Friday, November 02, 2007

Open social insecurity

Everyone is praising google's open social initiative. So let me do the opposite and try to put together a few weak points:
  • Open social apps already have been hacked.
  • Open social is not really open yet, only the client API has been published so far. It allows to put iframe apps with Javascript based business logic (or should I say "social logic") into open social containers such as orkut. Currently you have to join the waiting list, to get notified when the server API specification gets published.
Dave Winer goes even a step further and criticizes the motivation behind open social:
Standards devised by one tech company whose main purpose is to undermine another tech company, usually don't work. Permalink to this paragraph

In this case it's Google trying to undermine Facebook. Permalink to this paragraph

And I don't think it's going to work. Permalink to this paragraph

Time will tell ...

[Update:] Just after posting, I found more critique thoughts, by Julien Bond:

As a geek it pisses me off because there's absolutely no accountability or transparency in how those standards are developed. It's every bit as bad as MS trying to force the Word XML standard through the standards bodies. Google is something of a black box. There's no way to influence them. Stuff appears out of the black box fully formed.

And here a detailed article about, exploiting open social XSS vulnerabilities on ning.

Monday, October 29, 2007

Erlang and textmate

Two days ago, I felt the need to reevaluate my options for an Erlang text editor or an IDE. I have been using aquamacs (the mac-ified emacs) for a couple of months now. It has a steep learning curve, but looks reasonably well on the mac (yes, that matters for me, and therefore I try to avoid Java desktop apps) and it provides good Erlang integration. And everything can be customized, in elisp, a LISP dialect. That is what I did not like. I would prefer to customize things in Erlang itself.
So what are the other options ? Beside of of emacs, a vim hack and Java IDEs (erlide, ErlyBird) there are no other open source options I am aware of. So I investigated about proprietary solutions and it turned there is one with decent Erlang support: Textmate. That was a pleasant experience, quickly downloaded and installed and it looks great. Textmate ships without Erlang support, but it's very easy to install the Erlang bundle, I just had to install and run GetBundle, a helper app to browse and install additional language bundles.
The support for Erlang is not that much yet:
  • Syntax highlighting
  • Code snippets
There is also a language bundle for Makefiles, but it seems to simplify only running make without arguments, therefore it is not very useful. The most interesting part, which I haven't explored yet are custom scripts accessible via user-defined key-binding, which can take current file or text selection as input, process it and overwrite the input with the result. Those scripts can be in any scripting language, so it should work with with Erlang escripts. Will experiment with this ...
There exists also a windows editor called E-TextEditor, which is language bundle compatible
with TextMate.