Sazbean

Software Development Management

Main navigation

You are here: Home / Archives for News & Notes / Opinion

Opinion

/

Why I Have to Have a Smartphone but Can't Live Without My iPhone

iphonepandukasenakaNot only do I work online, but I pretty much live online.  I use web-based applications for just about everything – email, calendar, documents, networking, etc.  It’s much easier to have information available online from any computer than have to rely on having my laptop all the time.  However, the drawback is needing some way to connect to that information without a computer – a smartphone.  Ever since my first blackberry I’ve been hooked on smartphones and having all the information I want at any time with a touch of a button.

Recently Aaron and I finally got iPhones, and now I wonder why we waited so long.  Obviously there have been benefits to having a device that has been upgraded a few times since it first came out.  But the functionality and design of the iPhone makes me wish my computer worked as elegantly (and as a Mac it does come close).  I have yet to run into something I can do on my laptop that I can’t do on the iPhone.  Granted, there are a few things I would rather do on my laptop – and typing long blog articles is certainly one of them.  I also know there are some limitations of the iPhone, but I have yet to run into one that I really care about.

Carrying around the iPhone makes it easy to stay connected to my network and clients, so I’m not as concerned with being away from my computer while I attend business or networking events. And unlike a lot of technology, the iPhone never seems to get in my way.  It’s as easy to use and fun to play with as my first computer way back in the 19**’s. What other technology can you say that about?

(photo by Panduka Senaka @ Flickr CC)

Technorati tags: , , , ,

/

JSON and the Argonauts

greek-statueThe Greeks sure were fond of super-hero team titles.  There was Jason, commander of the Argo and her crew of the best of the best, pitted against irresistible forces beyond moral man’s endurance.   What does this have to do with JSON, the JavaScript Object Notation standard used by the web 2.0’s best of the best of overcome an accent foe called Same Origin Policy?  Can’t think of a thing, I just really liked the title.

A funny thing happened on the way to the Mashup. I’m sure someone somewhere, maybe even here, told you that RSS feeds were going to revolutionize the way we distribute information.  We were all so right in so many ways because RSS, or ATOM if you prefer, has opened up the world to the unimagined possibilities available online.  Think of some way that you want to consume information.  Go ahead, I’ll wait.  Ok, you are all right you can consume information that way. Oh, heh, I mean almost all of you are right.  That guy in the back with the Helvetica shirt in Metalica font, I’m sorry but we can’t help you with your idea.  Thing is, as much as you may want to have a single page that can then pull and update XML based RSS feeds from any site in the world from within the browser without refreshing, you’re not allowed.  It is for your own protection actually.  We call it the Same Origin Policy.

Here is the idea.  When your web browser pulls down a web page’s code from a modern site, it is usually pulling down a collection of HTML, Stylesheets, Javascript.  That HTML tells the page what content goes where and what images to place by the content.  The Stylesheet (CSS) tells the browser how to make that content look and how to make it act on the page.  Then the Javascript is there to give the page life, make it interact with events, make it do impressive things that we have come to love and cherrish.  In the AJAX world, those impressive things involve grabbing information from the server and updating the page without screen refresh.  Javascript is nye omnipotent in the browser, and yet there are some quantum limitations built into the works.  Beyond the sandboxing of JS, there is one little design decision from Netscape 2.0 that has totally altered the web 2.0 landscape.  Netscape decided that a browser would only allow scripts to interact with domains that the page came from.  If a page is loaded from www.bobsdiscountlasers.com then AJAX calls are limited to bobsdiscountlasers.com.  The grand illumination of mashups, where data flows from many different locations onto one page in a relevant way, almost never happened because of this.

Web browsers weren’t designed with mashups in mind, and ‘the warts have been there from day one’, [David Boloker, cofounder of the OpenAjax Alliance and IBM’s CTO of Emerging Internet Technologies] says. Browsers contain a security feature called the same-origin policy that’s meant to keep malicious code hosted on one site from grabbing data, such as stored credentials, off another site. The same-origin policy prevents websites from one domain from requesting data belonging to another domain. ~ Security services and Mashups

But, of course, Mashups do exist.  We see Google Maps on thousands of pages not under the google.com domain.  How is it done?  We’ll get to the hero of the day in a second, for now lets look at other popular workarounds

  • Mashup at the Server Side:  Since the JS limitation is browser based, you could do all of your mashups at the server.  The server could serve as the collector of the different sources of information, combine them intellegently and cache the results.  At best this idea is inconvenient because it adds layers where they need not normally be.  At worst this does not scale when you have a single location for distributed information
  • Flash/Flex:  The Flash VM doesn’t have the Cross Domain limitation that plagues JavaScript.  A file on the server gives a list of permitted sites that the Flex app can pull data from.  I have talked with Adobe Evangalists about this option and they seemed to hint that this design decision was intented to hit javascript where it was weakest.
  • AJAX Proxy.  Similar to the first method, a proxy allows the client to pull the information through it.  It isn’t stored on the proxy, though it can be cached, and no combination is done.  Again, this is a scaling issue

Stop passing code, start passing data. What all of these work arounds do is bypass the security concern with Same Origin Policy (SOP).  SOP was originally intended to combat early attempts at Cross Site Scripting (XSS).  Modern XSS has a nasty list of exploits that I don’t have time for here, but one way to think about it is this:  If you let Javascript pull code from untrustworthy places you are inviting problems.  One possible approach to this issue was to stop the push and pull of code but to allow the pushing and pulling raw data.  That is what JSON is, a way to encode data to be pushed and pulled using AJAX calls.  Though the X in AJAX stands for XML, AJAX really is more often using JSON because SOP will allow it to be used cross-domain.  So with JSON you can pull in Google Maps and that list of Micro Brewerys right in the browser, Mash them up using Javascript, and asyncroniously keep the data refreshed, the app reactive, and your buzz in good spirits (You are walking to these pubs, right?)

My prediction; RSS feeds are going to move away from XML and on to JSON in the future.  Or at minimum, support both.  John Resig, the creator of jQuery, even has a converter to get us all started.

Photo attributed to jasonr611

Technorati tags: , , , , , , , , ,

/

Send your people home

home_officeThe New York Times Company, managing entity behind the Manhattan based news paper, is trying to sell its headquarters.  Unsurprisingly, it is being reported as an act only the truly desperate would attempt which for my money is grade A comedy.  Three floors of Harvard educated Business Analysts and the best ‘out of the box’ idea they could find was to sell off that really valuable asset that they never really needed to do their jobs. Alert the presses NYT because here comes a newsflash; you are in the Information business.  Now I live in Michigan so I usually take a free pass to beat up on the Automotive Industry any chance I can, but in this case the big three wishes they had the newpaper’s problems.  A digital car isn’t going to make Ford any money anytime soon, though I’m positive I heard rumors about millions being invested in the idea as a ‘green’ alternative.

The myth that the guys and gals in accounting need to be sitting within 10 feet of each other to process the books is outlandishly insulting when you think about it.  Have you seen the accounting department for most companies?  Its huge.  They don’t ‘walk down the isle’ to go over the Smith file, they email it back and forth.  If you want to ask Sally about a journal entry you either call her up or IM her because shes on the 5th floor and you’re on 7 thanks to expansions in Sales, Marketing, and Legal taking up all the good cubes.   So now that everyone is shoe-horned into the corporate HQ, what real value are they getting out of the experience?  If anyone does try to start a conversation it goes over like a fart in church since the silence is enough to make out personal calls from the secretary thirty yards away.  There is the lunch room crowd that gabs on about their hip surgeries with uninterested co-workers who are eating warm Havarti cheese and anchovies over crackers.  Yes, I am sure that without these bonding experiences the whole organization would crumble into ruin, not that the leadership would notice because they are working from home today.

It is 2009 people, can we really look each other in the eye and say that the office environment is ‘working’?  We have the technology to free our cube brethern from needless commutes in snow, office temperature fluxuations ranging in the triple digits, and unproductive marathon sessions of ‘who took my printout?’.  Even when companies large and small like working together and feel the work environment helps them it really becomes an expense that is hard to justify this year.  So I call on company leaders to send your people home to work.  They may even thank you by getting their work done.

Photo attributed to mudpig