Spiga

Sessions vs. Cookies

Cookies


Cookies are a way for a server to store information on the user’s machine. This is one way that a site can remember or track a user over the course of a visit. Think of a cookie as being like a name tag: you tell the server your name and it gives you a sticker to wear.Then it can know who you are by referring back to that name tag.
  • Cookies are limited to about 4 KB of total data, and each Web browser can remember a limited number of cookies from any one site. This limit is 50 cookies for most of the current Web browsers.
  • Each browser treats cookies in its own way. Be sure to test your Web sites in multiple browsers on different platforms to ensure consistency.
  • users can reject cookies or turn them off in the Web Browsers.

Sessions


Data is stored on the server, not in the Web browser, and a session identifier is used to locate a particular user’s record (the session data). This session identifier is normally stored in the user’s Web browser via a cookie, but the sensitive data itself—like the user’s ID, name, and so on—always remains on the server.

Sessions have the following advantages over cookies.
  • They are generally more secure (because the data is being retained on the server).
  • They allow for more data to be stored.
  • They can be used without cookies.
Whereas cookies have the following advantages over sessions.
  • They are easier to program.
  • They require less of the server.
In general, to store and retrieve just a couple of small pieces of information, use cookies. For most of your Web applications, though, you’ll use sessions.

TinyUrl Creator :: Firefox Add-ons

TinyUrl brings the http://tinyurl.com functionality into your browser. It takes a long URL as input, and gives you a short URL to use in it's place.

For more details ,visit this site https://addons.mozilla.org/en-US/firefox/addon/126

10 Reasons why i love GIMP Graphics Tool?

One of the best and the most widely used graphics tool for linux is GIMP , the GNU Image Manipulation Program. This GIMP is a full featured image editing program with many menus, tools and filters.

GIMP

Below summarize my ten reason 'WHY I LOVE GIMP'.
  • Floating Menus (which you access by right-clicking an image window.
  • Graphics Layer (so that effects can be superimposed.
  • More than 100 plug-in filters and tools.
  • More than 20 editing tools.
  • Multiple image windows (for cutting and pasting graphics, or for multiple views of a file).
  • Multiple undo levels.
  • Scripting language to automate image processing or to create new filters.
  • More than six floating tools, brush, colors and pattern windows.
  • Support for importing and exporting of 24 graphics format.
  • Multi-Platform Support (GIMP runs in windows, linix and MAC).

Click the wrong link and wind up in jail

In the 10 Things blog, Deb Shinder recently pointed out 10 ways you might be breaking the law with your computer and not even know it. There’s yet another way that wasn’t mentioned in that article. Specifically it has to do with recent arrests made by the FBI in suspected child pornography cases.

As has been reported in News.com and elsewhere, the FBI has been recently employing fake Web sites to lure people into child pornography. A suspect doesn’t have to have any child pornography on his computer either. Merely clicking the link is enough to trigger an investigation, search warrants, and the resultant perp walk, whether or not there was any intent to indeed consume child pornography as part of the clicking.

Improbable cause


But what if the user didn’t know the images were on the computer? Or what if the user didn’t know what the Web site was before it was clicked?

Sorry. That doesn’t count. The link got clicked. The images are on the computer. Go to jail. Go directly to jail. Don’t pass Go. Don’t collect $200.

Certainly such a thing wouldn’t happen, right? The only way someone could go to a kiddie porn site was to find the link and intentionally click it. As an IT leader you do, or should, know better.

There are many, many different ways users can be tricked into clicking things or winding up on sites they shouldn’t have. First, there’s the obvious things that can happen when viruses or other malware redirect browsers to go places they’re not supposed to. Someone could program a simple redirect in a Web site, maybe through something as simple as a clear gif, forwarding a browser to the target Web site. Even something as simple as creating a link in TinyURL that points to the site.

TinyURL is especially dangerous, because there’s no way to know exactly what the destination address is before the user goes there. It could be an easy tool for one user to use against another as a cruel joke or some form of retaliation.

Read More

8 Reasons why i love Ubuntu?

Here are the 8 Reasons 'why i love Ubuntu'?.
  • It's free and very fast.
  • It's based on Debian and it uses the fastest package manager out there, APT;
  • APT package management is sooo easy.
  • It's takes about 1 minute to install a software and 10 to 20 seconds to uninstall or completely remove a software.
  • Firefox, Open Office, Gimp, and a huge repository of free softwares
  • Live CD/Install combo- I liked being able to use the operating system before it even started installing!
  • It's KDE-based, i hate Gnome.
  • It's perfect for low-end PC's.

THE BEST ever Linux operating system out there; and this way, we can compete with big operating system like Windows and Mac. It's time for Linux users to have a strong, easy to use and powerful desktop operating system, and Ubuntu can help us.

please write your comment WHY YOU LOVE UBUNTU? .

Problems with Delivering Applications via Browser

As web applications have become more complex, they have begun to push the boundaries of both the capabilities of the browser and the usability of the application. As their popularity grows, these issues become more apparent and important and highlight the fact that there are still a number of significant issues for both developers and end-users when deploying and using applications within the browser.

The web browser was originally designed to deliver and display HTML-based documents. Indeed, the basic design of the browser has not shifted significantly from this purpose. This fundamental conflict between document- and application-focused functionality creates a number of problems when deploying applications via the browser.

Conflicting UI


Applications deployed via the browser have their own user interface, which often conflicts with the user interface of the browser. This application-within-an-application model often results in user interfaces that conflict with and contradict each other. This can lead to user confusion in the best cases, and application failure in the worst cases.

The classic example of this is the browser's Back button. The Back button makes sense when browsing documents, but it does not always make sense in the context of an application. Although a number of solutions attempt to solve this problem, they are applied to applications inconsistently, and users may not know whether a specific application supports the Back button or whether it will force their application to unload, causing it to lose its state and data.

Distance from the Desktop


Due in part to the web security model (which restricts access to the user's machine), applications that run in the browser often do not support the types of user interactions with the operating system that people expect from applications. For example, you cannot drag a file into a browser-based application and have the application act on that file. Nor can the web application interact with other applications on the user's computer.

Primarily Online Experience


Because web applications are delivered from a server and do not reside on the user's machine, web applications are primarily an online experience. Although attempts are underway to make offline web-based applications possible (through plugins and HTML 5), they do not provide a consistent development model and they fail to work across different browsers, or they require users to install additional extensions to the browser. In addition, they often require users to interact with and manage their application and browser in complex and unexpected ways. However, this is an area where the browser looks to make progress over the next couple of years.

Lowest Common Denominator


Finally, as applications become richer and more complex and begin to push the boundaries of JavaScript and DHTML, developers are increasingly faced with differences in browser functionality and API implementations. Although these issues can often be overcome with browser-specific code, they lead to code that

a) is more difficult to maintain and scale;
b) takes time away from function-driven development of feature functionality.

Although JavaScript frameworks are a popular way to help address these issues, they can offer only the functionality provided by the browser, and often they resort to the lowest common denominator of features among browsers to ease the development model. The result for JavaScript- or DHTML-based applications is a lowest common denominator user experience and interaction model, as well as increased development, testing, and deployment costs for the developer.

As browser continue to mature this lowest common denominator of usable functionality will improve, but this is a process that can take a significant amount of time (often years) as new browsers are released, and old browsers are no longer used.

Does RIA(Rich Internet Applications) is the solution to these problems?

Three Quick Tips To Make Your PHP Understandable

Producing code that clearly conveys a developer's intent is key to any well written application. That not only applies to PHP, but every programming language. Developers who emphasize the creation of legible code tend to create applications which are easier to both maintain and expand upon. After seven years of programming in PHP I've worked on a variety of projects where well organized and legible code were set aside for numerous reasons. Some of those reasons include time constraints, lack of experience, lost enthusiasm, misdirected pre-optimizing, and the list goes on.

Today we'll look at three simple methods which are commonly ignored by developers for some, if not all of the reasons described above. First, we'll discuss the importance of clean conditional logic. Second, we'll look at how you can cleanly output blocks html of in PHP. And finally, we'll examine the use of sprintf to convey variables placed in stings more legibally.

Tip #1: Write Clean Logic Statements

Example 1.1: Unclean Conditional Logic
<?php

if($userLoggedIn) {
// Hundreds of lines of code
}else{
exit();
}

?>

The above statement seems straight forward, but it's flawed for the reason that the developer is giving this conditional block too much responsibility. I know that might sound a little weird, but stay with me.

The type of conditional organization above makes for unnecessarily complex code to
both interpret and maintain. A brace that's paired with a control structure hundreds of lines above it won't always be intuitive for developers to locate. I prefer the style of conditional logic in example 1.2, which inversely solves the previous example. Let's take a look.

Example 1.2: Clean Conditional Logic
<?php

if(!$userLoggedIn) {
exit();
}

// Hundreds of lines of code

?>

This conditional statement is more concise and easier to understand. Instead of stating: "if my condition is met, perform hundreds of operations, else exit the script", it's saying "if my condition is not met, exit the script. Otherwise, I don't care about what happens after that. I am only concerned with stopping execution". So, by doing this, you've limited the operations that a given control structure has been tasked with, and that will help other developers quickly understand your code.

Read More

Comparison of Evolution and Thunderbird

It didn't take time for me to throw out the Evolution email client from my Ubuntu platform. Instead, I installed Mozilla’s Thunderbird, an email client which I’m very familiar with. What caused the switch? Well, I was trying to configure an email account running on an IMAP server. I had a terrible time in getting it to work. After so many unsuccessful tries, it was time for me to kiss the Evolution package goodbye. I’m glad it’s gone because Thunderbird is working just fine in Ubuntu.

Feature

Evolution 2.6

Thunderbird 1.5.0.5

Protocols

POP, IMAP, Exchange, Hula, Files

POP, IMAP, Files

Security

SSL and TLS

SSL and TLS; only available by Edit->Acccount Settings->Security Settings after creating account

LDAP

Yes

Yes

E-mail Security Options

Load Images

Can be disabled, enabled for all, or enabled for known contacts; default: enabled

Can be disabled, enabled for all, or enabled for known contacts; default: enabled

JavaScript

No

No

E-mail Scam Detection

No

Yes

Antivirus Support

No

Yes; default: disabled

Additional Functionality

Address Book

Yes

Yes

Calendar

Yes

No; available as plug-in

Task List

Yes

No

Memos

Yes

No

Preventing Accidental Deletes

Murphy’s Law states whatever can go wrong will go wrong. So even with the appropriate logging and monitoring measures in place accidents are bound to happen. Even with warning and confirmation screens a legitimate user can still delete information they didn’t really intend to. The problem with DELETE statements is that they are irrecoverable.

One suggestion to prevent the unintentional deletion of data stored in a database is to add a new field to the records named IS_DELETED . The field is a TINYINT(1) which contains either a 0 or 1 to denote if the record is considered deleted . Your application would not issue any actual DELETE queries, rather it would set the field value to 1. It’s trivial to change the value of the field to restore the record in case of an accident.

Depending on the type of application you are developing, you may not want to have stale data in the database. To prevent deleted records from accumulating in the table you can write an administrative script that can run weekly (or even nightly) from cron or Scheduled Tasks to actually delete the records.The code below shows a script that I use.

A SHOW TABLES query is issued to retrieve a list of all tables in the database. For each table name that is returned, the column names are retrieved with a SHOW COLUMNS query and scanned to find any names that are named IS_DELETED . If so then a true DELETE query is issued otherwise the script moves on to analyze the next table.


#! /usr/bin/php
<?php
include ‘../lib/common.php’;
include ‘../lib/db.php’;
// retrieve list of tables
$table_result = mysql_query(‘SHOW TABLES’, $GLOBALS[‘DB’]);
while ($table_row = mysql_fetch_array($table_result))
{
    // retrieve list of column names in table
    $column_result = mysql_query(‘SHOW COLUMNS FROM ‘ . table_row[0], $GLOBALS[‘DB’]);
    while ($column_row = mysql_fetch_assoc($column_result))
    {
        // if the table has an IS_DELETED field then delete old records
        if ($column_row[‘Field’] == ‘IS_DELETED’)
        {
          mysql_query(‘DELETE FROM ‘ . $table_row[0] . ‘ WHERE ‘ . ‘IS_DELETED = 1’ , $GLOBALS[‘DB’]);
          // break out to process next table
          mysql_free_result($column_result);
          break;
        }
    }
    mysql_free_result($column_result);
}
mysql_free_result($table_result);
mysql_close($GLOBALS[‘DB’]);
?>

Securing User Submitted Data in PHP

The greatest weakness in many PHP programs is not inherent in the language itself, but merely an issue of code not being written with security in mind. For this reason, you should always take the time to consider the implications of a given piece of code, to ascertain the possible damage if an unexpected variable is submitted to it.

<?php
// remove a file from the user's home directory... or maybe
// somebody else's?
unlink ($evil_var);

// Write logging of their access... or maybe an /etc/passwd entry?
fwrite ($fp, $evil_var);

// Execute something trivial.. or rm -rf *?
system ($evil_var);
exec ($evil_var);

?>

You should always carefully examine your code to make sure that any variables being submitted from a web browser are being properly checked, and ask yourself the following questions:
  • Will this script only affect the intended files?
  • Can unusual or undesirable data be acted upon?
  • Can this script be used in unintended ways?
  • Can this be used in conjunction with other scripts in a negative manner?
  • Will any transactions be adequately logged?

By adequately asking these questions while writing the script, rather than later, you prevent an unfortunate re-write when you need to increase your security. By starting out with this mindset, you won't guarantee the security of your system, but you can help improve it.

You may also want to consider turning off register_globals, magic_quotes, or other convenience settings which may confuse you as to the validity, source, or value of a given variable. Working with PHP in error_reporting(E_ALL) mode can also help warn you about variables being used before they are checked or initialized (so you can prevent unusual data from being operated upon).

Tips for Debugging Ajax Applications - Part2

part1

1. Use Javascript alerts to indicate the values of variables.
There are three families of values you'll need to confirm:

  • Values received by a function:
    alert(value);
    Use this for any Javascript function, like the one triggered by the HTML event or the one called when the PHP script returns its value.

  • Values returned by the PHP script:
    alert(ajax.responseText);
    Since responseText stores the data you'll deal with in the Javascript, confirming its value is a great debugging technique.

  • Values to be assigned to HTML elements:
    alert(message);
    You could also have problems in writing new HTML to the web page.In such cases, you'll need to confirm if the problem is in the message being written (tested using such a alert) or in the writing process itself(i.e., assigning a value to innerHTML).

2. Make sure you reload your Web browser after making changes. Failure to do so in common, and very frustrating, mistake.

3. Test with multiple browsers. With Javascript and HTML, different browsers can behave differently, so see how your applications behave in multiple browsers.

4. Watch the method --GET or POST-- being used. Some browsers (I'm looking at you Internet Explorer) cache GET page requests, so it might look as if the changes you made didn't take effort.

5. Use a Javascript console. Good browsers, like Firefox and Safari, can show Javascript errors in a separate window.

6. Use a Javascript debugger. Firefox users benefit greatly from the Venkman debugger(www.mozilla.org/projects/venkman). Internet Explorer users have the Microsoft Script Debugger.

Why do I need anti-virus software for Linux?

In the most part, Linux is engineered in a fashion that makes it hard for viruses to run. Also, because more PCs currently run Windows, it is more worthwhile writing viruses for the Windows platform. However, there are many reasons you might want a virus scanner on your Linux PC:
  • to scan a Windows drive in your PC

  • to scan Windows machines over a network

  • to scan files you are going to send to other people

  • to scan e-mail you are going to forward to other people

  • some Windows viruses can run with Wine.


Open Source Antivirus


Free version of commercial Antivirus


Tips for maintaining a secure Ubuntu system

There are a few basic steps to maintaining a secure Ubuntu system:
  • Don't use root - The default Ubuntu installation does not assign a root password and you cannot log in as root. Instead, the default user account can use Sudo to run commands as root. Additional user accounts cannot even run Sudo unless they are given explicit permission. Restricting root access limits your ability to accidentally (or intentionally) screw up the entire operating system.

  • Limit network services - Only enable services that you need. If you don't need a mail server, then don't install one. If you do not host web pages, then don't install a web server. Attackers can only exploit network services that are running on your system.

  • Use trusted software sources - There are literally hundreds of unofficial repositories. Installing software from an unknown and untrusted repository could result in the installation of hostile software. Don't change the default repository settings or install software from untrusted providers unless you know what you are doing. Remember: just because they say it is safe does not mean it really is safe.

  • Limit scripts - web browsers, chat room software, and other programs can transfer potentially hostile software from the network, download files, and run programs. If you don't need this functionality, then disable it.

  • Use strong passwords - If you are the only person with physical access to your computer and you do not allow remote network access, then you can probably get away with having abcd or your pet's name as your password. (One of my home computers is usually logged in and the screen saver does not demand a password-this is as effective as having no password.) However, if you are in a corporate environment with many users, or enable remote access, or are at home with young kids (or cats) who like to press the delete button, then consider a strong password. Please visit this link to know how to choose a strong password .

  • Programs like John the Ripper (sudo apt-get install john) are designed to crack passwords through dictionary attacks and common password patterns like the ones listed above. In my experience, John can crack about 20 percent of user-chosen passwords in the first few minutes, and up to 80 percent in a few hours. The best passwords will not be based on dictionary words or simple patterns, and will be memorable. Good passwords should make sense to only you and not anyone else.

  • Don't compromise your security - Telling people "I have a really cool password-it's my student ID number from high school and nobody will guess that!" is a huge hint to an attacker. Don't hint at your password, don't e-mail it, and don't tell it to anyone in public. If you think that somebody might have a clue about your password, then change it immediately. Remember: the only person inconvenienced by a password change will be you. Beyond passwords, don't give accounts with Sudo access to anyone, don't install software from strangers, and don't run with scissors. Your security is as strong as its weakest link, and that is often the user.

Windows on Linux

Under Linux, it is possible to run a number of Windows applications without having Windows installed at all. This is done with Wine. I'm not talking about the fermented beverage some of us are quite fond of, but a package that runs on Linux. Allow me to paraphrase from the Wine Web site . Wine Is Not an Emulator. Wine is a compatibility layer, a set of APIs that enable some Windows applications to operate on a Linux system running the X window system (the Linux graphical environment).

Wine will not run every Windows application, but the number of applications it is capable of running is increasing all the time. Some commercial vendors have ported certain Windows applications to Linux by making some of the code run in Wine. This has sped up the normal production cycle and made it possible for them to get their programs to Linux users faster. If you really need to run a Windows application under Linux and you would like to go this route, the commercial Wines tend to be a better approach.

Many Linux distributions include a version of Wine on the CDs, and some let you select Windows compatibility applications as part of the installation procedure. Keep in mind that the newer your Wine, the better. For the latest and greatest on Wine development, visit the Wine web site ( http://www.winehq.org). A great deal of Wine development is being done at CodeWeavers (http://www.codeweavers.com). Its version provides an installation wizard to guide you through the installation and configuration process for Wine. It makes the whole process extremely simple.

VMware

The Wine project has done some impressive work, but it will not run all Windows applications. Sometimes you just need to run the whole shebang, and that means a full copy of Windows. Because you don't want to boot back and forth between Linux and Windows, it would be great if you could run Windows entirely on your Linux machine. This is the philosophy behind VMware—and it doesn't stop there.

Mware enables you to create virtual machines on your computer. Complete with boot-up BIOS and memory checks, VMware virtualizes your entire hardware configuration, making the PC inside the PC as real as the one you are running. Furthermore, VMware enables you to run (not emulate) Windows 95, 98, 2000, NT, FreeBSD, or other Linuxes. For the developer or support person who needs to work (or write code) on different platforms, this is an incredible package. Yes, you can even run another Linux on your Linux, making it possible to test (or play with) different releases without reinstalling on a separate machine. VMware knows enough to share your printers, network cards, and so on. You can even network between the "real" machine and the virtual machine as though they were two separate systems.

VMware comes in a variety of packages and price points. Visit the VMware Web site (http://www.vmware.com) for details.

Win4Lin

Another alternative still requires a licensed copy of Windows. Win4Lin, formerly Netraverse ( http://www.win4lin.com), sells a package called (you guessed it) Win4Lin. This is a package designed to let you run Windows on your system but, unlike VMware, only Windows. The classic Win4Lin product only supported Windows 95, 98, and ME, but with the introduction of Win4Lin Pro, Windows 2000 and XP are also supported. It is, however, somewhat less expensive than VMware. Once again, remember that because you aren't emulating Windows but actually running a copy, you still need that licensed copy of Windows.

Win4Lin's magic is performed at the kernel level. Consequently, this requires that you download a patched kernel equivalent to what you are currently running or that you patch and rebuild your own. If you have compiled custom drivers into your kernel, you are going to have to go through the process again to get Win4Lin going. This whole process is no longer necessary if you choose to purchase Win4Lin Pro.

How to change from Gnome to KDE in Ubuntu

Inorder to change your Ubuntu Desktop environment from Gnome to KDE: please follow the below steps.
  • Install KDE.

    sudo apt-get install kubuntu-desktop kde-core

    This requires about 360 MB of disk space. The installation will ask if you want Gnome (gdm) or KDE (kdm) as the default desktop.
  • Log out. This gets you out of the active Gnome desktop.
  • On the login page, click Options (bottom left corner).
  • Select the Sessions menu item.
  • Select KDE from the Sessions menu and use Change Session to accept it.
  • Log in using KDE.

    If you no longer need Gnome, you have the option to remove it by removing every Gnome package on the system.

     dpkg --get-selections '*gnome*' | awk '{print $1}' | \ 
    xargs sudo apt-get remove

Tip - Many Gnome applications only need the Gnome libraries to run. If you keep both desktops on the same system, then you can use many of the applications under the same desktop.

Ubuntu Compared to Other Linux Distributions

lame_logoLet's see how Ubuntu differs from other Linux Distributions - Redhat or Fedora, Debian ,Suse ,Knoppix.

If you log into the command line of both an Ubuntu system and a Red Hat Enterprise Linux or Fedora system, very little will look different. There are common directories and utilities between the two, and functionality is fundamentally the same. So what makes Ubuntu different from other Linux distributions?
One difference is the installer.

The complexity of booting and installing Ubuntu has been narrowed down to a handful of mouse clicks, making many of the install decisions automatic based on assumptions as to what the average user may need and want. In contrast, a Red Hat system presents the user with many install options, such as setting up a workstation or server, individually selecting packages to install, and setting administrative options.

Another major difference among Linux distributions is in software management tools. The aim of the utilities and packaging systems is the same for Debian as for other Linux distributions, however the operation and implementations are significantly different. Ubuntu and most other Debian-based systems use the APT (Advanced Package Tool) family of utilities for managing software. You use APT to install, remove, query, and update Debian (deb) packages. Red Hat uses an RPM packaging system to handle the same tasks with its rpm packages.

Another big difference is the way the systems look in regards to initialization, login
screen, default desktop, wallpaper, icon set, and more. From this look-and-feel perspective, there are a lot of differences. Although Red Hat and Ubuntu both use the GNOME desktop as the default Window Manager, the GUI tools used for administering the system and their locations on the drop-down menus are entirely different.

The login screen and autumn-colored theme of a default Ubuntu system set it apart from other distributions as well. When you drop down the menus of an Ubuntu desktop, you are not presented with a huge list of applications and utilities. What you get is a rather simple and elegant mixture of some of the best and most functional applications available for the Linux desktop. This approach is characteristic of Ubuntu and is done with the intent of keeping the user from feeling overwhelmed.

Another unique characteristic of a Ubuntu system is the intentional practice of locking the root user account, Most Linux distributions require the user to log in or su to root to perform administration tasks, however a user on a Ubuntu does this through sudo using their own login password, and not a separate one for the root user.

Do you have any comparison to share? Please post them in the comments below.

Improving PHP Session Security - Part1

Because important information is normally stored in a session (you should never store sensitive data in a cookie), security becomes more of an issue. With sessions there are two things to pay attention to:

1) Session ID
2) Session data

A malicious person is far more likely to hack into a session through the session ID than the data on the server, so I’ll focus on these things here

The session ID is the key to the session data. By default, PHP will store this in a cookie, which is preferable from a security standpoint. It is possible in PHP to use sessions without cookies, but that leaves the application vulnerable to session hijacking: If I can learn another user’s session ID, I can easily trick a server into thinking that their session ID is my session ID. At that point I have effectively taken over the original user’s entire session and would have access to their data. So storing the session ID in a cookie makes it somewhat harder to steal.

One method of preventing hijacking is to store some sort of user identifier in the session, and then to repeatedly double-check this value. The HTTP_USER_AGENT — a combination of the browser and operating system being used—is a likely candidate for this purpose. This adds a layer of security in that one person could only hijack another user’s session if they are both running the exact same browser and operating system.

Next Post - As a demonstration of this, let’s see an example.

Mac OS X Leopard Features

I came across Leopard's new features at Apple's Web site, I thought I'd talk about my experience a little bit.
  • One of the big areas of improvement are the visuals, like the 3D Dock and transparent menu bar.
  • Time Machine has gotten a lot of press and is one of the things that I appreciate most about Leopard. This is a backup utility that's really smart and mindless to use. It automatically backs up your entire hard drive to an external disk, even over a network. I like the fact that it automatically keeps hourly backups for the past day, daily backups for the past month, and weekly backups as long as space allows. I was pretty good about backing up regularly using Backup (Apple's program) but this is easier and certainly better. It could be a little more configurable but maybe keeping options to a minimum is what makes it so easy for anyone.
  • Spaces is another big, cool feature. It creates multiple desktops, so you can have applications and windows that only appear in a certain "space". Maybe one for work, one for personal stuff, etc. I used it a while, then stopped. I will probably use it again when I get the time to really master it.
  • Some people hate the new Stacks feature, some people like it. It's just a different way for folders in the Dock to appear when you click on them. I think they're really nice, personally.
  • The Finder windows have built-in searches on the left side, which is useful, although I rarely remember to use them.
  • QuickLook feature is excellent, particularly when it comes to email attachments. I'm not really using the changes in Mail, Safari (I primarily use Firefox), and iChat, or doing anything with the Parental Controls and Boot Camp (I use Parallels). But overall, I've been much more pleased with Leopard than I expected to.

Do you have any features to share? Please post them in the comments below.

Choosing the Right Linux Distribution

Ever since the first Linux distributions appeared, people have been having a hard time trying to choose the "right one" to use.

Many people end up asking "Which distribution should I use?" on the web, only to receive heaps of different suggestions (usually just the distributions that the posters like), a few arguments, and inevitably, the RPM vs DEB debate.

The problem is, that even after you filter out the posts to just the suggestions of distributions, you will find that you end up with just a big list of distributions, with usually only a comment like "This is good" to guide you in your choice.

This is a really bad way to choose a distribution, since you have no real advice on WHY you should choose distribution X over distribution Y. This article aims to give you the advice you need to choose the distribution that best suits you.

DISTRIBUTION PURPOSE

One of the key things in choosing a distribution is what you are using it for. Most uses fall into one of the 3 categories below:

  • Desktop usage.
  • Desktop and Server usage.
  • Server usage.
"Desktop usage" or "desktop distribution" is a very commonly used term to describe a Linux distribution which provides a GUI and is suitable for usage on desktop or laptop computers.

DESKTOP DISTRIBUTION

If you want a desktop distribution, some of the main requirements are:
  • Ease of adjusting settings - in the case of laptops, easy network changing is important.
  • Age of the software (you want the programs to be fairly recent)
  • Range of GUI applications.

SERVER DISTRIBUTION

If you are looking for a server distribution, you want to look for:
  • Software api stability - do updates ever change the way the distribution works mid-release?
  • Software life - how long will it get updates?
  • Security - servers are often open to the public - it needs to be very well secured.
Do you have anything to share? Please post them in the comments below.

Article Source - reallylinux.com

Programming Tips

Here are some tips and things I've found to be true after 5 years of software experience.

Follow Einstein's maxim; keep things as simple as possible but not too simple.

If you are having difficulty coding your design, stop - you are probably going about it the wrong way, rethink the design.

Get help if you need it, but try wherever possible to work things by yourself, you will learn faster; it's not good having someone write code that you don't understand!.

Bear in mind that most importantly, the programmer must have a clear idea of what is required before coding commences. In a simple gauge this may mean just keeping what's needed in mind, in complex projects you must have to write your intentions or even make a flow chart of how things will work. Believe me, you will save much time and frustration by working this way, not to mention the umpteen versions of scrapped code!.

Software like painting, is a creative endeavour; there are many things to achieve the same end result; If you asked two artists to paint a horse the results would look like a horse but would not look as same each other, software is like that and the best software will achieve the result with the minimum possible code.

As you become proficient at coding you will find yourself getting good results quickly with elegant code, looking back at your early efforts will make you laugh - laugh heartly, it's a good sign.

Do you have anything to share? Please post them in the comments below.

Why Linux won the embedded market?

One story not told often enough involves Linux’ growing domination of the embedded market.

In this space Linux usually stacks up against older Real Time Operating Systems (RTOS). The decision by Wind River, the largest RTOS vendor, to migrate toward Linux was a turning point.

There has been no turning back. But this is not an open source story. In fact, the embedded Linux business looks a lot like the rest of the embedded market.

Here is an example, Timesys providing subscriptions to its LinuxLink in order to help Tensilica customers get to market faster. Tensilica calls this a strategic partnership, alongside a deal with Embedded Alley Solutions to provide consulting and training.

The deals are not noteworthy in themselves, except that they point to how Linux has become the mainstream embedded technology of choice.

It’s Linux’ modular design, a kernel whose features designers can pick-and-choose among, which is causing this revolution in embedded systems.

As chip densities increase manufacturers outgrow the old RTOS systems, and a full-fledged operating system delivers better time to market. Microsoft is not considered viable because it lacks this key modularity, and is years from implementing it.

Microsoft is only now talking about a kernel-based design in Windows 7, which is still in the planning stages.

Outside branded areas like game machines or phones, the embedded market will have sailed away from Redmond long before it’s serious about it.

Do you have anything to share? Please post them in the comments below.

Article Source - blogs.zdnet.com

Browser vs. desktop

The browser has become the preferred way for delivering many applications because it allows easy deployment across operating systems and simplified application maintenance. Plus, the modern programming languages used in the browser enable rapid application design and development.

The Adobe® AIR™ runtime complements the browser by providing the same application development and deployment benefits while adding desktop integration, local data access, and enhanced branding opportunities. An emerging design pattern for rich Internet applications (RIAs) is to deliver a browser-based version of an RIA in the browser for all users and an RIA on the desktop for more active users.

Feature

RIAs in the browser

RIAs on the desktop

Installation

No application installation is necessary.

Applications install seamlessly from the browser or download and install like a traditional desktop application.

Application delivery

Applications can be easily discovered, explored, and used.

Installed applications have more persistence, power, and functionality.

Application updates

Applications are updated by pushing new content to a website.

AIR provides APIs that allow applications to be updated as easily as pushing new content to a website.

Multiple operating system support

Applications run on multiple operating systems and browsers.

AIR applications are cross-platform, so they can be installed on and run on multiple operating systems.

Programming languages

JavaScript is provided by browsers and ActionScript™ is provided by Adobe Flash® Player.

Integrated JavaScript and ActionScript virtual machines are compatible with the browser.

Background capability

RIAs can run only in a visible browser window.

Applications can run in the background or provide notifications like traditional desktop applications.

Persistence

Activity is limited to the browser session. When the browser is closed, information is lost.

RIAs are installed and available on the desktop. They store information locally and operate offline.

Desktop integration

Applications are sandboxed, so desktop integration is limited.

Applications can access a desktop file system, clipboard, drag and drop events, system tray/notifications, and more.

User interface control

RIAs run within a browser window that has its own controls, branding, and integration with the desktop.

RIAs have a customizable user interface and desktop integration, enabling branded experiences.

Data storage

Applications have limited local storage, which the browser can destroy.

Applications have unlimited local storage and access to a local database, plus encrypted local storage.


Know When You Shouldn't Use Ajax

Ajax is, without a doubt, preety cool, but what's cool isn't always what's best (despite what you thought in high school). As with any technology, employ Ajax because you should (when it adds useful features without adding more problems and excluding users), not because you can or know how.

Since Ajax relies upon Javascript, one potential problem is that not all users enable Javascript and it can run differently on different browsers. A well-implemented Ajax example can work seamlessly on any browser, but you really need to be thorough. You can also create a non-Ajax version of a system for those with Javascript disabled: not difficult, but again, something you do need to think about.

Another problem is that Ajax renders the browser's history feature unusable. For that matter, you can't bookmark Ajax pages the way you can search results (the page itself can be bookmarked, but not after some interaction). So by adding functionality, your Ajax application will remove common features.

And Ajax request still require a server connection and the data transfer, so they don't save any resources, just reallocate them.

Finally, I'll point out that there's an argument to be made that IFrames offer similar functionality to Ajax but without some of its downsides.

How To Speed Up Linux Desktop by 30%

I am using Linux (Fedora Core 6) on a pretty high end hardware (at least when I bought it) - Intel Core 2 Duo E6600 Conroe 2.4GHz (4M shared L2 Cache) with 2 GB DDR2RAM, nVidia dual-head graphics card for over a year now. And yet a simple change made it at least 20-40% faster. Even my firefox (with 100+ tabs always open) feels much faster. So what is this magic change?

I switched to Xfce desktop from Gnome desktop (default). That’s it folks!

Contrary to popular belief Xfce doesn’t only make low end hardware faster, it makes pretty high end hardware faster too and by a significant margin. I also didn’t notice any UI issues after migration. Yes, the desktop looks a little different but you can easily get used to it.

Try it, you won’t regret it, especially if you are a power user.

Notes:
1. You can always switch your desktop environment to a different one while logging in by changing your session.
2. You get same applications in both environment.

Firefox 3 - Alpha Release on june 17

Firefox 3 The first release candidate of Mozilla’s Firefox 3 web browser has been out for almost a month but the company had been quiet about when the final version would be released. Instead, all we got was that it would ship “when it’s ready.” Well now we know: it’ll be ready next week.

The final version of Firefox 3 will ship on June 17. This represents 34 months of active development on the follow-up to its hugely successful Firefox 2.


While Microsoft still controls the web browsing market with its Internet Explorer product, Firefox has been making steady inroads. The browser is on track to surpass a 20 percent worldwide market share in July — something that could be achieved even earlier with this new version 3 release. This is pretty incredible when you consider that as recently as 2003, Internet Explorer had over a 94 percent market share.

The next version of Internet Explorer, version 8, is currently beta testing. A second beta version is not expected until August, meaning the final version is unlikely to ship until the end of 2008 or possibly 2009

As a Mac user, I found myself no longer using Firefox with the release of Firefox 2. It was simply too slow on my machine. Instead I opted for the Mozilla browser specifically built for the Mac, Camino, and Apple’s own Safari web browser. However, in beta testing Firefox 3 for the Mac, it appears the Mozilla team has significantly improved the speed of the browser. Quite frankly, when compared with Firefox 2, version 3 flies.

Mozilla is attempting to set a Guinness World Record by making Firefox 3 the most downloaded software in a 24-hour period. I have a feeling they’ll make it. More info on how to participate here.


Tips for Debugging Ajax Applications - Part1

Debugging your Ajax applications can be quite challenging because:
  • There are so many technologies involved(PHP, MySQL, Javascript, DOM, and HTML).
  • You may be less familiar with Javascript and DOM.
  • Much of what happens goes on behind the scenes.
  • Because of the Javascript, you really need to test your applications on multiple browsers and platforms to ensure universal reliability.
In my experience developing Ajax applications from scratch, I've picked up quite a few useful debugging techniques, outlined in the following steps.

1. Run your applications through a URL!

For the PHP to work, it must be accessed through http://. This means that you must load your HTML page through http://.


2. Test your PHP scripts separately.

Be in the habit of doing this automatically, not just when things go awry.


3. Test your database queries separately.

Print out the exact query(ies) and use another interface, like the mysql client or phpMyAdmin, to confirm the results.


4. Validate, if appropriate, the data returned by the PHP script.

If the JavaScript function handling the returned data expects to receive XML or JSON, then the returned text must be in strict XML or JSON format.


5. Use Javascript alerts to indicate what's going on.

Since so much is going on behind the scenes, it's often necessary to shed some light on the process.Add code like alert('in the check_user() function'); to your Javascript code.


Additional tips for debugging ajax applications will be covered in part 2.

what can Adobe AIR Applications do

The Adobe AIR applications you develop can
  • Access files and directories on the user's computer
  • Integrate a client-side database
  • Securely store data in an encrypted format
  • Contain custom windows and menus
  • Interact with network resources, like Websites and servers
  • Tap into the computers's clipboard, supporting cut, copy, paste, plus drag in and out functionality
  • Play sounds and videos
  • Display PDFs
In short, an application written in AIR can do pretty much anything you can think of!

IF you still need convincing, consider that the tools required for freating and running AIR applications are free and supported by an excellent company, Adobe. If the way in which the Adobe handled the invention, promotion, and distribution of the Portable Document Format(PDF) is any gauge, the future looks bright for Adobe AIR.

Do you have any such tips to share? Please post them in the comments below.

Why should I use Adobe AIR?

The first and most compelling reason is that using Adobe AIR is easy. In all likelihood you'll just apply the knowledge you already have. In the worst case scenario, if you have limited to no experience with HTML and Javascript, rest assured that few technologies are as approachable as these. The learning curve for using Adobe AIR is therefore short but the upside is huge.

A second but very strong reason to use Adobe AIR is that it automatically generates cross-platform applications. The programs you create will equally well on Windows, Mac OS X, and Linux regardless of the operating system on which they were written. Adobe AIR was designed specifically with this in mind, and there are but few areas in which operating system-specific steps need to be taken.

A third consideration to note is that with Adobe AIR you're creating graphical applications: programs that are visible, that run outside of any consule window or terminal application, and that can take full advantage of the user's mouse and keyword. This may not sound revelatory to you, but when using other technologies(like C or C++) to make an application, creating a graphical application as opposed to a command-line utility isn't that simple.

Next post - "what can Adobe AIR do"

Do you have any such tips to share? Please post them in the comments below.

How To Automatically Reply To Email in ThunderBird

Thunderbird 2 added the exciting feature to automatically respond to messages (yeah, I can hear Microsoft Outlook folks shaking their heads in irritation, we had it for years in MS Outlook) with an email template. Let’s see how we can set it up.

1. First you need to write a normal email message with a subject. However instead of sending it to anyone, save it as a template by going to File -> Save As -> Template.

2. Now go to Tools -> Message Filters and click on New to create you own filter.

3. Create the filter by specifying one or more criteria. For example I just created for filter for all support emails. To do that I specified that To contains support@tarag…

4. Now you need to create one or more actions for it. To automatically send a reply you should choose Reply with Template and then select the template you have created earlier.

5. Give your filter a name.

6. Now click OK to create the filter.

You are done. Now any email which matches the filter criteria will be automatically sent a response with your specified template.

Do you have any such tips to share? Please post them in the comments below.

10 Tips for Securing your PC

Here are the Ten Tips for Securing your PC.
  • Create strong passwords
  • Use good antivirus software
  • Windows users shall regularly update critical updates
  • Download online forms after verifying URL https:// or forms with lock icons
  • Use secure shell (ssh or sftp) for file transfers
  • Not open unnecessary emails
  • Regularly back up important files
  • Set a password protected screen saver to activate after 10-15 minutes
  • Shutdown thine computer at night
  • Schedule monthly scanning of hard disk
As always I look forward to your feedback. If you have made this transition yourself, please add your tips for others to learn from.

10 Tips for Moving From Programmer to Entrepreneur


1) Code is 5% of your business
One of the biggest issues I see is developers getting caught up in the code. Spending countless hours making a function perfect or building features which show off the latest technology. Now you have to write code to be in the software business. It has to be high quality code that isn’t filled with bugs or is insecure. However, the best code in the world is meaningless if nobody knows about your product. Code is meaningless if the IRS comes and throws you in jail because you didn’t do your taxes. Code is meaningless if you get sued because you didn’t bother having a software license created by a lawyer.

I see way too many entrepreneurs in the forums and blogs talking about code issues when they should be discussing and learning about the business aspects. Of course that’s harder then talking about code, but nobody ever said this would be easy!

2) Design is everything, relative to the competition
Your product has to be nicely designed. Standard programmer square boxes with gray backgrounds don’t cut it! Remember though that your design only needs to be nicer than the competition. So if you’re building a back office IT system there’s no need to bring your design all the way up to the level of a 37 Signals type app. Of course it’s great if you do, but the goal here is simply to make it clear for your customers that you have the nicer design when they compare your product to the competition. People DO judge books by their covers.

3) Get used to thinking long term
There’s nothing a programmer likes better than turning code around fast. Getting bugs in and squashing them. The problem is that most non-programming related tasks in a small ISV don’t happen quickly. You really need to think long term. Things like getting your marketing and product positioning in place can take months to years. There’s no instant gratification like you get from writing code, so you must always force yourself to think long term. Where do you want the product, marketing, and sales to be 6 months from now?

4) Admit that you don’t understand the end user and rectify that
There’s a good chance that the software you are writing is in a domain you are not an expert in. That’s where the opportunities are and that’s great, but you have to realize that you need to do more than just research the market. You need to understand the actual customers. Talk with them. I know you don’t want to but it’s an absolute must. Without talking to the actual end users you’ll never know what features you’re wasting your time on and which ones you don’t have that are critical.

A big mistake people make here is implementing the feature set of the competition to get started. That’s a bad move. It’s like when you copy your friends homework. You both end up with the same mistakes. By talking to the customers you can avoid the mistakes your competition has already made.

5) Love your customers
Many software developers come from a back office IT background. In most of the IT shops I worked in there was generally disdain for the customer (internal customers). It’s not surprising since IT is often asked to do far too much with far too little.

It’s time to put all that aside though. I see a lot of ISV’s who seem to carry this over and there’s no place in commercial software for it. The only way to be successful is to love your customers. That means meeting their needs as much as possible and going to great lengths to do so. When you can’t you need to explain why. When they choose a competitors product be respectful and remind them the visit you again if that product doesn’t end up meeting their needs.  I’ve found that I’ve switched lost sales back to me simply by being nice to the customer on their way out the door.

6) Remember to design for ease of use. Even advanced users like easy.
Your user interface is no place for fancy technology tricks. Keep is simple. Advanced users love simple just as much as newbie’s. The most important reason to keep is simple is for your trial users. A trial user is only going to give you a few minutes of their time. If you waste it by making them figure out a complex interface you can bet they’ll be off looking for another solution.

7) Remember to bounce your ideas off people who aren’t working on the project
Make sure to always take time to show off your latest builds to someone who’s not very involved with the project. Fresh eyes will often find big holes in your user interface. Even if the person doesn’t know much about your domain, you’ll be surprised at how many issues they’ll point out that you’ve never seen before!

8) Don’t be afraid to pull things out
There’s nothing I hate more as a programmer than pulling perfectly good code out of an application. Alas, you’re going to have to do it. Through the process of developing you’re going to discover features that should never have been. Ideally you’ll find this out before actually shipping. When you find these features you need to pull them before they cause any trouble.

For example, when I was half way through developing HelpSpot I discovered that one of my features just wasn’t working. I had built this tool for importing customer information into HelpSpot. This was a bad idea because it basically turned HelpSpot into a half baked CRM. It meant my customers would have to keep HelpSpot in sync with their real CRM and generally made the UI more complicated. So I scrapped a few weeks of work and pulled it out.

It turns out to be one of the best decisions I made. Rather than the syncing I came up with the Live Lookup system which allows customers to run queries against their existing CRM from within HelpSpot. It’s turned out to be a unique feature which is used by the majority of HelpSpot installations very successfully.

9) Patience is a virtue
There’s invariably a lack of time to get all the things done you need to. What would normally take a day takes weeks. Try to learn patience. I’ve found that I have to actively work at this or I get frustrated that I’m not making enough progress. Avoid setting up dates and expectations with your customers when possible. Don’t promise something in a month if it might take 3. I’m still working on that one myself

10) Treat it like you are learning to program all over
Remember when you first learned to program and you read every book. You bought 8 different books on that first language all of which basically said the same things but you read them all anyway because you couldn’t get enough. That’s how you have to treat the transition from programmer to entrepreneur. Read everything you can get your hands on about your target market, running a small business, marketing, general management, time management. Ideally you should read it before you even start coding. The mistakes you’ll be able to avoid by doing so are well worth the time commitment.

As always I look forward to your feedback. If you have made this transition yourself, please add your tips for others to learn from.

Article Source - Click Here

Google Warns Against Weak Passwords

Google would like to take this moment to remind you to choose a strong password. Too many passwords are weak or poorly guarded. People choose obvious passwords, like "password," or share them with friends or display them on Post-it notes that hang from their computer monitors.

Surveys detailing such folly can be found at PasswordResearch.com, a site maintained by IT security consultant Bruce K. Marshall. They present findings like 70% of people do not have unique passwords for each Web site and nearly half of all people write down their passwords. Read the papers and weep.

Password security is particularly important for Google because Google Account passwords unlock the keys to an individual's Google kingdom from anywhere in the world. (Google does not currently offer a way to limit Google Account access to certain IP addresses or ranges.) There is no firewall to bypass or office to break into when compromising a Google Account. The right password is all that's needed.

Google engineer HongHai Shen wrote a blog post about password security on Wednesday, acknowledging that fanatical devotion to strong passwords -- generating a random eight character string every two or three months -- probably isn't necessary for everyone. But he still believes passwords should be chosen with care. "Whether it's for your Google account, your banking center, or your favorite store, choosing a good password and keeping it safe can go a long way toward protecting your information online," he wrote in his blog post.

HongHai's advice, though timeworn, bears repeating because so few take such recommendations to heart:

Avoid common elements when choosing your password. That means no words you'd find in a dictionary, which might be vulnerable to "dictionary attacks." It also means that clever concatenated phrases like "letmein" or "opensesame" probably aren't all that clever. Figure too on the fact that patterns on keyboards, like "1234" or "asdf" are available on keyboards all over.

Make your password as unique as possible. This ought to go without saying, but, there, it's been said. Add numbers and non-alphanumeric characters to your password. Mix uppercase and lowercase letters.

Create different passwords for different sites. The benefit of doing so is obvious: If someone does steal your password, he or she doesn't have access to every Internet service you use. Particularly for financial and health sites, you should have unique passwords.

Don't share your passwords with anyone. And don't send them in an e-mail if you can help it.

Be careful how you share your information online. Social networking sites in particular have a poor record of keeping user information private and the gadgets that are popular on many of these sites are not developed with security in mind. If there's a way to find out how these sites and applications share data, it can be worth doing so.

Google provides additional password guidance in its Gmail Help Center documents.

Adobe AIR

Adobe AIR(Adobe Integrated Runtime) is a fantastic new technology that greatly expands the ways in which you can create desktop applications.

Traditionally, programs like Microsoft Word, the Firefox Web Browser, and Adobe Reader have been written in a programming language like C or C++. Learning such technologies, while not hard, takes some effort, and making graphical applications, let alone cross-platform apps, using them in an even larger hurdle.

Now, with Adobe AIR you can use whatever Web development know-how you have be it Adobe Flash, Adobe Flex or standard Ajax(HTML and Javascript) - to create fully functional desktop applications that will run equally well on Windows, Mac OSX and Linux.

Next post - "Why Should I use Adobe AIR?".

The secret behind PHP Success

So, another “PHP sucks” post, this time from Jeff Atwood. He actually ends up even kind of praising PHP, surprised by its success. I have a couple of thoughts on that topic too.

First, people really need to stop reading something on PHP written somewhere in 2005 (probably about experiences that happened in 2001) and apply it to PHP as it is now, without even checking around for current trends. It’s as if people would dig up books from middle ages saying that there are only seven metals in existence or debating about phlogiston, and would use it speaking about the modern chemistry. Come on!

Then the next thing apparently wrong with PHP is too many functions. Right. Since when? Since when having a lot of functions is a problem? Does it hurt anybody? Does it make writing PHP code harder? Does it make programmer less successful in achieving his goals?

About keywords I could kind of understand - OK, a lot to remember (though I didn’t see anybody really having trouble to remember such complicated keywords as “while”, “if”, “class” or “public”) and it takes out some good English words that could be used as function/method names to confuse the enemy (who wouldn’t want to have function named endforeach() or static(), not to mention function()? too bad those are not available!). But complaining there’s too many actual functions that allow you to do real useful stuff? That is the thing that is bothering people? That is what scares people away from using the language “for years”?

The next beef with PHP is that people write sucky code on it. No, really, they do? Must be something really wrong with this language. It’s not like people write mind-bogglingly sucky code on every other “good” language on the planet. But I get it. The intent was - PHP makes easy to write sucky code. Yes, this is true. As true as “Porsche 997 makes it easy to drive at 100mph into a brick wall”.  PHP makes it easy to write various kinds of code - and if 90% of code written is sucky, then 90% of PHP code would be sucky. But my experience says quality of the production code almost never has much to do with the language, but only with the culture - organizational and personal, and with choosing right ways to do the job. The rest is just bad statistics in play. Like “I know 7-year-old writing websites, and his PHP code sucks”. I bet his Haskell code rules though.

That’s not to say PHP couldn’t use improvement. It could. And it does, actually - and there’s enough room for improvement still, in many areas. But it probably would never satisfy purists. It’s practical. Maybe it doesn’t allow you to write whole programs in one line of uncomprehensible character soup or play with high-level math theory concepts, but it allows people to write web applications. So they do - so where’s the surprise when one morning somebody wakes up and discovers there’s a ton of web applications around and they are written in PHP?.

Linux Tax

Most of us know about the "Windows Tax" -- the extra cash you shell out to pay for the cost of a Windows license when you buy a new PC.  But what about a (so-called) "Linux Tax," the cost incurred by an ordinary user switching to Linux from Windows?

The concept: An average user's switch from, say, Windows to Linux will involve some kind of cost, whether that cost is in the form of time, effort, money (i.e., paying an expert, buying a commercial-grade Linux distro), or what have you.  This might also include the effort involved to find a reputable manufacturer who'll sell you a machine with Linux preloaded, although that's become far easier as of late.  Dell and IBM come to mind, of course, although there has been a slew of smaller manufacturers who have done this for a long time -- just not as visibly.

The word "tax" -- with all of its negative connotations -- comes into play because it's assumed that the switch will in fact come at a cost.  This is generally true if you're an entrenched Windows user, but far less so for people who are not specifically Windows- or even PC-centric.  Every year thousands of people sit down at a computer for the first time ever, and do so with no preconceptions about how a computer is supposed to behave.  For them, Windows, Linux, and Macintosh are all on theoretically equal footing; the only tax for them is the time they're willing to invest in learning how to use a computer, period.

This brings us to the other big assertion: that Linux is markedly more complex than the other operating systems, and therefore requires that much more effort to use.  That's become far more debatable than ever, and not just because Linux GUIs are that much more polished than they used to be -- although that's probably one of the biggest reasons.  The whole concept of a flat "Linux tax" only works if Linux presents everyone with that much more of a challenge.

So is there a Linux tax after all?  For people switching away from proprietary software, yes -- since they have to perform discovery, so to speak, to find out what they can and can't do.  Sometimes the losses are nothing they needed anyway, like the lack of protected HD content support on Linux.  But the process of finding out, the investment of time and effort -- that's effort in their eyes that might be better spent actually getting work done.  If they see a switch to Linux or a switch to open source as an extended process of re-educating themselves, they'll be that much less likely to ever do it.  It's perceptual, but perceptions mean a lot. The lower the bar for everyone, expert and amateur, business user and code wizard alike, the better.

Mobile Firefox

Mozilla FirefoxMozilla is actually designing two different mobile versions, one for touch screen devices (iPhone-style) and another for smaller screens (like cellphones).

From what I’ve seen they both look really nice, and with Mozilla’s existing fanbase I’m sure the browser would get adopted rather quickly. The one designed for smaller screens doesn’t really introduce anything that we haven’t already seen, and for that reason I wanted to really point out the one designed for touch screen devices. It, well, appears to have borrowed a lot of design ideas from Apple’s Safari browser on the iPhone:

I guess Apple should look at this as quite a compliment since the Mobile Firefox will be inheriting many of the design considerations put in place by Apple. What I’m anxious to see is whether Mozilla has plans to release an iPhone version of the browser once the iPhone SDK is made available.

From what I gather the mobile browser’s bookmarks will be synchronized with the desktop via the Weave service that was recently introduced. This is a smart move by Mozilla, but they aren’t the first to do that either (*cough* Opera Link *cough*).

I’ll definitely be keeping an eye on these projects to see if Mozilla can help define the mobile browser market as much as they have done for the desktop browser.

PHP Debugging Techniques

When it comes to debugging, what you’ll best learn from experience are the causes of certain types of errors. Understanding the common causes will shorten the time it takes to fix errors.

Common PHP Errors
  • Blank Page : HTML problem, or PHP error and display_errors or error_reporting is off.
  • Parse error : Missing semicolon; unbalanced curly braces, parentheses, or quotation marks; or use of an unescaped quotation mark in a string.
  • Empty variable value : Forgot the initial $, misspelled or miscapitalized the variable name, or inappropriate variable scope (with functions).
  • Undefined variable : Reference made to a variable before it is given a value or an empty variable value (see those potential causes).

  • Call to undefined function : Misspelled function name, PHP is not configured to use that function (like a MySQL function), or document that contains the function definition was not included.
  • Cannot redeclare function : Two definitions of your own function exist; check within included files.

  • Headers already sent : White space exists in the script before the PHP tags, data has already been printed, or a file has been included.
How to aviod syntactical Errors
  • End every statement (but not language constructs like loops and conditionals) with a semicolon.
  • Balance all quotation marks, parentheses, curly braces, and square brackets (each opening character must be closed).
  • Be consistent with your quotation marks (single quotes can be closed only with single quotes and double quotes with double quotes).
  • Escape, using the backslash, all single and double-quotation marks within strings, as appropriate.
To debug your scripts
  • Turn on display_errors.
  • Use the print() and echo() functions.
  • Check what quotation marks are being used for printing variables.
  • Use comments.
  • Print array values using print_r() and var_dump().

Google: No Web browser plans

Google executives said they have no plans to build a browser and downplayed threats from Microsoft's new advertising system and plans to bundle search into Vista.

Following complaints from the investment community that Google doesn't offer enough insight into the company's business and strategy, Google executives on Wednesday held a live question-and-answer Webcast with analysts.

Asked if Google would consider developing its own browser, as has been speculated for some time, Chief Executive Eric Schmidt said, "We would only do so...if we thought there was a real user benefit."

Google makes decisions on what products to develop based on what users want and not on what rival companies are doing, he said. "The industry is obsessed with this browser question. And our observation is you have a number of good browsers now," including Firefox and Apple Computer's Safari.

In response to a question about how Google executives feel about the possibility of losing revenue to advertising customers who may jump ship to Microsoft's new AdCenter, Schmidt predicted that the impact of the competition will be either neutral or positive to Google's business because it will likely encourage even more people to buy ads who aren't already doing so.

"Microsoft entering the market undoubtedly will influence some people to enter the market," he said. "Yahoo and Google will be beneficiaries of more motion."

As far as Microsoft's plan to integrate search into the Vista operating system, of which Google has previously been critical, Schmidt said, "There is a lot of opportunity for Microsoft to change what they're doing based on customer feedback...We want to make sure that the use of the power of Windows is done in a correct and legal way."

Google's partnership with Dell, announced last week, was in no way formed as a response to competition from Microsoft, Schmidt said. Under the deal, millions of Dell PCs will be preloaded with the Google toolbar for Web and PC search, along with a co-branded home page.

"We are ecstatic over the Dell deal," he said. "We did a six-month test because we wanted to test various components of how people would react from an end-user perspective to an integrated offering." Google found that users liked it.

"The thing that distinguishes the Dell deal is its comprehensiveness," Schmidt said. "We obviously would like to do deals like Dell if they test out well."

Asked if the company would consider buying companies rather than just partnering to get more customers and broader distribution of its products, he said no.

"M&A (mergers and acquisitions) as a method to acquire traffic has not historically worked," Schmidt said. "I wouldn't rule that out, but it's unlikely that in and of itself we could just buy customers...It's a bad business strategy, and it's not consistent" with Google's philosophy.

Meanwhile, Google is not planning to create a service that would compete with shopping Web sites by allowing consumers to shop from aggregated merchants for things like iPods, mobile phones and furniture, as analysts speculated, Schmidt said.

A report released on Tuesday by Bear Stearns said: "We understand that Google has contacted some testers recently to run a beta on a new program that allows the testers to shop from 'high quality merchants'...This could be pretty significant, as Google could be using this program to test for large sellers, a way to dump inventory into Google Base, and potentially create an eBay Express/Amazon like experience for buyers."

But according to Schmidt, "we have been working to automate the advertiser cycle. The moment the customer wants to purchase something we want to make that as fast as we can" by building a "payment system that would enable that, but not the kind of payment system that would result in what you are describing."

Asked why Google is working with EarthLink to cover San Francisco with wireless Internet connectivity and also offering Wi-Fi in Silicon Valley's Mountain View, Schmidt said that making sure people have access to high-speed connections will increase the company's business.

"From the very beginning at Google we understood that customers who move from narrowband to broadband are heavy users of Google" and are more likely to click on ads and make purchases, he said.

Google wants to serve as a catalyst and model for the industry to spur the spread of broadband deployment, Schmidt said.

"Lesson one is we are going to do it with partners. Lesson two is that the hardware is moving quickly forward," he said. "We do not yet have an answer to the question which is the obvious question of what are the limits to an advertising-supported model."

Asked what the company's biggest success story has been, Jonathan Rosenberg, senior vice president for product management at Google, pointed to the integration of Keyhole technology into Google Earth and the ad-based business the mapping has driven. The disappointment has been Google's "offline print efforts," he said, under which Google is selling ads for use in print publications. "That probably hasn't taken off as fast as we'd like."

Asked about how the company plans to gain market share in China, a market dominated by local search company Baidu.com, Schmidt said, "It's too early to call that question for many months...Things don't occur in a month or two, even in China."

Cell Phone Study: People Don't Travel All That Much

Northeastern University secretly spied on the movements of 100,000 cell phone users as they traveled outside of the United States. The conclusion? Most people stay within 20 miles of their homes for more than half the year.

The scientists who conducted this study aren't saying where the study was completed, but did say that study compiled six months' worth of data from cell phone towers from a privately held company. The methodology is raising tons of privacy issues, as no one opted into this survey and they were monitored without their knowledge or consent. While the legal issues are sorted out, let's look at the data.

The Associated Press reports that, "The study found that nearly half of the people in the study pretty much keep to a circle little more than six miles wide and that 83% of the people tracked mostly stay within a 37-mile wide circle. Nearly 3% of the population regularly go beyond a 200-mile wide circle. Less than 1% of people travel often out of a 621-mile circle."

A "621-mile" circle seems an odd metric to me, but whatever. So, comparing these results to my own life, I'd have to say they aren't all that far off. I generally stick to an area that's within 3 miles from my home in any direction. I do travel 35 miles into NYC probably half a dozen times per month for one reason or another. I travel 300 miles to my parent's home about four or five times per year. I take about four 2,000+mile trips to the West Coast for work, and one or two 3,500+miles to Europe each year.

Calculating the exact percentages of how much time I spend where would take more time that it is worth, but I'll allow that I spend more than half of my time within 20 miles of my house.

Adobe's Buzzword Fails To Compete With Google Docs

I'll say this: Adobe's Buzzword, a cloud computing word processor, sure is pretty. That will be the last positive comment I make about Buzzword, though, which trades functionality for form, simplicity for style, and substance, for, er, Flash.

As many of you surely know, I am a daily user of Google's Docs software. For a change, this post is actually being written in Buzzword, a new online tool from Adobe, purveyor of Flash technology. Adobe also is offering up an online conference tool called ConnectNow, as well as a PDF creator and a repository for you to store and share online files.

First, the sign-up and sign-in process was simply arduous. With absolutely no exaggeration, it took 15 minutes to create and confirm an account, and then sign in and wait for the software to sort itself out. In comparison, I can get from Zero to Productive in about 30 seconds with Google Docs. Just for kicks, I signed back out and back in to Buzzword. The initial loading process of the software takes several minutes. That didn't change even though I attempted it three separate times. That's way too long for a sign-in process. (I checked my broadband speeds: 10.5 Mbps down, and 1.8 Mbps up. That should be plenty fast to load some Flash software.)

The user interface takes Google's simplicity and chucks it out the window. Smooth, gorgeous animations float all about the screen as you mouse over action items and icons. Along the top of the document is the expected set of document tools that allow you to change the font, type size, coloring, formatting, and so on. To the right of that is a set of six different expandable icons that let you do a few other things, such as insert paragraphs, lists, images, tables, etc.

In the bottom left corner of the screen is a "share" button. Clicking this lets you share the document with other users. You can also access you other documents stored on Adobe's servers.

The style of the user interface was obviously crafted carefully. The animations are all nice and fun to interact with, but I have to question how much fun it will really be day in and day out.

Was this document created successfully? Yes. Can I share it with others? Yes. Does it perform the basic functions of word processing without too much fuss? Yes.

But as Google has added functionality to its Docs programs over the last 18 months, I find them to be richer in overall usefulness.

Buzzword is a good first effort. I expect Adobe to make improvements over time.

U.S. Internet Will Shrink To 2 Strong Players

An Internet analyst for a major Wall Street firm argues in a new report that Google and Amazon.com will be long-term winners, while Yahoo and IAC InterActiveCorp fall by the wayside and eBay becomes a merger target.

SAN FRANCISCO, June 2 - An Internet analyst for a major Wall Street firm argues in a new report that Google and Amazon (NSDQ: AMZN).com will be long-term winners, while Yahoo (NSDQ: YHOO) and IAC InterActiveCorp fall by the wayside and eBay (NSDQ: EBAY) becomes a merger target.

Sanford C. Bernstein analyst Jeffrey Lindsay argues in a 310-page report entitled "U.S. Internet: The End of the beginning" to be published on Tuesday that Google (NSDQ: GOOG) and Amazon are best placed to withstand the current economic downturn.

"We expect two players to continue to perform strongly, Google and Amazon," Lindsay writes. "Both Google and Amazon.com are still racking up annual growth rates in the 30-40 percent
range, with only a relatively modest slowdown in sight."

Lindsay reiterates his previous positions that Yahoo eventually will be sold to Microsoft and that Barry Diller's IAC e-commerce conglomerate will go ahead in August with its five-way split-up, as planned.

"Arguably the weakest players have strayed furthest from their original competences and have been operating largely as conglomerates," the Bernstein analyst says of Yahoo and IAC.

In the short-run, however, Lindsay believes Yahoo will see gains if it reaches a deal to turn over some part of its searchadvertising sales to Google to run or if Microsoft resumes acquisition negotiations.

He argues that eBay "could potentially attract a Microsoft-like suitor in the future," especially if growth in its core auctions business fails to resume and because eBay could spin off its PayPal or Skype units to make a deal work.

Even the strongest companies have weakness, Lindsay argues. Google has yet to articulate a compelling strategy to achieve the same level of strength on the emerging mobile Internet that it has on the computer-based Web.

Amazon and eBay are likely to be forced eventually to pay state sales taxes. Ironically, he notes, this may work to their advantage as large companies, because they have more resources than smaller e-commerce players to collect such taxes. (Reporting by Eric Auchard; Editing by Kim Coghill).

A Quick Look At Facebook's Open Source

The other week, when representatives from Facebook mentioned that they'd be open-sourcing significant portions of their platform, I hazarded a guess that they would be providing at most a set of APIs. Now that Facebook's actually released some code under the aegis of the Facebook Open Platform, I had a look-see. To my delight, I saw more than just APIs.

Once you download the code and unpack it, the first thing that will probably draw your attention is the README file: "This package contains the basic functionality needed to implement and expose the Facebook platform, including support for the Facebook API, FQL, and FBML." Also included is a list of ingredients you'll need to bake your own Facebook cake -- PHP 5, Apache 1.3 or a Web server that supports some of the same basic functionality, MySQL, and the optional but useful Thrift binary.

One thing I looked at most closely was the licensing. The majority of the code is not under the GPL but instead a slight variant of the Common Public Attribution License -- which is an OSI-approved license all the same. The changes: a) you have to attribute Facebook to the original work, and b) making the code into a Web service counts as distribution. The latter is, I take it, Facebook's way to close the ASP loophole and prevent its work from being capitalized upon unfairly. (Thrift, Facebook's platform for cross-language services, is available under its own licensing, which is reminiscent of the MIT license ... although that does make me wonder why they bothered with their own iteration of the license save for the sake of brand recognition. Wait, that's it!)

Facebook's open source projects aren't limited to opening up their platform per se. Other goodies include a Firefox toolbar -- something that you could use as a learning tool for building your own such add-on; I know I plan to -- as well as various libraries and JavaScript bits 'n pieces that ought to come in handy.

So how's all this shape up against OpenSocial? The latter seems to have wider use, at least in terms of who's using the API, but Facebook has a brand recognition (yup, that again) that's tough to ignore. I suspect both OpenSocial and the FaceBook code will end up getting used -- maybe even both together on the same sites! -- but it will be most instructive when some developers actually step up and talk about their experiences with the code.