Archive for June 2005

off to ausweb

On Sunday I am off to Ausweb, the Australian web conference that takes place on the Gold Coast in Queensland each year.  I am presenting a paper I wrote called "Mining User Preferences from Web Access Logs and User Public Information".   This paper was the motivation for my PhD going off in the direction it has now gone (Personalization with User Privacy - or PUP for short, as all good projects need a good acronym.)
I will also take part in the UniSites SIG, which is a meeting of people who are involved in managing University web sites in Australia.  I am a bit of a ring in - not involved in day to day operations -  but I am on the University’s Web Steering Committee, which formulates the web strategy for the university.
It would normally be great to go from cold Melbourne to the Gold Coast at this time of year, however yesterday they had some kind of 100 year flood.  News has a picture of an Aussie rescuing his most important possessions from the flood.
Fortunately the airport has reopened so I should definitely be going.  I was beginning to wonder yesterday.

file sharing stupidity

The US Supreme Court decision is remarkably stupid, or at the very least extremely inconsistent.

Justice Souter said ""We hold that one who distributes a device with the object of promoting
its use to infringe copyright…is liable for the
resulting acts of infringement by third parties."  (As quoted here)

In other words, those who produce file sharing software are responsible for illegal things done with their software.

How about if I rephrase it as "We hold that one who distributes a gun with the object of promoting its use to shoot people is liable for the resulting shooting of people by third parties"?

Does all use of software for malicious purposes then possibly make liable the creators or distributors of that software?  What about using Visual Basic to create viruses, or Microsoft Word to write extortion letters?

accessibility, adaptivity, device independence

I am working on a new protocol in my research which needs to take these issues into account and I am gradually thinking my way around to the best way to do it (hopefully).

Accessibility refers to the ability [of web content] to be accessed by everyone, regardless of their abilities or the device they are using.  In the past this has meant things like using ALT tags, providing text based navigation, and so on.    Guidelines for accessibility are developed by the W3C Accessibility Initiative.

I talked to Liddy Nevile recently about accessibility and she says it is turning into adaptivity instead…that is, sensitivity to the user and their capabilities at a moment in time. 

There are standards for adapting content by device (like CC/PP, sorry, Content Selection for Device Independence) which are separate from the accessibility guidelines.

I would (and I realize this is terribly geeky), rather than thinking of devices and users separately, probably think of a unified approach, where we think of the user as having a set of capabilities, just like a Palm…Content Selection for User Independence.  Or, in my view, Content Selection for User Preferences.  That is, personalized rather than vanilla.

Now my head hurts, but I am getting somewhere.  :)

rip nigel mcfarlane

It is being reported that Nigel McFarlane, fellow Melbournian, Open Source consultant, and author of Firefox Hacks and Rapid Application Development with Mozilla, has died.  I met him a few times at local Open Source functions.  Nice, smart, serious guy, and very young.  Very sad.

stealth encryption

One of the most entertaining and clever posters I saw at WWW2005 was Enhancing the Privacy of Web-based Communication [pdf].  This is a new technique developed at PARC called "stealth encryption" and is basically aimed at preventing web mail providers - such as Gmail -  from profiling you via your email.    Words of a particular grammatical category are replaced with words from the same category and with roughly the same frequency in English.  An example from the paper:
Plaintext: Hi friend, Its been a long time since I last wrote. How are your kids doing? I am immensely enjoying my stay here at PARC and California is even more beautiful than I had imagined!
Ciphertext: Hi young, Its been a support power since I last flew. How are your prices doing? I am immensely occupying my blood here at IBM and Kansas is even more environmental than I had illustrated!

I love this idea.  It takes me back to all those dodgy WWII spy films, and some guy in an overcoat muttering "The sparrows fly over the clock tower at midnight"

OSCON2005 early rego closes Monday

This year, for the fifth time, I will be at OSCON, giving a tutorial with Luke called PHP and MySQL Best Practices.  If you haven’t been to this conference, it is absolutely fantastic.  I always have a great time, learn heaps, and meet really interesting people.
I mention it today as OSCON early registration deadline (and the cheaper registration fee) is this coming Monday 20th June. 
Hope to see you there.

insourcing

So we (well, some Australian companies) outsource all our IT to India, and then they start hiring foreigners to come and work in India (in their old jobs, I wonder?).  Now that is irony.

I feel for some of the Indian IT employees though:  I read this week that outsourced helpdesks have a staff turnover of 60-70% due to racial abuse from customers.  Help desk is a hard job in any country.

xml, web services, simple things are beautiful, yada yada yada

Long weekends reduce brain cells to jelly.  Worked on a few things over the weekend, nothing really to report except I hurt from where my horse slipped over on the slippery ground since it finally rained here in Melbourne.  He was fine of course.

The next book has far too many XML chapters in it, or at least it seems that way at the moment.  I had a good anti-WS-bloat rant in Amsterdam recently.  In a nutshell: most of the web services stack is bloatware that doesn’t get used for most applications.  90% of the time you can get away with knowing no SOAP, WSDL, or any of that stuff.  You can just use REST - Representational State Transfer.  This is basically an HTTP GET request with parameters, and in return you get an XML document, in other words XML over HTTP.   It works very nicely and is simple.  I was trying to explain this to somebody here at work, so I wrote a very basic REST server/client pair in PHP in five minutes to demonstrate.  Here’s the code, which is doubled in size due to comments.

REST server for imaginary stock price lookup
<?php

  // check which stock we want to look up
  $stock = $_GET[’stock’];

  // look up the stock
  $price = lookup($stock);

  // format stock quote as XML
  $string = "<stockquote><stockprice>$price</stockprice></stockquote>";

  // make it into a proper XML document with header etc
  $xml = simplexml_load_string($string);

  // send an XML mime header
  header("Content-type: text/xml");

  // output correctly formatted XML
  echo $xml->asXML();

// that’s the end of the main code, function below is just a stub

  function lookup($s)
  {
    // all stocks are worth $1 for this basic example
    // but you would look it up in a database if you had one
    return 1;
  }

REST client ditto
<?

// query the REST server and load the returned XML as a PHP object
// note parameters go to REST server as HTTP GET parameters
$stock=’MSFT’;

$xml = simplexml_load_file("http://localhost/rest/restserver.php?stock=$stock");

echo "$stock stock price today is ";
echo $xml->stockprice;

?>

Basically you don’t need to know anything about Web Services or even XML to make and consume REST Web Services.   This assertion greatly irritates a lot of people.

I’m not saying there isn’t a need for SOAP and WS-*, just that often simple tools will do the job.  It’s just another version of the 80% rule.  This seems to be a theme in my personal consumption of technology.

For further discussion on this subject by others who rant more eloquently, you can read Tim Bray’s blog.

i hate phishing

In the last couple of days, I’ve gotten about 10 different phishing emails from my own web site.  Ones claiming to be from the bank/ebay are annoying enough, but this is incredibly much more so.

"Dear Valued Member,

According to our site policy you
will have to confirm your account by the following link or else your account
will be suspended within 24 hours for security reasons.

(link removed for obvious reasons)

Thank
you for your attention to this question. We apologize for any
inconvenience.

Sincerely,Tangledweb Security Department Assistant."

Funny, I don’t remember employing one of those.

a decade of php

Today is the 10th birthday of PHP.  I’ve been using it for a long time now.
I started using PHP on a project for a law firm with Luke Welling.  Began in Perl initially, but the sysadmin - a guy called Adrian Close -  said "here, use this, you’ll really like it".  He was right.
Weirdly enough Luke has recently begun a new job (at hitwise.com) and he’s working with Adrian.  Small world.
After banging our heads against those legal applications - including all kinds of stuff that seemed revolutionary in 1997 - we spent many evenings at the pub (the Cafe Hotel in North Melbourne, gone now for apartments) talking about writing a book on PHP, since there wasn’t one at the time.  That’s how PHP and MySQL Web Development was born.
Half of the interesting things I’ve learned and done and the best people I’ve met in the last ten years  have been thanks to PHP and its fantastic community.  Thanks to PHP and all its developers and users all over the world.  Thanks especially to Rasmus for coming up with it in the first place and evangelizing it ever since.   Many happy returns.

(And thanks Zak for the reminder.)