February 2005 Archives

The savvy webmaster wants to keep a close eye on those savory technologies for future use in production sites:

• lighttpd -- because Apache can quickly become a bit of a resource hog -- is a "secure, fast, compliant and very flexible web-server which has been optimized for high-performance environments." The $64,000 question: is it on a sustainable development path? Watch TextDrive for the first example of a commercial mass virtual hosting operation using lighttpd
• RubyOnRails -- because PHP is not getting any simpler and a lot messier with time -- RoR reminds me of WebObjects, without the fancy GUI tools but with much, much easier concepts and language to boot. For the first time in years, a language that tinkles my rusted fingers. Side note and French lesson du jour : RoR+lighttpd, les deux font la paire
• Ajax -- because you need to thoroughly wash this request-response thing (Ajax is the name of a detergent here) -- also keep in mind the difference between XMLHttpRequest and iFrames. Side note and second French lesson du jour: jamais deux sans trois, I wish those guys would release the source code of this fancy little thing, it would make such a great tutorial
• Apache 2 -- because Apache 1.3 is so passé and so slow -- you have a long experience with Apache and it remains the best choice in many, many situations. If you take care of threads safety issues with PHP, Apache 2 can save you from upgrading costly hardware during rough economic times (and it's always better, business wise, to tackle the software stack first, the HW need not be an excuse for slow SW)
• ModSecurity -- because it's a dirty internet out there -- "ModSecurity is an open source intrusion detection and prevention engine for web applications (or a web application firewall)." If you don't want to spend a fortune into security appliances, mod_security is an excellent tool to protect your web applications from the ever growing nasty things out there (virus, spam, DoS attacks, etc.). An absolute must-have for mass hosting, especially blogs, wikis and any public forum subject to link spam
• FastCGI -- because one needs to get de-intoxicated from mod_php -- mod_fastcgi is a platform-indepentant and server independant interface between a web-application and a webserver. Not only does it compare favorably in terms of performance to things like mod_php (it can even be faster!), but it can bring two important benefits: 1) you can run scripts under a specific user permissions and chroot jail (not possible with mod_php), and 2) it can help greatly in moving from Apache 1.3 to Apache 2 then lighttpd, because of its independence from the web server (on a slightly similar idea, it can also help run both PHP4 and PHP5 on the same environment without too much fuzz)
• FreeBSD 5 -- because Linux doesn't do everything better than everybody else -- I think FreeBSD, at least in the web space, deserves more mindshare than it currently enjoys. It's really a great OS, fast, reliable and secure. IMHO, it's been for years and continues to be the perfect choice for internet servers

And you, what are you digging for your web properties in 2005?

Those guys are mad. Or may be they are not, but they have a mad offering that isn't going to last long: a comfortable hosting plan for life at $399.

Disclaimer: I'm hosted at TextDrive and I'm very happy. They offer the best anti-spam tools I've seen so far, and to have a spam-free blog without the hassle is priceless. One important note though: TD is not for the faint of heart, as the management tools are designed by geeks for geeks (they use Webmin, which is a great tool but bare bones by any marketing standard if not outright scary for the novice -- I know they have something much better in the works with the ambition to be the best host on the web, no less, if I get the plan correctly).

P.S. I've just signed for one.

Russ is launching a bet on how much Six Apart will sell out, taking About.com as an example to figure out that the NYT bought their blogs at $820,000 apiece. I think that the number of blogs is not the relevant metric here. For ad-driven and many other Internet business models, the traffic is. When what you're selling are ads (e.g. Google), what your clients want are eyeballs and what you show them are page views and click-through figures. I've seen one analyst opinion somewhere (can't find the link back) who estimated that the main reason Google was able to present improved traffic figures in 2004 was because they bought Blogger and aggregated its traffic to google.com.

Six Apart's acquisition of LiveJournal improves their position in the "We've got eyeballs" field, and that might be the other reason I was sniffing back in the time.

This leads me to the question: what's going on with Movable Type? MT doesn't fit in the eyeballs equation, and although it's still a leading product in its category, there have been months without any significant improvement apart from a few security fixes. Some long standing bugs (internationalization and UTF-8 issues notably) are not fixed and TrackBacks management remains an embarrassment. Nothing really exciting brews on the ProNet list and the word innovation has not even been murmured there for quite some time (actually only twice in the 4MB of archives I've just downloaded, and that's because of a quote of the only actual occurrence). The latest big news about MT was the redesign of movabletype.org. Nice to know it's entirely driven by MT, would you care to share how you did it? And would you care to share some clues about the product's future with paying customers? The more I venture with Movable Type on corporate blogging, the more I'm anxious about the issues I'm facing or foreseeing, and my last exchange with the MT luminaries (none of them from 6A I must admit) didn't help to reassure me on the fate of MT as a scalable blog farm (I thought I'd never use that word on my blog, but in this context it means that I don't wake up sweating in the middle of the night for the fear that tomorrow I'll have tens of requests for new blogs to process by hand, one by one).

Or is it time to forget about Movable Type and focus on TypePad? Indeed, this is the one that gets all the attention (e.g. WYSIWYG instead of WYSIFUC, drag-n-drop template customization, automatic and self-service user provisioning) and innovation, in particular its moblogging features. Not a hazard nor a mistake, mind you, as "connectable" mobile phones outsell PCs by an order of magnitude and most of the people who will connect to the internet for the first time in the near future will do so from a mobile device of some sorts. Droves of happy Nokia users will click on that "LifeBlog" button to share a picture with their friends or just archive it, and that will become a subscription option on all operators plans in no time. Six Apart has another business opportunity that they are well aware of and exploiting already.

If only they'd let me install TypePad behind my firewall...

Update: I received some good vibes from Six Apart telling me that I should be pleased by the forthcoming news about Movable Type (actually, I'll be pleased by deliverables). And today, Six Apart pointed to a third-party Lifeblog implementation for MT (ironically enough, this guy made the API because he was frustrated by the fact that MT lags behind TypePad, one of my main points in this post).

Six Apart are being challenged by Five Across (sorry, that one was too funny to miss) with bubbler, another blogging platform. At first glance, Five Across' team doesn't look as young and snappy as its competitor, but they're not exactly novice either. Its CEO is Glenn C. Reid, who "conceived, designed, and implemented" iMovie 1.0 and iPhoto 1.0 at Apple. Surely someone who understands style and ease of use.

Setting up a new blog is done in no time (download the blog editor application for Mac OS X or Windows XP and fill-in a few fields). I've not yet played enough with it to form an opinion, but here are my first look at it.

What I like very much at a first glance is:

• You have a true desktop application to author, with drag-n-drop and everything you can expect from a modern OS. No web interface, in the blogging space, currently matches that comfort
• There seems to be an embedded wiki for registered users, I'm looking forward to see how they integrated a blog with wiki

What I don't like or find strange:

• It says "This is my new home page". Mmmh'kay, clearly mainstream, at least it's not my "personal page" ;-)
• This thing pretends that I posted the first post that boast the unequivocal endorsement that this is "Very cool." Sorry guys, but that's cheap marketing ploy, not welcome on this side of the blogosphere. (P.S. See Glenn's comment below)
• Wait until I read the huge fine prints of the license ;-)
• Where are the permalinks? When I click on Home Page I get a link that sports "pages" in it, when I click on the sole link that sits in the first post, I read "home" in it. Confusing

To summarize my first impression, this tool further confirms what I've been crying out loud for years: a better user interface than web forms, without FUC! And it looks like it wants to be part of iLife, which considering its parents, would not be a big surprise. Meanwhile, posting web pages on .Mac is still so 1999 :-).

See you for another review.

John Gruber on his Daring Fireball Linked List asks:

The MPAA has taken over a popular BitTorrent tracking site, replacing the home page with a stunningly Orwellian piece of anti-bootlegging propaganda ("YOU CAN CLICK BUT YOU CAN'T HIDE.") Plus, they've obtained the server logs, presumably to determine individual users who used the site to bootleg copyrighted motion pictures. Question: Why in the world would a site like this keep logs?

Very simple: because they are obliged to, by law. In France, not keeping identifiable information on anyone who creates content on an online service is passible of a 75,000€ fine and/or one year of prison. It's actually a European directive, and I bet something like that exists in many, many other countries, including the US.

Well, I'm sorry for the guy but I find quite pathetic to have to wait until 60 comments or so to find the first correct analysis of the problem. It makes me think about what a CEO blogger told me recently on the importance of a blogging policy: "Common sense is not shared by everyone."

You resent renting your music and being forced fed with DRM weapons that prevent you to do perfectly legal things such as listening to your music where you want, on the device you want? (Remember, it's like in the old days of the Compact Disks, where you could listen to them on any CD player, and share them with friends.) Here comes MP3tunes, cheaper than the big boys, no strings attached mp3s, plays for sure (pun intended) with any mp3 compatible device. From the founder of Lindows. I guess the competition for online music stores isn't over yet. "Rip, Mix, Burn" anyone?

Fired For Blogging? Not Exactly...

Of course, the whole idea of "fired for blogging" isn't exactly true. No one is getting fired for blogging; they're getting fired for what they say on their blog. It's like people who, for example, say something inappropriate at a conference about the company they work for. They're not getting fired for "speaking" or for "conferencing," but what they said.

This sums up exactly what I've been thinking those past few days, while reading the fuzz about a certain guy who moved from a big software company to go work for a certain big search engine company to finally get fired after a couple of weeks. It is reported that he was fired because of what he wrote on his blog, and quite frankly, after reading his prose, I have a hard time defending him. Surely, the "MIT or Standford plus 14 interviews marathon" recruitment strategy must have some limits.

PH Corporation Chairman and CEO Karla Fidora Steps Down:

The board of directors has announced that  effective immediately, CEO Karla Fidora has steped down in order to accept a role as the star of a new TV reality program. Details will be released as they develop. Flags of all PH facilities are ordered to be flown at half mast.  > The Fidora Legacy

Boing Boing: Shmoo Group exploit: 0wn any domain, no defense exists:

"Shmoo Group exploit: 0wn any domain, no defense exists Pablos sez, 'Shmoocon ended today. And just to prove The Shmoo Group wasn't sitting on their asses for the entire time while planning the con - A new exploit was demo'd by EricJ that left all jaws our on the floor. Want to own ANY domain? Want a trusted SSL cert for it? Check it out here. We 0wnz0rd PayPal, but left the rest for you. We have no idea how to fix this and neither do the browser developers. Official advisory here. Phishing attacks of doom coming soon.' Link (Thanks, Pablos!)"

The author claims it works in everything except IE. I tested it on my Mac today, and it doesn't work in NetNewsWire, though it works with Safari, which is weird.

One Boing Boing reader gives a workaround for users of Firefox:

1) Goto your Firefox address bar. Enter about:config and press enter. Firefox will load the (large!) config page.

2) Scroll down to the line beginning network.enableIDN -- this is International Domain Name support, and it is causing the problem here. We want to turn this off -- for now. Ideally we want to support international domain names, but not with this problem.

3) Double-click the network.enableIDN label, and Firefox will show a dialog set to 'true'. Change it to 'false' (no quotes!), click Ok. You are done.

4) Go check out the shmoo demo again and notice it no longer works.

I hope Apple will do something about this in Safari.

John Gruber has used his Magic 8-Ball to answer your questions regarding the 'Napster To Go' subscription service. A must read before you fall for the trap.

I bought my iPod almost a year ago, and since then, I haven't bought a single song on iTunes or any other online music store. And not just because the iTMS was open for business in France only recently. My iTunes library is simply full with my CD collection, which my iPod helped me rediscover. Being a lover of baroque music, I find the catalog and sampling quality of the iTMS quite mediocre, and not a bargain compared to CDs from excellent (and independent, not a coincidence if you trust me) labels such as Harmonia Mundi or Ligia.

In my own perspective, Napster has absolutely nothing to offer. I completely resent the idea of renting music, and their monetary comparison with respect to the iPod is really stupid, but your mileage may vary. I'm listening on my iPod to CDs I bought more than a decade ago. Will Napster stand a decade? I really don't think so.

At last, the cat-and-mouse game of the software patent lobbyists is over. FII reports that the European Parliament JURI Committee votes for restart with massive majority:

The Legal Affairs Committee of the European Parliament (JURI) has decided with a large majority to ask the Commission for a renewed referral of the software patents directive. With only two or three votes against and one abstention, the resolution had overwhelming support from the committee, and all-party backing.

The decision is a powerful statement from MEPs that the current Council text, and the logjam of concern it has caused, is simply not a sustainable way forward. It is now up to the Commission to submit a new, or the same, proposal to the Parliament. Parliament will then hold a new first reading, this time under the guidance of Michel Rocard MEP as rapporteur.

And Michel Rocard (former French Prime Minister) did a speech to the commissioner McCreevy that quite clearly explains on which side he stands regarding software patents:

The patentability of software causes problems. Our friends the Americans do not have any legislation on this topic. Their responsible agencies seem to have granted between 100 and 200 000 such patents, validated by lower courts in certain cases. A few complaints are being addressed in front of the Supreme Court currently, due to violation of the Constitution which is penally quite expensive. It's a violation of the Constitution because there is a violation of the freedom of spreading ideas, given that software is nothing but a formula or an collection of mathematical formulas, and because a mathematical formula is an idea expressed in mathematical form ; it seems likely that the Supreme Court is waiting for the European law to be established before it will decide. As such, we are sort of in charge of making the law for the world. One should remember that the main stake is to preserve the liberty to create and use software by individual researchers and SMEs.

Good! Now let's hope the Parliament keeps its stance against those patents.