January 2007
Jan. 15, 2007
CSS library for Python (via) “A Python package to parse and build CSS Cascading Style Sheets. Partly implements the DOM Level 2 Style Stylesheets and CSS interfaces.”
The Django newforms-admin branch. This should make customising the Django admin application a whole lot easier.
Free VMware Server in action. I’m interested in reading more case studies of Virtual Machine deployments in the wild.
Five things you may not know about me: 1. My PIN number. 2. The root password for my computer. 3. Where I put the front door key. 4. My sexual peccadillos. 5. What I’ve got in my pocketses.
jQuery 1.1. jQuery is one year old. The latest release features API improvements and some significant optimisations.
Jan. 16, 2007
As software architects, power consumption is now squarely in our camp to manage. There is plenty we can do to improve the quantity of power our data centers consume. [...] This is not just a hardware problem any longer.
OpenID users can be just as trusty as local users. Martin Atkins makes a similar argument to my own: OpenIDs are trustworthy, provided you subject them to the same authentication steps (CAPTCHA/e-mail validation) as regular users.
How can my non-tech-savvy Mum maintain her own website?
Here’s a trick I’ve used in the past. Find a simple wiki package (I used Tavi). Install it, twice. Point both installations at the same backend database. Now password protect one of them with .htaccess—that’s the one that gets used to edit her site. Make some simple template modifications to the other one to make it not look like a wiki—remove the edit links (and delete the edit saving code for good measure), configure it to display WikiLinks with spaces in the middle, then add the site’s navigation around the top. This wiki will be the public site.
[... 216 words]New Dutch accessibility law. Sounds extremely forward thinking, designed by people who really understand the field. Just one problem: the guidelines are only available in Dutch!
Gmail Atom feeds. Could be useful as a pipe for creating an e-mail interface to an existing Atom-consuming application.
Jan. 17, 2007
MySpace: Too Much of a Good Thing? CSS customization really was just the result of forgetting to strip HTML. They “eventually” decided to filter out JavaScript(!)
Inside MySpace.com. Case study of scaling against a network effect. Includes pretty honest coverage of the mistakes made along the way, although the article was put together second hand from conference presentations rather than from interviews.
Mono-based device wins Best-of-Show at CES. “The Sansa Connect is running Linux as its operating system, and the whole application stack is built on Mono, running on an ARM processor.”
FIPA Abstract Architecture. Bill de hÓra shows how the work of the Intelligent Agents community relates to SOA / WS-*. We studied FIPA at University and the parallels to parts of the Web Service stack are pretty interesting.
Jan. 18, 2007
Planet OpenID. Aggregating news about OpenID—surprisingly high traffic.
Visual Security: 9-block IP Identification. Smart (and pretty) trick for showing a representation tied to a commenter’s IP address without affecting their privacy.
Jan. 19, 2007
The NHL’s All-Star voting disaster. The NHL ran an online poll to decide which players are picked for their All-Star Game. The only authentication was a poorly implemented CAPTCHA. Unsurprisingly, it got gamed.
MySpace Blocking Widgets? Making your business dependent on revenue from MySpace is sharecropping of the worst possible kind.
Introducing: World Explorer and TagMaps. “Can we automatically extract information from Flickr geotagged images to create a rich visualization of the world we live in? The answer is: you bet.”
TagMaps. The toolkit behind the new YRB World Explorer, available to developers as a reusable Flash component.
Solving the OpenID phishing problem
Most of the arguments I hear against OpenID are based on mis-understandings of the specification, but there is one that can’t be ignored: OpenID is extremely vulnerable to phishing.
[... 531 words]Links to academic papers on phishing. Posted to the openid-general list by Mike Beltzner.
I can also sum things up for you even more succinctly:
- users are task oriented, driving to complete the goal the
quickest way possible- users pay more attention to the content area than the browser chrome
- users don't understand how easy it is to spoof a website
Jan. 20, 2007
MonsterID as Gravatar Fallback. Cute monsters created using a trick similar to Don Park’s 9-blocks. I like these more than gravatars.
XMPP OpenID server. An OpenID provider that sends you a Jabber message when you try to log in, to help guard against phishing.
Fork JavaScript. A great name for Yet Another JavaScript Library. This one tries to combine the best bits from YUI and Prototype.
Jan. 21, 2007
Phishing and OpenID: Bookmarks to the Rescue? Ping extends my proposal to use bookmarks as the principle authentication mechanism, resulting in a system that is much easier for people to understand.
Anonymous OpenID. A mailinator-style service for OpenID. I’m glad someone’s built this; it reinforces the idea that an OpenID should not be trusted as an account without first using a verification step.
Jan. 22, 2007
Social whitelisting with OpenID
A key feature of OpenID is that it provides a globally unique identifier for every user, no matter what site or service they are using on the Web.
[... 502 words]