I miss the web, when it was the web, and not a platform for building giant applications that require a more expensive computer to use, than to play a very complex 3D massively multiplayer adventure role playing shooter. Then, all I needed to find some information was a keyboard, a screen, and average cheap hardware. Now I need a multi-core CPU with 8GB of RAM, just to load and render some pages. REST feels sort of in the same boat as RISC was 10 years ago, right now.

Really. People. Get over yourselves.

Sexism is a two way street. And every time someone says "girls" it's not sexist. And no, I'm not defending one way or another. This latest stink about someone saying "I've a hard time explaining to girls what we do" was almost certainly not sexist. It was a generalization. Everyone makes generalizations, even girls. As software developers, it's a pretty simple fact. Out of all the people we meet in our line of work, the majority of females are less inclined to understand what we do exactly, than the majority of males. Is that sexism? No. Would it be called sexism by girls, were it to be stated by a female? No. Is it being called such because it was stated by a male? Yes. But in the end, it was a simple generalization based on the same experience we all have to deal with. And you know what... we need quit crying wolf, and deal with it.

But we don't all need to walk on eggshells every day of our lives, in every interaction we post on a blog, or every line we speak when giving a talk. That will never solve the problem. It will only cause more and different problems. Because the world isn't androgynous. It's not how the world works. So get used to it already. If someone does say something that you personally have taken offense to, then you need to deal with it in an appropriate manner. We're all adults here (well, mostly anyway). You should contact that person privately, and discuss the matter in a rational manner. Blogging and making a fuss about every little instance of the word 'girl' on the internet isn't appropriate, nor is it going to help. If either party cannot discuss the matter rationally, then perhaps the issue needs to be escalated in an appropriate manner. Twitter, blogs, or whatever other widely published means, are probably not appropriate, because they are inherently irrational. If you truly want to help put an end to sexism, then being sexist isn't the way to go about it.

Out of all the sexist people I've met in my life, the majority were female.

A couple weeks ago, I wrote a quick hack for myself and the Online Services team at Canonical, to help make doing reviews on all the projects we manage, much easier. It pulls the list of branch merge proposals for each project from Launchpad, and sticks them all in a nice list in a GtkTreeView, along with the number of votes, and what type of vote. As there was a lot of immediate interest in the tool from other people, I ended up creating a new project on Launchpad, and pushing the code to a public branch there, under the GPLv3. You'll find it at http://launchpad.net/lptools. I will probably be adding other tools soon as well, as every time I have to use a web browser, it slows my progress, and interrupts my ideal workflow. If anyone else has tools they'd like to have included here, or ideas for tools, feel free to propose branches which add them, or send me mail.

I'm not a fan of Python. But I chose to write this tool in it anyway, as I wasn't intending to make a real project out of it. It was just a quick hack to make part of my life much easier, until I can get around to writing something much better and more deeply integrated with the desktop. But the GTK+ bindings, and python-launchpadlib, made it very easy to hack this script up very quickly. I do wish there was a better way to do the authentication though. Opening a browser, and requiring the user to press "Enter" in the console, is an awful experience. But it works, and I only have to do it once...

Frankly, launchpadlib makes it very easy to not have to use the web... and in some cases, makes it better, since the Launchpad web UI doesn't expose all the features that are in the API.

We do the work, You do the pleasure

Hi there. I want to talk to you about ducts. Do your ducts seem old-fashioned? Out of date? Central Services' new duct designs are now available in hundreds of different colors, to suit your individual taste. Hurry now while stocks last, to your nearest Central Services showroom. Designer colors to suit your demanding taste.

A lot of people have talking about the social desktop, networked services, and similar stories lately. I guess the integration between computers and network services, which I had been talking about over 11 years ago, is finally catching on. Thanks to all the new smartphones, netbooks, and similar devices, designed to be on-line all the time, and the services people are providing for those devices, we're now trying to wedge the same integration into our outdated desktops. And it seems like nobody really wants to do what's best for everyone here. Having all the apps just use the same libraries to access the same data, and parse it separately, and have the user add their account to all the apps N times, just isn't going to make a good or useful experience.

This is where Central Services would come in. I've talked a little bit about it before, to a few people at UDS, and on IRC. I haven't had a lot of time to work on getting the ball rolling though. But I really want to get things going now, so that we can build a really awesome experience in the desktop, around all the services available, and that everyone uses daily. The goal is to provide a central system where all the plug-ins and configuration live. The user would then only have to add their account for any particular service once. The system would also provide transcoding features for data, taking the XML or JSON for example, and converting it to a common format that all the apps which are designed to display the data only have to actually deal with a single, defined, common format. Central Services however, would not be a data store. Rather, it is a central place for accessing your data from wherever it is stored. There would be a small, optimized local cache, perhaps, and we could integrate with indexing solutions, which may store the data, to provide more feature-rich search capabilities in the desktop as well. But the overall goal is to provide a simple, consistent means for accessing and managing your data. I've been thinking a lot about the problem over the years, and I think a modular, centralized system is the best way forward on the desktop with it. I've been trying to think of a nice way to design the API, with a good balance between being generic, yet powerful. The main API access will be via DBus, but there will be some C and Python convenience libraries as well. I'm not entirely sure what the best way to document the API, and get stuff rolling there is, but I'd love some help and feedback with it. If you're interested in making the desktop awesome, and helping define the API, and getting some working code up and out in the wild, please e-mail me and let me know, or poke me on IRC. You can e-mail me at the usual dobey on gnome.org or dobey on wayofthemonkey.com to get my attention.

A common API, accounts interface for users, and cross-service integration all over the desktop would be a huge win for everyone. Let's get together and make it happen.

Last night, Stuart and I were having a little argument about the merits of OAuth and whether it is actually suitable for what we are using it for (authenticating destop applications to access a service), as I am not particularly fond of it, and I was working on support for OAuth 1.0a. Stuart's argument is that user's trust the browser, and we need some piece of trust in the system, and OAuth provides that as it pretty much requires a browser to use it. But I don't really think users trust their browser (as so many don't even know what a browser is), but instead, what they trust is the site they're looking at. The browser doesn't even exist. It's just this inherent part of the system that you have to use. To most people it's The Internet, or the giant blue e, or a compass. The browser has no real meaning to them. It's the place they have to go to search for things, and access information. And Humans have two very important attributes. They are both very prone to error, and very resilient. People will keep going to the web, despite all its problems with poorly designed sites, and crashing browsers, and broken plug-ins, because they need to get at the information they're looking for. And they will very often type their password in the wrong place, or mistake a phishing site for a real site. No amount of code will fix this. And nothing that requires a Human to do something will guarantee security and authenticity. It will only create annoyances that Humans will optimize around.

As a specific example. I received a PayPal phishing mail in my Inbox this morning. It's a pretty nifty attempt at getting credit info, too. It includes an HTML form attachment, which POSTs to PHP script that was implanted on http://ag-exchange.com/, presumably by compromising either Apache, PHP, or some other module their server is using. It appears to be a simple script which just reads the POST data, and redirects the user to the PayPal About Us page. The HTML form requires javascript and has a little card number validation method it seems, to avoid getting bad data. The mail was sent to my alias on gnome.org, and apparently got sent by taking advantage of an SMTP relay with a broken configuration. Of course, the SMTP server may have also been compromised and just had the configuration changed to allow open relay as well, but I suspect it was probably just open already. And that mail server belongs to