What is Sacred?

I saw this on the Colbert show a couple days ago.  I thought the Havard professor’s ideas were very thought provoking.  I also thought it was interesting seeing Colbert talk about his faith briefly.  If you didn’t know he is a Sunday school teacher.  Oh man, how much would I pay to sit in on a Bible lesson from Colbert…

Sean Dorrance Kelly-Sean Dorrance Kelly believes that we’ve lost the notion of what’s sacred in our existence (06:48)

So what do you think?  I don’t think that it means you can’t literally EVER laugh at something or it looses the sacredness(?). But laughing as in ridiculing it for being what it is. Laughing at something funny/ironic is different than ridiculing something to destroy its image.  So I think there is a middle ground we should tread here.  I mean after all, satire is a genius way of getting a point across.  And I love to laugh at satire.

Campus Organizations Portlet

As you know, I am currently programming web applications for the University of California Irvine.  I mainly work on web content for the student portal, ZotPortal.  If you aren’t too sure of what a web portal is, think iGoogle–lots of different content pieces all together in one place.  These content pieces are called portlets and I design, engineer, and maintain them on ZotPortal.  I want to talk about about two different things in this post, 1) a portlet I designed that enables people to search for on campus organizations at UCI and 2) some different ways of obfuscating email addresses(or other data) from potential spammers.  The connection will become apparent later.

Campus Organization Portlet

The Campus Organizations Portlet was the first portlet I built.  The idea was simple enough: given a feed of all the campus organizations, parse out the data, and display all the organization information in a searchable UI.  There are currently around 540 different organizations to show, so the data needed to be broken up into separate pages.  I decided to use the Fluid Pager javascript component to page through the data without having to reload the page.  This enables us to place each organization in its row along with its info box and category.  The gapped paging scheme makes navigating through the pages a breeze without cluttering the pager bar.  Some more javascript was added for to display organization info and the search bar to re-render the pager with just the search results.  All in all, the portlet is well put together and useful for finding clubs that interest you.

Now, on each organization’s information panel we supplied a mailing address so a user could contact the club leaders.  And since this portlet is accessible from the guest view, there is potential for spam bots to troll through our student portal and collect all of the club email addresses to sell or send spam to.  I wanted to hide the email addresses from the spammers while at the same time enable the viewer to use the email.  So, I spelled out the symbols in the email to confuse any would-be spam bots reading through my portlet data.  Instead of coolclub@uci.edu, coolclub[at][you see eye][period]edu.  An average spam bot wouldn’t recognize this as an email address, spam avoided!  The only thing that bothers me with this approach is the fact that the user has to do the work of replacing [at][you see eye][period] with”@uci.”.  Sure, it isn’t very difficult or time consuming, but it would be a lot better if the user could simply copy/paste or click a mailto tag.

I found someone in a similar dilemma and a really good answer was provided to him.  Examining these different methods of obfuscation allows us to pick the best one for our situation.

  1. CSS Codedirection
    • Coded
      • <span style="unicode-bidi:bidi-override; direction: rtl;">moc.elpmaxe@zyx</span>
        
    • Displayed
      • xyz@example.com
  2. CSS display:none
    • Coded
      • xyz<span style="display:none">foo</span>@example.com
        
    • Displayed
      • xyz@example.com
  3. ROT13 Encryption
    • Coded
      • decodeROT13(klm@rknzcyr.pbz); <!-- You'll have to use built in functions or define your own -->
        
    • Displayed
      • xyz@example.com
  4. Using ATs and DOTs
    • Displayed
      • xyz[AT]example[DOT]com
  5. Building with Javascript
    • Coded
      • var m = 'xyz';  m += '@';  m += 'example.com';  $('.email).append(m);
        
    • Displayed
      • xyz@example.com
  6. Replacing ‘@’ and ‘.’ with Entities
    • Coded
      • xyz&amp;amp;amp;amp;amp;#64;example&amp;amp;amp;amp;amp;#46;com
        
    • Displayed
      • xyz@example.com
  7. Splitting Email with Comments
    • Coded
      • xyz<!-- eat this spam --><!-- yeah! -->example<!-- shoo -->com
        
    • Displayed
      • xyz@example.com
  8. Urlencode
    • Coded
      • xyz%40example.com
        
    • Displayed
      • xyz@example.com
  9. Plaintext
    • Displayed
      • xyz@example.com

The author of this study (credit to Silvan Mühlemann; his original post can be found here) even watched of these methods for 1.5 years just to see the different amounts of spam each strategy would receive.  These were his findings…

Obfuscation Methods

The current obfuscating strategy I use received the lowest amount of spam out of the ones that got spam in this study, so it is an good choice.  However, there are better strategies, with zero spam, that don’t require any work from the user (strategies 1-3).  So I should change the strategy for obscuring the organization email in the portlet since there doesn’t seem to be any cost Late February 2011 we changed the obfuscating method and decided to use CSS direction.  We still are looking into a combination approach with CSS direction for display and javascript building for a mailto link for better and easier interaction.