brag and celebrate, Snake just pulls out a cardboard box and hides under it for a few seconds … and then stands up. The end. … That’s just awesome.

Anyway, if you still find yourself enjoying the N64 of Gamecube versions of the game, you’ll probably want to pick this up. It’s one of those “if you own a Wii, you should own this game” kind of games.

29 agents made their way to Thriftway on April 1st, 2008 to stun the town by freezing for 5 short minutes. Agent Mel made the video.

Watch on YouTube! (for when you’re at home)

Those present:

• Agent Kovach (me)
• Agent Pride Fighter
• Agent Silverwoman
• Agen Braina
• Agent Kenny
• Agent Bacon
• Agent PO
• Agent Big Al
• Agent D-unit.
• Agent Cooler
• Agent Bindel
• Agent Brain
• Agent Smart
• Agent KAJ
• Agent Kay-shizzle
• Agent Wonder Woman
• Agents Mr. and Mrs. Incredible
• Agent Surprise!
• Agent Wells (who wouldn’t STFU)
• Agent Stephens (who wouldn’t STFU)
• Agent Mentz
• Agent Tonka
• Agent Shinny
• Agent Robinson
• Agent Beth
• Agent MJ

WordPress has been a primary source of income for me. It has been the driving force behind my success in my local communities. A major WordPress upgrade is coming: WordPress 2.5. Because of it’s impending release, I will be postponing the completion of several projects in order to be able to support the newer, better WP 2.5. Please enjoy looking at some screenshots of 2.5! Click any shot to make it bigger.

New Administration Interface

A total revamp has taken place. A light-blue and orange color scheme looks progressive, some say it’s too artsy. As you can see, the new color scheme is fresh, and definitely unique. Use of the color orange shows important HUD-style information. You can see it used in the comments menu, where a count of unapproved comments is shown.

The administration panels have been “divided” into the left tabs and the right tabs. The left tabs reflect pages that will effect your site’s content. The right tabs reflect settings for the site, such as plugins.

From the Dashboard, you can see several tasks, including links to write posts (blog entries) and pages. The shortcut to the page writing screen is a welcome addition.

New Post Writing Features

Developers have also revamped the post writing experience, including MUCH better media management, and plugin-free media embedding capabilities. You can easily embed images, audio, and video with WordPress 2.5. Also, rather than uploading, you can hotlink media from another website with ease. When you upload media, you can upload MULTIPLE files at the same time.

When adding photos, you have a new size available: medium. It’s an intermediate between thumbnails and full-sized. The photo add screen will let you apply css classes to images using a pleasant wizard-style GUI. Theme developers should note that adding css classes align-left, align-right, and align-center to your css will allow users to utilize these new layout features.

Uploaded media also appears in the Manage > Media Library tab, where you can easily flip through sort and filter uploads by file type and search by name. The media listing shows where certain assets have been used, and offers a permalink to the asset.

Improved search

WordPress search will examine posts and pages for content in WP 2.5 without additional plugins or hacks. The WordPress community’s cries have been answered. Previously, I preferred using the Search Everything plugin.

Better Security Practices

A new class has been in the WordPress codebase, called $wp->prepare. It basically takes user input and sanitizes it for safe database storage. WordPress 2.5 expects developers to begin using $wp-prepare to ramp up security.

Work on the XML-RPC interface has been completed as well. As for performance? I don’t know what the status is. I imagine that all fortifications will need to remain in place for high-traffic sites.

WordPress 2.5 is expected to be completed by March 10, 2008.

For more on WordPress 2.5

• See the codex article here: http://codex.wordpress.org/Version_2.5
• WordPress interface guidelines
• Download a nightly build.

Making it to Digg/Popular is the dream of many. Traffic spikes, thousands of visitors, and poor planning can cause catastrophic failure if you don’t plan carefully. Here are 10 tips to make sure failure isn’t an option.

Disclaimer: This is what I’ve heard. I’ve never been Dugg.

Infrastructure

1. Have responsive servers

A responsive web server is crucial to serving visitors. Lethargic websites repel visitors, and ultimately you lose the Digg. If a request hasn’t been cached, it needs to be generated quickly, and the only way to do that is with a powerful server. My web host, hostrocket.com, guarantees that my web server has 4.4 ghz of processor and at least 2 gigabytes of RAM. That should do it. If you can, Gzip content.

2. Have bandwidth

A responsive web server is nothing if your “tubes” are plugged or are small. If your host is capping your bandwidth, you’re screwed. If you have lots of media, you’re definitely screwed. My host claims redundant OC-3/OC-12 lines.

3. Cache, cache, cache!

WordPress users especially! Database driven websites will grind to a halt when they make Digg/Popular. If you cache your site, your database servers won’t take a significant hit. Most content management systems include or have caching systems available. Drupal has caching built in. Wordpress users should get the wp-cache plugin and LEAVE IT ON.

4. Mirroring

If you have a video, and you’re pretentious enough to host it yourself, do the world a favor and upload it to a video sharing site, like YouTube or break.com, and then link to it from your page. They have bandwidth to supply streaming video to thousands… you don’t.

It also doesn’t hurt to visit your site on caching systems like Coral before you make Digg/Popular. Simply add .nyud.net after your domain. My website, for example, would be http://www.bradkovach.com.nyud.net on the Coral network.

Design

5. Reveal your feeds

If you have an RSS enabled site, show it off! Use the ubiquitous feed icon… Make sure your HTML declares that you have an RSS feed to light up feed finders in all modern browsers.

Put this between the <head> </head> on all pages.
<link rel="alternate" type="application/rss+xml" title="[website
title here]" href="[link to RSS feed here]" />


6. Make your site easy to navigate

All the basics should be on your site. Make sure clicking the logo takes you to your home page. If there are dropdowns, make sure the user knows before he or she mouses-over. Add chronological context so that by “going left” users know that they are visiting older context and “going right” is newer content (or vice-versa).

Search is a must. If your CMS doesn’t do this, use Google SiteSearch. It’s free.

Make sure your website works in all major browsers. At least cover the big four: IE6, IE7, Firefox, and Safari.

7. Make Digg buttons available

If your users are coming from Digg, make it easy for them to support your content. Use Digg Tools to make sure your content has a Digg button that works.

Writing

8. Be cheeky

Digg users appreciate sarcasm. If you have opinions, let it show. Make sure diggers know that you are addressing THEM. Diggers also have tendencies that they go crazy over. Ron Paul and Apple gossip are categories that make people salivate/soak undies. The video game phenom Portal is another excellent topic.

9. Use lists

Lists obey the f-shaped pattern and help your visitors get through your content quickly. Diggers are busy people. Make sure you help them speed through the internet. Don’t consume their time. Unless you have games.

10. Think it out

A well constructed article will be organized. A little pre-writing goes a long way. I have this list scratched out in a Moleskine cahier that never leaves my desk. It isn’t much, but it helped me organized the flow of my article. Diggers are know-it-alls. They appreciate good grammar and a spell-checked document. Proofread and find mistakes.

In Parts One and Two of my series on The Demise of Facebook, I looked at Facebook’s background in general, Facebook’s infrastructure choices up to this point, and how its users have paid the price.

Security and Privacy

Facebook touts its security and privacy as a big feature. Part of Facebook’s appeal comes from the fact that you can “use privacy settings to control who sees your info.” (Quoted from Facebook’s homepage).

Facebook, although diligent in keeping information from the public eye, has lax policies regarding usage of private data within the company. A recent scoop by tech-gossip aggregator Valleywag exposed that “Facebook employees can (and do) check out anyone’s profile.”

Facebook employees can also cross-reference profile views, by perusing a list of profiles a user has viewed. Surprisingly, the privacy policy, which every user agrees to, doesn’t forbid this practice. Hypocritically, if you send a user a copy of a profile, it’s a privacy policy violation, which have previously been punished with cease and desist letters! When Facebook says you can “use privacy settings to control who sees your info,” they mean that you can use privacy settings to control who (of people that don’t work at Facebook) can see your info.

Facebook openly admits to objectionable data aggregation practices. Facebook’s privacy policy states that “we may use information about you that we collect from other sources, including but not limited to newspapers and Internet sources such as blogs, instant messaging services and other users of Facebook, to supplement your profile” (Facebook’s Privacy Policy). Translation: “we might stalk you using newspapers, blogs, instant messenging services, and other users of Facebook to help people stalk you faster.” They harvest data? This stalking process needs a cool name. Like Beacon.

Facebook Beacon

To clear up misconceptions, I need to explain some terminology. Opt-in and Opt-out are words used to describe security practices. When a service is said to be opt-in, it means the user chose to partake in the service. Users can OPTion IN. When a security practice is opt-out, it means the user is automatically enrolled/subjected/interacting with a service, sometimes without knowledge that they were. Users can OPTion OUT from their enrollment.

Facebook Beacon, akin to Platform in that it allows 3rd party integration with Facebook, was originally opt-in without a chance to opt-out. When a user would make an action on non-Facebook websites, such as a purchase, information would be sent back to Facebook, without the user’s consent.

Facebook Beacon has raised significant problems. During the 2007 holiday season, Overstock.com customers noticed that their purchases were being aggregated to Facebook… which is bad if you’re buying for a Facebook friend, or spouse…

Sean Lane’s purchase was supposed to be a surprise for his wife. Then it appeared as a news headline - “Sean Lane bought 14k White Gold 1/5 ct Diamond Eternity Flower Ring from overstock.com” - last week on the social networking Web site Facebook.

Without Lane’s knowledge, the headline was visible to everyone in his online network, including 500 classmates from Columbia University and 220 other friends, co-workers and acquaintances.

And his wife.

Facebook backs down in privacy case

It’s not all bad, though. After exposing the online habits of millions of users without permission, Facebook apologized to users, and will now allow them to opt-out. Facebook CEO Mark Zuckerberg apologized for Beacon’s intrusiveness in a press release on Facebook.com. Curiously, after the apology, Beacon has remained opt-in by default. Millions of naive users are having information aggregated about them. I suggest you turn it off.

Turning off Beacon

1. Go to the privacy page
2. Select “edit settings“
3. Check “Don’t allow any websites to send stories to my profile” and click “Save.”

Update: Respect

I had this in my notes, I just forgot to add it.

Facebook may be the most fun you’ve had online. I’ve had a blast using it. Facebook is hoarding your data. People upload photos, events, their lives, etc. to Facebook. Good luck getting it back. Facebook makes it difficult, if not impossible, to cancel your account. You can “Deactivate” your account, but it’s there… waiting… for you to come back and rejoin Facebook. You can deactivate, but Facebook has all of your photos, comments, demographic information, and your online life archived… for whatever reason.

According to Facebook’s Privacy Policy, “Individuals who wish to deactivate their Facebook account may do so on the My Account page. Removed information may persist in backup copies for a reasonable period of time but will not be generally available to members of Facebook.”

Even continued requests to Facebook support yield endless hoops to jump through. In the hilarious article 2504 Steps to closing your Facebook account, Stephen Mansour proves that it is nearly impossible to close a Facebook account. His email banter with a customer “service” representative proved it:

If you do want your information completely wiped from our servers, we can do this for you.

So he deleted everything. However…

[Facebook] apologize[s], but you have not completely deleted all of your information. You still have incoming and outgoing messages, wall posts, mini-feed stories, friends, and contact information remaining on your profile. Once you have completely removed all information from your account, I will permanently delete it for you.

Facebook doesn’t respect your data. They hoard it. They profit from it. Without it, they wouldn’t be worth a recent $10 billion investment from Microsoft.

Citations

• Facebook employees know what profiles you look at
• Facebook | Privacy Policy
• Facebook backs down in privacy case
• Announcement: Facebook Users Can Now Opt-Out of Beacon Feature
• 2504 steps to closing your Facebook account

In Part 1 of The Demise of Facebook, I looked at several facets of Facebook that have helped it become popular. People have always been pleased with Facebook’s simple interface layout and easy navigation, but there are some flaws in Facebook that will haunt its future.

Applications are ruining Facebook. Photo: I Started Something

Platform

In the beginning, when Facebook was limited, it provided simple features: messaging, friend lists, event management, etc. As Facebook grew, so did it’s vision. Facebook has grown from simple networking/messaging to an online social operating system. CEO Mark Zuckerberg even voiced in his F8 (ironically spells fate) Keynote that the new vision of Facebook is to become an operating system.

Facebook Platform, a mesh of extensive APIs and programming malarkey, allows developers to build on to Facebook. Developers can create applications that hook their applications into Facebook, and vice-versa.

These applications are getting a mixed reception. Some people hate them. Many like them. But all are plagued by the spam-like social nature of the applications. Some applications, such as the Picasa application, provide useful conduit to another service on the Internet. The Picasa application, for example, allows you to upload photos, using the Picasa desktop program, straight to Facebook. Other applications have missed the mark entirely.

Applications are getting out of hand. People loved the mature Facebook. It was messaging/friend-making/event-planning bliss. Facebook is locked in a gradual, deadly decline.

When I log on to Facebook, dozens of “application invites” plug up my notification area. People want to know if I want to play “Pirates vs. Ninjas”… Hell no. “Grow a plant on my profile?”… Like weed? Punch someone?… Yeah, in real life.

Application developers are loving the gigantic social graph they tap into with their applications. For example, a Stanford course on Facebook Applications was collectively able to obtain 10 million users in 10 weeks. People are raking it in, too. A do-what-you-want policy lets application developers maintain applications for no fees, and serve advertisements without penalty. This win-win model allows some application developers earn upwards of $4,000 a day.

Facebook, has been deemed the number 1 persuasive technology¹. This clout, coupled with the power of the social graph, greedy developers and a juicy API have rocketed Facebook into the online operating system world. Although capable, Facebook will never be taken seriously as an online operating system due to the fact that “Pirates vs. Ninjas” has nothing to do with productivity or networking. At all.

Citations

1. Learning to Create Engaging Apps for Facebook: What Works and What Does Not - http://www.baychi.org/calendar/20071211/#1
2. Facebook Developers | Videos - http://developers.facebook.com/videos.php

Although we know that Firefox has some issues, a large portion of the internet is starting to use Firefox. As a web developer, there are several methods that I have devised to show the Internet how I browse. Using a variety of CSS and HTML tricks, I can publicize Firefox. Since my website was designed with primarily Firefox in mind, my users would benefit from switching. I’m no dummy… I’ve made my website work in the Big Four: IE6, IE7, Firefox and Safari. Through this article you should be able to learn some techniques of making IE cooperate a little more.

Firefox is gaining, but it still isn’t catching IE.

Easy: reveal something in the page.

We could use some of the advanced facets of conditional comments but we are only interested in appealing to one group of IE users: all of them. This conditional comment should do the trick…

<!--[if IE]>HTML<![endif]–>

The “HTML” is where we’ll put the IE specific content.

To show your IE users a Firefox banner, you could use…

<!--[if IE]><div id=”getfirefox” style=”text-align:
center”><a href=”http://www.spreadfirefox.com/?q=affiliates&id=0&t=216″><img
border=”0″ alt=”Firefox 2″ title=”Firefox 2″ src=”http://sfx-images.mozilla.org/affiliates/Buttons/ firefox2/468×60FF2_Orange.png” /></a></div><![endif]–>

Simple as that. Anything inside the conditional comment will be shown to your IE users!

Easy: Reveal something with server-side scripting

Using a variety of server-side languages, you can determine whether a user is using IE or not. I prefer PHP, since I’m a WordPress junkie.

<?php
if (eregi("MSIE",getenv("HTTP_USER_AGENT")) ||
eregi("Internet Explorer",getenv("HTTP_USER_AGENT"))) {
#insert IE specific code here.
}
?>

Method 3: CSS

You can easily assign classes to elements that will make a Firefox link look extra Firefoxy. This particular example will push over a link to make room for a little Firefox icon.

.firefox {
padding-left: 20px;
background: URL(firefox.png) no-repeat !important;
}

Now, in my web pages, I can assign this to anything I’d like, including links that would let you download Firefox. To make this link, I simply added the Firefox class to the link…

<a href="http://www.spreadfirefox.com" class="firefox">links that would let you download Firefox.</a>

Other uses for conditional comments

Aside from using conditional comments to evangelize Firefox, I’ve also used them to keep my valid CSS code hack-free. In some of my websites, such as ones I did for Lincoln County School District #2, it wasn’t appropriate to force an opinion on users. However, It is very appropriate to warn the users that they are using an old version of their browser.

In the case of IE7 being the latest and greatest breed if Internet Explorer, the following code will tell users that an upgrade is available for them. If you want the background as well, you’ll have to change the URL(ielogo.jpg) part to match a background image that you like.

<!--[if !IE 7]></p>
<div id=”ieupgrade” style=”background: URL(ielogo.jpg)
no-repeat; padding: 10px 15px 10px 200px; text-align: right;”>
<h2>Uh-oh!</h2>
<p>Although we’ve taken every possible step to ensure our site
works well with your computer, your browser is out of date!</p>
<h3><a href=”http://www.microsoft.com/windows/downloads/ie/getitnow.mspx”
target=”_blank”>update now »</a></h3>
</div>
<p><![endif]–>

Conclusions

Although good web developers shouldn’t be narrow-minded and develop for one browser, evangelism of a safer Internet is certainly worthwhile. Any action to help your users make a security-conscious decision is a good action. Do it.

Citations

• How to block MS Internet Explorer from your site… [http://www.devin.com/ieblock_howto.shtml]
• About Conditional Comments [http://msdn2.microsoft.com/en-us/library/ms537512.aspx]