Simon Willison’s Weblog

Items in Aug, 2009

Filters: Year: 2009 × Month: Aug ×


Armadillo Cam—Armadillo Running and Sniffing Small Shrub. From the awesome Museum of Animal Perspectives. # 28th August 2009, 10:38 am

“MongoDB is fantastic for logging”. Sounds tempting... high performance inserts, JSON structured records and capped collections if you only want to keep the past X entries. If you care about older historic data but still want to preserve space you could run periodic jobs to roll up log entries in to summarised records. It shouldn’t be too hard to write a command-line script that hooks in to Apache’s logging directive and writes records to MongoDB. # 26th August 2009, 7:09 pm

Tile Drawer (via) The most inspired use of EC2 I’ve seen yet: center a map on an area, pick a Cascadenik stylesheet URL (or write and link to your own) and Tile Drawer gives you an Amazon EC2 AMI and a short JSON snippet. Launch the AMI with the JSON as the “user data” parameter and you get your own OpenStreetMap tile rendering server, which self-configures on startup and starts rendering and serving tiles using your custom design. # 26th August 2009, 9:32 am

Static Maps API v2. The new version of the Google Static Maps API (static images generated using arguments in a URL, no JavaScript required) adds support for paths, areas and automatically geocoding addresses to specify locations of markers and the centre of the map. # 26th August 2009, 9:01 am

Introducing Amazon Virtual Private Cloud (VPC). Amazon now let you create a network of private EC2 instances completely isolated from the internet and the rest of the EC2 cloud, then link them back to your home network via a VPN. # 26th August 2009, 8:42 am

Exploring OAuth-Protected APIs. One of the downsides of OAuth is that it makes debugging APIs in your browser much harder. Seth Fitzsimmons’ oauth-proxy solves this by running a Twisted-powered proxy on your local machine which OAuth-signs every request going through it using your consumer key, secret and tokens for that API. Using it with a browsers risks exposing your key and token (but not secret) to sites you accidentally browse to—it would be useful if you could pass a whitelist of API domains as a command line option to the proxy. # 23rd August 2009, 11:06 am

We completely understand the public’s concern about futuristic robots feeding on the human population, but that is not our mission.

Harry Schoell, CEO of Cyclone # 23rd August 2009, 10:51 am

Bokode (via) New take on the humble barcode from the MIT Media Lab—Bokodes are 3mm wide but can be read at a distance by a regular digital camera lens using out of focus photography, exploiting the bokeh effect. The way in which the Bokode is read allows both distance and relative angle to the camera to be derived, making it ideal for Augmented Reality systems. # 23rd August 2009, 10:29 am

For those who haven’t heard the story the details were pulled from a Christian dating site db.singles.org which had a query parameter injection vulnerability. The vulnerability allowed you to navigate to a person’s profile by entering the user id and skipping authentication. Once you got there the change password form had the passwords in plain text. Someone wrote a scraper and now the entire database is on Mediafire and contains thousands of email/password combinations.

rossriley on Hacker News # 23rd August 2009, 10:10 am

Facebook Hacked By 4chan, Accounts Compromised. It wasn’t Facebook that got hacked: 4chan members got hold of a list of usernames and passwords from an insecure Christian dating site and started using them to raise complete hell. Yet another demonstration that storing your user’s passwords in the clear is extremely irresponsible, and also a handy reminder that regular users who “don’t have anything worth securing” actually have a great deal to lose if their password gets out. # 23rd August 2009, 10:02 am

svgweb. Awesome. I’ve been having a lot of fun with SVG for dynamic graphics recently (maps in particular), and hoping someone builds an SVG renderer in Flash so I could serve up SVG files for IE. Brad Neuberg and team have done exactly that. # 22nd August 2009, 10:42 pm

CSS 3: Progress! Alex Russell on the new exciting stuff going in to CSS 3 based on real-world implementations in the modern set of browsers. Of particular interest is the new Flexible Box specification, which specifies new layout primitives hbox and vbox (as seen in XUL) and is already supported by both WebKit and Gecko. # 22nd August 2009, 11:52 am

Dive Into HTML 5. Mark Pilgrim’s free online book on HTML 5—currently just one chapter on canvas (which neatly illustrates the coordinate system using a diagram rendered using canvas itself) but certain to become an invaluable resource for anyone looking to take advantage of HTML 5. # 20th August 2009, 2:40 pm

you seem to think i’m random, but i’m only psuedorandom. you would be exactly this way, were you seeded at the very same time and place.

_why # 20th August 2009, 10:26 am

Eulogy to _why. The pseudonymous hacker/artist _why has deleted his online presence, apparently moving on to other things. John Resig explains why _why has been such an inspiration. # 20th August 2009, 9:57 am

By Popular Demand, We’re Keeping the Term Extraction Service. Yahoo! aren’t shutting down the term extractor after all. On the one hand, this is a great decision—but this kind of back and forth (dare I say flip-flopping?) really doesn’t help encourage people to build against hosted APIs. # 19th August 2009, 11:44 am

How to find un-indexed queries in MySQL, without using the log (via) Use tcpdump(!) to sniff the MySQL protocol and dump out queries that had the “no index used” bit set. # 19th August 2009, 11:42 am

easy_install no longer working with SourceForge-hosted projects? Unsurprising, since installation software (which is often run as root) that crawls the web and scrapes HTML pages for download links is a horrible, horrible idea. # 19th August 2009, 11:38 am

Kung Fu People (via) The first site to launch based on the open source Django code from djangopeople.net! # 19th August 2009, 11:37 am

JavaScript cannot save you. Even if it could, you should not let it, for the price of this short-term salvation is the end of what you like about the web.

Alex Russell # 19th August 2009, 11:33 am

rather baffling finding: POST requests, made via the XMLHTTP object, send header and body data in separate tcp/ip packets [and therefore,] xmlhttp GET performs better when sending small amounts of data than an xmlhttp POST

Iain Lamb # 18th August 2009, 12:27 pm

It is amazing how much you can accomplish when it doesn’t matter who gets the credit.

Harry S Truman # 18th August 2009, 12:20 pm

Caching in ASP.NET with the SqlCacheDependency Class. Interesting cache invalidation concept: set up dependencies between cache entries and tables or rows in the database, then use triggers (which I presume are automatically created for you) to clear your cache. # 18th August 2009, 12:15 pm

Data Is Journalism: MSNBC.com Acquires Everyblock. Congratulations Adrian, Wilson and the team! Brady Forrest reports the acquisition within the larger context of the rise of data-driven journalism. # 18th August 2009, 12:10 pm

You Deleted Your Cookies? Think Again (via) Flash cookies last longer than browser cookies and are harder to delete. Some services are sneakily “respawning” their cookies—if you clear the regular tracking cookie it will be reinstated from the Flash data next time you visit a page. # 17th August 2009, 3:23 pm

On HTML 5 Drag and Drop. Francisco Tolmasky investigated HTML 5 drag and drop, which allows web apps to implement drag and drop between windows and between the browser and the desktop. He found a number of problems with the spec and proposes detailed solutions. # 17th August 2009, 12:31 pm

Microsoft backs long life for IE6. Oh FFS... “The software giant said it would support IE6 until 2014—four years beyond the original deadline.” # 14th August 2009, 2:53 pm

How do you install lxml on OS X Leopard without using MacPorts or Fink? I’ve asked on Stack Overflow... hope I get a good answer. # 14th August 2009, 1:04 pm

Last night I woke up at 2am and realized that there was a fundamental problem with cursor preservation in today’s real-time collaborative applications [...] MobWrite now has what I believe to be the most advanced cursor preservation algorithm available.

Neil Fraser # 14th August 2009, 10:38 am