Internet Tech

Hello App.net

April 15, 2014

App-net-icon

App.net is WAY cool

What makes it cool, different and BETTER is:

  • They built the PLATFORM, (the heavy lifting behind-the-scenes that makes it all work)
  • They wrote the API, (the instructions for how to build things to USE the platform)

…and that’s all they wrote.

Aside: Yes, they did write sample applications. It’s hard enough to wrap your brain around it as it is, let alone if there were no apps to play with. So they built a web-based front end called “Alpha”, (for example.)

You, (dear reader) do not “look at” App.net, and you do not “use it”. You use APPLICATIONS which are built on the App.net platform/API.

App.net is different

App.net charges the developers: They’ve built a stable, powerful and feature-rich PLATFORM. They logically believe that developers will be willing to pay to use the platform.

Developers build applications: They pay App.net for access to connect their application to the platform. For example: Tapbot’s Netbot app is a superlative app using the platform. (App.net also maintains a directory of available apps.)

People use the applications: You, dear reader, choose your favorite application. You can use the free “Alpha”, (that’s it’s name) web front-end that App.net wrote. You can also download an app, (some are even free) from your favorite app store for your mobile device.

So, for example, how do you find me on App.net? Easy: Open your favorite App.net application and look for “cc1315”, my full name, or my email address. If you like to use the “Alpha” web-based application, then I’m /cc1315 . So there’s you using an App.net application! Another example is the application I wrote, (it required three mouse clicks) which enables this blog to push my posts into the App.net platform.

Wait. Wat?

The problem with all the big-name social networks is that they built, own and control the platform AND the application.

By “problem” I mean “things regular-users don’t like.” For example: Ads appearing; Weird algorithms that determine what I actually see and which strong-arm content-creators into paying money to boost viewership; Posts that look like posts but are really ads paid for by advertisers. And things that limit content creators, like: Not allowing posts at all into the platform; Weird rules that limit how posting is done because they don’t want the users leaving the platform to go read  content directly.

This is exactly WHAT WE DESERVE. The companies that built the platforms get to create the rules because they own the platform, control the API and they control the applications. The people USING the social network are the product that gets monetized. So everyone shows up, for free, to socialize. But then the advertisers buy-in to get access to all the people. To the people socializing, it feels like the social club is letting weirdos into the club who roam around asking if we want to buy things.

Don’t believe me? Here are some search-result links:

“why Facebook sucks”
“why Twitter sucks”
“why Pinterest sucks”
“why Instagram sucks”

App.net fixes this how?

Let’s think through the “problem” scenarios…

First, you do still choose who to follow. So let’s assume for this discussion I’m following a couple hundred accounts. (My friends, some favorite businesses, etc)

ads

I see a post from a business, but it’s actually an ad! …how do I make that go away? Current social networks? …you cannot.

Aside: Yes, some social networks let you kill that particular ad, but there are always more to follow. In reality, you’re just TUNING what ads they will show you, not blocking out ads.

With App.net it’s easy: Stop following that account. (Or maybe contact them and say, “yo, less ads please” if you really like their other posts.) App.net won’t let them send you further content, that would be a lousy platform that developers wouldn’t pay to use!

So maybe that ad you see is being shown by the application you’re using… it’s not really coming through the App.net platform… Easy: Don’t use that application. Or maybe pay them to turn the ads off. (Look! An application ecosystem where great apps win out.)

But, (you ask) what If someone tries to write an app to spam ads into the App.net platform? It turns out the platform doesn’t have that ability. (The current social networks have that ability BIG TIME — it’s how they make money.) But App.net makes money from the developers, so they don’t have a “spam everyone” feature in the platform. That’d be a lousy platform that developers would not pay to use.

content filtering

App.net delivers everything from all the accounts you’re following; That’s why developers want to pay to use the platform; It works well! So the applications might filter, or sort, or whatever. (Maybe, show me more posts from my friends whose posts I favorite.) But that’s a feature that you CHOOSE when you select what app to use. Don’t like how the app filters or sorts? …switch apps!

content posting into the platform

Current social networks want you to use their apps to post content. App.net simply moves the content through the platform. (Which is why it’s a great platform that developers want to pay to use.) So anyone can write any application to post content into the network.

Closing thought

The only thing more cool (in social networking) than App.net is Tent.io . With Tent.io, instead of having one centralized platform like current social networks and even App.net, you have one giant fabric which is composed of everyone’s PERSONAL data platform. So Craig’s posts are on Craig’s platform, etc. Then the Tent.io magic moves the messages around between the nodes, prevents anyone from impersonating anyone else, etc.

But that’s another post altogether… :*)

ɕ

Heartbleed: For want of one nail, the kingdom is lost

April 8, 2014

The Heartbleed OpenSSL problem is big news ( http://heartbleed.com if you’ve been under a rock ). What’s wrong?

In short, Heartbeat allows one endpoint to go “I’m sending you some data, echo it back to me”. It supports up to 64 KiB. You send both a length figure and the data itself. Unfortunately, if you use the length figure to claim “I’m sending 64 KiB of data” (for example) and then only actually send, say, one byte, OpenSSL would send you back your one byte — plus 64 KiB minus one byte of other data from RAM.

Whoops!

Matt Nordhoff from, How exactly does the OpenSSL TLS heartbeat (Heartbleed) exploit work?

So this one, tiny-looking problem brings our entire sand-castle Internet kingdom down. “Secure” web sites turn out aren’t necessarily secure. Worse, they haven’t been secure for some uncertain amount of time. So, anything communicated insecurely, during some uncertain time-frame… is, uh, possibly snooped, stolen, etc. The system admins have to patch the fix in, then redo site certificates, then everything everyone has put to/from those sites, (your login and password for example!) has to all be considered stolen/tainted and has to be reentered.

Bonus: it’s even worse than I’m making it sound: Try this on…

http://security.stackexchange.com/questions/55116/how-exactly-does-the-openssl-tls-heartbeat-heartbleed-exploit-work

http://security.stackexchange.com/questions/55097/can-heartbleed-be-used-to-obtain-memory-from-other-processes

ɕ

Also, people didn’t know to click on images

April 6, 2014

I distinctly remember:

  1. When inlining of images happened; The first time it was possible to put an image directly INTO the page. And JPEGs man. JPEGs where coooooooooool.
  2. Also, tables. Today, everyone loves to whine about how bad it is to use tables to layout pages. NOT having tables was much, much worse.
  3. And image-maps; The idea that WHERE exactly you clicked on an image, could take you to different content. I won’t even get into what we had to do to make it work… (but it involved: convex polygon mathematics, C code, a compiler, and a DEC Alpha work station.)
  4. …and we had to TELL people, “A lot of images in Skew are links… Click at will!” when we started e-publishing a magazine in December 1994.

So yeah, back in the day we had Mosaic. Then these guys hit it out of the park with:

Navigator was the way millions of people around the world were introduced to the web. Many web technologies and standards, such as as SSL, Java, Javascript, open APIs and support for online media, were innovations that Navigator made mainstream.

Brian McCullough from, On the 20th Anniversary

slip:4uieoe1.

ɕ

Stop data-mining me

January 8, 2014

Data brokers have pioneered advanced techniques to collect and collate information about consumers’ offline, online and mobile behavior. But they have been slow to develop innovative ways for consumers to gain access to the information that companies obtain, share and sell about them for marketing purposes. Now federal regulators are pressuring data brokers to operate more transparently.

In 2012, a report by the Federal Trade Commission recommended that the industry set up a public Web portal that would display the names and contact information of every data broker doing business in the United States, as well as describe consumers’ data access rights and other choices. But, for years the data brokers have been too busy to build a centralized Web portal for consumers. So, we decided to help them out and StopDataMining.me was born!

~ http://www.stopdatamining.me

Go there. Then, one by one, follow the links to the data mining companies “opt-out” forms. These companies ALREADY know who you are.

ɕ

Control T for TENEX

December 8, 2013

This magic works via detection of a STATUS control character, Control-T, by the kernel tty driver, which then prints the load line via tty_info() on FreeBSD or ttyinfo_locked() on Mac OS X. It also sends a SIGINFO to the process, so it can run its own routine. See STATUS in the termios(4) man page.

~ Brendan Gregg from, «http://dtrace.org/blogs/brendan/2013/10/05/control-t-for-tenex/»

It is so freakin’ cool when I learn new Unix tricks. It’s like a maze of twisty passages, all alike; Except there’s… oh! A piece of candy! oh! A piece of candy! oh! A piece of candy.

ɕ

Vim koans

July 25, 2013

An old Unix master came to Master Wq. “I am troubled, Wq. You teach the way of Vim. vi is holy but Vim is not; its code sprawls, its features crowd memory; its binaries are vast, its behavior inconsistent. This is not the way of Unix. I fear you mislead your students. What can be done?”

Master Wq nodded. “You are right,” he said. “Vim is broken. Let us fix it. Shall we begin?”

Tom Ryder from, Vim Kōans | Arabesque

slip:4ugevi1.

ɕ

SOLID object-oriented design

June 23, 2013

Five basic principles of object-oriented design. Not the only five, but five which are, well, SOLID.

Single responsibility – A class should have only a single responsibility.

Open/closed – Open for extension; Closed to modification.

Liskov substitution – Objects can be replaced by instances of their sub-types without breakage or surprise.

Interface segregation – Many, specific interfaces – that is, APIs – are better than fewer, more general-purpose interfaces. (…or “interface” in the worst case.)

Dependency inversion – Depend upon the abstraction. (Not upon the specific concretion.)

 

ɕ

Coffee as as Service (CaaS ?!)

May 9, 2013

I have a hard time keeping all the cloud terms straight. Everything seems to be available As A Service (aaS). Try as I might to explain them, it just didn’t click for some people. Since cloud terms are so nebulous some times, I decided I need to put everything in a context that people understand. Therefore, I present…Coffee as a Service (CaaS)

~ Tom Hollingsworth from, Coffee As A Service

slip:4uneco1.

This will now be my go-to way of explaining the _aaS buzzword bingo. “I wish I had a… Oh! A cup of coffee!” aka SaaS. Brilliant!

ɕ

Does free work?

April 16, 2013

If you don’t understand what all the hubbub is about Google Reader, RSS, free services… here are three bits to get you thinking:

The Customer Is the Product

What if someone invented a service where, instead of having to check all your important blogs, instead of having to check Twitter and Tumblr a million times a day, you could get all the updates in one place? Great idea!

~ Ryan Holiday from, Our Regressive Web

slip:4umefu1.

Free is so prevalent in our industry not because everyone’s irresponsible, but because it works. … In other industries, this is called predatory pricing, and many forms of it are illegal because they’re so destructive to healthy businesses and the welfare of an economy. But the tech industry is far less regulated, younger, and faster-moving than most industries. We celebrate our ability to do things that are illegal or economically infeasible in other markets with productive-sounding words like “disruption”.

~ Marco Arment from, Free works

slip:4umafe1.

ɕ

Swamp maintenance

April 3, 2013

It’s hard to maintain the Everglades for the tourists when you’re up to your ass in alligators.

Curious about what I do? Here’s a glimpse.

The Evil Came Back

slip:4ubote2.

(If you’ve understood any of that, you will be cursing the scum-of-the-earth people who spend time making up this malicious stuff. Awesome that! …let’s fix this sh*t and go get beers.)

Now, Imagine you were working on something when that little item was brought to your attention. “Hmmmm, I wonder if that’s as serious as it sounds . . . “

  1. You need to understand the threat; That’s rather difficult once you realize that the god-level security geeks haven’t fully figured it out yet.
  2. You have various systems that might be affected; You need to check them.
  3. If you’ve been attacked, is it safe to even check the systems? …ok, you’ve figured that out.
  4. Check them. All of them.
  5. Devise your defense, (or decide it doesn’t apply to you.)
  6. Now implement changes to fix, or prevent, future problems.
  7. Then wonder: Do my usual work practices and designs prevent this vulnerability? …should I change my practices or designs? …can I generalize this specific problem into a general sort of problem that I can defend against all future problems like this one?
  8. Great! Do that.

Then you can go back to being the mother hen roosting on her eggs.

I’m not complaining. This is simply a part of what I do. Just thought perhaps some of you, dear readers, might like a glimpse behind the curtain.

ɕ

RFC for HTTP 700-series errors

March 28, 2013

oh. my. god. https://github.com/joho/7XX-rfc

This is, hands down, the geekiest piece of humor I have ever seen. HT to @dmuth who now owes me a cup of coffee to replace the one I blew out my nose onto my keyboard.

If you, my dear reader, care to do the ‘what the hell?’ deep dive:

  1. What’s an HTTP header?
    (it’s the glue that makes all the interwebs parts work together)
  2. What are the actual HTTP response codes?
    (200 good, 404 bad, 759 – Unexpected T_PAAMAYIM_NEKUDOTAYIM !)
  3. What’s an RFC?
    (request for comments, i.e. “hey, uh, fellows, maybe we should do it this way…”)
  4. The HyperText Coffee Pot Control Protocol (HTCPCP/1.0)
    (ie, prior art in RFC humor. Please notice the honest-to-gawd IETF.org URL on that one kids. Yes, the IETF like kinda determines how the intertubes work, and they have absolutely THE ugliest website.)
  5. An obscure HTTP response code joke
    (you do know to read the “alt-texts” on XKCD cartoons, right?)

ɕ

NSA geekery

January 9, 2013

Let’s fix that shit and go get beers!

This. Yea verily this!

Here’s what I do know. There are plenty of frustrated system administrators, developers, engineers, “devops” and everything under the sun who don’t want much. All they really want is for shit to work. When shit breaks, they want to be notified. They want pretty graphs. They want to see business metrics along side operational ones. They want to have a 52-inch monitor in the office that everyone can look at and say: See that red dot? That’s bad. Here’s what was going on when we got that red dot. Let’s fix that shit and go get beers.

~ From, Why Monitoring Sucks

slip:4ucowy3.

Hat tip to John E. Vincent. …and what’s network and systems administration (NSA)?

ɕ