Protecting Your Online Data

Advertisement for Norton VPN Dad forwarded an email he got from Symantec today. The subject line was “Breaking: New legislation affects your online privacy” and went on to suggest he could subscribe to their “Norton WiFi Privacy” product to stop his Internet Service Provider from selling his browsing data.

My take is that he should save his money. This is just Symantec doing some very opportunistic, and cynical, marketing. The place where a VPN is most valuable is when you’re using a network you don’t know whether to trust (e.g. the free WiFi at your neighborhood sub shop).

For now at least, Comcast, Verizon, AT&T and probably others are making a big deal about how they’re not collecting/selling your web browsing behavior (though they’re certainly leaving room to change that once the furor dies down — they did after all spend a huge amount of money lobbying against those rules).

Even without VPN, when you visit a web site that uses HTTPS (and more than half of the web does now), your internet provider can’t tell what you did there. They can certainly tell that you visited https://www.mybank.com, but because it’s https:// instead of http://, they can’t tell what specific pages you visited.

USA Today had a good article about some ways to protect your online privacy. Subscribing to a VPN service wasn’t one of them.

String Types

Not quite a year ago, I received a .Net Rocks! mug from Richard Campbell and Carl Franklin after a comment I’d left for a previous episode was read on the show. History repeated itself on Thursday when they used another of my comments, this time one about C++, as the lead-in for the show’s main topic.

Thursday’s show was about a scripting language, chaiscript, that allows you to write scripts in C++ and use them from other C++ projects. (C++ as a scripting language is a neat trick since it’s normally compiled ahead of time and shipped to the user as a binary executable.) It’s an interesting show and you should absolutely give it a listen. There’s also an interesting bit around the 20 mark, talking about the Commodore 64 (I had to idea those disk drives had CPUs).

The gist of my comment was that some of the features added to C++ since I’d last used it sounded rather compelling (particularly “stack semantics” which sound like there’s a sharply reduced need for new and delete, and that even pointers are largely hidden). I still have reservations though because of “scars from working with a half-dozen different, not-quite compatible string types.”

The first web application I ever worked on was a bit of a brownfield product, sharing code for the business logic with a desktop product that used the Microsoft Foundation Classes library (MFC). The resulting web application started off with char * along with the MFC CString class. (That’s two string types right there.)

Because this application ran on Active Server Pages (so-called “Classic ASP”), we soon added the BSTR and CComBSTR types in order to work with COM. And then, every so often, a new “sheriff” would attempt to unify things under a single “standard” class, which meant the introduction of TCHAR, wchar_t *, std::string and std::wstring. (Of course, as we all know, unifying under a new standard just makes things worse.)

So that’s really eight not-quite-compatible string types.

It was definitely a learning experience (if for no other reason than the anti-patterns), but I very much enjoy the fact that the C#, Java, and JavaScript languages only have one string type apiece.