Simon Willison’s Weblog

The Tablet. John Gruber further demonstrates his mastery of long-form blogging. It’s reassuring to know that he started putting the notes for this entry together way back on the 24th of September.

# 3:49 am / apple, blogging, essays, john-gruber, osx, tablet

countdown_to_newyear.py. A quick Python / OS X script I knocked up last night to count in the new year (using the OS X “say” command).

# 4:24 pm / code, newyear, osx, projects, python, say, scripts

Videos from DjangoCon 2009. The videos from September's DjangoCon are now available, including my "Cowboy development with Django" talk (also on the Internet Archive).

I talked about building Wildlife Near You on a /dev/fort trip to Alderney and the MP's expenses project at the Guardian.

# 11:02 am / conferences, django, djangocon, python, the-guardian, videos, wildlifenearyou

Balsamiq: A look back at 2009. Peldi Guilizzoni from Balsamiq shares some numbers from 2009—$1.1 million profit on $1.6 million revenue, with a team of three people.

# 12:13 pm / balsamiq, money, peldiguilzzoni, startups

Self-Proclaimed Social Media Gurus on Twitter Multiplying Like Rabbits (via) 15,740 of them, including 2,091 social media consultants, 807 social media experts, 445 social media gurus and 68 social media stars.

# 1:49 am / funny, social-media, twitter

PythonInterface—OpenCV (via) OpenCV’s new Python interface looks very nice. I’d love to see some full fledged examples of using it to solve real-world computer vision problems.

# 11:33 am / computer-vision, opencv, python

Design and code review requested for Django string signing / signed cookies. Do you know your way around web app security and cryptography (in particular signing things using hmac and sha1)? We’d appreciate your help reviewing the usage of these concepts in Django’s proposed string signing and signed cookie implementations.

# 1:24 pm / codereview, cryptography, django, hashing, hmac, python, security, sha1

Timing attack in Google Keyczar library. An issue I also need to fix in the proposed Django signing code. If you’re comparing two strings in crypto (e.g. seeing if the provided signature matches the expected signature) you need to use a timing independent string comparison function or you risk leaking information. This kind of thing is exactly why I want an audited signing module in Django rather than leaving developers to figure it out on their own.

# 3:23 pm / cryptography, django, keyczar, python, security, signing, timing-attack

FleetDB (via) Yet Another Key-Value Store: Schema-free, JSON protocol, everything cached in RAM, append-only log for durability, multi-record transactions... but what’s really interesting about this one is that it’s written in Clojure and takes full advantage of that language’s concurrency primitives. The prefix operators used by the select API hint at its Lisp heritage.

# 11:21 am / clojure, databases, fleetdb, keyvaluestore, lisp, nosql

rlisagor’s freshen. A Python clone of Ruby’s innovative Cucumber testing framework. Tests are defined as a set of plain-text scenarios, which are then executed by being matched against test functions decorated with regular expressions. Has anyone used this or Cucumber? I’m intrigued but unconvinced—are the plain text scenarios really a useful way of defining tests?

# 7:30 pm / bdd, cucumber, freshen, python, ruby, testing, unittests

Vintage Ad Browser. Fantastic. 100,000+ vintage advertisements scanned and organised by date and topic, going all the way back to the 1840s and covering every decade in between. An absolute gold mine.

# 9:04 am / ads, advertising, archive, design, history

The Maximal Usage Doctrine for Open Source. Yehuda Katz shares my own philosophy on Open Source licensing—stick BSD or MIT on it to maximise the number of people who can use it. The projects I work on are small enough that I don’t care if someone makes big private improvements and refuses to share them. I can see how much larger projects like Linux would disagree though.

# 5:23 pm / bsd, licenses, linux, mit, open-source, yehuda-katz

Current State of Unladen Swallow (Towards a Faster Python). The Unladen Swallow team are now planning to merge their work back in to the mainline Python 3 branch, adding a powerful incentive for Python developers to port their old Python 2 code (since the official Python 2.x line is extremely unlikely to have Unladen Swallow merged in to it).

# 12:41 pm / python, python3, unladenswallow

last.fm for television. Dale Lane’s neat hack to visualise his television watching habits. An Ubuntu / vdx home theatre stores TV events in SQLite, and graphs are generated using Python and Open Flash Chart 2. The really clever bit: the back-end captures nearby bluetooth IDs’ allowing events to be filtered by the people watching based on the presence of their mobile phones.

# 7:28 pm / dalelane, graphs, lifetracking, python, sqlite, tv, ubuntu, vdx, visualisation

What’s new in Django 1.2 alpha 1 (via) Multiple database support, improved CSRF prevention, a messages framework (similar to the Rails “flash” feature), model validation, custom e-mail backends, template caching for much faster handling of the include and extends tags, read only fields in the admin, a better if tag and more. Very exciting release.

# 7:31 pm / alpha, csrf, django, django-admin, python, releases

russell davies: datadecs. Personalised christmas decorations made from data from Twitter, Doppler, last.fm and Flickr. The Twitter snowman came from a 3D printer—the size of the head varies depending on your number of followers. Best of all though is the Flickr decoration which represents the apertures you’ve used over the past year.

# 9:58 pm / 3dprinters, datadecs, dopplr, flickr, lastfm, russell-davies, twitter, visualisation

BLPOP and BRPOP in Redis. Added over Christmas—Redis now has blocking list pop operations. This means you can use Redis to drive a queue server without the need for polling—simply BLPOP against a key and, if it’s empty, your client will block until another client pushes an item on to the list. Multiple clients can block against the same key and only the first client will return when an item becomes available.

# 10:50 pm / blocking, queues, redis

GPS and Relativity (via) GPS satellite clock ticks need an accuracy of 20-30 nanoseconds. The satellites move fast enough that their clocks fall behind by 7 microseconds a day due to time dilation, but orbit high enough that the curvature of spacetime due to the Earth’s mass puts them forward by another 45 microseconds. GPS receivers have to perform relativistic calculations to determine their location!

# 9:17 am / gps, maths, physics, relativity, spacescience

For the Love of Ponies. Bryan Veloso, the discoverer of the Django Pony, makes contact with the artist who released the original drawing on iStockPhoto.

# 12:05 pm / bryanveloso, django, djangopony, istockphoto, python

jQuery 1.4 Released. With comprehensive release notes. Huge performance improvements and a ton of very sensible enhancements to the API—far too many to summarise.

# 10:37 pm / javascript, jquery, releasenotes

WildlifeNearYou: Help identify animals in other people’s photos. The first of a number of crowdsourcing-style features we have planned for WildlifeNearYou—users can now help identify the animals in each other’s photos, and photo owners get a simple queue interface to approve or reject the suggestions.

# 1:35 am / crowdsourcing, projects, wildlifenearyou

Locations of Ancient Woolworths Stores follow Precise Geometrical Pattern. Excellent send-up of shoddy science reporting.

# 2:51 pm / ben-goldacre, funny, satire, science

If You Don’t Date Your Work, It Sucks. I learnt this lesson the hard way, when I realised that I had no idea exactly what year I created my earliest web-facing projects.

# 5:46 pm / archives, dates, year

Crayola Crayon Colors Multiply Like Rabits. “In 1903, Crayola had eight colors in its standard package. Today, there are 120”—and here’s a brilliantly designed infographic showing how it happened.

# 2:44 pm / colour, crayola, design, infographics

owlsnearyou.com. Nat and I built this over the weekend. It asks for your location, then tells you where your nearest Owl is (using sightings data people have entered on WildlifeNearYou.com). If you’re using Firefox 3.6 or an iPhone it grabs your location using the W3C geolocation API so you don’t have to type anything at all.

# 2:45 pm / geolocation, iphone, owls, owlsnearyou, projects, wildlife, wildlifenearyou

Owls, Otters, Monkeys and Lions Near You.com. It’s not just Owls—we also registered ottersnearyou.com, monkeysnearyou.com and lionsnearyou.com. We’ll probably stop there though, or this could turn in to a very expensive marketing gimmick.

# 2:54 pm / lions, monkeys, otters, owls, projects, wildlife, wildlifenearyou

A successful Git branching model (via) This looks eminently sensible. The master branch is used for production-ready code, and is only updated by merging from either release branches or emergency hotfix branches. A develop branch is used for integration (from feature branches), and is branched to create release branches when a release is nearly ready. It’s all comprehensively documented and comes with some well-designed diagrams.

# 7:30 pm / branching, development, git, process