2010-05-22
How I fixed Google's search results redesign
I really dislike Google's redesign of their search results, because they commit one of my great irritations; they put site navigation on the left side (where it cuts off content in narrow windows) instead of on the right (or on the bottom, or nowhere). After a few days of staring at the new design and grinding my teeth, I decided to fix it.
Since I use Firefox, the modern way of fixing this is probably a Greasemonkey script. However I don't use Greasemonkey for various reasons; partly because I use NoScript and I don't know how the two would interact, and partly because I've never wanted the kind of high-powered rearrangement of web pages that is Greasemonkey's stock in trade (if a website needs that much rearrangement to be nice, I'm not likely to use it to start with). So my weapon of choice in this situation is the Stylish extension, which lets me add and override CSS settings.
(The drawback to Stylish is that it only really works well if the website has annotated their HTML with class and ID labels, so that you can precisely target your CSS restyling. Fortunately this is usually the case when people are doing obnoxious styling tricks that I want to override, since they're usually using CSS to style things in the first place.)
The problem with Stylish-based alterations is figuring out what to change, which requires reverse engineering the HTML and CSS to see what creates the bad design in the first place. Usually I can read things by hand, but Google uses such densely packed HTML and CSS that I gave up and temporarily installed Firebug and used it to pick through the mess. The net result is the following Stylish style:
@namespace url(http://www.w3.org/1999/xhtml);
@-moz-document url-prefix("http://www.google.com/search") {
div #leftnav {display: none !important;}
div #center_col {margin-left: 0px !important;}
}
For the most part this is brute force CSS bashing; it first deletes the
left navigation area and then overrides an attempt by the search results
to keep reserving space for it. The most useful thing (and a feature not
directly exposed by Stylish) is using the url-prefix option to force
this style to apply just to Google search results instead of everything
at Google.
(See the @-moz-document documentation for a tiny bit more on this. Stylish directly exposes the other two options it has.)
2010-05-08
SSL certificate vendors are selling a commodity
Here is something important to understand about SSL certificates in practice: regardless of what SSL vendors tell you and how they try to market themselves, they are fundamentally selling a commodity, namely SSL certificates that work in all significant environments and browsers.
(If they are not selling this commodity you don't want anything to do with them unless you have very specialized needs.)
Some vendors will present themselves as more trustworthy, but this is hogwash. No user actually notices what vendor you use; you are lucky if they notice that you are using SSL (or that a phisher is not using SSL). What you have to worry about with vendors is basic competence issues and terrible business practices, not 'trust' as such.
Thus, when you are picking a SSL certificate vendor you can approach it just like buying any other commodity. Pick the one that actually works, has the lowest combination of price and irritation level of dealing with them, and that you can stand giving money to (or dealing with at all). There's no point in paying extra; you're just getting marketing.
(It is worth paying extra for less hassle. Hassle costs time and energy, and your time and energy has a real monetary cost (well, usually), so you can easily come out ahead overall.)
At the same time, a typical organization is not exactly spending large sums of money on SSL certificates in general. So if you find a SSL vendor that you actually like or that is (especially) easy to get people to pay for, you might as well use them even if they're more expensive than others. When you are talking about less money than the typical office coffee budget, well, why not?
One important corollary of SSL certificates being commodities is that you should expect SSL vendors to behave like commodity sellers. In particular, expect no customer support no matter what you're promised.
(As you can tell, I do not have a very flattering view of SSL certificate vendors so I do not expect very much from them and I certainly don't expect to find one that I actually like.)
Sidebar: on SSL CA security (or lack thereof)
In theory you have to worry about a vendor's security, but in practice SSL certificate vendors can fall down on the job fairly badly and still not be removed by browsers. In fact, I don't think any significant SSL CA has ever been de-certified by any browser. And the general marvels of the SSL certificate system means that the effective security of your SSL certificate itself mostly rests on the security and good business practices of every SSL certificate vendor, since a certificate from any of them will let an attacker impersonate you. You can guess what this means in practice.