Category: Web Design

Posted on
by

I figured out exactly what bugs me about Twitter and Facebook showing your friends’ “likes” in the timeline. It’s not just that they’re public — that’s true on Tumblr or Flickr or Instagram too, but you only see them when you choose to look for them.

It’s that broadcasting likes in the newsfeed blurs your intent.

  • A “like” is a message to the original post’s author (and a bookmark for yourself).
  • A retweet or share is a message to your friends or followers.

Putting them in your followers’ feeds turns a “like” into a message to them as well, even though it’s not what you intended. (If you wanted to share it, you would have shared it, right?) It’s a step above completely frictionless sharing, but it still messes with the signal/noise ratio of the timeline.

Posted on
by

The cost of implementing HTTPS on your own site is a lot lower now than it used to be. For instance:

  • Let’s Encrypt offers free certificates for any site, and some web hosts have software integration that make ordering, verifying and installing a certificate as simple as checking a box and clicking a button. (I’m impressed with DreamHost. I turned on secure hosting for some of my smaller sites a few months ago by just clicking a checkbox. It generated and installed the certs within minutes, and it’s been renewing them automatically ever since.)
  • Amazon now has a certificate manager you can use for CloudFront and other AWS services that’s free (as long as you don’t need static IP addresses, anyway) and only takes a few minutes to set up.
  • CloudFlare is offering universal HTTPS even on its free tier. You still need a cert to encrypt the connection between your site and CloudFlare to do it properly, but they offer their own free certs for that. They’ll also let you use a self-signed certificate on the back end if you want. (It’s still not perfect because it’s end-to-Cloudfront-to-End instead of end-to-end, but it’s better than plaintext.)

You may not need a unique IP address anymore. Server Name Indication (SNI) enables HTTPS to work with multiple sites on the same IP address, and support is finally widespread enough to use in most cases. (Unless you need to support IE6 on Windows XP, or really old Android devices.)

Now, if you want the certificate to validate your business/organization, or need compatibility with older systems, you may still want to buy a certificate from a commercial provider. (The free options above only validate whether you control the domain.) And depending on your host, or your chosen software stack if you’re running your own server, you may still have to go through the process of generating a request, buying the cert and going through the validation process, and installing the cert.

But if all you want to do is make sure that your data, and your users’ data, can’t be intercepted or altered in transit when connecting to reasonably modern (2010+) software and devices, it’s a lot less pain than it was even a year ago.

The hard part: Updating all your old links and embedded content. (This is why I’m still working on converting Speed Force and the rest of hyperborea.org in my spare time, though this blog is finally 100% HTTPS.)

And of course dealing with third-party sources. If you connect to someone else’s site, or to an appliance that you don’t control, you have to convince them to update. That can certainly be a challenge.

Expanded from a comment on Apple: iOS to Require HTTPS for Apps by January at Naked Security.

Posted on
by

A few interesting links that I’ve been meaning to post for a while now.

Geography and History

Using and Building the Internet

  • Warren Ellis has given up on Facebook and Google+ because it’s just so hard to reliably reach or listen to people. Think of how many posts in your news feed you miss each day just by not being online at the right time, never mind the pre-filtering Facebook does to the firehose.
  • Page Weight Matters – an engineer at Google led an effort to cut Youtube’s bandwidth requirements by a factor of ten. Strangely enough, when they started a live test, average page load time went up. It turned out that people on low-speed connections had found out about it and started using it even though it took two minutes to load where they were…because even that was still better than the 20 minutes they’d been stuck with before. (Via Raymond Camden)
  • If you run an email newsletter, keep in mind that many of your readers will try to read it on a phone. Keep that in mind when designing your format. Giant images with no text aren’t going to be too helpful.
  • How to keep electronics going when you lose power for days: Generators, batteries, car chargers, solar or kinetic chargers, etc.

Comics

  • Some of the earliest UNIX daemon art was drawn by none other than Phil Foglio of Girl Genius fame.
  • Saturday Morning in Front of La Salle De Justice is a painting by Rey Taira in DC Comics’ gallery show, inspired by Seurat’s famous painting Sunday Afternoon on the Island of La Grande Jatte (the painting at the center of Sondheim’s Sunday in the Park with George), but recast with the Justice League and other DC Comics heroes. It’s making the rounds again now, but I first saw it on Firestorm Fan a few months back.

Posted on
by

Last week, the webcomic XKCD ran a strip, Umwelt. Or perhaps it would be better to describe it as several comic strips.

As explained in the mouseover text, the title refers to the idea that because animals have different senses, each animal effectively inhabits a different reality. This can philosophically be extended to human perceptions.

Keeping that in mind, make sure you read it in a few different web browsers (both desktop and mobile!) for the full effect (JavaScript required). And try resizing the window.

As an art project, it’s the best use of browser-sniffing I’ve ever seen.

Posted on
by

A lot of web developers have forgotten the lessons of IE6, and just as they used to build desktop websites coded only for one engine, now they’re coding mobile sites specifically for Webkit, even when other browsers would be perfectly capable of rendering the designs they want.

This is exactly the sort of thing that gave IE6 such a stranglehold on the web for so many years (and as much as we’d like it to be, it’s not dead yet), with Netscape/Mozilla and Opera completely marginalized until Firefox managed to break through. It’s not quite so bad because two companies are driving WebKit (Apple & Google) rather than just one (Microsoft), but let’s try to learn from history this time around instead of repeating it.

Call for action on Vendor Prefixes – The Web Standards Project

The Web Standards Project is a grassroots coalition fighting for standards which ensure simple, affordable access to web technologies for all.

Originally posted on Google+

Posted on
by

Cool idea: Google is designing a “Web intents” system for web apps similar to intents in Android. For those who haven’t used Android, “intents” allow apps to register actions they can take — such as “I can share (or edit) images!” — and other apps to hand data over to them. That way your camera app doesn’t need to know about every possible image-sharing or editing app you can put on your phone.

Now they’re extending the idea to web applications. There’s a JavaScript-based proof of concept, and they’re planning to add native support to Chrome.

Originally posted on Google+

Update: While it would have been cool, Web Intents never got off the ground. Paul Kinlan describes what happened.

Posted on
by