August 22nd, 2014
Georgina Voss at dConstruct
There is a change to the advertised line-up…
Alas, Jen can no longer make it to Brighton. Circumstances have conspired to make trans-atlantic travel an impossibility. It’s a real shame because I was really looking forward to her talk, but these things happen (and she’s gutted too: she was really looking forward to being in Brighton for this year’s dConstruct).
But never fear. We’ve swapped out one fantastic talk for another fantastic talk. Brighton’s own Georgina Voss has very kindly stepped into the breach. She’s going to knock your socks off with her talk, Tethering the Hovercraft:
A careen through grassroots innovation, speculative design, supply chains and sexual healthcare provision, lashing down over-caffeinated flailing into the grit of socio-technical systems.
I had the chance to see Georgina speak a few months back at Lighthouse Arts and it was terrific. She is the perfect fit for this year’s dConstruct—she really is living with the network.
Rolling with the punches.
August 21st, 2014
Improving accessibility on GOV.UK search | Technology at GDS
Alice Bartlett shares her experience of getting aria-live regions to work in a meaningful way.
August 20th, 2014
Watching 2001: A Space Odyssey. Again.
My favourite film of all time. Every viewing reveals something new.
Modern pop songs retold as Shakespearian sonnets.
Jeremy Keith on the importance of creating products that last | netmag | Creative Bloq
I was interviewed for a feature in issue 257 of net magazine.
In this interview, I pause. And continue.
Security for all
Throughout the Brighton Digital Festival, Lighthouse Arts will be exhibiting a project from Julian Oliver and Danja Vasiliev called Newstweek. If you’re in town for dConstruct—and you should be—you ought to stop by and check it out.
It’s a mischievous little hardware hack intended for use in places with public WiFi. If you’ve got a Newstweek device, you can alter the content of web pages like, say, BBC News. Cheeky!
There’s one catch though. Newstweek works on
http:// domains, not
https://. This is exactly the scenario that Jake has been talking about:
SSL is also useful to ensure the data you’re receiving hasn’t been tampered with. It’s not just for user->server stuff
eg, when you visit http://www.theguardian.com/uk , you don’t really know it hasn’t been modified to tell a different story
There’s another good reason for switching to TLS. It would make life harder for GCHQ and the NSA—not impossible, but harder. It’s not a panacea, but it would help make our collectively-held network more secure, as per RFC 7258 from the Internet Engineering Task Force:
Pervasive monitoring is a technical attack that should be mitigated in the design of IETF protocols, where possible.
I’m all for using
https:// instead of
http:// but there’s a problem. It’s bloody difficult!
If you’re a sysadmin type that lives in the command line, then it’s probably not difficult at all. But for the rest of us mere mortals who just want to publish something on the web, it’s intimidatingly daunting.
It’ll cost you <$100/yr plus a half-hour of server reconfiguration. I don’t see any excuse not to.
…but then, he also thought that anyone who can’t make a syndication feed that’s well-formed XML is an incompetent fool (whereas I ended up creating an entire service to save people from having to make RSS feeds by hand).
Google are now making SSL a ranking factor in their search results, which is their prerogative. If it results in worse search results, other search engines are available. But I don’t think it will have significant impact. Jake again:
if two pages have equal ranking except one is served securely, which do you think should appear first in results?
Google will be promoting SSL sites above those without, effectively doing the exact same thing we’re upset about the lack of net neutrality.
I don’t think that’s quite fair: if Google were an ISP slowing down
http:// requests, that would be extremely worrying, but tweaking its already-opaque search algorithm isn’t quite the same.
Mind you, I do like this suggestion:
I think if Google is going to penalize you for not having SSL they should become a CA and issue free certs.
I’m more concerned by the discussions at Chrome and Mozilla about flagging up
http:// connections as unsafe. While the approach is technically correct, I fear it could have the opposite of its intended effect. With so many sites still served over
http://, users would be bombarded with constant messages of unsafe connections. Before long they would develop security blindness in much the same way that we’ve all developed banner-ad blindness.
My main issue—apart from the fact that I personally don’t have the necessary smarts to enable TLS—is related to what Ashe is concerned about:
Businesses and individuals who both know about and can afford to have SSL in place will be ranked above those who don’t/can’t.
It’s already too damn complex to register a domain and host a website. Adding one more roadblock isn’t going to help that situation. Just ask Drew and Rachel what it’s like trying to just make sure that their customers have a version of PHP from this decade.
I want a secure web. I’d really like the web to be
https:// only. But until we get there, I really don’t like the thought of the web being divided into the haves and have-nots.
There is an enormous opportunity here, as John pointed out on a recent episode of The Web Ahead. Getting TLS set up is a pain point for a lot of people, not just me. Where there’s pain, there’s an opportunity to provide a service that removes the pain. Services like Squarespace are already taking the pain out of setting up a website. I’d like to see somebody provide a TLS valet service.
(And before you rush to tell me about the super-easy SSL-setup tutorial you know about, please stop and think about whether it’s actually more like this.)
I’m looking forward to switching my website over to
https:// but I’m not going to do it until the potential pain level drops.
For all of you budding entrepreneurs looking for the next big thing to “disrupt”, please consider making your money not from the gold rush itself, but from providing the shovels.
August 19th, 2014
CSS Guidelines – High-level advice and guidelines for writing sane, manageable, scalable CSS
Harry has written down his ideas and recommendations for writing CSS.
The shoebox - a manifesto for transmat.io
Glenn eloquently gives his reasons for building Transmat:
When I was a child, my brothers and I all had a shoebox each. In these we kept our mementoes. A seashell from a summer holiday where I played for hours in the rock pools, the marble from the schoolyard victory against a bully and a lot of other objects that told a story.
Listening to my brother being interviewed on Irish radio about his crazy running:
August 18th, 2014
The adventures of @BillT in Brighton.