Blogmarks
Filters: Sorted by date
Bees with machine guns! Low-cost, distributed load-testing using EC2. Great name for a useful project—Bees with machine guns is a Fabric script which fires up a bunch of EC2 instances, uses them to load test a website and then spins them back down again.
Bleach, HTML sanitizer and auto-linker. HTML sanitisation is notoriously difficult to do correctly, but Bleach (a Python library) looks like an excellent effort. It uses the html5lib parsing library to deal with potentially malformed HTML, uses a whitelist rather than a blacklist and has a neat feature for auto-linking URLs that is aware of the DOM (so it won’t try to auto-link a URL that is already wrapped in a link element). It was written by the Mozilla team for addons.mozilla.org and support.mozilla.org so it should be production ready.
Firesheep (via) Oh wow. A Firefox extension that makes sniffing for insecured (non-HTTPS) cookie requests on your current WiFi network and logging in as that person a case of clicking a couple of buttons. Always possible of course, but it’s never been made easy before. Private VPNs are about to become a lot more popular.
Linked Data at the Guardian. The Guardian’s Open Platform API can now be queried by MusicBrainz ID and ISBN, opening up some extremely useful new types of query.
jQuery 1.4.3 Released. Once again, the thing that impresses me most about this jQuery release is how stable the core API is. Hardly any new methods added, but the existing methods are made faster, more flexible and more predictable. The same as been true for the past several releases as well. It just keeps getting more and more polished.
PostgreSQL: 5 Minutes to Binary Replication. The missing manual.
Annotated backbone.js. Literate programming.
Backbone.js. As should be expected for a DocumentCloud project, Backbone is a concise, elegant and educational take on the JavaScript MVC pattern. Depends on Underscore.js and plays well with jQuery.
Tuning Canabalt. Fascinating insight in to the game parameter tuning needed to make a game feel just right.
Dark Patterns: Forced Continuity example, Audible.com. Dark Patterns are user interfaces that are designed to trick people. I just submitted Audible.com for their habit of signing up users for a $7.49 “gold membership” without making it clear on the checkout screens that this is a recurring monthly charge, not a one-off payment.
PaintbrushJS. Impressive open source JavaScript library from Dave Shea for applying image filters (sharpen, blur, emboss, greyscale etc) to the canvas element.
What is a Polyfill? Useful new term: a Polyfill is “a shim that mimics a future API providing fallback functionality to older browsers”.
Schneier on Stuxnet. Stuxnet now rivals Wikileaks as the real life plot most likely to have leaked from science fiction.
What is the Open Web? Tantek Çelik describes the three pillars of the open web: open publishing of content, freedom to code and implement the standards needed to access that content and open access to that content over an unfiltered internet.
“Last I heard Google’s search index was sharded by document rather than by term.”. Fascinating comment by jasonwatkinspdx on Hacker News.
The 100-year leap. John Graham-Cumming recounts the history of Charles Babbage’s Difference Engine and Analytical Engine, and proposes a project to build a working Analytical Engine 170 years after its invention (the machine built by the Science Museum in London is the Difference Engine).
My First Week with the iPhone. A blind user describes the experience of using VoiceOver on the iPhone, including the joy of discovering the Color Identifier app which speaks the names of colours picked up by the iPhone’s camera. “ I used color cues to find my pumpkin plants, by looking for the green among the brown and stone. I spent ten minutes looking at my pumpkin plants, with their leaves of green and lemon-ginger.”
Facebook’s Instant Personalization: An Analysis of Fundamental Privacy Flaws (via) Oh FFS. “Instant Personalization” means you visit one of Facebook’s “partner websites” and Facebook instantly tells them your full identity and gives them access to full Facebook connect functionality—without you performing any action other than visiting the site. This will not end well.
Velocity: Forcing Gzip Compression. Almost every browser supports gzip these days, but 15% of web requests have had their Accept-Encoding header stripped or mangled, generally due to poorly implemented proxies or anti-virus software. Steve Souders passes on a trick used by Google Search, where an iframe is used to test the browser’s gzip support and set a cookie to force gzipping of future pages.
evercookie—virtually irrevocable persistent cookies (via) Mischievous genius from the chap who created the MySpace worm—evercookie attempts to set an irrevocable cookie using a whole bunch of different methods, including “storing cookies in RGB values of auto-generated, force-cached PNGs using HTML5 Canvas tag to read pixels back out” and an extremely clever scheme built on top of the web history CSS visited link colour vulnerability.
Google Chrome Frame: Stable and Speedy (via) “Today, we’re very happy to take the Beta tag off of Google Chrome Frame and promote it to the Stable channel.”—MSI installer included, for IT administrators to easily deploy Chrome Frame to multiple machines.
I pushed 20 more of my projects to GitHub. Some great Node.js stuff here from Peteris Krumins, including modules for processing PNG, JPEG and animated GIFs.
ijson. A SAX-style streaming JSON parser for Python, using ctypes to talk to the yajl C library.
A Gentle Introduction to CouchDB for Relational Practitioners. By “High Performance MySQL” author Baron Schwartz—a smart, concise overview that touches pretty much everything that’s interesting about CouchDB.
Creating Shazam in Java. Using a Fast Fourier Transformation.
Welcome to Lanyrd | The Lanyrd Blog. We’ve started a blog for Lanyrd, our social conference directory project. We’re off to a great start: “Lanyrd is now listing 1,508 conferences and 5,167 individual speaker profiles. 5,637 people have signed in to the site and made 13,293 edits to our data.”
ZeroMQ: Modern and Fast Networking Stack. I get ZeroMQ now. I was having trouble figuring out how it differed from things like RabbitMQ—it turns out it’s an entirely new low-level socket abstraction, designed to make common socket programming tasks like message sending/receiving and publish/subscribe a whole lot easier than dealing with raw BSD sockets.
Vox is closing on September 30, 2010. One month seems like very short notice for closing a service of this size, especially since it functions as an OpenID provider so in addition to migrating their content away users may need to sign in to other services and set up an alternative form of authentication. UPDATE: From the comments, Vox accounts that migrate to TypePad will also have their OpenID migrated, and TypePad will continue to serve OpenID requests for old vox.com addresses. Smart solution.
The Seven Secrets of Successful Data Scientists. Some sensible advice, including pick the right sized tool, compress everything, split up your data, use open source and run the analysis where the data is.
Setting up Munin on Ubuntu. Useful guide to setting up my favourite graphing/monitoring tool for personal projects.