Simon Willison’s Weblog

Thursday, 16th July 2009

Why an OAuth iframe is a Great Idea. Because users should a) learn to be phished and b) not even be given the option to avoid being phished if they know what they’re doing? No, no and thrice no. If you want to improve the experience, use a popup window so the user can still see the site they are signing in to in the background. # 8:29 pm

NaCl: Networking and Cryptography library. A new high level cryptography library. “NaCl advances the state of the art by improving security, by improving usability and by improving speed.” Ambitious claims, but DJB is one of the core maintainers. # 8:24 pm

Teaching users to be secure is a shared responsibility

Ryan Janssen: Why an OAuth iframe is a Great Idea.

[... 570 words]

Nmap 5.00 Release Notes. Released today, “the most important Nmap release since 1997”. New features include Ncat, a powerful netcat alternative, Ndiff, a utility for comparing scan results so you can spot changes to your network, and a new Nmap Scripting Engine using Lua. # 7:40 pm

Curating conversations. Chris Thorpe has open-sourced the Guardian’s moderated Twitter backchannel app, for displaying back channels at high profile (and hence high potential for abuse) events. It’s a Python application that runs on App Engine. # 7:34 pm

IanVisits: London Events Calendar. Ian Mansfield maintains a superb calendar of cultural (and geeky) events in London. Lectures, tours, bat walks, film screenings... did you know there’s a Festival of Model Tramways this weekend? # 7:22 pm

Keyspace. Yet Another Key-Value Store—this one focuses on high availability, with one server in the cluster serving as master (and handling all writes), and the paxos algorithm handling replication and ensuring a new master can be elected should the existing master become unavailable. Clients can chose to make dirty reads against replicated servers or clean reads by talking directly to the master. Underlying storage is BerkeleyDB, and the authors claim 100,000 writes/second. Released under the AGPL. # 10:30 am

I propose that the World Wide Web would serve well as a framework for structuring much of the academic Computer Science curriculum. A study of the theory and practice of the Web’s technologies would traverse many key areas of our discipline.

Tim Bray # 10:16 am

Google’s Chiller-less Data Center. Google are operating an outside data center in Belgium with no chillers (refrigeration units used to cool water, but at a high cost in energy) making “local weather forecasting a larger factor in its data center management”. On the 10 or so days of the year when Belgium is too warm, they can simply shut down the data center and shift the workload elsewhere. # 9:50 am

2009 » July