onfocus

Deconstructing the new Gmail/G+ interface for design ideas.

ok, it's 2011. No site is perfect, but it probably is time to shame sites that store plain text passwords. Especially those sites from big companies with the means to change things.

Dear media, please give Andy Rutledge complete control over the design of your sites. Thanks.

Great security reminders. A password made up of three distinct words is fairly secure against a brute force attack. If developers build in a delay after failed password attempts that also helps deter brute force attacks. [via capn design]

ugh, this isn't good. "The fructose component of sugar and H.F.C.S. is metabolized primarily by the liver, while the glucose from sugar and starches is metabolized by every cell in the body. Consuming sugar (fructose and glucose) means more work for the liver than if you consumed the same number of calories of starch (glucose)."

"...your visitor will have a limited amount of time (specified by you) to fill in the form and send it. And if a spammer tries to post information to your form processor remotely they’re going to hit a big fat roadblock."

"...you can create a honeypot form field that should be left blank and then use CSS to hide it from human users, but not bots." Pure CSS bot thwarting.

"But it is now also possible to use a Multi-domain UCC SSL certificate. This allows you to have a single certificate which covers up to 150 domains."

This is a good answer about responding to a server intrusion. The stuff of nightmares, but it's good to think about how to respond to a crisis when you're not in the middle of a crisis. [via anil]

A simple way to set up a mod_evasive style defense with the more popular mod_security.

"mod_evasive is an evasive maneuvers module for Apache to provide evasive action in the event of an HTTP DoS or DDoS attack or brute force attack." Filed for (hopefully) non-use.

API + No-Hurdle Accounts + Incentives = some krazy foursquare hacking. "...I think the combination of a poorly moderated and insecure folksonomy with incentives (e.g. badges, mayorships, free meals, etc.) is a fragile one. The greater the incentives, the greater the motivation for cheating." [via mathowie]

A peek behind the curtain at Facebook with an anonymous FB developer.

"...Brad's work was altogether more messy and funny and human and passionate and complicated, just like the man himself. I can offer no more succinct summation of the man than that he was a good man and a good friend, profoundly funny and profoundly kind." Anil shares some memories of Brad.

"...the hero is the most damaging person on a team, particularly on a team that’s supposed to be writing high-availability or otherwise mission-critical software." Interesting analysis of team dynamics. [via jessamyn]

"One user following another in social media is analogous to one page linking to another on the Web. Both are a form of recommendation." Amit Singhal on how Google ranks Tweets for real-time search.

Rules for PR folks who want to work with bloggers. "FOR IMMEDIATE RELEASE means FOR IMMEDIATE DELETE."

Anil collects more thoughts on the coming storm of apps vs. open web. "This, for me, is a social issue, a cultural issue, and a political issue, not just a technological issue. Perhaps we need to speak of it that way more often, to make the stakes clear."

"...it's time for developers to take a stand. If you don't want a repeat of the PC era, place your bets now on open systems. Don't wait till it's too late." Tim O'Reilly on the coming platform storm. [via anil]

A nice summary of fire lookout towers that dot Pacific Northwest peaks.

Nice, quick guide to setting ColdFusion error-handlers for public applications.

Cortex is go! Josh is using the All You Can Jet promotion from Jetblue to meet MetaFilter members across the country. This is where he'll be posting about his month-long adventure.

This is where you can adjust your Flash security settings, including managing Flash cookies that you can't control via the browser.

"More than half of the internet’s top websites use a little known capability of Adobe’s Flash plug-in to track users and store information about them..." [via schneier]

"Parents and other caregivers teach young children by paying attention and interacting with them naturally and, most of all, by just allowing them to play." [via Daddy Types]

"Superfeedr is Real-time Feed Parsing in the Cloud." Great idea that could help build specialized aggregators. Bummed it's ATOM at the end. I'd prefer RSS.

This blog connects Mad Men episodes with advertisements and details from the time. [via kottke]

ahh, dreams. [via joshua]

Privacy, Security, Lock-In, and Downtime. Gina runs down some problems with outsourcing your data management.

"The cloud, however, comes with real dangers...If you entrust your data to others, they can let you down or outright betray you." A good summary of some problems yet to be solved with cloud computing.

"Enclosure is a process whereby a resource held in common is taken into private control....The acts of enclosure of the information age are about social assets, they are subtle and invisible, and they are being implemented, to a large degree, by peer pressure." [via anil]