A Community Account Is Required, For Following A Blogger Blog

The Blogger / Google community building accessory, Following, has become so popular that recently we are seeing requests about Following by people without Blogger / Google accounts.

How do I Follow a blog using my HotMail account?

As if any email account can be used, for Following.

Right now, you can Follow a Blogger blog, using any of 6 different account hosts - 5 outside Blogger / Google authentication space.

• Google
• Twitter
• Yahoo
• AIM
• Netlog
• OpenID

Enabling Cookies And Scripts In Your Browser

As Blogger becomes both easier to use, and more full of features, it becomes an application with more code that runs on our computers. The code on our computers requires both cookies and scripts, installed on our computers as we use the various Blogger utilities. The cookies and scripts are increasingly susceptible to damage, from improperly implemented layered security.

The most visible component in our layered security strategy is the browser. Cookies and scripts are considered separately, and differently, for each different browser. When we also consider the multiple domains used by Blogger, and differing trust levels for each domain, we see how complex layered security is to implement.

With Chrome, you enable cookies and scripts from the Options wizard - "Under the Hood". The Privacy section contains the "Content settings" button, which gives you the "Content Settings" wizard. Here, you have selections for Cookies and Javascript - including "Manage exceptions" for each section.

With Firefox V3, you enable cookies from the browser menu, using Tools - Options - Privacy.

• Under History, ensure that "Firefox will:" is set to "Use custom settings for history". That will give you an array of settings.
• Ensure all settings are selected, except "Clear history when Firefox closes".
• Hit "Exceptions", and ensure that "blogger.com" and "google.com" are given "Allow" status.
• Ensure that "Keep until:" is set to "they expire".
• Hit "OK" to save settings.
• Note that any Firefox add-ons which filter cookies, and offer more detailed options, will have to be dealt with, separately.

Firefox does not contain any native script filters. The most popular add-on for Firefox is NoScript, and this is how most Firefox users filter scripts. You'll designate both "blogger.com", "google.com", and any Google domain excepting "blogspot.com", as trusted, when you load any display for the domain in question. An untrusted domain will show a "NoScript Untrusted" icon in the status area at the bottom of the window. To enable each domain, you position the cursor over the NoScript icon and select "Allow (domain URL)" in the popup menu.

With Internet Explorer V8, you enable security settings - both cookies and scripts - from the browser menu, using Tools - Internet Options. Optionally, you may access the "Internet Options" applet directly from the Windows Control Panel.

• IE uses a zone defense setting, where you designate "blogger.com" and "google.com", in Security, as being in the Trusted zone. Please note that "blogspot.com" should not be in the Trusted zone.
• Default settings for the Trusted zone will allow proper filtering of scripts.
• Verify proper settings, with "Trusted sites" selected, and the Security level slider control set to "Medium". Hit "Custom level", and examine the Settings list.
• Look for the "Scripting" section, 3/4 of the way to the bottom of the list.
• You will observe 6 options under "Scripting". Default settings will have all options Enabled, except "Allow Programmatic clipboard access"; you may wish to Enable this to allow easy use of Post Editor.
• Hit "OK", and "Yes" if necessary, then "OK" again.
• You enable Cookies under the "Privacy" tab.
• Set the Privacy slider to "Medium".
• Hit the "Advanced" button, and examine the "Advanced Privacy Settings".
• Both "First party Cookies" and "Third party Cookies" should be set to "Accept".

With Opera V9, you enable cookies and scripts from the Advanced tab, in the Preferences wizard. The Content menu contains selections for scripting. The Cookies menu contains selections for cookies.

With Safari V5, you enable cookies and scripts from the Preferences wizard. The Security icon, in Preferences, contains selections for cookies ("Accept cookies"), and for scripts ("Web content"). Select "Always" for "Accept cookies", to enable third party cookie access.

Note that these are known settings, for specified browsers. Both Firefox and Internet Explorer allow additional add-ons, which are installed at the decision of the computer owner. Cookie and script management is one popular add-on function - and comes under many different names. You, the computer owner, must be responsible for any add-ons which you install.

Remember to restart the browser, after changing any filtering settings.

>> Top

Blogger, Layered Security, And You

One of the problems with getting Blogger to fix the problems with Blogger / Google logins, with commenting, with Stats, and with Template Designer, is that each problem involves code that is provided by Blogger on their computers, and run by us, on our computers. Blogger writes the code, and we run the code - when we allow the code to run.

If we want our computers to remain under our control, and not become part of one or more worldwide collection of computers controlled by hackers, we have to be selective about what code we allow to run on our computers. In the computer security world, this is called "Deny by default, allow by exception."

We are protected by filters, which block both cookies and scripts, in various places.

• On our networks.
• In applications, on our computers.
• In our browsers.

Long ago, this was called "layered security", and was a good thing, since it helped us to keep our computers under our control. Each layer backs up the other layer, in preventing malware from being installed, or from running, on a protected computer.

Layered security is still a good thing, in general. With Blogger becoming both easier to use, and more full of features, Blogger code is more susceptible to damage from filtering, by layered security. Cookies and scripts, to be useful, must be properly permitted by all layers of the security strategy.

When we have a problem with using Blogger

• We can't login to Blogger, or stay logged in to access and maintain our blogs.
• We can't post comments to our blogs.
• We can't view Stats for our blogs - or can't view Stats with the desired detail.
• We can't customize our blogs, in Template Designer.

These are all problems with Blogger, possibly caused by layered security, improperly implemented on our computers or our networks. And most of these problems are ones that we need to fix, by learning how to control the filtering.

Similar to problems with filtered cookies or scripts is the decision that some blog owners make, to clear cookies / scripts when restarting the browser. Whether the cookies were never created, or deleted when the browser was closed - if the cookies don't exist when needed, or can't be accessed when needed, an application like Stats or Template Designer won't work properly.

Every layer in the security strategy must be properly configured, to work with the other layers. Both cookies and scripts must be carefully considered, in the settings for each layer.

• Browser native filters. If you use Internet Explorer, be aware of the IE zone defense.
• Browser add-ons and plug-ins.
• Anti-virus and firewall suites, on the computer.
• Modems and NAT routers, on the network.

And as you install add-ons, and change various settings, keep track of what you change. Don't become tempted to sacrifice an elephant, to make your Blogger application work, later.

>> Top

Spam Comment Moderation, Like Spam Blog Classification, Is Fuzzy

For years, we've been seeing numerous complaints in Blogger Help Forum: Something Is Broken about unrighteous spam classification of blogs.

My blog is not spam! How could anybody think that my blog is spam??

In some cases, these complaints will be posted by spammers, seeking to make trouble in the forums - in other cases, though, they will be righteous, and deserving. In the latter scenario, and following the well known (and not completely popular) 4 step spam review process, some folks see the welcome message.

Your blog was restored. Thanks for your patience.

One of the reasons for falsely accused blogs relates to the fuzzy spam blog classification process - which is necessitated by ever changing spam blog design. Like spam blog classification, spam comment moderation is fuzzy.

With fuzzy spam comment moderation, as with fuzzy spam blog classification, there will always be some spam comments that sit in the "Awaiting Moderation" queue (false negative detection), and other non spam comments that are immediately directed to the "Spam" queue (false positive detection). And like fuzzy spam blog classification, if you reduce false negative detections, you're going to increase false positive detections.

>> Top

It's Winter In The USA Again, And It's Time For More Seasonal Blog Decorations

And just as we saw earlier this year, we have more reports of blog hijacks.

My blog is getting redirected to some other website.

And, as noted last time, we see a possible "falling snow" decoration as the first suspect in the never ending drama of our blogs, under attack.

<script src='http://skigeninfotech.com/snowstorm.js' type='text/javascript'></script>

This problem, fortunately, was not too deceptive.

My blog is getting redirected to some other website (http://fileinxt.com/?dn=skigeninfotech.com&fp=pqVXxjF5eZbZPUdjA2CrQZZYLeqa1yd9fqFglE50v8v4EC1bOn33UcPSed%2FwDeiJ9Reh2eiwg8SutCcQJKwtDg%3D%3D&prvtof=pvwzxikjk5Y8qIVO5T2y%2FXDEmNhqCs0%2B8Ro0gzCGabvCE6HiL7ziqtwSEZqp3rEKm6Jh9%2FJ1f%2F2wvhisupe6NXdlr3gpOBXWMdVDWrkFKlk%3D&poru=M%2F0o7laCl49QHRW5Qtdx3sFgJ9q8HQrB4cyfP%2Fqb9agYFzJufaOkqO8J%2BtnyVG5HntoKr9AJzMJSk1shzG2Y7oQgw7gogohmR%2Fc7iiJpC6Y%3D&cifr=1&flrdr=yes&nxte=js)

A simple string search on "skigeninfotech" yields the find

<script src='http://skigeninfotech.com/snowstorm.js' type='text/javascript'></script>

So, remove the code, as prescribed earlier.

This hijack, fortunately, was not difficult to find. I bet more will follow.

>> Top

You May Not Have To Speak The Local Language

Blogger and Google want to make their services available to the entire world - and this involves recognising that the entire world does not speak English. Not only is the English language not spoken by the majority of the worlds inhabitants, it's not even the second most common. With this detail in mind, Blogger / Google tries to display their pages in the language of the local inhabitants, based on geo location of the Internet connection.

If you are in a land not your own, and you don't speak the local language, you may not do well reading the language either. When you want to use Blogger or Google, you may need to see the initial display in English (or in whatever non local language you speak). Fortunately, Blogger and Google have provided for this situation.

• With Blogger, "http://www.blogger.com" gives you a Blogger sign in page in the local language.
  • If you need to see the sign in page in English, you can use "http://www.blogger.com/start?hl=en". The Draft equivalent, "http://draft.blogger.com/start?hl=en", may or may not work, similarly, to let us use the New GUI (2011) Blogger.
  • If you need the page in your own language, use "http://www.blogger.com/start?hl=xx", where "xx" is the code for your language.
  • To permanently set the language that you want to use, from this computer, use the Blogger Language Selection wizard.
• With Google, "http://www.google.com" gives you the page in the local language. If you need to see the page in English, you can use "http://google.com/ncr".

>> Top

Security Change To BlogSend Leaves BlogSend Email Distribution Broken

This week, a few blog owners who use BlogSend to distribute notices of new posts to various readers noted a change - and not a change that they appreciated. Various reports were noted in Blogger Help Forum: Something Is Broken.

The email notification about my blogs new post is not in my spam, nor is it "pending approval" in my Google Groups management. It appears that the notifications are just not going out via BlogSend.

and

I wrote a new post today and then hit publish. I checked my email and it had arrived, but the sender was not my name, it was "blogger.com".

Blogger Support informed us that they recently changed the address that notifications get sent to - from the users' address, to "no-reply@blogger.com". This was changed as a quick fix, for a security vulnerability that they found.

This change will cause two issues of confusion.

• For blogs which depend upon direct email from BlogSend to your readers, the recipients of BlogSend will see email from "no-reply@blogger.com", for the new post notifications.
• For blogs which use BlogSend to a Google Group, if the group is private ("Members only" for "Who can post messages?"), BlogSend messages will simply stop posting to the group, and blog members will stop receiving notifications.

For the latter concern, there is a solution. Go to "Invite members", then to "Add members directly", and add "no-reply@blogger.com" as a member of the group. Note the warning

Note: Please use this feature carefully. Only add people you know. Using this feature for sending unwanted email can result in account deactivation.

---

(Update 2011/11/14): It appears that Google has disabled the option to add members directly, possibly to encourage us to use Google+ for blog publicity updates.

---

And having added "no-reply@blogger.com" as a member, go into "Management tasks" - "Manage members", and edit the entry for "no-reply@blogger.com". Ensure that "Member is allowed to post" is selected, if you don't want to have to approve each message - even though each message is from you.

Blogger Support has told us that adding "no-reply@blogger.com" as a group member will not present a problem. Let's hope that's correct.

>> Top

Blogger Blogs, And The Hall Of Mirrors

In the now distant past, one popular attraction in an amusement park would be a fun house, or maze. My favourite section of a fun house would be the "hall of mirrors" - a maze where all of the walls were mirrors. One person, entering the hall at one end would be seen in dozens of mirrors, all reflecting an image from other mirrors. You would see one person, and would have fun trying to decide whether that person was right in front of you, or perhaps a few feet away from you, with his / her image reflected off dozens of mirrors.

If you went into the maze with 2 or 3 friends, it would be like having a dozen friends. A dozen friends or other fun house visitors would seem like a hundred, and so on.

Blogger blogs are used by some blog owners, as a "hall of mirrors".

One popular technique for artificially increasing traffic, to ones blogs, similar to GPT / PTC / PTS, uses link farms - where the casual visitor to one blog is induced to click on a link, which takes him to a second blog. A similar link, on the second blog, takes the visitor back to the first blog, or on to a third blog. As in the hall of mirrors, one visitor is then counted twice, three times, or more. This is similar to "Next Blog" - but it is a "Next Blog" that is focused on other blogs in the link farm.

A variation of the link farm is an "affiliate marketing network", where a link contains a dynamic URL, which redirects randomly to another blog. This guarantees that the casual visitor sees a wide variety of blogs - again, though, blogs that are "affiliate" members.

By themselves, neither affiliate marketing networks or link farms are a problem. The problem encountered involves ads, which finance the affiliate marketing networks or link farms, added to the blogs. As with GPT / PTC / PTS traffic, these ads are being viewed by people who have no interest in the content of the blog being displayed, and no interest in the merchandise displayed in the ads.

They are simply visitors, surfing through the maze. As with the hall of mirrors, one visitor to the maze will produce a dozen clicks, each click leading to cash in somebody's pocket.

These visitors are more people who the advertisers pay for, and the merchandisers never see in their checkout lines. Again similar to GPT / PTC / PTS, this is more fraud.

If your blog is part of an "affiliate" network or link farm , with ads financing the blogs, that may be why your blog is now classified as spam - and that is why you are now here.

Gobble, Gobble.

>> Top

Access To Custom Domain Published Blogs In Singapore Blocked By Malware Detection

Bloggers in Singapore are reporting inability to access Blogger blogs published to non BlogSpot URLs, and cite apparent (false) malware detection

For the past week, I can't seem to view my website from my home!

It says-

Our systems have detected unusual traffic from your computer network

Right now, this appears to involve customers of MaxOnline / Starhub, and to only involve access to blogs not published to BlogSpot (custom domain publishing).

If you are in Singapore, and you are experiencing a problem accessing any Google service and see the above quoted error message, can you please provide details.

• Your IP address. If you do not know your IP address, you may use either of the following:
  • IP-Address
  • What is my IP Address
• Please verify the scope of your outage, using my standard 5 link connectivity test.

>> Top

Install HTML / JavaScript Accessories On Your Blog, Using Care And Discretion

Recently, we've had a few reports, in Blogger Help Forum: Something Is Broken, from unwary blog owners

I can't see my blog! I load it in the browser, and another website loads in its place!

or

I am getting reports from my readers that my blog contains a virus.

or even

Blogger just deleted my blog, and tells me that it contains malware. Help!

Some of these are people who have seen a shiny gadget or website, and either added the gadget to their blog, or added a link to their blog - and now, they are regretting that addition.

It's not difficult to add a link to your post or to a linklist gadget, or add a new HTML / JavaScript gadget to the template. Unfortunately, past experience has taught us that what we add to our blogs today may look and work great today - but not so great, next month (or even, next year).

And even if you do add a shiny gadget or link, to your blog - and it does not cause an obvious problem - be aware that some of your readers will filter untrusted content, such as HTML / JavaScript, on BlogSpot hosted websites. Any accessories that you add should not be used as a cornerstone for your blog design.

>> Top

Clearing Browser Cache

I've been helping bloggers maintain their Blogger blogs, and had to remind them of the occasional need to clear browser cache, a few times. Recently, somebody asked me, point blank

Chuck, how do I clear cache, anyway?

When I tried to answer, I realised that I did not know - I just do it, following the menus by instinct. This strategy does not help me to advise the average blogger, posting in Blogger Help Forum: How Do I?, very effectively.

One of the challenges is that each browser - and different versions of each browser - have different menus and wizards, for every maintenance procedure, and for every different setting. What we used to call "cache" and "cookies", so long ago, is now called "private data" - and there are multiple selections, varying by browser, for various parts of "private data".

With Chrome, you clear private data using the Wrench Icon - Options - "Under the Hood" - "Clear browsing data" wizard. My selections for clearing are:

• Clear browsing history
• Clear download history
• Empty the cache

I do not select, and recommend not clearing:

• Delete cookies and other site data
• Clear saved passwords

I personally do not select:

• Clear saved form data

With Firefox V3, you clear private data using the Tools - "Clear Recent History" wizard. My selections for clearing are:

• Browsing & Download History
• Cache

I do not select, and recommend not clearing:

• Cookies
• Active Logins
• Site Preferences

I personally do not select:

• Form & Search History

With Internet Explorer V8, you clear private data using the Tools - "Delete Browsing History" wizard. My selections for clearing are:

• Preserve Favourites website data
• Temporary Internet files
• History

I do not select, and recommend not clearing:

• Cookies
• Form data

I personally do not select:

• Passwords
• InPrivateFiltering data (this you may wish to read about)

With Opera V10, you clear private data using the Tools - "Delete Private Data" wizard. My selections for clearing are:

• Delete temporary cookies
• Delete entire cache
• Clear history of visited pages
• Clear history of downloads
• Clear bookmark visited time

I do not select, and recommend not clearing:

• Delete all cookies
• Delete password protected pages and data
• Clear all email account passwords

I personally do not select:

• Clear Password Manager
• Delete persistent storage
• Close all tabs

With Safari V5, you clear private data using the Gear icon - "Reset Safari" wizard. My selections for clearing are:

• Clear history
• Empty the cache
• Clear the Downloads window
• Close all Safari windows

I do not select, and recommend not clearing:

• Remove all cookies
• Remove all website icons
• Remove saved names and passwords

I personally do not select:

• Remove other AutoFill form text
• Reset all location warnings

Firefox appears to distinguish between "Cookies" and "Active Logins". If you examine the IE V8 "Delete Browsing History" screen, you'll note the advice about cookies.

Files stored on your computer by websites to save preferences such as login information.

This makes it appear that the equivalent of "Active Logins" (aka "authenticated sessions", in some of my advice) may be simply part of "cookies", in Chrome and Internet Explorer.

Similar to clearing of "cache" is clearing of "cache, cookies, and active login sessions". You'll also want to know how to enable cookies and scripts.

Remember to restart the browser, after clearing any private data, or changing any settings. And note the possible effects, depending upon your Internet service, of cache outside your browser, which you cannot clear. And finally, consider how all of this fits into the topic of Layered Security - which includes filters in the browser, in add-ons in the browser, in applications on the computer, and in appliances on the network.

>> Top

Spammers, The New Comment Moderation System, And Forum Activity

The new Blogger commenting system has been in place, in many of our blogs, for almost 3 months. Many bloggers have started to notice a marked decrease in spam, hitting our Published, and Awaiting Moderation, queues.

The spammers, who attempt to abuse our blogs, are seeing the effects of the new filters, also. They will have to increase their spamming activity, to keep a steady level of income. This will require constantly increased levels of spamming activity.

Besides posting more spam to our blogs, spammers will spend time posting in Blogger Help Forum: Something Is Broken and similar forums, and causing confusion there. As spammer activity is increasingly attenuated, we'll see more complaints. Don't expect them to openly complain

I can't publish my comments, because they are being filtered!

as people will recognise complaints like that, and know who is publishing them. Expect more devious complaints

The new spam filters don't work! Blogger needs to trash them, and start over!!

Unfortunately for the spammers, more and more bloggers are noting that the new filters do, indeed, work - though they do require some effort. And the effort required will be more productive, with every blogger participating actively.

>> Top

Custom Domain Published Blogs With Earthlink As Registrar Are Showing "Not Found"

Today, we see discussions in Blogger Help Forum: Something Is Broken about a problem with blogs published to custom domains, and using Earthlink DNS servers.

I have a blog showing "Server Not Found", and never got an answer here, so I called Earthlink tech support. It turns out it's an Earthlink problem with the "CNAME"s.

A straight "A" retrieval Dig shows us simply no DNS addresses.

; <<>> DiG 9.3.2 <<>> @localhost blog.data-miners.com A
 ; (2 servers found)
 ;; global options:  printcmd
 ;; Got answer:
 ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 52920
 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
 
 ;; QUESTION SECTION:
 ;blog.data-miners.com.  IN A
 
 ;; Query time: 584 msec
 ;; SERVER: 127.0.0.1#53(127.0.0.1)
 ;; WHEN: Fri Nov 12 02:58:59 2010
 ;; MSG SIZE  rcvd: 38

If we dig a bit deeper, we find out an interesting detail.

; <<>> DiG 9.3.2 <<>> @localhost data-miners.com ANY
 ; (2 servers found)
 ;; global options:  printcmd
 ;; Got answer:
 ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35417
 ;; flags: qr rd ra; QUERY: 1, ANSWER: 12, AUTHORITY: 0, ADDITIONAL: 0
 
 ;; QUESTION SECTION:
 ;data-miners.com.  IN ANY
 
 ;; ANSWER SECTION:
 data-miners.com. 86400 IN SOA localhost. hostmaster.earthlink.net. 2010033001 86400 900 2592000 86400
 data-miners.com. 86400 IN MX 1 aspmx.l.google.com.
 data-miners.com. 86400 IN MX 5 alt1.aspmx.l.google.com.
 data-miners.com. 86400 IN MX 5 alt2.aspmx.l.google.com.
 data-miners.com. 86400 IN MX 10 aspmx2.googlemail.com.
 data-miners.com. 86400 IN MX 10 aspmx3.googlemail.com.
 data-miners.com. 86400 IN MX 10 aspmx4.googlemail.com.
 data-miners.com. 86400 IN MX 10 aspmx5.googlemail.com.
 data-miners.com. 86400 IN A 207.217.125.50
 data-miners.com. 86400 IN NS dns1.earthlink.net.
 data-miners.com. 86400 IN NS dns2.earthlink.net.
 data-miners.com. 86400 IN NS dns3.earthlink.net.
 
 ;; Query time: 189 msec
 ;; SERVER: 127.0.0.1#53(127.0.0.1)
 ;; WHEN: Fri Nov 12 03:00:27 2010
 ;; MSG SIZE  rcvd: 351

The "SOA" record pointing to "localhost" seems a bit odd. For comparison, here's a similar Dig for my domain, "nitecruzr.net".

; <<>> DiG 9.3.2 <<>> @localhost nitecruzr.net ANY
 ; (2 servers found)
 ;; global options:  printcmd
 ;; Got answer:
 ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47224
 ;; flags: qr rd ra; QUERY: 1, ANSWER: 14, AUTHORITY: 0, ADDITIONAL: 0
 
 ;; QUESTION SECTION:
 ;nitecruzr.net.   IN ANY
 
 ;; ANSWER SECTION:
 nitecruzr.net.  3600 IN MX 10 aspmx.l.google.com.
 nitecruzr.net.  3600 IN MX 20 alt1.aspmx.l.google.com.
 nitecruzr.net.  3600 IN MX 30 alt2.aspmx.l.google.com.
 nitecruzr.net.  3600 IN MX 40 aspmx2.googlemail.com.
 nitecruzr.net.  3600 IN MX 50 aspmx3.googlemail.com.
 nitecruzr.net.  3600 IN A 216.239.32.21
 nitecruzr.net.  3600 IN A 216.239.34.21
 nitecruzr.net.  3600 IN A 216.239.36.21
 nitecruzr.net.  3600 IN A 216.239.38.21
 nitecruzr.net.  86400 IN SOA ns11.domaincontrol.com. dns.jomax.net. 2010080403 28800 7200 604800 86400
 nitecruzr.net.  3600 IN NS ns11.domaincontrol.com.
 nitecruzr.net.  3600 IN NS ns12.domaincontrol.com.
 nitecruzr.net.  3600 IN NS ns53.domaincontrol.com.
 nitecruzr.net.  3600 IN NS ns54.domaincontrol.com.
 
 ;; Query time: 120 msec
 ;; SERVER: 127.0.0.1#53(127.0.0.1)
 ;; WHEN: Fri Nov 12 03:26:29 2010
 ;; MSG SIZE  rcvd: 364

The "SOA" record needs to point to the authoritative DNS server for the domain. If we bypass the "SOA" for "data-miners.com", we get something more normal.

; <<>> DiG 9.3.2 <<>> @dns1.earthlink.net blog.data-miners.com A
 ; (1 server found)
 ;; global options:  printcmd
 ;; Got answer:
 ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 33911
 ;; flags: qr rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
 
 ;; QUESTION SECTION:
 ;blog.data-miners.com.  IN A
 
 ;; ANSWER SECTION:
 blog.data-miners.com. 86400 IN CNAME ghs.google.com.
 
 ;; Query time: 233 msec
 ;; SERVER: 207.217.126.11#53(207.217.126.11)
 ;; WHEN: Fri Nov 12 03:28:17 2010
 ;; MSG SIZE  rcvd: 63

Unfortunately, since the normal practice, when looking up a domain, is to start with the "SOA" record, "data-miners.com" - and other domains using Earthlink - may be out until Earthlink tech support figures out why their SOAs are broken like this.

>> Top

Clearing Cache, Cookies, And Active Login Sessions

I've been advising people about clearing cache and cookies, for a long time. Recently, I realised that terminology is changing - and some browsers refer to "cache" and "cookies" generically as "private data". Some browsers also refer to a third type of "private data", as "active logins" or "authenticated sessions".

When you have a serious problem with your blog, like any variant of authentication / login confusion - maybe (for example) inadvertent creation of a second Blogger account, I will probably advise you to

Clear cache, cookies, and authenticated sessions.

Different browsers will offer different menu selections, to allow you to do this.

Here I'll note that when you clear cache, cookies, and authenticated sessions, following my recommendations, you are almost guaranteed to later have problems with Commenting, Logins, and / or Stats. Try clearing cookies selectively, if this option is provided in your browser - and if you understand which cookies you need to clear.

Also note that, in spite of opinions expressed by some blog owners, advice to clear cache, cookies, and / or authenticated sessions only complements other advice to permit third party cookies and / or not clear cookies routinely. Please don't confuse advice to clear content, with advice to adjust your security policy - and permit key services.

With Chrome, you clear private data using the Wrench Icon - Options - "Under the Hood" - "Clear browsing data" wizard. My selections for clearing are:

• Clear browsing history
• Clear download history
• Empty the cache
• Delete cookies and other site data

I do not select, and recommend not clearing:

• Clear saved passwords

I personally do not select:

• Clear saved form data

With Firefox V3, you clear private data using the Tools - "Clear Recent History" wizard. My selections for clearing, in this case, are:

• Browsing & Download History
• Cache
• Cookies
• Active Logins

I do not select, and recommend not clearing:

• Site Preferences

I personally do not select:

• Form & Search History

With Internet Explorer V8, you clear private data using the Tools - "Delete Browsing History" wizard. My selections for clearing, in this case, are:

• Temporary Internet files
• History
• Cookies

I do not select, and recommend not clearing:

• Form data

I personally do not select:

• Passwords
• InPrivateFiltering data (this you may wish to read about)

For consistent results, do not select:

• Preserve Favorites website data

With Opera V10, you clear private data using the Tools - "Delete Private Data" wizard. My selections for clearing are:

• Delete temporary cookies
• Delete all cookies
• Delete password protected pages and data
• Delete entire cache
• Clear history of visited pages
• Clear history of downloads
• Clear bookmark visited time

I do not select, and recommend not clearing:

• Clear all email account passwords

I personally do not select:

• Clear Password Manager
• Delete persistent storage
• Close all tabs

With Safari V5, you clear private data using the Gear icon - "Reset Safari" wizard. My selections for clearing are:

• Clear history
• Empty the cache
• Clear the Downloads window
• Remove all cookies
• Close all Safari windows

I do not select, and recommend not clearing:

• Remove all website icons
• Remove saved names and passwords

I personally do not select:

• Remove other AutoFill form text
• Reset all location warnings

Firefox appears to distinguish between "Cookies" and "Active Logins". If you examine the IE V8 "Delete Browsing History" screen, you'll note the advice about cookies.

Files stored on your computer by websites to save preferences such as login information.

This makes it appear that the equivalent of "Active Logins" (aka "authenticated sessions", in some of my advice) may be simply part of "cookies".

---

If you are reading this article as part of protecting yourself when using a public computer, select everything in the above checklist, when you are closing the browser. Then, if at all possible, reset the computer - either Shut Down and Restart, or Power Off, after closing all open applications. Better safe then sorry.

---

Clearing of "cache, cookies, and active login sessions" is a broad process, and can have unwanted side effects. It's possible to only clear "browser cache", and it's possible to remove cookies, selectively. You'll also want to know how to enable cookies and scripts.

Remember to restart the browser, after clearing any private data, or changing any settings. And note the possible effects, depending upon your Internet service, of cache outside your browser, which you cannot clear. And finally, consider how all of this fits into the topic of Layered Security - which includes filters in the browser, in add-ons in the browser, in applications on the computer, and in appliances on the network.

>> Top

Clearing Private Data Can Cause Various Problems With Blogger

I've been advising people with various problems with accessing and maintaining Blogger blogs, that involve cache and cookies, for a while. Recently, I explored the ongoing problem with Blogger Stats and the "Don't track my pageviews" setting. Besides the known (and widely argued) problem with blocked third party cookies, I discovered a similar problem, with cookies being cleared when the browser is closed.

Besides Stats, it appears that the Blogger login process, and authenticated commenting, are also sensitive to blocked cookies / scripts, and to inappropriately cleared content. If clearing "cache and cookies", which is now generally known as "private data", is part of your browser optimisation or security strategy, you may wish to examine your policies carefully.

If you want to avoid problems with Commenting, Login, and Stats, you need to remove private data, selectively. And after removing cache and / or cookies, always restart the browser.

>> Top

Neither "Anonymous" Nor "Name / URL" Provide Comment Authentication

From time to time in Blogger Help Forum: How Do I?, we see the naive query / suggestion

How do I disable "anonymous" comments, yet permit people to comment using "Name / URL"?

This question is common among blog owners who think that people who comment, providing a blog / website URL, are somehow authenticating themselves.

The only difference between the "Anonymous" and "Name / URL" options is that "Name / URL" (which is selected at the option of the commenter) includes a properly formatted link to the website of the choice, by the commenter. "Name / URL" is still an anonymous comment, because it requires no authentication by the commenter. Any blog owner, moderating comments, should examine any comments, placed using this option, cautiously.

"Name / URL" is simply a convenience for anonymous commenters, to let them participate as in a blogging community. It provides a small substitute for the Google / OpenID profiles linked to, from comments using those options. Unfortunately, unlike the Google / OpenID profiles, anybody can comment anonymously, when permitted - and provide any "Name / URL" that interests them, at their option.

"Name / URL" is not authenticated, and anybody is entitled to enter any "Name / URL" that they wish. If you see two comments, each with the same "Name / URL", that could be one person, or two different people, commenting. If you see two comments, each with a different "Name / URL", that could be one person, or two different people, commenting. You simply cannot tell, in either case, with any amount of certainty.

If you wish to allow anonymous comments to your blog, prepare to accept "Name / URL" accompanied comments too. Just don't attribute any special degree of reliability, to such comments.

>> Top

Buying A Domain For Your Blog Starts With A Working Major Credit Card

An occasional sad story, from people trying to purchase a non BlogSpot URL for their blogs, results from lack of preparation before using "Buy a domain".

I had my domain all chosen, but when I entered my credit card number, the card was declined. I straightened out the credit card problem with my bank - but now, I get

We found an existing order for this domain.

Help me!

Generally, when this happens, we have the blogger clear cache, cookies, and authenticated sessions, and restart the browser. But this uncertainty is unnecessary, if you have a working credit card ready for use, before you start the purchase process. Paying for your new domain is a major part of the purchase process, so plan and prepare.

The "Buy a domain" script is simple, and doesn't allow for easy order changes, or restarts. When you can pick an available domain quickly, the whole thing can be done in maybe 2 minutes. But you do have to be prepared, before you start. Once you start, don't back up, and don't restart. The screens involved don't appear to allow either changes, or interruptions.

If you try to restart a purchase, after straightening out the credit card account, or maybe trying another credit card, you'll likely get an error

We found an existing order for this domain. Please contact support.

Now, you have but two options.

1. Clear cache, cookies, and active sessions, and restart the browser.
2. Wait 2 to 3 days for the purchase to expire, and try again.

>> Top

Ongoing Problems With Stats

The Blogger Stats accessory, which complements established third party products like SiteMeter and StatCounter, has been offered as a Blogger option for a couple months. Already, we are seeing complaints about it's accuracy and functionality.

My numbers don't add up!

and

I can't get it to ignore my visits to my blog!

and

When I check my stats in the late afternoon, I show a number of page views for "today". If I check my stats in the evening (just a few minutes later, maybe), the stats for "today" show zero and the numbers, just seen for "today", now show for "yesterday".

There are multiple discussions in Blogger Help Forum: Something Is Broken, which open with one of the above topics, and which contain "answers" describing another of the above.

Some of these problems are caused by Blogger coding or design deficiencies, others by misconceptions of the blog owners, and still others are cause by security settings on the computers of the blog owners and blog viewers. Until we understand the etiological nature of these problems, they will never be solved.

My Numbers Don't Add Up!

Some bloggers are treating their Stats displays like a balance sheet. They look at numbers by browser, by country, and by post, total up the figures in each category, and observe that they get different totals for each. This they see as unexplained discrepancies.

Unfortunately, stats can't account for more than 10 countries or posts in any time period, for shifting trends over different time periods, or for the fact that there will be pageviews generated for archive retrievals, label searches, and main page activity, as well as individual posts.

The bottom line here is that you should not expect any totals to add up to any definitive figure, such that totals between each category would be expected to balance, like your checkbook.

The Option To "Ignore My Own Pageviews" Doesn't Work

The ability to have Stats ignore activity by the owner requires a cookie which carries this setting, from when you the blog owner select the option, to when you the blog owner surf the blog. The cookie is unique to one browser, on one computer. If you have more than one browser, or more than one computer, you will need to select the option on each browser on each computer.

The cookie must be accessible across domains, since it's created from "Blogger.com", and read from "BlogSpot.com" - or whatever domain your blog is published under. It must also be persistent across browser restarts. The cookie will also be a problem, if you have more than one Blogger / Google account.

When you, the blog owner, use a computer which blocks third party cookies, or which deletes cookies when the browser is restarted, the cookie won't be available to Stats. With Stats unable to access the cookie, your pageviews will be counted by Stats, when you surf your blog. If you login to a second Blogger account, your pageviews will be counted by Stats.

If you share a computer with someone else - either with shared login sessions, or unique system logins - make sure that you are in agreement with the other person, or that you consistently use your own login session. A shared computer, logged in under another person's login, will not have access to cookies that you create, under your login. And if the other person clears cookies, under a shared login, your cookies will be gone.

And note that most anti-virus and firewall suites - and some high end NAT routers - also contain cookie and script filters. Every one of these accessories, that you have on your computer or your network, should be carefully checked.

Block tracking cookies

is a setting that one blogger found enabled, when he examined his firewall suite.

Yesterday Starts During My Evening - Not At My Midnight

From observing the complaints about stats resetting its counters daily, it appears that it's setup to reset counts for all blogs, simultaneously, at midnight UTC (aka "GMT"). Some blog owners contend that it would be more useful to them if the counters for their blogs was to reset according to their local midnight.

Imagining this to be a separate option for each blog, requiring at least 24 separate reset processes (1 per major time zone, worldwide), it's intriguing to imagine how team blogs would be tracked, with various team members being located in geographically dispersed locations, and requiring multiple different sets of numbers for the team blogs. And of course there is the detail of semi yearly local clock resets (aka "daylight savings time" changes, which differ by time zone and by country), and wondering how that would be handled.

I suspect that using the UTC clock, to synchronise all blog resets, is the only real possibility here.

The bottom line here? Just as with some Blogger problems in general, some problems with Stats may start with our computers.

>> Top