Items in Oct, 2008
Filters: Year: 2008 × Month: Oct × Sorted by date
Yahoo, Caja, OpenSocial. Yahoo!’s new application platform uses OpenSocial, and protects itself from malicious JavaScript using Google’s Caja secure JavaScript engine. I hadn’t realised that Caja was ready for production use—this is excellent news. # 30th October 2008, 5:14 pm
New OpenID Implementations Abound. I’ve missed linking to a bunch of OpenID news recently—in particular, Google Accounts are becoming OpenID identifiers and LiveJournal has quietly ugraded its consumer support to OpenID 2.0. # 30th October 2008, 5:11 pm
In the final Production release we will be adding the ability to sign in to the Live ID OpenID Provider using any of the credential types that can be used with regular Live ID sign-in’s -- including CardSpace, SmartCard, eID, etc.
— Jorgen Thelin # 30th October 2008, 5:09 pm
Ghostly fingers of APIs. Phil Gyford has a lovely diagram of the sites that he updates manually and the surprisingly large number of other sites that they affect. # 30th October 2008, 5:08 pm
Zeppelin 101 in 5 mins (via) Ribot videoed my five minute lightning talk on Zeppelins at last night’s Skillswap Brighton. # 30th October 2008, 5:05 pm
JSSpeccy. A ZX Spectrum emulator written in Javascript. # 29th October 2008, 5:25 pm
I’m really typecasting myself here. If there were an international “Person most likely to write a Spectrum emulator in Javascript” award, I’d have taken it for the last five years running.
— Matt Westcott # 29th October 2008, 5:24 pm
Where I’m actually living in augmented reality, Jefferson Airplane and what does this mean for photos. Rev Dan Catt takes us to the future. # 27th October 2008, 11:53 pm
GeoCouch: Geospatial queries with CouchDB. Interesting approach: uses “external2”, a branch that allows external services to be called from CouchDB. SQLite’s SpatiaLite extension is then used as an external spacial index. # 27th October 2008, 11:48 pm
typeface.js. Outstanding hack—renders custom fonts using VML in IE and canvas in everything else, using fonts that are defined as a set of vector paths stored using JSON. # 27th October 2008, 11:45 pm
Windows Live Adds Support For OpenID. I hope they include the option to log in to the provider using CardSpace, to address phishing. # 27th October 2008, 9:34 pm
Web Security Horror Stories: The Director’s Cut. Slides from the talk on web application security I gave this morning at <head>, the worldwide online conference. I just about managed to resist the temptation to present in my boxers. Topics include XSS, CSRF, Login CSRF and Clickjacking. # 26th October 2008, 12:15 pm
YouTube Enables Deep Linking Within Videos. Add #t=1m45s to the end of a YouTube URL to jump to that spot. I’d be a lot more impressed by this if visiting a YouTube link in the UK didn’t use IP geo targetting to redirect me to uk.youtube.com, losing the fragment identifier and hence the #t specifier in the process. # 26th October 2008, 8:28 am
The key thing to remember is that REST is about building software that scales to usage on the World Wide Web by being a good participant of the Web ecosystem. Ideally a RESTful API should be designed to be implementable by thousands of websites and consumed by hundreds of applications running on dozens of platforms with zero coupling between the client applications and the Web services.
— Dare Obasanjo # 24th October 2008, 1:39 pm
Inside guardian.co.uk: Upgrading our RSS feeds. The Guardian now offers full-content RSS feeds of pretty much everything for which we have the necessary rights (no ads yet, but they’ll be added soon). Adding “/rss” to the URL in various places on the site will get you feeds for sections, subjects, contributors and more. # 24th October 2008, 11:08 am
Trying out Windows on EC2. Phillip Pearson provides the missing documentation. # 24th October 2008, 9:57 am
Freebase Hack Day. I’m finding Freebase increasingly interesting at the moment, and their public hack day on the 8th November in San Francisco looks like it could be a lot of fun. They’ll be previewing Acre, a new server-side JavaScript application platform targeted at building Freebase powered applications. Hit “view source” at the bottom of the hack day site to see what an Acre app looks like. # 24th October 2008, 12:06 am
CSSHttpRequest (via) Devious cross-domain Ajax hack that uses CSS for transport (@import rules with data URIs, but it still works in IE). Similar to JSONP but safer, since JSONP can cause arbitrary JavaScript to execute. # 23rd October 2008, 6:25 pm
Learning to Fear the Semantic Web. Paul Ford raises the liability issue with regards to building sites around other people’s metadata, pointing out that OpenCalais is owned by Thomson Reuters who have a bad track record with regards to intellectual property lawsuits elsewhere in the organisation. # 23rd October 2008, 4:14 pm
Windows Server and SQL Server on EC2 (via) Launched today, the pricing includes rental of the Windows license. Regular Windows is 25% to 50% more expensive than Linux, but SQL Server comes in at a hefty $1.10 per hour, which is $9636 per year (nearly three times as much as a Linux server running an open source database). # 23rd October 2008, 3:54 pm
FriendFeed launch a real-time API. This is huge: JSONP plus long polling Comet, with “everything since X” tokens to ensure you don’t miss anything. This is the first open Comet API I’ve seen anywhere. Combine this with FriendFeed’s regular API (which allows arbitrary message posting) and you’ve got a really powerful tool for hackers who want to experiment with Comet without rigging up their own infrastructure. # 22nd October 2008, 2:18 pm
Government in the UK once lead the world in it’s own information systems, breaking Enigma, documenting an empire’s worth of trade. And then it fired everyone who could do those things, or employed them only via horribly expensive consultancies. It is time to start bringing them back into the corridors of power.
— Tom Steinberg # 21st October 2008, 10:29 pm
Animated Sorting Algorithms (via) JavaScript animations of various sorting algorithms, running against four different initial conditions (random, nearly ordered, reversed and few unique). I wish I’d had this during my computer science degree. # 21st October 2008, 12:17 am
From Scandinavia with Love. Finnish security company F-Secure conduct testing of wireless cell phone viruses in a walk-in Faraday cage. # 20th October 2008, 11:47 pm
lns (via) “a friendly program for making symbolic links”—it’s ln -s but it does the right thing no matter what order you put the arguments in. Love it. # 20th October 2008, 11:42 pm
Beanstalkd / Python Basic Tutorial. How to get up and running quickly with my favourite light-weight queue server. If only it had persistence... # 20th October 2008, 11:40 pm
The Universal Design Pattern. Steve Yegge presents a small book on key/value pairs and prototypal inheritance. “I call it the Universal design pattern because it is (by far) the best known solution to the problem of designing open-ended systems, which in turn translates to long-lived systems.” # 20th October 2008, 11:13 pm
Response Splitting Risk. Important reminder that you should always ensure strings used in HTTP headers don’t contain newlines. # 19th October 2008, 11:58 pm
Magnificent Seven—the value of Atom. The seven core things that Atom solves so that you don’t have to. # 19th October 2008, 10:24 pm
Bloom Filter Resources. A continuation of the discussion about how to transfer information about a large number of recently updated resources around in an efficient way, Joe provides working code illustrating a simple approach using bloom filters. # 19th October 2008, 10:22 pm