Menu
"APIs" entries
Google Platforms, Securing Software, Interactive Design, and Building Proverbs
-
Steve Yegge’s Google Platforms Rant — epic. Read it. (updated with new link)
-
Guidelines for Securing Open Source Software (EFF) — advice from the team that audited some commonly-used open source libraries. Avoid giving the user options that could compromise security, in the form of modes, dialogs, preferences, or tweaks of any sort. As security expert Ian Grigg puts it, there is “only one Mode, and it is Secure.” Ask yourself if that checkbox to toggle secure connections is really necessary? When would a user really want to weaken security? To the extent you must allow such user preferences, make sure that the default is always secure. (via BoingBoing)
-
Ladder of Abstraction — a visual and interactive exploration of design that will delight as well as inform. (via Sacha Judd)
-
On “Build It And They Will Come” — I wasn’t saying “build it and they will come”—I was saying “don’t build it and they can’t come”. Wonderfully captures the idea that success can’t be guaranteed, but failure is easy to ensure. (via Ed Yong)
I
Coverflow Javascript, Voice APIs, Liberal Acceptance Ruins Everything, and Mobile HTTP Pipelining
-
ContentFlow — Javascript library to provide CoverFlow-like behaviour.
-
Twilio Client SDK — 1/4 cent/minute API-to-API calls, embeddable in browser apps.
-
Postel’s Principle Reconsidered (ACM) — The Robustness Principle was formulated in an Internet of cooperators. The world has changed a lot since then. Everything, even services that you may think you control, is suspect. Excellent explanation of how interoperability and security are harder than they should be because of Postel’s Law (“Be conservative in what you do, be liberal in what you accept from others.”, RFC 793). (via Mike Olson)
-
HTTP Pipelining on Mobiles — HTTP pipelining has a much higher adoption amongst mobile browsers. Opera Mini, Opera Mobile and the Android browser all use HTTP pipelining by default. Together they account for about 40% of mobile browsing. If you’re developing a mobile site, your site is experiencing HTTP pipelining daily, and you should understand how it works. (via John Clegg)
Tables to Charts, Crowdsourcing Incentives, Domain Boondoggles, and Conquering Complexity
-
Chartify — jQuery plugin to create Google charts from HTML tables. (via Rasmus Sellberg)
-
Designing Incentives for Crowdsourcing Workers (Crowdflower) — In a tough turn for the sociologists and psychologists, none of the purely social/psychological treatments had any significant effects at all.
-
The gTLD Boondoggle — ICANN promised back in 1998 that they would bring the world lots of new domains. So far they haven’t, the world has not come to an end, and the Internet has not collapsed. The absence of demand for new TLDs from actual users (as opposed to domain promoters and the occasional astroturf) is deafening. What we do see is a lot of concern that there will be more mistakes like .XXX, and pressure from governments both via the GAC and directly to ensure it doesn’t happen again. It’s a bugger when you go hunting for a new product’s domain name and realize “all the good ones are taken”, but that’s an argument against domain squatters/speculators not an argument for opening up new top-level-domain vistas.
-
Atul Gawande’s Medical School Commencement Address (New Yorker) — every lesson in here about healthcare is just as applicable to software development. Read it. (via Courtney Johnston)
Bogus Analysis x 2, API Classifications, and Expansive Text
-
Mathematical Intimidation: Driven by the Data (PDF) — excellent article from Notices of the American Mathematical Society about the flaws in “value-added modelling”, the latest fad whereby data about students’ results in different classes are analysed to identify the effect of each teacher. People recognize that tests are an imperfect measure of educational success, but when sophisticated mathematics is applied, they believe the imperfections go away by some mathematical magic. But this is not magic. What really happens is that the mathematics is used to disguise the problems and intimidate people into ignoring them—a modern, mathematical version of the Emperor’s New Clothes. A critical instance of Hilary Mason’s Clean data > More Data > Fancy Math. (via Audrey Watters)
-
Classification of HTTP-based APIs — The classification achieves an explicit differentiation between the various kinds of uses of HTTP and provides a foundation to analyse and describe the system properties induced. (via Brian Mulloy)
-
Cancer Clusters (BBC) — straightforward demonstration of how naive analysis of random numbers can yield “patterns”.
-
FitText.js — a jQuery plugin for inflating type.
Data in Javascript, Artificial Empathy, Gender Comms, and Artificial Scarcity
-
Amplify.js — simplify all forms of data handling by providing a unified [Javascript] API for various data sources. Amplify’s store component handles persistent client-side storage, using standards like localStorage and sessionStorage, but falling back on non-standard implementations for older browsers. Amplify’s request adds some additional features to jQuery’s ajax method while abstracting away the underlying data source.
-
Artificial Empathy (Matt Jones) — we’ve evolved to broadcast and receive emotion, to infer intelligence and intent from the weakest of signals. Now we’re starting to use those communication channels in computer interactions. Matt Jones wonders what we can learn from animals about how this will play out.
-
Communication Styles Make a Difference (NY Times) — Women were also more negative about the tone of the list. Whereas men tended to say that they found the “slings and arrows” that list members posted “entertaining” (as long as they weren’t directed at them), women reported that the antagonistic exchanges made them want to unsubscribe from the list. One women said it made her want to drop out of the field […] altogether. Also interesting: neutral point-of-view penalizes anyone who cautiously phrases contributions as opinion and rewards those who boldly claim facthood.
-
Why Platforms Leak: The Impact of Artificial Scarcity (JP Rangaswami) — the best summary of the inevitable failure of artificial scarcity. When you make something digital and connect it to the web, it becomes available everywhere, it becomes available immediately […] As we’ve moved from the physical world to the digital world, incumbents in many industries have sought to preserve the historical structures and ways of doing business. Which, in effect, were attempts to create and exploit artificial scarcities. When it comes to digital assets, there are four primary ways to try and create artificial scarcity. […] All these have been attempted. All these have failed, and will continue to fail. You cannot make something that is essentially abundant artificially scarce.
New Copyright Laws Proposed, GMail APIs, Internet Book Roundup, and Chrome Farm
-
White House Will Propose New Digital Copyright Laws (CNet) — If the Internet were truly empowering citizenry and bringing us this new dawn of digital democracy, the people who run it would be able to stop the oppressive grind of the pro-copyright machinery. There’s no detail about what the proposed law would include, except that it will be based on a white paper of “legislative proposals to improve intellectual property enforcement,” and it’s expected to encompass online piracy. I predict a jump in the online trading of those “You can keep the change” posters that were formerly the exclusive domain of the Tea Party, and the eventual passage of bad law. As the article says, digital copyright tends not to be a particularly partisan topic..
-
Introducing Gmailr — An unofficial Javascript API for Gmail […] there are many companies […] building out complex APIs with similar functionality, that can all break independently if Gmail decides to significantly change their app structure (which they inevitably will). What we really need is for many people to come together and build out a robust and easy-to-use javascript API for Gmail that is shared across many extensions and applications. This is my hope for Gmailr. This is how Google Maps API began: reverse engineering and open source.
-
The Information: How the Internet Gets Inside Us (New Yorker) — thoughtful roundup of books and their positions on whether the Internet’s fruits are good for us. He divides them into never better, better never (as in “we’d be better off if it had never been invented”), and ever-was (as in, “we have always been changed by our technology, so big deal”). (via Bernard Hickey on Twitter)
-
New Chrome Extension Blocks Sites from Search Results — Google testing whether users successfully identify and report content farms.
API Economics, Spreadsheet Risks, New York of Things, Pair Programming Fail
-
Instapaper’s API — Marco Arment wanted to prevent people building their own front-ends using the API and thus removing his (advertising) revenue source. He could offer a cripped API, but people scrape to work around that. He could tithe the apps people build on top of his API, but that’s hard work to set up and run. His solution: the API only works for paying customers.
-
European Spreadsheet Risks Interest Group: Horror Stories — horrifying reading. I was surprised by how many companies build Excel into their accounting workflow.
-
New York’s Central Nervous System is Growing — another datapoint in the sensor network Internet of Things buildout. The lump, an ultra-low power sensor, will communicate with other white lumps under parked cars all over the island, telling each other when you pulled in, how long you’ve been parked and when you rumble away. Last month, the Roosevelt Island Operating Corp. announced plans to place these sensors underneath the 30 new parking spots next to Roosevelt Island’s subway and tramway. (via BLDGBLOG)
-
Where Pair Programming Fails for Me — I found that in order to pair, I had to act as if I was in a continuous meeting. I had to not just listen to my pair, but appear to be listening; I had to nod in the right places, repeat back what my pair said in active listening fashion. I had to pick the right moment to interject. I tried to model my partner’s mental state in my head so I could see his viewpoint better. While I was doing this, I was trying to see the code that he was writing, and the design that he was trying to make the code fit. If there was a failing test, I was trying to figure out the test and the test framework at the same time.
New Browser, Google APIs, NFC Checkin, and XSS Prevention
-
Mozilla Home Dash — love this experiment in rethinking the browser from Mozilla. They call it a “browse-based browser” as opposed to “search-based browser” (hello, Chrome). Made me realize that, with Chrome, Google’s achieved a 0-click interface to search–you search without meaning to as you type in URLs, you see advertising results without ever having visited a web site.
-
Periodic Table of Google APIs — cute graphic, part of a large push from Google to hire more outreach engineers to do evangelism, etc. The first visible signs of Google’s hiring binge.
-
NFC in the Real World (Dan Hill) — smooth airline checkin with fobs mailed to frequent fliers.
-
XSS Prevention Cheat Sheet (OWASP) — HTML entity encoding doesn’t work if you’re putting untrusted data inside a script tag anywhere, or an event handler attribute like onmouseover, or inside CSS, or in a URL. So even if you use an HTML entity encoding method everywhere, you are still most likely vulnerable to XSS. You MUST use the escape syntax for the part of the HTML document you’re putting untrusted data into. That’s what the rules below are all about. (via Hacker News)
Identifying Communities, Web Principles, Wiring Library, and Instapaper Interview
-
Find Communities — algorithm for uncovering communities in networks of millions of nodes, for producing identifiable subgroups as in LinkedIn InMaps. (via Matt Biddulph’s Delicious links)
-
Seven Ways to Think Like The Web (Jon Udell) — seven principles that will head off a lot of mistakes. They should be seared into the minds of anyone working in the web. 2. Pass by reference rather than by value. [pass URLs, not copies of data] […] Why? Nobody else cares about your data as much as you do. If other people and other systems source your data from a canonical URL that you advertise and control, then they will always get data that’s as timely and accurate as you care to make it.
-
Wire It — an open-source javascript library to create web wirable interfaces for dataflow applications, visual programming languages, graphical modeling, or graph editors. (via Pete Warden)
-
Interview with Marco Arment (Rands in Repose) — Most people assume that online readers primarily view a small number of big-name sites. Nearly everyone who guesses at Instapaper’s top-saved-domain list and its proportions is wrong. The most-saved site is usually The New York Times, The Guardian, or another major traditional newspaper. But it’s only about 2% of all saved articles. The top 10 saved domains are only about 11% of saved articles. (via Courtney Johnston’s Instapaper Feed)
Long Tail, Copyright vs Preservation, Diminished Reality, and Augmented Data
-
Mechanical Turk Requester Activity: The Insignificance of the Long Tail — For Wikipedia we have the 1% rule, where 1% of the contributors (this is 0.003% of the users) contribute two thirds of the content. In the Causes application on Facebook, there are 25 million users, but only 1% of them contribute a donation. […] The lognormal distribution of activity, also shows that requesters increase their participation exponentially over time: They post a few tasks, they get the results. If the results are good, they increase by a percentage the size of the tasks that they post next time. This multiplicative behavior is the basic process that generates the lognormal distribution of activity.
-
Copyright Destroying Historic Audio — so says the Library of Congress. Were copyright law followed to the letter, little audio preservation would be undertaken. Were the law strictly enforced, it would brand virtually all audio preservation as illegal. Copyright laws related to preservation are neither strictly followed nor strictly enforced. Consequently, some audio preservation is conducted.
-
Diminished Reality (Ray Kurzweil) — removes objects from video in real time. Great name, “diminished reality”. (via Andy Baio)
-
Data Enrichment Service — using linked government data to augment text with annotations and links. (via Jo Walsh on Twitter)