Saturday, December 13, 2008

Finally back on the Internet

About nine days ago, my home Internet access became erratic and unstable. At first, I thought this was because I was experimenting with new firmware (Tomato) on my wireless router. Unfortunately, the problem persisted even after I eliminated that piece of equipment from the situation.

After multiple support phone calls to my ISP, replacing the cable modem and the coaxial cable that connects the modem to the walljack, a technician discovered the problem was a bad filter in the locked cable box outside my house. I guess my old cable modem still works, but since my ISP tracks/blocks modems by hardware addresses, it's not like I can go back to using it.

It's been a little frustrating-- being sick & not having reliable web access.

The upside, at least, is with this new Motorola Surfboard modem I can access the logs, configuration, etc. and see things like my signal strength between the modem and my ISP. My previous modem was locked down (by my ISP) so you couldn't get access to that information.

I've got the wireless router (running Tomato) connected again, and it seems to be working like a champ. I'm planning to test the SSH feature out tonight.

Saturday, November 29, 2008

ASUS eee PC + Ubuntu eee = WowEEE!

I picked up an ASUS eee PC just under a year ago, and after running the Xandros distribution (albeit with hacks) for most of that time, I decided to explore other options. It took longer than anticipated to accomplish (my eee PC kept seeing my pendrive as a hard drive, so I couldn't pick it from the boot menu as I was expecting), but I finally managed to run/install the Ubuntu eee distro.

I wanted to set down my initial impressions while they were still fresh in my mind.

I was able to make a bootable Live USB key easily. There's a GUI tool that makes it a simple process-- no command line kung-fu required. The desktop interface is an elegant, highly functional compromise between a full desktop and a novice switchboard. The performance of the Live USB key was slow/disconcerting, but don't let that discourage you-- it runs faster after you install it on the internal SSD.

A word to the wise about the actual installation process: when I tried to install Ubuntu eee from within the session of Ubuntu, I got to step 5 and found the keyboard was unresponsive. This was a problem since step 5 required entering account information, like name, user id and password. I had to reboot from the USB key and pick the Install Ubuntu option from the default boot menu. Your mileage may vary.

Almost everything worked "out of the box" with the installation. It picked up the WiFi (Atheros adaptor) and easily handled my home wireless WPA2 encryption. After wrestling with Ubuntu on a G4 PowerPC iBook (with a Broadcom adapter), I was expecting trouble. The only obvious hardware-specific snafu was the webcamera (which had been DISABLED in the BIOS).

As far as software goes, I wound up receiving somewhere in the ballpark of 250 MB of updates. No glitches per se, but it had to do the updates in two stages/reboots in order to resolve some dependencies. The synaptic manager is more flexible and versatile than the software update interface found in the Xandros/eee PC distro.

It was a little bit of a rocky start, but the overall experience has been positive and continues to impress me.

Thursday, November 27, 2008

What's on your "Speed Dial?"

Opera was the first browser to introduce the whole "Speed Dial" feature, but it seems like everyone has been adding it to their repertoire recently-- Google Chrome, Firefox (with the help of a third party extension called Fast Dial).

But, let's be honest, the nine car garage doesn't impress anyone if it's empty-- it's what kind of cars you put in it

Here's what I do with my "Speed/Fast Dial" slots:

1) Google Bookmarks
2) my Linksys wireless access point (which I hope will soon be running Tomato firmware!)
3) Twitter
4) This blog/Blogger's Dashboard
5) Google Reader (RSS feed aggregator)
6) my Gmail
7) emusic/Netflix/Youtube
8) Unassigned
9) Unassigned

Enough about me; let's talk about you for a while. What links are on your Speed Dial page?

Tuesday, November 25, 2008

Technical Neologisms?

If someone buys the latest/fanciest technology purely for status is a "fashionista," then what do we call someone who buys their tech on the criteria of reliability?

I'd like to suggest "functionista." ;)

I know, this post doesn't really fall into the security, technology or psychology realms-- but I couldn't resist the word play.

Monday, November 24, 2008

Jonah Chanticleer 公鸡: Google Maps and Google Docs

Almost a year ago, I wrote about making peace with Javascript and my success with the Google Maps/Docs tutorial. My karma being what it is, Google introduced a method that allows people to collaborate on a map, so my entire reason for learning how to power a Google map via a Google Docs spreadsheet became moot.

I've noticed a sudden spike in traffic to the old page about Google Maps/Docs (no idea why-- please feel free to enlighten me in the comments), so I figured I'd better save folks some time and frustration by providing a link to the collaboration piece I mentioned.

Thursday, November 20, 2008

Phishing web sites

I see many phishing emails because of my job.

The conventional wisdom seems to be to treat phishing email as if it were spam. Just add it to the SPAM filter and forget about it. I don't get it. Spam is a commercial nuisance, but phishing is a deliberate, blatant attempt to defraud people. Blocking subsequent emails won't keep people from falling victim to the emails that already made it through-- nor will it keep other people outside of my workplace from being victimized.

I believe phishing deserves a separate and greater response. This is why I use Phishtank (at home), and am so aggressive (on the job) about reporting phishing emails to the security departments of various organizations that fraudsters like to impersonate. I want to see these phishing sites taken offline; I want to see the perpetrators pursued and brought to justice when possible.

Although I feel sorry for the people who fall for these phishing scams, the people I feel even more sympathy for are the ones who are just trying to run a web site . . . and then discover that someone has violated their server security, and is using their platform on the Internet to rip off and hurt other people.

It goes something like this:

The would-be fraudster finds a web server that he or she can compromise. Maybe they were able to sniff an FTP userid/password over a network connection because it was passed in the clear, or maybe the password was easy to guess or derive because it wasn't a very strong password. The precise method of compromise isn't important, because there's more than one way it can be done. The important point is, they have gained illicit access to the web server-- so they create a fraudulent paypal/bank/IRS website and bury it deep inside a subfolder where no one ever looks, like an images folder. Then they send out emails to large numbers of people with links back to that fraudulent web site, and wait to see how many people take the bait and enter their account information. The person who owns/runs the website in most cases has no idea what is taking place under their noses.

I got to speak with such a person this morning. Nice woman-- runs a small web site for her small school. She teaches kids how to design web sites. She had a vague, conceptual understanding of what phishing was, but I'd be highly surprised if she's received any training on server security. Even if she had, it's unlikely her IT group has given her read access to her FTP logs or uses any encryption with their file transfer protocols. There isn't enough time, resources or skilled people available, and the priorities are always elsewhere.

But here's the thing, people. If everyone shrugs their shoulders and says, "This isn't my problem," then the same stupid cycle is going to keep being perpetuated. And one day, the person who gets fooled and taken for a ride will be you.

Tuesday, November 18, 2008

Windows XP SP2 and WPA2 AES

Like many people, I read this item at Lifehacker about how a PhD candidate found a way to compromise WPA2 security and switched my wireless router's settings from TKIP+AES to AES alone. Everything seemed to work fine afterwards, so I scratched it off my To Do list and went about my business.

A few days later, I discovered my work laptop (Win XP SP2) would no longer connect to my home wireless setup. It would still connect to WiFi connections in other locations, though.

It took two days to make the connection between the wireless router setting change and the delayed isolation of my work laptop-- but I confirmed my hypothesis tonight by returning my router's encryption settings back to TKIP+AES, and the Windows laptop automatically connected almost immediately. I turn the setting back to AES only, and it loses the connection.

I'm sure there's a hotfix/patch from Microsoft to address this issue, but the policy for getting Windows Updates on workplace computers is bewilderingly confusing and slow. For example, our web browser standard is and continues to be Internet Explorer 6-- which makes for marvelous conversations with third-party vendors. So the question is, should I manually invoke Windows Update on my work computer and get God only knows how many patches, fixes and updates, and potentially risk introducing new issues, or should I just leave my router on the less secure of the two settings?

Discuss amongst yourselves. ;)

Sunday, November 9, 2008

Security, from a different angle?

When people talk about security and technology today, we usually assume they mean controlling who can see information. There are people who are entrusted with access to that information, and then there are people who are not. The type of information varies-- it could be financial, medical, academic, but the overall point is that access to the information should be restricted.

All that is true, but it leaves out a piece.

Suppose you and eleven other people all have access to the same information. Any one of you can read or change that data at any time. One day, you log in and find a subset of the information has been reverted back to a point six months ago in time. You don't know which of the eleven other people who had access made the change, you don't know why they made it or even if the change was intentional or (more likely) accidental.

All you know is that you didn't do it, and it happened further back in time than your backup plan will allow you to restore.

The sad truth is that there are some threats to data security "inside" your organization. It might be an incompetent server admin who accidentally overwrites your files with old data during a backup/restore operation. It might be a malicious co-worker who is pissed off because they got passed up for a promotion and they want to make someone else on the team look bad. It might even be a scenario beyond our collective ability to imagine (i.e. the technology visionary in your office decided it was time to do some spring cleaning in their home folder on the network-- except they were in the wrong folder.)

There's a myth about security-- that you can build a bullet-proof solution and nothing bad will ever happen to your information. The question we should be asking is not "What will we do IF something happens to our data?" It should be "What will we do WHEN something happens to our data?"

Timely awareness is key to an effective response. You wouldn't wait til tomorrow to treat a gunshot wound. You shouldn't wait 24 hours to deal with a situation involving the corruption of your data. You need to be made aware of changes on an almost daily basis. In some cases, this is as easy as turning on auditing processes in your server's operating system.

In some cases, like a shared FTP directory on a remote web server, it becomes harder. But harder doesn't make it any less necessary. I'm working on a solution, involving WebDrive and WinDiff, that will let me get a recursive list of all the files and folders on our web server on a daily basis, dump them into a text file, and then compare it with the list from the previous day so I can see the deltas. I'm sure there are probably better tools out there for the task-- ones that lend themselves to more scripting and automation, for example, but for the time being, I need to get this up and running with the tools I have rather than waste days trying to learn new tools and figure out how to get them working.

If this works the way I believe it will, I'll be able to see what files have been deleted, added or modified in the previous 24 hours. If I start seeing a spike in activity ("hmm, that's weird, someone deleted 300+ files yesterday . . . ") I can start investigating it right away, rather than finding out about it too late.

Sunday, November 2, 2008

Micro Center - Combination Notebook Lock

Micro Center - Combination Notebook Lock: "A physical and visual deterrent to theft, easy to use and extremely portable."

More like horrible mess and nightmare. One night a week, I have to leave my laptop at the office over night so it can perform an auto-scheduled backup of my web sites. I worry someone's going to "help themselves" to it-- we've had a bit of a problem with that lately. Personally, I blame the dreadful economy. So I bought this product, figuring my laptop would be less prone to vanish if it was tethered to my desk.

First, it says it works with any computer that has a VGA port. Sadly, it should read "works with any computer that has a VGA port with attaching screws." My ASUS eeePC has a VGA port, but no attaching screws, so this product wouldn't work for it.

Second, it's a pain in the ass to use. Directions are better than average, but the complete operation (setting the combination, locking the lock, unlocking the lock) is not intuitive. Do this, press this button, do that, press this other button sideways-- AUUGHH!

Third, when I used it, and tried to unlock/unscrew this cable from my work laptop's VGA port, it literally would not unscrew and pulled the attaching screw off from the side of my VGA port instead.

Trust me, it's not worth the hassle or the money.

Friday, October 31, 2008

Et Tu, O'Reilly?

I've spent the past two days agonizing over Chapter 2 of "Learning Javascript." I read the chapter twice, took extensive notes . . . and just failed the mini-quiz at the end of the chapter.

It's this sort of thing that makes me want to burn computer books. Seriously.

First of all, the answers in the Appendix (p. 317) seem to have two typographical errors in them. Then, on top of that, the last question turns out to have been a "trick question." Um, yeah-- because throwing a trick question at someone on the first quiz/test, while they are trying to get the initial material under their belt and figuring out if they can trust you as a useful source of information is so productive.

I will admit-- there were some questions I legitimately missed (the single quote mark in question 3 prematurely ending the string and the asterisk in one of the variable names in question 1 being a Javascript operator for multiplication). However, I picked a different verb in my function name (returnTheMonth vs. getTheMonth) than the author did in her appendix, even though I used the same verb from her own chapter. Who writes a question based on the arbitrary selection of a verb?

Personally, I'm feeling de-motivated to re-learn Javascript right now. :(

Sunday, October 26, 2008

Javascript-- Is the third time the charm?

I don't even know where to begin with this post.

Part of the problem is, I tend to think in metaphors and observe similarities and interconnections that other people don't seem to be able to perceive. When I try to demonstrate these connections to other people, they just find it confusing. You'd think I'd learn it's a bad strategy, and yet this is how my mind operates when trying to comprehend something.

Imagine there's this doctor, and he's been practicing medicine for three decades. He's reasonably competent, works hard, but for some reason never kept up with the latest trends and changes in his field. The days roll by, and one day he's suddenly operating in a paradigm that's completely obsolete. And the scary part is, he is so out of touch, he doesn't even realize how out of touch he's become!

With me so far?

Now, imagine the same scenario, but with a web developer-- and let's be honest, a web developer most likely isn't operating with life and death stakes, so he has even less true motivation to keep up with the latest trends and changes in the field. And we all know how quickly things in web development can move and change, right?

Then, on top of all that, what if the web developer works for an organization that is large, where change is glacially slow at best? Where the majority of IT folks are clinging to best practices that have been rendered obsolete years ago-- or even outright ignored because someone decided they just aren't going to do things that way as a matter of personal preference.

I did an inventory of my situation the other day. Basically, because of politics at my workplace, I'm a ColdFusion developer who doesn't really have access to a ColdFusion server. This is sort of like being a magician without a rabbit. Sure, I can get by with static HTML, CSS, a bit of Javascript here and there-- but to really harness the power of dynamic web pages, the best I can do is a Filemaker Pro server on our Intranet.

It got me to thinking-- what's the point of learning Python or Ruby or PHP, when I'm never going to have access to a server that supports these languages? (Yes, I know, I can install Python on my local computer and leverage it without having a server-- but you know what I mean.) I need to flesh out and expand the depth of knowledge I have about tools I can realistically expect to have access to first, before I start spending time and energy learning "the fun stuff" I will never get to see.

So, I'm sorting through my mental inventory and the first thing that pops into my head is Javascript. All major, modern web browsers have support for Javascript, so if I put time and energy into learning that-- really learning it, mind you, not just learning enough to solve the current task I've been assigned-- then that ought to have the highest payoff in terms of being able to assist people at my work place. (Microsoft Access is second on my list, by the way, even though I'd be using it strictly on a network share, not a true web server.)

I made a trip to Borders this weekend and picked up a copy of Shelley Powers' "Learning Javascript" book. It has a copyright date of 2007, so I expect the information in it will be still fresh and current. I was even able to use a gift card I'd received at Christmas to pay for most of it.

(long pause) Um, did I happen to mention I hate Javascript?

See, I tried to learn Javascript a very long time ago (I think it was still in version 1.2, as I recall). I ran into a lot of problems with cross-browser support being . . . lame. (It's a highly technical term-- couldn't possibly explain it further.) I'd write a javascript that worked on one version of one browser, but then bombed horribly everywhere else. You'd have to write four different versions of your code, and then have some horribly kludgey way to "sniff" out which version of javascript you'd encountered and then play traffic cop to get the broswer to the specific version of code designed for it. Then a new version of one browser would come out, and things would break, and you'd need to revisit the whole damn program again.

Who can learn under those conditions? Where's the success? Where's the reward feedback loop?

A few years go by, and the ECMA ratifies a version of javascript, along with an API that should bridge most of the browser differences. I start dabbling with it again out of necessity (adding a "characters remaining" counter notice under a text box, as I recall) and still find it difficult going, although it's better than it was. Then, suddenly everyone and their brother wants their sites to have AJAX-- including the people who'd still be creating their relational databases as one gigantic flat file if it wasn't for me.

Which brings us to current day. I read Chapter 1 in Ms. Powers' book yesterday. It's well written, and it was an eye-opening experience. I found out that the things I had learned back in the day as "best practices" (e.g. using HTML comments to "cloak" your Javascript from browsers that don't support Javascript) are not only currently irrelevant, but can actually cause problems if you plan to use XHTML in your web pages!

(Damn, and to think that less than a year ago, I was taking Google to task for putting out Javascript code in their Google Analytics products that broke valid web pages-- and the solution I suggested was that Javascript cloaking trick. I'd like to thank the patient folks at Google for not sending me flaming emails, calling me a fossilized hacker wannabe.)

Today, I sat down and reread Chapter 1, while taking detailed notes in one of those black and white composition books. I'm hoping that rereading and writing down my observations will somehow ingrain the knowledge in my brain a little deeper-- maybe make it easier to break off my bad habits, as well as pick up new habits that are current best practices. It takes longer than just reading the chapter once would, of course, but if I want to be better than just an average web developer, I need to get to the point where I'm dreaming about this stuff in my sleep.

On the plus side, I'm at least savvy enough to have discovered an error in Chapter 1 on my own. (I'm sure it was a simple oversight and has already been detailed in some errata file on O'Reilly's web site somewhere.)

Man, wouldn't that be a dream job? Being one of the "technical proofreaders" who goes through the texts prior to publication, and get hands on with all the exercises and lessons-- making sure they work properly. Hmm, on second thought, you'd probably be stuck with the responsibility of fixing them somehow when they didn't work properly. Maybe not so cool after all.

I also need to figure out where the changes in trends related to Javascript would originate from (perhaps the ECMA?) and sign up for an RSS feed or email bulletin or something that will keep me from falling back out of date again if/when I do finally internalize this latest material.

Wednesday, October 22, 2008

Flagfox :: Firefox Add-ons

Flagfox :: Firefox Add-ons: "Displays a country flag depicting the location of the current website's server and provides quick access to detailed location and webserver information."

NOTE: I'd originally hoped to review "TwitterFox," but I've spent the past week trying and failing to get it to work properly. To be fair, I can't tell if the issue is with the extension, with the Twitter service, or perhaps even something in my account settings-- so rather than write a bad review, I decided to pick a different extension. If you are currently running Twitterfox, drop me a line-- I'd like to hear what your experience with it has been.

Quick Review: Thumbs up; works as advertised.

Details: It's called the WORLD wide web for a reason-- because web-serving devices can be located anywhere. At its simplest this extension, displays a county flag up in the address bar that corresponds with the geographical location of the web server. You go to a page hosted by a server in the UK, you get to see the Union Jack. You go to a page hosted by a web server in the United States, you get to see the American flag. Sometimes, you get a surprise and discover that servers you assumed would be located in one country, are actually co-located in another.

The preferences for this extension reveal more sophisticated capabilities-- by default, a left mouse button click will open a new tab with lots of interesting geographical information courtesy of geotool, while "middle clicking" will invoke a WHOIS search. You can override the middle click function with your own custom action as well, by entering in a URL that makes use of macro variables.

Tuesday, October 14, 2008

Fast Dial :: Firefox Add-ons

Fast Dial :: Firefox Add-ons: "Fast Dial replaces blank tabs with a panel of thumbnails of your favorite sites."

NOTE: Technically this isn't a *new* extension, but it was updated on September 19th. It adds a sexy feature to Firefox that we've seen regain new popularity with Google Chrome's debut (but for the record, Opera did it first).

Quick Review: Thumbs up; works as advertised.

Details: If you've tried Opera or Google Chrome, you've seen their "Speed Dial" feature. This extension, Fast Dial, adds that same capability to Firefox. Whenever you open a new/blank tab, the Fast Dial thumbnails appear for your convenience. This extension is very customizable, letting you pick the size, colors, number of sites in the grid and so on. It works as advertised, does not seem to have any conflicts with other features or extensions.

The only "bad" thing about this extension is that there's no option to "automagically" populate the "Fast Dial" grid with the web sites you most frequently visit. I'm not convinced this is a bad thing necessarily. Entering your "Fast Dial" sites is a manual process, but it's no more complicated than navigating to the site you want to add, and clicking the star icon in the address bar.

Saturday, October 11, 2008

Firefox Extension Reviews?

I have this idea for a new feature-- a weekly review of a new/random Firefox extension. It seems like an good idea, but there's a snag. Since I'm still running Mac OS X 10.3.9 (Panther), I can't upgrade to Firefox 3. Many of the recent extensions are designed for Firefox 3, so . . . well, you're smart, I think you can see the problem.

Yes, I could buy Mac OS X 10.5 (Leopard) for about $129. But I'm in the middle of a home renovation project. Also, I'm not shelling out that kind of money just to do browser extension reviews. Besides, to tap the full potential of Leopard's software features, I understand you want to run it on the Intel chips-- not the G4s.

However, there is a PPC version of Ubuntu Linux 8.04 ("Hardy Heron") that runs nicely on the G4 hardware. And Firefox 3 works just fine on it.

What I'm saying is-- I've made a change from Mac OS X Panther to Ubuntu Linux Hardy Heron as the new default boot option on my personal laptop.

I suspect this will go beyond simple reviews of Firefox extensions very soon.

Which reminds me-- when are we going to see Google Chrome for Linux?

Tuesday, October 7, 2008

textually.org: Lightbulbs Could Replace Wi-Fi Hotpsots

textually.org: Lightbulbs Could Replace Wi-Fi Hotpsots: "Boston University's College of Engineering is launching a program, under a National Science Foundation grant, to develop the next generation of wireless communications technology based on visible light instead of radio waves."

Maybe I just don't "get it", but why is this news? We'd used infra-red spectrum to exchange data for years with the old Palm Pilots, and you remember how much of a "line of sight" nightmare that was. Isn't this just the same concept, but in the visible spectrum? Maybe this implementation will be more robust with LEDs.

Just promise me, please, no more of those creepy, uncanny valley animatronic Teddy Ruxpin dolls that "interact" with your television.

Sunday, September 28, 2008

Ch-Ch-Ch-Ch-Changes: New Focus, Look and Tagline

Interaction is the ultimate goal of this site. To achieve that goal, I must draw traffic. To draw traffic, I must promote the site. Unfortunately, it's hard to promote a site when you can't state its focus and purpose in a confident, persuasive and concise manner.

Compare:

1) "I run this website-- more of a blog actually. Sort of a personal journal, things that catch my interest. A little bit of this, a little bit of that. Pictures sometimes. You know?"

2) "The Jonah Chanticleer blog focuses on the constant interplay between Technology, Security and Psychology."

The first description is rambling, lacks distinction and sounds about as tedious as watching your uncle's vacation video footage (i.e. before editing). The second description is specific and informative; it says "We're both busy people. Here's what I'm about. Are you in or out?"

I've just explained the necessity for tightening this blog's focus; I've also explained that focus will be on the themes of Technology, Psychology and Security. I could explain how I arrived at those three themes, but it seems pointless. Too much information. When most folks go to a seafood restaurant and order grilled salmon, they don't want the chef to come out and describe how the fish was prepared-- they just want to enjoy the meal and the atmosphere.

The rest is obvious, I suppose. If the blog has a new focusing theme/purpose, the tagline should reflect that theme/purpose. I liked the quote from Muhammad Ali (truly a fascinating gentleman!), but using that quote for my tagline did nothing to inform people about the theme or content of my blog. The new tagline puts it all out there, even if it is in metaphor.

That brings us to the final change-- the new template. I wanted to signify this change in focus in a highly visual way. I wanted people who'd seen the blog before to do a double take and say, "Whoa! Something's different here." I dreaded giving up Jeffrey Zeldman's fantastic green "Son of Moto" template, but the new color scheme (Douglas Bowman's "Rounders 2") has a wonderful palette for this rooster logo/icon I've been contemplating for months. I think that visual cue will also psychologically reinforce my new focus and purpose as I write and post new entries.

Wednesday, September 24, 2008

So that's what a fortnight feels like . . .

After that short stint of blog entries about Blogger search tweaks a few weeks ago, I was hoping to take things to the next level by whipping up something in Google Mashup Editor. The idea was simple-- use Netflix's Top 25 Documentaries RSS feeds to automatically populate a list (drop-down? blogroll-style?), and when you select one of the top 25 documentaries from that list, it shows you the Blogger profiles of people who happen to have entered that documentary in their "Favorite Movies" field.

Obviously, this didn't happen. I could sit here, whine and make excuses, but-- let's just say it isn't in the cards for me to do this and move on.

There's been plenty happening on the personal front-- but the problem with personal lives is that they tend to be boring as sh*t to everyone else. For example, I doubt you want to hear about my master bathroom renovation-- the thermostatic spa system, etc. Hell, even I'm tired of hearing about it.

Wednesday, September 10, 2008

Yes, Virginia, I DO screen my phone calls

I have an acquaintance who calls me on my cell phone and then makes little "jab" comments about the frequency with which he/she gets my voice mail instead of me answering directly. It's rather naive-- as if they feel the act of allowing a call to go to voice mail is some scandalous thing.

So, to put the matter to rest finally-- Yes, I DO screen my phone calls.

If you call me when I'm driving, I don't answer. I'm busy driving. I'll call you back later.

If you call me when I'm in the bath room, I don't answer. I'm busy, plus it's just rude.

If you call me when I'm in a meeting at work, there's probably a very good chance you'll get my voice mail as well. My boss is sort of funny about that-- she pays me to do my work, not to take personal calls on the clock.

If you call me from a different number than what I have programmed into my phone contacts, I will probably let you go to voice mail. If I don't recognize the phone number on my display, I assume it's a telemarketer. If it isn't, I can call you back after you leave a message.

If you call me when my phone isn't getting an adequate signal, you will almost certainly get my voice mail because I won't even know you are calling. Don't worry-- when my phone regains its signal strength, I'll get a notification that someone left me a voice mail.

If I'm eating, I might or might not answer the phone. Depends where I'm eating (McDonald's or that fancy Italian place) and with whom I am eating (casual friends with their own cell phones or Victoria Secret models who expect to be the center of attention at all times).

If I'm helping a client, I probably won't answer. They don't appreciate it when you stop helping them to take a call.

If I am sleeping, I will probably answer, but don't expect me to be happy about it. Where I come from, 1 AM telephone calls are bad news-- like someone's died in a car accident, or the ambulance is taking a loved one to the emergency room. As a matter of fact, don't call me after 11 PM unless it's an emergency.

If I'm having sex . . . phhffft! LMAO! Yeah, right-- like THAT ever happens!? I might as well say "If you call me when I'm being attacked by a swarm of killer bees" or "if you call while I've burst into spontaneous combustion." Tell you what, I'll work out a rule for this contingency if it starts becoming an issue.

You get the picture, right? Yes, I do screen my phone calls. Lots of people do. It's not a question of whether I do or don't like you-- if I didn't like or respect you, I wouldn't have given you my phone number in the first place. The determining factor is the situation I happen to be in at the moment you choose to call. It was the same way back with answering machines, too. Just because the technology has become more portable, that doesn't mean the underlying etiquette has changed.

Tuesday, September 2, 2008

Search Blogger Profiles for people with similar (or different) movie tastes

Last week, we threw together a little web-based search form that allowed us to search for Blogger profiles by country. Although we could certainly take it a step or two further, I'd like to make a little detour this week to explore a different direction-- namely, movies.

Your Blogger profiles allows you to list your favorite movies. Much like the location field, any movie titles that you type in become hypertext links. If you click on one of those "Favorite Movie" title links, the Blogger profile search program displays other Blogger users who have entered the same movie title as one of their favorites. It's sort of cool, I guess--you can find people with similar cinematic tastes, subscribe to their blog, and then argue endlessly about whether Shane dies at the end or not.

But what happens if you want to find someone who liked a movie that you aren't willing to list in your favorites? Perhaps you fear to admit "Ernest Saves Christmas" is one of your favorite comedic movies, but secretly wish to find other people who recognize the hidden genius of Shakespearean actor, Jim Varney. Or maybe you just want to know if anyone out there would admit "Showgirls" was their favorite movie?

If so, then today is your lucky day, my friend. ;)

As always, let's start from something we know-- like the URL of a typical Blogger search with one of the movies from our own Blogger profiles:

http://www.blogger.com/profile-find.g?t=m&q=The+Princess+Bride

The basic URL (i.e. the http://www.blogger.com/profile-find.g? part) remains unchanged from our previous "search by country" example. The value of the first parameter after the question mark changed from an "l" (for location) to an "m" (for movie). But, the second parameter (that is, "q=") and the value for that second parameter ("The+Princess+Bride") are completely different. The "q" stands for query, if that will help you remember it-- and the text after the equal sign is obviously the title of a movie, but with plusses instead of spaces between words. It's a trick to keep the URL from having spaces in it, which could cause problems with links as well as passing the data to the search program.

Rather than build another web-based search form from scratch, let's try just modifying the form we created last time. Here it is:

<form action="http://www.blogger.com/profile-find.g" method="get">
<input name="t" value="l" type="hidden">
<select name="loc0" id="loc0" style="font-family: Verdana,sans-serif;">
<option value="_nil_">Select a country</option>
<option value="AF">Afghanistan</option>
. . . not all countries are listed, obviously . . .
<option value="ZM">Zambia</option>
<option value="ZW">Zimbabwe</option></select>
<input value="Submit" type="submit">
</form>

I've italicized the lines that are specific to the country search, which we will remove. This leaves us with the following:

<form action="http://www.blogger.com/profile-find.g" method="get">
<input name="t" value="l" type="hidden">

. . . we've removed the drop down list, and will replace it with a text field . . .

<input value="Submit" type="submit">
</form>

That second line is a hidden field we use to pass the type of query (i.e. location, movie, etc.) to the Blogger Profile Search Program. It's currently set to a value of "l" (as in, location) which won't do us much good. To make it search for movies instead, we just change the value to "m" instead. That leaves us with:

<form action="http://www.blogger.com/profile-find.g" method="get">
<input name="t" value="m" type="hidden">

. . . we've removed the drop down list, and will replace it with a text field . . .

<input value="Submit" type="submit">
</form>

Almost done. The last thing we need to do is put in a text field so people can type in the name of any movie title. As always, I leave the specific text and styling decisions to your preferences:

<form action="http://www.blogger.com/profile-find.g" method="get">
<input name="t" value="m" type="hidden">
<p><input name="q" id="q" style="font-family:Verdana, sans-serif;" />
</p>
<input value="Submit" type="submit">
</form>

Go on, give it a test drive and see for yourself. I know, some of you might be wondering about how we're going to get the plus signs in between the words of movie titles. Is it a trick with Javascript? Actually, the good news is that the web browser takes care of that little detail in the background for us when the user hits the Submit button. (editorial note: I haven't tested this with every single browser out there in the wild, but it works with Firefox 2.0 on the Macintosh definitely, and I expect this trick will work with most modern browsers.)

Blogger Profiles Search: Movies!

Enter any movie title:



Monday, September 1, 2008

Cellular News story - truth or bad pun?

There's a story over at Cellular News that is setting off my bullshit detector. I want to know if anyone else has the same reaction to it.

The premise of the news item itself isn't especially preposterous-- prisoners in Pakistan smuggle/hide cell phones, in some cases by using their body cavities to do so. Prison authorities decided to do a sweep for and found smuggled phones, and in seven cases medical help was required in order to remove the phones.

So far, perfectly fine. It's the sentence where the news item cites their story source that set me off:

"Camp Jail Superintendent Gulzar Ahmad Butt said that the mobile phones had been found during a physical search of the prisoners and when they were screened with metal detectors." (emphasis mine)
The main story (i.e. prisoners who hid cell phones up their rectums needed medical attention) of the news item has one source, and his last name just happens to be "Butt?" Is this a news story, or someone's idea of a practical joke?

Wednesday, August 27, 2008

"Hacking" Blogger's Profile Search, Part II

Last week I wrote about how Blogger's Profile Search feature allows users to locate Bloggers in other countries, and how you can tweak the URL parameters to find people without even knowing a single blog in your country of interest as a starting point. The process is simple and workable-- just view source on your "Edit Profile" screen to learn the two letter country code of the country you are interested in (example: VA for Vatican), and then append that code to the search URL, like so:

http://www.blogger.com/profile-find.g?t=l&loc0=VA

Not bad, but who wants to "View Source" every time they want to look up a new country? Besides, some of our friends and family members (who aren't necessarily web developers) might want to also play along-- and this solution isn't user friendly for non-geeks. They're bound to mess up the URL somehow.

How about a web form that lets users select a country from a drop-down list of all the countries? And, instead of manually modifying a URL, all they have to do is hit the "Submit" button?

This turns out to be surprisingly easy-- it just requires a little HTML.

Blogger Profile Search Interface

Show me all Bloggers in:




Let's take it apart and see how it works. We start with a basic form tag:

<form action="http://www.blogger.com/profile-find.g" method="get">
. . . we'll flesh out this bit later on . . .
<form>

The action attribute above, which tells the form where it should send its information when the submit button is pressed, is pointing at the same URL we used last time for Blogger's profile search-- except there don't seem to be any parameters tacked on to the end of the URL. Don't worry, we'll be teaching our form how to add that extra stuff to the end of the URL "behind the scenes." We will do that by using the form's "get" method.

Before we go any further with our form, let's take a second look at that example URL from before:

http://www.blogger.com/profile-find.g?t=l&loc0=VA

See that "t=l" bit in the middle there that I've bolded for emphasis? Blogger's Profile Search feature can actually find Bloggers in many different ways: by location, by occupation, by interest, favorite book titles, etc. That "t=l" business lets Blogger's Profile Search program know that you are interested in carrying out a search by location. For you mnemonic learners out there, that's t (as in type) equals l (as in location).

We need to make sure our form passes that "t=l" parameter to the Blogger URL before passing the country code. We also want to make sure it can't be changed/messed up by our non-web geek friends. The best way to accomplish both goals is to put a hidden field in the form, like so:

<form action="http://www.blogger.com/profile-find.g" method="get">
<input name="t" value="l" type="hidden">
. . . the drop down list of countries will eventually go here . . .
<form>

Now that we know our form will always specify the "search by location" type of query, we can focus on the "heavy lifting" part-- namely listing all the countries in a drop down list. The important bit to remember is to name the select tag with the same parameter label (i.e. loc0) the Blogger search URL is expecting. If I were to name it something like "countryList" it won't work.

<form action="http://www.blogger.com/profile-find.g" method="get">
<input name="t" value="l" type="hidden">
<select name="loc0" id="loc0" style="font-family:Verdana, sans-serif;">
<option value="_nil_">Select a country</option>
<option value="AF">Afghanistan</option>
. . . I'm not going to type in the entire country list, just enough to convey the idea . . .
<option value="ZM">Zambia</option>
<option value="ZW">Zimbabwe</option>
</select>
. . .
<form>

I'll leave the specific text content and styling of the form (e.g. background color, font, border, etc.) to your personal tastes. That leaves us with the actual submit button:

<form action="http://www.blogger.com/profile-find.g" method="get">
<input name="t" value="l" type="hidden">
<select name="loc0" id="loc0" style="font-family:Verdana, sans-serif;">
<option value="_nil_">Select a country</option>
<option value="AF">Afghanistan</option>
. . . I'm not going to type in the entire country list, just enough to convey the idea . . .
<option value="ZM">Zambia</option>
<option value="ZW">Zimbabwe</option>
</select>
<input type="Submit" value="Submit" / >
<form>

Monday, August 25, 2008

Platewire.com

Driving home from work today, an aggressive driver in a light tan Sienna (VA tags JDE-2781) nearly forced me off the road and into a ditch. I considered reporting this to the police, but past experiences have led me to believe this is a waste of time.

So-- I figured, why don't I publish the jerk's license plate on the Internet, along with a description of his vehicle? Then, as I thought about it more, I realized it would be even better if I could create some kind of web-based application that people could use to "report" dangerous and/or aggressive drivers. Not "report" as in "turn over to the authorities," but "report" as in publicly shame a la "The Scarlet Letter."

Turns out I'm not the only person thinking along these lines-- and someone already beat me to the punch. I'm talking about platewire.com, the site which allows you to post notices (good or bad) about specific license plates. It's an intriguing concept, and has a surprising number of features. You have to create an account with a valid email address, which is a good way to reduce the potential for abuse/slander/libel.

Now, if you'll excuse me, I need to create an account so I can give a BIG RED FLAG to Mr. Tan Sienna Van Man.

Wednesday, August 20, 2008

"Hacking" Blogger's Profile Search

Suppose you want to find all Blogger users that live in Vatican.

You could try a Google Search for the terms "Vatican" and "Blogger." Those results would include any webpage that contained those two terms in it (regardless of whether the author lives in Vatican or is just writing about Vatican or Vatican City), but you could poke around until you got lucky and found a Blogger who actually lived in Vatican. From there, you could read their profile and use their location link to find all the other bloggers who identify themselves as living within Vatican. It might take a while, but you could do it.

Or, you could analyze Blogger's Profile Search URL and figure out it's being used to pass search parameters. Once you understand the logic behind the URL, you could then quickly build your own custom URLs to find Bloggers in Vatican or any country you desire.

The first and most important lesson in "hacking" (in the old-school sense of the word, not in the "breaking into systems/stealing/vandalizing" sense that the media likes to perpetuate these days) is to be observant and figure out the underlying nature of how things work.

Take the typical Profile Search URL from Blogger, for example. When I click on my profile, and then click on the "United States" link by the "Location:" text label, I see the following URL:

http://www.blogger.com/profile-find.g?t=l&loc0=US

See that last part of the URL, the &loc0=US part? That part of the address is being used to tell Blogger which country it should use in its search. If we could deduce the correct country code for Vatican, we can change the URL to get the desired results.

Fortunately, deducing the correct country codes is pretty easy. You just log in to your Blogger account, edit your own profile, and find the drop down list of countries under the "Location:" section. Using View Source in your web browser, find the list of countries. It should look something like this:

<select name="widget.country" id="widget.country" tabindex="0">
<option value="_nil_">Not Specified</option>
<option value="AF">Afghanistan</option>
<option value="AL">Albania</option>
<option value="DZ">Algeria</option>
. . .
<option value="VA">Vatican</option>
. . .
</select>

Obviously, I didn't list all the countries in the drop down list. I also bolded the specific entry we're interested in, so we now know that the country code for Vatican is "VA." That means if we switch the country codes on that previous search URL, we should wind up with:

http://www.blogger.com/profile-find.g?t=l&loc0=VA

The above URL will give us a page with all the Bloggers in Vatican. Don't take my word for it, though. I could be wrong, or something may have changed since I wrote this entry. If you click on the above link and get a list of profiles that all have locations in Vatican, then you know it (still) works properly. Now that you know the "trick" (i.e. find the correct country code, insert it into the URL), you can build your own "custom" links, save them as bookmarks, etc.

Of course, if you really want to be slick about it, you could build your own search form web page with a drop down list of all the countries and their corresponding country codes. (Look for that topic in an entry next week.)

Tuesday, August 19, 2008

Ten clues you are working with a bad web "designer"

I've been silent for years while web designers have criticized web developers for "making bad design." My silence ends today. Of course web developers make bad design-- we're DEVELOPERS, not designers. You don't send a pilot to do crowd control, do you?

So, instead of pointing out how web designers make bad developers, I'd like to provide something more constructive-- a list of clues to help you distinguish between legit, skilled web designers and the rest of the poseurs.

Here's the list:

1) The entire index page, including the text copy, is one big image and an image map. (Good luck if you ever need to change that text copy-- I wonder how much they'll charge you for that?)

2) They use tables to control layout because CSS positioning is "just too hard."

3) Their idea of creating thumbnail graphics is to change the width and height attribute on the img tag. (Why do these thumbnails take forever to download?)

4) Their CSS file has one line in it, and it reads: body { background: #FFF; font-family: sans-serif; }

5) Their pages have no DOCTYPE, or even worse, an incorrect one (e.g. STRICT DOCTYPE, but the page has deprecated HTML tags in it).

6) They've never heard of the W3C, the online HTML Validator, or Tidy.

7) They think Tim Berners-Lee is "that guy from Mötley Crüe." (Semantic Web? Sorry, I don't listen to New Wave.)

8) They use frames.

9) When you try to talk with them about any technical or maintenance issues caused by flaws in their design approach, they cut you off by saying, "That's not OUR problem!"

10) When you hire a different designer for your next web project, you get email and voicemails like this: "HOW COULD YOU DO THIS TO US? I THOUGHT WE WERE FRIENDS!?"

Sunday, August 17, 2008

Forget the jet pack; where's my Android phone?

Because I am a big Unix/Mac OS X geek, everyone assumes I have an iPhone. They are shocked when I say I'm not interested in purchasing one. There's nothing spectacularly wrong with the iPhone-- but it is locked down to AT&T's mobile network. I've spent time and effort unlocking my current GSM phone for use when I travel in foreign countries, so upgrading to another vendor-locked phone seems like a big step back to me.

But, I'm curious to see 2008 Q4 will bring with the new "Android phones." I'm not 100% sold on buying one yet, but if there's an unlocked quad-band GSM with a qwerty keyboard and a camera in the mix somewhere, I'd seriously consider it.

Sunday, August 10, 2008

Pecha Kucha Frustration

We finished our annual conference last week, and you know what that means: LOTS of POWERPOINT presentations. I've seen many "bad" Powerpoint presentations in the past 10 years. I've even delivered "bad" Powerpoint presentations myself. The tool's dynamic encourages "bad" presentations. It's like that "self-working magic trick" we all bought as kids-- the mechanics of the effect were so easy, we wound up showing it before we'd practiced our showmanship.

Which leads me to Pecha Kucha.

For those unfamiliar, Pecha Kucha is like haiku for visual presentations. It has a specific form-- 20 slides, displayed for 20 seconds each. Thus, if one remains true to the form, a presentation will last 6 minutes, 40 seconds. I admit, it sounds gimmicky-- but it also sounds better than the typical Powerpoint marathons we've all endured. I suspect Pecha Kucha's constraints force its followers to learn the craft of showmanship.

I'd like to try this format myself, but I don't use Windows or Microsoft Office on any of my personal machines. All the presentation software to which I do have access, such as Google Docs, doesn't appear to have an timed transition that automatically moves from one slide to the next. The nearest approximation I can make is using the screen saver feature on my iBook that can be set to display image files kept in a specific order-- but the delay between transition effects seems to be hard-wired at precisely 8 seconds.

A List Apart 2008 Web Survey

I know I'm probably preaching to the wrong audience here, but--

If you build web sites for a living in any capacity (designer, developer, tester, what have you), you should seriously consider taking the 2008 Web Survey over at "A List Apart."





(Of course, chances are that if you do build web sites for a living, you already knew about "A List Apart" and their 2008 Survey and have discovered better sources of info than my Atom feed. LOL!)

Friday, August 8, 2008

A prediction about the Ivins Investigation

Yesterday, I read an article in the DC Examiner that featured "poems" the alleged anthrax attacker sent via email to a friend. Bear in mind, I don't know anything about biological weapons-- but if I were some kind of homicidal, evil genius capable of producing anthrax at a facility that doesn't even have the right equipment for it, while leaving no traces of it in my car or house, I think I could write a poem that wasn't based on "I'm a little teapot."

Prediction: The Ivins investigation isn't going to hold up under critical scrutiny and its findings will be discredited.

Saturday, August 2, 2008

Bluejacking in the USA

I saw my first instance of bluejacking (i.e. using Bluetooth technology to send unsolicited advertising messages) today. It's peculiar, but Bluetooth hasn't caught on state-side like it has in, for example, Europe. You could probably rationalize reasons-- such as concerns about privacy and security, etc.-- but I think the truth is most people here buy consumer electronic devices for status, rather than actual function. They never read the manual in its entirety to learn all the features of their products.

But, I digress.

So, I'm at the food court in Springfield Mall in Northern Virginia, and there's this National Guard poster in one of the kiosks telling people to turn on their Bluetooth and set their devices for autodiscovery. My current cell phone doesn't have Bluetooth support, but I expect if I had, I would have received some URL to their recruiting site.

On the one hand, I'm glad to see that someone out there is at least aware of Bluetooth and making use of it. On the other hand, I was disappointed with the overall implementation. I'm not even talking about the necessity of the poster to let people know the Bluetooth service was available (though it is kind of laughable, I have to admit). The local mall management could have made outstanding use of the Bluetooth technology-- with links to promotional events, maps in case people get lost, information about the mall's hours of operations, weather conditions, movie times, the location of the lost and found, etc.

So much possibility exists-- and instead, we get adverts for the National Guard. (Nothing against the National Guard, mind you. I think they perform a wonderful service for our country.)

It's just like buying the deluxe cable TV package from your local cable company and discovering that 20 of the channels are all shameless self-promotional channels. (Hello, we're already subscribing to the service-- why are you subjecting us to advertising on channels that could be used for educational or entertainment programming instead?)

If/when I get my Personal Area Network up and running, it's going to be a hell of a lot cooler and more valuable than just advertising. I don't know exactly what I will offer, but if all I can think of to say is: "Come join our team!" then I'm hanging it up before I even get started.

They actually have programs for Bluetooth enabled devices that let users declare what their hobbies and interests are-- and when they wander into close proximity of someone else with a similarly equipped/enabled Bluetooth device, the programs compare interests and hobbies. If they find a significant degree of matching, the programs alert the users to the other person's presence. (I can't help but think of Dr. Who and how the TARDIS automatically translates all the various written and spoken languages from around the universe for travelling companions via telepathic interface. Remarkably powerful and convenient, yet so subtle that you forget it's there.)

Thursday, July 31, 2008

GTD = MPG?

Can following David Allen's "Getting Things Done" regimen give you better gas mileage?

Not exactly, but cheeky opening sentences aside, I've noticed that I now fill my tank once every nine days on average-- instead of every seven. (ed. aside: Yes, I'm one of THOSE people who lets his tank go nearly empty before filling up; get over it.) But according to my tripometer, I still get the same miles per gallon as I did before.

So, obviously something in the way I drive has changed.

It's not a conscious thing. I'm not cancelling errands while muttering about the outrageous price of gas. I suspect what's happening is the Getting Things Done (aka GTD, for short) process of capturing what I need to do, as well as the context in where I can do particular tasks, is forcing me to do a better job of getting organized and planning my errands BEFORE I get in the car.

Instead of running a dozen separate errands as they come to mind during the course of a week, I can plan ahead a day or two and combine tasks. For example, I go to the dry cleaners for pickup and drop off, go to the post office to drop off my bills and Netflix returns, hit the restaurant in the same plaza to grab dinner, which also gives me leftovers I can take in for lunch at work the next day, etc. You get the concept. GTD makes you more efficient, so you get more accomplished with less driving.

For me, filling up my gasoline tank less frequently appears to be an ancillary benefit of "Getting Things Done." Is anyone else out there seeing similar results?

Monday, July 28, 2008

Let's [NOT] do the time warp again! Please?!

MTV readies 'Rocky Horror' redux - Entertainment News, Film News, Media - Variety: "MTV is doing the time warp on a remake of 1975 cult classic 'The Rocky Horror Picture Show.'"

Since MTV and Fox Television seem hell bent on "tampering with things with which man was not meant to tamper," I throw down the following unthinkable challenge.

If you had to cast The Rocky Horror Picture Show today, who would you cast for which part(s)? Be as creative, wacky or outrageous as you want-- you're the producer. Put your dream cast in the comments.

I, for example, would take "Eddie" (originally played by Meatloaf), swap the gender (a la Battlestar Galactica), and then cast troubled chanteuse Amy Winehouse as "Edie."

Sunday, July 27, 2008

New Profile Pic

This evening I realized my stylized B&W profile pic was almost 7 [mirabile dictu!] years old. It seems impossible, because the circumstances behind it are still so vivid in my mind-- but it was taken November 2001, at the start of my trip to and adventure in Montreal.

I've decided to update the profile image with a newer, more inviting one. I'm tempted to make reference to the change seen in old and new Peter Gabriel album covers, but I doubt anyone'd catch the reference. Like it? Hate it? Speak your mind in the comments, folks-- that is what they're there for!

Tuesday, July 22, 2008

Unobtrusive Javascript and . . . a paper towel dispenser???

I've got two ideas for a blog entry, and can't decide which one to write first: the paper towel dispenser story, or the unobtrusive Javascript example. Oddly, the more I think about them, the more interconnected they seem. So, let me take a preliminary stab at this.

Think about a paper towel dispenser in a public restroom for a moment. We wash our hands, pull out a paper towel, dry our hands and throw away the paper towel without much thought. The only time we even think about the people who fill the paper towel dispenser is when they fail to get refilled, right?

I want you to imagine this guy-- his name is Dan. Dan works at an establishment with a public restroom, and part of his job duties is to make sure that the paper towel dispenser never runs out of paper towels. Dan has other job duties though; he can't just sit in the bathroom and watch the paper towel dispenser. So, first thing every morning, he stuffs the dispenser with as many tightly stacked paper towels as he can. His reasoning, of course, being that it will take more time for people to work their way through a bigger/more numerous pile of paper towels than a small/less numerous pile-- which also means he won't have to check it and refill it as often.

Less work for Dan means it's better, right?

That is, until you discover the paper towels are so tightly stuffed into the dispenser that patrons are finding it difficult to get them out. They grab the first one, but it doesn't pull free, gets wet and then tears apart in their hands. So, customers wind up pulling out a second paper towel to dry their hands with a whole piece instead of the torn fragments. Now every customer is using two paper towels instead of one.

You don't want to stuff the paper towel dispenser with as many paper towels as human possible. You want to make sure it never runs out, but you also want to make sure it allows people to easily remove a paper towel when their fingers are wet.

So, where does the unobtrusive Javascript come in, you're wondering? (That makes two of us.)

Web developers need to put Javascript into their web sites in much the same way that the paper towels need to inserted into the towel dispenser. Keep it "loose" and make it superfluous. When people can't get around your site and make use of its core functionality with their Javascript turned off, you've tried to cram too much Javascript code in there.

Monday, July 21, 2008

Training, Testing and Production

The prevailing school of thought (at least where I've worked) has been to keep your trained and untrained users as separated as possible. Don't get me wrong-- if you have deep pockets, and can get separate servers for production, training and testing environments, then by all means go for it.

But the truth is that once people have shelled out money for the database and web servers on the production side of the fence, they start looking for ways to cut expenses. This usually happens by the time they get round to setting up the training server. "Well, can't we just use one server for both the training server AND the testing server?"

This is a really bad idea, for many reasons. A training server needs to be able to handle a set number of users simultaneously (30, 60, etc.), while a testing/development server can get by with handling a much smaller number of simultaneous users. This translates into a horrible training experience for your newest end users/customers-- horrendously long login times, slow updates between pages, etc. The first impression your new users get of your killer web app is in the training, and you're showing them a slow moving piece of turd, ok?

Then, as if that weren't bad enough, developers are always working on the test/development server-- trying to add the new functionality that they've received back from program analysts/customer feedback. If you're lucky, all the new code works great the first time and there are no bugs-- but we all know how unrealistic that is. New code means new bugs, until you take measured steps to locate and remove them. So now, in addition to showing your newest end users a slow application, you're also showing them new, untested code that might or might not have bugs in it.

What exactly do you have against your new, untrained users anyway? ;)

Last, even if there aren't any bugs in the code (lucky you!), the addition of new features typically means that there are new buttons and gadgets in the interface-- so what your end users are being exposed to in their training session isn't identical is look and feel, or even in operation, to what they will actually have to work with in the production environment.

And you wonder why none of your end users likes the whole web development process?

Friday, July 11, 2008

My thoughts on dating

(warning: cynical rant coming up!)

This is simple-- I don't date. Period. I don't need to explain or justify it to anyone. Consider it a lifestyle choice on my part and move on. I don't ask you to defend your (being gay or lesbian/being hetero/being married and monogamous/being an unfaitful two-timer/being whatever you happen to be "into"), so please return me the same courtesy. Live and let live, a'ight?

So, to recap:
  1. No, I don't want to date you.
  2. No, I don't want to date your sister.
  3. No, I really have no interest in your gay friend and/or brother, either.
  4. I'm not interested in one night flings, either. Been there, done that, waste of time.
I don't need anyone to "fix me up" because, surprise surprise surprise Gomer Pyle, I'm not "broken."

But, wait-- because here's the ironic part: a decade ago, when I wanted to settle down for long term committed relationship, nobody I was involved with was interested. A decade later and three failed relationships wiser, and suddenly I'm Richard F*ING Gere? Let's examine what's changed about me in the past ten years: I've gained weight, my bald spot has grown, more grey hair, lost muscle mass, etc. Nope, no obvious physical gains in attractiveness. Oh, wait, I almost forgot-- I have a house, a car that's paid off and a steady job.

I've done the math on the whole "long term relationship" deal from my past experiences, and found the pluses were less than the minuses. So, do not waste my time unless you bring something ABSOLUTELY AMAZING to the equation.

Monday, July 7, 2008

Chinese Zodiac Desktop Wallpapers

I've been fascinated by the Chinese zodiac for months, so I decided to make a series of desktop wall papers on that theme. They are 1024 x 768, with the characters rendered in the Kai font style, and lots of open space. There's no watermark, branding or URL on them because I think that would have ruined their simplicity. (I use these as the screen saver on my iBook, and they look great with the slow zoom/fade transitions.)


I'm making them available as "Creative Commons: Attribution/Non-commercial/Share-alike 3.0 United States."

Chinese Zodiac Desktop Wallpapers

Friday, July 4, 2008

Whither Twitter?

I've removed my Twitters from my blog, but left the link for my Twitter page available.

Part of the reason was technical-- Twitter's popularity sometimes exceeds its ability to display information in a timely manner, and if it causes my page to load too slowly, I have to jettison it.

Another reason might be construed as more of a "marketing strategy." In Twitter, the number of people "following" your twitter feed says something about how popular/significant your twitter feed is-- it's a "social networking" thing. By displaying all my twitters on my blog where anyone could see it, there was never any reason for anyone to sign up for Twitter to "follow" me. (cf. Free Milk and a Cow) So, if someone really wants to see what I'm twittering about, they can do so through the "Twitter feed" link, sign up for a Twitter account and "follow" me.

The final reason is personal-- I like having some idea of who is following me and the *possibility* of controlling who reads my twitters. At the moment, it's wide open because I generally prefer to be that way. Unfortunately, in the past I've had to deal with a stalking ex-girlfriend and griefers-- if that should happen again, I'd like to be able to click a button and make sure that only people I choose can see what I express in my 140 character outbursts.

Tuesday, July 1, 2008

Web Development: How it REALLY happens

I have a love/hate relationship with web development books. Don't get me wrong-- some of them are well-written, filled with amazing advice and insights on how web development *should* be done. And yet, few of them, if any, bother to talk about how web development is actually done presently in the chaotic work place.

Here's how it works: the "web guy" in the office gets a visit from a middle-manager (who is not usually his supervisor, I might add) who wants to ask a few questions about a new web app they are considering. It's kind of a rush-job, so "we don't have time for any of that formalized process nonsense, like gathering requirements, so how about if I just tell you what the app needs to do and you just build it for me?"

You could try to explain the value of the requirements and planning phases, except you know from previous experience that managers don't know about technology, they don't know about software development processes. They also don't want to know-- it's not on their radar, and they don't see it as having any value in securing what they do want, so they aren't willing to invest time in learning it.

So, you pull out a notepad and interview the middle manager on "what the app needs to do", and as you take notes, you are also frantically drawing screen mockups/illustrations to try to elicit better quality feedback from the middle manager. It's a fairly small application, with automatic email capabilities, doesn't require log-in authentication, needs to log transactions in a database. You estimate that you can do it with six pages in ColdFusion.

In these kinds of situations, where I'm dealing with the "middle manager/bypassing the formalized process" scenario I have a rule of thumb to estimate how long it will take me to complete the application. I call it the "page a day" rule of thumb. If the application has six pages in it, it will take me six days. If it has four pages, it will take four days.

That's when the middle manager wants to argue/debate the time estimate with you. "Well, you can combine three of the pages into one, so it should only take you four days tops!" Before you think this middle manager (who hasn't done any web development coding since before Firefox was first released) is completely insane, let me tell you the part he hasn't shared with you yet. Prior to meeting with you, this middle manager was in a meeting with his supervisor, and he's just been saddled with an additional requirement out of the blue because someone above him failed to plan appropriately. To make matters worse, he's got no resources to spare and even less time, so he's hoping that you can somehow magically automate most or all of this new responsibility-- because that's ultimately what all technology is about, right, automation? And if you could make that happen before next week's meeting, that would be really super because then he can tell his supervisor that it's all been handled and it will make him look good.

Here are the take aways:

1) For ColdFusion at least, I find the page a day estimate works pretty well.

2) Avoid working for companies where managers think they have the authority to delegate to people who don't even report to them.

3) Managers of web developers should have at least some first hand, recent experience in web development themselves.

Friday, June 27, 2008

RIP Blosxom

First, the good news: Blosxom, a small and powerful Perl script with amazing blog capabilities, got a brief mention in Andrew Skinner's "Choose the best free CMS" article (Practical Web Design, July 2008, issue 177). I actually wrote a plugin or three for Blosxom back in the day, including a web visitor logger that someone in Japan used as the basis for their own plugin.

The bad news? Skinner incorrectly spelled it as "Bloxom." :( You know your branding/marketing campaign is pretty much dead when they can't even spell the name of your product correctly. It didn't even merit being listed in the feature comparison table with Wordpress or Movable Type.

Slow and Fast Charges

I'm sure anyone with a basic electronics background is probably going to laugh at my naivete, but I think I just learned something I didn't know about recharging batteries. I guess I always figured recharging a battery was the same, regardless of whether you used a wall unit charger or one of those cigarette adapter plugins in your car.

Obviously one takes less time to get the battery to "full," but I figured it was just like filling a large bucket-- if you use the sink with the small faucet or the big old garden hose, the end result is going to be a big bucket of wet by the time you're done.

Except I've noticed that the battery charge dissipates faster when I use the cigarette adapter to charge my phone than if I use the wall adapter. It's sort of like the amount of time/use the battery will have before it dies is directly related to the amount of time spent charging the device.

In other words, if I hook the phone up to my car charger until the meter says it is full, I might get about 24 to 30 hours before I need another recharge. But, if I hook the phone up to the wall socket overnight, I seem to get something like 2 or 3 full days of use before I need to recharge-- and the last two bars of power seem to go much further in particular.

I don't know if this is a phenomenon with the battery, or with the technology the phone uses to estimate how much power is remaining in the battery, or both-- but it's an effect I've observed more than once in the past month.

Thursday, June 26, 2008

All Caught Up

It's taken me three days, but I've finally managed to catch up on all my unread Google Mail. I feel great, or at least I did until I made the mistake of checking my RSS feeds and found out I had 487 unread items. D'oh!

Maybe it would be a good time to unsubscribe from some things . . . .

Monday, June 23, 2008

Why all the hating for ColdFusion?

It's weird-- but I browse different web programming forums, and there's always a faction of "ColdFusion Haters." ColdFusion isn't "real" programming; no one codes in ColdFusion any more; Perl/Ruby/Java is superior to ColdFusion. I honestly can't figure it out.

Every version of ColdFusion gets better, making complex tasks easier and faster for the web developer who just wants to get things done. Need to authenticate with Microsoft's Active Directory? Try the CFNTAUTHENTICATE tag, introduced in ColdFusion MX 7. Need to add rich, interactive experience with Ajax? ColdFusion 8 makes Ajax programming possible for people who didn't have the time/interest/skill set to figure out Prototype or Dojo.

That might be part of the problem.

See, ColdFusion (that is, the various services that run on a WebServer and make the interactive nature of the product possible) is actually written in Java. So, the Java programmers do all the slick/complicated stuff behind the scenes as it were, and shield the ColdFusion developers from the dirty, nitty-gritty. Some Java programmers-- and not even necessarily any who are directly involved in the ColdFusion development effort-- look down on ColdFusion as being "lesser" somehow, because all the real action is being done in Java, and the ColdFusion folks have no real understanding of what's taking place.

(I personally find this hilarious, because the Java Virtual Machine running on the server has to be written in a higher level language, such as C or ++, out of necessity-- so for the Java guys to be putting on airs is kinda nutty!)

Although I can see how it might be a little upsetting. You spend all this time and money learning how to do Ajax, and then someone who doesn't even understand what "asychronous" means can do everything you've learned how to do in less time without even resorting to writing any Javascript. It's a pisser, obviously.

Thursday, June 19, 2008

After thoughts on Jonah Chanticleer 公鸡: Ethics and the Economic Stimulus Package?

In a previous entry entitled, "Ethics and the Economic Stimulus Package?", I asked if there were any ethical considerations one should have when considering what to do with their economic stimulus package. In reality, the question is moot-- the rising price of gasoline and unpaid debt have consumed most folks economic stimulus check before they could even cash it.

I wasn't necessarily asking the question with the intent of being serious. I'd hoped it might strike a chord with people, start up conversation or garner a link or two. I think it may have succeeded in the first, but failed in the second. Although it is my most frequently visited individual entry, there have been no comments or links to it.

On a lighter note, I'm kicking around an idea for a-- I don't want to call it a contest, but more of an amusement. I think I'll call it "Economic Stimulus Blackjack." The idea is that you start off with an imaginary amount of money-- like $384, for example. You then need to compile a wish list of items in something like Google Products, or Thinkgeek and come as close to $384 as you can without going over that amount. The person who gets the closest to that amount without going over is the "winner."

Wednesday, June 18, 2008

Spread Firefox | The Home of Firefox Community Marketing

Spread Firefox | The Home of Firefox Community Marketing: "Over 8,000,000 downloads in 24 hours!"

That comes out to 92.5 downloads per second. Impressive!

Now I know how Columbus felt

When we last saw our intrepid hero, Jonah, he was attempting to download Firefox 3 and participate in the historical event of setting a Guiness World Record. Unfortunately, so was everyone else!

All kidding aside, the web server(s) were so overloaded that the request to download the page containing the download links would time out. I finally managed to get a partial display of that page, but without any of the style sheet information, and none of the links worked. I wound up using "View Source" to find the URL for the various versions of Firefox (i.e. Windows, Linux and Mac), and copied and pasted the URL into my address bar.

Next thing I knew, I had a 7.1 MB file called "Firefox Setup 3.0.exe" (presumably a Windows installer) on my desktop. Too bad I was on my G4 iBook at the time. So, technically, I downloaded Firefox 3 before midnight on June 17th.

(FWIW, I was able to download the Mac OS X version a few minutes ago, and it looks like I'm still within the technical timeframe thanks to timezones and all that. )

Tuesday, June 17, 2008

Firefox 3 Download Day

Despite multiple attempts throughout the day, I've been unsuccessful at downloading Firefox 3.

In some ways, this is a good thing-- it means so many people are downloading Firefox 3 that the web servers are too busy to handle all of the requests. So obviously, the marketing has been wildly successful. On the other hand, it kinds of sucks because I was hoping to be a part of this historical moment-- even if it is in a small and inconsequential way.

Maybe I'll give it one final try early tomorrow morning.

Google Mobile: GOOG-411

Google Mobile: "Get Search, Maps, Gmail and more, designed especially for your mobile."

I always forget about Google's free 411 service. I've got this habit of using my phone's Internet capability to find business phone numbers. It slow, uses up my data quota, but it's a habit.

This morning, I redid the same hunt for a business phone number that I performed yesterday-- it took a fraction of the time. Google 411 is now in my phone contacts, obviously.

Monday, June 16, 2008

Tempus

Stop. Whatever you are doing, just stop for one moment, and take a serious, thoughful look at what is going on around you. I'm not talking about the whirr of the computer fan, or the blinking light of your fancy car's turn signal. That's all surface crap and clutter, hiding the part you really want-- really need to see.

Look at the PEOPLE around you. Look at what they are doing, what they have done, what they used to do but no longer can (or think they can) do. Look at how they interact and engage with one another. Look at them today, as they were yesterday and, if you can, see them as they might be tomorrow. See how no one remains still/frozen/unchanged as time passes?

You may want to feel sad or anxious. Don't. This is the true nature of time. Accept it. We want to find something permanent. An anchor point, a sturdy ground to get our footing. We plant TREES because trees seem permanent, by relative comparison. This is a human folly. We seem like clouds to the TREES-- always moving, pushed along by breezes they cannot feel, always changing, dissipating far too soon.

Look around you once more-- that change you perceive and fear, that ebb and flow, that give and take, is the tide of the universe. It is called LIFE. You can try to block it out and ignore it, pretend it doesn't exist, until one day it crashes over you-- or you can learn to accept it and comes to terms with it, and float on your back in it.

You must decide.