Simon Willison’s Weblog

Quotations in Nov, 2007

Filters: Type: quotation × Year: 2007 × Month: Nov ×


Simply put, free and open-source software is just the scientific model applied to programming: free sharing of work open collaboration; open publication; peer review; recognition of the best work, with priority given to the first to do a meaningful new piece of work; and so forth. As a programmer, it is the best arena in which to work. There are no secrets; the work must stand on its own.

Dave Shields # 30th November 2007, 11:47 pm

What do we call personal information management when it moves into shared online spaces? I asked myself that question, and the answer that came back was: social information management.

Jon Udell # 27th November 2007, 10:05 pm

I can’t help feel that BDD is a case of a bad idea spreading; the motivations for BDD are fine (a change in developer testing workflow), but the technique they use to try to reach the desired workflow is totally bizarre.

Ian Bicking # 27th November 2007, 7:16 pm

Web design is the creation of digital environments that facilitate and encourage human activity; reflect or adapt to individual voices and content; and change gracefully over time while always retaining their identity.

Jeffrey Zeldman # 20th November 2007, 11:44 pm

I think it is well established that HTTP Authentication needs a major kick in the ass and OpenID and OAuth may get us most of the way there. However, until I see RFC#s attached to both I’m hardly going to consider them to be complete. I propose the creation of an IETF WG on Identity and Authentication. The WG would be chartered to produce two RFCs covering each of the two areas. OpenID and OAuth could be used to seed the WG effort.

James Snell # 18th November 2007, 12:15 am

I don’t understand why the NSA was so insistent about including Dual_EC_DRBG in the standard. It makes no sense as a trap door: It’s public, and rather obvious. It makes no sense from an engineering perspective: It’s too slow for anyone to willingly use it. And it makes no sense from a backwards-compatibility perspective: Swapping one random-number generator for another is easy.

Bruce Schneier # 16th November 2007, 10:25 am

In the long term, I want to replace JavaScript and the DOM with a smarter, safer design. In the medium term, I want to use something like Google Gears to give us vats with which we can have safe mashups. But in the short term, I recommend that you be using Firefox with No Script. Until we get things right, it seems to be the best we can do.

Douglas Crockford # 7th November 2007, 3:36 pm

But here’s the thing: Regular people on the web *love* Snap previews. I know you don’t believe it—I didn’t want to believe it. But it’s completely true. In the testing and feedback I’ve seen, it’s some emotional pull about the fact that links “do something” now, instead of just being on the page.

Anil Dash # 2nd November 2007, 6:49 am

The Web Application Scale of Stupidity goes from OGF (One Giant Function) to OOP (Object Oriented Programming), like this: OGF ——– sanity ——— OOP

Cal Henderson (paraphrased) # 2nd November 2007, 6:23 am