archives for the 01, 2004 read the back log this is the permanet location for this weblog entry Sunday February 22 2004 home about archives interviews home archives 2004 01 news 30/01/04 Old Is New

zlog 2 will have quick-links of some sort; here's a preview.

  1. Apple of my eye / apple guardian news
  2. Linux Takes on the Windows Look / windowslinux
  3. Apple Knowledge Base documents via RSS / xml apple rss
  4. Create a superuser shell without enabling root / osx apple
  5. Intro to cron / osx programming unix
  6. iPods and the wireless / ipod apple
  7. iChat Streaming Icon / osx software apple
  8. Using SSL With Mac OS X Server / osx software apple
  9. Build Your Own Browser Using WebKit / osx software apple
  10. Why Software Is So Bad / software pdf

23/01/04 Micro-payment Security

Continuing on with my mini micro-payments series today. As covered last time, there are some fairly obvious things that the big players could be doing to make micro-payments seamless. If they would produce such great rewards, I wonder why companies didn't start to implement similar ideas years ago; thereby securing the market at an early age -- not unlike how the cigarette industry works* -- by establishing a well known and trusted brand, much like PayPal has done.

So what are the problems with implementing the "browser flag" method?

An immediate one which springs to mind is security. How secure would this solution be? To answer this we must delve deeper into the methodology. Picture this:

You open your favourite browser. After loading, a system pop-up grabs the screen focus. You are either to enter a user name and password or authorise yourself as a "Guest User". Upon entering a correct user name and matching password, you are free to use the browser in whatever fashion you'd like, just as normal. However a time-out of, say, five minutes would be applied to the registered session (for lack of the right salespersons' lingo). Of course authorising as a "Guest User" would also allow you to use the internet, but the flag wouldn't be present.

Aside from the preferences to such a setup (new users, credit card numbers, etc) this would, at a basic level, be enough to make transactions seamless and most importantly easy.

So back to security. Take this scenario, a logged in user could go for a coffee and come back to find that their eight year old son had bought that Playstation 2 they'd always wanted. Inconvenient? Yes. Our fault? Well, no. Click the "Sign out of this session" button next to the "Home" button before leaving your computer (that is, if it hasn't timed-out of course).

Moving onto the next scenario. Imagine for a minute that your laptop was stolen. Wouldn't this allow the thief to spend your money? Again (this is getting repetitive), no. The thief would have to figure out your password first, bearing in mind this would only apply if the account hadn't been deactivated yet. The passwords would be stored stored on a secure, centralised server which was negotiated with indirectly via a child server (a measure against DoS attacks or direct hacking actions). Failing that Keychain, or a similar Windows program could be used to securely save the passwords.

Another problem, which would no doubt become apparent, would be the people buying things accidentally. This is bound to happen sooner or later so a ridged policy must have been adopted straight from the beginning to provide consistency. To start off with, I would have some sort of confirmation box requiring the user to physically agree to pay for the product in question. This, after beta testing, could possibly be expanded on. I was also thinking of having some sort of revoking mechanism, effectively allowing a user to "return" an unwanted product but as I thought about this I realised that it would almost defiantly create more problems than it would solve -- something I try to avoid.

I could go on all day with problems which could arise, but I don't think there are any more worth going into detail with at this stage. Besides all of this is pure conjecture, as I don't have the capital to setup such a venture. Having said that, I'm open to offers PayPal.

* The cigarette industry has been known to target it's advertisements directly at kids, they aim to get young people buying their cigarettes from an early age so they become addicted to the nicotine contain within. Once this is achieved the hard-work is done, the kids grow up and are still addicated. The cigarette companies now have a life long customer to play with.

Please note we do not endorse the use of 'cigarettes' or any other tobacco products. Blah blah.

21/01/04 Simple Portable Documents

One thing I love about working in the OS X environment is its native support for pdf. Quartz [1], the graphics/window manipulation layer of OS X, does everything in pdf, from screen-captures to drag-and-drop. Apple have engineered the OS so that you can save anything that is printable, as a pdf -- bye bye Adobe Acrobat and Quark Express. Never, in 5 years of using Windows, have I used pdf so much as I have done in the last few, Mac filled, months. Windows has nothing like it.

I remember how awful pdfs used to be back in XP. Upon stumbling across a pdf, out on the open internet, one would be forced to sit back and watch Adobe Acrobat Reader open up -- which took a fairly long time as I seem to remember -- then proceed to render the pdf. In OS X, Preview opens and renders the pdfs in a fraction of a second. You may argue that OS X has an unfair advantage with it's embedded support for pdfs but to this I would reply:

"Why doesn't windows level the playing field and do something similar?"

Windows could also build in support for a system wide image format; knowing Microsoft they'll probably come up with this great idea all by themselves and pioneer it -- naming the native format something like wpdf (windows proprietary document format). The world has seen stranger things, right?

[1] "Quartz is a powerful graphics system which forms the foundation of the imaging model for Mac OS X. Quartz offers a sophisticated two-dimensional drawing engine and an advanced windowing environment. Quartz's feature-rich drawing engine leverages the Portable Document Format (PDF) drawing model and offers Mac OS X applications professional-strength drawing functionality. Quartz's windowing services provide low-level functionality like window buffering, event handling/dispatch as well as dynamically creating the translucency and drop shadow effects found in the Aqua user interface." --

19/01/04 New Beginnings

OK, here goes. Late next month the hosting for this little site will run out. I have three options: renew the current hosting, buy new hosting or let zlog go. Just the other day I received a real letter from Nominet ( "The UK internet names organisation" ) about my very first domain name. They informed me that my registration was about to expire. I let that domain go years ago but if you know where to look it still exists. Thinking back it's nice to see how far I've come. I still don't like javascript or perl, have difficulty with regex and haven't the slightest idea how to assemble a computer even though I use one almost every day. Fortunately I have learnt some things that have been beneficial: like object-orientated php, xslt using php, when (and when not) to use xml, the wonders of css and lastly, I think my writing has come on a bit too. You lot can be the judge of that. So without any further procrastination, I can officially announce that zlog will live on past 26/02/04, the hosting renewal date, but not on the same server as it lacks support for, well, everything. At the moment I'm still shopping around but it looks like Segment Publishing might get my money. That is if I don't move to TypePad ;) Jokes aside, I have grown out of Movable Type. The templates are seriously flawed as you must have a template for each type of page (one for the individual archive, one for the index page, one for the interviews page etc.). It's so seriously flawed that I can't face a redesign (well I lie, more like a move-around-of-stuff) that has been planned for sometime. So this brings me to announce that I have been writing a rival weblog application in my spare time and this is what will be used for the "all new" zlog -- available in browsers from 26/02/04. Stay tuned.

18/01/04 Micro-payments II

At the top of it's beckoning, main page PayPal boasts, "The way to send and receive money online". Push away all the horror stories you have heard about PayPal for a minute and lets focus on what they actually do. Micro-payments. They move credit from one place to another while allowing people to withdraw said credit in exchange for cold hard cash. That doesn't sound to difficult. How can they possibly mess up? Well they do. PayPal's uptake has been slow because its integration has been poor. People do not want to fill out endless web-forms each time they want to view a pay-for '.pdf', nor do they want to ever fill out a needless form*. What the people want is a transparent way of paying for goods. I think this can be achieved PayPal could, for instance, write a series of client-side, OS dependant scripts which broadcast a flag specifying, "Yes, I am a PayPal user.", or words to that effect (http headers, cookies, pings, xml-rpc you name it). A pay-protected site could check for this flag and allow access to the content depending on the outcome. The cost of hiring a programmer to write this script would be insignificant in comparison to the potential gains. Add to this the fact that it could be implemented today. No hassle, just transparent payments. Both the person sending and the person receiving are happy. One has the money and one has the content -- executed in seconds, all hassle free.

* Remember, the first rule of "good form" states that only the required fields should be included within a form; everything else should be editable from a preference panel at the clients discretion.

17/01/04 Dan Rubin

"A semantically correct document should be valid too, so my priority is semantics. If it were possible to create a semantically rich document which didn't validate, I would say it is better than a valid document which was not semantically correct (I'm sure this can be done, it's just not a personal goal of mine to find out how)." -- Dan Rubin.
This one's been a long time coming. I can finally announce a new interview to be added to the assembled collection. Thanks very much for your time Dan. Psst. I hear something's going on over yonder.

14/01/04 Micro-payments

The web has long been used as a method to obtaining riches. Many developers spend their days coding away at various applications, hoping that this time, it will be the one that makes it. Makes it in a big way. To date, I think micro-payments are one of the web's largest (pun unintentional) untapped resources in terms of money to be made. Credit card theft, book sales and air flights have all been done to death. People are now looking to tap into new outlets for the vast sums of money that bubble up from within the depths of the internet. The one who cracks micro-payments will take home a large proportion of that untapped wealth. Mark my words. A true perpetual motion machine has been sought after for nearly a thousand years. Is it impossible? Well it's difficult to say, mathematically it's impossible. Or to be more precise, the mathematics we currently know proves it impossible. How can something output more than the sum of what was inputted into it? But who's to say that we won't discover something which completely changes how we think -- they used to think the world was flat. However, back to the subject in hand. Micro-payments are a gold mine. Several have tried -- and failed -- to provide a solution to the problem. Now I'm going to have a go. Why not?

04/01/04 Two-thousand and Three

The year zlog came into being. The year I first read a weblog (knowingly). The year I first made any money off the internet. The year I communicated with (and in some cases interviewed) many talented and interesting people for the first time. The year I first used an RSS aggregator. The year I bought my first computer -- and a Mac at that. The year I realised that it's only a small minority of the Internet users that are looking to cause trouble, most want to make it a better place.

Note: Mr Jesper (a.k.a Mr Waffle Wootest) gets a special mention; the kerning of the fonts in my shamefully inappropriate logo annoyed him so much, he manually sorted it out and sent me the result. Three cheers? Update: again? This time it's the navigational images. Next he will be writing my posts for me. Thank you Jesper ;)