Blog Entries
Senators call for end to anonymous, prepaid cell phones
May 27, 8:52Time to stock up on prepaid anonymous cell phones before its too late! Or just use the call encryption Android application...
Schneier on Security: Alerting Users that Applications are Using Cameras, Microphones, Etc.
May 24, 6:26"What You See is What They Get: Protecting users from unwanted use of microphones, cameras, and other sensors," by Jon Howell and Stuart Schechter."We introduce the sensor-access widget, a graphical user interface element that resides within an application's display. The widget provides an animated representation of the personal data being collected by its corresponding sensor, calling attention to the application's attempt to collect the data."
Not sure how well that scales...
FBJS - Facebook Developer Wiki
May 6, 7:25Another subset of javascript and DOM access to make a sandbox: "FBJS is Facebook's solution for developers who want to use JavaScript in their Facebook applications. We built FBJS to empower developers with all the functionality they need, and to protect our users' privacy at the same time."google-caja - Project Hosting on Google Code
May 6, 7:22"Caja allows websites to safely embed DHTML web applications from third parties, and enables rich interaction between the embedding page and the embedded applications. It uses an object-capability security model to allow for a wide range of flexible security policies, so that the containing page can effectively control the embedded applications' use of user data and to allow gadgets to prevent interference between gadgets' UI elements."WebSandbox - Microsoft Live Labs
May 6, 7:16"Today web gadgets, mashup components, advertisements, and other 3rd party content on websites either run with full trust alongside your content or are isolated inside of IFrames. As a result, many modern web applications are intrinsically insecure, often with unpredictable service quality. Live Labs Web Sandbox addresses this problem."Code Standards | Isobar
May 2, 3:14"This document contains normative guidelines for web applications built by the Interface Development practice of Isobar North America (previously Molecular)." Glad to see coding styles and best practices for HTML, CSS, JS, associated HTTP headers etc etc etc5 Loading Web pages — HTML 5
Apr 22, 10:26HTML5 has some notion of a 'null' origin. Not sure how this actually plays out though.Tao Effect Blog » Blog Archive » Steve Jobs’ response on Section 3.3.1
Apr 11, 2:16Lots of links, info, and thoughts on Apple's change to the iPhone SDK terms of service that now state "Applications must be originally written in Objective-C, C, C++, or JavaScript..." Means no other languages or third party platforms...RFC 4627 - The application/json Media Type for JavaScript Object Notation (JSON)
Mar 31, 7:59Defines the mime type for JSON as well as JSON itself.Client-side Cross-domain Security
Mar 31, 7:54"Summary: Exploring cross-domain threats and use cases, security principles for cross-origin requests, and finally, weighing the risks for developers to enhance cross-domain access from web applications running in the browser."Widget Packaging and Configuration
Mar 26, 2:28"Widgets are client-side applications that are authored using Web standards, but whose content can also be embedded into Web documents."iPhone Dev Center: iPhone Application Programming Guide: The Core Application Design
Mar 11, 4:26The iPhone application lifecycle.Activity Lifecycle
Mar 10, 5:21The lifecycle of an Android application. How to gracefully handle getting paused, stopped, etc.Database - WEBAPPS
Mar 5, 10:21Document explaining the relationship between the various web storage APIs coming out of HTML 5. To summarize:Web Storage (aka DOM Storage) - simple key/value pairs API.
WebSimple DB API - now called Indexed Database API.
Indexed Database API and Web SQL Database - competing database APIs.
Application Cache - Storage of HTTP resources for offline apps.
DataCache API - A programmatically modifiable Application Cache.
Bing - New Bing Maps Application: Streetside Photos - Bing Maps Blog - Bing Community
Feb 19, 3:20Bing Maps blog post on their integration of Flickr photos onto their street side view. Very coolSafari Dev Center: Safari Client-Side Storage and Offline Applications Programming Guide: HTML 5 Offline Application Cache
Jan 26, 1:47Details on Safari and iPhone's HTML5 offline app cache.Understanding and Working in Protected Mode Internet Explorer
Jan 12, 7:10Info on writing apps to work with low rights mode in IE7 and IE8. Includes info on elevation policy for applicationsView PDFs on Android
Jan 10, 4:07Irritatingly, my G1 won't show me PDFs so I've made the Google Docs PDF viewer which will load PDFs on the web up in Google Docs. Google Docs has the useful ability to display PDFs in web browsers without any Adobe software and works (mostly) on Android.
This was very easy to put together as an Android activity. First its necessary to register the application as handling PDFs from the web. This is done via the intent-filter declaration in the manifest:
intent-filter
action android:name="android.intent.action.VIEW"/
data android:scheme="http" android:mimeType="application/pdf"/
category android:name="android.intent.category.DEFAULT"/
category android:name="android.intent.category.BROWSABLE"/
/intent-filter
The action part says my activity will view PDFs, the data part says it accepts data with the PDF mime-type and with a URL that has an HTTP scheme. The browsable category is necessary to allow
links from a browser to open this activity.
Second, the activity opens up the browser to Google Docs pointing to the PDF.
Intent intent = new Intent();
intent.setAction(getIntent().getAction());
intent.setData(Uri.parse(
"http://docs.google.com/gview?embedded=true&url=" +
percentEncodeForQuery(getIntent().getData().toString())));
startActivity(intent);
This is very simple code to invoke a new intent browsing to a newly constructed URL for the PDF in Google Docs. That was easy.IETF: PATCH Method for HTTP
2009 Dec 18, 9:48"Several applications extending the Hypertext Transfer Protocol (HTTP) require a feature to do partial resource modification. The existing HTTP PUT method only allows a complete replacement of a document. This proposal adds a new HTTP method, PATCH, to modify an existing HTTP resource."
Some rights reserved