Simon Willison’s Weblog

Blogmarks in Dec

Filters: Type: blogmark × Month: Dec ×

Cybersecurity Campaign Playbook (via) “The information assembled here is for any campaign in any party. It was designed to give you simple, actionable information that will make your campaign’s information more secure from adversaries trying to attack your or-ganization—and our democracy.” # 3rd December 2017, 7:22 pm

Breaking Cliques at Events. Eric proposes a new guideline for long-running conferences, which have a tendency to form somewhat insular cliques of the attendees who have been going the longest: “For every year you have attended the event, you should try to meet that many new people each day.” # 3rd December 2017, 1:51 am

Python 3 Readiness (via) 345 of the 360 most popular Python packages are now compatible with Python 3. I’d love to see a version of this graph over time. # 2nd December 2017, 11:13 pm

Django 2.0 released. The first version of Django to drop support for Python 2. I’ve been running the RC on my blog for the past 5 weeks and greatly enjoying the new mobile-optimized Django admin for posting links and quotations from my phone. The new simplified URL routing syntax (an optional alternative to regular expressions) is a very welcome improvement. # 2nd December 2017, 4:49 pm

URL Design. Thoughtful tips on modern URL design, from GitHub designer Kyle Neath. GitHub has the best designed URLs of any application I can think of. # 31st December 2010, 10:03 am

Audio Sprites (and fixes for iOS). Remy Sharp on the limitations of HTML5 audio support in iOS. # 23rd December 2010, 8:04 pm

OpenCorporates (via) “The Open Database Of The Corporate World”—a URL for every UK company. # 22nd December 2010, 11:52 am

HotQueue. A super-simple Python work queue using Redis. The API is neat, and makes clever use of generators for blocking consumption of queue items. # 22nd December 2010, 11:51 am

Instapaper requiring email and passwords for new accounts. Instapaper are changing from their novel “enter a username or email address, only enter a password if you really want one” registration scheme to a more traditional email and password required model. Messing with registration forms is a risky business—in this case, the non-obvious support issues that resulted were a net negative. # 15th December 2010, 8:35 pm

24 ways: Extreme Design. Hannah Donovan on the design process that has evolved from multiple /dev/fort expeditions. # 10th December 2010, 10:08 am

Spacelog: space exploration stories from the original transcripts. The product of the most recent /dev/fort outing—a beautiful, web-native interface for browsing the NASA transcripts from the Apollo 13 and Mercury 6 missions (more to come). Every key moment has a URL. # 10th December 2010, 10:07 am

Tracking Every Release. How Etsy use Graphite to monitor their continuous deployment releases. # 10th December 2010, 10:04 am

Indexing JSON in Solr 3.1. The next release of Solr will support indexing documents provided as JSON—Solr currently requires incoming documents to be formatted as XML. # 10th December 2010, 9:46 am

Google and Microsoft Cheat on Slow-Start. Should You? Fascinating optimisation tricks by some of the big websites, which violate the RFC governing the TCP slow-start algorithm in order to perform better in the common case. # 3rd December 2010, 7:03 pm

Google Maps and Label Readability. Obsessively detailed analysis of exactly what makes Google Maps so readable when compared to Yahoo! and Bing. # 3rd December 2010, 5:08 pm

Web Sockets in Tornado. Bret Taylor has a simple class making it trivial to experiment with the Web Sockets protocol (now shipping in Chrome) using the scalable Tornado application server. He also raises the million dollar question: what will existing load balancers and proxies make of the new protocol? # 31st December 2009, 11:54 am

Showstopper! The Improvised Musical. Went to see this last night with some friends—they really do improvise an entire musical (a surprisingly good one, with catchy new songs and three part harmonies) based entirely on user suggestions. They have shows coming up in Brighton and Bath, thoroughly recommended. # 31st December 2009, 9:36 am

Newzald: From Moleskine to Market. A typeface designer describes the process involved in designing a new font and taking it to market. # 31st December 2009, 9:24 am

qTip. Advanced tooltip plugin for jQuery, including borders and pointers created using CSS. Very flexible (we used this for the latest MP expenses application) but a little on the heavy side, weighing in at 38KB when minified. # 30th December 2009, 6:23 pm

tipsy. Simple Facebook-style tooltip plugin for jQuery. # 30th December 2009, 6:21 pm

jsondns. A JSONP API for making DNS queries, with a nice URL structure. # 30th December 2009, 5:37 pm

Intercepting Predator Video. Bruce Schneier’s take on the unencrypted Predator UAV story. A fascinating discussion of key management and the non-technical side of cryptography. # 24th December 2009, 9:26 pm

Orderly JSON. Essentially the JSON equivalent of RelaxNG’s compact syntax—a pleasant mini-language for describing JSON objects which compiles to the more verbose JSONSchema format. # 23rd December 2009, 2:44 pm

The Dangers of Clickjacking with Facebook. theharmonyguy compiled a list of actions that can be triggered on Facebook by a single click, and hence are vulnerable to clickjacking attacks. The list includes authorising malicious applications, posting links to profiles, sending friend requests and sending messages to other users. Why don’t Facebook include frame busting JavaScript on every page? # 23rd December 2009, 10:20 am

PostgreSQL 8.5alpha3 now available. “Hot Standby, allowing read-only connections during recovery, provides a built-in master-slave replication solution.” Woohoo! # 23rd December 2009, 9:57 am

Socket Benchmark of Asynchronous Servers in Python. A comparison of eight different asynchronous networking frameworks in Python. Tornado comes out on top in most of the benchmarks, but the post is most interesting for the direct comparison of simple code examples for each of the frameworks. # 22nd December 2009, 10:34 pm

The Worst Ideas of the Decade: Vaccine scares. “The movement blaming vaccines for causing autism emerged in the early 2000s, and it was one of the most catastrophically horrible ideas of the decade.” # 22nd December 2009, 9:17 pm

New Redis ZINCRBY command (via) Just added to Redis, a command which increments the “score” for an item in a sorted set and reorders the set to reflect the new scores. Looks ideally suited to real time stats, and I’m sure there are plenty of other exciting uses for it. # 22nd December 2009, 8:38 pm

New Facebook clickjacking attack in the wild. I’m not sure why Facebook don’t use frame-busting JavaScript to avoid this kind of thing. The attack is pretty crafty—a Facebook page is positioned with everything obscured bar part of the blue “share this” button, and a fake “Human Test” asks the user to find and click the blue button to continue. # 22nd December 2009, 6:52 pm

Django | Multiple Databases. Russell just checked in the final patch developed from Alex Gaynor’s Summer of Code project to add multiple database support to Django. I’d link to the 21,000 line changeset but it crashed our Trac, so here’s the documentation instead. # 22nd December 2009, 5:22 pm