Tag: Internet

Web Application Coherence

Post date 7/26/2007
8 Comments on Web Application Coherence

One of the greatest things about Parallels is Coherence. The integration between the virtual machine and the host OS makes virtualized applications feel almost native. It’s a major win for users who don’t want to be locked into a mini-desktop.

I wonder if this concept could be brought to the web in a secure, but convenient method. There are many applications that could benefit. You could pull widgets off a page and onto your desktop as an application. For example you could take Meebo, an online IM service. In a matter of seconds it would feel as if you downloaded a new application, but your still using your browser. People love web applications, and hate downloads. This has been known for a while. Meebo is extremely popular because it feels somewhat like a desktop application, but it’s web based. Think of this as Apple’s Dashboard taken to a whole new level.

Take for example this psudocode (it’s just to make a point, not an API):

<div id="frame">
    <p>This is a window that can be brought to the desktop</p>
    <p id="test"></p>
</div>

var widget = document.getElementById(‘frame’);
 
// This would test if it’s currently coherent 
if(!widget.coherence){
    // This would prompt the user to allow coherence on the page.  Typical extension-like install warning.
    widget.allowCoherence();
}
 
// When you first enter coherence mode
widget.coherence.oncoherence = function(){ 
    document.getElementById(‘test’).innerHTML = ‘I\’m in your OohS, integratin your web pagez’; 
};
 
// When you focus (bring a window to the front)
widget.coherence.onfocus = function(){ 
    document.getElementById(‘test’).innerHTML = ‘Your in focus’; 
};
 
// When you first enter coherence mode
widget.coherence.onminimize= function(){ 
     document.getElementById(‘test’).innerHTML = ‘I\’m idle right now.’; 
};

The first time your browser would hit allowCoherence() you would be prompted to allow coherence for that domain. Other than the integrated look/feel it would adhere 100% to typical web sandboxing. This isn’t like building an XULRunner app where JS can write to the filesystem. It would just be a way to make web applications more usable for people. and breakout of the web browser feel.

There are other things that can be done as well. For example css theming could give the app a more native look/feel dependent on the host. Perhaps just an attribute in the <html/> would trigger the browser to render things to look like a native app by default (pinstripe background for page by default, etc). Another great thing to use with it would be offline support. A little more cleverness would allow you to create bookmarks that essentially “open the application”.

Ultimately this would still be about web applications, but making them live outside of the browser window. The user wouldn’t need to install anything more than a web browser. The applications would be as safe to use as browsing to a website.

So there’s my giant idea. Implementing this in something like Firefox would be a rather large task, and to be useful the API would need to be standardized across browsers, but much of the underlying stuff is there. Anyone interested in taking web applications to the next level?

Tags coherence, Internet, parallels, UI, web-2.0, web-applications, widgets

Hardware Mozilla

Nokia N800

Post date 7/19/2007
2 Comments on Nokia N800

Several months ago I mentioned the Nokia N800. Recently a Mozilla based browser was released. This got me extra interested. Apparently flash support is improved, and you could run a better browser. Also can run Skype, and openSSH. What more could you want?

Well there is a killer thing missing: offline support. It’s a WiFi only device (which IMHO is fine), meaning no data connection if your not in range of a hotspot unless you use bluetooth and your cellphone, but that’s expensive. I’d love to see offline support. I’m surprised Google hasn’t stepped up to the plate and released a version of Google Gears the N800. Seems like it would be the perfect application.

Very interesting product.

Tags Internet, n800, Networking, nokia, web

Mozilla Security

WebApp as Desktop App Security Model?

Post date 4/5/2007
7 Comments on WebApp as Desktop App Security Model?

Recently there has been a fair amount of talk about bringing web applications off of the web and onto your desktop, or to put it in really simple terms: providing a bare-browser that has no UI but the site you visit. It sounds good, but I’m not convinced it’s quite workable, at least at this point. A few example of these attempts are:

The first two are somewhat generic in purpose, while FullerScreen is intended more for the task of using a web page as a presentation medium. Making it a potential replacement for something like PowerPoint.

I’m not quite sure this is really a workable model for the “average user”. Take for example the following scenario:

Say you use this as a way to make your Gmail (or Yahoo) account feel more like a client-size application. You receive an email to visit a site. You click the link and visit the site. You think you are using Firefox. In reality you’re really viewing a spoofed window. Even if remote XUL is disabled you can still do a fair job with just a bunch of cut up GIF’s. Enough to fool a casual user. Firefox has some basic countermeasures to help prevent this, such as keeping some UI.

This could be prevented if a “windowless” browser always prompts or provides some other sort of notification before connecting to an unprivileged host. Or better yet: Simply launches the real browser rather than handling untrusted url’s. That would be better and less Vista-like.

So that leaves me with the question: how should such an application behave? A true desktop application typically launches the default browser on the computer. Notable exceptions being things like Real Player, Google Earth, etc who embed a browser. How do you give a desktop like feel to an application, yet still provide the UI feedback to the user that a browser’s chrome provides?

My suggestion is simply limiting by a hostname. You have a Gmail app, you trust Gmail and nobody else. In my mind an application does 1 task and does it well. If it was intended to feel like a Gmail client, then it should do that, and that only. Want to visit that website with the monkey that sniffs his own butt? Cool, but do it in your own browser.

I’d be curious what others thought of this potential problem. I think with XULRunner looking more stable, WebKit being available to Mac developers and the merging of the web and OS, things like this are a potential problem. We are getting more and more ways to embed browsers into things (widgets, extensions, etc.). This is going to be more of an issue moving forward.

This isn’t to say I don’t like the above products (I actually really like them). I just haven’t figured out exactly how they fit into the current security model of local:safe, web:devils-playground. I don’t think they do. I think they potentially break the barrier between the web and desktop applications. We’ve all been hoping would be broken. The question is: are we ready?

The higher level question is: How do you distinguish between trusted and untrusted data when it all looks like it’s local?

Tags firefox, full-screen, Internet, Mozilla, Security, UI, web-applications, WebKit, webrunner

Hardware

Nokia N800 Looks Interesting But Large

Post date 1/24/2007
No Comments on Nokia N800 Looks Interesting But Large

The Nokia N800 looks really cool, but I wonder if it’s size is a little to large to make it practical to carry around. The lack of good Flash support, and weak MPEG4 (my guess would be lack of an onboard decoder and using software to make up for it). The fact that it’s Linux powered means you can run a fair amount of desktop software on it, with a little patience.

The size is really what hurts. If it were a little smaller, it would be a really cool PDA-like device.

I’m still curious what people will figure out can be done with the hardware. It’s still too new to tell. From what I’ve read it’s somewhat powerful, so the potential is there.

Tags Internet, n800, Networking, nokia, web

Google Internet Politics Spam

Postage for Email? My Internet != Your Internet?

There’s been a lot of buzz lately over AOL and Yahoo charging to email their customers. I think this quote most likely will end up being the future:

“AOL users will become dissatisfied when they don’t receive the e-mail that they want, and when they complain to the senders, they’ll be told, ‘it’s AOL’s fault,’ ” said Richi Jennings, an analyst at Ferris Research, which specializes in e-mail.

Well said. Just wait until AOL customers realize they aren’t getting order confirmations, notifications, and other email’s because the sender won’t pay.

Another concern not really discussed is the possibility of having a Level 3/Cogent style battle where one ISP refuses to let another email their customers, because they aren’t getting paid what they feel they should.

Right now, email is essentially 100% peered. Everyone emails everyone, nobody charges. You pay your ISP to run the mail server, and that’s it. If commercial entities need to pay to email you, your going to get separate charges. Want an email when your order ships? Pay extra. Want an email when this item is back in stock? Pay extra.

This is a very slippery slope. Just one or two greedy ISP’s is all you need to ruin email. Once you can’t reliably email, the system is dead. Spam can reduce efficiency, but can’t kill email. Remember Email is by far the most used protocol in business.

I doubt this system will do anything to reduce spam for AOL customers. It will however help AOL’s revenue, which I’m assuming is the real goal. A slightly bold move as AOL is assuming their customers won’t mind not getting all the legitimate email they would if they used a free Gmail or even Hotmail account.

There’s also a decent possibility AOL customers might have to pay merchants an email fee when they buy products, to help cover that cost. Of course merchants eventually will sneak in their percentage there, further hiking prices.

Personally, I think this biggest threat is a Level 3/Cogent style dispute.

Should also note there’s currently a lot going on over Net Neutrality. Google’s been thrown into the middle of that, merely because of how ubiquitous the company is. Vint Cerf’s letter on the topic is really a must read. Paying for email right is really just an inverted case of network neutrality. Instead of the middle man dictating who you can/can’t communicate with, the next ISP down the line decides. That’s no better.

The Internet as an open medium could drastically change in the next few months if some of this stuff becomes reality. There are quite a few companies out there who believe the internet is enough of a threat to their business, that they want to go as far as crippling it.

Tags aol, email, Google, Internet, isp, network-neutrality, Spam

Internet Networking

Pathetic Speed Part II

Post date 11/17/2005
No Comments on Pathetic Speed Part II

Decided to run a speedtest in the lab today, to compare with my test from the other day. I know they limit the dorms a bit. But boy was I suprised to see this:

8400kbps Down 3140kbps Up

That’s insane.

Tags bandwidth, college, Internet, Networking

Internet Networking

Pathetic Speed

Post date 11/15/2005
No Comments on Pathetic Speed

159kbps down/86kbps up

Most people think I’m joking when I say my school has absolutely pathetic bandwidth. Yes, that’s the result of the best of several speed tests. You don’t get much more sorry than that. And sadly, it gets much worse around finals week as everyone goes online at the same time.

Tags bandwidth, college, Internet, Networking

Internet

A plan for worms?

Post date 12/31/2004
No Comments on A plan for worms?

According to Slashdot, a new variant of the Sanity worm is out, except this one patches to prevent it. Even good hacking isn’t a good thing. It’s still illegal and shouldn’t be done.

But government agencies should really start looking into such a thing. It’s obviously possible. There’s enough exploits in most software that a similar task could be accomplished. US-CERT among others should be researching the possibility of such tactics. A well designed worm can actually counter the effects of a very harmful one.

Even firemen have learned that fire is not only their enemy, but their friend. Fire is often used to put out fires… when strategically placed they can be a very effective tool against forest fires.

Tags Internet, Networking, Security, virus, worms

Personal

No network access

Post date 9/3/2004
No Comments on No network access

I’ve been silent because I have no network access on campus yet. For some reason my dorm, and the one across the hall aren’t hooked up to the switch in the basement. Hopefully that will be resolved quickly, but I’m not holding my breath. I’ve been told 5-10 business days. Meaning it could be until 9/15. Home on weekends as usual, so I’m plugged in now.

So pardon the weekday silence. I’m practically non-existent until I get a connection.

Tags Internet, Networking, school

Apple

Apple and the Internet

Post date 7/12/2004
No Comments on Apple and the Internet

Anyone still not reading David Hyatt’s Blog should start doing so ASAP. If you read this blog, and find anything relevant, you will most definitely find his relevant. He’s a browser guru with his hand in many things. A definite site to bookmark. A few comments on this whole Safari/Dashboard thing…

Personally, I wish it were done in XUL, and XUL were fully implemented on Mac OS X via Web Kit. Would have been really neat. Personally I find XUL based interfaces to feel quite natural at this point. Even Mac OS X’s Firefox is feeling good. With Apple’s concentration it would have been great. But they did go with the second best (and still good) option of HTML, with lots of standards support. And that’s still a good solution, though not my personal favorite.

I’d also like to make note of a good quote here:

We have a phrase we like to use here on the Safari team, and that’s “real-world standards compliance.” What that means is that where possible we attempt to be fully compatible with the W3C standards, but we also want to support the real-world standards, i.e., extensions that for better or worse have become de facto standards. If you really do believe we should not have implemented contenteditable, then you are simply out of touch with reality.

Hyatt does say something that makes me feel really comfortable with Apple’s approach on standards:

finally we have submitted all of our extensions to the WHAT-WG for review. The slider in particular is already in the Web Forms draft. It is our hope that these HTML extensions will ultimately be standardized by a working group, but I wanted to emphasize that we are working with other browser vendors such as Opera and Mozilla to ensure that these extensions are implementable in those browsers and that these extensions can be standardized. We are not simply off “doing our own thing.”

This I’d really like to see happen. I’d ideally like to see these things work on multiple browsers, just like the new plugin system coming around. Perhaps Mozilla can be setup to allow these new Widgets to work? Would be nice to see Apple, Mozilla team up.

Lastly, regarding namespace…

Webkit is looking to use:

http://www.apple.com/2004/xhtml-extended/

IBM adapts HTML and uses:

http://www.ibm.com/data/dtd/v11/ibmxhtml1-transitional.dtd

I kind of perfer the /dtd/ and have a documented DTD available, so my ideal solution would be:

http://www.apple.com/dtd/1.0/xhtml-extended.dtd/

holding the format dtd/version/item.

Just my $0.02.

Tags Apple, Internet, WebKit, WHATWG, xul