the same is true right now when it comes to projects like Open Office where, again, there are rationalizations for why you have to assign copyrights to some and they may even be valid, but it does undermine the community because it means that there is a first among equals.
There is – Sun ends up having rights that nobody else has – even if they then act perfectly and they really behave well, just the fact that they have special rights makes people legitimately feel like they are second class citizens and that’s not how you build a community.
One of the things I did with Linux from very early on was when somebody sends me changes, they retain all copyright in those changes. Nobody has – I don’t have any more rights than anybody else has except in the sense that I’ve written more code than most people, but – I say most people, not all people, that your rights when it comes to Linux are directly what you put into it.
--Linus Torvalds
Read the rest in Linus Torvalds
Corporations who were market leaders in the 1980s and 1990s for PC applications have a responsibility to make sure that documentation on their old formats are not lost. Especially for document formats before 1990, the benefits of the format as some kind of IP-embodying revenue generator will have lapsed now in 2008. However the responsibility for archiving remains.
So I call on companies in this situation, in particular Microsoft, IBM/Lotus, Corel, Computer Associates, Fujitsu, Philips, as well as the current owners of past names such as Wang, and so on, to submit your legacy binary format documentation for documents (particularly home and office documents) and media, to ISO/IEC JTC1 for acceptance as Technical Specifications.* Handing over the documentation to ISO care can shift the responsibility for archiving and making available old documentation from individual companies, provide good public relations, and allow old projects to be tidied up and closed.
--Rick Jelliffe
Read the rest in An Open Letter to Microsoft, IBM/Lotus, Corel and others on Lodging Old File Formats with ISO
File formats may sound mundane, but they can give strategic value to those who control them as a gateway to the data held by people and companies.
--Stephen Shankland
Read the rest in Google mapping spec now an industry standard | Tech news blog
Don't believe everything your 25-year old Web designers tell you about "what's easy" — especially if your target audience is 50-year-old corporate managers.
--Jakob Nielsen
Read the rest in Middle
While using XML to persist data structures enables some minimal benefits via text encoding, it seems to be harmful to the larger goal of XML being easily understandable and thus processable by many applications. So, while in a small way, dumping data structures to XML is not evil, it also is not recommended. The reason is that the data remains fairly tightly coupled to the program which produced it and thus the semantic value of the data, as a standalone entity, is diminished. In short: Better to design XML documents than dump XML data.
--Michael C. Daconta
Read the rest in XML design: data or documents?
Clearly in terms of the information represented by a message, content and markup are completely interchangeable. It's purely a tactical distinction to assist the recipient with processing.
--Michael Kay on the xml-dev mailing list, Tuesday, 11 Mar 2008 19:07:22
Google isn't really interested in the current enterprise shops - as Scoble says, they are way, way too deep into legacy to flip. They'll be happy to make inroads, but that's not really where they intend to win. Where they intend to win is with newer shops - the places that will be "the enterprise" in 10-20 years. Those shops are small now, and way, way easier to convince that they don't need the weight of the full set of tools from Microsoft, IBM, SAP (etc). They'll happily go along with Google Apps, SalesForce, Amazon EC2... and not look back.
--James Robertson
Read the rest in The Game is Different
GET almost always has side-effects, if only writing a line into the httpd log file. The correct characterization is that using GET is "safe" in the sense that it does incur any obligations on the part of the agent issuing it.
--Tim Bray on the Atom-Protocol mailing list, Friday, 16 Mar 2007 10:50:24
1. ISPs should be clearer in their marketing (Ofcom can help them). Unlimited broadband should mean unlimited.2. There should be industry agreement on what you buy is what you get: for a start, an 8Mbs-1 tariff should deliver "at least" 8Mbs-1, not "up to".
--Ashley Highfield
Read the rest in BBC Internet Blog
AOL really wasted an opportunity when they bought Netscape. They didn’t do enough to leverage the site’s traffic and brand. They basically sat on it. It was a strategic blunder.
--Greg Sterling
Read the rest in Macworld: News: Can AOL keep Netscape.com from fading away?
Let's revisit the spectre haunting venture capital. Why aren't there more Googles?
The answer's very simple. Because every company that had the potential to be economically revolutionary over the last five years sold out long before it ever had the chance to revolutionize anything economically.
Think about that for a second. Every single one: Myspace, Skype, Last.fm, del.icio.us, Right Media, the works. All sold out to behemoths who are destroying, with Kafkaesque precision, every ounce of radical innovation within them.
--Umair Haque
Read the rest in How to Fix Venture Capital
it is as old as plato. rdf is just the latest incarnation of the belief that there is a world of ideas, and if we just try hard enough, we will be able to formalize it, and then anything can be formalized based on these formalized ideas. this has been tried numerous times, and rdf just put pointy brackets around that.
--Erik Wilde on the uri-request mailing list, Monday, 10 Dec 2007 14:29:52
Reading an XML configuration file, everyone seems to jump on Commons Digester, which I assume you'd only ever use 10% of the API. The result is one huge dependency to do one small task. The whole thing can be done with some clever DOM coding; it's a case of taking the time.
--Jason Bell
Read the rest in A Christmas Wish List
I myself feel that it is very important that my ISP supplies internet to my house like the water company supplies water to my house. It supplies connectivity with no strings attached. My ISP doesn't control which websites I go to, it doesn't monitor which websites I go to.
--Tim Berners-Lee
Read the rest in BBC NEWS | Technology | Web creator rejects net tracking
Newspapers aren't dead yet, though they are sadly dying by the month. According to the New Yorker piece, American newspapers have lost 42% of their market value over the last 3 years alone.
The problem is that classified ads are one of the few forms of advertising that work better online than in print, and they used to be a huge part of newspaper revenues (33% of all newspaper ad revenues in 1985, the year the Web took off). Display ads work much better in print (since they hardly work at all on the Web due to banner blindness), but display ads plus subscriptions are insufficient to fund a newspaper.
Furthermore, there's a tendency for people to get more of their information online than from print, and since the value of a website reader is vastly less than the value of a print reader, this compounds the problem.
--Jakob Nielsen on the "Alertbox Announcement List", Monday, 31 Mar 2008 07:00:00
A lot of sites which claim to offer unvarnished customer reviews operate the same way. These sites aren't Consumer Reports. Their business model is selling products, services and advertising, the same as the businesses they allegedly watchdog. Worse, you ain't their client. The hotels and their referral fees are what's keeping them in the black. While they might allow benign criticism like "slow room service" I doubt they would want to alienate a client with a truly scathing review.
--Steve Manes on the WWWAC mailing list, Monday, 24 Mar 2008 10:51:20
Governments have to start asking themselves what the ISO seal of approval really means. As demonstrated by the MPEG standards, it never meant that something qualifies as a meaningful "Open Standard." Now it seems that ISO could be the wrong forum for standards development in information technology in general. It seems to work too slowly or too poorly to make the ISO brand meaningful in the IT world. We'll have to see whether ISO can repair its own processes enough to become a meaningful participant.
--Jonas Öberg. Free Software Foundation Europe
Read the rest in Groklaw
You'd think that sooner or later even Microsoft would learn there's a right way and a wrong way to do things. But whenever it has a choice it persists in choosing the wrong way. There are lots of smart people who work there. Didn't even one of them think bribery and corruption possibly weren't the best way to get the OOXML document format declared an international standard?
--David Dejean
Read the rest in Microsoft wins this OOXML battle, but loses the war | Computerworld Blogs
XML is a hierarchic data model but the world is a network. There are lots of possible ways to fill in the missing links [sic], but none of them feels very satisfactory (for example, many of them only work for intra-document relationships).
I'm not even comfortable that the hierarchic relationships should be special. Why can't we have multiple hierarchic views of the same network? Why do all my queries have to change depending on whether my footnotes are inline, out-of-line referenced by IDREFs, or in external documents referenced by URI? What happened to the old doctrine of data independence?
--Michael Kay on the xml-dev mailing list, Friday, 22 Oct 2004
Today, the standards-based multi-vendor platform implemented by Gecko, WebKit and Opera not only works for Web users but is the preferred platform for developers. IE is a legacy platform that gets the backport. When Microsoft tries to bring the next IE closer to the standards-based multi-vendor platform, the breakage isn’t caused by defects in the standards-based multi-vendor platform—after all, Gecko, WebKit and Opera work with real sites and Web apps. The problem is that sniffed IEness is tainted by the old IE platform.
--Henri Sivonen
Read the rest in Reality Distortion Fields
A few years ago, some of the April Fool's day posts were inventive enough to be funny. Now? It just all seems so forced.
--James Robertson
Read the rest in April Fool's Day
In 1999, I wrote an article "Metcalfe's Law in Reverse" about the problems of so-called walled gardens, where a service cuts itself off from the Internet and tries to add value by being closed.
> http://www.useit.com/alertbox/990725.html
Facebook and the current generation of social networks are trying to replicate the walled garden strategy that failed ten years ago. It'll fail again.
--Jakob Nielsen on the "Alertbox Announcement List", Monday, 31 Mar 2008 07:00:00
Google Adsense: funding Slashdot trolls since 2003.
--Mark Pilgrim
Read the rest in Translation From MS
Counter-intuitively, Postel's robustness principle ("be conservative in what you send, liberal in what you accept") often leads to deployment problems. Why? When a new implementation is initially fielded, it is likely that it will encounter only a subset of existing implementations. If those implementations follow the robustness principle, then errors in the new implementation will likely go undetected. The new implementation then sees some, but not widespread deployment. This process repeats for several new implementations. Eventually, the not-quite-correct implementations run into other implementations that are less liberal than the initial set of implementations. The reader should be able to figure out what happens next.
--Marshal Rose
Read the rest in RFC 3117
The precise problem here is that you’re pretending that there’s one standard, but since nobody has a way to test against the standard, it’s not a real standard: it’s a platonic ideal and a set of misinterpretations, and therefore the standard is not serving the desired goal of reducing the test matrix in a MANY-MANY market.
--Joel Spolsky
Read the rest in Martian Headsets
Don't kid yourself into thinking that anyone other than experts will ever be interested in managing metadata. The 303 and Link solutions are for Semantic Web experts to care about, content management software to implement, and "online librarians" to manipulate. Normal folks who just want a page on the Web do not need any of this nonsense -- they don't care if links are ambiguous and never will.
--Roy T. Fielding on the www-tag mailing list, Sunday, 20 Mar 2008 18:20:54
Content stored on a DirecTV DVR is locked down tighter than a SuperMax prison after visiting hours, so piracy doesn't even enter the equation here. What the move is intended to do is drive additional rentals and protect DVD and Blu-ray sales. By limiting the PPV window to 24 hours, DirecTV and the studios can prevent customers from indefinitely storing movies for repeated viewing. So if you want to watch that Hollywood blockbuster after the 24-hour PPV windows expires, you'll have to reorder it, head down to the video rental shop (brick and mortar or online), or buy physical media. If you want to watch it twice, you'll have to pay twice.
Or, you'll do what millions already do, and go straight to BitTorrent.
--Eric Bangeman
Read the rest in DirecTV DVR clampdown: a sober reminder of DRM suckitude
DRM is dead, even if a lot of broadcasters don't realize it. If it's bad for the consumers, it's bad for the company.
--Guinevere Orvis, CBC producer
Read the rest in Canadian public TV to try out BitTorrent | Surveillance State
the writing is on the wall: the days of private proprietary formats, especially binary formats, are numbered and perhaps have already expired.
--Rick Jelliffe
Read the rest in O'Reilly XML Blog
Imagine that everything you are typing is being read by the person you are applying to for your first job. Imagine that it's all going to be seen by your parents and your grandparents and your grandchildren as well.
--Tim Berners-Lee
Read the rest in BBC NEWS | Technology | Web creator rejects net tracking
It’s a pity; when XSD came out people thought that since it came from the W3C, same as XML, it must be the way to go, and it got baked into a bunch of other technology before anyone really had a chance to think it over. So now lots of people say “Well, yeah, it sucks, but we’re stuck with it.” Wrong! The time has come to declare it a worthy but failed experiment, tear down the shaky towers with XSD in their foundation, and start using RELAX for all significant XML work.
--Tim Bray
Read the rest in ongoing · Choose RELAX Now
police departments should be required to post all citizen complaints against individual officers online in a searchable database. Individual officers, their union reps, or their departments could post responses or explanations to frivolous claims. Police officers are public servants. Not only that, they're public servants with the power to arrest, detain, and use lethal force. If certain officers are the subject of repeated complaints and aren't being properly investigated internally, the public ought to be informed of that. This culture of secrecy—and of intimidating anyone who dares question it—isn't healthy.
--Radley Balko
Read the rest in Reason Magazine
DTDs are not only needed for validation, but also for attribute value defaulting and general entity definitions. That is, unless document is declared to be standalone ('standalone="yes"' in xml declaration); in which case it is not necessary to load dtd except for validation purposes.
--Tatu Saloranta on the xalan-j-users mailing list, Tuesday, 11 Mar 2008 12:20:28 -0700
I've never read a satisfying, compelling paper that explains how we are to differentiate between "content" and "markup" in an arbitrary context (it seems to depend upon perspective -- as similarly for "data" vs "metadata").
--Robin Cover on the xml-dev mailing list, Tuesday, 11 Mar 2008 14:46:46 -0400
I have become a fervent supporter of XOM and wish I had discovered it earlier. W3C DOM has wasted at least a year of my life. Thank you to Elliotte for speaking out against it - I thought it was me that was incompetent!
--Peter Murray-Rust on the xml-dev mailing list, Sunday, 29 Sep 2005 18:11:14
A hallmark of what should be seen as a reasonable business practice is certainly whether or not the people engaging in that practice are willing to describe it publicly.
--FCC Chairman Kevin Martin
Read the rest in FCC hints at taking action against Comcast | Tech news blog
Microsoft says many things and they may even mean them, but the fact that the person who says them means them, does that mean anything in the larger Microsoft picture? I don’t know. That seems to always be a bit unclear.
I think there are people inside Microsoft who really want to improve interoperability and I also think there are people inside Microsoft who would much rather just try to stab their competition in the back.
I think the latter class of people have usually been the one who won out in the end, but – so I wouldn’t exactly trust them. But I think they’re sincere; it’s just that a part of them, at least, is sincere.
--Linus Torvalds
Read the rest in Linus Torvalds
using a database that does relational data as well as XML has a big downside in terms of complexity. There's a lot of functionality there that you don't need, and you can't ignore it - it keeps popping up in all sorts of places, and it colours the whole flavour of the product. Also, if you're in the position where you need to convince and re-educate your developers to do everything the "pure XML" way, it's a good idea to use technology that doesn't give them any choice.
--Michael Kay on the talk@xquery.com mailing list, Saturday, 15 Dec 2007 18:01:31
namespaces are one of the arguments people keep pushing when they want to reject XML (as whole or not). That was the first argument Dave Winer threw on RSS 1.0 back in 2000 and last year at XTech 2007, this was again one of the main arguments the WHATWG threw against XHTML 2.0. And people keep doing that because they've noticed that we can't seriously deny that XML namespaces are insane and because we've written it many times in the past
--Eric van der Vlist on the xml-dev mailing list, Tuesday, 12 Feb 2008 20:31:19
I went to "Office Live" thinking it would be an office suite, but once again, it's something I don't quite understand--maybe it's web marketing. It's not clear. Oh, I can create a web site and buy ads. How, in this or any universe, should this be called "Office" when Microsoft Office has always been productivity tools like a word processor and spread sheet?
Even paying people they are going to have to stop being so freaking clueless when it comes to naming. You can't take a brand name like "Office" (so original in the first place) and suddenly make it about domain names and ads. It makes absolutely no sense and it undermines your brand.
What are they smoking in Redmond? Maybe it's just Ballmer's after shave which is making them too dizzy to think clearly.
--Daniel Will-Harris
Read the rest in Frickingenius: How Microsoft should spend their $44 billion
the really big question: Microsoft already has an Internet division: MSN. But they haven't been able to make that go anywhere. Yahoo made a good start at the beginning of the Web revolution, but then got stuck and faltered. Why on earth would combining the talents of Microsoft MSN and Yahoo produce anything other than more stumbling around in the dark? Which company would lead this recovery? At least Yahoo managed to make a strong start on the Web before driving into the weeds. But no, it would be the company that takes over, Microsoft, who brought us both MSN and Windows Vista.
How does combining a failing company (Yahoo) and a failed division of Microsoft (MSN) produce a successful division of Microsoft?
The one thing that the two companies have in common is the very thing that will make them both fail at this Web thing. They both believe that it's about centralization. The companies are built around that philosophy. Yahoo tried to create a central place where people would go on the Internet, which worked in the early wild-west days of the web -- Yahoo was the best thing out there for awhile -- and it's what caused Yahoo to slide as the Web became more decentralized. Yahoo's centralized services are no longer as good as their decentralized competitors. Now we have BBC for news, YouTube for video, etc. And Microsoft, of course, is the "Cathedral" in The Cathedral and the Bazaar.
--Bruce Eckel
Read the rest in Should Microsoft Buy Yahoo?
While FedEx and UPS have a bit more latency than a TCP/IP connection, you simply can't beat the bandwidth of sticking a hard drive into a box and having it show up somewhere else the next day with all of its data.
--James Duncan Davidson
Read the rest in The Economics of Online Backup
The immense popularity of sites like YouTube has unexpectedly turned Flash Video (FLV) into one of the de facto standards for Internet video. The proliferation of sites using FLV has been a boon for remix culture, as creators made their own versions of posted videos. And thus far there has been no widespread DRM standard for Flash or Flash Video formats; indeed, most sites that use these formats simply serve standalone, unencrypted files via ordinary web servers.
Now Adobe, which controls Flash and Flash Video, is trying to change that with the introduction of DRM restrictions in version 9 of its Flash Player and version 3 of its Flash Media Server software. Instead of an ordinary web download, these programs can use a proprietary, secret Adobe protocol to talk to each other, encrypting the communication and locking out non-Adobe software players and video tools. We imagine that Adobe has no illusions that this will stop copyright infringement -- any more than dozens of other DRM systems have done so -- but the introduction of encryption does give Adobe and its customers a powerful new legal weapon against competitors and ordinary users through the Digital Millennium Copyright Act (DMCA).
--Seth Schoen
Read the rest in Adobe Pushes DRM for Flash | Electronic Frontier Foundation
If you're arguing against xsi:type, I can certainly understand that. It's the wrong thing in >90% of use cases (probably way more, but I'm just guessing and trying to be conservative), and it makes a mess of instance documents. It was introduced because some members of the Schema WG were very anxious to handle serialization of object graphs, I.e. to do what Java Object Serialization (used by RMI) does. SOAP Encoding is an example of such XML-based object serialization, and it uses xsi:type. Indeed, because of dynamic subtyping, it's generally the case that the serialization formats for such systems must carry for each item both its name and its type. Go read through the format spec. for Java Object Serialization and you'll see that's the core of it. In XML with schema, you can use the tag for the name, and xsi:type for the type.
--Noah Mendelsohn on the xml-dev mailing list, Wednesday, 20 Feb 2008 23:39:20
XML is good for reuse. It lets you reuse all your old SGML presentations.
--Eve Maler
Read the rest in Pushing String » XML at X; film at XI
Now it is true that countries have their own histories, peculiar circumstances and cultures and that too much preaching can smack of the old missionary zeal to assume that all the things we cherish at home should be universally adopted. But culture, in the sense of custom and tradition, is often nothing but an excuse for political arrangements. Democrats from countries such as China, Pakistan or Burma do not accuse the West of imposing its values. Only authoritarians do.
A few decades ago, it was fashionable, especially in Singapore and Malaysia, to talk about 'Asian values'. Obedience to authority, sacrificing self-interest to what governments defined as national interests, accepting curbs on free speech, all these things were claimed to be specifically Asian, part of ancient traditions, something all Asians had in their cultural DNA. In fact, it was a justification of authoritarian politics inherited by the likes of Prime Ministers Mahathir and Lee Kuan Yew from the British empire.
Even as the Asian values were being touted, South Koreans, Taiwanese, Thais, Chinese and Filipinos were demonstrating in huge numbers against their authoritarian rulers. In South Korea, Taiwan and, more fitfully, Thailand and the Philippines, they succeeded. And what was it that the Burmese were risking their lives for recently, not to mention Kenyans, Zimbabweans, and many others, if not more of what Musharraf dismisses as European cultural impositions? What they want is not our culture, but the kind of freedoms that we take for granted.
-- Ian Buruma
Read the rest in Guardian Unlimited | Comment is free | Culture is no excuse for China denying its people democracy
One of the many troubles with XSD-style schema systems is that they encourage a big bang mentality, where you have to try to make all sorts of decisions about structure and type that are unnecessary or which can be left to emerge, while making it difficult to add constraints based on feedback from processes about what the real problems might be.
--Rick Jelliffe on the xml-dev mailing list, Tuesday, 29 Jan 2008 10:07:58
A web service which requires me to use XSLT is using standards that anyone can look up and implement (if needed), whereas a service feeding me JSON is requiring me to opt-in to a code library to understand how objects are converted into markup, and understand the client-by-client implementation differences. Such a service would have a much steeper learning curve and greater maintenance hassles, than a system which accomplishes the same thing using Atom + XSLT.
--Eric J. Bowman on the rest-discuss mailing list, Saturday, 29 Dec 2007 12:04:33
When people say "XML is hard", they usually do not mean "XML 1.0 is hard" but "XML 1.0 + namespaces in XML + XPath + DOM + XSLT + W3C XML Schema + XML Base + xml:id + XInclude + XPointer + ... is hard" and the proportion of criticism that goes to XML 1.0 itself is usually pretty low.
--Eric van der Vlist on the xml-dev mailing list, Tuesday, 12 Feb 2008 08:28:05
When we think of phishers, we often guess that they are a group of highly skilled ninja hackers. They have collectively caused billions of dollars in losses, and ruined the lives of many citizens whose identities they have stolen and abused. These people have got to be pretty smart, right? Wrong. Just think about what a typical phisher is really doing: installing pre-coded websites on compromised servers - that hardly takes any skill and it shouldn't impress anyone. Then you have cases where phishers steal information from other phishers by planting backdoors in the phishing kits in the form of elementary obfuscation of scripting code. In other words, phishers are not able to pull of their attacks because they are highly skilled, but because the are abusing a few fundamental flaws such as lack of awareness, lack of standards around browser UI that clearly highlights high assurance websites, and our dependence on static identifiers such as SSN, Credit Card numbers, etc to establish identifies and commit financial transactions.
--Nitesh Dhanjani
Read the rest in Interview with Nitesh Dhanjani and Billy Rios, Spies in the Phishing Underground
we screwed up in letting attribute normalization into XML. It still boggles my mind in retrospect that during the discussions back in 96-97, nobody piped up to say "why are you morons doing this?" Because we probably would have said "D'oh, right, lose it." Sigh.
--Tim Bray on the xml-dev mailing list, Friday, 20 Jun 2003
One of the problems with schemas, in fact, is that they encourage tag abuse, because they limit the freedom of users to invent new element names, encouraging them instead to overload the semantics of existing names. The tighter the schema is defined, the more creative users have to become in getting around them; in the end, they resort to comment-abuse, or even as I've seen in one case, using a namespace declaration as a boolean flag whose presence or absence conveyed information to the recipient.
--Michael Kay on the xml-dev mailing list, Sunday, 13 Dec 2007 00:16:06
In an AJAX application, you explicitly sit on the page load tag to grab an XML (or related) resource from the server, creating an asynchronous call that will update an explicitly defined model, then write more code that will walk through that XML model and either pass it to an XSLT transformation or run it through more DOM manipulation code in order to explicily populate the fields in question in the web page (any more explicit and it would require an X rating). You can cut this code down considerably with some carefully coded libraries, but these libraries add to the overhead of both loading and maintaining the page, sometimes significantly, and if they are not well written can also add a considerable burden to the debugging department.
On the other hand, an XForms like architecture defines XML data models, constraints, and bindings explicitly as rules given within an a declarative XML format. This declarative form works in a manner similar to that of an Excel spreadsheet. In Excel, for instance, you define both blocks that hold initial data then you have functional blocks that perform calculations either upon the initial data or a previously defined functional block. What you end up with in this kind of declarative “program” is an application where the “answer” may in fact be a lot of different pieces of information, where the only action involves the changing of one or more initial values, and where constraints will at a minimum prevent you from entering erroneous data.
--Kurt Cagle
Read the rest in Why XForms Matter, Revisited
Even now, as people have learned that they’re supposed to say they are not doing RPC (”look, my WSDL says doc/literal therefore I am not doing RPC”), the code is still RPC-ish with the grand-children of the body being serialized into Java (or another language) objects and passed as arguments to an operation inside a machine-generated stub.
--William Vambenepe
Read the rest in William Vambenepe’s blog » Blog Archive » Gutting the SOAP processing model
RDF is still only used on the periphery of the web and certainly not as part of the mainstream web. And IMO, RDF will probably never make the mainstream because it requires people to be too concise, and people in general are not good at being concise (witness the percentage of HTML files on the web that validate...)
--Mike Schinkel on the www-tag mailing list, Tuesday, 18 Dec 2007 15:57:46
leaving Chicago, Homeland Security seized my toothpaste. The tube that was carefully purchased in a size that’s legal to take on planes. Except for, it wasn’t in a plastic bag. You see, 90ml of naked toothpaste is dangerous and can be used in terrorist attacks, but putting it in a plastic bag prevents this.
Can we get some intelligent behavior out of our politicians please? This moronic security theater is damaging our quality-of-life and arguably playing into the actual terrorists’ hands.
--Tim Bray
Read the rest in ongoing · Naked Terrorist Toothpaste
We are not going to win the arms race with the phishers unless we admit to the underlying problem at hand: the reliance on static identifiers to establish identities and execute financial transactions. Let me expand on this a bit. We take care not to blurt out our SSN to anyone on the street, yet it is likely to be stored on hundreds of corporate databases as we progress in our lives. We take care not to expose our Credit Card numbers, but we must hand them over to people we don’t know at retail stores if we want to use it. We aren’t going to solve the problem of online PII (Personally Identifiable Information) and identify theft just by writing even more secure code (although it certainly helps), or by continuing to play whack-a-mole with phishers. The system of relying on static identifiers to commit financial transactions needs to be rethought.
Commercial financial institutions such as credit card companies and banks realize that the cost of implementing a new system that does not merely rely on static identifiers is higher than the fraud committed, so they decide to accept the cost. This is the reason why the system has not changed. Unfortunately, financial institutions only take into account their cost when making this decision, but it also ends up affecting the lives of millions of people who have to pay with their identities when such fraud is committed
--Nitesh Dhanjani
Read the rest in Interview with Nitesh Dhanjani and Billy Rios, Spies in the Phishing Underground
the quality of XSLT code on my project is very poor at the moment, because I employed two coders for six months who just couldn't grasp functional programming. So I fired them and took on a new partner to re-code the bulk of the project, but he had to learn XSLT first. This only took him one week, as he's solidly grounded in functional programming.
--Eric J. Bowman on the rest-discuss mailing list, Sunday, 30 Dec 2007 01:45:12
I have forever been amused by sales pitches that a product or service will pay for itself within so many weeks, months, or years. Generally speaking, if "pay for itself" means the product or service will actually increase cash flow and sales to an extreme, then I'm in. But if "pay for itself" means an increase in productivity, then the red light on top of my BS meter immediately goes off.
This is the modern version of a snake-oil cure. Close relatives include the "lost productivity" indexes as well as "sales lost to piracy." If sales were indeed lost to piracy, then why hasn't this become a line item on the books and therefore tax deductible? Seriously, if all this intellectual property theft is theft in any conceivable way, then take the IRS deduction based on the press announcements and see how far you get.
--John C. Dvorak
Read the rest in Promises of Productivity Are Often BS
For a certain applications — web crawling and log analysis are two that come to mind — the ability to process a huge volume of data quickly is more important than guaranteeing 100% data integrity and completeness. Relational databases dominate data management because they can make those guarantees. But those guarantees have their own costs and limitations. If I need to churn through gigabytes of web server log files to generate some numbers to make a business decision now, I don’t care if a few of the log entries are ignored; I just need to filter and categorize the data fast.
--Greg Jorgensen
Read the rest in Typical Programmer
The world of email deliverability has changed a lot in recent years. Originally, content was king. As long as you weren’t blacklisted and your email content didn’t include lots of “spammy” words, then you had a good chance of getting delivered. Today however, ISP’s and spam filtering technology has got a whole lot smarter and more aggressive.
Who is sending the email is becoming more important than what the email says. ISPs are doing this by watching their customers reassign habits and use of the “Mark as spam” button, and then tying that back to the sending domain and IP address. If a subscriber is regularly opening your email then you should be in the clear, but if a decent number rarely open your email and mark it as spam then you might not make the inbox much longer. Known as your sender reputation, it’s the most important factor in getting your emails delivered today. Just like the real world, having a good reputation ensures trust, and if ISP’s don’t trust you, you’re in trouble.
This introduces a new challenge to anyone sending reasonable amounts of email. No longer is getting permission enough to assume your email will be delivered. If it’s not relevant and exactly what the subscriber asked for, you run the risk of them marking your email as spam. It’s a delicate but extremely democratic system; your ability to deliver email truly is in your subscriber’s hands, so treat them with the respect they deserve.
--David Greiner
Read the rest in Vitamin Features » Ensuring your HTML emails look great and get delivered
It’s a lot of work getting your head around some of these deeper, darker parts of QuickTime. Not only are they harder to find documentation and sample code for, but they often lack convenient all-in-one API calls, requiring you instead to build up structures of QuickTime “atoms” by yourself.
--Chris Adamson
Read the rest in Rebooting Java Media, Act II: Development
namespaces as implemented in XML are a pox on the web and software/development in general.
--Mike Schinkel on the rest-discuss mailing list, Friday, 28 Dec 2007 19:31:16
As a word processor, little has changed in Word 2008. The elimination of VBA and weak support for AppleScript and Automator make the program far less versatile and valuable for users who really need automation. But the program’s streamlined interface and the addition of the new Publishing Layout view make it a compelling choice, especially if you want to stretch Word beyond its current capabilities.
--Jeffery Battersby
Read the rest in Macworld | Microsoft Word 2008
It's been my experience that if you follow the successful practices of the Web, it ends up working quite well internally, if you follow practices only intended to work internally, they don't always work internally.
--Assaf Arkin on the rest-discuss mailing list, Sunday, 17 Jan 2008 19:17:06
1. Validating data is different from processing data.
2. Just because an application can validate some data doesn't mean it can process the data.
2.1 Just because an application can process some data that it validated doesn't mean that *any* data it validates can be processed.
--Roger L. Costello, on the xml-dev mailing list, Friday, 28 Dec 2007 09:02:51
At a certain point, referential integrity has to be given up. Scale a bit further, and even the notion of a relation in the relational database sense of the word starts to break down. To cope, you denormalize a bit, not so much for performance reasons (though that’s important too), but as a self defense mechanism so that the pieces of data that you do have have enough context to be meaningful.
--Sam Ruby
Read the rest in Sam Ruby: Dare Takes a Look at CouchDB
the coverage focuses on the horse-race and the theater of the campaign and not on the issues. But I don’t really think that’s the fault of reporters. First, they have to file constantly on short deadlines. So even if Obama releases a tax plan one day, and you write a piece about that, that’s still only a one-day story. What do you write about the next day? Why, Obama sniping with Hillary or somesuch. Second of all, consider the imbalance in expertise between a campaign and those who cover it. When Obama releases a tax plan, it’s a product of a team of policy experts, who know the terrain inside and out. But the reporter who has to file the deadline piece about it doesn’t have any expertise on tax policy. So how could their coverage be anything but shallow?
--Christopher Hayes
Read the rest in Is Good Campaign Coverage Possible?
Decriminalizing all non-commercial file sharing and forcing the market to adapt is not just the best solution. It’s the only solution, unless we want an ever more extensive control of what citizens do on the Internet. Politicians who play for the antipiracy team should be aware that they have allied themselves with a special interest that is never satisfied and that will always demand that we take additional steps toward the ultimate control state. Today they want to transform the Internet Service Providers into an online police force, and the Antipiracy Bureau wants the authority for themselves to extract the identities of file sharers. Then they can drag the 15-year-old girl who downloaded a Britney Spears song to civil court and sue her.
Will the Antipiracy Bureau be satisfied with this? Probably not, because even the harsher laws now proposed will not stop the file sharing. Already there are anonymization services on the market that make the new laws ineffective. For this reason, the Antipiracy Bureau will demand new tools that further intensifies the surveillance of the Internet. The simple truth is that almost all communication channels on the Internet can be used to distribute copyrighted information. If you can use a service to send a message you can most likely use the same service to send an mp3-song. Those who want to prevent people from exchanging of copyrighted material must control all electronic communication between citizens.
--Karl Sigfrid
Read the rest in Decriminalize File Sharing « Karl Sigfrid
SQL is great when you have highly structured data. The problem is much of the data we generate day to day isn't easily extractable into carefully planned schemas and are challenging to represent and query in a SQL databases. That means lots of useful data that could be stored and queried ends up unused or lost because we don't have the time and resources to build schemas to store them.
--Damien Katz
Read the rest in Damien Katz: System overload
JSON makes very good use of Javascript’s literal object notation. But it’s a consequence of this fact that a JSON message can conveniently be processed by reading it into a variable and then running
evalon the variable. (This is where we came in.) The moment you do this, of course, you expose your code to a Javascript injection attack.To say “You don’t have to use
eval— JSON has a very simple syntax and you can parse it yourself, or use an off the shelf parser, and in so doing protect yourself against the security issue,” seems to ignore an important fact about notations: they make some things easier and (necessarily) some things harder. They don’t force you to do things the easy way; they don’t prevent you from doing them the hard way. They don’t have to. The gentle pressure of the notation can be enough. It’s like gravity: it never lets up.If the notation makes a dangerous or dirty practice easy, then the systems built with it will be spotlessly clean if the users have the self-discipline to keep it clean. For most of us, that means: not very clean.
--Michael Sperberg-McQueen
Read the rest in Messages in a bottle » Blog Archive » Gravity never sleeps (notations that use eval)
OOXML is nothing more than the preferences of Microsoft Office. Whenever Word changes, OOXML will change. And if you are a user or competitor of Word, you will be the last one to hear about these changes. ISO does not own OOXML. Ecma does not own OOXML. OOXML, in practice, is controlled and determined solely by the Office product teams at Microsoft. No one else matters.
Consider that Microsoft has recently proposed over 1,700 changes to the OOXML specification, including fixes that presumably will be made into a future Office 2007 fixpack. Microsoft knows what these fixes will be. The Office developer teams know what these fixes will be. But if you are a competitor of Microsoft's in this space, do you know what these changes are? No. Microsoft has decided to keep them a secret, claiming that the ISO process allows them to withhold interoperability information from competitors in what they maintain is an "open standard".
Further, the coding of Office 14 a.k.a. Office 2009 is well underway. Beta releases are expected in early 2008. But are file format changes needed to accommodate the new features being discussed in Ecma? No. Are they being discussed in ISO? No. Are they being discussed anywhere publicly? No.
Is this how an open standard is developed?
My prediction is that the first time anyone hears about what is in the next version of OOXML will be when Office 14 Beta 1 is announced at Microsoft's 2008 Office System Developers Conference (ODC). Other vendors will not hear a word about the format changes until after the Beta 1 is already released. Not even Ecma will hear about the changes until after the ODC.
DIS 29500 is already obsolete, has already been embraced and extended. You just don't know about it yet. You weren't meant to know. In fact, pretend you don't know. Give Microsoft a big head start. They need it.
--Rob Weir
Read the rest in An Antic Disposition: Those who forget Santayana...
The dominance of Windows and Office have waned. The most important personal computer application by far these days is the Internet, and there's no advantage to having Microsoft Windows when you use the Internet. The other most popular personal computer apps, web-based email and instant messaging, as well as the advent of Google Apps and other web-based Office clones, there's also a lot less reason than there used to be to use the PC platform that most applications are developed for.
In short, the network effect that supported the Windows monopoly--and bolstered the sales of all companies that hitched their wagons to this star--is disintegrating, enabling computer uses to simply choose the computers that they like best.
--Henry Blodget
Read the rest in Christmas Present For Apple Bulls: Mac Cleared for Takeoff
Many back-end developers for some reason I cannot understand seem to be completely dependent on having an IDE or a framework create all front-end code for them. It seems like HTML, CSS, and JavaScript are all way too complicated for most back-end programmers. And that is really unfortunate since the IDEs many of them use create front-end code that is nothing but pathetic.
Look, it’s very simple. You’re a programmer. You should be smart enough to learn HTML, CSS, and JavaScript. If your IDE or framework produces rubbish for front-end code, don’t let it. Twist its arm to make it produce sane markup.
--Roger Johannson
Read the rest in Lame excuses for not being a Web professional | 456 Berea Street
HTML needs fixing. The HTML 4 recommendation was published in 1999. Since then, the web has grown from a document retrieval system into an application delivery system. We have made significant progress since then, due to the cleverness of the web development community and the surprising expressive power of JavaScript, but we are at the limits. HTML is no longer a driver of innovation. It is now a serious impediment.
There are good ideas in HTML, but many of these were discarded in the XHTML effort. My thinking is that we should take a step back and refocus. The problems with HTML will not be solved by making it bigger and more complicated. I think instead we should generalize what it does well, while excising features that are problematic. HTML can be made into a general application delivery format without disrupting its original role as a document format.
--Douglas Crockford
Read the rest in Fixing HTML
Semantic drift happens naturally in the real world, for example credit card numbers which once identified an account might start to identify a specific card with access to that account. It's not surprising that it happens, because if a system is capable of meeting new requirements without requiring any software changes then people will use it creatively in new ways to meet those requirements. One of the challenges in designing schemas (or database integrity constraints) is knowing whether you should try to resist semantic drift as a menace to information integrity, or whether you should allow your system to ride the waves, thus increasing its flexibility and longevity.
--Michael Kay on the xml-dev mailing list, Sunday, 27 Dec 2007 11:12:50
Relational databases have failed the software industry in much the same way XML, Java and client-server failed the software industry. In other words, no failure to see here, move along. Those are all excellent technologies for solving a wide range of problems. Just that there are some problems they’re particularly poor at solving.
--Assaf Arkin
Read the rest in Labnotes » Conflicting Reads and Writes
If I were world dictator, I'd put a kibosh on binary XML, and I'm quite confident that the people who are pushing for it would find another solution.
--Tim Bray
Read the rest in Putting XML in the fast lane | CNET News.com
Quotes in 2007 | Quotes in 2006 | Quotes in 2005 | Quotes in 2004 | Quotes in 2003 | Quotes in 2002 | Quotes in 2001 | Quotes in 2000 | Quotes in 1999