OpenID Intro

OpenID is quickly becoming 'the next big thing', and so I had to take a closer look.

The goal of OpenID is to provide an open framework to allow end users to control their own authentication process, and use it anywhere. This is similar to what Microsoft's Passport, or the Liberty Alliance tried to do. These systems both failed because no one really wanted to trust their information to a single (or group of) controlling entities.

The difference with OpenID is that you can use ANY OpenID server to manage your authentication. A simple example. Many sites offer OpenID credentials. You sign up there and get a URL that is YOU. Let's say Then when you log in to, you specify as your login. will then redirect you to to authenticate. Once you do, you are returned to and are logged in.

This is pretty interesting, but I think one of the advanced features are much more interesting. If you own your own URL (say,, you can use that as your login. All you have to do is edit the HTML page to specify what OpenID server and login to use. So, I could edit to login using This allows me to maintain a single identity over time but use different OpenID servers as I see fit.

One major component is that you can't trust that just because someone has an OpenID that authenticates, that you really know anything. It seems like it would be very easy to setup an 'open relay' server that would authenticate any URL. So if you want to collect a 'known good' email address during registration for a website, you still have to manage that yourself. You can't really trust any data from the OpenID server that you can't verify yourself.

It will be interesting to see how this develops, and I'm going to try to find some more time to play with it and see how hard it is to implement an OpenID server.

Podcasts,, and How Size is Relative.

I was listening to the latest TWiT podcast (92) and also came across a post on Vallyewag about The combination of these two drove me to comment.

First, I am a fan of podcasts. Whether it is BattleStar Galactica, TWiT, or the Java Posse, they keep me entertained as I commute to and from work.

On the TWiT podcast, there was a group of podcasters and video bloggers talking about various topics related to the subculture. One interesting point was when Leo mentioned that most podcasters find that they can't really break a peak audience (measured as downloads) of about 200k-300k. They went on to talk about how international their audiences are. When you break that down, it is actually a VERY SMALL number of Americans who consume this type of media at all, let alone a specific podcast. Contrast this with what one of the callers (yes, the podcast has callers) talked about. She does her own podcast, and was struggling with the growth of her audience from 7 to 700. For most people, this is a huge number of people to be interested in you and what you have to say. The caller was concerned about how to deal with this notoriety. The guests talked about how they started to be concerned about what public information they had posted online, etc. but continued to say that they all had pretty good experiences with their fans and enjoyed their mini-fame.

Podcasts are both huge and tiny at the same time (whereas this blog is mostly just tiny). I think this is cool, but it will be relegated to something that is done for fun, and not profit for a long time to come. Leo was very up front about the struggles that he has with his podcasts (he has more than 10 in his network) getting sponsors. Leo is a 'famous' personality who used to host a TechTV show and now has a nationally syndicated radio show. He is an industry guy who is a known quantity. However, his (big) audience is still way too small for advertisers to pay any real attention to. If you want to reach millions of people, negotiating deals for 200k at a time is very time consuming (which translates to expensive). I think many semi-popular websites also struggle with this as they become too popular to manage part time, but are not big enough to really attract advertising dollars outside of a network.

On to

I think they Valleywag article nails the phenomenon pretty well. It is another illustration of how big something can be that < 1% of Americans ever know about, and how crazy we are. Why are people so fascinated with the minutia of individual's lives? The Valleywag article makes several great points including how we've been here before (JenniCam) and how cruel everyone can be, when you take what we say in 'private' and expose it to the world. I have to admit, I'm tempted to go check out, but so far I'm holding strong.

Of course, this blog is my own vanity project that I hope will propel me to fame and fortune, so take all of this with a big grain of salt.

Socket over HTTP (SOHT) Java Client 0.6.1 Released

I released a new version of the Java client for SOHT today.

The goal of SOHT is to provide a simple tool that enables all types of socket communication through an HTTP Proxy server. This tool is useful for users who are behind a restrictive firewall and wish to access external servers that use protocols other than HTTP.

This release fixes a bug that prohibited the Java Client from using ports higher than 32767.

I want to thank Danilo for finding and fixing this bug. A great example of Open Source development at work.

Learning Google Web Toolkit (GWT)

As I mentioned my post about Guice, I'm finally motivated to start playing with code again.

Based on how cool Guice seemed, I figured I should finally take a look at GWT and see what it was all about. First, it is certainly different from writing any other web application. There is some very cool stuff. You can very quickly and easily write JavaScript style logic in actual Java. That is a great improvement over anything else.

One issue I found out of the gate was the CSS support. I found a post documenting CSS in GWT that is helpful. However, it appears that all instances of Button use the same class (gwt-Button). After a little digging I found the addStyleName and setStyleName methods. This allows you to assign a CSS class name to any object to allow it to be styled in CSS. This alleviates some of the fears I had about having too much of the look/feel in your code.

It took a little while for me to digest the fact that the Java code I was writing would be compiled down to JavaScript. When you start a GWT project, there is a x.y.z.client package, that will contain Java files that will be compiled down to JavaScript. The issue I had was that I figured I would make calls to 'real' Java files here to load my initial data for the page (just like in a Servlet, JSP, etc.). Of course, this isn't allowed. You must create a web service like class on the server and make a RPC call from your client Java to the server code. This all makes sense, but takes a bit of time to sink in when you start hacking away. It also ads a layer of indirection as any 2q objects you pass between the service and client must also live in the client package and not contain any code that can't be compiled down to JavaScript.

The biggest conclusion I've drawn, and probably the most obvious, is that GWT appears to be really good for building web applications with a very small amount of pages. If you look at gmail or Google Reader, these are obvious model applications. There is heavy use of AJAX, keyboard interaction, and other rich navigation. Gmail/Google Reader are heavily data driven, but the data is all the same type (email, blog posts). GWT is certainly something I will keep in mind for future projects, but it is a very specific 'hammer' for a very specific use.

Juiced about Guice

In my day job my coding time has become pretty limited. I've also recently been pretty uninterested in 'The Newest Thing'.

That all changed (for an hour) today as I downloaded and began to play with Guice. Guice is a dependency injection framework (similar in concept to part of Spring) from Google. It allows you to write self contained modular code that is easy to unit test, and 'clean'.

I found an hour or so to play with Guice yesterday to read through the user's guide and build a quick prototype. As I found myself working through the features, I had an overwhelming desire to go build something with it. It rekindled a fire.

This certainly isn't a comprehensive comparison of Spring and Guice, or a claim that Guice is th end-all-be-all, but I found its use of Annotations, Generics, and concise and flexible configuration code to be very interesting. It was certainly a much more exciting experience than when I first sat down with Spring's dependency injection code (and its XML).

It is limited to JDK 1.5, which I think is GOOD. Yes, it wouldn't work for everyone on every project, but as we learned from Apple, forcing people to upgrade and abandoning backwards compatibility can produce much exciting results.

On a larger note, I'm very excited to see Google start make major contributions to Java and Open Source. The Google Web Toolkit is still on my list of things to play with, and Guice has certainly moved up on my tinker list. I'm off to make up a project to generate an excuse to use Guice. Maybe I should finally do JES version 2.

Trapping User Data

Matt Cutts has a great post about how Google doesn't trap a user's data.

I think this is part of what makes Google so attractive. If you contrast this post with the ongoing tussle over office document formats (ODS versus Microsoft's Open XML). Part of Microsoft Office's dominance has been their ownership of the default format.

Microsoft isn't the only (or even worst) offender here. I've been recently frustrated by the closed data system of Adobe Elements, and the lack of a document tagging/category system in general. Vista has gotten some heat (I think Jon is correct that there isn't an obvious right/wrong) about how Vista has 'corrupted' some image files by writing tag data into their meta data.

Apple is another offender. My ongoing effort to maintain the ability easily export your Playlist data from iTunes is to compensate for a feature that really should exist in iTunes. At least they made the data relatively easy to access (XML).

I also noticed Matt's post didn't touch on Picasa. Google isn't perfect, and a lot of their existing sharing is for data that has well established formats (Email, Calendar, Docs, etc). Maybe we need a unified approach for Image tagging/categorization.

Reverting to the Airport Express

I recently bought a D-Link DSM-320 media player. The device plugs into your TV/Stereo and streams music, video, and pictures from another PC. Overall, it works reasonably well. My first step was to remove the default server software and install the open source TVersity server. This software allowed me much better control over what media to share and seemed to support a lot more formats.

I unplugged my Airport Express that I had been using to serve music, since the DSM-320 provide that and more.

After using it this way for a while, I plugged my Airport Express back in. Both functioned fine actually playing music. However, I found the Airport Express much more enjoyable to use to select what was playing. With the DSM-320, I had to use a normal remote and the TV as a display to select the music, etc. This worked OK, especially if I wanted to play a specific playlist. However, if I wanted to play a specific song, it was significantly faster to open up my laptop and use iTunes to navigate my music (which automatically connects to the Airport Express).

So I now have both plugged in, because I do like to have the option to stream videos to my TV. I've found that I've never really used the photo option. For music, I only use the Airport Express.

Is this a single win for Apple in my household, or the beginning of a wholesale takeover. Only time will tell...

Photo Managment

One of the issues I struggle with is how to manage all of our digital photographs. I really like to have all of my stuff organized and I currently use Photoshop Elements to manage our digital pictures.

The problem I have is that this is installed on our desktop computer (with the BIG hard drive). All of our pictures and digital video are stored, organized, and edited here. However, my wife also likes to have a copy of the pictures, and often downloads them to her computer, and adds her own organization. However, her laptop hard drive won't scale, and I don't really want to have two separate organizational methods.

Ideally, I'd just have her use the desktop computer to download and organize, but I've tried that approach and failed.

I'm not a huge fan up uploading all of these pictures into 'the cloud', aka Flickr, etc. I guess this would work, but I'm concerned about having our own local copies, in original format, etc.

What I really want is to be able to have her run Photoshop Elements on her computer against a shared drive and manipulate the same library. I'm not sure how happy Elements would be if I tried to do this.

Does anyone have any better ideas? What works for you?