Archive for July, 2009

File Under: Business, Humor
Jul
17
2009

10 Reasons to Politely Decline a Web Design Gig

By

When you’re in that first round of meetings with a potential web design or web development client, there are certain statements, revelations or bits of information that serve as huge red flags.

Here’s a list (submitted by a designer friend who shall remain anonymous) of the biggest all-time deal-breakers:

10. He can’t stop telling you about how horrid his last developer was.

9. He wants to make sure you can build his site so it will show up first on Google.

8. He’s already got a list together of 100 words for his meta tags.

7. There isn’t much money for this job but it could really lead to a lot more work down the road.

6. He wants to know if you are flexible about your deposit.

5. He explains that you will be responsible to his organization’s “website committee.”

4. He wants to know if you know how to “do Flash.”

3. He wants his start-up site to be “kinda like eBay.”

2. He could actually build the site himself but he just doesn’t have the time.

1. He’s looking for a new “webmaster.”

Got your own red flags? Post them in the comments.

Photo: Soman, Wikimedia Commons, CC

File Under: Programming, Software & Tools
Jul
17
2009

Microsoft Kills Popfly Mashup Creator

By

Is there any surprise here?

Microsoft is shuttering Popfly, its 3-D, Silverlight-powered tool for creating mashups from various feeds and information sources around the web.

Microsoft’s Popfly team leader, John Montgomery, posted this death notice to the Popfly blog:

Unfortunately, on August 24, 2009 the Popfly service will be discontinued and all sites, references, and resources will be taken down. At that time, your access to your Popfly account, including any games and mashups that you have created, will be discontinued.

The site debuted in 2007, back when fancy mashup creation tools were all the rage. Yahoo Pipes had just come out, as well. Pipes was quite useful for managing multiple RSS feeds, and still is. Popfly was as well, but people mostly used it to create simple games.

I gave Popfly a mostly positive review, even though I found the whole Silverlight experience a bit buggy. Then, it sort of dropped off the face of the Earth.

But since then, the web mashup grew from a nebulous concept to become the underlying principle of how a proper web service should operate. The web is a fully read/write experience these days. Widgets and feed aggregators abound, everything’s embeddable and sites talk to each other and display information from each others’ data stores without us even really thinking about it.

All along, Popfly and the services like it were merely signposts of things to come. All the sluggish, plug-in driven 3-D stuff was largely nonsense, though it did serve to educate people of the mechanics behind the message.

Montgomery’s Popfly eulogy points developers to newer initiatives, like Microsoft Web Platform, a set of tools to help developers build web apps like “the next MySpace.”

Ugh, did they really have to put that in there?

See Also:

File Under: Software & Tools
Jul
17
2009

Firefox 3.5.1 Released, Critical Flaw Fixed

By

Mozilla has released an update to the latest version of its Firefox web browser, fixing a critical flaw that allowed hackers to run malicious code on an unsuspecting person’s machine.

The update, which we strongly recommend you grab right now by downloading it manually from Mozilla or by choosing “Check for Updates” in Firefox’s Help menu, was originally scheduled for the end of July. However, the Firefox team rushed to complete it sooner after a hacker’s post outlining the details of the security vulnerability made the rounds on blogs and news sites on Monday and Tuesday (read our coverage).

As a result of the publicity, Firefox 3.5.1 was pushed out late Thursday, two weeks ahead of schedule.

The exploit took advantage of a flaw within the browser’s newly retooled JavaScript engine, TraceMonkey — specifically, the engine’s “just-in-time” compiler. Mozilla was apparently aware of the flaw, as it had been noted as a bug in Bugzilla, Mozilla’s publicly available bug tracking app. This is also how the hacker who exposed the exploit found out about it.

The flaw, like almost all of the browser-based vulnerabilities we see these days, relies on a hacker tricking a user into viewing a page containing a malicious script. While most of us consider ourselves smart enough to side-step these sorts of exploits, which are initiated by clicking on an unknown link, the danger of such attacks has become exacerbated by the rise of Twitter, Facebook and other web services where passing around shortened URLs has become the norm.

As a result of this changing landscape, Bit.ly, one of the most popular shortening services, has teamed up with popular anti-phishing and malware-tracking sites to warn users of suspect links.

The flaw doesn’t affect versions of Firefox prior to 3.5, but anyone on the web is still subject to click-jacking or phishing attacks. So, watch where you click, kids.

Thursday’s update also fixes a bug which was causing Firefox 3.5 to load extremely slowly on some Windows PCs, as well as some stability improvements for all platforms.

See Also:

File Under: Software & Tools
Jul
15
2009

Google Gears Returns to Firefox

By

Firefox users can once again access their Gmail accounts without an internet connection.

Google has updated its popular Gears add-on to work with the latest version of Firefox. It took a while to get here, though. Firefox 3.5 was released on June 30, and Gears dropped two weeks later, on July 14. The older version of Gears didn’t work with the new browser, so anyone who upgraded to Firefox 3.5 when it was first released had to wait for the update.

It wasn’t much of an inconvenience for most of us, but add-on developers usually begin porting their tiny apps to a new version of a browser as soon as the release candidates appear. In Firefox’s case, the first release candidate arrived about three weeks before the final code. For a company with as many resources as Google, such a delay is uncharacteristic. Some impatient users even hacked together their own unofficial versions of Gears.

You can get the update by visiting the Google Gears homepage or by launching Firefox’s add-ons manager and checking for updates.

Gears is an essential add-on for Firefox, as it gives the browser the ability to run some popular web apps offline. It stores data from the web app to a database on your local machine, then syncs up again when an internet connection becomes available. Gears also lets the browser use your computer to process complicated JavaScript tasks, making heavy web apps run more smoothly, and it can be used to power the geolocation abilities of apps like Google Maps.

The free software add-on is a key ingredient in the fulfillment of many of the promises of HTML 5, the markup language which makes these tasks possible and which is currently powering the next generation of web apps. As people increasingly turn towards hosted web apps for things like e-mail and document editing, the ability to access those applications while offline becomes all the more critical.

Gears add-ons are available for Internet Explorer and Safari, plus Opera Mobile and the Android browser (see a full list). The same functionality is also available in Google’s Chrome browser.

Mozilla is also covering some of the same ground as Gears with its own Geode geolocation software, which started as an add-on but has been rolled in to the latest version of Firefox. In April, Mozilla selected Google’s Location service — the web service which provides location data to all of Google’s geo-aware apps — to power Firefox 3.5′s location queries.

Since Gears makes use of a person’s local machine, and since it has the ability to sniff that person’s whereabouts, the enhanced experience it provides is entirely opt-in.

Web developers need to specifically build their sites to work with Gears. When a user visits a site with a Gears-enabled web app, a message pops up that says, “This website wants to use Gears.” If the user trusts the site, they can allow the site to run Gears, enabling the local data, local processing and geolocation abilities.

See Also:

File Under: Software & Tools
Jul
15
2009

Hacker Finds Security Flaw in Firefox 3.5, Fix on the Way

By

A security vulnerability has been found in Firefox 3.5 that can be used to execute malicious code on an unsuspecting person’s machine, Mozilla has disclosed. The company says it is actively working on a fix right now.

The flaw is in the browser’s TraceMonkey JavaScript engine, a newly re-written portion of the underlying code used to quickly render web pages. TraceMonkey debuted in Firefox 3.5, which was released two weeks ago.

Specifically, the vulnerability takes advantage of a flaw in the “just-in-time” compiler, a component of the JavaScript engine. Mozilla was apparently aware of the flaw, as it had been noted as a bug in Bugzilla, Mozilla’s publicly available bug tracking app. According to ComputerWorld, Mozilla was working on a fix for the bug when the exploit code was published by an independent hacker earlier this week.

The exploit, like almost all of the browser-based vulnerabilities we see these days, relies on the hacker tricking a user into viewing a page containing a malicious script.

Most of us consider ourselves smart enough to side-step these sorts of exploits, which are initiated by clicking on an unknown link. But the danger of such attacks has become exacerbated by the rise of Twitter, Facebook and other web services where passing around shortened URLs has become the norm. Web links from bit.ly, TinyURL and other shortening services save on character counts, leaving more room for your precious wit. But they also obfuscate the destination of the link — anything could be hiding behind that click.

We recommend running an add-on like LongURL Please, which replaces shortened URLs with the originals. It works for most services, and it’s updated frequently to include newcomers.

There are a few other ways to protect yourself ahead of the coming fix from Mozilla.

You can download and run the NoScript extension, which will prevent unapproved scripts from running in the browser. You can also run Firefox in Safe Mode, which will disable the jit component.

Furthermore, you can disable only the jit component without compromising any of Firefox’s other functionality by messing with your about:config settings in the browser. Mozilla has posted instructions on how to do this on its security blog.

The fix was already scheduled for Firefox 3.5.1, a build due to be released at the end of July. Mozilla is now going to push out a security fix as soon as possible.

The flaw doesn’t affect versions of Firefox prior to 3.5.

See Also:

File Under: Software & Tools
Jul
14
2009

Gmail Tasks Leaves Labs, Becomes Real Feature

By

One of Gmail’s most popular add-ons has made the jump from experimental widget to fully baked feature.

Tasks, a simple to-do list for Gmail, is now part of the official Gmail experience. It was previously only available from within Gmail Labs, a sandbox for Google’s engineers to publish and test out experimental Gmail features.

The Labs area of Gmail debuted over a year ago, and Tasks is the first feature to “graduate” from Labs and be incorporated into the default Gmail experience.

Since its launch in April, 2004, Gmail has grown from a bare-bones webmail client into a full-fledged platform. There’s a contact manager and fully integrated text, video and SMS chat. Anyone who wants more can plug in one of the 50-odd widgets from Labs to extend it.

The best Labs features are the ones which enable cross-talk between Gmail and other Google services, like displaying lists of Calendar items or Google Docs in the Gmail window, showing video previews in e-mails that contain YouTube links and adding auto-complete suggestions to Gmail’s search box. Of course, some Labs widgets just show pictures of your kids.

Tasks is an awesome feature. It lets you set up a number of simple to-do items, then check them off and delete them as you complete each one. For enthusiasts (like me) it’s great for keeping track not only of work items, but also personal items. Like many people, I use Gmail both at work and at home. Tasks was also recently made available as a stand-alone mobile web app, and I have a bookmark for it on my iPhone’s home screen.

Tasks is indispensable, and not just to me. Google says over 1 million Gmail users have installed it. There are tens of millions of people using the free service.

Gmail Product Director Keith Coleman tells Webmonkey that popularity was the primary factor in Tasks getting the nod. Coleman says others will follow soon. Any app being considered has to have behind it a commitment from the Gmail development team that they will continue to work on it and keep it fresh. Of course, there’s a base level of stability required as well. “We want to make sure it’s going to work perfectly for most people,” Coleman says.

Labs has been such a success, Google is extending the idea to Calendar as well. Starting Tuesday, Google Calendar users will see a new page in their settings called Labs. Just like in Gmail, there will be some experimental features you can turn on. It’s been seeded with a few selections from Google Calendar engineers, like a World Clock, and one I like called Next Meeting, which tells you how much time you can waste playing Kingdom of Loathing (or nuking wiki spam) before your next conference call.

There’s also a new Calendar API for creating custom Calendar enhancements. This is primarily of use to those with Google Apps Premium Edition inside their companies. People can create custom fields for things like notes about which conference rooms have projectors.

See Also:

File Under: Business, Software & Tools
Jul
13
2009

MS Office on the Web: What it Is and What it Isn’t

By

The world’s most popular office software suite is making its way onto the web, but it’s doing so one baby step at a time.

As expected, Microsoft announced more details around its Office 2010 suite at an event in New Orleans Monday morning. Along with enhancements to the popular documents and productivity tools, the company also showed off how four of the suite’s key apps — Word, Excel, Powerpoint and OneNote — will be deployed on the web as browser-based applications. Microsoft also announced pricing and availability for Office Web Apps. Beta invites will go out in late August and final versions — both paid and free — will be available in early 2010.

Microsoft first unvieled working demos of these web-based apps in October, 2008 at a developer conference in Los Angeles, and Monday’s demos showed only a few new hints of what’s to come.

We won’t get our hands on Office Web Apps for another month, but what we do know is that they will be lightweight, dumbed-down versions of their desktop counterparts. They will remain closely tied to, and largely dependent on, the Windows desktop. This is understandable, since Office for the PC desktop has proven to be Microsft’s most valuable cash cow behind its Windows desktop and server products.

So while its competitors are gaining steam with full-blown productivity applications that run completely in the browser — namely Google Docs and start-up Zoho with its office suite — Microsoft is still firmly entrenched in the “software plus services” camp.

Here’s what we know about Microsoft’s web strategy for Office 2010.

Office Web Apps will be available for free

The four key Office apps — Word, Excel, PowerPoint and OneNote — will be free to anyone with a Windows Live account, but according to Microsoft’s Office 2010 FAQ (a Word document), the free version will be ad-supported. Versions without ads will be available to people who buy Office Professional Plus and Office Standard 2010 licenses. The ad-free versions can also be made accessible privately by companies running SharePoint 2010 server.

If you’re a regular Jane, a grandpa or a poor student who wants to access the free version, you have to log in to Windows Live, upload a Word, Excel or PowerPoint document to your SkyDrive, then choose to edit it in the browser. You make your edits, save your file, then it syncs back up to your SkyDrive. Note this is only convenient if you already have a local copy of Office.

The experience has been dumbed down for the web

The Office Web Apps are not intended to be stand-alone applications for editing and composing documents.

The browser-based tools have the basics, like changing fonts and styles, creating lists and tables, or messing with rows and columns in Excel. But it’s obvious that the bulk of the functionality will be reserved for the desktop apps. Microsoft’s announcement positions Web Office Apps as offering “easy viewing and lightweight editing” — the word “lightweight” is used several times, in fact — clearly suggesting you’re only getting a taste.

The screenshots and official video demos that are available do not show any app-specific functionality for printing documents. There’s also no indication what sorts of tools exist for things like generating charts and graphs from scratch — something Google offers through its Chart API.

At any point in the online version, you can download your document and continue editing it in Word on the desktop. You’re even encouraged to do so — screenshots released Monday show a big button in the user interface inviting you to “Continue in Word” or “Continue in Excel.”

You won’t need to use Internet Explorer

In the FAQ, Microsoft says, “Office Web Apps are designed to work with Internet Explorer, Safari and Firefox.” Chrome isn’t supported because (Microsoft says) it has such minor market share.

If you want to see the apps running in Firefox, check out Robert Scoble’s video interview with a Microsoft representative, who shows how similar the experience is in both IE and Firefox.

You won’t need Silverlight

A few advanced functions of Office Web Apps will require Silverlight, but there’s no plug-in required for the basics like editing and saving. Almost everything is pure standards-compliant Ajax, so the apps won’t be crippled if you don’t have Silverlight.

The Office Web Apps demos I saw last October were powered entirely by JavaScript and CSS (just like competing apps from Google and Zoho).

Your docs will look really nice

If you read Microsoft’s press materials, there’s much talk about “preserving document fidelity” on the web, and it seems the company has paid particular attention to this. The interface even looks and behaves like the much-loved Ribbon introduced in Office 2007. When you open your document in the browser, it won’t break your formatting or ruin the indenting on complicated lists — a big gripe among Google Docs users.

The experience also degrades gracefully for smartphones, even the iPhone’s Mobile Safari.

There will be real-time collaboration

The web version of Excel will have real-time collaboration, meaning two people can edit the same spreadsheet at once and see each other’s edits.

Microsoft says it’s going to include real-time editing in Word and PowerPoint later, but that it chose not to include it in the initial release for technical reasons. Instead, you can enable e-mail and IM notifications that tell you when changes are made.

Both Zoho and Google Docs have embedded chat and real-time editing. Google’s implementation is still a little janky, but Wave, a similar Google app with more advanced real-time collaboration technology — you see edits almost instantly, right down to keystroke — shows even more promise.

Office Live Workspaces is kaput

Microsoft’s current implementation of document editing in the browser, Office Live Workspaces, is being discontinued and rolled into Windows Live. Expect everything to be rebranded and redirected to Office Web Apps when it launches in 2010.

See Also:

File Under: Mobile
Jul
10
2009

Amazon Cripples Mobile Apps With New API Restrictions

By

Amazon has changed the terms of service surrounding its popular data APIs such that its no longer possible to access Amazon data from mobile devices. As a result, one of our favorite mobile apps, Delicious Library, has been forced to shut down.

The mobile version of Delicious Library, an application that tracks and stores books, music, movies and more, has been removed from the iPhone App Store.

Perhaps the strangest element of new TOS is that not only can mobile apps not access the APIs, they can’t use data from the APIs even if, as in the case of Delicious Library, the actual access is done via a desktop app. For example the iPhone version of Delicious Library doesn’t actually connect to Amazon at all, but it did display information synced from the desktop version, which violates the TOS.

The relevant line of the TOS, section 4e, reads: “You will not, without our express prior written approval requested via this link, use any Product Advertising Content on or in connection with any site or application designed or intended for use with a mobile phone or other handheld device.”

It’s a curious restriction, especially the fact that even synced data is off limits, but at first glance it would seem there’s an easy workaround — just contact Amazon and ask for permission.

Unfortunately for Delicious Library fans Shipley did that and was informed that, currently, no exceptions are being made.

It would seem that, for now anyway, mobile apps that want to access Amazon’s APIs are quite simply dead in the water.

However there is a notable exception, another excellent iPhone app called SnapTell. SnapTell lets you take pictures of products with the iPhone, for example a book cover, and then uses image recognition tools to look up the product on Amazon and other online retailers.

Perhaps coincidentally, perhaps not, SnapTell was recently acquired by Amazon. Daring Fireball’s John Gruber suggests that the new API restrictions are Amazon’s effort to kill SnapTell’s competition.

We contacted Amazon to ask about the new API restrictions. Although it was given ample time to respond, at the time this article was published, the company had not yet responded.

So is it an anti-competitive measure, or is there another explanation? So far Amazon isn’t saying, but there are plenty of upset developers and Amazon does have a history of questionable behavior — the company once tried to claimed it had “invented” one-click purchasing.

While the short term effects of the new TOS restrictions are felt by developers, the long term damage may well be to Amazon, which is looking increasingly less appealing as a data source. Developers working with Amazon data in desktop apps are essentially out of luck if they want to port their apps to a mobile platform. Given that restriction, developers may simply turn to another service from the very beginning — why use restricted data when there’s free data?

For his part, Shipley says Delicious Library will return using another set of APIs from another, as yet undetermined, provider. For now, the mobile version of Delicious Library is gone.

See Also:

File Under: Multimedia, Software & Tools
Jul
9
2009

Silverlight 3 Arrives, Brings Smoother Video, Better Web Apps

By

Microsoft has released the latest version of its Silverlight player.

The release of Silverlight 3 arrived late Thursday night. The company’s presentation technology for graphics and video on the web was supposed to be released to the public on Friday morning, July 10 — there’s even a lavish launch event scheduled at a San Francisco hotel — but Microsoft decided to push Silverlight out a day early.

Silverlight 3 is a small, free plug-in download from Microsoft. It’s cross-browser and cross-platform, so it runs on Windows, Mac (the newest versions are Intel only) and Linux computers. The open-source Linux version is called Moonlight, and it ships with Novell distributions. If you’re running Ubuntu or some other non-Novell distribution, you can download it and install it manually.

Silverlight is Microsoft’s plug-in based player for streaming video and audio content, handling rich internet apps and displaying animated user interfaces in the browser — Redmond’s answer to Adobe Flash and open-source technologies like those promised by HTML 5. When Silverlight first arrived in 2007, it didn’t run too well on non-Windows desktops. Worse, with very little content available on the web for Silverlight to play, there wasn’t much of a reason to bother with it.

But quite a bit has changed in two years. Most notably, the compelling content finally arrived. Microsoft streamed live video and highlight clips on NBC’s official Beijing Olympics website in the summer of 2008 using Silverlight. The company released version 2 in September of 2008, an upgrade which improved Silverlight’s performance on Macs and improved the video playback quality overall. Silverlight was used again to stream coverage of the 2008 Democratic National Convention and all of the NCAA March Madness basketball tournament games in 2009, serving to raise Silverlight’s profile — and it’s install base — even more.

By now, Silverlight is installed on around 30% of web-connected PCs and devices like Windows Mobile smartphones. It’s a far cry from Adobe Flash’s install base (which is over 90%) but it’s a significant gain in a short period of time nonetheless. Also, Microsoft claims there are over 300,000 developers actively building web sites, apps and animated user interfaces in Silverlight right now.

Silverlight’s video capabilities have always been impressive when compared to Flash, and the new version boasts some new features that should keep the competition with Flash hot. It uses a media broadcasting technology Microsoft calls Smooth Streaming, an adaptive technology for playing the same H.264 video stream at the highest bitrate the device and its bandwidth limitations will allow. So if you’ve got a fast computer with an HD monitor and a wide open pipe, you’ll see super high quality video at up to full 1080p HD. If you’ve got a dinky smartphone with mid-level data service, you’ll see a constrained version of the same video.

The new version of Silverlight also has better 3-D graphics support and the ability to offload graphics work to a GPU for a smoother, hardware-accelerated user experience.

On the rich internet apps front, Silverlight 3 includes the ability for developers to create apps that run outside of the browser on a PC desktop, or on a mobile phone — yet another place where Silverlight 3 is catching up to competing technologies like AIR, Adobe’s Flash-based runtime for running webapps outside of the browser.

Also due to be released Friday (but not showing up yet, as of this writing late Thursday night) is Expression Studio 3, Microsoft’s set of tools for building Silverlight apps, standards-based websites and vector graphics for the web. The current version, Expression Studio 2, costs $700, or $350 for an upgrade from previous versions.

As mentioned previously, the Silverlight browser plug-in is free.

File Under: Software & Tools
Jul
9
2009

Firefox’s Ubiquity Add-on Gets Smarter, Goes International

By

Mozilla has released a major upgrade for its Ubiquity plugin, a tool that offers a command line-style interface for on-the-fly web mashups.

Ubiquity 0.5 is the final release of Ubiquity 0.5, which we reviewed in detail back when the preview version first landed. It’s a project from Mozilla Labs, a fact that speaks to why we find it one of Firefox’s most useful add-ons.

The Ubiquity add-on for Firefox is a “command line interface for the web”. It enables you to interact with web services like Google search, Twitter, Yelp, Delicious and Gmail, as well as perform searches on content sites like Amazon, Wikipedia and Flickr. Ubiquity enables you to perform specific tasks, like e-mail a link to a Gmail contact, post a tweet or check the weather, all with just a few keystrokes.The latest version is a major improvement. It offers a more natural language engine that’s closer to human speech, and corrects some oversights in how Ubiquity parses non-English commands. It also contains s new language parsing engine which doesn’t require you to put hyphens in long commands and can make educated guesses about what you want to do. For example, type “taco” and Ubiquity will automatically suggest a Yelp search for the nearest taco stand.

If you already installed the preview release, you won’t notice any dramatic changes in the final version, though Mozilla has squashed a few bugs. We noted in our test drive a few weeks ago that it was quite buggy, so we recommend upgrading.

For the time being, upgrading will be a manual process. Because this update changes some of Ubiquity’s underlying code, this release breaks many third-party Ubiquity tools. As a result, Mozilla is not, at least for now, pushing the new version through the automatic update feature.

Instead, if you’d like to upgrade you’ll have to head over to the Mozilla Labs Ubiquity page and install the update yourself. If you want to take advantage of the new features be sure open up the Ubiquity preferences and make sure the “Use Parser 2″ option is checked.

See Also:

« OLDER POSTS