Category Archives: Web

Can the Internet Survive Privacy

Bear Threat © by Mrs. Gemstone
Lately some have been suggesting that the internet is at risk. Much if not all of the hoopla stems from a recent interview with Sergey Brin from Google (GOOG). Brin says the biggest threats come from government crackdowns, attempts to control piracy, and “the rise of ‘restrictive’ walled gardens such as Facebook and Apple, which tightly control what software can be released on their platforms.”

If you look at the arguments, they essentially break down to “If Google can’t spy on your every behavior, then the internet will collapse.” This is because all information in applications that aren’t web-based can’t be crawled by web crawlers, and user behavior inside the application also cannot be monitored.

It sounds pretty ridiculous, when you think about it. People have been using applications for years on the desktop. Some of them are local to the desktop, others reach out and use the cloud (what we used to call the net, before that the internet, before that it was the network). Applications were, and continue to be a combination of proprietary software, commercial software, freeware, and other open-source models. What applications have usually NOT been on the desktop is ad-supported.

Much of the web has evolved itself into an old broadcast style model, IE advertising supports content. I know some will argue that the web “changes everything”, but think about it. The idea of having to put up with adds to get your news fix is nothing new at all. This is an old argument, is it better to have “free” content supported by ads, or paid content without advertising. In the modern era, we go beyond simple advertising as well. In addition to the cost of having to look at ads, people are giving up their privacy and allow advertisers to monitor their behavior. The rationalization is that this is saving them some money.

Again, it’s an old argument that is not going to be settled here, and I suspect won’t be settled at all. I prefer a world where you can choose whether or not you want ads, and pay for the content you get, or deal with advertising. Let the consumer choose. Personally, I don’t mind paying for software and content, like Netflix over Hulu. I prefer that over dealing with ads, even before the whole privacy issue came into play. But others feel differently and I don’t have a problem with that as long as I’m not forced down the same path.

What Brin is really saying is “If Google can’t spy on you, then advertising breaks down, and without advertising, the internet breaks down.” I don’t buy it. At all. If suddenly all advertising centric services were forced to simply serve up ads without regard to my exact movements, it would definitely have an affect on the bottom line of those serving up the ads. But advertising would go on. Don’t believe me? Turn on your television… see any advertising? Do they know who you are? Do they know what channel you just watched? Do they know that you called your mom during the show? Nope, and they don’t care. Actually they DO care, they’d love to have that information about you. But in absence of having the information, life goes on.

Google tries to obfuscates the issue by saying they’re against “Walled Gardens”. Of course they never address the issue that all traditional computing is “walled” in the sense that Google has no idea what you’re doing. But somehow that’s OK, while if use the same software on a tablet, it means death for the Internet. Ridiculous. There is in fact a considerable disagreement over whether Google themselves have a walled garden.

What it really means is that if strong privacy protections are put in place, Google will have to change or it will collapse, because they have no edge in selling ads over anyone else. That I believe.

The Ins and Outs of Opting and Privacy

There has been another rash of security and privacy issues by major internet companies. Actually it’s more of an ongoing issue than it is a recent outbreak. And much of the ongoing trouble is related to a poor understanding of “opt in” vs “opt out” methodologies, and some pretty poor business choices in that area.

Keep Out © by Aaron Jacobs

Google (GOOG) just announced that wireless network owners can no “opt out” from its Wi-Fi geolocation map database. Many have greeted this as good news and responsible behavior on Google’s behalf. Others, myself included, view this as a classic case of a business doing essentially nothing to change it’s behavior, and then promoting the non-effort as a valuable security benefit to their customers and the world at large. Google believes that once you’re using any of their services, you’ve essentially opted in to anything they want to do. More on that in a minute.

Another consumer favorite, Facebook appears to be tracking 90 days of everything it’s users (and some suggest even former users) browse on the web. This is beyond just tracking what you’re doing inside Facebook itself. And there are also allegations over whether or not they actually are storing profile information about people who have not even joined Facebook. This is another company that believes in a policy of opting you in to anything they want and then letting you opt back out. They know that a lot of people aren’t savvy enough to understand, others too lazy, and others will never even be aware of the issues.

Verizon (VZ) tracks everything you do with your phone, so do pretty much all the cell phone companies. Recently Verizon started allowing people to opt out. Josh Constine at TechCrunch mentions that at least they don’t call it “Greater Choice” like Google does. But his take is everyone is saying “Why can’t we be evil too?”

Strangely enough, AT&T (ATT) takes the opposite move of letting people opt in. Pretty ironic for a company who’s logo resemble the Death Star, but commendable.

The problem with “opt out” is that it works well outside of privacy areas. It also works in areas where you have an explicit relationship. For example, if I create a Google account it will keep track of what I search, unless I opt out. Most companies that have web accounts work in this way, for example with their email lists. This is a very reasonable method – you contacted me, so you don’t mind if I contact you. You see this normally as little “send me your junk email” boxes. You can judge the company based on whether the boxes are clicked or empty by default on their sign-up forms.

The stakes for things like this are low – the worst case is that some web site sends me a bunch of junk email, and if they’re a responsible company, they’ll respond to my “stop that” request.

The difference with privacy issues is that the stakes are much higher, and the awareness is much lower. If someone decides that by using their website I agree to let them track my every move on the web, it’s unlikely that I’ll ever figure it out. And they may end up being privy to something I didn’t want to share with them. Opting people in by default to such things is unethical behavior at best. What’s the rational connection between me using your website and me giving you permission to spy on all my web activities? There is none of course.

In the case of the Google Wi-Fi mapping they’re collecting your data whether or not you have a relationship with them. This is one step worse than the Facebook issue. In this case they’re literally driving the streets of the world looking for Wi-Fi (we used to call this warchalking) and then adding you to a database. You may not even be aware they’re collecting your data. In fact, the odds that homeowners ARE aware are extremely small. And yet they’re using on opt out methodology, just to cover their butts. Which essentially means that they’re opting you in to something, without your permission, without your awareness. And they justify that because their company motto is “Do No Evil”.

The truth is that it’s a very questionable practice to collect someone’s information without their knowledge. If they want to build a database, then can simply switch to an opt in method. Instead of my changing my SSID if I happen to know that they might drive by someday, (which is inconvenient because I have to reset all the devices using my network, including frequent guests devices) they can go to a method where they only collect data from those who indicate willingness by changing the name. Instead of changing my SSID from “mynetwork” to “mynetwork_nomap” to opt out, I should be able to change to “mynetwork_map” to opt in. Anyone who doesn’t want it doesn’t have to do anything. Anyone who is unaware will not be unintentionally opted in. Anything less is not only unfriendly to consumers, it’s just plain evil.

That Bright Light You Saw was the End of Flash

It’s finally official – at least for those who are aware of how the web works. Yesterday Adobe (ADBE) announced that they will be discontinuing flash support for mobile devices.

HTML5 © by Josef Dunne

A couple of brief quotes from their blog post follow:

“However, HTML5 is now universally supported on major mobile devices, in some cases exclusively. This makes HTML5 the best solution for creating and deploying content in the browser across mobile platforms. …”

“Our future work with Flash on mobile devices will be focused on enabling Flash developers to package native apps with Adobe AIR for all the major app stores. We will no longer continue to develop Flash Player in the browser to work with new mobile device configurations…”

To be sure they did plenty of backpedaling about renewed focus and new features for the desktop, but make no mistake, they see the light at the end of the tunnel, and they finally figured out it’s a train. Hello HTML5 Express!

As I’ve said before this is a fine thing. The truth is that many years ago Adobe was the only way to do animation, video, and interactivity at all. And after that, it was just the best way. And after that, the most common way.

Today the need for Flash has greatly diminished. HTML5 has already delivered on the promise in the area of video, and AJAX works very well for interactive web applications.

Three things really killed them. I’ll take them in reverse order, since the third was just a symptom, but most think it was the cause. Namely, Steve Jobs. At Apple (AAPL), Jobs figured out that Flash not only doesn’t work well for mobile, but it probably wasn’t every going to, at least not before HTML5 would catch on. But Jobs didn’t kill Flash, he was just more vocal about it’s shortcomings.

Number one was that the need for Flash simply isn’t there the way it once was. Web pages used to be really static. In the beginning there were almost completely text. Then people started adding more images. Then came databases and data-driven apps. Then video, sound, and fully interactive applications.

But before the last, there was a gap, people wanted video and apps, but it just wasn’t easy. Most applications consisted of some special code that had to be downloaded on your machine, and were essentially client-server programs that used the web simply as a transport mechanism. Flash is pretty much the same as the others, with the exception that it was pretty easy to use, and it managed to catch on. With critical mass, it started to be supported by most browsers, and off it went.

Today we can get streaming video quite easily without Flash. Any web site that doesn’t provide video feeds in HTML5 simply cuts off millions of potential users, which is generally a poor business decision.

As for apps, the simple web applications that are in Flash will continue to live on, but the great desire for them has changed. Now users can download free and inexpensive games all day long on their mobile devices, which is where they normally play the little time wasters. (I’m not judging, I do it myself.) So why do you need Flash?

That leaves us with advertisers – and they have a problem there. People without Flash simply don’t get their message. From the producer side it’s a problem anyway, as a consumer, I’m happy to turn Flash of in my browser, and only click when I know it’s something I need. AJAX is where advertising will end up, and actually it’s very well suited to the task, seeing as the first A in AJAX stands for asynchronous, which is perfect for advertising.

So reason number one is that the need for Flash has melted away. I was tempted to say evaporated, but it wasn’t that quick. It’s been a slow steady change in how the web works, from proprietary thick browser plug-ins to open dynamic lightweight AJAX. And that’s a good thing, both for consumers and for the people who run the pipes that the internet is carried over.

I’ve always said that the value Adobe brings to the table isn’t so much Flash itself as the amazing tools they provide for web development. The designer shouldn’t have to care so much about whether the application is Flash or HTML5, they should be able to just code. Adobe should be able to quickly get in front of this by providing everything Flash does in HTML5. And to do that, they had to finally admit that HTML5 is killing Flash. Mobile is just the first step.

As for reason number 2 (for those who’ve been keeping track… 3,1,2) it explains why mobile is the first step. And that reason is that Flash is ill-suited for mobile for various reasons. One is performance. It’s easy to see that Flash is a hog no matter what the platform.

Try a simple test – fully charge the battery on your laptop. Fully disable Flash and spend a couple hours surfing the web. Then charge the battery again, turn Flash back on, and repeat. You’ll be shocked at the results. Bear in mind, I’m not talking about playing Flash games and video even, just surf the web. Not only do you avoid advertising, but you’re battery lasts longer and everything runs faster. Who would have that that dumping Flash was a way of going green? But it is. Now imaging trying the same thing on a device with a tiny battery, slower processor and a lot less memory. Painful.

The other part of the equation is the usage paradigm. Early in the iPhone era people started writing articles about how to program an iPhone. Many articles described handling the touch interface exactly the way you would a mouse. This is of course ridiculous, especially now with multi-touch and gesture.

Even without that, a finger simply doesn’t behave the way a mouse does. For instance, you can pick a finger up and put it down somewhere and the cursor moves with it. If you pick up a mouse and set it down the cursor is either where you started or in some random place – not the most useful feature.

The touch interface is just one aspect of mobile programming that makes Flash painful on a mobile device. Silly things like x controls that let you close a Flash animation are frequently too small to be used. Add that all up and you find that the basic concept of Flash is flawed, namely to be a “write-once run-anywhere” works fine on the desktop, but doesn’t translate well to the mobile touch-enabled world. Which leads us back to Steve Jobs, 1-2-3.

And a funny footnote. RIM (RIMM) has announced that unlike Adobe, they will continue to support Flash development for the Blackberry Playbook. They just don’t know when to give up, do they? It’s not surprising coming from the people who thought that no one would want mp3 files on their phones. As ZDnet
put it:

But to continue to support an already dead platform on a dying tablet is like throwing salt in the wound of an already squashed slug.

So when HTML5 gets better and your mobile device gets stronger, you can thank Adobe for finally recognizing the inevitable – Flash is dead.

[Update]
Google has a tool that you can use to convert Flash to HTML5.
[/Update]

My Favorite Open Source software

open source word cloud on chalkboardI have a love-frustration relationship with open source software. I could never say I hate it, because I don’t. I am however painfully aware of not only how many bad open-projects are out there, but how many almost-great ones there are that come tantalizingly close to making the grade. We still haven’t reached the point, for example, where you can put a Linux desktop in the hands of the average consumer without good Sysadmin backup. Contrast that with the millions upon millions of windows systems in the hands of the Technologically challenged that continue to work. I wish it weren’t so, but it is.

Ubuntu has made strides in this area with their 10,000 paper cuts project but there is still a long way to go. Many open-source projects remain too geeky and too buggy for mainstream success. On the other hand, there are some astounding successes that continue to give me hope. Without going into problems inherent in open-source vs traditional proprietary development (I’ll leave that for another day) I’d at least like to mention the applications that have made my life better, or have even changed the world. Don’t worry there is a poll at the end for you to choose your own favorite. As always you can sound off in the comments as well.

My top 10 list of open source that really works. Criteria are it works well but doesn’t require you to be an uber-geek. At least not a sysadmin. You might be an uber-geek in your area of expertise, such as video or database. I expect a few people to complain about the criteria, but I think one of the biggest problems for the open-source movement, especially Linux and Android, is that they can’t gain traction with the mainstream because they not only have the option for radical configuration, but the requirement for the same. Most people have software to solve some particular need, not to play with the software itself. Yes, I know there is a group out there that loves playing with stuff for it’s own sake, and that’s OK – there’s nothing wrong with it. But recognize that it’s a minority position and that most people just want stuff to work.

Many will disagree with the list, but that’s not really possible – it’s a list of MY favorites, not yours. 😉 Feel free to mention yours in the comments though – maybe I’ll change my mind. There’s a poll at the bottom.

Top Ten Open Source Projects

In no particular order

Apache web server
Who can deny that Apache has changed the world? It’s a really great, really powerful web server. But it also just works out of the box. You’ve gotta love it. I’ll bundle Tomcat into this since I almost always use them together as do many others. You can use them separately if you want.

Ubuntu Linux
Who could miss putting Linux on a list like this? Currently my favorite flavor is Ubuntu. They have a simple installation, streamlined updates, a commitment to fixing annoyances, and more. They work well from desktop to server to virtualized JeOS environments (meaning Just enough Operating System). (More on JeOS at a later date).

MySQL
Having a good, powerful yet simple database available without massive cost and unencumbered by crazy licensing is probably one of the unsung heros of the modern web. Without data-driven websites we’d all still be reading static text articles. Again, MySQL can be tweaked ad nauseum, but also works well essentially out of the box for people who don’t want to waste time. I hope that Oracle keeps this gem alive. [Update 2011-10-04]Oracle has
released performance updates to MySQL[/Update]

Eclipse
In the bad-old days we used to have a variety of expensive, annually updated development environments on Windows. On Unix it was mostly command line – open four windows, one each for edit, compile, run, debug. Tools had to work hard to integrate, and tool vendors made difficult choices about what environments to support.

Eclipse being not only free but open with a well designed API let us move from working on our development environment to working on the projects we wanted. I used to spend a lot of time keeping my Emacs (with VI plugin!) working with all it’s crazy plugins. My favorite Eclipse flavor happens to be MyEclipse because it has so much useful stuff built into it. Probably most of it I could find somewhere, but this way I can just install what I need in one shot and it just works.

Standard disclaimers about working for Parasoft aside, I never leave home without Jtest plugged into my Eclipse for testing my java code even though it’s not open source.

Bugzilla
You can’t build great software without having a good bug-tracking system, and while Bugzilla is open-source / free, it remains one of the best. It has enough features for most organizations, is light-weight, and easy to use. It also has a well-published API with all kinds of nifty clients and plugins being created for it. For example, I have one on my iPad that in some ways is better than the web interface.

WordPress
What’s the web without blogging, self-publishing, storefronts, etc.? WordPress makes it easy for everyone to start a site without being an HTML expert. I have been using it after doing things by hands for years, and I’m starting to rethink some of the other projects I’m working on. I know some will think Drupal at this point. It certainly has a large following as well, perhaps even larger. But I prefer WordPress for it’s absolute usability. I’ve played with Drupal and was just never comfortable deploying it for real life. For most people, WordPress may be a better choice, I know it is for me.

VLC
I’m one of those people who has my computers integrated into my home entertainment system. I prefer living without silly disks and other dinosaur media. Years ago I moved away from music CDs, and I’m close to being done with DVD and blu-ray. The great thing about VLC is that it will play any video format you have. Really, anything. No messing around with plugins, codecs, video frame rates, and all that geeky stuff. Just right-click your video file and “open with VLC” and you’re off and running.

I have no desired to continually reconvert my videos to different formats to accommodate new devices and VLC let’s me just watch what I want. Again, it even works on iPhone and iPad, for all those who think you have to have Apple format video through iTunes.

Plex / XBMC
Plex is just a Mac fork of XBMC. From my experience, they seem to have improved on the original, but I haven’t spent enough time on the XBMC/Windows side to really be sure. This is the media-server equivalent of what VLC does for a single device. Basically you point it to the drive(s) where you store your videos, music and photos. It sets up a server which can speak DLNA so that your “usual” media server clients can use it, like Playstation, Samsung TV’s, Xbox, and more. You can also run a hard video line from your computer to your TV for an even better experience. This is one of those things that will ultimately lead to people cutting the cable. It has a plugin architecture and people are continually adding what they call “channels” which are really wrappers around existing web-based content such as Comedy Central, CNN or Aljazeera. You’ve got to try it to really understand, but it’s amazing.

Gimp
For those who need high-power image editing and manipulation, this is your gnu-alternative to those expensive programs out there. Maybe this one isn’t for the faint of heart, but for those familiar with image editing, it’s no problem to use. I’ve moved almost completely to Gimp and don’t expect to pay for other image editing programs in the future.

Firefox & Thunderbird
Firefox and Thuderbird, both from Mozilla, are definitely starting to feel dated where once they seemed cutting edge – sorry guys. I hope you push back to the front. But I cannot discount the contribution they’ve made to the world. I was once a dedicated Firefox user, but now it just looks clunky compared to others. If it wasn’t for Firefox we’d probably all be stuck with lousy browsers where instead we have several choices now. Thunderbird let us escape from the horrible enterprise email monoliths before full Ajax web-based email clients made it easy to live without a local mail client. Kudos, Mozilla.

Open Source Honorable Mentions

Projects that just didn’t quite make the top ten, although many would probably make the top 20. You’ll notice a recurring theme that I left many out because they’re just too wonky or complicated for everyday use or for “regular” people.

Apache Commons
I love Apache Commons. It has more cool useful libraries than I can count that keep me from inventing the wheel. However I suspect that it’s not used nearly as often as it could be. I almost put this in the top 10, but decided it’s probably too limited in use as well as scope – only developers feel this. Or maybe end-users should count as well? I can’t decide. But I can’t live without it either.

OpenOffice
I have to admit I’m a fan of anything that keeps the world from a single provider for office tools. But my experience with OpenOffice is frequently that it’s not quite there yet. There are some annoyances in conversion to/from the MS Office files that I have to use in my everyday life, and this means I just can’t rely on it. I wish I could. But I see improvements being made, such as a native OSX client rather than relying on an Xserver, so I have hope.

source control. There are a lot of good programs out there, but for most projects this will not only do the job, but do it well. By the way, it’s free of course. Why do people still pay for that big heavy source control program? You know the one I’m talking about.

Hudson / Jenkins
Continuous integration and build automation are very useful to software development. I find these tools useful for automation in general as well – goodbye Cron! It used to be just Hudson and then there was a split. Honestly I don’t know which one is a better choice right now – feel free to voice your opinion. I’m still using Hudson because I’ve gotten used to it. Probably you can’t go wrong with either.

Maven
Maven is a big improvement over “make” that we all used to use to build our software. It’s really the next generation of Ant, which is a great thing in itself. This one comes with a caveat though – there is a certain religious fervor that can cling to some Maven users. Using Maven can lead to lost productivity if pushed to extremes. And the “convention over configuration” mantra is a nice idea, but really the same is true if you simply do things in a standard Eclipse configuration. In practice it means “if you totally reconfigure all your development projects and source layout and builds to do what we think is good, you won’t have to reconfigure them”. We used to call that “my way or the highway”. Caveat emptor. Used properly, Maven will make your life better, used indiscriminately it will be painful.

Android
Android isn’t really free, and at least the current release isn’t really open. But still, it’s a nifty idea. I’ll ignore for a moment the potential IP issues until they get resolved in court one way or another, but having a strong mobile OS to compete and drive innovation helps everyone. Awesome.

Audacity
Audacity has a lot going for it. The times I’ve tried it I’ve always suspected it would probably do what I need, but it was tough to figure out. I think it’s still just too wonky for regular people. I suspect it will remain that way, as simple audio editing is becoming more and more available, even on our smartphones. Those who do heavy audio editing may disagree – let me know.

VNC
VNC is a remote desktop technology that works on Unix including Mac. It comes in a lot of varieties such as RealVNC and TightVNC – on the Mac it’s actually baked in as the native remote desktop. It’s a great idea, but obviously there are more people using Microsoft’s remote desktop, so I couldn’t put it int he top ten. But I use it all the time – maybe Microsoft will give up their proprietary ways and switch, but holding your breath is probably not a safe bet.

Handbrake
If you work with video files, such as ripping your movie collection, converting it to play on your Playstation, Xbox, PSP, iPod, smartphone, etc. then this is for you. It’s a powerful, full-featured open-source video conversion program. But suffers from nearly terminal geekiness. Out-of-the-box settings yield mediocre results compared to what a really good video file should have. Going beyond that requires an extreme amount of esoteric knowledge, and even at that it can be tricky to repeat at a later date. If you know video you can really enjoy this, if you’re a beginner you might get lost.

MediaWiki
We’ve all used Wikipedia. This is the software behind it. Lots of great things are being done around the web with wikis, but even without all that, you only need to look at Wikipedia to see how amazing this can be and has been. There are still some core issues that need to be worked out with the idea of canonical encyclopedia coming from a wild open community.

As you’ve probably figured out by now, there is some really great stuff coming out of Apache and Sourceforge. I haven’t covered Google much here because they’re more on the free application side in many cases though they do manage a lot of open-source as well – it’s worth a look both as an end-user (gmail, etc) and as a developer.