Archive for Technical Writing

Spend more time writing, less time fidgeting with your stupid blog

I really mean it! The whole point of having a blog is so that you can write on it. The design is important and all, but content is king! Quit spending time toying with the borders and the stupid links on the right. Stop trying to get the last 10 comments with commenters names on there. Stop changing the format. Quit upgrading every 5 days to a new software.
All of this simply detracts from the whole purpose of your blog. Write on it. Take some time out during the day to put down a few words. It doesnt have to be profound all the time, nor does it have to sound right. Just make sure you are adding content and not just playing with the way your blog looks. As a matter of fact, I believe that the whole lookie loo thing really does not help at all. A very pretty blog with no content is one that I will never ever visit again and I am sure a lot of other readers feel the same way. People come to your blog for content and stay for content.
I write about all of this because a friend of mine (I wont mention who) has actually started writing some good content on their blog, content that makes sense and is interesting reading! Did you ever watch Doogie Howser MD as a kid? I know I did and I was really jealous of the diary entries he wrote on his computer at the end of every episode. Leaving pretentious quotations aside, content can be something as simple as memories of the day to as complicated as RDF bashing and beyond.
On that same note, Jennifer has started writing some really interesting articles on her own blog. Check her out sometime when you get the chance. Her last post about colon cancer in females is very interesting.
In other good news, I have my Nikon D70 and I am giddy!

“Computer Science” Versus the Real World

Why did I get into a master’s degree program? I had hoped to learn new technology, learn about the insides of existing technology and to learn and practice some advanced programming. I have been in the program for about two years now, and I can safely say that every bit of my education that has to do with recent technology, has been from work that I have done outside of school or at least outside of classes taught in school.

That is a sad revelation. I am on the second highest level of Computer Science education possible. I have learnt little in school. Where are the professors and classes that pertain to real world computing? Why are all the gurus and technology innovators outside of educational institutions? Where are the Mark Pilgrim, Phil Ringnalda, Joel Spolsky and Jakob Neilsons of the educational world? Why are we teaching classes about Ada and Cobol instead of classes on (developing) programming standards and .NET? Let me give you some examples.

I only signed up for classes which sounded interesting to me. Two of the most fun classes were advanced database systems and wireless networking. However, if I had stuck to the information taught in the class, I would have learnt very little of present technology. In our wireless networking class, we learnt about call centre routing and advanced prediction systems for wireless networks. We were told that these were the basic constructs of wireless networks and it was really important to learn before jumping into contemporary technology. I played along till there were only four weeks left in the semester. We had not talked about any present technology yet. I finally decided to make up my own project so I could learn something of consequence from the class. I did some work on 802.11b and Bluetooth co-existence problems. But where is the beef?

I could go so far as to say that if I had worked with Phil Ringnalda, Joel Spolsky and Matt Mullenweg for the past two years (instead of going to school), I would have learnt more and would be a much, much more capable computer scientist. (I already have learnt lots from them just from associating with them) My physics education tells me (and furiously prompted me) to work with the cutting edge of technology. I had been pushed to find new ideas to explore and forced to think outside the box. I worked with three seperate research projects while at The College of Wooster. All three of them dealt with cutting edge technology either from NASA or from OARDC. I was learning about things which we talked about and heard about everyday. I have compeltely missed that in my present education.

There is another arguement often used. Higher education is designed to be supplemented with real world knowledge and the more you learn outside, the richer your own educational experience. That is a load of crock coming from people that have stopped learning themselves and are unwilling to work any harder to learn the new technology and adpot it in their teaching. If a student is forced to learn everything that is worthwhile on their own time, what is the point of going to school? There needs to be some serious rethinking of education and educational objectives!

So, are we producing truckloads of “dumbed down computer scientists” (with arcane ideologies) who are supposed to lead the technological future of this country and of the world? Are computer professors and scientists worried about the usefulness of their work? Am I spending oodles of money to just get the “masters degree stamp” on my forehead? Is the computer science profession on its way out? To be replaced by the free-thinkers and self taught gurus?

I might be jaded because I went to school that is really short on money and does not have a very good computer science program. Are other Universities the same way?

Matthew Mullenweg denounces LockerGnome’s new design and the lack of web standards

Here is a link to Matt’s post about “Code is Food“.
I absolutely adore the “one more won’t break the web” analogy coming from some of the people who have left comments on that post! That embodies the difference between people willing to get off their asses to make a difference and people trying to justify the problem and ignoring the issue at hand. Sweeping the problem under the rug because all the cool kids are doing it” is not an acceptable answer for a programmer, technologist and/or a web solution developer.
This post represents Matt’s opinion. He believes in clean, compliant code and works dilligently towards promoting the cleanliness of code structure and most of his work is representative of the same. My refute to the people against Matt’s views is that, LockerGnome has a large viewership and should be on the forefront of web technology, embracing rather than deprecating the nuances of proper web coding procedures.
There were some other really interesting comments on that post, some coming from people that I *had* a fair amount of respect for in the past. Some wanted to rewrite WordPress in Java (I say, go for it!). Others expressed their derision of WordPress and PHP. However, the most interesting comments are the ones from people actually standing up for LockerGnome and the lack of web standards in the new design.

All of that having been said, I will blushingly add that my own code on this blog is not standards compliant. I have no interest in staying up late nights to make it standards compliant. If it happens, it will happen in its own sweet time. However, I also do not run a website that is considered to be one of the fore runners of computing technology, nor am I that famous or important. :)
I know … excuses, excuses … maybe once this thesis is done.

Credit Card History and Online Credit Card Fraud

I have been working on my thesis for a long time and I wanted to give everyone (especially my parents, who have been antsy to read it) a glimpse of what takes up most of my time nowadays.
Here is a part of the Introduction…

The concept of paying for goods and services electronically is not new as some part of almost every payment that we make is completed electronically either through the Internet or through private communication networks such as telephone lines or dedicated networks. Since the inception of modern computer networks early in the 1970s, there have been many proposals and schemes for payment systems that span across electronic communication networks [ ]. Although many of the concepts of these schemes were incorporated into later production systems, most of these schemes never got off the ground. The problem was that these methods were useless for merchants and businesses that were not directly connected to the private network of that financial institution. These private networks were expensive to implement and maintain and thus out of the reach of small and medium sized businesses. The advent of the Internet removed this obstacle to the progress of e-payment systems. The freedom of communication through the Internet was a great boon to the e-commerce industry.

The Internet is a network of networks which was put together late in 1970s as a method of sharing information between computers. This small and relatively unknown technology has grown exponentially into a global medium. Figure 1.1 is a good estimate of the Internet’s growth in the past few years. By January 2003 the estimated number of computers hooked to the Internet had increased to over 170 million. One estimate from NUA Internet Survey Group puts this total number of unique Internet users at a little over 600 million people worldwide [ ].

This growth can be attributed to the availability of the World Wide Web (WWW) and the ease of information retrieval that the WWW offers. The integration of multimedia, the simplicity of point and click operation and the false sense of anonymity are also considered to be prime factors for the increase of the webs’ popularity. Surveys of Internet users suggest that the average Internet user has a much larger spending power now as compared to a few years ago and people are much more willing to spend their money using the Internet today [2]. This fact is well understood and exploited by businesses and industries as they try harder to woo a global Internet audience [3, 4].

With the growth of the Internet, businesses that are trying to sell merchandize on the Internet have also increased at a large rate. The most popular goods sold on the Internet are computer hardware and software, books and CDs and travel [4]. This financial marketplace that exists between businesses and consumers is known as the Business to Consumer (B2C) e-commerce. In the United States alone, B2C spending was estimated to be about $7.7 Billion in 1998, $17.3 billion in 1999 and $28 billion in 2000 [2]. Another type of online business that sells and purchases to businesses is termed Business to Business (B2B) e-commerce. These on-line marketplaces focus on bringing together companies which need goods and services from each other. This sector has grown larger than B2C in the last few years2. Some reports suggest that B2C e-commerce generated over $226 billion dollars worth of business in 2000 and an estimated $2 trillion dollars in 2003 [ ].

Early commerce on the Internet was performed through offline payment methods. As the industry and the web has matured, websites and vendors have found many different methods to gather information about credit card and payment details for their sales from forms embedded in web pages and process this information through electronically through organizations setup for the purpose of collecting and remitting credit card transactions. These organizations have come to be known as Acquirers. In many cases, the payment data from forms were downloaded to merchants’ servers without much regard for security of the clients and were processed through conventional methods before the purchased merchandize was finally shipped. This was a very precarious method of accepting payments and with the growth of marketplace and the lack of proper security procedures, crime and theft related to credit card transactions became more prevalent.

The first edition of Electronic Payment Systems was published in 1997. This publication contained various new electronic payment methods that had been developed in academia and industry. Some of these early systems were quickly launched into the market but they failed to become popular enough to be widely accepted. The market leaders of these systems included companies such as First Virtual Inc., Cybercash Inc., and Digicash. These payment systems saw extensive deployments and were thoroughly analyzed by the media. However, most of these companies failed to turn profits and were forced to go out of business, thus rendering their systems obsolete. Partly due to the failure of these alternative methods of accepting payments on the Internet and partly due to the popularity of credit cards, credit card issuing banks and credit institutions funded research into development of credit cards transactions over the Internet.

Credit card based e-commerce was integrated into B2B and B2C financial transactions. Conventional card processing methods were modified to suit the online community and new online credit acquiring companies were started. Along with credit cards, a few of the electronic payment pioneers managed to make their niche in the e-commerce markets. Most recent e-payment developments include the use of mobile phones and handheld wireless devices such as Radio Frequency Identification (RFID) technology. This method of paying for purchases using mobile phones or wireless devices is called Mobile Commerce (M-Commerce). M-commerce has the potential of becoming a very large industry and many payment technology providers are already in the process of implementing very viable solutions which are secure and easy to use.

According to BizStats.com, there are close to two million web pages on the Internet accepting currency through the electronic medium and offering their services to online customers from all over the world. Neilsen//NetRatings Online published that online consumers spent over $18.5 billion during the 2003 holiday season. This spending was up 35% over that in 2002 [ ]. According to analysts and financial advisors, this is the third straight season of record growth of online sales and commerce which indicates that online retailers are doing a much better job of appeasing their customers and making good use of their advertising and security resources. According to another report by Goldman Sachs and Harris Interactive, in the course of 2003, overall satisfaction levels for online shoppers increased five percent over satisfaction levels from 2002. During the technology hype of the recent past, electronic commerce flourished to unprecedented levels to become one of the most preferred methods of doing business. Businesses are considered to be less productive if they lack an online presence and an e-commerce storefront. The freedom, speed, anonymity and global accessibility of the Internet promoted real-time business which can be conducted from the comfort of a living room with people from across the world. This is fueled by tremendous advancements in information technology accompanied by increased versatility and permeation of online financial transaction tools such as PayPal and Discover Online.

However, this popularity of the medium also promotes criminality. The versatility and permeation of e-commerce systems in our society puts personal information at a greater risk of being covertly gathered, analyzed and misused. A recent article published on Internet.com reported from The Federal Trade Commissions report that online scammers and thieves robbed Americans of more than $437 million in 2003 [ ]. Most of this money was misappropriated using stolen identities, fake Internet auctions, and fraudulent shop-at-home schemes. There were an estimated half million complaints during the 2003 financial year and this was a 40% jump over the 2002 number. This article also suggests that a large 40% of these complaints were due to identity theft. This estimated number is considered to be less than the real statistic because a 60% of those affected by online fraud do not contact the proper authorities to report the theft. However, the part of this report that is most relevant to our discussion is that the most common identity theft perpetrated was related to credit card fraud and through stolen credit information. Figure 1.2 displays some the other statistical figures from the FTC and Internet.com report.

Fraudulent credit card transactions cost online merchants many millions of dollars annually. This raises the losses and thus increases the cost of doing business online. The increased risk of online business makes it more expensive to assure a certain level of security and consumers and merchants are more wary of each other as a result, thus reducing the propensity of doing business.
Internet-Related Fraud
Complaints by Consumer
Age, 2003
19 and under 4%
20-29 23%
30-39 27%
40-49 25%
50-59 16%
60-69 5%
70 and over 1%
Note: Percentages are based on the total
number of Internet-related fraud complaints
for the year whereconsumers reported their
age (115,433)
Source: FTC
Top Products/Services for
Internet-Related Fraud
Complaints, 2003
Internet auctions 48%
Shop-at-home/Catalog sales 20%
Internet access services 8%
Internet info and adult services 6%
Foreign money offers 4%
Computer equipment/software 2%
Business opportunities 2%
Note: Percentages are based on the
total number of Internet-related
complaints for the year (166,617)
Source: FTC

Figure 1.2: Internet Fraud Statistics [4]

Credit cards are the preferred method of modern consumer payments. These credit card transactions exchange sensitive financial information through arcane channels which were designed for face to face transactions. However, with the changing nature of business, the recent growth in technology related crimes and the hesitation of people to release personal information on the Internet, the demands on research and development for new, further secure, easier and more anonymous methods of accepting payments on the Internet, has increased tremendously.

This thesis proposes the development of a smart card based credit card system that protects the privacy of its users and increases the security of card transactions by reducing the exposure of purchase information to third parties. This system allows a user to pay for merchandize with a payment system that actively protects their privacy. Our system combines existing smart card technology with cryptographic elements to reduce the amount of information exchanged in order to validate a credit card transaction. The design idea for this system focuses on the hesitation of consumers to spend their money on the Internet due to the fear of having their identities stolen. A report from GartnerG2 published in 2002, shows that over 60% of online adults in USA do not do business through the web because they fear for their financial security and privacy [ ]. The Information Technology Association of America found that over 70% of Americans are very concerned about the dangers of online purchases and fear that their credit card numbers and other personal information might be stolen in the process [ ]. So, online credit card security concerns are very real and they prevent a large percentage of users from using this technology to buy products and services over the Internet.

Failure of smart card based credit card systems is attributed to the complexity of the systems and the up front cost of implementing them [1]. Smart card based credit card systems also raise new questions about credit card laws and regulations because of the new algorithms and hardware involved in such transitions. Smart card solutions that are already in use are proprietary in nature and are not valid beyond certain geographical boundaries. This turns users off from these systems. Further research is required to develop payment systems which are easy to use, work well with existing technology, retain some of qualities of existing payment methodologies and reduce the risk of fraud.

To address the rising crime against credit card transactions, VISA and MasterCard have jointly developed the Secure Electronic Transaction Protocol (SET) in 1997 which was later refined into the 3D SET model [ ]. Though the development of SET was well accepted by the credit card community, the implementation of this protocol is still lacking [9]. Complexity of the system and cost of implementation have been the limiting factors. Various publications in past few years denounce the data aggregation properties of the original SET and have proposed revisions to the protocol [ , ]. These revisions range from stronger encryption [9] to modified routing methods [10] to prevent data misuse. These revisions are directed at modifying the transaction process to increase security. However, they still depend on using imprinted credit cards which do not contain and cannot independently process electronic data to increase security.

Here is a part of the history of credit cards…

Origin and Development of Credit Cards

Early in 1914 Western Union gave some of their prominent customers a metal card to be used in deferring their payments without interest on services used. This card became known as “metal money” . Till the beginning of World War II, department stores, oil companies, communication companies and travel and delivery companies issued cards to their customers in exchange for a promise of deferred payment. The Second World War saw a decline in the credit card industry as credit cards were banned during the war.

However, at the end of World War II, credit cards became more accessible to the general public. With the general increase in spending through charge cards for travel and other services, banks became interested in the prospect of credit cards and saw them as a preferred method of processing money lent out to consumers. In 1951, the Franklin National Bank of New York issued the “Charge It” card which could be used at local and retail establishments. These card transactions were authenticated by the bank at the time a purchase was made. The vendors were reimbursed for their sale and the debts were collected from the card-owners at a later date. Soon after, Diner’s Club released their own charge card which could be used for travel and entertainment. These Diner’s Club cards were designed to attract traveling business people who did not want to carry a lot of cash with them in their travels. Diner’s Club allowed its cardholders up to 60 days to make the payments for their purchases.

Most of these credit cards were limited by their payment options until the first “revolving” credit card was offered by the Bank of America. This card was called the BankAmericard and was marketed all across the state of California. This card gave card holders the option to either pay for their purchases in bulk at the end of the month or pay in monthly minimum installments with interest. The concept of repaying a loan in small monthly installments for purchases made with a credit card became popular with the cardholder population and fueled the credit economy.
By the mid-1960s the process of issuing and processing credit cards had become too much for the banks to handle by themselves, as a result of which, bank card and credit card associations began to emerge12. The most prominent among these credit card organizations were the InterLink Association and the Western States Bank Card Association. The increasing complexity and volume of credit card transactions also led to the increase of credit card fraud. Early in the 1970s, electronic authorization methods for credit card were introduced to merchants and vendors for the first time. Electronic authorization allowed credit cards to be used internationally and most transactions could be completed within minutes and at any time of the day and night. This added to the popularity of credit cards and increased their scope and versatility. The early 1980s saw the introduction of ATM or automatic teller machines which could be used to deposit and withdraw cash 24 hours a day throughout the nation.

In 1970, Bank of America gave up control of the BankAmericard program. BankAmericard Issuer banks took control of the program, creating National BankAmericard Inc. (NBI), an independent non-stock corporation, which would be in charge of managing, promoting and developing the BankAmericard system within
the U.S.

Outside the U.S., Bank of America continued to distribute licenses to banks which allowed them to issue BankAmericard. By 1972, licenses had been granted in 15 countries. In 1974, IBANCO, a multinational member corporation, was founded in order to manage the international BankAmericard program. In many countries however, there was still reluctance to issue a card associated with Bank of America, even though the association was entirely nominal in nature. For this reason, in 1977 BankAmericard became the Visa card, retaining its distinctive blue, white and gold flag. NBI became Visa U.S.A., and IBANCO became Visa International.

Does technical documentation need to be bland and structureless to be more technical?

This is the first in a series of posts about technical papers and technical writing

Here is a technical article written by Joel Spolsky called Painless Functional Specifications It is a multi-part article that I had to read for my Software Specification and Design class. I thoroughly enjoyed it and have continued to follow Joel’s writings ever since.

Here is an IEEE paper called “The Physiology of the Grid: An Open Grid Services Architecture for Distributed Systems Integration”

To be completely fair (and well, for this argument to be really valid) the second piece is designed to be a technical “paper” that is submitted for publication to a technical journal or publication (IEEE in this case). Thus the extremely technical jargon and the familiar “paper” structure. In case you want to participate but are worried about the papers, you really do not have to read through those articles to understand my point of view. Just read a couple of paragraphs on each.

I really like Joel’s flippant style, his inclusion of concrete examples and his method of delivery. The second paper is cumbersome, difficult to read and even more difficult to absorb. I find any peice of writing to be useless, if reading it would mean pages and pages of incomprehension and would require a huge effort to stay awake.

I have been having a debate (inside my head of course) on how to fashion my own papers’ authorship. I am caught between professors suggesting that the use of adjectives (that are not supported by thoroughly documented, concrete proof) are unacceptable in technical papers and my own style of writing which involves thought provoking dialogue and allusions. I have been told that colorful language based explanations and descriptions do not belong in a technical paper.

I have had to read many papers in school. Let me rephrase that. I have had to labor through many papers in school. Even though the subject matter was exciting, reading most of those papers took considerable effort and led to patchy comprehension. Consequently, absorbing and later using that information was simply painful.

Having been through this pain, I shudder to think that my own work is going to turn out to be this way. I have had some support from professors encouraging me to write the way I want to (as long as I maintain some boundaries) and I am hoping that my work will be different, however slightly.