If you follow the tech sector closely you’ll know that columnist John Dvorak is best known for two things — making outlandish claims that never materialize and providing endless fodder for Daring Fireball humor.

But occasionally Dvorak is right and his recent call for Adobe to port its apps to Linux is spot on, complete with some excellent reasons why the move would benefit Adobe. In fact, it’s the very same thing Linux users have been saying for oh, ten, fifteen years now. Welcome to the party John.

The problem with Dvorak’s suggestion is that it has absolutely no grasp on reality.

Dvorak overlooks the fact that porting Photoshop or Lightroom to a new platform would require Adobe to make a massive investment of time, manpower and money. Couple that with the fact that there are very few successful proprietary apps on the Linux platform (especially those in Photoshop’s price range) and you can begin to see why Adobe hasn’t already pursued the idea.

Dvorak puts a slightly different spin on things by suggesting that Adobe use Linux to create what would amount to Adobe’s own custom distro to compete with Windows. It sounds nice, but we’re not sure why Adobe would want to compete with Windows since its an operating system, while the Creative Suite is a collection of photo/video editing apps.

Dvorak seems to think that since Microsoft’s Silverlight is a potential threat to Adobe’s Flash, that porting the Creative Suite apps to Linux would somehow threaten Microsoft and by extension, Silverlight. Wait, what?

Would we love to see Photoshop running native on the Linux platform? Absolutely. Do we think it’s likely to happen? Absolutely not.

See Also:

• Adobe Releases AIR For Linux, Sees Better Linux Apps on Horizon
• Adobe’s Kevin Lynch on AIR’s Open-Source Road to the Desktop
• Photoshop Works Better Than Ever in Linux, Thanks to Google
• Adobe’s John Nack On Improving Photoshop

Want copy and paste features for your iPhone? Well, Apple still says it isn’t a priority, but luckily for you some developers have taken matters into their own hands and created a new framework that allows apps to pass data between themselves.

The main downside is that the new tools don’t work with Apple’s built in apps. But until Apple admits copy-and-paste functionality is needed, at least you have a partial solution.

The key is a new open source iPhone app framework named OpenClip.

The problem with making copy and paste work on the iPhone is ensuring that your app doesn’t run afoul of the iPhone SDK agreement, which forbids background processes. Apple also forbids plugins, which makes it difficult for apps to communicate with each other.

Developer Zac White, who started the OpenClip foundation, figured out how to make an end run around the SDK limitations by using a shared space on the iPhone. Any application that includes the Open Clip framework can then access the shared space and write data to it, thus enabling copy-and-paste between apps.

In other words, rather than trying to work with Apple’s limitations, White created a framework that other developers can include in their apps. Think of it as an opt-in clipboard.

So far Twittelator, WordPress and UItralinga have announced forthcoming apps with Open Clip, and MagicPad, Dial Zero, and Cocktails have expressed interest in supporting the project as well.

If you’d like to check out the features in action, Cali Lewis of GeekBrief.tv got to play with some prototype apps:

Cut and Paste for iPhone from Cali Lewis on Vimeo.

See Also:

• Six Reasons iPhone Delivers Where Android Won’t
• Wil Shipley Talks About Third Party Apps On The IPhone
• How to Write an iPhone App

Microsoft posted and then pulled a call for public alpha testers to help the company experiment with the next generation of Microsoft Office, Office 14.

The post, written by Hayley Rixon, of the Microsoft business intelligence team, appeared on Microsoft’s TechNet site yesterday, but was then taken down. Using the ever-handy Google cache tool, here’s what the post said:

The product team in Redmond are looking for customer and partner submissions now

The Alpha process will begin in the November/December timeframe this year. When you submit, please identify as a PPS M&A candidate. The deadline for submissions is August 28^th.

Since Microsoft has yanked the post down, it would seem that perhaps Office 14 isn’t quite ready for even an alpha test phase. Microsoft’s publicists were quick to say that “it is too early to discuss specific features, capabilities or timing” for the next version of Office.

So is an alpha test phase coming? It’s anyone’s guess, but it would seem that at least some within the Office dev team think it’s about time to crack open the lid and let us have a peak.

[via MSFN]

See Also:

• Microsoft’s Office Webapps Suite Emerges, Doesn’t Compete with Google Apps
• New Microsoft Office Live Workspace is a Letdown
• Microsoft Office For Mac Finally Embraces Platform Standards

Noticed anything strange in your clipboard lately? There’s a new Flash-based attack percolating across the web that can inject potentially dangerous URLs into your clipboard, which you might then inadvertent paste into your browser’s URL bar.

Adobe has acknowledged the attack and says it is investigating a fix. In the mean time, exercise caution when copying Flash data to your clipboard.

It would appear that the attacks are apparently quite sophisticated. Security research firm Sophos reports that, “if the professional looking sites that are being used to distribute this fake alert malware are anything to go by, the criminals behind it are very organized.”

The company goes on to say that the attackers are “using aggressive techniques to infect victims as well — for example large spam campaigns and compromised web sites.”

That means just because you trust the site, doesn’t mean it hasn’t been compromised.

We’ll be sure to let you know when a fix or Flash upgrade is available.

See Also:

• Blogger.com Infested With Malware And Scams
• Adobe, Google and Yahoo Join Forces To Make Flash More Searchable
• Flash Player 10: Dazzling Effects, Better Performance, Runs on Linux
• Flash Player 10 beta 2 ‘Astro’ Fixes Bugs, Adds 3D

Microsoft and Novell have agreed to extend the controversial deal the two competitors struck back in 2006. The new agreement will see Microsoft purchase additional Novell certificates that its customers can redeem for Novell’s SUSE Linux service and support.

The two companies also say they will continue to enhance the various tools designed to create better interoperability between Windows Server and SUSE Linux Enterprise Server.

Kevin Turner, chief operating officer at Microsoft, says “our increased investment in the relationship with Novell is intended to give [our] customers and partners the best possible Windows-Linux interoperability solution.”

What’s perhaps most interesting about the extension of the deal that caused a massive uproar in the open source community is that, this time around, Microsoft hasn’t been touting the “protection” component.

When the two rivals first announced their agreement back in 2006, Microsoft played up the angle that it was giving Novell customers “protection” from any potential lawsuits against Linux. The company then went on a blustering “Linux steals our intellectual property” tour, proclaiming that lawsuits against Linux would be forthcoming.

The response from the Linux community was a rather blunt, sue up or shut up, and it would appear that Microsoft has opted for the later. In fact, today’s press release only mentions the intellectual property agreement in passing.

Instead the focus is on making Windows Server and SUSE Linux work better together. The read-between-the-lines message is that Microsoft knows server virtualization tools are a threat and wants to head them off at the pass.

While the open source community may still view Novell with suspicion, at least Microsoft seems to have moved beyond its schoolyard bully tactics.

See Also:

• Open-Source Patent-Holders Ready to Fight Fire With Fire
• The ‘Be Very Afraid’ Tour: Microsoft’s Patent Strategy Explained

New online image editor Pixlr is closer to Photoshop than web-based Adobe’s Photoshop Express. And Pixlr was created by one person.

Sweden-based developer Ola Sevandersson spent a year writing–and re-writing–his Flash-based image editor. He also maintained a full-time job as the development manager for a Swedish web community.

The reason Pixlr feels so much like a desktop app may be its menus. The standard top bar begins with File. Creating new images, or loading from your computer occurs via this menu, and it doesn’t feel buggy (except I cannot load in an image now, which could be caused by all the attention this project is receiving today). Other online image editors use HTML forms for uploading, or partially implement the desktop menu metaphor.

Maybe the best part: Pixlr is the only online image editor I’ve seen that has layers, which is a necessary feature for all but the most basic of edits. Yes, there are still some features missing, but this is already more usable for me than Photoshop Express, and other online photo editors. See links to our coverage of Pixlr’s competitors at the bottom of this post.

Webmonkey had a chance to talk to Sevandersson about Pixlr, his development process, and what he has planned for the tool.

How is Pixlr different from Photoshop Express?

The difference between PSX [Photoshop Express] and Pixlr is that while Adobe doesn’t want to create a free online replacement tool for their Photoshop Elements and other licensed software I just want to create an online tool that will satisfy the 80% of the photo enthusiasts needs. I am well aware of that it’s much more work left to do before Pixlr will accomplish what Elements do, but this is just the first beta launched.

How long did it take you to write Pixlr?

Yes, the first line of code was written in august 2007, but it was not full time and done by a single person. The code is rewritten several times to get the overall performance up and the app to work. To get the performance up and keep the size down I have written all of the controls my self and not used the built in flash controls.

Any plans to make money? A year is a long time for just a labor of love…

All you need is love and I love bitmap algorithms. The plan for Pixlr is to license the techniques and do small app spin-offs’, and there is some ides of a PRO app (Maybe on the desktop?).

What other features are coming soon?

Crop tool, text tool and more auto adjustments are the first things in the development plan. API and other development tools are on the wish list too.

The dotted line [to show selection as the user drags the mouse] will be added soon. Some features was ignored in this release, I just wanted to get the application out to the public so I could get some feedback and know if I was going in the right direction with the product.

See also:

• Adobe Photoshop Express Puts the Power of Photoshop Online
• Picnik API Offers Photo Editing Tools for any Website
• FotoFlexer Tricks Out Online Photo Editing With Desktop-Style Tools
• Fix Up Those Holiday Photos With Phixr

Let’s talk security and why you should take advantage of Gmail’s recent SSL feature, and why you might want to be careful using other non-SSL webmail services.

But first, make sure your connection is secured using SSL.

How do you know a connection is secured by SSL? The handy “s” after “http” will tell you. For example, https://mail.google.com is encrypted while http://mail.google.com is not. You can force an encryption by adding the “s” yourself, or by turning on “Always use https” from the Browser Connection settings of your Gmail account.

Why? Because without it, anyone can easily hack someone’s account and in two weeks it is going to get even easier. Mike Perry, a reverse engineer from San Francisco, announced his intention to release his Gmail Account Hacking Tool to the public. According to a quote at Hacking Truths, Perry mentioned he was unimpressed with how Google presented the SSL feature as less-than-urgent. It is urgent, and here’s why.

Before Gmail released the ability to automatically encrypt your Gmail connections, your browser/server interactions went something like this:

Your Browser: Hey there Gmail, I want in. Here’s my encrypted login.
Gmail Servers: Hey there, browser. I see your encrypted login fits what I have here. If you want to keep talking to me, I will need to see proof of your login, but don’t bother encrypting it for me. Here is your unencrypted email.

Your Browser: Great. I want to read this particular email, my Gmail login is: webmonkey@wired.com and my password is: monkeylove. My name is John Hanks Doe and my social security number is 123-45-6789.
Gmail Servers: Sure, here you go. I see you are leaving for vacation with the house unlocked this weekend. Say, is this your credit card information?
Guy packet sniffing your wi-fi from Starbucks: Cool!

It’s a little more complex than that (and a little less goofy and dramatic), but the theory is sound. Using encryption at login only is the equivalent of setting up a toll booth in the desert.

Here’s the exploit: All it takes to steal someone’s Gmail login account is to intercept any transaction since every single one, even images, pass a cookie which contains the session information.

Spoof the session, and you get free reign to the account — including the ability to change your password. Every non-SSL session is in plain text. With a little determination, any bored, disaffected youth could read your email and change your password within a day. Is it really that easy? Here’s a useful tutorial we found via Google search. When the Gmail Account Hacking Tool is eventually released, it couldn’t be any easier.

With SSL, however, the interaction looks something like this:

Your Browser: xz6RV-BRJViqzNJROECslw
Gmail Servers: jx3iC96D3kuZ_IWNrK461w
Your Browser: PxIryG_P3_3_vRENZdWxMQ

The real thing would be even longer in length, and perfectly unreadable. SSL requires a key generated on your end and on the Gmail server’s end. There’s no way for the local guy at Starbucks to get those keys and unencrypt the data by packet sniffing.

Makes you feel a little vulnerable knowing all your public information was so nakedly exposed over the past few years, huh? Did Google know about this?

It turns out they were well aware of it. The reason Google didn’t grant users the SSL feature before, according to Perry, was because SSL is expensive. It takes a lot of bandwidth and time on both the receiver and transmitter sides to generate keys and encrypt data. Slower data connections would experience a lagging Gmail experience.

Packet sniffing for session information is not a new thing, and is bound to get even more familiar due to how easy it is. Keep in mind, it is not just Gmail which passes account information outside of SSL encrypted connections. There are many sites around the internet that are still vulnerable to this exploit. Protecting your wifi connection with WEP isn’t foolproof either. Your best bet is to use SSL whenever you are transferring information valuable to you, and to avoid sites that don’t use it at all.

[Thanks to Hacking Truths for the tip.]

See Also:

• New Options Secure Your Gmail Connections
• New Gmail Features Protect from Snooping

Who says programmers can’t be funny? True, browsing through source code is will more often bring tears than smiles, but that doesn’t mean there aren’t some great nerd jokes to be found in the software that powers the web and your desktop.

A Reddit users recently posed the question: What’s the funniest code you’ve ever read? Submissions are still pouring in, but here’s a few highlights: did you know that the source code for the shutdown command in OS X calls a function named die_you_gravy_sucking_pig_dog()? Or how about, mod_python’s assbackwards Request Object attribute?

For something a bit more on the not-safe-for-work side, check out some the original code to Netscape Navigator 4, before Netscape’s lawyers censored out the profanity.

If you enjoy nerd humor — and we’ll admit, this is pretty much as nerdy as it gets — head on over and browse through some of the other gems that various programmers have posted.

[comic from Xkcd]

See Also:

• Jokes For Nerds
• Joke For Nerds: Get A First Life
• Jokes For Nerds: DVDRewinder

Working with Cascading Stylesheets is no easy feat. Between browser differences, varying site design requirements and client whims, writing reusable CSS can quickly become a frustrating process. CSS frameworks are one attempt to solve these and other common problems, but they are not without their own controversies.

Purists and those hyper-concerned about semantically valid markup often decry the class names and arbitrary div tags that frameworks seem to encourage. At the end of the day though, the truth about frameworks may be simply that your own is better than any stock version.

CSS guru Eric Meyer recently compared a number of popular CSS frameworks (including our favorite, Blueprint) during a talk at An Event Apart San Francisco, concluding that the one that’s right for you is… none of the above. Designer Jeremy Keith was there for the talk and offers a shorthand transcript, along with his own thoughts, on his blog.

While Meyer admits there are some uses, like quick prototyping or as a starting point for ideas, he feels that frameworks, much like HTML templates, aren’t a viable solution for most professional designers.

That isn’t to say you can’t take the elements of a framework you like — say a group of reset rules or font baseline rules — and hack them to suit your own work. In other words, there’s nothing wrong with reusable code, but the best reusable code is stuff you’ve written.

When I first encountered it, the Blueprint framework seemed like a brilliant idea. However, having now used it in a few projects, I often find myself fighting it as much as I’m using it. In the end I’ve found that the best solution is, as Meyer suggests, pulling out the elements I like and ditching the rest.

What sort of frameworks are you using or avoiding in your work?

[via Jeff Croft]

See Also:

• Blueprint: Beautiful CSS Grid Layouts Made Easy
• CSS Variables: Coming Soon to a Browser Near You
• Making CSS Accessible to All

At its core, the web is little more than a collection of links — pages strung together by interwoven, linked text. For search engines like Google these links are vital in determining the most relevant results for your query.

But what happens when links start to become more self-referential? That’s the question posed by Tim O’Reilly, who sees an alarming trend: sites like the New York Times, BusinessWeek and TechCrunch are starting to link to their own writing about other sites, services and companies rather than to those outside sites directly.

O’Reilly is worried that this trend will lead to what he calls “roach motel” links — all internal links that do little to help the user and exist primarily for search engines. “When this trend spreads (and I say “when”, not “if”),” O’Reilly writes, “this will be a tax on the utility of the web.”

He goes on to say that if such links are “purely designed to capture additional clicks, they will be a degradation of the web’s fundamental currency, much like the black hat search engine pages that construct link farms out of search engine results.”

It is certainly annoying when you expect a link to, say, Google, to take you to the Google homepage and instead you find yourself on a Monkey_Bites post about Google. But, if history is any indicator, it seems that Google and other search engines, are pretty smart about these sorts of things — especially since the link text offers an immediate clue as to where the link “should” point.

While trying to capture as much link traffic as possible and routing it to your own site may seem like a good idea now, there’s no telling when a few tweaks to the algorithms will make it hurt, rather than help, your search engine ranking.

As for O’Reilly’s suggestions for those practicing these sort of “roach motel” linking schemes, they’re good advice, but for the most part, as a content creator, you know when links should point out — ignore your instincts at your own peril.

[Photo Credit: Piutus, Flickr.com]

See Also:

• Yahoo’s New ‘Build Your Own’ Search Engine Nips at Google’s Lead
• Wikia Search Launches Wikipedia-Style Search Engine
• Search Engine Robots Agree Over Standards