Stephen’s Statements A little bit of everything from Stephen Duncan Jr, a Software Developer in Portland, Oregon

Instead of working on the conversion of the blog to Webby, I spent much of the day playing with jQuery and JavaScript. A good portion was mostly wasted time attempting to make the loading of the syntax-highlighting scripts more dynamic. While this ultimately failed, it did get me to re-learn a lot of JavaScript and jQuery.

Rather than put that time completely to waste, I decided to prettify the archives section. Without JavaScript enabled, you get a linked list of links for each month of each year that I’ve published something. Now, with JavaScript, I transform that list of links into drop-downs for each year, where you can select the month within the year, and it will take you to the archive page for that month.

Now, for the code. First, on each blog page (via the template), I load my JavaScript file, and I load jQuery via Google AJAX Libraries API:

1
2
3
4
5
6
7
8
9
<script type="text/javascript" src="/js/main.js"></script>
<script type="text/javascript" src="http://www.google.com/jsapi"></script>
<script type="text/javascript">
    google.load('jquery', '1.3.2');

    google.setOnLoadCallback(function() {
            prettify_archives();
    });
</script>

This runs prettify_archives function:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
function prettify_archives() {
    var years = [];

    $("#archives > ul > li").each(function() {
        var year = new RegExp(/\s(\d{4})/).exec($(this).text())[1];

        if ($.inArray(year, years) == -1) {
            years.push(year);
        }
    });

    years.reverse();

    var html = ['<h4 style="margin:0;">Archives</h4>'];

    $(years).each(function() {
        html.push('<select style="width: 11em;" ' +
            'onchange="document.location.href=this.options[this.selectedIndex].value;">');
        html.push('<option selected="selected">' + this + '</option>');
        $("#archives > ul > li:contains('" + this + "') > a").each(function() {
            html.push('<option value="' +
                $(this).attr('href')
                + '">'
                + $(this).text()
                + '</option>');
        });

        html.push('</select><br />');
    });

    $('#archives > ul').replaceWith(html.join("\n"));
}

So, I stayed up way too late last night uploading version after version of this website. I updated the version of the syntax-highlighter I used on the one code sample I’ve posted. Nothing special there, but the fall-back when Javascript isn’t enabled is nicer, as it’s a pre-tag, instead of a text-area like before.

I fixed all the pages to have the extension .html instead of .shtml. The .shtml was leftover from when I used to use server-side-includes instead of a combination of Blogger templates & Webby layouts to handle common layout issues. Here’s the content of the .htaccess file I used to make sure old links are given a permanent (301) redirect to the new extension:

1
2
3
RewriteEngine On
RewriteBase /
RewriteRule ^(.*)\.shtml$ /$1.html [R=301,L]

During the process, I noticed that Blogger wasn’t producing an archive index page anymore. So I added archives to the sidebar for each blog. I made my css rules a bit more generic by making sidebar sections a class, instead of duplicating rules for different ids.

All of this took a bit longer than it should because any changes on the Blogger side required republishing the whole site (actually twice, once for the main blog, once for the politics blog). Whereas, for the non-blog content, I could run Webby locally, rsync it to my VirtualBox Ubuntu Server VM, and test it locally. So my next task is to figure out how to turn an export of this blog into Webby source files so that I can manage the whole process locally (and get my blog posts into version control as a bonus).

Despite the utter wasteland that is this blog, I’ve decided to start posting to yet another place on the internet: Twitter. The theory goes that if you’re interested in knowing the minutiae of my life, you can follow me on Twitter (or subscribe to my Twitter feed or what have you). I, knowing that everyone looking at my Twitter posts has implicitly consented to being bombarded with inane details about my day, can safely post such details with the concern of them being “blog-worthy”, or even “Facebook-status-worthy”.

Now, if only I can do something interesting, I may have a reason to post something to my blog again…

This week I’m having to finally end my use of two web applications from major vendors. Bloglines had several of my feeds not update properly from June 3 through June 17th. I still haven’t received any follow-up e-mail regarding the issue. Besides, for a feed-reading application, you’d think Bloglines could manage to communicate to its users through, I don’t know, some kind of syndicated XML feed? On the 16th I was fed up with the lack of a fix, and the lack of a response, so I switched over to Google Reader. Sure, on the 17th Bloglines finally fixed the issue, but it was way too late by then. Getting my 309 feeds into Google Reader went fairly smoothly; a few folders weren’t created so I had make the folders and place the feeds back into them. I’ll miss Bloglines true “keep unread” or “pinning” feature, as well as the ability to group posts by the feed when reading a folder. But I’ll get used to Google Reader’s way of doing things if it means a reliable service that doesn’t feel abandoned, despite its ownership by Ask.com. Plus I’ll also get a better feed sharing mechanism, and finally have a Feed Search that works (despite Bloglines being owned by a search company, there’s was never helpful).

The same basic experience repeated itself this week, this time from Yahoo. While the majority of people use del.icio.us for online bookmarking, I’d jumped on Yahoo’s other service: My Web, mostly because it saved the page contents for you to search through in addition to the page title and tagging. However, a month or so ago, the RSS feed for my public bookmarks started showing junk. That was fixed within a week, but it started happening again this week. Now I can’t even log in to the site. I filled out some tech support form I found on Yahoo (not that easy to find), but I’ve gotten no response. I’ve been able to access the bookmarks through another view (Yahoo’s “My Bookmarks”), exported them, and am now importing them to del.icio.us. Hopefully Yahoo will maintain that a little better.

I guess in once sense this is same feeling everyone who bet on one of several competing technologies and lost feels. There were real benefits that led me to pick the apps I did, but the world didn’t agree, and now I’ve paid the price for sticking with losers too long. Luckily some level of data portability has made that price a lot lower than it could have been.

Update: There are two new feeds you might want to track due to this change:

• My del.icio.us bookmarks
• My Google Reader shared items

You can also get these changes automatically using my all-in-one Yahoo Pipes feed.

A new version of Blogger is in beta now that appears to have the features I’ve been wanting. Now if only I could get in on the beta…

Update: How will the new dynamic architecture impact those of us using the static FTP-to-my-server functionality?

Niall Kennedy made the switch. Now will Blogger step up?

Bloglines now has Atom 1.0 support, and though there are some problems there still, it’s time for a new target. I’m sure it’s clear from all my posts that I’m a big proponent of Atom 1.0. However, I probably appeared to be a bit of a hypocrite, using an aggregator that didn’t support it, and only providing a deprecated Atom 0.3 feed. It’s true, I’m also lazy and picky, and haven’t wanted to make a change in software over these issues. It’s so much more satisfying to simply complain and wait for the software to change so that I don’t have to.

To continue that trend: What’s up with Blogger still producing Atom 0.3 feeds? Initially, it seemed Google gave the Atom movement a big boost by supporting it in Blogger. But now the Atom 1.0 specification has been out for quite some time, and usage of Atom 0.3 is discouraged. Hopefully the reason for not changing yet was fear about support in aggregators, and with Bloglines probably being the biggest (most users) holdout, maybe now is the time to start seeing Blogger produce Atom 1.0. A geek can dream…

So, who are the bloggers with clout or at least information about Blogger? I had been trying to read the blogs of several Blogger engineers, but they mostly moved on, I believe.

Bloglines has begun adding suport for Atom 1.0

It’s odd. Suddenly Tim Bray’s ongoing feed was working correctly in Bloglines. Wow! Atom 1.0 support, finally? But no, they’ve just automatically switched over his Atom feed to his RSS feed. I guess that’s one way to get rid of complaints…

…and other feed readers still don’t get the basic features right. What’s a heavy reader of feeds to do?

This promise regarding Atom 1.0 support has gone totally unhonored. I can think of no meaning of “as soon as possible” that means you can’t get a simple case that other aggregators handle correctly in almost 5 months.

While this comment shows that they are still alive at Bloglines, that’s a long time in coming. It may have been somewhat triggered by this, but it seems that some of the problems there are probably still open.

But the biggest problem is that their general unresponsiveness and lack of timely fixes has led to speculative posts such as this. How can a company built around blogging be so bad at communicating?

Scoble asks Why don’t you use a memetracker?. Check out the comments, as I agree with most of the answers. Summary: not enough new stuff, not a useful format, and, finally, why would I?

What would a useful “Memetracker” look like? First, it will have to integrate with my feed-reader/aggregator (do we have a single agreed upon name for this yet?) data. That way you can exclude the stuff I already know about. Plus you could tailor it to be interesting to me. Bloglines could pull this off, as could any other aggregator that centrally stores feed-reading data. Or, if attention or some other feed-reading-data-sharing mechanism were available, it could be done by a third party.

Second, it would be provided primarily as another feed. Not having to go out to another website and hitting refresh over-and-over is exactly the reason we love RSS and Atom so much.

So, what I’d want is an Atom feed of new items that I have neither read yet, nor have I read anything that linked to it yet. I want to see a summary of the main content, and possibly some links to the most interesting commentary on the item. An algorithm to determine interestingness like Flickr does would be the killer feature. A combination of popularity and making sure it includes some significant commentary instead of just being a another quote-and-link would be a good starting point. And, of course, I want “interestingness” to be somewhat based on what I already read, so that I can get more Java and less Microsoft, more economics and constitutional law and less party politics, and soccer and basketball, instead of just technology and politics.

Google is starting to integrate its Google Talk application with Gmail. Right now it’s just the ability to centrally store your chat logs, but it promises web-based chat to come. I’m excited!

Scoble frequently posts about Microsoft sites not using RSS. I know it's mentioned in a comment there, but I think Xbox.com is a major candidate for adding feeds. I want:

• A feed for new Xbox 360 game releases
• A feed for additions to the Xbox 360 backwards compatibility list
• A feed for new content added to the Xbox Live Marketplace
• A feed for general announcements regarding the Xbox

Right now the closest thing I have is Major Nelson's blog. Come on Microsoft! This isn't technically hard (and even if it were, you're a major technology company!), and there's tons of money in it for you to make your biggest video game target audience (geeks) aware of every opportunity they have to give you their money for things they might want.

Scoble asks if the Xbox 360 is a Web 2.0 product.

I love my Xbox 360, but no, it's not Web 2.0. For as far as this Web 2.0 concept means anything, it's about open methods of sharing: RSS, API's for web applications, etc.

It's cool that I can download things from the Xbox marketplace, but that's the only place I can download from. Nobody else can put up a marketplace that conforms to some API, that I can now add to my places to download content from.

Same thing goes for the media-center type capabilities. I'm sure its great if you have an Windows Media Center PC. But for me, the only good thing I get is if I plug in my iPod. I can't get anything of value off of my network. Yes, I know about Windows Media Connect, but, as far as I can tell, it's worthless when your content resides on a third file-sharing device not running Windows. I'm a technical person, but I haven't figured out how to get it work with either mapped network drives, nor UNC paths to an authenticated network share.

Xbox 360 has a very impressive walled-in community. Web 2.0 is about communities without those walls.

If you use Bloglines, you need to read this. It's a pretty significant security issue. In addition, it's a sign that Bloglines is unresponsive. While fixing a security hole is high priority, they also still haven't fixed this either. That's from September, by the way. So, I'm in search of a new web-based aggregator. Any suggestions?

Update: Check out the comments. They're aware of the problem and working on it. Let's hope this is a sign of increased responsiveness in the future.

Bloglines just added keyboard shortcuts! I'd been impressed by the keyboard shortcuts in Google's new feed reader, but didn't like the interface for reading new items by folder/label instead of all at once (it's possible to do what I do with Bloglines, but it takes up too much screen real-estate when you do). Now Bloglines has added it. Not sure it'll work with Bloglines UI quite as well, but still very cool and handy. Finally a new UI feature in Bloglines!

My Web has made more of their pages public. That includes the ability to get RSS feeds! So, here's my feed for my public saved pages. Think of it like a second linkblog, but less focused on timeliness, and more focused on usefulness.

Standards and CSS planned for IE7. It's great to hear about all the fixes they plant to implement. I think it's great that they used PositionIsEverything and QuirksMode to develop their list. For anybody who has had to implement hack to deal with Internet Explorer in a website design, go over there, check if the problem is on the list to be fixed, and if not, post a comment on what you'd like to see.

I still have a Flickr Pro account to give away. That's a $24.95 value. If anybody who reads this blog wants one, let me know. I'd prefer to give it away to someone I know, since I don't use e-mail, I figure this is the best way to announce it. If no such person turns up, I'd like to give it a current Flickr member with an interesting photo collection already on Flickr (sort of a worthy-cause kind-of-thing), so if you don't know me personally, at least send me the link to your Flickr photostream so I can take a look.

Check out Google's newest product: Google Gulp. I especially like how the labels indicate that it's a beta product...

I don't know why I didnt notice before, but Flickr has a very cool "Notes" feature that lets you associate a note with a section of your photograph. This picture is the first I've used the feature on. Plus I've got a comment partially describing the interesting situation.

Ryan has an even better example of using this awesome feature.

I just purchased a Flickr Pro account for two years. After I started to put in all the pictures I currently have here on the site, and noticing the limitations on free accounts, I decided to go ahead and shell out the money. It's a great product, and I don't mind paying for it at all. Look for my picture page to have thumbnails pulled from Flickr soon.

Of course, there was also the news today. On the one hand, "Pro account holders will get super mega bonuses, to be announced soon" sounds really good. On the other hand, I hope I didn't just waste money, based on "Free accounts will have more storage and uploads -- pro accounts too -- AND they'll be cheaper." I certainly hope any savings will somehow be passed on to those with existing pro accounts, on a prorated basis. Especially since I made the decision to purchase now based on this page which implies that current prices are for a limited time, and would go up when Flickr moved out of beta. Of course, I didn't remember the blog post mentioning prices being cheaper when I made the two-year purchase...

"Links...of...Interest!"

I've finally decided to use Bloglines handy feature, the Clip Blog. I'll put all the interesting posts I find, but that I don't have anything interesting to actually say there. I won't bother to put a synopsis, or anything, so you'll just have to trust my judgment that the posts are worth reading. By the way, you need to imagine the title of the blog ("Links...of...interest!") as being said the same as "Tales...of...interest!" from this Futurama episode.

Scoble supports the Microsoft vision that so-called "Smart Clients" are the future, instead of web-apps. He says:

Why? Well, it isn't hard to see how an app that runs locally would be able to make users more productive.

Beware phrases like "it isn't hard to see" or "obviously". All it really means is "I'm not going to bother to defend my position."

His example? Bloglines vs. a client aggregator, such as Onfolio:

But, comparing the two approaches just seems wacky to me. It'd be like comparing Onfolio to Bloglines. They both have their advantages, but at the end of the day I'd rather have Onfolio or NewsGator.

I think it's a horrible example. I've tried Onfolio, and it didn't last a day on machine. I found it frustrating to use, and with no real advantages. All other client aggregators have met the same fate. Supporters of smart-clients are going to have to come up with some much more compelling use cases for requiring a rich client.

Scoble says AutoLink is evil. For the record, I fully accept that this is Scoble's heart-felt opinion on right and wrong for the web. I just think he's misguided.

How different is this than the right-click functionality in Firefox ("Web Search for..."), or other extensions. For instance, a Map extension that lets you highlight an address, right-click and search for it in your choice of map program?

I see two differences. The first, is the availability of options. The MapIt extension let's you pick your map provider. I see this argument. But that's an argument about monopoly and a specific implementation of this feature by Google. That's not argument about an inherently evil feature.

The other problem is if the functionality blurs the line between client-created links and content-producer provided links. That's where Scoble's problems seem to come in. Scoble feels that this features "changes" his content, and modifies his editorial stance by creating new links he didn't put it. But I only see this as a problem if the difference between Google-created links and Scoble-produced links aren't obvious to the user. So again, this isn't about an inherently evil feature, but a problem with the specific implementation from Google.

Google just gave us a new one. And boy is it good. First, it gives us what Google does best: a simple search. You can simply type the whole search in the single simple input field and get your results. Second, it gives a very slick interface that allows us to interact with the map without getting a full page refresh (I assume it's based on the same concepts as their Gmail interface). The last feature, and this is under-appreciated one, is that the maps they give us are big and clear. A search for a particular address will give you a zoom level where streets have width (rather than lines). The maps are the easiest to read of any of the map services I've used.

Another cool map service is Map 24. It does give us a lot of Google does, and has an even slicker interface. It does this by loading an applet, instead of Google's javascript magic. This also makes it a bit slower to get started, however. I think Google's going to get most of my usage, though I plan to keep Map 24 in mind for times when I want to explore around an address more.

Yahoo! Maps, Mapquest, and Microsoft MapPoint: they aren't even in the same ballpark.

TobyWithSheet
Originally uploaded by jrduncans.

Just testing adding a photo and posting it to the blog with Flickr.

If you use Firefox and want to see if this new tag is getting used, add something like this to your userContent.css file:

a[rel="nofollow"] 
{
     text-decoration: line-through ! important;
     border: dotted thin gray ! important;
     color: gray ! important;
     background-color: white;
}

This will put a strike-through and a dotted border around the link text, and make the text gray with a white background.

As soon as I heard Google's announcement on preventing comments-spam, I immediately thought of another use of this technology. But, wouldn't you know it, Scoble already brought it up. In fact, he makes it the center of his post, and leaves the "comment-spam prevention" as an aside at the end.

I think Robert's on to something. Getting rid of comment-spam will be a (hopefully successful) behind-the-scenes, implemented by the software developers and the search engines solution. But the effect on us, as web users and content producers will be to have the power to express even this simplest of editorial statements about our links.

But, if we're wrong and people don't use it enough to change the nature of linking on the internet in any meaningful fashion, this could still be a great win. So many people have turned off their comments in frustration due to comment-spam. If this gets rid of that, many blogs might be able to become more conversational, and, in turn, keep the blogosphere more responsive, interactive, and community-like.

Welcome my wife, Diane, to the blogosphere, and witness her get drunk on the power of self-publishing.

Google Suggest Beta. Very cool. Suggest search terms as you type. I've got to learn how they do that javascript, though. (Yahoo! Mail does similar for your contact list...)

• Browser Spoofing
• Browser Spoofing: Defining The Problem
• Browser Spoofing: Determining the Criteria
• Browser Spoofing: Examining the Solutions

First, read Jesse Ruderman's take on the issue from last month. Then, check out my definition of the problem and the criteria for a solution.

Proposed Solution #1: always show the address bar

Ok. This does solve the problems. Now, only internal dialogs can show without an address bar. Since Mozilla added security information to the address bar, we can now always see that data. And for unsecure sites, we have the full url, though that may be somewhat hidden by adding lots of text before the domain name in the url. The downsides: we usually have our navigation buttons here, which add unnecessary clutter to the UI for web-based dialogs. Plus, Firefox lets you customize your toolbars. Personally, my navigation bar is empty, I have everyting on the menu bar. So I'm no longer really protected in terms of site spoofing. Also, this still allows sites to spoof the status bar, which is the traditional location of the security information (and still one of the sources of security information in Firefox), so user's who check that instead of the address bar will be fooled into thinking they're safe.

Proposed Solution #2: always show the status bar

Again, this solves the problems for the most part. Internal dialogs would be the only one's without a status bar. On secure sites, the certificate information is available, and the domain name is shown. If we simply added showing the domain name on the status bar for unsecure sites as well, then this would actually provide more anti-phishing protection than the address bar, as it would prevent the domain from being hidden by a long url. Also, the status bar is slightly smaller than the address bar, and data there can't have been moved to another toolbar. The downside: Mostly, now the address bar can be spoofed, and user's who look there for data, especially on un-secure sites, may be tricked if they ignore the status bar data.

Proposed Solution #3: A new UI

The idea here is to replace the status bar with something that actually wraps around the untrusted chrome. This has all the benefits of the status bar approach, but it prevents address-bar spoofing to an extent, by forcing that spoofed address bar to appear inside the yellow outline. My concerns are: these mock-ups don't take into account other current status-bar data. Does that still stay on this UI? Or are we not going to entirely replace the current status bar? How would this really look for a normal, maximized full window? Also, how can we insure that the utility of the outline and such don't disappear when using different browser themes? This is already a small problem with the current UI, but I can see that outline becoming even more of a problem.

Conclusions

The reason there is no simple solution to this problem is because we (Mozilla) have chosen to display security information two places: the address bar and the status bar. So, unless we change that, I think Benjamin Smedberg's idea (#3) is the best way to go. I wasn't convinced when it was first brought up, and obviously I still have some concerns, but going through this process has convinced me.

So, we know what the problem is, I think. But that doesn't quite get us to what criteria we'll use to judge possible solutions.

Obviously, the first criteria is that it needs to make it possible to identify spoofing in the situations listed in the problem description. But, does it just need to possible by a computer literate user who's paying attention? Or does it need to be so obvious that anybody will notice? Does the solution need to have limited impact on the UI of current non-spoofed pages? When it comes to spoofing to get around the browser's existing anti-page-spoofing, are we only limiting our concern to "secure sites" (https://)?

Here's what I'm going to use:

1. It needs to address the listed problems.
2. It needs to make it possible for a fairly computer literate user to identify.
3. It should address non-secure sites as well.
4. A compromise between making things more obvious for all users and keeping the UI clean needs to be made.

Regarding #3: This really goes above and beyond the current problem, as it's an attempt to add web-site spoofing protection to non-secure sites. But the use of certificates to authenticate a site's identity is a joke on the modern internet. Many sites I do trust don't have the money for a proper certificate for every domain name that points to that content. A real site that had the web server hacked is just as untrustworthy as someone putting up a fake version. So, I'd rather we simply assume that the domain name is valid, and prevent spoofing from there. Certainly, secure sites should continue to receive the extra UI they do now, but all sites should be included in anti-phishing schemes.

I've decided to take this issue slowly; most people's "solutions" are already assuming a certain definition of the problem, which is rarely stated.

The problem has little to do with Mozilla's ability to display remote XUL. This just makes a convincing spoof easier, although it limits the spoof to Mozilla-based browsers, and usually to a subset of versions. Similar things can be done in IE with a lot of work on some very clever styling and javascript.

The problem is this: pieces of the "chrome" (browser interface, as opposed to web-content display) can be hidden, and then fake data put in its place that trick the user into thinking that data is part of the browser.

But what things can a user be tricked into doing by mistaking content for browser? There's no danger (security-wise) in hitting a fake back-button, right? So, here's the problems I can think of:

• The URL bar, due to passwords-as-part-of-the-url for FTP sites.
• A browser-internal pasword dialog (such as the master-password UI)
• Any current indicators used to help prevent page-spoofing attacks (spoofs of web-site interface, not browser interface): the security (lock) indicator, be it on the status bar, or as part of the URL bar.

I'm sure there are some potential attacks I'm missing. If you know of them, add them. If I come across them, I'll update this post to include them. As I see it, the attack fall into two categories: browser-input spoofing, and browser anti-phishing circumvention. Does that cover it? Are there other types I'm missing?

A summary, as well as some proposals for Firefox UI to handle Spoofing of the Browser's User Interface.

Check out my comments there first

There's been some level of "theoretical" work on this issue, which comes down to the claims mentioned in the entry mentioned above: that it's not enough to do some kind of warning about untrusted data, you need to indicate where the line between trusted (part of the browser UI) and untrusted (web content) lies. And you need to use a box, mostly because of the status bar.

I'm not happy with solutions that involve adding UI to the browser. It's a waste of screen space for a supposed problem that is not really a problem in the wild yet. Looking forward to potential problems is great, but only if a half-way elegant solution is found.

This post has been in draft mode for a bit, so here's some commentary from someone else on the problem of these "solutions".

I intended for this to be a more complete analysis of the problem, but I want to get these thoughts out first, and then I'll come back and tackle the issue as I see it. I'm still working it out in my head, so I'm likely to end up contradicting myself a bit. Be patient.

Normal "Web Applications" consist of HTML and Javascript on the client side, and one of many types of server-side languages (I use Java/JSP). There are two problems with this. The first is the degree of interactivity on the client: there's only so much you can do with Javascript to make an HTML page feel interactive, and it's messy for even one browser, and even messier when trying to support multiple browsers. The second is the difficulty of server-client communication. An HTML based application can only consist of a series of requests and responses between the server and the client. Server-side languages try to cut down on the pain of tracking information across requests for a single client (through session variables), but that doesn't solve the pain of needing to redo the entire response for a small change caused by a request.

These problems do not occur for a rich client. A rich client can be very interactive, and can talk a direct protocol back to the server for data, and can have the rest of the logic embedded in the client. The drawbacks to the rich client are: the current ease of development of GUIs, and the ease of deployment (installing an application is a very high barrier to entry compared to a web application, and it doesn't go where the user goes).

The solution is generally proposed as a combination of the two: a "Rich Internet Application" or some other term. The prerequisites for this are: a ubiquitous client-side runtime to run the client code in (a Web Browser fills this role in a traditional Web Application), and a simple development model, especially for the GUI (HTML fills this role for the traditional Web Application).

Java Applets were one early, popular contender. Java is cross-platform, and functions as a plug-in to the web browser, which could have led to ubiquity. It used (at the time) the best development langauge available (others have caught up with, but not surpassed, Java since then, in my opinion). There are still some little games and such on the web, and some smaller interactive apps I've seen in my work environment (even one I worked on developing a little during an internship) that go this route. There are two major problems: ease of GUI design, and compatibility. Swing isn't bad for GUI design, but it's not as easy as HTML. As for compatibility, the combination of Microsoft's incompatible JVM being installed by default (which severely limited the deployment of the JRE),the poor implementation of auto-updating the installed JRE (partially due to its size), and level of incompatibility between versions has created JRE version hell, severely limiting the popularity of Applets for this kind of development. These may be able to make a new push, if techniques for XML based GUI design targeted at Swing become available.

The next major contender is Flash. It's available for multiple platforms and multiple browsers, and has a very large install base. However, since it was initially pushed almost entirely at client-side only GUI development, it caught on with users and graphic designers, but not developers. It still suffers from this stigma as a presentation only tool. It's also (from what I hear, I've never done Flash work) a bit difficult to design with as well. But Macromedia is working on pushing an XML based client-server way to do this Rich Internet Application concept, called Flex. Don't know much about it, but I should probably start trying it out.

There's also a pretty neat system that I found today, shown to me by a co-worker, that sparked this post. It works similary to Flex, I guess. It runs on a Java Application Server (for instance, Tomcat), and uses XML and Javascript for the GUI design. It's an interesting thing to take a look at.

There are also two contenders that I see, that will not be completely cross-browser, but are still up-and-coming. The first is XUL, the technology Mozilla products are based on. While Mozilla products are full client apps, XUL can be Internet deployed. This is again, an XML-based, Javascript (and CSS, which I haven't seen in other products) based GUI design system. Mozilla is cross-platform, but requires the underlying Mozilla Platform.

Alternately, there's the upcoming system by Microsoft, orginally targeted for their next-generation OS, but now to appear on XP eventually, called XAML (with Avalon relating in there somehow). This, of course, will likely only work in IE, and only on Microsoft based operating systems. But, it will have the advantage of being pre-installed on more people's desktops than any other technology over time, from a company that has better developer relationships than Macromedia.

With all these contenders, the future is really still up in the air. It'll be interesting to see how this all plays out. Anybody got their own ideas on the pros and cons of all this? Suggestions on other contenders I missed?

I know by this point, everybody who wanted one has one, and I don't even use mine anymore (I don't email that much, to be honest), but I apparently have 5 G-mail invites available, so if you want one, e-mail me. Preference will be given to e-mails from .mil addresses.

So, how long before Google starts integrating all it's neat services? I'd sure like to see people be registered to post in my blog by already having a Orkut or Gmail account. Plus I'd like to have a single log-on to all the systems. That's one of the nice parts of Yahoo.

Google's indexing of this site at it's new location has been interesting. For a while, only the main page was indexed. Now it seems like only the next level deeper is indexed (you can see the indexed files by searching for '*' in the Google search bar on the side of the page). Since that gets this blog page indexed, I'm pretty happy. Hopefully in a couple of weeks Google will index the blog archives and my actual writings.

Speaking of Google, as an active Blogger user, I got into the Gmail beta. I don't really have a need for another web-based e-mail address, but it does have some nice features. Most of the focus of news reports on Gmail have been the 1 GB of storage for free. But the neat stuff is searchable mail, mentioned frequently in the privacy-complaint news pieces on Gmail :), and categorizable mail (you can label pieces of mail for easier finding, as well as 'star' important e-mails). To me, though, the really cool feature is the fact that it attempts to display your e-mails grouped as conversations, rather than just a series of individual e-mails. I find that feature very neat, and hope to see it in traditional e-mail clients for my standard e-mail account.

Beyond that, now that I'm really doing web application programming at work, I find the interface to be pretty interesting. I'm sure that will get tweaked as time goes by, so I look forward to checking up on it every once in while. If you want to help me play with it, you can e-mail stephen.duncan@gmail.com. (I guess that putting it up here will check it's spam filtering capabilities...)

Interesting read.

On the one hand, this article focuses on structure that is customized. On the other hand, I see some utility in doing things like consuming one's e-mail via an RSS-type feeder. It's not a coindidence that RSS feeders are also called aggregators. That's another thing they provide other than handling more structure files: a good way to get a condensed version of everything you're interested in all in one place.

Another nice thing Yahoo provides is a place to store all your bookmarks. By itself, that's not that useful. But they have the Yahoo Companion Toolbar, which integrates into Internet Explorer . There's also some work to provide a version of this for Mozilla and Firefox. It's still a bit buggy, but it looks promising for those who want the Yahoo Companion in Mozilla or Firefox.

The nice thing about this is that you can load the toolbar on multiple computers, and have shared bookmarks between all your computers. However, it requires adding a toolbar to your browser, cluttering it up, plus it bypasses your browser's normal bookmark tools. Well, if you use Firefox (or possibly other Mozilla-based browsers), and you have some FTP space, you can get the Bookmark Synchronizer. One more way extensions in Firefox are improving the way we can browse the web.

I've been using Yahoo's "My Yahoo" portal as my front page for a while. Chris Snapp, who I work with, is big on using Yahoo for all his e-mail, contacts, and bookmarks. As he's been exploring more of Yahoo's features, he's pointed them out to me.

So, this weekend I started to expand My Yahoo page. I set up multiple pages instead of just a front page, and explored the Portlets they have available. One that is in Beta now is an RSS portlet. Now, I'd seen this RSS stuff all around, but hadn't really found a use for it. I mean, I didn't want a separate program just to avoid checking on pages that hadn't updated yet. But with a way to have it on a webpage (which also helps make it portable between all my computers), I'm digging it now. I also like that Yahoo's example RSS feed url is for Slashdot. This discovery of RSS also led to get the RSS Reader Panel extension for Mozilla Firefox. One thing that makes Firefox such a useful browser (I'll expound on this more later...)

Anyhow, this RSS stuff, in addition to wanting to have comments available on my blog (in hopes of feeding my ego), is really pushing me now to look for a Blog replacement. Hopefully I'll get on that soon...

Another note: Nation States

A great, fun little web game. You make a country, however you'd like, and decide on issues to run your country. I've got 3 countries, because, well, I do things over-the-top.

Anyway, if for some reason there is someone out there actually reading by weblog, despite the my lack of posting, who isn't already involved in this, they (YOU) should go to Nation States and make a country or two, and move them to the Screaming Spheres region. My countries and several other friends countries are there.

See how my countries are turning out:

• Donnachaidh - My serious attempt
• All That Is Good - My attempt at a superpower
• Puritania - I think the name says it all.

Ok, so my promise of more frequent posting hasn't panned out, as usual. But anyway, hi, how're you doing? I've been spending much of my online time recently at X-Forums, primarily the Something Positive section. It's fun and interesting, but maybe you shouldn't read it. I don't know what all I've said there, and, yeah, it gets interesting so, nevermind.