November 2008
Nov. 2, 2008
.. yet another ridiculous data breach: this time, people's passwords to the Government Gateway on a memory stick dropped in the road. Perhaps it is uncouth to point this out, but... if the system had been designed by people with any security clue whatsoever there would have been no passwords to put on a memory stick in the first place.
BBC Programmes via Instant Messenger. Neat jabber hack by Duncan Robertson.
Nov. 3, 2008
Python gems of my own (via) Did you know you can pass 128 as a flag to Python’s re.compile() function to spit out a parse tree? I didn’t. re.compile(“pattern”, 128)
When visiting any Web page, the site owner is easily able to ascertain what websites you've visited (CSS color hacks) or places you're logged-in (JavaScript errors / IMG loading behavior). They can also automatically exploit your online bank, social network, and webmail accounts (XSS). Additionally, the browser could be instructed to hack devices on the intranet, including DSL routers and printers. And, if that's not enough, they could turn you into a felon by forcing requests to illegal content or hack other sites (CSRF).
Obama v McCain—battleground graph (via) Paul Crowley provides the smartest election visualisation I’ve seen this cycle, using the current projections from fivethirtyeight.com and with a promise of a frequently updated version as the actual results roll in.
Nov. 4, 2008
I'll put forth one central, overriding guideline for iPhone UI design: Figure out the absolute least you need to do to implement the idea, do just that, and then polish the hell out of the experience.
Nov. 6, 2008
Just One More Grim Thing (via) Tim Schafer releases 72 pages of design documentation for Grim Fandango, my all-time favourite computer game.
Update 18th Feb 2025: That blog entry is no longer available, but Gameshelf preserved a copy of the PDF.
Code your own election mashup with Google’s JSON data. The data that powered Google’s US election results map is available to download as a bunch of JSON files.
It’s a purple world. Stuart Langridge made a purplish map of the US election results, using JSON data from Google and an SVG map of the US from Wikipedia.
Nov. 7, 2008
jQuery history plugin. I used this plugin to add back button support to a small Ajax app today, with great results. I tried it a while ago and it didn’t work in Safari, but someone has updated it since and now it works perfectly.
Introducing Acre. I’m losing track of all the server-side JavaScript hosted web application platforms now. Here’s the Freebase contribution to the genre, complete with IDE, templating language and strong integration with Freebase itself.
Nov. 8, 2008
The Tea Cosy. Our favourite Brighton tea room has redesigned their site—truly classy. Don’t forget to memorise the etiquette rules.
Clearing up inaccuracies about the Google OpenID IDP launch. Google took some undeserved flack when they launched their OpenID provider. For the record, whitelisting providers fits my definition of the “Open” in OpenID perfectly (providers and consumers are free to impose whatever policies they like).
Secrets of the Django ORM. An undocumented (and unsupported) method of poking a Django QuerySet’s internal query to add group_by and having clauses to a SQL query.
Nov. 10, 2008
iPhone Backup Extractor possibilities (via) Nick Ludlam points out that iTunes backs up your iPhone call records by copying across a sqlite database—which means it wouldn’t be at all hard to extract the logs in to a larger database. Could make for a really cool addition to a private lifestreaming application.
License Hacking. Wikipedia is making the switch to a CC license, by asking the Free Software Foundation to include that as an option in the latest version of the Free Documentation License which Wikipedia currently uses and which includes an auto-upgrade clause. Devious.
Worst. Bug. Ever. Android phones were executing every keystroke typed in to the phone in an invisible root shell! Text “reboot” to a friend and your phone rebooted. Wow.
Nov. 11, 2008
Interview @MarsPhoenix (via) “For over a year, Veronica McGregor has been Twittering from Mars.”—an interview with the Twitter voice of the Mars Phoenix lander.
It's funny, when I sit down to write something for Phoenix I feel like I have to get into my "Phoenix character." [...] I try to be the eternal optimist because people are getting so upset about the mission coming to an end, and I'm trying to lessen that grief.
DRGBLZ. lolzeppelins?
Nov. 12, 2008
lightningtimer.net. I'm fed up of having to dig out or knock up a timer script every time I manage lightning talks, so I've given one a domain name. You can use lightningtimer.net/#90 to set a different start time for the counter.
Update March 25th 2025: I rescued an old copy of this from the Internet Archive and re-published it to tools.simonwillison.net/lightning-timer.
On UI Quality (The Little Things): Client-side Image Resizing. Two neat tips for cleanly scaling down images in IE 6 and 7 from Flickr’s Scott Schiller.
Nov. 18, 2008
The new Lawrence.com. The world’s best local entertainment website, relaunched on Django 1.0 with an accompanying substantial redesign.
Amazon CloudFront. The Amazon CDN front end for S3 has launched. Traffic is 2 cents per GB more than S3. I’d like to see a price comparison with existing CDNs; I have a hunch it’s an order of magnitude less expensive.
Hack Day at the Guardian. Video of the demos from the first Hack Day at the Guardian. I presented a crowdsourcing app I used to collect annotations for an SVG map of the UK.
Notes from Hack Day at The Guardian. Our first hack day was a ridiculous amount of fun. Matt’s write-up includes a 15 minute highlight video, which includes my 90 second presentation of my crowdsourcing SVG-powered parliamentary constituencies hack.
Nov. 19, 2008
The March of Access Control. The W3C Access Control specification is set to become a key technology in enabling secure cross-domain APIs within browsers, and since it addresses a legitimate security issue on the web I hope and expect it will be rolled out a lot faster than most other specs.
Heck, I practically invented the formula of "tell a funny story and then get all serious and show how this is amusing anecdote just goes to show that (one thing|the other) is a universal truth." And everybody is like, oh yes! how true! and they link to it with approval, and it zooms to the top of Slashdot. And six years later, a new king arises who did not know Joel, and he writes up another amusing anecdote, really, it's the same anecdote, and he uses it to prove the exact opposite, and everyone is like, oh yes! how true! and it zooms to the top of Reddit.
Dollarshort: The Definition of a Slow News Day. How to deal with Valleyway.
Django 1.0.2 released. An update to last week’s 1.0.1 release, which I failed to link to. 1.0.2 mainly fixes some packaging issues, while 1.0.1 contains “over two hundred fixes to the original Django 1.0 codebase”. The team are holding up the promise to move to a regular release cycle after 1.0.