h1

The Americans

September 14th, 2001

Gordon Sinclair, a Canadian radio announcer, wrote this tribute to The Americans in 1973.

h1

RSLite released

September 13th, 2001

A couple of people lately have got me thinking about building an EXTREMELY lightweight implementation of Remote Scripting using images and cookies, so I went and threw one together. I call it RSLite. Hokey but functional. Could be beefed up if necessary to dispatch calls to functions, but for now it’s one task per remote page.

h1

words can’t express

September 12th, 2001

I’ve watched news coverage from 20 different channels, listened to the radio, seen the major news websites, but it took someone reporting to Dave Winer’s weblog to publicly say the words on everybody’s lips.

Holy Fuck.

h1

clarity in communication

September 10th, 2001

Hey, Chris Locke, you’ve got some great things to say, but drop the damn subway graffitti lettering crap. It runs entirely counter to your proselytizing on reducing the layers of unnecessary obfuscation in communication between reasonable humans.

h1

don’t bring a knife to a gunfight

September 9th, 2001

Rick pointed out that the crux of the Verizon problem was guessable session IDs, not cookies directly.

True, the guessable session ID is the final culprit, but it wouldn’t be an issue if they weren’t avoiding cookies.

I’m assuming the reason the session ID is being exposed to the user (and therefore the hacker too) by being passed around in the URL is that they are using a cookie-less session mechanism because they want to cater to users who turn off cookies.

Bah, humbug, I say. No cookies, no service. You wanna drive around shirtless, you gotta put one on before getting served at the lunch counter. If you’re really paranoid about cookies, learn what they are and how to delete them regularly.

While I’m at it, no DOM browser, no fancy DHTML application. You’re not gonna get real high fidelity stereo on that crystal radio no matter what tricks I use, so consume my services with a tool that’s up to the task, or go get one – they’re giving them away free.

The longer we continue to jump through hoops accomodating throwbacks and paranoia, the longer it will be before we can truly move forward. As for those accomodations that ARE necessary, they’ll be much more manageable with newer tools.

h1

babies and bathwater

September 8th, 2001

This is what happens when you try to avoid using cookies. Verizon’s
URL-based sessionID avoids using cookies for people who are worried about security and privacy implications and ends up opening up a much worse security and privacy hole for everyone.


True Story:

It was one of those questions from my wife that I just can’t supply an answer to without getting myself in trouble.

“Look, here it says this local bar is having a ‘Thong Contest’. Do you think I should enter?”

Gack. Think Think Think….

“Don’t be thilly, you couldn’t thing to thave your life.”

h1

dot hot

September 5th, 2001

Although I’m less and less enamoured of Microsoft’s greedy business shenanigans, their technology continues to seriously impress me.  Have a look at Charles Carroll’s ASPNG site to see how damned powerful, comprehensive, and once learned, easy to use this ASP.NET stuff is.





Chris observed yesterday about the world-famousness of things.  I have often wondered just exactly where it is that you go to check the Global Registry of Chinese Buffet Dimensions in order to make sure your local restaurant has indeed got the World’s Largest Chinese Buffet.




Tim Morgan: “Live by the expando: die by the expando.”

h1

managing chaos

August 29th, 2001

One of the great lessons in life is that chaos is inevitable. Once you learn that there is no face lost in abandoning all hope of completely avoiding chaos, you can much more comfortably get down to the task of managing how to decide which bits of it are worthy of your attention, and more importantly, which are not.

Many people come to this epiphany when they have their second child. All the angst spent worrying about potential crises with the first child turns into considered risk management. With the first one it’s “Oh my God – keep him away from that – it’s got dirt on it!!”, and panic sets in. With the second one it’s “Well, it’s only dirt”, and serenity flows.

The trick is continually to assess issues on the amount of influence you have in determining their outcome. If you have no
influence, your worrying isn’t going to help it, so don’t worry.
If you have a moderate amount, do what you can and be satisfied that you’ve done your best. If you have great influence, then set it as a priority and influence away. No time to worry.

In order to reduce the amount of issues coming at you, preventive medicine is a Good Thing (TM). In the development sphere, I can think of a few ways to manage complexity.

  • Endeavour to keep things predictable. Use a staged development environment (Dev/Test/Prod). Implement change control and stick to it.
  • Implement a source control / concurrent versioning system. Conflicts are reduced, rollback/forward, archiving are all automatic.
  • Share and reuse knowledge. Newsgroups, forums, blogs, bookshelves, magazine collections, FAQs, knowledge bases, code repositories, links
  • Keep your eyes open for other tools and processes which help you to manage complexity