It isn't actually an app, it's an extremely simple script which just tweaks the boost so that the Touchpad can get louder. If you're reading this on my actual site, you'll notice a new "webOS" tab up top, that's for supporting this, and what I hope will be many more apps in the future.

Now for the fun bit, I wanted to talk about my experience getting the script out there. The webOS Homebrew community is absolutely amazing for many reasons, but I just want to mention two:

• They are consolidated. Unlike similar efforts on other platforms and projects, there's very little community fragmentation here. The webOS homebrew community is entirely centered around webOS-Internals, with their awesome wiki being the number one knowledge repository outside HP's own developer center. Their wiki, their git repositories, and their irc channels are open to anyone. They have systems in place for outsiders to immediately start making contributions, and while they are vetted and might be rejected, they always try to tell developers what needs to be fixed for inclusion.
• They are approachable. While trying to figure out how to package this script for distribution through Preware (wOSI's Homebrew App and Patch installer), I hit a few dead ends because of my lack of knowledge of the homebrew distribution system and how it differs from HP's own, and what the limitations are for different methods. No problem, I just dropped into their IRC channel and every time, within a few minutes I had solid info on a better direction to look into.

Anyway, I'm in now--the badge next to my name on the PreCentral forum says "Homebrew Developer". I'm pretty proud to have that badge, even if it's for something so simple.

My webOS adventures are moving along--I got my hands on an unlocked Pre 2, which is a terriffic phone, to test some of my stuff on. I found that my favorite app idea, a WordPress App, has already been done fantastically well in Poster, and with a bunch of features I hadn't planned on putting in mine, so I'm going to keep plugging away at my other ideas.

As I mentioned, my work life has been pretty nuts lately — I had done 58 hours this week before I stepped into the building this morning — so I've stepped out of my d&d group for the time being. It's sad, my character in this particular game is a totally awesome assassin-mage, who, while I originally intended for him to be a quiet, stealthy poisoner, has turned into a rambunctious swashbuckling lover of all that is flashy. The other group members are a lot of fun to play with, too- the youngest is actually only 11, but she's the strongest fighter in the group and was the only person to get my UMass CS binary tree shirt. Yeah. She's about as cool as it gets. I could go on about the other players, and our DM, but let's just instead say I'm really going to miss playing until things cool off at work.

Anyway, I left off work at a reasonable time today and saw Sucker Punch. I thought it was good, but Mikah didn't. So we made another mistake. We rented The Last Airbender.

Now understand, I expected it to be bad; I expected it to break from the show in pretty dumb ways. But I never would have expected a movie featuring marial arts and elemental magic could ever be so exquisitely boring.

Apparently Shyamalan can't event make a magical war interesting. It could have been just about any other director and this movie wouldn't have been a freaking lullabye.

This is enough, I think, for now. Until next time, then!

I never watched UPN's Enterprise (You know, the Star Trek prequel with Scott Bakula), despite being a long time and rabid Trek fan. I've watched almost all of The Original Series, definitely all of The Next Generation, and a good chunk of Voyager. The franchise has always seemed like it would be a great one to be like America's response to Doctor Who, because in the same way as every Who fan knows exactly which Who is "their" Doctor, every Trekkie can respond quickly to "So, who's your captain?"

You may have guessed; Mine is Jean-Luc Picard. But really, if you put the words "Star Trek" on the screen, get me ready to accept a wholly optimistic future, and have some strong figure who knows right from wrong in the captain's chair, I'll watch it. I know I'm not the only one.

So why didn't I watch Enterprise? After all, I was already a Scott Bakula fan from Quantum Leap, and I'm a sucker for a pretty ship (and yes, the NX-01 is *very* pretty). It's because they were ashamed of the franchise. I didn't watch DS9 because I was never as interested in politics and that sort of thing as exploration and contrasting the human condition, but at least it was positioned as part of the grander whole. I didn't watch Enterprise because for three seasons, they didn't even put the "Star Trek" label in the title with it. They made the opening inspiring, but ultimately too "today"--rather than timeless instrumental themes we we expect from the series. They were ashamed of the show's heritage.

Star Trek is an unabashedly optimistic view of the future. It's a world where people have resolved almost all of their differences on Earth, fixed our political troubles, and decided between us that the pursuit of knowledge and understanding is worth more effort than any petty squabble. And then we met other species who hadn't decided this, and learned we had much left to do in order to live amongst them. That's what those instrumental themes mean to me. As an example, here's the Deep Space 9 opening, and the opening for Voyager. I didn't watch as much of Voyager as I could have, but the Voyager intro really stands out as one of the best in the series. Everyone remembers that retro-futuristic warble over The Original Series, and The Next Generation's intro is pretty much the standard by which all others are measured for me.

Contrast with this.

The visuals are excellent. But the music does *not* feel like trek. It feels like I'm ten years old and I'm going on a school trip and the teacher turned on the radio to some music she thought we'd like so we'd settle down and let her read her paper. Not good. I'm just not prepared after hearing that song to really be in the Star Trek future. I might be ready for an optimistic sing-along, but my suspension of disbelieve that the world actually *could* be that good ends as soon as you bring some element of what the world *is* into it. Guitars and raspy singing voices just entirely break me from that feeling.

Ultimately, that optimistic belief is what I come to Trek for. To never get me set up to believe it is to have me approach your show as a cynic, which is *really* going to hurt any show in Star Trek's universe.

Anyway, here's an opening for Enterprise that would have kept me watching beyond the first two episodes.

Anyway, since I don't know much about the actual show... was it good? worth picking up for after I've exhausted what I'm currently watching?

So I didn't do as much productive hobbies this week, though I did learn the chords to the main theme from Legend of the Seeker (the show somewhat loosely based on the Sword of Truth novels by Terry Goodkind) on the guitar, and later on piano.

Really, I spent my time here:

This year, since leaving taking a 10 day vacation out of the country isn't an option given the craziness going on at work, Mikah and I decided to take a jaunt out to West Virginia to celebrate Valentine's day with a weekend at a nice B&B. Mikah found us the Hillbrook Inn in Charles Town, a place which is exactly as it looks in the photos--remote, secluded, gorgeous. We spent most of Saturday wandering around Harper's Ferry, even exploring a Flea Market.

We were there only two nights, and I wish we could have been there longer, but I feel greatly refreshed, and am glad to have had the time to reset myself.

I did briefly stop at Micro Center and took a look at books for getting myself into a new development skill. I've been talking and talking about several things, including 3d game development, and mobile app development, specifically for webOS. Game development is very different from my actual development path, and it would almost certainly take a long time to learn to use the tools of that particular trade; therefore I decided a few weeks back to work on making an app for webOS. Now I'm running into some rough patches with that, because, while I can easily get through the various tutorials I've found and get some pretty pictures displaying on the screen, I don't actually know certain best practices for code organization and, well, mainly, how to fetch new information from an outside server.

This is certainly something that, with a little more time and patience, I could learn from the documentation and from reading through more examples, but to assist me on the path, I was thinking of buying a book on webOS development. Unfortunately, Micro Center only had one which had very low ratings online, so I left it. I'll just have to keep looking, and reading.

For music, I sat down at the piano long enough to learn the introduction to Ben Folds' "Still Fighting It". It will take a bit more time to commit the whole song to memory, but the song is fairly simple, short, and calm--which is a good recipe for a song I can pick up fast and feel good about playing for others. Didn't spend any appreciable time on the guitar, but this is a good start.

I also spent a bit of time playing with Inkscape and drew a new pig. Here's the old one for comparison:

Phlox, the Phlying Pig

And here's the new one:

Phlox, the Phlying Pig

I still like the old one better (it's just a better drawing to start), but I like the new one's open eyes and more comic-like lines. I need a sharper version of Phlox for an icon anyway, for upcoming projects.

This is the biggest thing I've started: I'm making a Palm webOS app. There's a few of them that I have in mind, so my plan is to start with a very simple app and work my way up to more awesome ones after I get the gist of how webOS development really works. So I pulled down the Palm SDK and started tinkering. So far, I've got very little that I want to show off, but I've learned a lot! So we'll see what I can come up with for next week.

Until then, what's your free time like?
Adrian

It has been a long time. Nearly half a year, if I recall correctly. Allow me to reacquaint myself: I'm Adrian Sud; on the internet, I also go by Pigsflew. In the past I've described myself as a writer, a hobby guitarist, a gadget tinkerer, a software developer, and a general intellectual—if not all that geeky about any one particular thing. Lately, I can really only count myself in one of those categories: a software developer, I remain.

I'm a developer by trade; as with many in my field, I'm prone to long work hours, caffeine addiction, and forgetting even to put socks on in the morning, let alone take the time to practice on my guitar or put a pen to paper. But recently, I read an article which is stuck in my head: "You Are What You Eat" by Trent Walton. The concept is that, whatever you want to be, just start doing it. The rest will follow.

The simple fact is, I love being a developer, but what brought me to the field is the tinkering, the new technologies, the amazing sense that no matter how long you're at it, there is so much more to learn—but to take advantage of that, I have to learn on my own time, too. Beyond tech, I've always thought of myself as a versatile person, with about as much potential in creative endeavors as logical ones. If I don't exercise other parts of my head, switch to another mode and put some energy into it, I will—and do— find that potential greatly diminished.

So to that end, I'm coming back to my hobbies. I'm going to devote a bit of time to this blog and LiveJournal, hopefully about one hour a week, to talk about what I'm doing in my free time, and to make sure that whatever it is, I am doing *something*.

For a while, it'll be fairly directionless. I've got about five ideas for things I want to do in my head. All of them will be difficult, but at least two of them I think I could really do well, if I give it a shot. So look for a post in a couple of days, talking about what I've started.

Now, will it be technical or creative? Who knows. Perhaps both!

People seem to assume that Email is like regular mail only faster, and since it's a federal crime to tamper with postal mail, email communications must be covered the same way, and that the two are equivalently private. The problem is that a government employee (or several) are the ones that physically carry your snail mail from where you dropped it off to its final destination. Therefore the government has some ability to enforce that sanctity of mail--the postal workers are traceable sources of tampering, who can be fired or even legally punished for any evil they do. From there, the only thing you have to worry about is delivery mishap, and non-USPS hands at those weak points, before and after transit, where it might fall into them. These are relatively uncommon, and again, the fact that tampering with mail is a federal crime protects you in almost all cases.

But E-mail isn't carried by someone who has a stake in your privacy. The E-mail, as soon as it leaves your computer, is going to pass through dozens of other computers, some controlled by Comcast or Verizon, some controlled by Sprint or Level 3 Communications, some controlled by other companies you might not even have heard of. The fact is that these companies can easily monitor plaintext emails passing through. Even if you trust these companies, it is always a possibility that one of the servers happens to be compromised from without.

This is where a basic lesson comes in: don't send personal information by email. It is trivially easy to scan for certain things like phone numbers, Social Security numbers, credit card numbers, drivers license numbers, license plate numbers, just about anything else you might not want people to know. If you're sending these things to anyone via an unencrypted digital channel like email, it is very possible that it could be intercepted, identified, and later used for nefarious purposes.

Notice where I said "an unencrypted digital channel like email". That's the key thing. You see, it's safe (or at least much more safe) to enter things like that on an encrypted website, such as https://www.bankofamerica.com--because you trust Bank of America, and because the site has that handy "https" instead of "http", you know that there will be no computer between you and the Bank itself that ever sees your information in cleartext. Instead it sees something encrypted in such a way that it is virtually unbreakable--so that only you and the Bank see anything you type into that website.

So how do we fix it?

Effectively, there are two things you want to know about a message: #1, that it's from who it says its from. #2, that it remained unread until it got to you. This is why I propose that SMTP and IMAP mail servers all include a PKI server.

Here's how it works.

Example Smith (esmith@local.com) wants to send a message to Instance Jones (ijones@foreign.com). Example types up an email and sends it to his mailserver over an https connection, because he knows that he has to be careful about these things.

On a current smtp server, what happens now is that the mail is decrypted at smtp.local.com, and sent to the Instance's mailserver (mail.foreign.com) in plaintext, where Instance is free to access it through her client however or whenever she chooses.

Here's what should happen.

Example Smith sends the message via an encrypted connection to smtp.local.com.

smtp.local.com sends a message to mail.foreign.com asking for the public key of ijones@foreign.com. smtp.local.com then encrypts its message with Instance's public key, and signs it with its own private key for esmith@local.com.

When it gets to the other end, mail.foreign.com is able to decrypt the message using Instance's private key.

When Instance downloads the message (over https of course!) from her mailserver, she can now feel safe that Example's message was kept free from prying eyes during transmission. Her mail server can also decrypt the signature and read it using Example's public key by fetching it using the email in the "from:" email address. If mail.local.com sends back a key that successfully decrypts the signature, then she knows that Example's mail server certifies that the message was sent from Example's email account, through Example's outgoing SMTP server.

This would mean that nobody could send messages on some fake mailserver with the From: address of "someone@pigsflew.com"--because your email reader would be able to contact pigsflew.com on its mail port, find out that it signs its messages, and that it cannot verify that particular email's signature (if it even has one). And it means that the message is almost guaranteed to be safe from prying eyes, at least until it has been received by the receiving mailserver. And it has the added plus of being effectively transparent to the end users--they still send and receive messages on the web or through their email clients in exactly the same way.

Basically, if this feature was implemented, it would take only until Gmail, MSN, and Yahoo started using it, and then a good chunk of email would be safer, and the rest could be flagged as being unverifiable, unprotected, or both. If you had an email client supporting the extensions, you could set your send messages to require or prefer protection, in the preferential case having your SMTP server warn the client that the email will be unencrypted for transit if the recieving mail server doesn't support it. Assuming that you trust your mailserver administrator, the server administrator for the person you're sending the message to, the company that runs their e-mail, and the receiver him- or herself to treat your information with care, you could now effectively rest easy, although Social Security numbers and the like would still give me pause.

The major advantage is that you'd be able to make a more informed decision about whether you trust the information to this medium--since no hands should be able to touch the information.

It'd also be cool if your entire mailbox on your mailserver was encrypted with the user public key and the user's password, decrypted at user access time with their password and that user's private key. Then it'd be safe sitting at endpoints too.

We already have this idea of "classes", thanks to CSS and how it interacts with HTML. Future specs of javascript (and many current js libraries) already include a getElementsByClass function that work with this as well as the getElementsById that already exists.

So we're already to an extent treating these elements as "instances" (with a unique ID in the DOM) of one or more "Classes". So why doesn't the Javascript conform to this?

What I'd love to see is for something like this:

HTML:

<div id="article-1" class="article">
<h3>Article Header</h3>
<p>Paragraph 1</p>
<p>Paragraph 2</p>
</div>
<div id="article-2" class="article">
<h3>Article Header</h3>
<p>Paragraph 1</p>
<p>Paragraph 2</p>
</div>

Nothing new there.

new CSS:

.article {
  h2 {
    padding-bottom:10px;
    border-bottom: 1px solid black;
  }
  p {
    padding: 5px;
  }
}

See what I did there? It's actually not that far a stretch. Typically this would be done by using ".article h2" and ".article p". This format mostly just allows for greater clarity in the CSS--at a glance--for what your style really expects elements to look like. Let's face it, styling has a dependancy on content--you can't theme a webpage unless you have some vague idea of what's going to be represented.

The next part is where I get serious:

Javascript:

class article {
  var header = this.getElementsByTagName("h3")[0]; // We expect only one of these
  var paragraphs = this.getElementsByTagName("p");
  var hidden = false;

  function onContentReady() {
    this.header.addlistener('onClick',this.hideShowContent);
  }
  function hideShowContent() {
    for ( var i in paragraphs)
    {
      if (this.hidden) { paragraphs[i].style.display = ''; }
      else { paragraphs[i].style.display = 'none'; }
    }
    this.hidden=!this.hidden;
  }
}

You get the idea, I think. Your non-class CSS defines what to do with elements occurring outside of classes, and gives styles that will cascade into classes unless overridden. Your non-class Javascript would include basic functionality used in many classes, and some of your classes might even require helper javascript classes that would be pulled in at need, and only once. (say, a date picker class that is required by several parent classes).

You could even separate your class-based js and css out, storing them locally, and providing "glue" in your base-level javascript, so that whenever the browser loaded a class it had not already seen in the DOM, it would look at that glue, and go and fetch the necessary JS and CSS if necessary.

This means that unless there's an Article on the page, you'd never load the Article css and javascript. The javascript and CSS would never be loaded more than once.

Clearly, my example is not incredibly good--the idea could probably use a lot more work, but what strikes me as funny is that when I look at it this way, it seems like it's almost meant to be. Javascript/ECMAScript is constantly improving and is at this point a full-fledged programming language in its own right, albeit one without a canonical interpreter. HTML and CSS specs are constantly improving as well, but there is a divide sharply between the two. I wonder if perhaps Javascript not being under the purview of the W3C has something to do with how separate it is from the HTML/CSS setup, and why they don't seem to be converging, aware of each other, toward something cleaner.

As I was stumbling through the internet a moment ago I came across an interesting photo of an underwater restaurant that is enclosed entirely in glass such that the diners have a constantly changing view of underwater life while they eat. Looked really cool. There was the obligatory comment as the third or so on the page:

"Definitely photoshopped. I can tell by the pixels, and I've seen a lot of 'shops in my time."

Given the fact that goons are known for stockpiling clubs and hunting dead horses for years at a time, the comment should come as no surprise to anyone. But I just thought of something, three little letters that are like gold to any business: "EAV".

EAV stands for Equivalent Ad Value. When companies get positive face time on large networks such as a news network or paper or a highly trafficked website, they are essentially getting ad space for free. And it's extremely valuable ad space, because it is placed in content spaces where people are actually looking to read the content. Here's an example: My company, TripAdvisor, got mentioned a couple months back in the show "The Office". If anyone remembers, it's the episode where Dwight Schrute opens an Agrotourism Bed and Breakfast at Schrute Farms. Its page is still at tripadvisor, and the clip is up at both tripadvisor and youtube. The mention cost us very little, but the value of it is exceptionally high, since it is in front of millions of people across the US who watch the show.

for an even better, slightly less biased example, Research In Motion says it estimates that it had millions of dollars of EAV from the whole "Barackberry" debacle, and I'd believe it. Think of him what you will, there is no denying our President's intelligence and simultaneous stardom, and if he uses a RiM smartphone, then hell, shouldn't I look into it. They paid nothing for that plug, and they didn't even expect or look for it. The fact that Obama didn't actually use a blackberry doesn't matter at all.

So now we go back to this meme: it seems there are like 20 goons or farkers or the like who spend hours a day going across thousands of websites and delivering equivalent ad value to Adobe with this tired joke, and you know what? They hit all the highest trafficked images first. I'll bet it's worth tons.