- Code Talks and Designers Don’t Speak the Language (Crystal Beasley) — Many of the bugs, however, require a deep understanding of why the product exists in the marketplace and a thorough understanding of the research that underpins the project. These strategic questions are analogous to what a software architect would do. I was on the Persona project full time for three months before I felt confident making significant choices about UX.
- Parachute use to prevent death and major trauma related to gravitational challenge: systematic review of randomised controlled trials (British Medical Journal) — you don’t need to subscribe to appreciate this.
- html5test — see how the browsers stack up in features and compliance.
- Backbone Fundamentals — A creative-commons book on Backbone.js for beginners and advanced users alike.
Designers and Coders, Randomised Parachute Trials, Testing HTML5 Features, and Backbone Book
Efforts by browser vendors to limit tracking illustrate the need for other solutions.
The IE9 browser update, and reportedly the upcoming Firefox 4 update, include do-not-track options for users. It's a step toward increased digital privacy, but truly effective privacy tools will likely need to come from above the browser level.
New Browser, Google APIs, NFC Checkin, and XSS Prevention
- Mozilla Home Dash — love this experiment in rethinking the browser from Mozilla. They call it a “browse-based browser” as opposed to “search-based browser” (hello, Chrome). Made me realize that, with Chrome, Google’s achieved a 0-click interface to search–you search without meaning to as you type in URLs, you see advertising results without ever having visited a web site.
- Periodic Table of Google APIs — cute graphic, part of a large push from Google to hire more outreach engineers to do evangelism, etc. The first visible signs of Google’s hiring binge.
- NFC in the Real World (Dan Hill) — smooth airline checkin with fobs mailed to frequent fliers.
- XSS Prevention Cheat Sheet (OWASP) — HTML entity encoding doesn’t work if you’re putting untrusted data inside a script tag anywhere, or an event handler attribute like onmouseover, or inside CSS, or in a URL. So even if you use an HTML entity encoding method everywhere, you are still most likely vulnerable to XSS. You MUST use the escape syntax for the part of the HTML document you’re putting untrusted data into. That’s what the rules below are all about. (via Hacker News)
Ethics, Parallel Matrices, Browser Math, and Open Source EtherPad
- In Character — a journal that addresses a different virtue each quarter. I’ve been thinking of practical philosophy a lot, lately, as we see ever-more-dodgy behaviour. (via bengebre on Delicious)
- Lessons from Parallelizing Matrix Multiplication — a reminder why low-level knowledge of your platform matters, and why motivating examples should be carefully chosen.
- MathJax — MathJax is an open source, Ajax-based math display solution designed with a goal of consolidating advances in many web technologies in a single definitive math-on-the-web platform supporting all major browsers. (via Hacker News)
- EtherPad Source — released as part of their Google acquisition. The announcement says: Our goal with this release is to let the world run their own etherpad servers so that the functionality can live on even after we shut down etherpad.com. This is the resolution to the bad reception of the news that EtherPad would close in March with no plan B for users. The cult of entrepreneurship worshipped the customers only as a vehicle to an exit, but I don’t believe that it’s moral to do well personally but leave your customers high and dry. This is a message that the EtherPad founders seem to have got loud and clear.
Imagine if your web browser knew who you were on the web. Just as you login to your computer, what if when you fired up your browser, it said "Hello Dave" and asked you to "unlock it" as well. In doing so you become securely logged into your OpenID provider and as you move around the web your browser takes care of automatically logging you into the sites that you want to be, asking you about others, and helping you register with new ones using your OpenID. Argue as much as you want about the details in making this happen, but I think it's hard to disagree that making it easier for people to manage and use their identity (or identities) online is a bad thing.