Category Archives: Feature

The Evolution of Web Development for Mobile Devices

Posted on by
Reply

Building Web sites that perform well on mobile devices remains a challenge.

NICHOLAS C. ZAKAS

The biggest change in Web development over the past few years has been the remarkable rise of mobile computing. Mobile phones used to be extremely limited devices that were best used for making phone calls and sending short text messages. Today’s mobile phones are more powerful than the computers that took Apollo 11 to the moon, with the ability to send data to and from nearly anywhere. Combine that with 3G and 4G networks for data transfer, and now using the Internet while on the go is faster than my first Internet connection, which featured AOL and a 14.4-kbps dialup modem.

The Evolution of Web Development for Mobile Devices

 

Related:

Making the Mobile Web Faster

Mobile Media: Making It a Reality

Mobile Devices in the Enterprise: CTO Roundtable Overview

 

Making the Mobile Web Faster

Posted on by
Reply

Mobile performance issues? Fix the back end, not just the client.

KATE MATSUDAIRA

Mobile clients have been on the rise and will only continue to grow. This means that if you are serving clients over the Internet, you cannot ignore the customer experience on a mobile device.

There are many informative articles on mobile performance, and just as many on general API design, but you’ll find few discussing the design considerations needed to optimize the back-end systems for mobile clients. Whether you have an app, mobile Web site, or both, it is likely that these clients are consuming APIs from your back-end systems.

Certainly, optimizing the on-mobile performance of the application is critical, but software engineers can do a lot to ensure that mobile clients are remotely served both data and application resources reliably and efficiently.

Making the Mobile Web Faster

 

Related:

Usablity Testing for the Web

Mobile Application Development: Web vs. Native

Streams and Standards: Delivering Mobile Video

Hazy: Making it Easier to Build and Maintain Big-data Analytics

Posted on by
Reply

Racing to unleash the full potential of big data with the latest statistical and machine-learning techniques.

ARUN KUMAR, FENG NIU, AND CHRISTOPHER RÉ, DEPARTMENT OF COMPUTER SCIENCES, UNIVERSITY OF WISCONSIN-MADISON

The rise of big data presents both big opportunities and big challenges in domains ranging from enterprises to sciences. The opportunities include better-informed business decisions, more efficient supply-chain management and resource allocation, more effective targeting of products and advertisements, better ways to “organize the world’s information,” faster turnaround of scientific discoveries, etc.

Hazy: Making it Easier to Build and Maintain Big-data Analytics

 

Related:

The Pathologies of Big Data

Condos and Clouds

How Will Astronomy Archives Survive the Data Tsunami?

 

A Decade of OS Access-control Extensibility

Posted on by
Reply

Open source security foundations for mobile and embedded devices

ROBERT N. M. WATSON, UNIVERSITY OF CAMBRIDGE COMPUTER LABORATORY

To discuss operating system security is to marvel at the diversity of deployed access-control models: Unix and Windows NT multiuser security; Type Enforcement in SELinux; anti-malware products; app sandboxing in Apple OS X, Apple iOS, and Google Android; and application-facing systems such as Capsicum in FreeBSD. This diversity is the result of a stunning transition from the narrow 1990s Unix and NT status quo to security localization—the adaptation of operating-system security models to site-local or product-specific requirements.

A Decade of OS Access-control Extensibility

Related:

Building Systems to Be Shared, Securely

ACM CTO Roundtable on Mobile Devices in the Enterprise

Extensible Programming for the 21st Century

Rethinking Passwords

Posted on by
Reply

Our authentication system is lacking. Is improvement possible?

WILLIAM CHESWICK

There is an authentication plague upon the land. We have to claim and assert our identity repeatedly to a host of authentication trolls, each jealously guarding an Internet service of some sort. Each troll has specific rules for passwords, and the rules vary widely and incomprehensibly.

Password length requirements vary: Dartmouth wants exactly eight characters; my broker, six to eight; Wells Fargo, eight or more. Special characters are often encouraged or required, but some characters are too special: many disallow spaces, single or double quotes, underlines, or hyphens. Some systems disallow certain characters at the beginning of the password; dictionary checks abound, including foreign language dictionaries.

Rethinking Passwords

 

Related:

Security – Problem Solved?

Building Secure Web Applications

LinkedIn Password Leak: Salt Their Hide

 

Thinking Methodically about Performance

Posted on by
Reply

The USE method addresses shortcomings in other commonly used methodologies.

BRENDAN GREGG, JOYENT

Performance issues can be complex and mysterious, providing little or no clue to their origin. In the absence of a starting point—or a methodology to provide one—performance issues are often analyzed randomly: guessing where the problem may be and then changing things until it goes away. While this can deliver results—if you guess correctly—it can also be time-consuming, disruptive, and may ultimately overlook certain issues. This article describes system-performance issues and the methodologies in use today for analyzing them, and it proposes a new methodology for approaching and solving a class of issues.

Thinking Methodically about Performance

 

Related:

The Price of Performance

Performance Anti-Patterns

Thinking Clearly about Performance

 

Splinternet Behind the Great Firewall of China

Posted on by
Reply

Once China opened its door to the world, it could not close it again

Daniel Anderson

What if you could not access YouTube, Facebook, Twitter, and Wikipedia? How would you feel if Google informed you that your connection had been reset during a search? What if Gmail was only periodically available, and Google Docs, which was used to compose this article, was completely unreachable? What a mess!

<a href=’http://queue.acm.org/detail.cfm?id=2405036′>http://queue.acm.org/detail.cfm?id=2405036</a>

Browser Security Case Study: Appearances Can Be Deceiving

Posted on by
Reply

A discussion with Jeremiah Grossman, Ben Livshits, Rebecca Bace, and George Neville-Neil

It seems every day we learn of some new security breach. It’s all there for the taking on the Internet—more and more sensitive data every second. As for privacy, we Facebook, we Google, we bank online, we shop online, we invest online… we put it all out there. And just how well protected is all that personally identifiable information? Not very.

The browser is our most important connection to the Web, and our first line of defense. But have the browser vendors kept up their end of the bargain in protecting users? They claim to have done so in various ways, but many of those claims are thin. From SSL (Secure Sockets Layer) to the Do Not Track initiative to browser add-ons to HTML5, attempts to beef up security and privacy safeguards have fallen well short.

Browser Security Case Study: Appearances Can Be Deceiving

 

Related:

Java Security Architecture Revisited

CTO Roundtable: Malware Defense Overview

Building Secure Web Applications

Condos and Clouds

Posted on by
Reply

Constraints in an environment empower the services.

PAT HELLAND, SALESFORCE.COM

Living in a condominium (commonly known as a condo) has its constraints and its services. By defining the lifestyle and limits on usage patterns, it is possible to pack many homes close together and to provide the residents with many conveniences. Condo living can offer a great value to those interested and willing to live within its constraints and enjoy the sharing of common services.

Similarly, in cloud computing, applications run on a shared infrastructure and can gain many benefits of flexibility and cost savings. To get the most out of this arrangement, a clear model is needed for the usage pattern and constraints to be imposed in order to empower sharing and concierge services. It is the clarity of the usage pattern that can empower new PaaS (Platform as a Service) offerings supporting the application pattern and providing services, easing the development and operations of applications complying with that pattern.

Just as there are many different ways of using buildings, there are many styles of application patterns. This article looks at a typical pattern of implementing a SaaS (Software as a Service) application and shows how, by constraining the application to this pattern, it is possible to provide many concierge services that ease the development of a cloud-based application.

http://queue.acm.org/detail.cfm?id=2398392

 

Related:

Fighting Physics: A Tough Battle

Commentary: A Trip Without a Roadmap

CTO Roundtable: Cloud Computing

 

The Web Wont Be Safe or Secure until We Break It

Posted on by
Reply

Unless you’ve taken very particular precautions, assume every Web site you visit knows exactly who you are.

JEREMIAH GROSSMAN, WHITEHAT SECURITY

The Internet was designed to deliver information, but few people envisioned the vast amounts of information that would be involved or the personal nature of that information. Similarly, few could have foreseen the potential flaws in the design of the Internet—more specifically, Web browsers—that would expose this personal information, compromising the data of individuals and companies.

If people knew just how much of their personal information they unwittingly make available to each and every Web site they visit—even sites they’ve never been to before—they would be disturbed. If they give that Web site just one click of the mouse, out goes even more personally identifiable data, including full name and address, hometown, school, marital status, list of friends, photos, other Web sites they are logged in to, and in some cases, their browser’s auto-complete data and history of other sites they have visited.

http://queue.acm.org/detail.cfm?id=2390758

 

Related:

Browser Security

Security In The Browser

Cybercrime 2.0: When The Cloud Turns Dark