Many Pies

Many Pies

Tuesday, February 26, 2013

Brainstorming session

I asked twitter for advice and Louise came up with the goods.
Here's the result!

Friday, February 22, 2013

What does it mean to be logged in?

The last time I got fed up of my lack of knowledge on something I drew a poster about public key encryption. This time it's about what being logged in means. What is prompting this is the fact that more recent updates to Chrome have seemed to make it so that in some cases when Chrome restarts you remain logged in to a website where I'm sure you weren't before. So I'm finding out the different ways that websites keep you logged in. I usually write a complete blog post before I publish it, but this is going to be a public work in progress.

Wireframe:
HTTP is stateless. What about headers?
What different technologies keep the fact that you're logged in?
  • cookies - session, time-limited
  • technologies - PHP, ASP, others
  • ASP session state
  • anything else?
When you tick "remember me" what's going on? Is it clear whether it's remembering username and password?
How does the browser remember passwords? Is it secure?
What's going on with Single Sign On? (Ref this video: https://www.polderconsortium.org/fedid-in-global-missions)

Disclaimer

If you know about this stuff, and I get something wrong, please tell me, so we can make the world a better place, or at least this blog post. Bear in mind though, that I am simplifying. So when, for example, I say as below "you get a web page back" the proper way of saying that probably is something like "you get an HTTP response" which is in all likelihood a web page, but may not be in every circumstance. However I'm not going to say that, because I'm simplifying.

HTTP is stateless

You ask for a web page, you get a web page. You ask for another, you get that. The server isn't required to keep track of the fact that you asked for one just now. There are ways to get round that, one of which is cookies. I'm logged into a local MediaWiki (the software that Wikipedia runs on) site. Here's the cookie that gets sent to my computer every page I request.

I've obscured some of the strings in case they are a security risk, you never know. So there you can see a couple of relevant variables. PHPSESSID is the PHP way of keeping track of sessions, and bsm_bsm_session (where bsm is the name of my mediawiki instance) is probably a mediawiki specific cookie. __utma and __utmc are Google Analytics tracking. I don't know why they are involved.

This is the site that I first noticed I stayed logged into every time Chrome started up. That cookie is a session cookie, which are supposed to be deleted by the browser every time you shut it down. Chrome chooses not to do this though, if you enable "continue where I left off" in settings. I do that so that my tabs from my previous session are open, and apparently session cookies aren't deleted too, which is a feature.

ASP.NET

Which roughly means "how Windows servers do it" (ignoring older technologies). An authentication token is stored in a cookie or a page URL (source).
So what's in that cookie?
What determines whether a cookie or a URL is used?


Wednesday, February 13, 2013

Naming things is hard

Nearly five years ago I wrote that Names are important. Recently I came across a quote from Phil Karlton “There are only two hard things in computer science: cache invalidation and naming things.” (I couldn't find out where I came across it, but here's an old reference from Tim Bray). The difficulty of naming things doesn't just apply to Computer Science, it applies to a lot of things.

So here's some advice based on my 26 years' experience:
  • Name things by what the people who need to know would call them. For a couple of years we did a joint tour with the Saltmine Theatre Company. The first year we called it the Saltmine tour. They may have called it the Wycliffe tour. The second year it was called by the name of the event, much better.
  • Never call anything "new". There will come a time when it's not new and then the name will seem silly. New York is the exception to this, New Holland isn't. Buckinghamshire New University is going to have to undergo an expensive re-branding exercise in a few years.
  • Confusing where you are with what you do. The Wycliffe USA offices used to be in Huntingdon Beach, California. They produced a financial statement we called the HB report. Then they moved to Orlando... One way round this, which may be used elsewhere, if you think you're going to stay in the same part of the country, is to use airport codes. So we code our online jobs with LHR and then a numerical code on the UK website. Whoops, did I just link to a job in the IT Department here?
  • Confusing who you are with what you produce. The Joint Photographic Experts Group produced the spec for JPEG files. I guess they were happy with that. The Personal Computer Memory Card International Association produced a spec for what we called PCMCIA cards, and then later they wanted us to call them PC Cards. RIM produced BlackBerry phones and finally have renamed their company. I guess if the phones hadn't taken off under that brand they might have invented a new brand.
  • Confusing an interface with a system. We developed a system for interfacing with an internal system PMC. We called it PMC, but it should have been the PMC Interface.
  • When creating a document filename it's worth adding a bit of context in case the document gets a life of it's own. So if the proposal for Project X is just called proposal.doc in the directory ProjectX and it gets emailed to someone then it's just going to be called "proposal.doc" on their machine. The project name in the filename would prevent that.
  • What's next in this sequence? A, A, D, F, J, J, M? What's next in this sequence 2012-01, 2012-02, 2012-03, 2012-04. yyyy-mm(-dd) is great for date related files, month names aren't as when you sort them alphabetically they go out of sequence.
Do you have any other tips?

Monday, February 11, 2013

CheckITOut - IT in Wycliffe

I'm involved in an event called CheckITOut - a couple of hours of info about IT in Wycliffe on 6 April 2013 in Coventry. We've got a number of speakers covering some interesting areas. I did a Prezi to advertise it.


Friday, February 08, 2013

Interesting Bible Translation and tech snippets

I was talking to someone this week who is working on various technical things that help Bible Translation. One is LanguageForge, which is like SourceForge, but for data on languages. So it could be used for translation projects when it's released.

Another is Graphite - "a free and open rendering engine for complex scripts". It's really useful when it comes to working on minority languages, may of which have complex scripts. It's now available in Firefox 11, LibreOffice 3.4+, Fieldworks and other software. So with support for translation tools, typesetting and web browsers you have end to end support for these scripts. Mobile devices are in their sights too...

Monday, February 04, 2013

Tim Berners-Lee and an anecdote involving Bible Translation

In 2008 Tim Berners-Lee founded the World Wide Web Foundation. In the speech where he announced it he told an interesting anecdote:
This person, this man had taught himself English by using various books that he’d come across. Among them are the bible I understand, something that he could get in both languages. Having taught himself English and having got some sort of rudimentary Internet connection, then he could sell his services as a translator on the open market out there in the big wide world. He could not only – so he could bring money into the village but also he could be a channel to bring information into the village. He could translate the stuff that was out there into the village. And he could operate – so he could enable commerce.
The reason he told it was because he was talking about access to the internet could enable development goals. Naturally, given my job, the thing that interested me was the fact that having the Bible in English and presumably his own language, was what enabled him to sell his translation services.

(I first heard about this anecdote on the Guardian Tech Weekly podcast.)