Posted by knorby on May 5, 2010 under Android, Apple, Linux, coding, facebook, firebug, firefox, flash, google, internet, javascript, media, mozilla, rants, video | 
First off, I hate flash. I use linux, and I have a netbook; I know very well how bad it can suck. For reasons beyond my comprehension, flash audio just breaks occasionally on me, including in AIR. On top of that, I have done a lot more web app development in javascript in an attempt to push browsers to their limits than I ever have flash. Aside from Sound Manager 2 (which doesn’t really count), I think the last time I did everything in flash was flash 7, so aside from some side knowledge, I know very little about flash. I really hope HTML5 is successful, but I don’t think it is a direct replacement for flash, no matter how much Steve Jobs bullshits. Here’s why:
Content Control
In the mad rush to move any web video over to flash, a serious point has been overlooked. Youtube may be able to set up backends for HTML5 video formats, but can Hulu? It is possible to save hulu apparently, probably though some strange use of rtmpdump, but from what I could see, those methods were convoluted at best. The question comes down to how something like Hulu, which must have ads on each video to survive, use something other than flash. I know from experience that ad block can stop the streaming of hulu ads, but hulu forces a longer black screen on you otherwise. I haven’t looked into the specifics of what goes on in the whole process, but it is safe to say that it is easier to restrict how content is handled on flash than the standard browser environment. The problem comes down to this: if uncompiled code is sent to clients, the client has the final control on how content is rendered. I wrote up a now broken approach to eliminating some facebook ads with simple css in firefox a while ago, but such approaches have only become more widespread. Site owners are starting to take notice of things like ad block, and some take serious offense. Facebook went as far to send a C&D to a firefox extension that modifies facebook rendering, of course they are pretty evil at this point (I am thinking of deleting my account, but that is a different story). I predict that in the near future, the question of how clients are allowed to modify the rendering of content will become a central issue to many web apps. The simple truth is that a compiled flash swf provides better code security than javascript obfuscation by several magnitude. Both on the front of audio and video and on just general content, flash provides content control that a browser just can’t match.
Standards are Slow to Adapt
If you have been following any of the debate over H.264 vs. Ogg Theora (better format vs. open), something will be apparent: content hosters have a bad deal. Which standard will prevail (probably H.264)? Is it worth doubling the number of videos to accommodate firefox? The questions go on. When flash introduced video, it was simply a matter of “run this version” on all platforms. The thing with browsers is that they are big projects. Chrome, which doesn’t even have the task of maintaining a full rendering engine, suffers from problems already as a result of being too big. I submitted a bug to Chromuim about 6 months ago for an SVG issue in the developer tools; I submitted the same bug to firebug first, and what I have seen says a lot about chromium. The firebug issue was tagged (for triage) on the same day I submitted it, and the fix was in a beta 4 months later. It took 3 months for chromium to do what it took a day for firebug to do (look at it), and all I have seen in about 6 months is a couple extra tags, and a few irrelevant comments. Mozilla is quicker with firefox bugs, but it is also safe to say that chromium has focused more on performance. These stats don’t even consider the number of developers on each, many of which professionally work on firefox and chromium, which can’t be said for firebug. I am not trying to raise questions in how open source development goes, but once HTML5 features lose focus, what will happen with bugs? What will happen when a better video standard exists? You can’t just fix standards; that’s why javascript and css are what they are. There is something to be said for keeping stuff in third party apps.
Maturity
Flash games have a special place. Traditional games don’t fill that niche; mobile games can’t fill that void; the truth is that it will take a while for javascript + canvas to substitute. It is a new technology, and one with interesting potential, but it is new, not mature. You can’t expect normal flash game developers to all of a sudden start writing stuff for the pure browser, especially when it gets harder, not easier. That doesn’t even consider SVG+javascript, which is actually a more near equivalent of flash, and even as that is more widely deployed, I will just say that it is even farther from being in a real production state. I wrote a web app on it, and I encountered, and still encounter, all sorts of weird browser bugs. To keep it short, it isn’t better to develop on an immature standard on 5 different platforms on 3+ different OSs than flash.
Conclusion
I think there are a lot of pros and cons in both directions of Flash vs. HTML5, and I hope and think that HTML5 will take over many of the uses of flash now. I think my defense of flash is rather incomplete, and my love of the browser environment is hardly expressed. Regardless, java, flash, or other plugins have served as the innovators of new approaches for a long while, and there is something to that. I hope third party methods don’t disappear, as I think the web ecosystem will suffer as a result.
I realize this post was mostly a rant, so if you have anything to add, please leave it as a comment, or send something to me.
Posted by knorby on February 25, 2010 under Python, app engine, facebook, fortune, google, internet, privacy, wave |
I started writing this post while Google Wave was still pretty new, but it has been out for a while and half forgotten. It is still in closed preview, but it shouldn’t be hard to find an invite if you want to check it out. As I mentioned in my last post on wave, I wrote a quick fortune bot for wave. The bot got a decent bit of use at first, as many people played around, but now use has dropped to almost nothing. Based on my own use, I figured early on that most of the use was from 1 or 2 real people interacting with a bunch of bots. I tested and confirmed that with the data google records by default.
Google App Engine, on which all bots must be hosted, by defaults logs any request and any error. A bot can register a number of different events, which will trigger a request to the bot. In the request, the state of the wave is contained in a json format. The log files can easily be downloaded, and the json easily parsed. From that, you see everything. You see the addresses of everyone, you see what has been entered, even if it doesn’t relate to the events of the bot. As far as I am aware, no TOS or privacy agreement exists that covers the use of this data, and even if it were, the most nefarious uses still would be silent.
By putting data on any web app, you put yourself up to the same risks and invasions. The google ads in gmail are targeted at you for a reason after all. If you are using gmail though, it is a safe belief that google will be the only one other than you to see your data. A bot could be maintained by anyone. Facebook apps are a decent comparison. I have looked at the API a couple times, but my understanding is even with the permissions a user can grant or deny, apps get to see a lot. A fair bit of criticism has been made of this platform, but it is very safe to say the privacy structure in place on bots is much worse. Aside from the lack of permission controls, would you use something like facebook apps on your e-mail or google docs (to the extent that makes sense…)? I hope not.
A wave user has a somewhat unique problem here. If a bot provides a useful service to a particular use, and the wave for this use is private, should you use it? That isn’t a question anyone should have to ask. The question of “put this data in this web app or not” is one thing, but you shouldn’t have to worry about using a pivot tables tool on an online spreadsheet, which is essentially what is going on with bots here. There isn’t really way to distinguish what is a good bot vs. a bad one either. If I wanted to snoop on people on wave, I would write a useful bot, and no one, google included, would be the wiser to what I was doing with the collected data.
I don’t think there is an easy way to fix bots as they are. Anonymous search results aren’t really that anonymous, and I would guess wave data would be much worse. The problem isn’t that App Engine logs requests; the problem is what wave sends. If you consider the data in a wave in anyway private, I would recommend against using bots.
Posted by knorby on August 5, 2008 under coding, css, facebook, firefox |
I posted something previously on blocking social ads in facebook with greasemonkey, where I came to the conclusion incorrectly it could not be done with css. I apparently remembered what “! important” did in userContent.css and userChrome.css; I read “! important” as “not important,” but it aparently means the opposite, and overrides any webpages css. I corrected my post on userContent.css and userChrome.css customization as well. Stupid logic. Anyway, if you add the following block into your userContent.css file, you should be able to block most annoying stuff on both the new facebook design and old.
@-moz-document url-prefix(http://www.new.facebook.com/) {
.sponsor, .invitefriends, .findfriends, .gifts_received, .pymk, .social_ad, .adcolumn{
display: none ! important;
}
}
@-moz-document url-prefix(http://www.facebook.com/) {
.sponsor, .invitefriends, .findfriends, .gifts_received, .pymk, .social_ad, .adcolumn{
display: none ! important;
}
}
There may be a way to combine these two, but I don’t know the more mozilla-internal css well enough to know. If you use facebook, most of these should be clear. I blocked gifts, as I find them annoying, and I am glad to just not be aware of them. I also blocked the person finding features like “people you may know” (‘.pmyk’) or the email search things. I also blocked ads of course. Facebook seems to have to idea that everyone will love ads if they are more specifically targeted at you, based on data they have on file. I can’t stop them from doing that (other than by closing and deleting my account), but I shouldn’t have to see ads if I don’t want to IMHO. Also notice that the new facebook design and the old one use the same css classes for everything; the redesign isn’t that extensive apparently.
Posted by knorby on March 3, 2008 under coding, css, facebook, firefox, internet, javascript |
Update: see my post “Fixing Facebook with userContent.css” for a corrected and more extensive way to go about this. There are some stupid errors in this post that lead me to use a bad approach, but the greasemonkey script should still work.
I am not a huge fan of ads. I say that somewhat hypocritically as adSense proudly barfs somewhat random ads out on this page, none of which I really expect will ever click on, but that is besides the point 
. Anyway, I can normally block ads with adBlock, but social ads are trickier. Every social ad div has for a class:
feed_item clearfix social_ad
Each one is a seperate class. They do some trick so it is hard to override with a page wide css that doesn’t take out everything, so userContent.css and similar tricks are out. I ended up brute forcing it and writing a greasemonkey that does the job.
Download it here: hidefacebookfeedadsuser.js
Update: There is another class used as well. If I remember correctly, instead of social_ads, its ad_capsule with everything else the same.
