Simplicity of communication rules, so I’ll just answer directly.  NO this really isn’t a good thing unless you are quite careful or you make some of your living as a security consultant.

The bottom line with JavaScript based Web services is that if you include remote script in your page it can OWN you.  The very nature of JavaScript is that it can rewrite your objects as it likes.  That is it nature it isn’t a security flaw.  Futher it has quite a few ways of communicating and can leak information out quite easily from history and cookies and maybe more.

In the Ajax book we demonstrated the security concern with JavaScript being mistrusted over and over.  If you haven’t seen a demo here is a parasitic JavaScript binding on to your underlying XMLHttpRequest object that powers everything and watching your data.   If you pull in remote script it can do these kind of things and worse.  This isn’t a tech flaw, this is a trust flaw on your part as a developer.

Given the nature of JavaScript and how it is generally employed you should have extreme trust with any remote source be it linked script, retieved code or even fetched JSON packets.  Unfortunately that just isn’t the situation in most cases.   We talk all about the features in new Firefox but it takes until the very bottom this cold bucket of water is acknowledged.

A Note on Security

In general, data requested from a remote site should be treated as untrusted. Executing JavaScript code retrieved from a third-party site without first determining its validity is NOT recommended. Server administrators should be careful about leaking private data, and should judiciously determine that resources can be called in a cross-site manner.

So read that carefully you should determine validitiy before using script from 3rd-parties, but here is the rub, is that going to stay constant?  If you look once and then just use what’s to say that source doesn’t change or gets owned and then owns you?  Absolutely nothing unless you are monitoring the script for changes with some proxy.  Great idea, almost never done.

Don’t get me wrong.  I like new features and in fact am pro Web service, but the reality is that you are given implicit and significant trust here.  Even with just data pass back people have seen interesting hacks overriding the GETTER/SETTERS for array values.  In short even pure data responses have issues unless they are carefully wrapped.  Mix in the dynamic nature of JavaScript and it is a recipe for disaster.  Trust is the concern and you should not trust implicitly.  Further you should be minding your store lest you get owned by what Web service you link to or script you include.

I am certainly not the only one who sees this and can’t say that this type of alarm ringing is novel.  In fact we have been down this path before.  Flash supports similiar technology using its CrossDomain.xml file and folks like Jeremiah Grossman clearly pointed out that out in the wild quite often it is done wrong and in many cases quite wrong.  Now that Firefox and other browsers are supporting it natively I think we are going to see an explosion in cross-origin calls before there is a retreat as quality and security problems explode.  Though that isn’t all bad, you do usually have to exercise something to shake out the problems, just be careful!

So if you have written any significant amount of (X)HTML you likely have had an occasion to insert a special character using a named entity like   or © or maybe even as a numeric entity like     and © which are equivalent to the named entities presented. Dealing with these entities isn’t fun but they are relatively predictable and looking them in a book or online with a chart or even a nicer tool isn’t that hard. However, there is a bit more to know than you might think, you see writing a “Complete Reference” I get to look very closely at things and uncover lots of interesting little oddities.

Entity Case Sensitivity?

Question: Are character entities case sensitive?  Answer – mostly, er…kind of?

Don’t you hate such nebulous answers in something that should be well defined.  Test © and © in most browsers it will will likely render exactly the same. However, case insensitivity isn’t always the case. Consider À (À) and à (à) really are two different things.  Even in the cases where there isn’t something similiar case will matter, for example, £ will render as £ while £ will render as well £

Case sensitive!

So we should assume case sensitivity, but what is going on, which entities are case sensitive and which aren’t?  Well roughly the pre-HTML 4 are not likely case sensitive while the post-HTML 4 entities are.   HTML 5 tries to formalize this whole mess and documents that &  © < > " ® and ™ can be written either way but nothing else.  Roughly save the trademark these are as I said the pre-HTML 4 named entities and even that could be argued since it used to sit inappropriately in a charset no-mans land in ASCII 127-159.

Victory – a small detail knocked down for HTML 5 and an important syntax point that a quick perusal of HTML books (mine included) has gone completely unnoticed for a decade.

Entity Parse Problems

So when we mess-up markup like forget a tag or don’t close a quote we see the browser parser “fixing” things for us, albeit sometimes wrongly.  Well it turns out that this also holds for entities.  For example, given this &QUOTE; entity which is clearly a typo for " it will render in one browser as it gets fixed and not in most others.  No bonus points for guessing – yes IE blows it.

IE fixing entities for me?

Interesting they may actually be trying to be somewhat correct in their automatic insertion of the trailing ; in the entity.  If you read the specification there is some suggestion that problems be rectified.  However, the decision of how to fix an error in a predictable and consistent manner, well that isn’t agreed upon.  [ Take a peek at the HTML 5 spec chaos for more info]  On that note a very big change with HTML 5 will actually be to indicate what should happen in case of syntax errors.  I guess if you can’t beat syntax into the heads of the masses you might as well codify how their nasty “tag soup” should taste.

Explorer Fully Gets Entities-Finally!

Finally Internet Explorer supports all the common entities

It Ain’t Over Yet

Year after year I seem to meet Web developers and students who think that just over the hill the green grass and blue skies of standards land awaits.  Well kind readers such optimistic thinking may help you sleep at night but after doing this for quite some time it is clear to me that even with specs there are simply implementation mistakes and well market forces that will make this unlikely any time soon–if ever.  Need some proof?  Well even in entities which are much improved in browsers lots of little quirks exist, especially when we consider that Unicode is and has been here.

How about a unicode entity?  Do those work?  Maybe sort of, well not really, gotta go numeric otherwise it just spells out.

The fun continues with entities in Unicode!

Even then once you insert the entities you might wonder what they are going to look like.  Consider the friendly snowman dingbat here in a variety of browsers.

The Unicode snowman revealing the differences in browser entities

Happy or sad, with hat or not, buttons, or snow our little dingbat shows that making little details the same across all browsers is about as likely as building a June snowman in San Diego.  Not to spoil the ending of the book, but every chapter and appendix keeps showing the more things change, the more they really do stay the same.

IE8 retains data for some sites

It appears that Microsoft has made an interesting assumption, end users are ok with preserving their tracks with bookmarked “friends,” but certainly not various sites they may occasionally visit. I guess the idea here is that because you have favorited the site you have committed to a more long term relationship and thus saving a cookie for easy login or cached files for fast render is ok? Seems a bit suspect to us, at least Redmond could have started with an opt-in for this rather an than opt-out.

While we use these shortening services in some Internet mediums because we must it is questionable the value of the keyboard character conservation services when you really consider their motivation and overall costs.

Twitter Revives URL Shorteners

URL shortening services simply didn’t matter much until recently. Just helping people deal with email messages that had URLs that didn’t wrap lines or similar occurrences in message board posts wasn’t much of a motivator. However, add Twitter to the mix and what is old well becomes new again.

Twitter’s 140 character limitation in today’s semantic SEO focused linked naming world is too restrictive. Your tweet can say “Here is a cool URL: http://big.old.url.here/that/goes/on/and/on/and/on” and then you are out of space. URL shorteners save us!

<SNARK>
Why build around a 140character limitation? Are we trying to communicate by fortune cookie message!?! A tweet with a long URL brings shame to your family!
</SNARK>

Beyond snark we do use bit.ly, tinyurl.com and others URL shorteners is a pure function of the limitations of Twitter. Take that limitation away (which should hopefully happen sooner than later) and the relevance of these services goes bye-bye.

Some may argue that the succinct nature of the 140 character thought bursts is good to ensure focus, but regardless of your stance on the limit why Twitter doesn’t add this feature itself as it is obviously needed and it doesn’t force users to use third parties is curious.  Probably Twitter is more focused on finding a good business model, so this is farther down on the list.  Regardless of who provides the service there are a number of interesting observations that can be made about shortened URL and their providers.

Keywords and Hashes

So the URL shortener takes our URL and makes it something like http://tinyurl.com/d4xd2u.  Cryptic yes- hash values like d4xd2u aren’t meaningful, they’re just short. If a shortened URL was http://tinyurl.com/shorturls then you might have value in balancing path length with meaning.  However, won’t a lot of other people want that URL then too?

Well in some cases we can actually make our keywords if it hasn’t been already taken.  For example, for this article I got http://tinyurl.com/shorturlpost

Of course this custom keyword is now taken, too bad anyone else who might want this.  So now we’ve just reinvented the idea of AOL Keywords.  We want a special “Go” word that is used in the URL or browser that gets us right to the object of interest rather than a nasty long URL.  It is a good idea, but it is not a new idea.

Networds, URNs, and a multitude of other name ideas that would aim to make the URL a short keyword system.  The current crop of shorten the URL services doesn’t do this (YET) nor does it even get the basics right. First consider if you are going to shorten or keyword URLs you really need a better domain name for the service.  TinyURL.com really isn’t that tiny and Bit.ly really isn’t a good obvious name.  Better candidates:

• http://go.com – ABC owned portal that isn’t doing much
• http://go.to – already doing something kind of like this but not right

Here we are 5 and 4 chars with some semantics in play.

Take the same idea and keep going and we get our second idea, a new TLD (top level domain) just for this duty.

• http://go/KEYWORD
• http://keyword/KEYWORD-HERE

Challenge with this is getting new top-level domain names going is a long process and frankly why do we need this?

The best idea really is to get the browser vendors to put this concept in a browser directly.  DNS would be to IP addresses as the keyword system would be to URLs.  Look up the special keyword resolve to the site.  Problem – we’ve tried this before.  Everyone wants to own this because it is a potential money minting business to sell keywords off it rather than cryptic hashes.  Do a Web history search lots of failed attempts here.  This is a hard problem, not technically – socially.  Everyone must accept this is the new way.

Watch Where You Are Going

Well putting aside the possibility for more meaningful shortened URLs, let’s discuss the simple problem of getting dumped to something unexpected (http://tinyurl.com/2w4apm).  Yes if you typed or clicked that you got Rickrolled.  Of course getting some poppy 80s video in your face is hardly a worry, you might find yourself following a Tweet to a Viagra ad or worse yet a drive-by malware site.  So with short URLs you can’t tell where you are going so now we need a preview URL.

A preview URL like http://preview.tinyurl.com/2w4apm now takes us to a page that reveals what the actual URL we are going to go to is. Try it in another window and take a look. Of course that doesn’t help too much but at least you know you are going to YouTube now so maybe your guard is up.  So now we have saved some characters and added some clicks to got to the verify page and verify the URL by providing what the real URL actually is!?

The concept of needing a preview URL really is kind of odd because no URL really can tell you what you are about to go tp.  Even if you see a URL like http://IamASafeSite.com/intendedPage/ what’s to keep that from being redirected to something just as bad as what a shortened URL?   The answer – absolutely nothing.  Every time you click any link you are taking that chance but likely it seems getting to know what the site as the shown destination you trust it is safe.  This hiding of destination is of course the same scheme phising uses.  What makes the cryptic short URLs bad is that you have no clues of good versus bad links at all, thus the preview URL introduction.

They’re Watching Where You Are Going

When you shorten a URL to save a few bytes you generally give away data about your readers and their interests. Most 3rd party short URL services track traffic to various URLs that are shortened or use advertising which similar may track as a way to offset the cost of the provided service.  Via link redirection the URL shortener obtains insight into a volume of Internet traffic but at the same time they become a critical link of Internet linking as well.

If a URL shortener service has problems lots of Internet links particularly in the Tweet-o-sphere have problems. Link consolidation to bounce off someone allows for observation and creates points of failure that don’t need to exist on the Web. In short links on the whole are more reliable when dispersed not aggregated.

Certainly one might argue that it is nice to get some statistics on what people click on. Some of the newer redirecting services provide this openly, but the question is should they and do you need them to get this data. The answer is it depends on where and why you use short URLs. In Twitter you needs these folks, outside Twitter you can easily do this yourself with a little JavaScript.

A simple JavaScript can be written to attach to outbound links and send a little request to your server when the link is clicked.  Simply attach an onmousedown or onclick handler to monitored links.  With this scheme you can fairly predictably watch people bounce away from you without a “site in the middle.” For a demo and example source take a look at http://ajaxref.com/ch2/recordlink.html.  The demo is quite basic and the scheme it employs is fairly widely used, check out the Google link result page with an HTTP monitor and you will see it employed.  The point being is that don’t assume you have to give away traffic data to a 3rd party to gain insight, you just don’t.  Then again most of us do so massively with Google Analytics, Google Toolbar, etc. willingly so what’s a little more info disclosure between Web 2.0 friends?

Summary

You probably have to use URL shorteners if you Twitter because of the 140 character limit in play but we should understand the following:

• These shortened URLs are currently not meaningful or SEO benefiting because of cryptic hashes

• These shortened URLs are worse for security because of easy destination masking

• These shortened URLs have privacy concerns as we share user traffic with a 3rd party

• These shortened URLs are less resilient than standard Web links because it consolidates and 2 parties the link

Not to long ago Thomas and I were chatting toward the end of the day, this included the normal rantings about the web, Lost, Macintosh, social media, viral videos and the like. We eventually got to a recent topic in the art community surrounding Shepard Fairey and fair use. He created an illustration of Barak Obama, and the Associated Press sued him, because Fairey used a photo from the AP as the basis of the portrait.

Now discussing this issue Thomas started to elaborate on his endeavors into the “nerdkore” art style. This movement is focused on using tech and computer influences in the art itself. This can range from an oil painting of Mario or a mixed media computer keyboard that has been smashed to bits. Many of Thomas’ efforts seemed to beg a similar fair use question Fairey had encountered since often ideas were sampled in the new piece.

One thought lead to another, homage, new administration, annoying computers, some sketching and fooling in Photoshop around – suddenly it’s art collaboration time!

Paragraph IV: A New Hope

Because the “HOPE” poster was on the mind of everyone and Thomas had just had yet another as he calls them “Vista Moments” time to bust another nerdkore piece this time Fairey style.

Like Fairey’s OBEY campaign, we figure REBOOT is what we Windows users dutiful do. We are subservient to the system, unable to change as our friendly sweater clad overlord makes a few more bucks.

Rebooting is command of what we must do, but packaged a bit better as you see it is the Aloe Vera of the computer world. Rub a little on, all better now.

User: “My system is doing X” (where X is something not appropriate)

IT/Support/Computer Person: Did you try a reboot?

Nothing wrong with that, it is life. You just need a little computer Aloe. Maybe they have one for other arenas, call the auto mechanic.

User: “My car won’t work, it’s doing X”

Mechanic: “Did you try to turn it off and on?”

or

Mechanic: “Did you take the gas in and out?”

or

Mechanic: “Did you remove the engine and put it back in?”

The equivalent of the “reboot” advice really doesn’t work offline but for some reason it does online.

We put up with a lot – 10 minute start-ups, grey screen, swirling circle, 5 minutes gone yet again! Blue screen of death! We must obey, we dutifully reboot,

Thomas, and now Joe, just had another Vista moment. We laugh a bit. We can’t stick it to the “man” but now we do have a nice satirical picture of Bill looking friendly and smiling in his sweater. He comforts us with a helpful hint (or is it an order?): REBOOT.

Enjoy it makes a great desktop.

1280×1024
1600×1200
1680×1050
1920×1200

]]> http://blog.pint.com/2009/03/12/bill-gates-says-%e2%80%9creboot%e2%80%9d/feed/ 0 http://blog.pint.com/2009/03/06/customer-disservice-internet-style/ http://blog.pint.com/2009/03/06/customer-disservice-internet-style/#comments Sat, 07 Mar 2009 02:49:12 +0000 Thomas http://blog.pint.com/?p=338 For some organizations a Web site is a great way to cut down on customer service costs. Put up an FAQ, add a message board, create self-service documents, and more to reduce calls, emails, and other costly communications. However, at the end of the day humans are on the other end of that HTTP request and sometimes they really do want to talk to you so if you don’t there may be a cost involved.

For many sites finding a real person to talk to is quite difficult. In the offline world most folks have figured out to dial zero when in voice mail purgatory, but what to do when you are in Web contact limbo? You could start guessing emails like help@companyname.com, info@companyname.com, etc. and pen your question. Very likely this is going to go into a black hole or even bounce. Instead you likely click around looking for the contact section of the site which in many cases isn’t that easy to find. Hopefully they have a form, maybe they have email address(es) but rarely do they have a phone number or details about the names of live people. Anyway you take what you get contact wise, send away and hope for the best. Often times this doesn’t produce much and unless we were really miffed or interested it is a lost chance for contact. Sorry to say this seems not the exception as it should be but more often the rule.

As an example of the contact process recently I had enough negative energy built up to want to contact Hulu.com because they decided to lock out my Boxee software on AppleTV from accessing their video. Aside: AppleTV becomes quite a bit more interesting if you have more video on demand like Hulu on it, interesting to the point of being a "wow I want that" type of device from any visitor to my household.

I figured I ought to let Hulu know that I basically went from a non-vaguely aware user to a big fan to a non-fan in about a 30-day span. I thought knowing that kind of cycle existed might be useful or at least satisfy my frustration with them. So off I went found the contact form by digging into support and then discovered a list of emails (http://www.hulu.com/support/contact) A brief message (not a rant at all mind you) letting them know my concern and click. Away my message went into a black hole I figure maybe to do good maybe not. Oh well, I felt better screaming into the cyber cloud so all is well.

What I got an email back a few days later and from a real person! The main thing – I’m surprised by this. Mind you it isn’t some heartfelt missive, it mentions a link to a blog and had some form letter parts to the exchange, but there was also apparently someone who took 30 seconds to add a few sentences and provide their contact info too. Suddenly my view of Hulu went from faceless company to company trying to deal with changes probably from growth and well just challenges of running a business. Hulu Rating: +10.

Interestingly I then realized that for some reason this basic communication with an online organization was an exception to me and I do lots of things online. I simply was conditioned to expect customer service quality issues and impersonal communication even from the best of Web sites. From Amazon, to Ebay, to Google, and beyond I realized that I generally wasn’t treated in a personal human manner like I was in every non-Internet thing I did. In comparison I realized airline counter people offered real customer service value the majority of the time!?

I started thinking much deeper about the times I had tried to contact newspapers online (you know the dead tree ones), government agencies, various retailers, and so on. Mostly I hadn’t gotten much interaction at all. In some cases some form letters a few looking into it whatever the problem or question was, but mostly no interest, vague responses and very little follow-up. I thought some more and I considered it wasn’t a size issue either, the biggest Web brands seemed the worst and while the small ones did better it wasn’t always and when they got it bad they got personal. Web 2.0 people would likely say that with community this will change, I’m not so sure, but let’s hope so.

I figure something else is going to be the change. A simple understanding that Web communication concerns really do have consequence. Reality Check: THE Web IS THE REAL WORLD. When I am on the phone that is real. When I am on the Web that is real. When I am in person that is real. Sure there is communication difference but it is still real – no special rules when we get into the world of reality.

Case in point of the rules of the real world intruding on cyberspace today I read about Google and some fellow who sued them successfully. I consider that as much as I love Google they too are mostly a wall of nothing to me. Just recently my other firm tried to contact some known Googlers directly about something one of them brought up and silence nada. It had and always was for me par for the course. The expected contact reaction online…mostly bad.

I realize that in fact that while I love using Google product, when I interact with them outside of that it was mostly poor. As a writer to the PR group or helping my customer with search appliance issues it wasn’t generally not so good. They weren’t the only ones many of the Web age firms seem to require payment or the calling of personal favors to get good customer service.

Big sites online should seriously consider what it would it cost to have a customer care center. Even a bad one would be better than what most have. How does the offline world like Wells Fargo have one, Amex have one, and so on. Come to think of it most of these old organizations that service millions of people do but it seems similar level Web sites don’t? McDonald’s and Starbucks show that the monolith can have customer care even for very low end transaction costs so don’t give me the scale argument it doesn’t hold.

Prediction: the days of getting away with this level of Web customer service are going to be over soon. Call it recession rule #1 – customer service does matter people can go elsewhere or just not buy as much.

The thing about the Google article that struck me the most isn’t the right or wrongness of the fellow’s claim. It is that well he is a customer for better or worse and he wasn’t treated like one. In many cases such issues go away with just an explanation. No doubt you can’t make every customer a happy one, but if you don’t at least engage them you are going to make trouble for yourself quickly. Why this is so hard is beyond me.

I do not propose a Web 2.0 solution with everywhere engagement as
to monitor all Twitter channels, Blog posts, message boards for most people is in a word – ludicrous premature. Most site owners at this point can’t engage customers in any arbitrary setting quite yet. Instead first you must be responsible if they come to you and say “look I need help” or “I want to be heard.” As it is now clear to me despite claims otherwise by Web 2.0 consultants really quite few sites actually do this.

Even the best of the large folks online like Amazon really are pretty dehumanizing when compared to offline activities and they just shouldn’t be. Jeff Bezos does a good job compared to most with his firm but they don’t do a great job and they should. Consider when the failing big banks still have better customer care than profitable online sites there is still a major disconnect. No need to deal with the Twitterati or even the Facebook masses yet just get your site contact methods right and have a real human send something back setting expectations and follow-up. Who knows a phone call might even be in order! Where things are today you do that alone and you’ll surprise someone who uses the Web quite a bit and probably amaze those who don’t.

Unfortunately information aesthetics are far from undestood and often its aims fly in the face of the information. As an example of the constant strain between motivating image and informational value let’s tackle the tough problem of visualizing the Internet.

We can start with a simple idea – a map. The “tubes” of the Internet are still fairly physical, be they undersea cable, satellite link or phone line we can and plot their start and end points. Focusing on the major backbones of the Internet we can build at least a high level understanding of the net. Adorning a wall at PINT we see just such a map from a few years back.

Bandwidth Lines on Paper

Though over the years this type of map has become a bit more colorful and pleasing, it hasn’t really become more informative. If you want a poster for yourself (www.teleography.com). Note that if you want some hard data to back what the map is saying up be prepared to drop $5,000 though.

Now the challenge with paper maps based upon even the most well researched data is that they don’t change easily. As infrastructure changes the map needs to be redrawn. Further they can only show a limited amount of data at once and can do nothing to address that which changes real time – enter real time visualization.

A significant concern with visualizing the Internet is the simple question of from what vantage point can you map it? Obvioulsy no single Internet provider, backbone vendor, etc. has insight into everything easily but the larger the footprint the more interesting the image, thus let’s explore one of the larger footprints online – Akamai who in fact provides a visual real-time Web monitor Here we are looking at network attacks plotted on the world map.

Akamai Network Attack Status

So apparently there are attacks going on in the US, eastern Europe and parts of Asia mostly. We are averaging 110 attacks for this day which apparently is just shy of normal. But what does this mean? What actually is an attack? Is it a Web application attack? If so they are off by maybe a factor of 1000-times or more. Is it some network traffic denial of service attack? is it a bot net on a rampage? No easily found data at least on the visualization reveals this.

Large visual points of interest attract the eye, but do they inform the brain? For example, what does the large red explosive dot in China mean? Is China getting malware bombed or is it dumping such garbage out, sadly the later is more likely but neither is clear. This graphic is quite pretty but frankly it doesn’t really say much that is helpful.

Now looking at traffic it is moderately more interesting.

Akamai Traffic Visualization US

Southern California is clearly pushing some traffic right now. Of course this seems an interesting picture particularly if you are from the area pushing traffic, but it might be a lot more informative if it had time of day or sun indications on it.

You see there is a clear reason that Europe is low traffic right now. If you check the time here on the snapshot and adjust time zone wise it is the middle of night there. Pretty safe guess is that you wait maybe a few hours and retake the picture and presto traffic appears in Asia and west coast and is very low on the east coast. A few hours pass and yes here you have it.

Akamai Traffic Visualization Asia

So this does tell us some things but mostly it reveals that indeed the citizens of the world sleep and they stop using the Internet at that time. Maybe if we plot Twitter traffic we might not find this truisim for a certain class of Web user, but most fall in to time tested Circadian Rhythms.

Looking further at more visualizations of Akamai we can look at real time traffic and media usage.

Akamai Real Time Traffic Levels

Here we learn that there are over 800,000 video/audio streams going on with most of it on demand, but some live streaming.

Also we see 5 million hits per second with nearly all of it from North America (again with the night time thing). What these hits are is clearly variable – a pixel.gif or huge Dreamweaver.exe downloads who knows. We also see there is nearly 60 million visitors per minute. I guess that roughly makes sense if you do some back of the envelope math. So like many Web analytics metrics we have a number big or not, but now what?

Numbers can be interesting particularly when compared to other numbers that are bigger or smaller, so let’s go back and look at the historical data to get a sense of what is going on for comparison purposes. Unfortunately here we find very little data. A roll of the orange box reveals a high/low point of the month but there isn’t much else.

History shows little

So if these visualizations are a guide the Internet really does have something in common with the Matrix, you can’t really know much about or even see it, but it is in fact all around us.

Why this is so much about JavaScript and not about stats is quite odd.  Literally every day I am hearing something along these lines.  Some surprise discovery that if I replaced the word C or C++ for JavaScript you’d say of course or that’s obvious or bordering on insanely obvious but for some reason such observations are new because it is JavaScript.

JavaScript is just a programming language and it is one that is here to stay for some time.

No!  Say it isn’t so you must call it an ugly hack, gripe about, deny its popularity, say it is underpowered, not OOP like in the true sense, too incompatable between browsers or any other talking point you can find.  Make sure to tell everyone because people will eventually see the light…they’ll realize something else must be better maybe Java maybe Python or Ruby maybe C# or even F#, what about Haskell.  Now those are real programming languages, tough guy/gal ones, real deal appropriate languages!

Ok I see that you are right. If only we had those languages in browser we’d be set – everything would be fixed and that awful JavaScript would die a horrible death or be used only by foolish designers.  You know what I see that logic now, come to think of it I don’t even understand how people even write in English it too is so awful.  If only we had English 2.0 I personally wouldn’t have so many typos.  You see English 2.0 makes everyone spoke all proper like.  Ain’t no trouble figguring out your thinkings in English 2.0.   English 2.0 is better than all them other funny 1.0 languages like Japanese, Chinese and Spanish you can write yer thoughts in it and those other languages ya just can’t.

Ok that was thick but you see how lame this thinking is about programming languages or spoken languages.  The language simply really isn’t the issue–it just isn’t Doug Crockford and the rest of you – it is what is being done with it and how it is thought about.  You can be a lousy or great coder in any language! Frankly I don’t see nearly as much influence of language on this as people seem to state.  I agree JavaScript has its problems but so do other languages like C even.  Problems or not, JavaScript won the client-side battle- game over. So it is time to get on the JavaScript bandwagon and treat it right.

Say it slowly first quietly JavaScript is actually a programming language – now louder it is a REAL PROGRAMMING LANGUAGE.  What does that mean?  Well it means it has bugs!  It means that you can’t learn it in one day or something.  It means that you should comment it, use appropriate style, do unit tests, write documentation for it, address exception handling, on and on and on.

So flame away composing your messages in JavaScript powered Gmail and please BCC the Google Tech department they need the “clue-in” email as well.

Now I am not just plugging for a friend here, I had a direct hand in this effort writing the Ajax Optimization chapter (read it and see). I can say this book has some great material well beyond my efforts.  Obviously my interest in Ajax which is certainly an emerging and increasingly important part of modern sites is obvious. I think the Ajax optimization topic is well covered here and contains some details not covered in my main Ajax book. Yet don’t take my involvement to suggest that this book is solely a Web performance book, it’s much much more.  For Andy optimization is about far more than speed but performance in findability and navigation, organic search, PPC, and more.  He’s right, speed may kill sites but so does a lack of traffic.  So head over to Amazon and pick up a copy or take a look at a few of the secrets we provide freely.

-Thomas

Ok lame isn’t really a very useful review so let’s get specific.  First the launch of this property is very un-Google like.  Apparently they have server or software problems as it takes what seems like an enternity to load anything.   In many cases you may never actually log in properly instead you get to hang out in an empty virtual space with a message that just says “Joining Room” Apparently this is a “software problem” and after many re-installs we did verify that indeed you can get in.  The message board traffic at Lively and elsewhere suggest that Google is busy ruining its brand with people all over the world who were very excited to try a Virtual World and had lots of problems–at least Google admits to this.

So once in you can find a SecondLife style system without as much obvious customization.  Likely there is but it certainly isn’t immediately obvious.  Sorry using canned furniture and avatars isn’t what most people think when they think customization.  Because of this likely apparent limitation you see most folks running around with the same avatar which is kind of weird.  Yet regardless of this issue, like SecondLife there is just the question of why?  You look at the people in here and room after room they seem to pop-in say Hi and then pop-out.

Ok to be fair chatting does happening and there was sex chat going on but really this whole experience reminded us of software a decade old in 2D called The Palace.

Hopefully the virtual world creating part of Lively will get a whole lot better because right now it is just chat with pictures, and with the chat not so lively the pictures better be a whole lot cooler if they want to really want to build “cyberspace” Google style.  For some reason I think WoW is more likely to evolve that way than Lively is – time will tell.