328 items tagged “google”
2008
OurDelta Builds for MySQL (via) A community supported “alternative distro” of MySQL, incorporating new features from Google and other sources by maintaining a clean set of patches against the MySQL source tree (which I guess is why it’s not considered a fork). I recognise some of the patches from the excellent “High Performance MySQL, 2nd Edition”.
Clearing up inaccuracies about the Google OpenID IDP launch. Google took some undeserved flack when they launched their OpenID provider. For the record, whitelisting providers fits my definition of the “Open” in OpenID perfectly (providers and consumers are free to impose whatever policies they like).
Code your own election mashup with Google’s JSON data. The data that powered Google’s US election results map is available to download as a bunch of JSON files.
New OpenID Implementations Abound. I’ve missed linking to a bunch of OpenID news recently—in particular, Google Accounts are becoming OpenID identifiers and LiveJournal has quietly ugraded its consumer support to OpenID 2.0.
Why Google App Engine is broken and what Google must do to fix it. Aral Balkan describes a number of critical issues with App Engine. If you’re considering building something serious on it you need to read this article; I’ve run in to several of these problems myself just running toy projects on the platform. Here’s hoping they get addressed in the near future.
Logout/Login CSRF. Alf Eaton built an example page (this link goes to his description, not the page itself) that uses a login CSRF attack to log you in to Google using an account he has created. Scary.
Google’s Usability Research on Federated Login. Fascinating—suggests an approach to federated auth based on the Amazon.com “Yes, I have a password” login flow. Feels convoluted to me but apparently it tests really well against a mainstream audience. The more research shared around this stuff the better.
OAuth Playground (via) Neat OAuth API explorer from the Google Data APIs team.
YouTube: djangocon tag. Google have started posting videos of presentations at DjangoCon on YouTube.
DjangoCon and PyCon UK
September is a big month for conferences. DjangoCon was a weekend ago in Mountain View (forcing me to miss both d.Construct and BarCamp Brighton), PyCon UK was this weekend in Birmingham, I’m writing this from @media Ajax and BarCamp London 5 is coming up over another weekend at the end of this month. As always, I’ve been posting details of upcoming talks and notes and materials from previous ones on my talks page.
[... 446 words]Google wants your Hotmail, Yahoo and AOL contacts. And they’re using the password anti-pattern to get them! Despite both Yahoo! and Hotmail (and Google themselves; not sure about AOL) offering a safe, OAuth-style API for retrieving contacts without asking for a password. This HAS to be a communications failure somewhere within Google. Big internet companies stand to lose the most from widespread abuse of the anti-pattern, because they’re the ones most likely to be targetted by phishers. Shameful.
The story behind Google Chrome. Superbly researched by Niall Kennedy—a detailed overview of the staff and acquisitions that went in to Google Chrome.
We haven’t changed the name of the conference to “Over Quota”. Aral is having intermittent App Engine quota problems, which are proving impossible to debug. I had a similar problem with an App Engine app a while ago—the quota / debugging story really needs fixing.
The greatest coup Microsoft pulled with Internet Explorer was putting the word "Internet" in its name. It sits there, on the desktop of every new Windows computer, and it says "Internet". So you click it. [...] What better way to beat a browser with the word "Internet" in its name - a browser that seemingly can't be beat no matter how hard we try - than the Internet Company itself making a browser?
V8 Design Elements. High level design details of Google’s V8 JavaScript engine, including how it uses “hidden classes” to optimise object property lookups and a bit of information on the machine code generation and garbage collection.
Chromium. Google Chrome is out! Here’s the open source project, including the code for the new V8 JavaScript virtual machine.
Google Chrome, the comic book (via) Google have finally announced a browser project, though it’s currently vapourware (or rather comicware), existing only as a Scott McCloud comic. Still, it looks fascinating—entirely open source, WebKit with a brand new JavaScript VM, every tab running in a separate process for smarter memory usage and some new UI concepts and anti-pishing measures thrown in as well.
Google’s undocumented favicon to png convertor (via) Showing the favicon of a domain next to a link is a really nice trick, but it’s slightly tricky to achieve as IE won’t display a .ico file if you link to it from an img element, so you need to convert the images server-side. This undocumented Google API does that for you, meaning it’s much easier to add favicons as a feature to your site.
Gears for Safari Beta. “Chances are it will break your browser. Please proceed with caution.”
Keyczar (via) New open source cryptography toolkit from Google, designed to get algorithm selection, key rotation and versioning right so you don’t have to. Java and Python versions are available; the Python version depends on PyCrypto.
Underscores are now word separators, proclaims Google. I missed this story last year—the change was announced by Matt Cutts at WordCamp 2007.
knol: content w/out context, collaboration, capital, or coruscation. danah boyd: “A system that is driven by individualism quickly becomes a tool for self-promoters”
DjangoCon 2008. Venue: Gooleplex, San Francisco Bay Area. Dates: 6th and 7th Sept. Official post will be on djangoproject.com soon.
Question: how do you upgrade servers when you need to pass new information between them? It's a fool's game to try to upgrade both servers at the same time. So you need a communication protocol that is not only backward compatible (a new server can speak the old protocol) but also forward compatible (an old server can speak the new protocol). Protocol Buffers provide that because new additions to the protocol can be ignored by the old server.
Protocol Buffers: Google’s Data Interchange Format. Open sourced today. Highly efficient binary protocol for storing and transmitting structured data between C++, Java and Python. Uses a .proto file describing the data structure which is compiled to classes in those languages for serializing and deserializing. 3-10 times smaller and 20-100 times faster than XML.
ratproxy. “A semi-automated, largely passive web application security audit tool”—watches you browse and highlights potential XSS, CSRF and other vulnerabilities in your application. Created by Michal Zalewski at Google.
OAuth for Google Data APIs (via) Awesome. Now, how’s OAuth support shaping up over at Twitter (who are serious offenders when it comes to encouraging the password anti-pattern, despite Twitter engineers being key to the creation of the original OAuth spec)?
Google Trends for Websites: myspace.com,facebook.com. New fun tool from Google Trends.
There is a reason why Flickr eventually killed Yahoo! Photos and why it was decided that Google Video be relegated to being a search brand while YouTube would be the social sharing brand. The brand baggage and the accompanying culture made them road kill.
The X-Robots-Tag HTTP header. News to me, but both Google and Yahoo! have supported it since last year. You can add per-page robots exclusion rules in HTTP headers instead of using meta tags, and Google’s version supports unavailable_after which is handy for content with a known limited shelf-life.