Simon Willison’s Weblog

Subscribe
Atom feed for google

328 items tagged “google”

2008

OurDelta Builds for MySQL (via) A community supported “alternative distro” of MySQL, incorporating new features from Google and other sources by maintaining a clean set of patches against the MySQL source tree (which I guess is why it’s not considered a fork). I recognise some of the patches from the excellent “High Performance MySQL, 2nd Edition”.

# 8th December 2008, 4:20 pm / ourdelta, mysql, open-source, patches, highperformancemysql, google

Clearing up inaccuracies about the Google OpenID IDP launch. Google took some undeserved flack when they launched their OpenID provider. For the record, whitelisting providers fits my definition of the “Open” in OpenID perfectly (providers and consumers are free to impose whatever policies they like).

# 8th November 2008, 11:11 pm / whitelisting, openid, google

Code your own election mashup with Google’s JSON data. The data that powered Google’s US election results map is available to download as a bunch of JSON files.

# 6th November 2008, 8:24 pm / google, json, data, uselection

New OpenID Implementations Abound. I’ve missed linking to a bunch of OpenID news recently—in particular, Google Accounts are becoming OpenID identifiers and LiveJournal has quietly ugraded its consumer support to OpenID 2.0.

# 30th October 2008, 5:11 pm / openid, google, livejournal, openid2, martinatkins

Why Google App Engine is broken and what Google must do to fix it. Aral Balkan describes a number of critical issues with App Engine. If you’re considering building something serious on it you need to read this article; I’ve run in to several of these problems myself just running toy projects on the platform. Here’s hoping they get addressed in the near future.

# 3rd October 2008, 10 pm / google, appengine, aral-balkan, scalability

Logout/Login CSRF. Alf Eaton built an example page (this link goes to his description, not the page itself) that uses a login CSRF attack to log you in to Google using an account he has created. Scary.

# 24th September 2008, 10:18 pm / google, alf-eaton, security, csrf, logincsrf

Google’s Usability Research on Federated Login. Fascinating—suggests an approach to federated auth based on the Amazon.com “Yes, I have a password” login flow. Feels convoluted to me but apparently it tests really well against a mainstream audience. The more research shared around this stuff the better.

# 22nd September 2008, 8:56 pm / google, usability, openid, login, amazon, authentication, federated

OAuth Playground (via) Neat OAuth API explorer from the Google Data APIs team.

# 20th September 2008, 4:40 pm / oauth, apis, google, google-data

YouTube: djangocon tag. Google have started posting videos of presentations at DjangoCon on YouTube.

# 16th September 2008, 2:43 am / google, youtube, django, python, djangocon

DjangoCon and PyCon UK

September is a big month for conferences. DjangoCon was a weekend ago in Mountain View (forcing me to miss both d.Construct and BarCamp Brighton), PyCon UK was this weekend in Birmingham, I’m writing this from @media Ajax and BarCamp London 5 is coming up over another weekend at the end of this month. As always, I’ve been posting details of upcoming talks and notes and materials from previous ones on my talks page.

[... 446 words]

Google wants your Hotmail, Yahoo and AOL contacts. And they’re using the password anti-pattern to get them! Despite both Yahoo! and Hotmail (and Google themselves; not sure about AOL) offering a safe, OAuth-style API for retrieving contacts without asking for a password. This HAS to be a communications failure somewhere within Google. Big internet companies stand to lose the most from widespread abuse of the anti-pattern, because they’re the ones most likely to be targetted by phishers. Shameful.

# 15th September 2008, 10:39 am / shameful, google, passwordantipattern, oauth, aol, yahoo, hotmail, ffs, security, phishing

The story behind Google Chrome. Superbly researched by Niall Kennedy—a detailed overview of the staff and acquisitions that went in to Google Chrome.

# 4th September 2008, 1:50 am / chrome, google, niallkennedy

We haven’t changed the name of the conference to “Over Quota”. Aral is having intermittent App Engine quota problems, which are proving impossible to debug. I had a similar problem with an App Engine app a while ago—the quota / debugging story really needs fixing.

# 3rd September 2008, 1:37 pm / aral-balkan, appengine, google

The greatest coup Microsoft pulled with Internet Explorer was putting the word "Internet" in its name. It sits there, on the desktop of every new Windows computer, and it says "Internet". So you click it. [...] What better way to beat a browser with the word "Internet" in its name - a browser that seemingly can't be beat no matter how hard we try - than the Internet Company itself making a browser?

Tom Armitage

# 3rd September 2008, 10:19 am / microsoft, tom-armitage, google, browsers, ie, chrome

V8 Design Elements. High level design details of Google’s V8 JavaScript engine, including how it uses “hidden classes” to optimise object property lookups and a bit of information on the machine code generation and garbage collection.

# 2nd September 2008, 11:58 pm / google, javascript, v8, chrome

Chromium. Google Chrome is out! Here’s the open source project, including the code for the new V8 JavaScript virtual machine.

# 2nd September 2008, 9:06 pm / google, browsers, open-source, v8, javascript, chromium, chrome

Google Chrome, the comic book (via) Google have finally announced a browser project, though it’s currently vapourware (or rather comicware), existing only as a Scott McCloud comic. Still, it looks fascinating—entirely open source, WebKit with a brand new JavaScript VM, every tab running in a separate process for smarter memory usage and some new UI concepts and anti-pishing measures thrown in as well.

# 1st September 2008, 7:45 pm / googlebrowser, google, scott-mccloud, javascript, webkit, phishing, antiphishing, usability, chrome

Google’s undocumented favicon to png convertor (via) Showing the favicon of a domain next to a link is a really nice trick, but it’s slightly tricky to achieve as IE won’t display a .ico file if you link to it from an img element, so you need to convert the images server-side. This undocumented Google API does that for you, meaning it’s much easier to add favicons as a feature to your site.

# 30th August 2008, 8:40 pm / favicon, google, undocumented, apis, png

Gears for Safari Beta. “Chances are it will break your browser. Please proceed with caution.”

# 26th August 2008, 4:27 pm / gears, google, safari, beta

Keyczar (via) New open source cryptography toolkit from Google, designed to get algorithm selection, key rotation and versioning right so you don’t have to. Java and Python versions are available; the Python version depends on PyCrypto.

# 13th August 2008, 1:20 pm / pycrypto, python, google, encryption, keyrotation, ben-laurie, java, keyczar

Underscores are now word separators, proclaims Google. I missed this story last year—the change was announced by Matt Cutts at WordCamp 2007.

# 13th August 2008, 1:06 pm / matt-cutts, wordcamp, wordpress, google, underscores, hyphens, seo

knol: content w/out context, collaboration, capital, or coruscation. danah boyd: “A system that is driven by individualism quickly becomes a tool for self-promoters”

# 3rd August 2008, 3:13 pm / knol, google, danah-boyd

DjangoCon 2008. Venue: Gooleplex, San Francisco Bay Area. Dates: 6th and 7th Sept. Official post will be on djangoproject.com soon.

Robert Lofthouse

# 13th July 2008, 4:50 pm / robert-lofthouse, djangocon, django, python, events, google, googleplex, san-francisco

Question: how do you upgrade servers when you need to pass new information between them? It's a fool's game to try to upgrade both servers at the same time. So you need a communication protocol that is not only backward compatible (a new server can speak the old protocol) but also forward compatible (an old server can speak the new protocol). Protocol Buffers provide that because new additions to the protocol can be ignored by the old server.

Matt Cutts

# 8th July 2008, 9:11 am / protocolbuffers, google, matt-cutts, upgrades

Protocol Buffers: Google’s Data Interchange Format. Open sourced today. Highly efficient binary protocol for storing and transmitting structured data between C++, Java and Python. Uses a .proto file describing the data structure which is compiled to classes in those languages for serializing and deserializing. 3-10 times smaller and 20-100 times faster than XML.

# 8th July 2008, 8:20 am / c-plus-plus, google, idf, java, open-source, protocolbuffers, python, xml

ratproxy. “A semi-automated, largely passive web application security audit tool”—watches you browse and highlights potential XSS, CSRF and other vulnerabilities in your application. Created by Michal Zalewski at Google.

# 3rd July 2008, 2:35 pm / ratproxy, proxy, michal-zalewski, google, security, testing, xss, csrf

OAuth for Google Data APIs (via) Awesome. Now, how’s OAuth support shaping up over at Twitter (who are serious offenders when it comes to encouraging the password anti-pattern, despite Twitter engineers being key to the creation of the original OAuth spec)?

# 27th June 2008, 7:49 am / oauth, twitter, google-data, google, apis

There is a reason why Flickr eventually killed Yahoo! Photos and why it was decided that Google Video be relegated to being a search brand while YouTube would be the social sharing brand. The brand baggage and the accompanying culture made them road kill.

Dare Obasanjo

# 16th June 2008, 2:54 pm / flickr, yahoo, google, youtube, branding, dare-obasanjo

The X-Robots-Tag HTTP header. News to me, but both Google and Yahoo! have supported it since last year. You can add per-page robots exclusion rules in HTTP headers instead of using meta tags, and Google’s version supports unavailable_after which is handy for content with a known limited shelf-life.

# 9th June 2008, 9:21 am / google, yahoo, robots-txt, xrobotstag, http