The reading notes record thoughts from things I read. 這網誌是我的一些閱讀後的思考和摘要記錄。My website 我的網頁:

Category Archives: IT Management

HTML5, truce or war

The HTML Hypertext Markup Language is the basis of Internet today.  When it was first standardized in 1990, it mainly defined how the text, hypertext and image should be shown in a webpage by the browsers.  Different kinds of browsers in the markets were able to do more or less the same thing and webpages […]

Online human resource management

There is a saying that human can only organize and manage human resource up to a certain limit.  The limit is about one hundred thousand owing to the enormous effort required to handle such amount of data.  For some very large projects in history, such as building the Pyramid, the Hoover Dam, putting a man […]

The HKEx incident reminder

Horror, horror.  HKEx’s computer system was hacked.  You may think that such security incidents occur everyday and they may not necessarily affect us.  But this particular case has some far-reaching consequences.  First, trading of some stocks was suspended leading to unspecified loss to some.  Second, the possibility of an infrastructure computer system being hacked is […]

Filter bubble

The world is large. There are a lot of knowledge accumulated over thousands of years. There is no way that one could know them all. We could only learn a little. What we learned were selected by others. There are always censorship and filtering of knowledge, perhaps with self-proclaimed good intentions. First we only learned […]


互聯網上消息傳送很快。網上訊息無限,而傳送又不受地域和時間限制,有用的資料隨手可得。但同時無用或虛假的資料亦充斥網上。上星期六(7/5)的新聞透視就報導這一個題目,可以看看警惕一下。網上重播可以點這個連結,通常影片會被保留六十天。 近期最被有心或無知惡搞的題目是日本地震和核子災難。各項傳聞和謠言被仔細研究和追尋來源,一一破解。大部份的來源是中國的博客網站和討論區。這些謠言被照單全收,極速轉載,其中一個原因是中國人對日本的介心,任何風吹草動都以陰謀論看待。但網上其他訊息,有很大比例是不正確或甚至蓄意誤導。除非是飯後笑談,如果你覺得內容有參考價值就要小心檢視證據和尋找另外來源證實。 節目調查了多個虛假訊息的例子,其中有兩個我很久以前已向朋友提出警告。第一個是有一小孩有白血病需要找尋適合骨髓移植,電郵呼籲盡快轉發給他人。原來這個虛假電郵和其改編版本已流傳了十一年,但現在仍不時有人轉發。有一位張博士Dr Cheung回信並貼上標準簽名檔,結果下一電郵變種引述了簽名,還說是張醫生呼籲。結果幾年來Dr Cheung不斷收到詢問電郵。這是人類同情心被利用的一個例子。 第二個是伊院一位醫生說多吃鹼性食物可防癌的電郵,被人不斷轉發。電郵的起源是有一健康食品公司提出另類癌症療法的鱔稿,醫生的名字再在電郵變種被加上以加強誤導。醫生後來澄清文章是虛假,人體酸鹼度和癌症並無關係,伊院亦發出通告澄清;但電郵仍不時被轉發,而澄清通告就很少人尋找。這個個案多是沉迷健康食品和另類療法的人士中招,其中一個心理是以為癌症一定是不治之症的恐懼。 這些事件指出互聯網陷阱處處,請小心使用,有用的傳聞資料要求證。最重要的是不要胡亂轉發不明來歷的電郵給所有人,除非是無關重要的笑話和美麗照片,還先要檢查確定沒有病毒。

iPhone religion

iPhone is successful for a reason. Its hardware and software are not the best in the world. There are many competitors who claim that they are superior to iPhone in their special way, and they are quite true. But iPhone’s success is the smoothness of its operation and more importantly its interface with the users. […]

The Information R/Evolution

I found this interesting video below on the Internet. It is about the latest development of information management, and terms it Information R/Evolution. The video is actually a condensed version of a lecture by Michael Wesch of Kansas State University. The tempo of the video is very fast, presenting a two-hour lecture into five minutes. […]

Online confession

Early this month, Agence France-Presse AFP published a news article on online confession below. It is an incredible initiative which suits the modern fast-food world. People are quite used to interactive voice response services nowadays owing to the advance of the VOIP technology, and its wide adoptions by the service industries. To be in step […]

The confession of a Facebook scam maker

Everyone is social networking. Privacy is dead. Social media are the information jungle where personal data are rife and threats are real. I always advocate: be open and enjoy the transparent information environment, but be careful out there. It is very important to know the risk. So it is really a surprise when I read […]


幾年前發生過數宗網上銀行失竊事件,銀行界極度恐慌,認為網上保安有嚴重問題。當時大家都 對互聯網私隱有疑慮,認為一切措施都有漏洞;其實大部份情況是用者不小心將私隱洩露,或是其所用密碼被輕易猜到。但銀行網上保安因此回歸石器時代,人人要攜帶一個密碼產生器 Token。其理論是網上密碼是你所知道的網上保密方法,而 Token 卻是你手持的保密器具;因兩者並不互通,網上竊匪不容易兩者皆得到。Token 一事越攪越複雜,超越擾民的程度。這個情況我在2005年時已預料,請看看我幾年前寫的博文。 究竟 Token 令人討厭到什麼程度?可以看看下面我的一部份 Token。要找出那一個是正確的 Token來用已經是一件麻煩事。 不久之前,神話終於破滅。新聞報導有網上竊匪可以截取 Token的密碼而犯案。原來人人攜帶的 Token並不完全安全;銀行用了不少資源去購買、分發、保養 Token,又要提升電腦程式去處理 Token密碼,全體客戶都要攜帶 Token;一切功夫原來都是白費。我幾個月前寫過一篇博文評論這事件,提醒大家要小心。 好消息終於來了。經多番投訴和解釋,銀行終於清醒,知道 Token對客戶造成滋擾和有保安假象。有銀行剛推出新的保安方法,可以不再使用 Token。其方法是使用第二密碼,而這個第二密碼並不需要客戶全部輸入,只是隨機輸入密碼的某幾個位置。這個方法可以避免一些木馬程式截取完整的密碼數據,比使用 Token方便而有效得多。銀行更加入數條保安問答題,由客戶自訂答案,以便在有懷疑的情況時再加強核實程序。雖然這仍然不是一個萬無一失的保安方法,但比對起 Token已是一大德政。希望這些新保安方法可以很快被廣泛接納,Token從此成為歷史。