Newer posts are loading.
You are at the newest post.
Click here to check if anything new just came in.

June 03 2013

Four short links: 3 June 2013

  1. Practical HTTP Host Header Attacks — lots of cleverness like So, to persuade a cache to serve our poisoned response to someone else we need to create a disconnect between the host header the cache sees, and the host header the application sees. In the case of the popular caching solution Varnish, this can be achieved using duplicate Host headers. Varnish uses the first host header it sees to identify the request, but Apache concatenates all host headers present and Nginx uses the last host header.
  2. Madeye — collaborative code editing inside a Google Hangout. (via Andy Baio)
  3. Too Momentous for the MediumWhatever you now find weird, ugly, uncomfortable and nasty about a new medium will surely become its signature. CD distortion, the jitteriness of digital video, the crap sound of 8-bit – all of these will be cherished and emulated as soon as they can be avoided. It’s the sound of failure: so much modern art is the sound of things going out of control, of a medium pushing to its limits and breaking apart. The distorted guitar sound is the sound of something too loud for the medium supposed to carry it. The blues singer with the cracked voice is the sound of an emotional cry too powerful for the throat that releases it. The excitement of grainy film, of bleached-out black and white, is the excitement of witnessing events too momentous for the medium assigned to record them. (Brian Eno’s words)
  4. Where the Happy Talk about Corporate Culture is All Wrong (NY Times) — I think there are two types of happiness in a work culture: Human Resources Happy and High Performance Happy. Fast-growth success has everything to do with the latter and nothing to do with the former. Lazy false opposition, and he describes an asshole-rich workplace that would only please a proctologist. (via Sara Winge)

April 15 2013

Four short links: 15 April 2013

  1. Know Your HTTP Posters (GitHub) — A0-posters about the HTTP protocol.
  2. Crowdserfingwhen a large corp uses crowd-sourced volunteering for its own financial gain, without giving back. It offends my sense of reciprocity as well, but nobody is coerced into using Google Maps or contributing data to it. How do we decide what is “right”?
  3. Exposed Webcam Viewer — hotels in Russia, lobbies in California, and blinking lights in the darkness from all around the world. (via Hacker News)
  4. Beauty and Joy of Computingan introductory computer science curriculum developed at the University of California, Berkeley, intended for non-CS majors at the high school junior through undergraduate freshman level. Uses Snap, a web-based implementation of Scratch.

August 28 2012

ASP.NET web API rocks

Glenn Block (@gblock) is an O’Reilly author and senior program manager on the Windows Azure Team at Microsoft.

We sat down recently to talk about the newly released ASP.NET Web API Framework, which he helped develop, and why it will become essential to building RESTful applications.

Key points from the full video (below) interview include:

  • ASP.NET Web API enables a rich set of clients to consume info [Discussed at the 1:47 mark]
  • Find out if one comes out on top – MVC vs. Web API [Discussed at the 2:41 mark]
  • Different clients negotiate content differently – Web API handles this with ease [Discussed at the 5:50 mark]
  • Self hosting is a big deal but beyond that Web API introduces flexibility – you no longer need to use IIS [Discussed at the 9:04 mark]
  • An HTTP Programming Model for Microsoft [Discussed at the 11:04 mark]
  • The newest of the new – Hypermedia, OData, and Web API Contrib [Discussed at the 18:08 mark]

You can view the entire interview in the following video.

Related:

June 18 2012

Wochenrückblick: Leistungsschutz, GEMA-DDoS, CDU-Thesen

Der Referentenentwurf zum Leistunsschutzrecht ist da, Hausdurchsuchungen nach den DDoS-Angriffen auf die GEMA-Website, die CDU/CSU legt ein Diskussionspapier zum Urheberrecht vor.

Weiterlesen

June 13 2012

Four short links: 13 June 2012

  1. Warren Buffett Lessons -- nice anthology of quotes, reordered into almost a narrative on different topics. (via Rowan Simpson)
  2. Silent Circle -- Phil Zimmermann's new startup, encrypting phone calls for iPhone and Android for $20/month. "I'm not going to apologize for the cost," Zimmermann told CNET, adding that the final price has not been set. "This is not Facebook. Our customers are customers. They're not products. They're not part of the inventory." (via CNET)
  3. New HTTP Code for "Legally Restricted" -- it's status code 451.
  4. PeerJ -- changing the business model for academic publishing: instead of charging you each time you publish, we ask for a single one off payment, giving you the lifetime right to publish articles with us, and to make those articles freely available. Lifetime plans start at just $99. O'Reilly a happy investor.

April 04 2012

Four short links: 4 April 2012

  1. Typing Club -- lessons to improve your touch-typing, building you up letter by letter to speed and mastery. Like how I learned, only without the typewriters and the bibs and the roomful of girls. It wasn't easy being the only boy in typing class, but somehow I managed. (via EdTech ideas)
  2. SQL Injection via HTTP Headers -- excellent introduction to how some surprising HTTP headers can be attack vectors.
  3. How Not to Sort by Average Rating (Evan Miller) -- so easy to get it wrong, so eye-wateringly complex a formula to do it right. (via Hacker News)
  4. I Hereby Resign (Reg Braithwaite) -- not an actual resignation letter, but it highlights exactly why asking to see applicants' Facebook pages is a bad idea. "If you are surfing my Facebook, you could reasonably be expected to discover that I am a Lesbian. Since discrimination against me on this basis is illegal in Ontario, I am just preparing myself for the possibility that you might refuse to hire me and instead hire someone who is a heterosexual but less qualified in any way. Likewise, if you do hire me, I might need to have your employment contracts disclosed to ensure you aren't paying me less than any male and/or heterosexual colleagues with equivalent responsibilities and experience." Ditto "spouse is pregnant so I'm about to take maternity leave just after you hire me", etc. Those things you spend days thumping into HR that they aren't supposed to ask about? All on the applicants' Facebook pages.

February 28 2012

Four short links: 28 February 2012

  1. Designing RESTful Interfaces (Slideshare) -- extremely good presentation on how to build HTTP APIs.
  2. Manipulating History for Fun and Profit -- if you want to make websites that are AJAX-responsive but without breaking the back button or preventing links, read this.
  3. Why Textbooks Are So Broken (Salon) -- Let's say a publisher hires a developer for a certain low-bid fee to produce seven supplemental math books for grades 3-8. The product specs call for each student book and teacher guide to have page counts of roughly 100 pages and 80 pages, respectively. The publisher wants these seven books ready for press in five weeks—over 1,400 pages. To put this in perspective, in the not too recent past at least six months would be allotted for a project of this size. But publishers customarily shrink their deadlines to get a jump on the competition, especially in today's math market. Unreasonable turnaround times are part of the new normal, something that almost guarantees a lack of quality right out of the gate.
  4. exmobaby -- wireless biosensor baby pyjamas send ECG, skin temperature, and movement data via Zigbee. (via Jo Komisarczuk)

February 24 2012

Four short links: 24 February 2012

  1. Excel Cloud Data Analytics (Microsoft Research) -- clever--a cloud analytics backend with Excel as the frontend. Almost every business and finance person I've known has been way more comfortable with Excel than any other tool. (via Dr Data)
  2. HTTP Client -- Mac OS X app for inspecting and automating a lot of HTTP. cf the lovely Charles proxy for debugging. (via Nelson Minar)
  3. The Creative Destruction of Medicine -- using big data, gadgets, and sweet tech in general to personalize and improve healthcare. (via New York Times)
  4. EFF Wins Protection of Time Zone Database (EFF) -- I posted about the silliness before (maintainers of the only comprehensive database of time zones was being threatened by astrologers). The EFF stepped in, beat back the buffoons, and now we're back to being responsible when we screw up timezones for phone calls.

December 13 2011

Four short links: 13 December 2011

  1. Newton's Notebooks Digitised -- wonderful for historians, professional and amateur. I love (a) his handwriting; (b) the pages full of long division that remind us what an amazing time-saver the calculator and then computer was; (c) use of "yn" for "then (the y is actually a thorn, pronounced "th", and it's from this that we get "ye", actually pronounced pronounced "the"). All that and chromatic separation of light, inverse square law, and alchemical mysteries.
  2. Creative Commons Kicks Off 4.0 Round -- public discussion process around issues that will lead to a new version of the CC licenses.
  3. Shred -- an HTTP client library for node.js. (via Javascript Weekly)
  4. Holding Back the Age of Data (Redmonk) -- Absent a market with well understood licensing and distribution mechanisms, each data negotiation - whether the subject is attribution, exclusivity, license, price or all of the above - is a one off. Very good essay into the evolution of a mature software industry into an immature data industry.

August 22 2011

Four short links: 22 August 2011

  1. Cities in Fact and Fiction: An Interview with William Gibson (Scientific American) -- Paris, as much as I love Paris, feels to me as though it's long since been "cooked." Its brand consists of what it is, and that can be embellished but not changed. A lack of availability of inexpensive shop-rentals is one very easily read warning sign of overcooking. I wish Manhattan condo towers could be required to have street frontage consisting of capsule micro-shops. The affordable retail slots would guarantee the rich folks upstairs interesting things to buy, interesting services, interesting food and drink, and constant market-driven turnover of same, while keeping the streetscape vital and allowing the city to do so many of the things cities do best. London, after the Olympic redo, will have fewer affordable retail slots, I imagine. (via Keith Bolland)
  2. Bootstrap -- HTML toolkit from Twitter, includes base CSS and HTML for typography, forms, buttons, tables, grids, navigation, and more. Open sourced (Apache v2 license).
  3. Extra Headers for Browser Security -- I hadn't realized there were all these new headers to avoid XSS and other attacks. Can you recommend a good introduction to these new headers? (via Nelson Minar)
  4. Swarmanoid -- award-winning robotics demo of heterogeneous, dynamically connected, small autonomous robots that provide services to each other to accomplish a larger goal. (via Mike Yalden)

August 09 2011

Four short links: 9 August 2011

  1. DSLR Controller -- Android app that lets you remote-control your DSLR. Much being made of the fact that iOS devices aren't as easy to interface with. For more, see the Wired article. (via BoingBoing)
  2. Asymmetric Security Warfare -- I found this nugget buried in this photo shoot talking about the differences between Black Hat and DEFCON conferences: [Mudge, Peiter] Zatko found that it takes about 125 lines of code to create the typical piece of malware and it takes about 10 million lines of code to create sophisticated technologies to protect against it.
  3. Teaching Cooking in Google+ Hangouts (KQED) -- I love the many uses of hangouts. To my mind, they remain the unique value-add for G+.
  4. HTTP Benchmarking Rules -- Mark Nottingham lays down some guidelines for meaningful and effective benchmarking of HTTP services. Full of subtleties and wile: [P]retty much every server loses some capacity once you throw more work at it than it can handle. A better way to get an idea of capacity is to test your server at progressively higher loads, until it reaches capacity and then backs off; you should be able to graph it as a curve that peaks and then backs off. How much it backs off will indicate how well your server deals with overload.

July 27 2011

Four short links: 27 July 2011

  1. ContentFlow -- Javascript library to provide CoverFlow-like behaviour.
  2. Twilio Client SDK -- 1/4 cent/minute API-to-API calls, embeddable in browser apps.
  3. Postel's Principle Reconsidered (ACM) -- The Robustness Principle was formulated in an Internet of cooperators. The world has changed a lot since then. Everything, even services that you may think you control, is suspect. Excellent explanation of how interoperability and security are harder than they should be because of Postel's Law ("Be conservative in what you do, be liberal in what you accept from others.", RFC 793). (via Mike Olson)
  4. HTTP Pipelining on Mobiles -- HTTP pipelining has a much higher adoption amongst mobile browsers. Opera Mini, Opera Mobile and the Android browser all use HTTP pipelining by default. Together they account for about 40% of mobile browsing. If you’re developing a mobile site, your site is experiencing HTTP pipelining daily, and you should understand how it works. (via John Clegg)

May 13 2011

Four short links: 13 May 2011

  1. Mathematical Intimidation: Driven by the Data (PDF) -- excellent article from Notices of the American Mathematical Society about the flaws in "value-added modelling", the latest fad whereby data about students' results in different classes are analysed to identify the effect of each teacher. People recognize that tests are an imperfect measure of educational success, but when sophisticated mathematics is applied, they believe the imperfections go away by some mathematical magic. But this is not magic. What really happens is that the mathematics is used to disguise the problems and intimidate people into ignoring them—a modern, mathematical version of the Emperor’s New Clothes. A critical instance of Hilary Mason's Clean data > More Data > Fancy Math. (via Audrey Watters)
  2. Classification of HTTP-based APIs -- The classification achieves an explicit differentiation between the various kinds of uses of HTTP and provides a foundation to analyse and describe the system properties induced. (via Brian Mulloy)
  3. Cancer Clusters (BBC) -- straightforward demonstration of how naive analysis of random numbers can yield "patterns".
  4. FitText.js -- a jQuery plugin for inflating type.

Older posts are this way If this message doesn't go away, click anywhere on the page to continue loading posts.
Could not load more posts
Maybe Soup is currently being updated? I'll try again automatically in a few seconds...
Just a second, loading more posts...
You've reached the end.

Don't be the product, buy the product!

Schweinderl