Web development:

It seems as if we're slowly adding more and more languages to the web development mix. We had HTTP and HTML, then we added JavaScript for scripting and CSS for styling, and we also have XSLT for transformations, XML for data transfer, and not including MathML and SVG, oh my! One client-server protocol, one markup language, one declarative expression language, one scripting language, what is the world coming too?

(I should add, for the benefit of any Microsoft coders out there: if you don't get support MathML and SVG in IE right soon you'll end up displaying GIFS and loading klunky Adobemedia plugins when the rest of the world is dragging and dropping formulas and vectors, not to mention serving all this stuff inline that not even a plugin will help you with, no siree. - see Paul's comment below

Should I get worried? Well, I know all this stuff, so no. Also, it is still easy to get started. You don't have to know HTTP to know HTML, which is the substrate upon which the rest is built.

Also, I would add that we've got these things for a reason: having played around with REST XML APIs + JavaScripting XSLT + CSS + XHTML, I have to say that this is a sweet combo that makes me emit an evil laugh everytime I do something ridiculously complex in ten lines of JavaScript.

Anyway, this leads me to the conclusion that a) dumping XML on the client for transformation is not intrinsically wrong, b) JSON-RPC is nice, c) passing HTML clips via XMLHttpRequest is not an ideal situation but works.

Also, despite me not working on Gradient for ages, I still believe that the web is missing a real-time control channel and the ability for clients to communicate more-or-less directly with each other, and that XMPP is the solution to that.

What's changed is that Firefox 1.5 supports SVG now... I'm thinking of digging up the old and obsolete JiM or fiddling with Mozchat and seeing if I can wire either of them directly into the DOM.

When creating DOM-related library / utility functions in JavaScript:

Using document to do stuff like createElement is a good idea 99% of the time, and the other 1% of the time, guess what - I've loaded an XMLDocument from XMLHttpRequest. Therefore, take your operand element and use element.ownerDocument to construct stuff.

This advert was paid for by the Council for Prevention of Headaches in Web Developers.

Attention Java webapp developers: No JSP in your JavaScript.

This has been both a confession and a public service announcement.

Trust me, it's a bad idea, except maybe to rewrite the odd URL...

Before somebody else says it:

I get the sinking feeling that half a dozen bugs that I've observed will turn out to be unreproducible, and therefore my fault, and therefore yet another case of hubris on my part. Oh well, such is life.

One more annoying IE6 bug:

Assuming this CSS:
div { border: solid black 1px; }
And this HTML:
<div id="foo" style="background-color:lightgrey; border:solid red 1px">...</div>
When I evaluate $("foo").style.border=""; I expect to see a div with a light grey background and a black border. And lo, Mozilla doth fulfill my expectations, whereas the venerable IE nuketh not only the element-level style declaration, but also the entire cascade of styles applied heretofore, despite MS and IE having INVENTED Cascading Style Sheets.

Much as I sympathize with frustration at the W3C's glacial process of standards-making (in 'net years), it does seem as if people who don't pay attention to standards bodies end up producing products markably inferior to develop for than those who do.


The only cross-platform way to add dynamically parameterized events to DOM elements:

To explain what I mean. This is static:
<div onclick="foo()">...</div>
This is dynamic, unparameterized:
div.setAttribute("onclick", "foo()"); //not in IE6


div.onclick = foo; // works everywhere
This is dynamic, parameterized (and works on Mozilla):
div.setAttribute("inclick", "foo(this, 1, 2, 3, 'bar')")
This allows you do do stuff like construct your function as you would a string. But you can't do div.onclick = foo; and pass arguments as well. So you have to do this:
div.onclick = function() { foo(this, 1, 2, 3, "bar"); };
Which basically creates an anonymous function each time it's evaluated. If you want to construct your function call as a string, do that and then use eval(). (I would also add that if you have to do that here, you have bigger problems than dynamically parameterized events.) But hey, it works.

You might wonder why I'm passing this when I could use the event target instead. First, getting the event target is non-cross platform, and second, I might want to do foo( $("id") ...), which again is more cross-platform than fireEvent or whatever.


The earth goes round the sun, the moon goes round the earth, JSP sucks.


So anyway, although I do realise that JSP came a long before MVC was applied to webapp development, but WTF is a templating solution doing setting the MIME type on my response?

This is not even taking into account the stupid, stupid, requirement to compile JSPs into Java files and then Java classes, meaning that there are twice as many places for compilation errors, and twice as many places for logical errors, and a PIA to write a decent IDE for, Hell! JSP is never a good idea. But it's standard.

Ingredients for a seamless iframe with no border in IE6:

In most webapp development, you don't want to draw attention to your techniques - iframes are a good example, you don't want a "look ma, a page within a page!" feeling, you just want it to display and look & feel like the rest of your app.

In FF this is easy: the CSS is "iframe {border:0;}". Naturally, this also applies to stuff you add to the DOM via scripting.

In IE, it's a complete pain in the ass, as usual. Not only do you have to set the old-style "like it's 1999!" attributes as follows:

iFrame.setAttribute("border", "0");
iFrame.setAttribute("frameborder", "0");

you also have to set the style on the body of the iframe you loaded, as follows:

body {border:0;}

As if there was any other circumstance in which the border style of your body affects the container. Grr.


More IE quirks: "This page contains secure and non-secure items. Do you want to display the non-secure items?" when using iframes in https web-pages

This one is more google-able than the ones I've noted down below, but anyway: the gist of the issue is that iframes loaded into a secure page with an src attribute of "" (an empty string) or missing, or "about:blank", are treated as insecure.

This is done when the iframe is going to be filled dynamically via javascript or equivalent.

Since network sniffing doesn't show any non-ssl HTTP requests, this one might be a bit of a pain to debug, were it not for the users of a a wysiwyg/textarea replacement project who reported the problem on their forums.

Anyway, the solution is to use src="javascript:;" as an initial value, which is apparently secure enough for IE not to throw an error message in the user's face.

1/12/2005: This also appears to happen with <object>s, with a codebase that is not https, and that sucks.


The world is beautiful place to be born into...

Read this.

Best heard read in "unforscene - the world is", and is (like life itself) both uplifting and depressing. Yay.


Crushing all in it's path

So it's become increasingly evident to me that the the hour at which Ruby on Rails proceeds to stomp all over 80-90% of all Java webapp development is coming closer and closer, if it hasn't got here already.

As a developer, who's been online for ages and a computerphile for even longer, seeing whole fields of technology and millions of man-hours of work obsoleted in a period of months is something I've seen over and over again, so I knew it would inevitably happen to my own sub-sub-field.

And so, as a Java webapp developer, this necessarily requires a response, such as (for example) moving to RoR myself. I can do that if I have to, no problem, in fact I'd kinda look forward to it.

However, I'd like to make one thing clear: to anyone who claims that RoR can do things Java can't, I would politely request that they renew their acquaintance with the concept of the 'Universal Turing Machine', and then come back an re-examine those claims in the light of their newfound knowledge.

</snide>. Myself, I've also seen plenty of reaction from the world of Java, starting with things like Trails and Sails, and continuing with the various solutions that have been welded ontop of existing frameworks.

However, this is not enough to prevent Java's obsolescence in this field. All these solutions so far have been reactionary, and while it's good that the world of Java can readily admit influence from outside sources, all these solutions, by virtue of being copies or tributes to the original, cannot help but serve as a mere reflection of the power of the original.

(It's also worth noting that Python, Perl, Lisp etc. all had their Rails knock-offs months before Java did.)

Firstly, there are interesting ideas that don't exist in RoR. Of all of these, the most interesting by far is continuations.

Put simply, Spring Web Flow and Apache Beehive both encapsulate page-navigation workflow through the construction of state machines, similar in principle to directed state graphs, and influenced to a certain extent by JSF. [Web Flow does actually support continuations, I've just discovered.]

This is one way of expressing logic. However, logic is far better expressed in (guess what) a full-featured programming language, which will always be richer than any configuration file. This is what continuations should be used for. Construction of wizards, guides and sub-sequences could hardly be more natural.

Secondly, the (at least) two areas in which RoR is indisputably king is in inferring webapp structure from database structure, and in the all-important zero-turnaround time. Neither of these are impossible to do in Java, but I'll take them in turn.

Firstly, ActiveRecord. What is it that RoR does? Simply put, it makes the database the 'center of authority' (CoA) for the structure of the web-app. It infers what it can, which is usually 90% of what is needed, and lets the developer add the finishing touches.

Trails is similar in that it uses the business object model (BOM) as the CoA, and uses that to generate both the persistence (database) and the frontend webapp. This is in keeping with the Java view of keeping the semantic discussion at the object level instead of the DB level.

However, Trails also requires you do use annotations, which assumes that you have control over the source of your BOM, which in many cases isn't true (SOA-based methodologies can mean that you're simply the client of a different division, and that your BOM is generated from WSDL/XSD). This isn't a problem, Trails could just as easily use reflection to infer all the stuff that the tags point out to the framework.

Secondly, zero-turnaround time. Template-wise, Java already has this because JSP is recompiled when the source file changes. Personally however, I think JSP (1.x) sucks, and the whole idea of compiling markup templates into .class files is braindead, so I won't rely on this example too heavily, but nevertheless it proves my point.

WRT. zero-turnaround Java, in the traditional webapp this is of course not possible, but (a) this assumes that Java is your workaday language, whereas in fact it's entirely possible (and often desirable) for other languages such as Groovy, Rhino etc. to provide the meat of the application, for this very reason among others, and (b) you're not using something like Janino, which effectively provides the eval() function, and then some, to your normal JVM. (At a cost of course, but that's what facades are for.)

Yet another framework?

Which brings me to my point. If Java webapp development is not just to survive but also to thrive, reacting to RoR is not enough. It must also leapfrog RoR in the metrics by which RoR judges itself.

You can stop laughing now.

It's OK, I'll wait.

This in itself is fairly simple. So far people have been expressing web-development in lots of different languages, some (such as Ruby) more sympa than others (Java), but all of them, even JavaScript, when it comes down to it are not webapp-native languages.

For webapps, when it comes down to it, the language is very simple. There are four verbs: Create, Read, Update, Delete (CRUD). Your set of base nouns is defined by your database, or your object model, where-ever you put your authority. You derive nouns by operations on your base nouns. Each noun can have the four verbs applied to it.

This is all you need for webapps. The rest is reporting - list views, summary pages, query interfaces, etc. In an SOA environment these are simply other services, so that's easy for me, but I imagine other solutions would have to be found for this.

Thus the whole issue is resolved to three domain-specific problems: how to derive nouns, how to customise templating, and how to customise verbs.

(The typical Java response would be to have three different XML config files. Grr. Me, all my config files are generated via xDoclet and other fiddles, so *.xml is simply not part of my development world.)

Deriving nouns: can be done either way, by reducing/eliminating BOM fields or by expansion, i.e. creating new objects mapped from the old ones. Both should be possible, so I'm thinking of something like XPath or JxPath, or CSS-style selectors.

Customizing templating: obviously, model changes shouldn't re-generate and overwrite changes you made to previously generated templates, so a merge algorithm should be used by the framework in updating templates (this may be the sledgehammer approach.)

Customizing verbs: obviously done in the same language as the verbs themselves. Again, either with merges or an AOP-style thing (not my preferred choice).

Once this is all done, continuations take the verb-noun operations and turn them into complete sentences.

The one thing I haven't mentioned so far is validation, and that's because this is a simple choice: it should be done in JavaScript. This is so that exactly the same logic is used server- and client-side, It also avoids extra code-generation, is DRY and can be changed in-flight, just like the above thee things.

Or not.

So, that is my idea. Not that complicated, intended to be incredibly powerful and very flexible. Why shouldn't I do it?

Firstly, there are already far too many frameworks out there. I should find a way of augmenting an existing structure, saving myself lots of time and contributing to something bigger than this in the process.

Secondly, creating a framework is a bad idea. I should know, I've already done it once or twice.

Thirdly, Java webapp developers such as I are not paid to work on frameworks, but on solutions. Therefore this should be done in my spare time, which introduces all kinds of issues when using it at work, for example.

In conclusion, the world would be a much better place if only everyone did what I said. the world of Java is not without hope in the latest mindshare battle. That said, any cool idea used in a Java framework would probably still end up easier to use and simpler in Ruby, by virtue of it being a nicer language.



Another stupid IE bug: selectedIndex on IE6

Presupposing these functions:

function addNewOption(select, value, label) {
var option = document.createElement("option");
option.setAttribute("value", value);

function getOptionIdx(select, value) {
if(!select.options) return -1;
for(var oNum = 0; oNum != select.options.length; oNum++) {
if(select.options[oNum].value == value) return oNum;
return -1;
Now watch carefully:
var optVal = "1";
var select = $("exampleSelect"); //prototype shortcut

addNewOption(select, optVal, "one");

This code retrieves a select by ID and adds an option to it. (The select is a single-value select.) The following code selects that option:

select.selectedIndex = getOptionIdx(select, optVal);

Or it would do, if it worked in IE. Apparently selectedIndex is readonly in IE4, which I don't care about. However, selectedIndex is also readonly in IE6, under certain circumstances, but it just fails silently. The workaround for the IE4 bug was as follows:

select.options[getOptionIdx(select, optVal)].selected = true;

This fails in IE6 with the stunningly unhelpful message "Could not set the selected property. Unspecified error."

HOWEVER, this code does work:

var optIdx = getOptionIdx(select, optVal);


select.options[optIdx].selected = true; // [1]

Removing the alert (or logging statement or whatever) gets you straight back to square one. Wierder still, surrounding [1] with a try-catch block will throw an "undefined" error, and set the select to the value, which I guess is the workaround I need.

Needless to say, I don't have this problem on FireFox. My completely uneducated guess is that DOM tree operations are slightly asynchronous, and that the time it took for the JS interpreter to move onto the next instruction was longer than the time it took for the DOM update thread to finish making changes, when computers were slower than they are now. I have no idea.


In which I serve as a warning to others

  1. When assigning a value to the innerHTML property of any element that allows it on IE, if the string contains a <form> element, Microsoft IE6 throws an alert with "unknown runtime error".
  2. On Firefox, if you use a popup that makes callback to the window.opener and instantiates an XMLHttpRequest from within that callback, subsequent invocations of XMLHttpRequest fail with an internal exception. This has been a known issue since July 2004. The workaround for this is to have your callback function do setTimeout(0, "actualCallbackCode(/*args...*/)"), which (as I understand it) executes the callback within the original scriptContext instead of that of the popup's.
  3. Similarly, calls to window.open after having callback code executed in FF can fail with the same error message when the url is relative instead of absolute. The workaround for this is to compute an absolute URL from document.location.
  4. The IE team (much as I appreciate the hard work they do, etc.</diplomacy>) should scrap their scripting engine completely and use seamonkey's. The IE engine is old, crufty, nasty to debug in, and even when you have the (ancient) debugger installed(which also installs a different version of the scripting engine than that used by non-debugger-using users version of IE, making some bugs stupidly, braindeadeningly hard to pin down) tells you the line number of the error but not the file it occured in,and even gives you the relative line number of the error in the case of inline script, which is stupid.

Lessons learnt:
  • I spent more time hunting for the FF bug (which was documented) than for the IE bug (which isn't). Yet because FF is OS, and IE is closed, IE is more annoying.
  • innerHTML is like the easy path that leads to ruin, whereas true AJAX (i.e. with the response actually being XML and not JS or HTML fragments) is probably nicer and easier to work with yet harder to write in the first place.
  • prototype.js is a wonderful library but only deals with responseText, never responseXML. This is something I would like to fix.


Random links

Jason van Steenwyck on army logistics via armor plate. This is a place where some smart people put effort into saving lives. I wonder what business can learn from army logistics, and vice versa. It's all about the agility.

And again on the strategic importance of Haditha. This is exactly the type of 100% 24 Carat analysis that doesn't make it to TV.

Discussion on PC for the xBox's 'exception? what exception?' bug. Link ettiquete? This is new. (And regarding the timing of the leak, and it's effect on the share price: Steve, you're just too cool...)

Article from /. story above, which rests on the commoditization of the PC hardware business as providing apple a target against which to define itself.


How I see RoR changing the way we use, read & write software:

  1. Organic qualities of autonomy. Create a body then spend time on the brain. The body should evolved as the code grows. The brain is where firing a single neuron can tell the body to catch a ball, or make a face smile.

    Each line of code in your brain that is not as important as this should be evolved into the body.

  2. Minimizing the amount of code between the thought and the code that expresses the action resulting from that thought.

Metadata transfer standards & protocols:

The first step to a semantic web. RSS or RDF. Why is this important? Since the 'Net is a world of ideas, defining the substrate in which the expression of those ideas are rooted is important. This is why an RSS, RDF or Atom standards war would be a really, really bad thing. I don't refer to competing standards as a standards war. That's simple healthy competition. A standards war is two parties attempting to attain dominance in a standard space/market share.

If there is a war, and it gets ugly, then the resulting schisms in metadata comprehension will become the net's biggest headache, which would be a pity. Developers, you thought the browser wars were bad...

To put it mildly.

An absolutely fantastic example of good security principles in action:

Documented as follows:
Why We Ask You to Re-enter Your Card Number

If you request delivery to a new address (one that you haven't used with us before with this credit or debit card) or want to send an e-mail gift certificate to a new e-mail address, we'll ask you to reconfirm the credit or debit card details.

That way, should some third party guess your password and try to order items using your account, their attempt will fail. We hope you understand that this is a valuable security precaution designed to protect our customers.

Courtesy of amazon.co.uk.


Venting, notes:

  1. This sound is incredible.
  2. Leaking roofs in Belgium suck.
  3. After ranting about software patents for so long, I shamefully failed to post on our victory against the directive. Shame on me. My reaction was one of pure blissed-out thankfulness. Good things do happen in life.
  4. What is important is to love your job, use creative energy, in a cool team, and push yourself. I am there.


front window

front window
Originally uploaded by Ianso.
Guess what. I have a phonecam. F34r.


Belgium / followup

A friend once told me: "The most complex object is the user". This is true.

I just told this same friend, who shares my frustration with Belgian paperwork, and a somewhat militant attitude:

If you want to invade Belgium, you have to fill out form "Inv-10-A", and attach annexes confirming compliance with international law, acknowledgement of the ICC, prove that the soldiers (and their translators) are fairly divided between French and Flemmish speakers, and agree to start the process of an economic impact assesment report (and have it reviewed approved by an invasion steering committee), after which (assuming the report is approved) you must obtain permits for the use of heavy and armored vehicles in built-up areas, permission to break the speed of sound over populated areas, conduct background checks and psychological assesments on your soldiers in order that they may obtain weapons permits, and notify the police so they can help ensure that falling rockets don't hit civilians. Then your invasion can commence, but only for 38 hours a week, and no fighting may be done on bank holidays or weekends.
I'm sure I've missed some steps. Probably all the steps involving lawyers and accountants. Oh well...

It's TRUE!

Business processes:

Having seen a couple of approaches to codifying BP's I've formed the following opinions:

a) Less code is better. Business processes evolve. Software delivered in waterfall doesn't. In XP, adding features etc. sucks when your data model is shifting under your feet. (see also: why BP's should be expressed in (e.g.) a scripting language, not in compiled files.)

b) More freedom is better. People will ask "why can't I do X" where X is "attach an Excel file to the approved version of a final report, if the accountant signed the books in the last weekly meeting" - and coding that in Java or even a scripting language is stupid.

c) Less structure is better. Structure should be emergent, then inferred, not imposed. Evolved structure is seamless. Imposed structure is rigid and inflexible.

d) The more users, the better. Network effects increase an organizations net investment into a solution, and therefore (hopefully) increase its net benefit.



I saw an interesting sculpture in this gallery by a guy called Russel West. It was as follows:

Thousands and thousands of keys had been fixed pointing outwards on a wireframe in the shape of a long cylinder. The appearance was as of a dense coat of metal scales on a serpent, which was accentuated by the shape of the cylinder, curving like the shape a snake makes with it crawls along. However, the curves were quite regular, like a sine wave, and as I recall, the ends were un-tapered, so the idea of a snake may just be me.

Nevertheless, the idea of a snake of keys, a key snake, has half a dozen different interpretations. That one is making me think a bit.

Quality/trust metrics in multi-user websites.

You have Karma, mojo, XP, etc. Wikipedia is an organic meritocracy. When it comes down to it, there are only two metrics on the web that make sense.

- Time. Time devoted to the site, online presence, GTKY, etc.
- Money. Subscriptions etc.

Money is difficult. People who subscribe to get special features creates separation. Ads get blocked, and reduce coherence. I think the solution is found in what the subscription represents. It says "I value the site such that I give $xx a month to make sure it stays around". In exchange for that, the site should value them right back, acknowledging the compliment and returning it somehow, for example listening to their feature requests, feedback etc. The subscription shares some features with owning shares in the site, just in reverse. The dividend the user gets from the site is what made him subscribe.


Aaaargh: please, no:

So, this GoogleWatching article on Fortune is pretty good, right up until it says this:
Certainly the search game is still in its infancy. Only a fraction of the content available online is actually searchable. For instance, even subscribers can't search current and archived issues of the Wall Street Journal or most other publications with a search engine; you have to go to the publication's site. This suggests that the search engine that can get the world to list premium content on its platform will have a leg up on the competition. Microsoft has plenty of money to buy the rights to such content; it also owns powerful digital-rights-management software, which helps copyright holders control who uses their products and how often. Those should be advantages in negotiations with companies worried about losing control of copyrighted text, music, and video on the Net.
That is so wrong. (a) Google Desktop already searches your cache, whereupon all the web-based content to which you subscribe (and have surfed) may be found.

B) Most importantly, take one look at the hoops that MS, Sony and Apple have had to contort themselves into to make the content cartel happy. For what? Strategic positioning, and in Apple's case, first mover advantage.

But the idea that yet another successful hi-tech company should kow-tow to content owners to maintain a competitive edge is completely wrong. Google has and maintains it's edge through bona-fide innovation. As Cory says, when's the last time you saw an innovative DVD player?

I'm incoherent right now, but this is not funny.


Thoughts on AOP

Not that I've used it or anything.

I've read up in the C2 wiki and looked at various examples. I believe I understand the theory relatively well, and beneath all the new terminology AOP appears to do two things:

1. Adds a transparent event model for access/modification of methods, variables & objects. I believe that Ruby can do this without the after-the-fact style of bytecode modification, and AOP applies this to 5GL's (or whatever you want to call Java, C# etc.)

2. As per the promotional material, provides a new way of separating cross-cutting concerns. Of course, multiple inheritance could do this :-) As has LISP and it's progeny. I imagine the relevant newsgroups are overflowing with scorn at the world of Java for having re-invented yet another feature LISP has had since the Epoch and before.

Anyway, my point is, that AOP is clearly accomplishing two different things here. (Maybe these concerns should be separated :-) The first is obviously valuable, and something that pure Java misses. The second is also valuable, but as per Koppen and Stoertzer, is ideally accomplished without resorting to meta-programming and code weaving, which are cool techniques, but render affected functions unfaithful to the source code from which they were compiled, which is never cool.

Right now, AOP is an add-on to Java, but I'd like it to become more fully integrated with the language before using it heavily. PCDiff is very cool and the 2nd plugin I'd install (after ajdt) if/when I start doing AOP.


Mp3Blogs + rss = your own Internet radio

Following up from this post which makes things far too complicated, I realised it would be simplicity itself to create a website that allowed users to create their own m3u playlists from the combined RSS feeds of MP3 blogs they choose, that could then be updated every 4 hours or so. People can listen to these M3Us just like people listen to Internet radio.

M3U is the simplest playlist format ever, so this would be really, really easy.


The whole offshoring thing:

Yes, it empowers giant megacorporations to fire hundreds of drones.

But how many people understand this: If you have a normal job, and no extra special commitments such as a family or a house, then you, yes YOU, can also hire programmers in far off countries.

What does this mean?

It means, that by virtue of being born in a rich Western country, you could manage a team as a hobby, in your spare time.

The same kind of gap between the West and Rest that makes corporations offshore whole departments also lets you compete with said corporations in your spare time.

Interesting, hmm?


Everything old is new again?

I read C4L's blog, and one of the things he's good at is skewering hype. In the process, he's pointed out some interesting similarities between new and old technology:
  1. REST and POX
  2. AJAX and DHTML
  3. SOA and Web Services
  4. PubSub and Push Content
  5. Tagging and META-tags
In each case, something has definitely changed, to make cool that which was uncool and new that which was old. What is it?
  1. REST is arguably a well-thought-out subset of POX that doesn't suck. POX + design patterns + exploiting HTTP's natual shape. What changed? Google showed us what was possible, and proved it could be done in the wild, outside of intranets.

  2. AJAX is arguably a set of design patterns that use DHTML but don't suck. It came about after new school web design gained mindshare. Only after the browser technology in Gecko and Opera caught up with the standards and showed us what was possible, and only after people started validating, stressing on semantic XHTML, and using CSS to the full, did people truly begin to accept and explore the power of JavaScript.

  3. Web Services is a small collection of good standards (SOAP 1.1, WSDL, UDDI) floating in a sea of untried, unimplemented, vendor-specifc and overly verbose (even for XML) 'standards' (SOAP 1.2, WS-[*]).

    SOA is WSs minus the suck: it's a philosophy that brings order to the chaos, built around the idea of presenting a unified model of your data upon which processes can be built & designed.

    WSs don't suck, but has suck potential, and SOA recognises that there's more to the special sauce than protocols or standards, and adding new ones doesn't help.

  4. Push was crap. An unmitigated disaster, foisted upon unsuspecting analysts by dotcom droolers and entertainment hype-droids trying to turn the 'Net into a big, dumb television.

    PubSub, in contrast, multicasts and pointcasts data that people actually want in realtime, such as RSS feeds, as opposed to that which would rightly expressed in a collection of banner ads, where geeks can safely ignore them.

  5. The difference between tagging and meta tags is transparency and control. Meta-tags are not transparent to the end user, but hidden away in the source. Meta tags are HTML-centric and intrinsically per-page, whereas normal tags can be per object, no matter the layout.

    The control issues where Technorati may have slipped upa little. Tags are nice bceause they're per-site, and each site has absolute control over their architecture. This is why I believe Flickr and del.icio.us work so well. With Technorati, they surrender this control to external users. We'll see how this works out.
I don't know why, but I have far more vitriol for old-skool Push than for any of the other dead ideas.


In. Cred. I. Ble

World Winds is a masterpiece.

The amazingness of this wonderful piece of software cannot be overstated. Direct zooming into 3D elevations of mountain ranges. MODIS event overlays. WMS integration. This is mindboggling. In Snow Crash, thought this type of thing would be available only to rich people able to pay. We have if for free. Mindblowing.


Building APIs & object models for the rest of the web

OK, so XSD defines data structures, and the data structures <-> object debate is an old tarpit I'm avoiding for as long as possible. Neither is it news that schema-compliant structures can be produced by applying XSLT to XML.

However, why not produce Objects by applying ECMAScripts to HTML pages? One function defines a class and scrapes a document to extract the instance data from a web-page, a little like GreaseMonkey. Document hyperlinks become typeless references. Document forms define operations.

The rationale is behind this is that a lot of websites (e.g. Wikipedia) are broadly similar in markup structure to the extent that screen-scraping them is really, really easy (ignoring the API that obviates the need for that in this case and others).

The use case is anything that needs objects provided by 'web services' - definitions from dictionary.com, search results from Google, bla bla bla. In time such a system could theoretically provide models and API's to large portions of the web.

Of course, it's much easier in a scripting language that supports dynamic type construction. Also, someone else has definitely thought of this before.

Applying RBAC & DTE in OOP environments

Brainwave #1: SE Linux has a very cool permissions model that treats all objects within the OS as nodes in a directed state graph.

To briefly summarize, permissions are granted and/or denied based on who(user,process) is trying to access what(inode,socket) and from where.

The model is so cool that MS had themselves a gigantic hissy fit and wailed on the NSA (among others) for equiping the Linux community with a security model that beat its own commercial offering hands down, for free.

What's interesting, however, is that it should be possible to extract the model and super-impose it on the Java object model, or that of any other OOP language for that matter.

Of course, code injection is generally less of a worry in managed environments than in binary ones, so the idea may not be all that valuable until (or if ever) we start evaluating untrusted logic on the server. (Highly unlikely, due to the halting problem, but still.)


The EC continues to amaze and disappoint me.

Ever since the EC tried to pass the patents directive onto voting at the Parliament as an A-item at a Council of Agriculture and Fisheries, for some reason I assumed that they'd sunk about as low as they could go.

Not so. In the face of overwhelming opposition from the democratically elected Parliament to this corporate-brought directive, what does the CoM do? They ignore them. And try again. As we've thanked the Polish, Dutch and Germans, among others, we now have the Danes to be grateful to for telling their Commission representative to, you know, represent them. And even then the Commission ignores them. Unbelievable.

Software patents delenda est.


Fosdem '05: GCC 4 + Java

At the pre-party drink I met up with Matthias Saou, who maintains freshrpms.net and is fairly knowledgeable about the current state of the Linux kernel and GCC. He told me that GCC 4 will soon be able to compile Java direct to native code, and not just as a kludge, but in a real, competent implementation.

This is absolutely fantastic if true, 'cos it means that I can directly compile my Tomcat to run on my VM. Right now I have like 6/128MB memory free 'cos the JVM allocs so agressively. This is very, very cool, especially if you consider that automatically deploying native compiles to GNU/Linux from an Ant script is no more complex or involving than doing the same to class files.

Fosdem '05: Gradient

So, I presented Gradient to about 8 people + 2 friends of mine (thanks for the moral support, Gael and Torrey!), which was interesting.

For a couple of minutes we had no video cable, so I chalked up a bit of stuff, like the URL for the presentation, and waved the laptop* under people's noses so they could read SVG and stuff.

It seemed to go OK. I didn't stutter, freeze up, stumble over my words or anything like that. However I'm not convinced I explained Gradient as well as I could have done. Gael was a great help in showing me how to explain my ideas properly, but I rambled a bit, and the demo's could have been better.

Nevertheless, it was a great opportunity, and it was good to meet Ralph and Heiner (author of Lluna) in person.

* generously provided to me by the company I work for.

Fosdem '05: RMS

So at the Friday drink, someone told me that RMS has only two speeches: one on Free software, and one on software patents. This isn't true. The subject of this speech was how the four freedoms of the GPL are applicable to other types of information.

1) There's a whole spectrum of creative activity between creation and copying - commentaries, coppendiums and the folk process were mentioned.

2) An early point is that most laws are theoretically made to achieve a certain (desirable) outcome for society as a whole in the current zeitgeist. Modern-day copyright of course is now increasingly anachronistic, and is getting worse at the behest of the content cartels.

3) The subject of software patents was noticeable in its absence.

4) He proposes a system whereby works are split into three categories - practical works of reference, expressive, attestational works (e.g. bills, receipts, contracts, articles, autobiographies), and artistic, creative works.

He then goes on to define what is and is not in society's interest in each case as regards copyright law, and does make a very good case for applying the four freedoms directly to reference works, and making no-derivs on attestational works. For the third type his solution is a limited term copyright, but I think that this is a bit of a compromise. A neat solution to this has yet to be found.

RMS is an idealogue. He's a good one too - The GPL, and Free Software are both Good Things. However, what was conspicuously absent from his speech was any hint of what could actually be done by people like us to help change things from what we have now to what he sees as the ideal situation. It was a good speech, but there was no call to action, and he's perfectly positioned to provide one.

I wanted to ask him an inflamatory question, like this one:
"given that you believe our supposedly democratic governments are not acting democratically, or in the best interests of our society, what forms do you think direct action and civil disobediance would take if we wanted to combat this?"
However, (a) there was no time, and (b) the thing was being videoed, and I didn't want to (unfairly) label myself as a firebrand info-anarchist in front of the whole Internet.

Oops, too late :-)

Fosdem '05: Jimmy Wales & Wikipedia

His was a really good talk, and had many good points.

1) Although he couldn't talk about what he was discussing with Google, I suspect that they'd like to link to them for definitions etc. at some point in the future.

2) He presented two explanations/perspectives on Wikipedia; firstly that it's the emergent behavior of hundreds of thousands of tiny actions, secondly that it's the coordinated actions of thoughtful users. He prefers the second, but IMHO it's both: the second is a result of the first.

3) Apparently, at a certain moment they face the prospect of the 'site growth outpacing the growth of the development and sysadmin team. This is another thing Google has under it's belt that nobody else has successfully replicated - their major advances in large-scale administration of clustered/distributed computer farms. Of course, this is a major strategic asset for them, so they probably won't apply this expertise to Wikimedia's server farm for free.

4) Kudos to Jimmy Wales for having the courage to stand up and say that love and respect is an essential part of what makes Wikipedia tick.

5) He made a really good point that things like the Slashdot moderation system are inherently mechanical in nature, and compensate a little for a lack of community. In contrast, wikis are totally freeform, and don't dole out reputation or XP, which means that all moderation/structure/regulation occurs as a result of community action.

This is important: wikis provide space in which communities grow, and their structures grow and evolve with them, and are inherently human in nature. Contrast that with the /. moderation system, and the games/controversies/pending rewrites that surround it.

What I find interesting is to see where else on the Internet we can move from mechanical regulation to simply providing a substrate in which real human communities/societies can grow, unfettered by mechanics imposed by a centralised authority. Something to sleep on.

Fosdem '05: impressions

So yeah, Fosdem '05 and the traditional drink was great fun and really interesting. I've never seen so many geeks in one place. Met a bunch of cool people, had a great time. A friend of mine went crazy with a cash card at the O'Reilly stand, but hey, I might get to read the books too :-)

1) Geeks know how to party.
2) Anti-social my ass.
3) RMS is probably the only person on earth who would give a good, intelligent talk
a) without slides,
b) commanding fixed attention from so many semi-ADD geeks,
c) absentmindedly scratching his nether regions in front of more than a thousand people.
4) Giving a decent speech/presentation is quite a skill.
5) Until Friday, it never quite sunk in that there's an enormous society of people to whom Free software is a real, tangible matter of principle. RMS is on to something, and I'm not talking about the itch in his pants.


Slideshow presentations

The reason people put all that stuff in bullet points...

When you create the thing, you think you have to say what needs to be said at the presentation, with your slide show.

Not so. You will be there, and you will say what needs to be said. The slideshow or PPT or whatever is not there to say things, but to show things.


CodeCon '05: misc.

Incoherence was incredible, something I will start showing to people.
OzymanDNS is totally mind-bending. Stuff like this is going to take back the 'net. TCP VPNs over SSH over IP over DNS...
Note to self: check this out.

CodeCon '05: SciTools

SciTools had a very, very cool demo. Not sure what extracting DNA from chick-peas with common household materials actually had to do with the presentation, of which I understood very little, but still.


- Molecular biologists and geneticists face the same issues as hackers when talking about the uses to which their work could be put. Breast cancer detection and Anthrax - almost all mentioned in the same breath concerning the same tech.
- Another issue they face is that they don't want to deal with the GATCC stuff any more. That's low-level assembly thinking. As far as I understand, nature already has it's own HLL's, but I'm not entirely straight on that point.
- Cool sparklines and vast databases of stuff is online, e.g. LocusLink and OMIM.
- The human genome fits in 250 meg of RAM.
- Quote: "Biologists don't index from 0".

CodeCon '05: Wheat

Wheat is very cool. Building an object model in URL space is a great idea. One endpoint is to publish and extend from objects on other servers. Strange stuff: new language, which is understandable given the 'research project' nature of the beast, but still a little regrettable. References are a little strange, but this is to be expected. A little polish needed, but very, very cool.


- look at TinyTemplateEngine as a replacement to JSP. It looks niiice.
- check out Zope web-objects
- Check out Rails and Ruby, 'cos it's the next best thing, baby!
- Check out the Wheat Wiki.

SF '05: Memorable characteristics and events

1. When you ask for "coffee" in a diner or something, you get some terrible drip-filtered gack. No wonder Starbucks has stomped all over the USA. By way of comparison, even the smallest eateries in Brussels have coffee machines that make a passable espresso and decent coffee.

2. Buying public transport tickets is a great way to get rid of even the smallest loose change. Over here, this stuff accumulates to levels at which you could store them as ballast in a ship's hold and use them for shrapnel in it's cannons[0]. On the buses and trams in SF you can pour fist-fulls of the stuff into the machine and it'll sort and tally it all correctly.

3. The SF tagline should be "the Yoga and Tai-Chi capital of America". Get out early enough and you'll see any given green space has a cadre of people doing their exercises.

4. The place is surprisingly bike friendly, provided you stick to the costal areas. Enormous great SUVs give you half the lane to play with, as if they'd rather suffer a head-on collision with another motorist than a mental health lawsuit from a mildly claustrophobic cyclist.

5. Everyone is friendly. Cool, interesting conversations were had on diverse subjects such as the psychology of addiction, the concept of currencies, long term geographic effects of global warming on property prices and purchase strategies, the LT, WTFDNU, etc. This stuff is slowly permeating through into the general conciousness.

6. Geeks are everywhere. Trying to sleep on the plane when your brain is randomly plucking tech words from surrounding conversations is like trying to sleep during a Windows install. You know there's nothing better to do [except fill out your product registration card!!11 :-P], but something might come up that makes life interesting.

7. T-shirts: saw a T-shirt with "Dept of Homeland Security - since 17nn", and a picture of four Native American Indians with muskets. Hahaha.

8. The Apple store in SF: It's JUST A STORE. Why people queue up outside of it every morning is totally beyond me, nice machines though they be.

[0] Why yes, I happen to be reading The System of the World, which is a fantastic Stephenson, and which also contains the best Monty Python Joke Ever.

Various observations re: travel

1. In coach on Boeing 747's, the aisle-facing armrest hook is lethal to garments with pockets that can snag. This fact was confirmed by repeated trial and error. We honour the pants that gave their seams in the cause of science during these experiments.

2. Most airport toilets now have a dry-blower and paper towels, which prompts one to ask the question: if I wish to dry my hands after having washed them, which is more environmentally friendly? The blower directly increases the amount of heat entropy in the universe, and may be run of a grid that is feeding partially-renewable electricity. The paper will probably be recycled, but the process of collecting, processing and recycling used hand-towels almost certainly takes more energy than that used by the blower. On the other hand, paper towel collection scales fairly well. Maybe different tools should be used for a given hand wetness index.

3. My head is a strange place. I woke up to the alarm, saw "8:00", got ready for work, stepped out of my flat and realised that it was actually 20:00. I reset my alarm clock wrong, but my body rythms are so screwy that I can't tell the difference. On the other hand, this means I have lots of sleep to look forward to.


CodeCon 05: RPOWs

My introduction to hashcash, which is interesting. RPOWs are (briefly) digitally signed, unique, audit-tracable bits of hashcash. Verification and the all the sensitive stuff is done inside of an IBM 4758 crytoprocessor, which is (a) expensive, (b) very, very secure.

The spread of Guerrilla cybercash is one of the things I'm predicting will result from the dissemination of TCPA-ish technologies, as I outline briefly here. Hal Finney, being the legend that he is, has already done cybercash for the nearest thing we have to a consumer-level TCB.

One thing he alluded to in his presentation is that he's taking advantage of the 'remote attestation' features of the 4758, which in other contexts (such as DRM systems) would be seen as a bad thing. Remote attestation is unique to the 4758 right now, but if it becomes more widespread via NGSCB and TCPA, then things could get interesting.

CodeCo '05: ApacheCA

As seen here.

Originally meant for auth and id for Apache people, now has an open CA for anybody to create signed certs, groups and stuff.

Opinion.1: The Apache root cert shouldn't be dependent upon Verisign, or anyone else.

Op.2: Once live, Apache's root cert should be included in the FireFox install. People should be able to secure their websites without paying Verisign a dime.

Observation.1: Apache could provide a pluggable, secure solution to the issue of auth and id in the context of online communities and P2P networks, and one that's considerably more palatable than Passport or the Liberty project, owing to Apache being non-profit and having better whuffie than MS or the Liberty project's backers.

Obs.2: I've said elsewhere that SSO is a bad idea in principle (because it commutes credentials across security domains), but that's something else that could be done with this if you wanted to.

CodeCon 05, San Francisco:

A beautiful city. In FEBUARY. This will make Brussels a little harder to come back to.

Observations from Day 1: when the projector broke, people actually paid more attention to the presentation in general, and the speaker in particular. Re-inforcing my opinion that PPT as commonly used is plain bad for presentations.


Thank you JURI

This makes me very happy.

Software patents delenda est.

On the importance of introducing oneself

So me, being the smart-arse I am, rigged up my systems to email me when errors in my webapps occur, from a generic mailbox on our work server.

Today, I get a stack trace out of the blue, and all the systems that I know of are working fine. The email doesn't say what system it comes from, merely that something is wrong with it.

In future, I shall be more courteous. "Hi there, I'm system FOO BAR, "+e.getMessage() and so on and so forth.


Microwave metalurgy: grass-roots industrialisation?

This guy has done something potentially revolutionary, in all senses of the word: he's hacked a normal microwave oven to melt bronze, iron and silver. Futher study may yield a method of melting steel.

What this means:

(a) short term, look for personalized items cast from the above metals to become very chic.

(b) medium term, read about accidents while experimenting with this new technique in the news, leading to a hue and cry (and maybe laws) against the practise, and heretofore inconcievable clauses in rental agreements (I don't think mine specifically outlaws heavy industrial metalwork...) and enforcement of zoning regulations.

(c) hopefully long term, as the skill develops, I'd like to see the skill of metal-working re-appear as (a) a craft that can be practised in your own home/shed, and (b) drive a new bottom-up revolution in personalization of items that were once produced en masse.

Of course, if we ever get to melt steel in a microwave, this means that things like (e.g.) eating utensils, ornaments, etc. could conceivably be made in a normal kitchen.

This is gives tremendous for grass-roots creativity to take hold - if it happens, the technique will be used for things that this guy will never have imagined.

But me being a typical man, I have to point out that primitive bladed weapons could also be manufactured at home using this method, which comes periliously close to putting weapons back in the hands of the worlds middle-class, which at the moment is the probably the most docile demographic on the planet. That would be interesting, and another reason for Western governments of the world to restrict the practise, should it get that far.

Tagging and expression languages

I apologise in advance, but before I get into the meat of this post, I feel obliged to (a) assert that I like tagging a lot better than folders/hierarchies, and (b) proudly claim that I was using tagging way before it became popular[1].

I also find it amusing that the discussion surrounding tagging suffers from the lack of a controlled vocabulary :-)

In the Clay's post above he makes use of a simple boolean expression language to define subsets of all tagged objects in a given space. This is natural, if you think of a tag space as being an infinitely extensible bitset associated with each tagged object. Then you can ask for things like this:

( apple && g5 && ! ( nyc || newyork) )

(My grammar is a little more C-ish than Clay's, but the syntaxes are equivalent.)

Futhermore, you can do things like XOR tag spaces, not that I imagine the result would be very useful.

Where boolean tag expressions will come in useful, however, is not just in defining subsets of the object space. Tag expressions could also be used to define equivalency between tags applied using different systems, on the same website or elsewhere. For example, suppose we want to define equivalencies for "Apple Computers" for two people, when one (Kevin) lives in New York and the other (Yves) uses the stock ticker instead of the company name and runs an orchard:

apple && ! ( nyc || newyork) = AAPL && ! orchard

The example is a bit far-fetched, serves to illustrate the principle. And the left and right sides of the above expression need not both be on the same system - one could be in deli.cio.us, and the other in Flickr. In this way, the problem of two different users applying tags like "teen" in drastically different ways can be solved.

Once you start to define equivalencies, those equivalencies can act as bonds between the users in the equation, and from there you can start building trust and authority into what is essentially a fantastically anarchic way of classifying information.


1: This is actually true, although tags were classified in a hierarchy, so I suppose it's not really tagging from a purist perspective.

Mixing technical and personal entries: no.

Writing personal stuff is a fine method of release, but: the whole world reads this. Thus, now and retrospectively, I apply what I call "The F Test", to whit:
There is nothing on this blog that I wouldn't say to the CEO of the company I work for.


Personalised, new and random mp3 radio

3hives has an m3u for the front page, which is nice, but having one for each archive page would be cool too. Looking at this, and other stuff linked below, gives me an idea:

Icecast + mp3blogs + grep + wget/curl + cron + bash + my Linux server = an MP3 jukebox of cool new stuff pulled in from MP3 blogs.

Yeah, so I'm late to this party. I compenate with boundless enthusiasm! Also: listen. Also: (*slaps forehead*) amazon referals are a business model for the most popular cool hunters. And even niche hunters can build audiences, because this is the web and the tail kicks in. The Long Tail is the latest in a series of catchphrases, but this one has traction, since the model explains a lot about how media and markets work on the 'Net.

Media personalisation, notes on "The age of egocasting"

This very interesting article has a new spin on the problem of perfect filters producing boring results, or as it says, "We have created and embraced technologies that enable us to make a fetish of our preferences." Other cool soundbytes:
  • Sampling is the opposite of savoring.
  • “Americans love junk,” George Santayana once noted. “It’s not the junk that bothers me, it’s the love.”
The author lends a little too much credence to the opinions of critics, who seem to be getting rankled that now anybody and everybody is a critic.

A beautiful counterpoint to the thesis is 3hive, which I stumbled on via deli.cio.us - which rocks - and is rapidly introducing me to music such as Flogging Molly that I would never have dreamed of hunting for, but is cool. In this way, 3hive is cool-hunting for me, just as SomaFM or SwissGroove do my soundtracks.


Safe security

Bruce Schneier posts on the furore surrounding this safe-cracking paper by Matt Blaze (a computer scientist), mostly among safe & physical security professionals. The paper makes for very good reading. [via BoingBoing]

Most of the fuss is because principles such as security through obscurity are dearly held in the safe and lock industry, to their detriment, as Kryptonite discovered. Applying principles from computer security and cryptography in a different domain of expertise is causing heart-burn, which might, on first blush, be reasonable. But in addition to being fascinating, it's also slightly alarming in places:

Most locks have a wider dialing tolerance than the dial graduations would suggest, allowing an error of anywhere between ±.75 and ±1.25 in each dialed number, depending on the lock model. So although there may be 100 marked positions on the dial, there may be as few as 40 mechanically distinct positions.

[...more possible keys removed...]

For locks with the full ±1.25 dialing tolerance allowed under [standard], these recommendations seem especially misguided, leaving only 22,330 distinct “good” combinations. Observe that this is less than 2.5% of the apparent keyspace of 1,000,000.

Similar reductions in effective keyspace will be familiar to observers of many computer password authentication systems.

That's not the kind of thing that a cryptographer can get away with when designing cryptosystems. Before long, safe-makers may not be able to either.


hyper-efficient RPC with XMLHttpRequest, Gradient, Blogger

(1) You can use XMLHttpRequest to send a HEAD request. Encode the RPC parameters in the URL. Encode the results in "X"-prefixed headers of the 200. No body necessary.

(2) As far as "getting the document controller to stay online", this ain't necessary if the JID referred to in the namespaced element of the loaded document refers to a Pubsub node. The controller can be knocked offline, the node still exists. This is a better model, but server<->client IQ and messaging, and client<->client messaging and RPC would all have to be re-worked around this new model. Bring on FOSDEM.

One of the things that's struck me with lurking on p2p-hackers and reading about DHT's etc. is that as well as building monolithic filesharing apps like eMule, we're also seeing p2p primitives appear, which can be bolted together just like cryptographic primitives to produce systems like Kenosis. This is the style of BT in doing one thing and doing it well.

(3) f you retrospectively change the title of your blog post, permalinks break. This is annoying.

(Also: I can't find a parser generator that will output a parser in ECMAScript. This probably proves that I'm crazy for wanting such a thing, but that's OK. I know I'm crazy.)


Programmers should generalise... sometimes...

OK, so the idea behind Gradient is to wire an SVG document into a P2P network, albeit one that's physically client server, and conceptually P2P.

Why do this in general: many applications now are being developed for use via the web, i.e. they're webapps. This is my worklife area of specialty.

The idea behind Gradient is that you have a generalized messaging network (XMPP/Jabber) that is (a) can do cool things like PubSub (see below), (b) is scalable and mature, and within which documents form their own application 'clouds', i.e. specialized subcultures of network endpoints.

The fact that you're still loading pages over HTTP means that you're centralising things (of course), but not every P2P network has to be lawyer-resistant if you're trying to do legal stuff. And having the app loaded as a document each time is something we all know the pros and cons of.

One of the things that's not working so far is getting the document controller to stay online. I don't know how often jabber.org is restarted, or if clients are all kicked off after a certain length of time, but having client JIDs perform server functions isn't the way for me to go about it. PubSub is almost definitely the way to go on this, since (IIRC) items published to nodes stay around after a node goes offline. I'll be here end of Feb, so I';; have a better idea of how things stand after that.


Camera phones as mice, v.2

To follow on from this post, I have another use case coming from the 'smartphone as personal TCB' perspective. Not only could a smartphone function as a mouse, but also as a security device in place of a smart-card. The existing mentalities fit perfectly, because nobody leaves their smartphone lying around.

If the phone has a fingerprint scanner, then it also becomes a secure logon terminal. The use case:

  1. The user puts his phone on the the desk, camera-face down, and swipes his thumb on the strip reader.
  2. The phone establishes a secure link with the workstation via bluetooth, and authenticates the user with the server.
  3. If the authentication is valid, the workstation unlocks and the user begins work.
  4. The user leaves his office, taking his phone-mouse with him.
  5. The workstation detects a break in the bluetooth connection and locks the console.
  6. The user returns to his office, re-swipes his thumb to unlock the console, and continues work.

Jon Stewart 2, Tucker Carlson 0



Webcams and web authoring

1) Look at these Thousands and thousands of webcams.

Why this is cool:

  1. The random pictures combine to create an indescribable impression. Someone building a boat. A Pagoda. A mock CCTV control center. An Izaka bar. A deserted street. A harbour blanketed in snow. The list goes on.
  2. This is real life, uncut. This is a tiny, jerky window onto the future of mass media. Mass broadcasting, not mass market.
  3. The Architect's office decoration. A web-page could be put up containing nothing but a wall of random videos.

2) WYSIWYG web editing sucks, but then so does editing the stuff by hand, due to its verbosity. Taking a page from XPath, and the type-ahead find features of Mozilla, I'd like to be able to type and edit something like this:

site<;div#contents;div#main/p>Welcome<;p(3)>bla bla bla<

And have this generated:

<style type="text/css">
<h1 id="header>My site</h1>
<div id="contents">
<div id="main">
<p>bla bla bla</p>
<p>bla bla bla</p>
<p>bla bla bla</p>
Combined with the web development bookmarklets, "edit styles" in particular, why, HTML might even become a joy to write.


Wow. Just Wow.

A very, very cool blog design.

We know so little, and what we do know...

Is hidden.
  • There is a truly enormous amount of raw figures on the web. This is a link to pages of links to hundreds of thousands if not millions of pages of tables of numbers, from the EU, the UN, and the US Government. That is only the beginning.

    These figures concern every facet of the human condition and more. Those numbers are not boring! Each number is boring, but there are stories hidden in that pile of data, waiting for people to find them.

  • Despite this, a vanishingly small percentage of it is accessible via a machine-usable API. What I mean is this:
    • No metadata, UDDI-like registry, ontologies or taxonomies. The infoarch that does exist is ad-hoc at every level: site, sub-site, and project.
    • No SOAP, XML-RPC, REST, or other pre-web means of access.
    • No machine access except by screen-scraping
    • Subscription access to stats being funded by taxpaying nationals, in most cases, and price levels targeted at institutions and NGOs
    • Trapped behind query interfaces opened as framed, javascripting multi-post powered wizards in popup windows.
    • Stupid restrictions (e.g. 5000 rows max per query) that force needless circumventions.

  • Of all this huge body of data, a good 40-60% (based on my random sampling) of these numbers are in PDF. Extracting tables of figures from PDF into machine-readable form is complex, error-prone and processor intensive. Of the other 60-40%, half is in Excel (which I can live with) and the rest is in CSV or something similar.

  • However, none of this data is theoretically out of reach. What is needed:
    • One smart repository
    • One smart screen-scraper
    • Something to extract tables from PDF documents
    • Trained monkeys to operate the scraping gizmo and classifying gadget.


I don't care if you met each other via the Internet,

If you're having an argument, TALK. With a telephone. Or Skype. TALK.


I'm not talking about couples, I'm talking about programmers.


This is kinda funny

The same day I eulogize Mozilla I hose my installation six ways to Sunday, and I mean completely. Good grief.


And I have so many plugins installed it takes me 40 minutes to reset everything just so.


The global village becomes reality, hopefully

Anyone with a heart has been hit hard by the tsunami and it's aftermath. We have between 150,000 and half a million people dead. What's hit me is both the incomprehensible scale of the tragedy, and the personal stories that are coming to light.

There's a ray of hope though. The global reaction to this huge level of suffering is unprecedented. You have countries almost competing to out-do each other in how much they give. I'm waiting to see if China will try and match the USA. Personal donations have poured in. Amazon.com users donated more than Saudi Arabia. Individual responses are matching governments.

Would this have happened 100 years ago? We now have raw, hard-hitting, up-front and personal accounts of what happened beamed straight into our homes. It's not uncommon to have traveled in those parts of the world, to know people who have families and friends there.

There's no denying the world is a nasty place. But here I believe that technology has brought people closer together on a global scale, and I'm hoping that the empathy that's lead to this amazing generosity is the start of something Big. How wonderful it would be to have nations become members of a gift culture, where status is determined by how much we can give, not how much we keep to ourselves.

The pace of web development...

Web development on Mozilla is soon going to become an absolute dream:

  • Solid patterns are developing around XMLHttpRequest, including HEAD requests, which may become the ultra-efficient RPC of the web (and not supported by Safari yet). On IE, this requires either an addition to trusted sites, or dropping your pants to the rest of the Internet. Assuming it's possible, an independent implementation of the XMLHttpRequest object in JScript is only a matter of time.

  • XPath. This is absolutely essential for navigating DOMs. This can be added to >IE5, which is nice, but you have to bind it to each new document you want to work with, which I can live with if I have to. Safari does not support XPath in any way shape or form.

  • E4X, soon. Did I mention how nice this is? Oh yes I did. No more of this:
    newRow.appendChild(nameCell); newRow.appendChild(downloadCell); newRow.appendChild(rangeCell); newRow.appendChild(sourceCell); newRow.appendChild(dateCell);
    ...and no more futzing with pasting strings as innerHTML, which is even uglier from half a dozen perspectives. Yes it's faster, yes it's less redundant code, and no I don't like it because it's an ugly, disgusting hack compared to E4X.
When I code in my spare time I would rather not have to work with ActiveX, or forgo XPath because of Safari. It's when you see the state of other browsers that you realise what a fantastic codebase Mozilla has. If MS isn't already panicking, they should start now.

(Oh, and: this XPath visualiser by Dimitre Novatchev is very, very nice.)