Tuesday, September 30, 2008

The thing that bugs me about Blogger.com's OpenID

I don't know if this is the case for other providers, but with a blogger.com OpenID, I need to enter my blog URL as an ID, then I get a prompt asking me if I want to always tell the site I own my OpenID, then I get asked for my username and password.

Why in the world can't I just have the OpenID and the password fields to deal with and why do I possibly need to go through 3 screens just to post a blog comment? (having to log-in to post a comment is pretty lame on its own but I digress :P)

I can understand sending the user to the blogger.com site for the actual login over https, but can't it figure out my username from my OpenID? I mean, it's a one-to-one relationship and usernames aren't exactly secret.

If OpenID is to become popular, it really needs to be as easy as logging into 99.9% of login-based websites.


Last week it was CSRF, this week seems to be about clickjacking.

To be honest, clickjacking sounds a whole lot more difficult to deal with than CSRF, mostly because it's variant of good ol' social engineering.

10 habits of highly annoying bloggers

Funny (assuming you're not easily insulted or not a blogger).

I'm guilty of #2: my blogging looks a lot like bookmarking, I like being able to just quickly search for links I liked.

I'm also guilty of #6: I don't understand blogrolls; to be honest, to me, having one feels like a weird form of popularity contest.

In any case, if you get annoyed by other bloggers, I think you're looking at things the wrong way :)

Michael Moore on the bailout

I'm no expert in politics and economics, but I had a feeling this was the case.

Writing a compiler in Ruby


Smush it

Image optimization goodness

Meanwhile, in Flash CS4

3D, bone structures and some seriously game-oriented stuff.

What's up with the bailout?


HTML 5 today (sorta)

It's coming along, it's coming along.

You'll have to click to upload in Flash 10

Worth keeping in mind from now on.

Thursday, September 25, 2008

More F#


Quite interesting that functional programming is getting popular.

Wednesday, September 24, 2008

DOM Storage in IE

Implements most of the HTML5 spec. Cool.

Design Patterns are from the toolbox

Christer Ericson argues design patterns are from hell.

I think the problem begins when you start using patterns as if they were first class language constructs. Patterns exist because they are good ways to do very specific things: create instantiation constraints, organize data+logic+view code, etc.

As the name suggest, patterns are, well, patterns. Just because your class is not called SomethingFactory, it doesn't mean it's not a factory, and more importantly, it doesn't mean you chose the right tool for the job.

Over-architecturing, yes, is from hell, but that has to do with defining the scope of the project, which is a project management thing. If anything, a history of good accountability and feature prioritization is what you'd want to see if you're dealing with "highly-paid consultants".

Cross Site Request Forgery

The downside of having a popular web app is that you're more vulnerable to various types of attacks. Jeff Atwood talks about XSRF.

Here's a paper on how to defend against it.

Monday, September 22, 2008

Password and focus

Read the discussion at the bottom. It raises an interesting question: how do we tell users that they are accidentally typing their password in clear text? Any ideas, anyone?

F# in 20 minutes

Part 1.

Users are developers too

From a user point-of-view, there's something that usually annoys me about web interfaces: the size of text areas and rich text editors.

Think about it: how often do you have your code editor in a non-maximized window? Or microsoft word? Or Acrobat when you read a PDF?

I almost never do. I always try to maximize the window I'm using, so that it's easier to focus on whatever I'm looking at, and so that I have as much screen real estate as possible. The only exception is when I need two windows side-by-side (In which case, I try to make the combination of the windows take as much space as possible anyways).

Yet, for whatever reason, text input elements in websites and web apps are often crammed into puny forms or ad-sized (non-resizable) popup windows that give me some 200 x 400px of working space (sometimes less). Do I really have to scroll a tiny box just to proofread a two paragraph blog response? Really.

Last week, I talked about how linearity isn't always the best way to display things, and this is a good example: when I'm writing a longer piece of text, I'm no longer concerned about the email address I entered 10 seconds ago, and I'm even less likely to click on any navigation element on the page. So why do those things need to be there?

In most desktop-based software, navigation, help and even extremely useful tools are all tucked away from our sight because the main canvas is more important.

Users are developers too: they create content and they expect their tools to work well for them. And for someone writing text, a big text area is the way to go.

Think about this the next time you create a form with a "comments" field in it.

End the world already

Geez, when are they actually going to make stuff collide? :(

Update: omgweresoscrewed

Friday, September 19, 2008

Using night light satellite images to pinpoint violence-based exodus

Interesting study.

Using tables for non-tabular data is ok, really

I came across this publication about writing content that is clear and easy for your audience to understand. It's a very interesting read, especially if you do any form of business-related writing.

Here's the part that made me think (it's about 3/4 of the way down):

c) Tables make complex information readily understandable.

If-then tables lay out the text visually, helping your reader see relationships more easily and usually requiring fewer words than straight text. For example, the paragraph below is written in the "dense text" method:

For good reasons, the Secretary may grant extensions of time in 30-day increments for filing of the appeal and all required documents, provided that additional extension requests are submitted and approved before the expiration of the original 30 days or the previously granted extension.

Try it this way instead.


additional requests for extensions are submitted and approved before

  • the original 30 days, or
  • the expiration of a previously granted extension

the Secretary may grant additional 30-day extensions of time for filing of the appeal and all required documents.

Now, obviously this article is not a technical document for web developers, but it does raise an interesting point: that plain text isn't always necessarily the best way to display information.

I thought about it for a bit and considered the possibility of implementing the example above using two divs, styled as two columns via CSS, but there's a key organization cue that columns do not provide: that the titles, in addition to possessing a hierarchical relationship to their respective bodies of content, have a parallel relationships between themselves.

What this means is that reading the titles left-to-right without paying attention to the table body is intended to be a viable way extracting information from the block of text.

If one title spanned more lines than the other, a div-based column layout would likely lose its spatial organizational cue (and restoring it via CSS would involve adding way too much extra markup).

The concepts of non-linear content and orthogonality are not new by any means: hyperlinking often breaks the linearity of content to add context and background information to a discussion (e.g. those "read this and come back" articles). Even in ancient China, poets wrote acrostic poems that could be read both horizontally and vertically.


I'm not saying that it's now ok to build table-based layouts. My point is that thinking of content as a bunch of parallel lines is an incomplete way of looking at how content can be displayed.

It's easy for us developers to mentally blur blobs of text when creating websites that have more inane content than we care to read (especially for back-end folks), but going the extra mile of tweaking content structure and its strategic organization on a page /site can do wonders to improve usability - and getting your message across to your visitors.

I can haz mock objectz?

lolcode always makes my day.

Squirrelfish extreme


Thursday, September 18, 2008

Light bot

Fun times.

No wonder

One of the reasons why Stack Overflow was created was that programming searches would often show links to the Experts Exchange site (a paid subscription site)

Now I wonder if this might have contributed to it being always at the top of the search results.

Haidt video

He talks more about moral psychology. Very nice.

Wednesday, September 17, 2008

Conservatives vs Liberals - A dissertation about human morality

This is a profoundly interesting read. It articulately answers a question that has been bugging me for the longest time: why conservatives and liberals don't get along.

Update: The follow-up discussion is also worth reading.

Fluffy Bunny

What's more dangerous: Grand Theft Auto or Fluffly Bunny?

Answer: Fluffly Bunny.

Tuesday, September 16, 2008


Guys uses poor judgement when making a metaphorical statement and the internets takes care of twisting it completely out of proportion. Don't even start with the Palin jokes.

I don't know what's more hopeless, republican zealots or democrat ones. Well, have fun with your new president, whoever that turns out to be, guys.

Bluff - graphing in javascript

A javascript port of Gruff.

Monday, September 15, 2008

You can't please everyone

Hank Williams has an interesting piece about the current web development industry as an actual business model.

I definitely agree that adding value and charging your target niche for that extra value makes more sense than trying to please everyone and counting on the viral effect to make it big.

This kinda goes with this little rant I've thinking about for a bit: lately it seems that everything is a copy of a copy of a copy. You can really see it when the same things shows up in every RSS feed, as if people couldn't find better stories to report.

I personally first got on the web because I was interested in japanese animation (I was into Pokemon at the time - yeah I didn't know better, bite me) and magic tricks (card sleights, specifically). I didn't get on the web because I cared about the latest games, Palin bloopers, Facebook or whatever other viral thing you can think of. I think it's time to bring all the work we've been doing with mashups to meet the world of subcultures and personal interests. And by that, I don't mean reinventing the wheel by trying to tie Google Maps or some other trendy API with <insert niche here>, I mean really knowing your niche and adding real value.

Cube attack paper

It's online now.

Friday, September 12, 2008

CSS in one line

There was a bit of drama over it on Ajaxian recently. Personally, I like CSS properties in alphabetical order and in one line. The alphabetical order makes it easier for me to find properties and the one-line approach lets me ctrl+D in Notepad++ (that duplicates the current line or selection), as well as tweak groups of selectors more quickly than it would take to scroll up and down looking for the ul li.selected that is related to the ul I'm working on at the given moment.

It's nice to be able to just press up and down when I need to change related properties. Thanks to the physical proximity of similar rules granted by alphabetizing rules, with just one keystroke up or down, my cursor will be somewhat where I need it. Here's a pattern I use often that illustrates that.

/*rounded corner styling pattern*/
.t {background-position:100% 0; someotherstuff...}
.t div{background-position:0 0; someotherstuff...}
.b {background-position:100% 100%; someotherstuff...}
.b div {background-position:0 0; someotherstuff...}

Here, I'd type the first line, ctrl+D a few times, tweak the selectors, then the background-position values. Follow the imaginary cursor :)

For maintenance, we can almost look at the blocks of code in the stylesheet as if they were tables: backgrounds here, borders there, etc.

How to draw techie traffic to your site

Suggest Google is evil. It seems we all want to hear it being said, for some strange masochist reason.

Thursday, September 11, 2008

HTML5 alt attribute

You must have heard about the long long looooooooooooooooooong discussion that has been going on about this.

Ian's final proposal is this:

For the "key content without alt text" cases, we have the alt="" attribute omitted, but there must be at least one of the following, and the first that is present must include sufficient information to orient the user.

  • title="" attribute on the <img> itself
  • <legend> of the <figure> that contains the <img>
  • heading of the section that contains the <img>

Monday, September 8, 2008

Floating data centers


I wonder if the people writing the comments ever go outside. Sure floating data centers are easy targets for terrorism. Just about as easy as sinking an oil rig or one of the gazillion cargo ships that bring your t-shirts and iPhones from China every day. Get real, people.


With YUI

Friday, September 5, 2008

Tales of the job

Today, a co-worker came asking me if there was an easy way to do this task: he needed to create an array of strings from a HTML structure composed of a top level div (with an id), with child divs, each containing a bunch of uls, which in turn contained a bunch of lis that contained a span with the desired text, plus anchor tags, among other non-relevant stuff.

We use prototype, so I scribbled a quick script using it:

var a = [];
$$("#bla div ul li span").each(function(e) {

He tried it out and it worked like a charm.

I love problems that take longer to describe than to solve :)

Cappucino is out


Tuesday, September 2, 2008

Chrome on Dromaeo

It's ridiculously fast.

From scratch

Google's idea of "from scratch":

We want others to adopt ideas from us, just as we've adopted good ideas from others.

Chrome: Google enters the browser wars

The announcement

Right now, it's a bit hard to get some more info since their servers are getting hammered with requests this morning. From what I understand so far, it uses the WebKit engine and it features a devious twist when approaching the speed optimization competition that was going on between Firefox, Safari and to an extent, Opera: it will have a per-tab performance monitor so that if the browser starts to slow down, users can blame sites, instead of browsers.

From Google's perspective, that move is truly a stroke of genius. It will force web developers to become more responsible with their code, rather than relying on the browser's Moore's Law. At the same time, it lessens the expectations from browser critics towards Chrome itself.

Now the question is: when can I download it? :)

Update: to answer my own question - Here.