Ready or Not, Adaptive-Image Solution Is Now Part of HTML

The web needs a more intelligent way to serve images.

No one wants to waste bandwidth sending large images over limited mobile pipes, but everyone wants images to look good on the myriad screens connecting to today’s web. Currently web authors use a variety of hacks to (incompletely) work around this problem, but to really solve it the web likely needs new tools.

Unfortunately, thanks to miscommunication between standards bodies, web developers and browser makers, instead of a solution to the image problem what developers got this week feels more like a slap in the face. Eventually an adaptive image solution will likely emerge, but the real lesson for many developers will be about how the standards process works and how they fit into it, if at all.

MORE: http://www.webmonkey.com/2012/05/ready-or-not-adaptive-image-solution-is-now-part-of-html/

While platforms like Blackberry, iPhone, and Android have for some time had  the ability to browse to and present conventional websites designed for desktop browsers, much of the ‘action’ for early adopting companies has focused on the native application scene — where users go to an official download ‘store’ to get their free and paid apps which are then downloaded and stored on their mobile’s internal storage. Because such native apps typically have access to a fairly complete application programming interface (API), they can manipulate parts of the phone (like the camera or storage systems). Of course, with power comes responsibility resting on the back of developers — as well as a potential for paranoia or at least a certain amount of nervousness about granting such apps access to all the personal info stored on their phones.

That — combined with costs, time delays and other difficulties in native getting apps approved by various platform gatekeepers — has opened the way for app-like mobile-centric pages with features optimized for mobile platforms. There may not be access to the working innards of the phone — but that may actually make users feel considerably more confident.

And then there’s the hassle factor. If your company wants to create a mobile gateway app to their public facing online services or for basic promotional/informational purposes, which sounds like a more streamlined process: trying to persuade the user to go to the app store for his device, search through thousands of competing apps, find your app, confirm it’s really what they want, confirm any permissions you have to grant to the software to run, download it, and finally run it  – or give them a simple URL, QR code, or search keyword that they can point their phone browser to, automatically loading the web app. No need for multiple sites or apps, just write your web app once in standard HTML5 code and serve all modern platforms. When you need to update, no need to push updates out or hope that your users will approve the update.

Of course,  without a full device API,  there are very real limits to what a web app can do — but many of those limitations will be unlikely to be of great concern to many enterprises who, after all, aren’t angling to be the next Instagram but simply want to serve and inform customers and potential customers.

But even those limitations will will be easing as web standards continue to evolve and provide us more access to generic mobile device features, as this article from .NET Magazine suggests…

The age of mobile web apps dawns

The Java language at the heart of Oracle’s intellectual property claims was created by Sun Computing and put into Open Source long ago. Oracle bought Sun, many would suggest, in order to gain control of Sun’s trove of patents and other intellectual property, including patents underlying Java and MySQL, the Open Source database system that has come to be a preferred platform on the web (presumably much to the chagrin of high-end database system provider, Oracle).

Patents on techniques and features have a long tradition in the software world — but one of the most interesting aspects of this case is Oracle’s controversial assertion that copyright can be applied to the application programming interface of a language. This is seen as a potential way for Oracle to be able to reassert proprietaroy control over intellectual properties like Java and MySQL that had been put into Open Source by prior owners.

In this Forbes guest post, Oren Michels, CEO of Mashery, an app branding firm working with 150 major brands, lays out some of the most profoundly troubling considerations…

Oracle Vs. Google And A New Kind of Patent Troll

New targeted Mac OS X Trojan requires no user interaction

First, don’t panic.

But… it is cause for concern that there is yet another ‘drive-by’ malware attack on the Macintosh’s OS X operating system — fresh on the heels of the massive Flashback infestation that created a ‘botnet’ (robot network or zombie-net) of over 550,000 Macintoshes that had been taken over by that Java-related malware. Particularly troubling in that case was the fact that even though Java publishers Oracle released a fix for the vulnerability in January, it took Apple more than two months to implement the fix and patch the OS X system.

(Apple elects to handle updates to their Java engine themselves. Which, obviously, created a long window during which the malware was able to spread to over a half million Macs — the greatest penetration — as measured by percentage of a given computer platform — ever.)

Part of the problem for Apple is that they coasted on what they claimed were their laurels with regard to security for so long. OS X, they insisted, had almost never been the target of a large, succesful attack — even stretching so far as to claim that was because of ‘superior security’ on the Mac’s OS X. Sadly, that last  is simply not true, as MacWorld’s own Rich Mogull pointed out last year when he stated that Windows 7 was more secure than OS X — to the predictable howls of Mac evangelists.

Now, of course, with Flash back — the most ‘successful’ penetration (measured by percentage) of any modern OS ever — there’s little rational argument that OS X seriously needs the kind of security overhaul that Microsoft performed on Windows — in particular the ‘anonymization’ of critical OS code libraries. Windows now uses what amounts to a dynamic naming system to ‘hide’ critical OS components from malware, which has proved very successful. Mac security specialists like Mogull have been urging Apple to do the same and it appears that they have, indeed been working to bring OS X up to contemporary security standards.

Flashback removal info: http://www.macworld.com/article/1160098/macdefender.html

MacWorld doesn’t have news of this newest Mac trojan, currently known by the euphonically challenged names, Backdoor.OSX.SabPub.a and  SX/Sabpab-A — but ZDNet is on the tip with this article on the latest set of threats (same as linked at top of article)…

http://www.zdnet.com/blog/security/new-targeted-mac-os-x-trojan-requires-no-user-interaction/11545

From the article…

The remote C&C website appears to be hosted on the free dynamic DNS service onedumb.com. Interestingly, the IP address in question has been used in other targeted attacks (known as Luckycat) in the past. This particular attack may been launched through e-mails containing a URL pointing to two websites hosting the exploit, located in Germany and the U.S.

The Trojan may have been created on March 16, 2012. It was compiled with debug information, meaning analyzing it wasn’t hard, but more importantly this seems to suggest it is not the final version. You can check for infection by looking for the following files:

/Library/Preferences/com.apple.PubSabAgent.pfile
/Library/LaunchAgents/com.apple.PubSabAGent.plist

The Java exploits appear to be pretty standard, but have been obfuscated using ZelixKlassMasterto avoid detection by anti-malware products. The low number of infections and its backdoor functionality indicates that it is most likely used in targeted attacks.

UPDATE on FLASHBACK:

Despite Apple’s release of a removal tool and OS patch last month, there are still about 270,000 Macs in the Flashback botnet: http://www.zdnet.com/blog/bott/apple-releases-flashback-removal-tool-infections-drop-to-270000/4775?tag=content;siu-container

Here Come Tablets. Here Come Problems.

From DWUser, who publish the XML Flash Slideshow and Easy Rotator tools:

Stop the Thieves! Strategies to Protect Your Images

The company had announced 4Q net income of about $15 million on revenue of $506.5M. But a revelation of faulty accounting accompanied a revised revenue figure of $492.2M — for an operating loss of… $15 million

Groupon Discloses ‘Material Weakness’; Stock Falls Aftermarket

Easy come, easy go. Only, of course, in this case, it’s mostly going.

The obstacles to greater Apple presence in enterprises are varied, but five stand out: 51% of respondents cited the absence of OS X and iOS versions of critical applications (there are 500,000+ apps, just not the right ones); 36% cited lack of internal Apple expertise and disinterest in cultivating that knowledge; 34% cited difficulty integrating Apple users with Active Directory or other authentication systems; 27% said Macs and iOS devices are too expensive; and 27% said Apple’s devices are too difficult to centrally manage.

Information Week: New iPad And Enterprise IT: Exclusive Research

First, in case you haven’t read the papers in the last 24 hours, a thumbnail overview of the Cebull brouhaha: Judge Cebull, appointed to the federal bench in 2001 and chief judge of the district of Montana since 2008, received a “joke” in an email from his brother that suggested that President Obama was conceived as the result of his late mother being involved in group sex that included animals.

Naturally, the judge decided to share this delightful bit of wit with his friends, so he sent the email to seven individuals he has described as “old buddies.”  He included his name in the email. His “old buddies” then apparently proceeded to forward the email — complete with his signature — to just about everyone in Montana governance and politics with an email address.

Suffice it to say, the judge — who has apologized “if people were offended” [we'll have an upcoming article on crafting effective and credible apologies at some future date] –  will be unlikely to be able to dig himself out of the avalanche of calls for his resignation — but if he does, he will surely go down in history with a particularly ugly cloud over what was apparently once a “good name.”

We’ll leave Judge Cebull to the historians for now, but this is an excellent time to review your organization’s — and your own, personal — email and social media policies.

Formulating an Acceptable Internet Usage Policy tailored to the specific needs of your company is something you should pursue carefully, but here are some considerations and recommendations:

Why does my organization need an AIUP?

Studies suggest that as much as 30 to 40% of workplace internet use is not work related. Another study has provided evidence that 70% of internet porn viewing occurs during typical business hours. Another study has suggested that over 35% of employees admit to surfing the web for entertainment continually while at work. Unauthorized, non-business-related internet use costs American business over 1 billion dollars a year. And, of course, cases like that of Judge Cebull demonstrate the dangers of unmonitored or out-of-policy email use.

Basic guidelines for formulating an effective AIUP

Acceptable uses for organization email and intenet resources:

•  Communication with fellow employees, business partners, and clients appropriately based on an individual’s assigned responsibilities.
• Gathering or sharing information related to the performance of an individual’s responsibilities.
•  Participating in professional development activities. Depending on your organization’s situation and requirements, this may be extended to educational activities related to professional performance.

Allowing other uses of your orgnaization’s email, social media, and other internet resources should be carefully weighed.

For instance, as a manager, you may wish to allow your employees brief use of your organization’s internet facilities for limited private communication — much as one might permit a limited amount of personal telephone use.

But under no circumstances should you consider allowing the use of company email for strictly personal communications. Employees should be encouraged to use their own email accounts accessible via web browser  (such as Gmail, Hotmail, Yahoo Mail, and other web email services) for such limited, personal use during company hours.
And, of course, the content of those business — and personal — emails, as well as social media communications, should be carefully considered, as well. Written communications, as we all know, do not include the many non-verbal communication ‘hints’ that help avoid misunderstanding in face to face or telephonic communication. Without tone of voice and body language, a phrase or sentence that may strike the writer as utterly innocuous can, all too often, be misconstrued as having veiled meanings or references. It’s all too easy for a very small mis-communication to snowball into a very large problem — and large problems can have expensive or simply time-wasting consequences.

Adding to the potential for mis-communication  are the frenzied work styles of many harried workers and executives. A simple typographical error, when missed by careless or nonexistent proofreading, can lead to serious misunderstandings. Leave out the word not in the wrong place, and you could blow a mulit-million dollar business deal.

So, when Oracle bought Sun Microsystems in 2010 to acquire their open source projects, Java and MySQL, many in the developer community — and particularly the Open Source community — were gut-sick with worry that Oracle — not known for their lovability by a long stretch — would either destroy the project or proprietize it, removing it from the Open Source community’s loving embrace and charging big bucks for it. Indeed, Oracle did add several proprietary — and quite expensive extensions not long after.

Still, all in all  – and so far — things aren’t looking too disastrous.

In fact, recent changes announced by Oracle suggest that MySQL’s performance will be boosted substantially by changes Oracle’s developer’s have made to its codebase.

Wire: Oracle Turbocharges MySQL Database