TechNayak(mirror)

There was an interesting concept put forward to me by my professor - Open World Computing. A software that is not bound by any restrictions or constraints. A software that learns and adapts to its environment. Think of a person who is taken from a metro and put in a village. Does the person fail and give up like a computer program ? No. the adaptability of living beings is something so hard to understand that it can take probably another 1000 years to just simulate a living being, let alone learn its qualities.

Think of the same thing in software. A software that is programmed based on generic constraints and the software dynamically learns from its environment through input devices like sensors and then adapts to the changed environment. The classical shortest path problem can be taken as an example. If a crawler running through the shortest path is lifted from its path and put somewhere else, will it be ale to comprehend the change and then quickly adapt or will it be lost. What if the graph changes and produces a lot of cycles or what if the problem statement changes during the course of the program.

I know that a very few people are relating to what they are reading, but the belief that a machine can learn and adapt is what scientists are trying to prove everyday. Machine learning is taboo after movies like iRobot and Terminator, but trust me, we are far far away from something like that. If we can solve a subset of problems of adaptability through an expert system, that will be an achievement in itself.

But how do you go about designing software with such requirements. I would go one step ahead and call it no requirements or changing requirements with no defined thresholds. No current methodologies like OO or aspects can cater to such a requirement. Probably a new scheme of designing learning software has to be developed. Taking tips from AI and the Turing thesis, a perfect turing machine is what is required. Its a hard call but we will get there one day.

Note : I blog on my personal space at riteshnayak.com/blog . This is a mirror of the content.

I am a wannabe webmaster, I ever so often get involved in discussions with webmasters and build engineers about hosting, reliability and optimization tricks and so on. I am also a big fan of analytics and web site metrics. My experience spans with my first tool webstat, webalizer , awstats and then graduated to Google Analytics. I am interested in the dynamics of a website, what gets your visitors there, what keeps them there, what are their turn offs and so on. My own blog has been an experiment with analytics, I keep track of my stats and compare them to my site’s design and usability and yes they all culminate to one wierd mass of analytics mess that needs a lot of time and patience to comprehend.

Of some of the metrics that I found interesting apart from interestingness , entry points, exits , pageviews , timespent etc I liked the bounce rate very much. Yes bounce rate is the most amazing metric when it comes to the web.

In a nutshell bounce rate measures the percentage of people who come to your website and leave “instantly”. - Avinash Kaushik

Sites with good content have very low bounce rates, that coz users stay on the site for longer than just their immediate need. This metric is extremely important to consider as it could lead to some startling discoveries. Bounce rates directly translate to your site’s usability and design. A complicated design often confuses a user and he or she tends to leave a site if the site seems too cluttered ( which is why I hate GoDaddy’s design ). A blank design with no navigational links is also bad. Once the user finishes reading what he/she came to read, you need to coax them to stay longer. Either by giving them sneak peaks of other related articles or any abstract writeup, tags, internal links and so on. For bloggers, please do read this article to make a list of things to lookout for when picking your blogs design.

Note : I blog on my personal space at riteshnayak.com/blog . This is a mirror of the content.

There comes a time for every company when things just don’t seem to move. The stock begins to slip, strategies get mixed up, the organization gets entangled in its own lack of good planning or foresight and just generally struggles to gain more ground. When you translate this to IT companies most of the symptoms remain the same, but add to it lack of innovation, exodus of top execs and bad press. One such company hails from Sunnyvale and yes all’s not well in Sunnyvale.

I am no genius in the mechanics of running an organization, but I know technology and I do stay in touch with the blogosphere. This company has been one of my all time favorites, in fact I wouldn’t mind joining it even though I know they going through a rough patch. Its not just this company that is struggling, I can list at least half a dozen companies , not necessarily web, struggling to move ahead of their current position.

You will undoubtedly blame the strategists of the company and crib about them not doing their job. But its not just strategists that must be worried , the management is also equally to blame. Any company that doesn’t include innovation and research in its portfolio is going down. The fad nowadays has been of making hay while sunshines and trying to do too many things at one time. The case isn’t any different for service companies in India. These publicly owned companies have to satisfy their shareholders, clients and employees and do all this keeping in mind the future and their vision. Its a tough call, seriously but not one that cannot be achieved. The dynamics of the IT industry change faster than fastest changing fads. Its essential to keep your head above water to see what lies ahead of you, not just keep swimming as fast as you can. The result can be disastrous for companies that don’t consider adding Innovation to one of their to do lists.

Innovation is not easily achieved, there have to be strides made to achieve them. Google’s famous 20% personal time is one such great initiative that encourages an employee to innovate and also reap the benefits of doing so. Fostering and more importantly nurturing innovation is very important, you never know, you may have just passed the next million dollar idea. How do you innovate ? With all your company activities intact, give employees the freedom to express themselves. Have code jams and hack days, encourage fresh new ideas and initiatives. Setting up an innovation department in your company and helping talented employees understand their complete potential could be a good start. Have regular workshops on latest technologies and keep yourself abreast of the current trends. Channelize ideas into a fruitful outcomes and promote such people. Innovation knows no bounds, so if you think you have come across an idea that is too far fetched, hold on it. You never know, 20 years from now you may be a forerunner in something. Document and categorize ideas, invest in a knowledge management system.

phew !!

Creative commons is generating a lot of buzz amongst bloggers, photographers and other individuals who quote, ping, use, plagiarize others contents. Well its not just that, Open source enthusiasts are also lining up to learn about the Creative Commons licensing and how it affects or benefits them.

The Creative Commons is a non-profit organization that encourages people to share their creativity and make it available for others to legally build upon and share.

I found this great Podcast from Indian Podguru Kiruba Shankar ( podcasts from the realm of technology to business and entrepreneurial experiences) about Creative Commons India initiative. Speaking to Lawrence Liang, the head of the CCI initiative, Kiruba dwells into the specifics of CC and other topics. Lend me your ear

Click here to listen to the Podcast.

Note : I blog on my personal space at riteshnayak.com/blog . This is a mirror of the content.

All you javascript programmers, are you one of those people who are bitten by the RIA bug and write endless lines of JS code and include 200Kb header or bootstrap files. Then you suffer from bloat, a condition in which a content 3kb in size brings with it 300kb of javascript for presentation purposes. Bloat is exhibited by Gmail or any of the latest google applications , which while opening sometimes makes your browser really sluggish and non responsive.

Its not so bad in the real world. There are techniques being thought of to reduce the memory footprint of these mamoth js bootstraps. First step would definitely be to use the right library , if you use dojo make sure you use the right flavor of dojo like dojo for ajax or dojo for UI etc. There is no point in having functions bloating if they arent used at all. Next step would be use some brains and filter out unwanted functions in your bootstrap files. Its not that hard I guess, get your self Venkman or the recent firebug and you can be on and reducing in no time.

Now for the real deal:

1. use Dojo Shrink safe to reduce, compress and pack all your js files together. Most of the times your file reduces by almost a third using this. This utility doesnt obfuscate so you can call the same methods and not worry about changing function names.

2. Use Dean Edwards packer to further reduce the size by removing linebreaks and other unwanted characters. This usually reduces the file by another 20%

But make sure you always have a backup of the files. As most of these things are unreversible. These are just performance optimizers, they dont help your programming.

In the worst case, if you still a Kb or two short of your SLA then go ahead and obfuscate your code. Packer does a little bit but there are some really neat ones out there that can do a wonderful job. whats the advantage you ask ? a function OnWindowFocusAndDoubleClick() will get replaced by say g() , now thats improvement.

I found this utility which does reduction, try it out : jsjuicer

 I have moved my blog to my personal space but continue to mirror content here because there are many who still read this blog. I see a lot of feeds pointing to this blog rather than my new space. Please update your bookmarks and RSS subscriptions to my new space.

My blog: http://riteshnayak.com/blog

RSS Feed : http://riteshnayak.com/blog/feed

Who am I? : http://riteshnayak.com

If you are not the RSS type and also don’t find the  time to read my blogs, get it delivered by mail. Sign up by clicking on the link below and all my updates will be sent you by mail

Get my blogs by mail here : http://www.feedblitz.com/f/?Sub=192584

After a tiring ordeal learning in and outs of Adobe Flex, I got some time to unwind,  play my guitar and get some much needed rest. I wanted to listen to this song by a particular band, but didn’t have in my collection. I googled for it and came across a bunch of Internet radio based sites which revolved around some amazing concepts of social music and thought I should write about it.
  
   I had written once about Music 2.0 and the different services that were there that helped popularize and sell DRM free music. My first pick was definitely Last.fm

 
 
  Last.fm gives you an embeddable radio that you put up in your blog or website and play music from a particular genre. Just provide your artists name and Last.fm will suggest bands that play the same kind of music and will play them one after the other in your radio. Its again social music, so you can suggest your friends a particular band or a particular style of music, write reviews, give ratings etc. I got to hear some amazing bands thanks to Last.fm

     Followign close behind is Pandora. An initiative of the Music Genome Project, pandora and its flash based player streams quality music. Its plays a mix of songs from the artists that you want to listen to and those that play the similar kind of music. Worth taking a look. I found some really neat music on Pandora.

    My old time favorite live365 provides thousands of radio stations that people broadcast. Ads are played in between songs for revenue, but there is a VIP alternative that you can buy for very less. You can even start broadcasting your own station if you choose. There are some really interesting music stations that play some really cool music. Worth taking a look.

   Yahoo’s LAUNCHCast service has been around for ages. Probably my first internet radio experience came when I unknowingly clicked the Launch button in my Yahoo messenger. Launch has got a big big load of songs that you can listen to. Also considering that Yahoo is launching its own music player, Sansa Connect,  in association with Sandisk that plays Launch music in a wifi spots for a price of $15 per month subscription. Both Sasa connect and launch will be things to look out for in the future.

  There are other services like amiestreet which recently launched the first DRM free album by Barenaked ladies and then there is Slacker who has ambitions of becoming the Rupert Mudroch of online audio. Think thats enough for you guys to get started

We have come full circle with regards to the web. The work offline option in IE that was used in the dial up era has resurfaced because of unreliable broadband . Unstable wireless connections have made offline availability of applications very critical, at least for productivity apps like spreadsheet and mail (mind you, these apps have asynchronous write backs for every space that you type).

So, whats all this buzz about? Its about making web applications work even when you are not connected to the net -think of it as pulling an outlook in web applications. This area has seen a lot of action recently with the launch of many products and technologies that help achieve the cause. Om Malik has called it the age of the hybrid apps.

The biggest problem, of course is the availability of ubiquitous broadband, without which even the smartest web application is as bright as Paris Hilton -Om

There have been a flurry of launches int his space starting with the Adobe’s hope for the future, Apollo, which was released in its early alpha stages to users, downloadable here. The other releases like Yahoo Widgets 4 which offered desktop widgets which were available offline, and Joyent’s slingshot which allows offline capabilities on rails applications. Some of the early products that gave offline capabilities include Zimbra mail and now released desktop, Zoho office suite and some other productivity apps that I cannot recall. We even have Dekoh a sub continental player in this space that allows for developers to build collaborative webtop based apps on their platform. The newly released Live mail service could definitely use an offline offering to maintain its monopoly in the market.

Firefox 3 is also adding a storage element  , sort of like a datastore for applications to access and store data to be sync’d later with the server. Apollo solves this problem by allowing filesystem access which is a rare commodity in web technologies.

One project I followed closely throughout its development was the Dojo offline toolkit that has been released now with some minor bugs. If you are a developer interested in building offline apps, then I suggest you use Dojo as there is none simpler. With the advent of more widget based applications, webtops and other concepts of the future,we will be seeing a lot of activity in this space.

Making web apps secure has been an effort ever since the advent of web
applications. The strange mix of technologies interwoven with the complexities of each one of them hasn’t encouraged the setting up of standards for these. Scripting hacks, Cookie hacks, cross site scripting, malicious users and other common problems plague web applications. If all these aren’t enough, you have denial of service and other scalability problems. There are just a handful of best practices and tips that you could follow to make your web applications more secure. I shall list some elements down from my experiences.
 
   1. Validate all data that goes that goes to the server
        Make sure you validate all the data that goes through the browser, it could be forms you are submitting with critical data or some event like clicking a link. Make sure your dataset that the server receives is what it is intended to receive. In case of bot threats, use captcha’s and simple questions that require human intelligence and natural language processing. By validating data, you are just saving yourself that many less attacks on your server.

  2.  Use your JS wisely
         I have seen a lot of apps currently using a wealth of js libraries, and since your js needs url to access, the XMLHttpRequest object with its url is wide open for the entire world to see. You dont even need to look at the source , with a sniffer like firebug, you can see all the async requests made, with the url and the response. Scripting attacks are the most prevalent of the security attacks and people can do wonders with malicious scripts. The trick here would be to confuse the hackers. Obfuscate the scripts wherever you can, there are good JS obfuscating libraries available. Be advised , obfuscation is usually irreversible , so use it wisely. Use POST instead of GET for async requests and make sure its the right person requesting the data. You could probably generate a sessionid of sorts on the server end and pass it to the browsers as a key to use for any further requests. And please, don’t rely on cookies, they can only go this far.

  3. Follow the MVC methodology
      it usually helps in abstracting the finer points of the application. Separating out the data, logic and accessibility will usually give you more control on what goes where and a lot of server side validation.

  4. SQL Injection
   I understood the complexity behind these attacks only recently. A seemingly simple line of DB code could prove disastrous for applications. Always use good wrappers around your db code. Many good SQL Helper libraries help you against such attacks and the overhead is adding another server side library, which is not so big considering it can save your application.

 There is also the new generation of security threats thanks to Ajax and is open ways. But there are safer alternatives being developed like JSONRequest which abstracts the JSON based calls  and provides a safe way of making sync calls.

  I shall write more about web based security when I get time.

 Note : I blog on my personal space at riteshnayak.com/blog . This is a mirror of the content.

I spoke recently at the third Barcamp Bangalore and it was an experience that I shall remember for a long time. Meeting so many people, passionate about their respective fields, talking about their ventures, research interests and possible outcomes was enough for me to introspect where I was headed.

My discussion: Socionet Trends 3.0 : Evolution of Socionets

Slides: Click here to view the slides

Evolution : Social Networks have grown pretty mature in terms of its outlook. The amateurish streak of wannabe entrepreneurs has made way for a rich set of networks each with its own niche and userbase. Its almost certain that almost every web service allows you to either share or collaborate over a certain functionality and users expect to share their online presence with their near and dear ones.

With such a strong inclination towards collaboration, a concept which is inherent in social networks, why not let socionets become the base for any application. Build you ideas on top of a social network, that will save you the trouble of designing for collaboration, inter user communication etc. The network phenomenon will also guarantee that your existing users will bring in more users to your service and help market it by sheer word of mouth. Make socionets pluggable into your browser or your OS , in a way adding 1 touch sharing, commenting, collaboration right from ground up. How easy would it be, if you could right click on a file and press a single button which read “Share/Collaborate with my friends”.

Evolutionary angles of socionet also expect socionets to become intelligent themselves. A socionet being able to relate to you at a personal level, that helps filter unwanted information and helps you in your everyday activities would also be good. Imagine a socionet that could find like minded people without you looking for them, what if it could give you updates on information that matters to you the most, like gigs, seminars and other events. What if socionets , which are becoming information repositories in its own right, could semantically link topics and autotag articles and other information. That day is not so far.

More later…….

some pics: