I just arrived at London Heathrow and can look forward to another 9 hours or so until my flight to Nigeria. In the meantime, I've found complimentary Web access in the business class lounge so it looks like I won't be bored. I am a little worried about keyloggers and spyware on this computer given how easy it was for me to install Firefox on it. Here are a couple of quick thoughts I had on the way related to links I've seen over the past 24 hours
Shelley Powers has blog post on newly announced vulnerabilities in popular AJAX libraries. It seems this is another cross site request forgery (XSRF) issue similar to the one found in GMail a few months ago. I remember blogging about mitigations to this issue in my post The GMail Security Flaw and Canary Values when the flaw was announced. I suspect that XSRF will be the new 'buffer overflow' and 'SQL injection attack' of the Web, I expect we'll see a lot more of these kinds of attacks over the next few years before the technology and technologists will catch up with basic safety practices.
Thomas Hawk and Mike Arrington are continuing with their attempts to stir up an online lynch mob to hang Amazon for shutting a site that was screenscraping and hotlinking to their content. Arrington's post is entitled Amazon’s War on Statsaholic while Hawk's is So it Looks Like Amazon.com Is Going to Be a Jackass and Sue Statsaholic. Nothing beats the blogosphere when it comes to misplaced righteous indignation. A couple of my readers pointed out that the issue is that Amazon initially supported the service then changed their mind. Ignoring the fact that in this 'Stay the Course' world there is nothing wrong with changing your mind, let's look at the facts.
- Some geek builds a snazzy AJAX UI on top of screenscraped Alexa data named Alexaholic and sends announcements to Web 2.0 gatekeepers who give it a thumbs up.
- Developer on Amazon's blog gives a hat tip to Alexaholic.
- Amazon business folks get involved and realize some guy is building a competitor to their service with their own proprietary data and server resources then shut him down.
As a geek, I think Alexaholic is cool. as someone who actually works on large scale Web services and knows that these services cost millions of dollars to build and maintain, I know why the last thing you want is some competing service built on screenscraping your data then showing its own ads on top of it. Heck, even Google has realized that APIs that allow competitors to build competing services on your data + resources while circumventing your ads are a bad idea so why is it wrong for Amazon to do the same thing?
This reminds me of Don MacAskill's post on Enterprise Linux where he points out that he saves money on enterprise Linux for his business by buying rebranded/repackaged versions of RedHat Linux from RedHat's competitors like Oracle's Unbreakable Linux and CentOS because they undercut Red Hat on price on their own software. Is that really the world Arrington and Hawk want to force "Web 2.0" companies into? Well, screw that. More power to Amazon.
PS: Amazon is probably wise to let it go against Alexaholic mainly because it hurts the messaging around their Web Platform story. Morally they are in the right but bad press never cares who's right, does it?
Thanks for all the book suggestions. I ended up going with Ender's Game and Freakonomics from the suggestions. I also got three Discworld books, Anansi Boys and Dune. I'm halfway through the Neil Gaiman book and although it isn't as good as American Gods it is still an enjoyable read albeit a little slow to start off which I guess was on purpose.
It looks like there is a new version of Live Maps according to the team blog. This product has now officially gone through more names than I've had ex-girlfriends. It's been named MSN Virtual Earth, Windows Live Local, Windows Live Maps, Live Search Maps and now Live Maps. It's sad that we are intent on screwing one of the coolest products we are shipping these days in this way. :(
Anyway, check it out at http://maps.live.com
This is another summer that promises a bunch of movies from cartoons and comics that rocked my childhood. Fantastic Four: Rise of the Sliver Surfer, Spider-Man 3 and Transformers all look hot. The trailer for Transformers was initially disappointing because it looked like there were too many humans and not enough robots but the newly released pics from the movie make it look like my fears were unfounded. Sweet.
I saw Forest Whitaker the last time I travelled to Nigeria in the Virgin Atlantic upper class lounge. I wonder if I'll meet any celebrities this time around? I doubt it though given that British Airways is a step down from travelling on Virgin Atlantic. Damn that Richard Branson.
I'm hungry and need to get back to my book. Holla at y'all later.