Learning about Adobe AIR in Atlanta…

I’m at the Fox Theatre in my hometown of Atlanta today checking out the Adobe AIR Bus Tour Summer 07. It’s nice to be at the first event nationwide. I’m attending at the behest of a friend who thinks it going to be the "next big thing." I’m skeptical. I fear yet another proprietary attempt to empower developers to craft unique custom web interfaces to provide desktop functionality as a layer over web technologies, and that’s not a compliment. These types of things, especially when looking at the black box nature of opaque Flash SWF files, do their best to ignore those things that make the web work, i.e. stateless URL-addressed resources. The reality of Adobe AIR remains to be seen… P.S. It would have been nice if Adobe had consulted me to ensure that this event was more convenient for me. I mean, I actually had to leave my home and cross the street to attend. Adobe, Please! ‘-)

Microsoft’s Obsolete Process and Release Cycle

I made two posts recently that muddled serveral issues so I am creating a seperate post here to isolate them and provide a location for comments specific to this issue:

Microsoft is loosing the battle with its open-source competition in languages and web frameworks because of their obsolete processes and release cycles

In summary, it’s my belief that the processes and release cycle for designing, building and releasing developer tools as well as for attracting developers that worked so well in the 80’s and 90’s are now obsolute when compared to the process in use by the open-source community. Further I believe that if Microsoft doesn’t completely rethink how it manages it’s processes and release cycle for designing, building and releasing developer tools in a manner that is competitive with the open-source process that it will slip farther and farther behind until it’s developers tools become irrelevent. Of course as that happens Microsoft’s platforms will also slowly decline in relevence until it is simply no longer the main player but instead one of many.

That’s not to say they are not doing some things right, they are. But they need revolution not evolution to stay the major player in developer tools.

The Weborati

Just who are the “Weborati[1] you ask? And where does the term come from? Well, to answer the latter question, It’s a neologism that just made up; please don’t shoot me for it. :)

As for the former, they are people who either created – starting with Tim Berners-Lee – who have passionately shepherded the web technologies over the many years since Tim first created ENQUIRE as a side project while at CERN.
In this group I would include the original and even the active members of the W3C Technical Architecture Group (TAG) as well as the active and passionate RESTafarians which of course includes Roy T Fielding, the father of REST.

I coined the term so I could refer to them collectively. But I want to make it clear I mean no condescension; I have great respect and appreciate for these people. I just thought a catchy name would make them more memorable and easier for me to refer to them. :-)

Footnotes

  1. …as an obvious pun on the various “-oratisTechnorati, Glitterati, Cognoscenti… (are there more?)

Announcing WellDesignedUrls.org

Those of you who read my blog know that I strongly believe in the importance of URL design. For years it bothered me that we’ve see so many URLs on the web that look like the following example of poor URL design from Jeffrey Veen’s 2001 book The Art & Science of Web Design:

http://www.site.com/computers.dll?1345,1,,22,567,009a.html

Back in Aug of 2005 I finally got my thoughts together and wrote the post Well Designed Urls are Beautiful. Well, from anecdotal evidence (I don’t track stats on my blog stats very closely) it appears that post has become my blogs my popular post!The popularity of that post combine with the several others facts inspired me to go ahead and launch a website with the following mission:

"Providing best practices for URL design, and to raise awareness of the importance of URL design especially among providers of server software and web application development tools."

The "facts" I referenced above are:

  • I continue to feel strongly about URL design yet many are still oblivious to the benefits,
  • I still have a lot more to say on the topic, and
  • It appears that good URL design is one of the many tenants of Web 2.0 partly because of AJAX, Mashups, and REST-based APIs meaning that it won’t be such an uphill battle!  

The name of the website/wiki is WellDesignedUrls.org and for it I have the following goals:

  • To create a list of "Principles" as best practices for good URL design,
  • To cultivate how-to articles about implementing good URL designs on the various platforms like ASP.NET, LAMP and Ruby on Rails, servers like IIS and Apache, and web development tools like Visual Web Developer and Dreamweaver,
  • To cultivate general how-to articles and resources for tools such as mod_rewrite and ISAPI Rewrite and others,
  • To cultivate "solutions sets" for mod_rewrite and ISAPI Rewrite and others that can clean up the URLs on well known open-source and commericial web applications,  
  • To grade web applications, websites, and web development tools by giving them a "report card" on how well or how poorly they follow best URL design practices,  
  • To document URL structure of major web applications and major websites,
  • To recognize people who are "Champions for the URL Design cause" (those who’ve written articles and essays promoting good URL design), and  
  • To providing resources for further reading about good URL design.  

The wiki is clearly new and thus a work in progress, so it will probably be a while before it realizes all these things I mention. However, as I have time and am able to recruite others to help, I think it will become an important advocate for good url design and a great central resource for best practices.  And if you’ve read this far, I’m hoping that you’ll consider either contributing when you feel you have something relevent, or at least use start considering the value of URL design in your own web application development and also point people in the wiki’s direction when applicable.Thanks in advance for the help!P.S. I also plan to launch a WellDesignedUrl blog in the near future.

Subscribe to my RSS feed it you want to be notified of when the blog goes live.

Great Article: 8 steps to serving better (X)HTML

Earlier today I blogged about Tantek Çelik’s talk at The Future of Web Apps so I decided to mosey on over to his blog. There I found this gem:

8 steps to serving better (X)HTML

Microformats: hCard

One of the things I learned more about at The Future of Web Apps was Microformats.  The talk on Microformats was given by Tantek Çelik who is CTO of Technorati and it was easily one of the more interesting concepts covered at the conference (to me, at least.) I probably appreciated it so much because Microformats potentially solve so many different problems that I have been pondering of late.

I had previously heard about , but I didn’t quite grok how cool they were until Tantek’s presentation.

Anyway below is my hCard, assuming I did it correctly. If anyone knows how to tell, I appreciate it you could let me know if it is correct and if not, why not (Note: I used hCard creator but I added a URL to "org" and I also put "(w)" and "(c)" after my phone numbers and I don’t know if that is kosher.)

 


photo

Atlanta, Georgia  USA

404-474-8948 (w)
404-276-1276 (c)

This created with the hCard creator.


Simple Solution to Phishing Epidemic?

Call me simplistic, but it seems to me that there is a relatively simple solution to the phishing epidemic, assuming those in control of the Internet would like to stop it.  Since almost all phishing emails using a hyperlinks something like http://www.MyBigBankName.com.bad_guys_domain.info/login.html, eliminating it would be a simple as ICANN cancelling domain registrations for anyone caught phishing.  (I assume Internet registrations are ICANN’s domain? No pun intended…) 

To implement they would set up an email alias like [email protected] where people could forward phishing emails.  Once they had someone verify that an email routed to a phishing website (I bet this could even be done with vetted volunteers), ICANN would cancel the domain registration.  Then it would be a simple matter for browser, personal firewall, and anti-spyware vendors to be update their software to provide anti-phishing warning for any website that is reached via IP address rather than via domain name.

With domain cancellation in place and IP-address based anti-phishing functionality by browser, personal firewall, and anti-spyware vendors, phishing would be eliminated as it would quickly become effectively impossible for a phisher to maintain a domain, and IP addresses would be easily filtered.

Or so it seems to me.  But it must not be that easy, or someone else would have thought of it by now.  I’m posting this hoping that someone can either explain to me why this would not work, or if I just happen to be the only one to have thought of it and it would work, that someone reading this will forward to the good folks at ICANN for implementation.

Windows 2003 Server Web Edition doesn’t support SQL Server?!?

I am setting up a new computer running VMware GSX Server (because the new free VMware Server is still in beta) for which I plan to use one of the virtual machines to run a few websites including a DotNetNuke website that stores its content in SQL Server. So I decided to install Windows 2003 Server Web Edition and then ran into a problem when trying to install SQL Server 2000 (I’m using 2000 for compatibility with some older sites I am planning to move to this VM; I’ll installed SQL Server 2005 for new sites in a different VM.) 

When I ran the SQL2K install app (written in Demoshield) and I clicked on "Install Database", nothing happened.  Then when I tried to run the install app directly [setupsql.exe], I got the following error message:

Windows cannot open this program since it has been disabled.

Of course I immediately assumed it was a VMware problems (not unreasonable since I’ve had one problem after another trying to get VMware to work, mostly because of incompatible hardware, but still), but then their tech support provided me the answer on our forum.  Microsoft decided not to allow SQL Server 2000 to run on Windows 2003 Server Web Edition?!?!?!   Worse, their error message was so cryptic I spent hours trying to track down the problem!!!!!!! (Googling didn’t help.)

HELLO MICROSOFT, don’t you understand that most serious websites use a database?!?!?  I’d say this is especially true for smaller sites that can’t afford seperate servers.  And why must you persist in causing developers and IT people to have to track down the meaning of cryptic errors?!?!?!

I just love it when the marketing department of a company cripples a product for it’s intended use in order to ensure they "maximize profit," and when the implementation people don’t provide reasonable error messages for problem areas.  Sheesh!  The former makes me want to consider using LAMP.

I Am Excited about IIS 7.0!!!

I just read Rick Strahl’s article in CoDe Magazine entitled Get Excited About IIS 7.0 and, yes, I am excited! Finally an architecture that makes sense! If (indirectly) addresses my #1 wish for IIS7: a mod_rewrite functionality. Well, it doesn’t address it per se, but it allows me, or any other .NET developer to address it with simple .NET code. Gosh I wish they could have done it sooner! And Rick, thanks for the great article!

Anti-phishing tactic helps the “Well Designed Url” cause

Today Joris Evers on CNET posted an article about the security developers for the four main web browsers discussing how to make surfing the Web safer. One of the tactics mentioned was Microsoft plans for IIS7 to show the URL in the address bar on all Internet windows to help users identify fraudulent sites. Whereas the trend has somewhat been for many websites to eliminate the address bar on their seconday windows to make their websites look slicker — see what happens when the bad marketing wonks get involved, and when techies become over-enamored by techniques like AJAX — this move will shine the light more brightly on the lowly URL.

In the past have blogged about Good URL design for websites and the related topics of wanting Mod_rewrite functionality for IIS and the tool ISAPI Rewrite that gives mod_rewrite functionality to IIS so it is clear I’m passionate about virtue of incorporating URL design into the overall design of a website. More specifically, my personal opinion is that URL design is one of the more important aspects of web design. This even though one person in this world disagrees with me, but Mark Kamoski is wrong. :)

What’s cool about IIS7 requiring the URL to be seen at all times besides the obvious anti-phishing benefits is it will hopefully cause more website stakeholders (marketers, developers, etc.) to think more about the design of their website’s URLs.

And that would be a good thing.

P.S. Actually, I’d love to see all Windows applications do what Windows Explorer does and support a URL of sorts (maybe call it an "LRL" as in Local Resource Locator?) Wouldn’t it be great to see apps like Word, Excel, QuickBooks, and even Visual Studio be written as a series of state changes where the URL/LRL could represent in a user readable format each uniquely-representable state (with some obvious caveats)? Just imagine how that would empower the creation of solutions by composing applications… but I digress as that is the topic for a future day’s blog post.

P.P.S. I almost don’t want to say this next thing as it could obviate the need for exposing URLs to guard against phishing, but I’m too intellectually honest not to. I see a huge market opportunity for Verisign, with the support of browser and server vendors, to enhance their SSL certificates to include a "Phishing-Safe" seal of approval. Today website owners only need pay for a certificate if they are collecting sensitive information, but in the future I could see it becoming a defacto requirement for any website with a login to need a "phishing-safe" certificate, raising the bar on lots of hobby forums sites, etc. But I once again digress… Oops, I should have read the whole article before pontificating here; looks like they are discussing just such a concept.