Inferno's three rules of web design:

1. Use relative font sizes to allow all users to see the text if they are visually impared or for any reason like to have non-standard font sizes.
2. Use a fluid-width design but with a reasonable maximum limit to make sure those unenlightened who browse maximized don't hurt their eyes.
3. Do not require the use of JavaScript, applets, ActiveX controls, Flash or any other technology that your end users may not have. Requiring these things will just label users lacking them as outcasts.

1. relative font sizes
   a must if you're designing anything that isn't made to be printed. (and no, while a webpage can be printed, that is generally far from it's original intent) there are way too many combinations of resolutions, font usage, rendering methods and physical displays to say "12px aught to be enough for anybody".
2. fluidelasitc-width
   this is not as hard-and-fast as Inferno would like to think it is. There are valid reasons for using a fixed-width layout. However, they generally don't apply when you've got columned text. In that case: yes, elastic width is the clear winner.
3. JavaScript, ActiveX, Flash...
   Assume some of your audience does not always have these installed. Make it nice for those that do, sure. But with the popularity of NoScript (a plugin for Firefox to set up JS whitelists), and the ease of browsing the web on crappy displays (phones/PDAs/pagers) you've got to make sure that they can at least get your content without huge hassles.
   This means, that this rule should be extended, really. Go ahead and make those nifty-layouts and weird page designs. But make sure that there's something fairly simple for people that don't want to read your content that way. Something very flexible. Either by making sure your main layout is robust enough to work without colour, or with images off, and differing default colours. And, especially for the phone users, make sure that your pages semantically make sense: put your content at the top of the physical HTML, and navigation after, just in case everything isn't getting floated to a column off to the side because the screen's too narrow, or somebody is using a screen-reader. Yes, sometimes people need to browse web in lynx. And it's really not that hard to accommodate them.

I really like the way this quote sums up what people should be doing: (I'd just replace the word see with access) The objective of web technology is to enable all people from all over the world using different client applications to see the same content.

And hey, he even follows his own rules, on The Right Glue (but he missed rule 8: stupid names are stupid). It's a simple, but solid layout. And he even made an RSS feed, just for me!

If you don't know who Richard Stallman is, you probably haven't written much software. But that's okay, since the csclub does. They hosted a talk at the University of Waterloo on "Copyright and Community" June 6, 2007.

He first gave an introduction to the FSF, and free software in general. He then went over the four freedoms he uses to define if software is truly free. The supplied link definitely goes over it in more depth, but simply stated, they are:

• freedom 0: The freedom to run the program, for any purpose.
• freedom 1: The freedom to study how the program works, and adapt it to your needs. Access to the source code is a precondition for this.
• freedom 2: The freedom to redistribute copies so you can help your neighbor.
• freedom 3: The freedom to improve the program, and release your improvements to the public, so that the whole community benefits. Access to the source code is a precondition for this.

Stallman then went on to go through the history of copyright and copying technologies. His main emphasis was that we've gone full circle, with copying individually via pen and paper, to copying individually with a computer. The differences between these two periods is the expansion of copyright law. However, I will not summarize his summary of the history. If you want a good basis for this, I'd suggest a book that Jay just lent me Free Culture, which goes over this rather well. I'm sure the other usual sources would work well.

Stallman sees copyright law as a bargain between the public and the class of all potential authors, as negotiated by the government. Which, would work, if the large IP holders didn't have so much influence in the systems. It seems likely that, in the States, copyright terms are tending towards being infinitely long. No new works have entered American public domain since 1923 due to copyright expiration. Moreover, the Digital Millennium Copyright Act (DMCA), basically allows publishers to write their own copyright laws for each individual work, since it makes it illegal to break or bypass encrypted works. Thus, if something isn't allowed by the original software, then it broke the DMCA, and was illegal, even if it was "fair use".

He then continued on how he should see copyright re-negotiated. First, he outlined three categories of copyrightable works.

1. practical works, that is works that have a functional purpose and are used to do jobs (software, recipes, educational materials)
2. expressions of thought, such as memoirs, scientific journals and essays
3. arts and entertainment, for more typical copyrightable items, such as books, movies and music

So, for each category, there is a unique play between what the public needs and wants to do with the work, and protections the author should receive for making it.

For practical works, Stallman sees that all four freedoms must apply. In order to be in control of our own life actions, we need to be in control of the tools we use in our lives, thus all software should be open source, all recipes should be freely distributable, and educational materials should be redistributable to your neighbour. In general, I agree that having these freedoms are important, in the general sense. I'm less sold on the fact that the freedom to redistribute copies is necessary for my freedom of software use. But I think that would be debate for a whole other post.

For things where creating derivatives is less important, expressions of thought, (as direct derivatives of, say a journal gives only negative value), concessions to these freedoms must be made. So here, freedoms zero and two should apply.

Lastly, Stallman considered creative works. Books, movies and the like. Here a specific term of copyright, he argued, should be given. This term should be no more than 10 years. According to Stallman, this term should be as short as possible. He also argued that you should still have the freedom to redistribute unchanged copies to your neighbour. He depicted a gift economy for music in particular. Let individuals copy music (non-commercially) as much as they like from whomever they like, and if you could build a button into every media player that would give a dollar. His logic was that since the average person spends 20-40 dollars a year on buying music, and about 1 dollar of that 20 goes to the artist directly people would only need to press the donate button once or twice per year for as much music as they want to listen to. Since this system cuts out the middleman of distribution and promotion, it can also cut out the margins they receive. Then the monies could be redistributed to the artists from this pool of donations based on, say the cube root of their popularity, so that there's an effective cap that the popular artists hit.

I'm not entirely convinced that gift economies work, so I'm not sure how I feel on this. Likely, I'd see redistributions being handled much like our blank media royalties are here in Canada, with all the governmental efficiency we can muster. I also would see this as an almost impossible undertaking to become pervasive in the laws of large countries, making the system pretty much lip service. Assuming such a system for music compensation doesn't exist, however, was no point made upon. Otherwise, though, a shorter copyright term is a good thing to the public. Stallman noted that the average book is out of print in 2-3 years. So why does it need 120 years of copyright?

The talk was interesting. If you want to watch the whole thing, it will be available on the CSClub's media page. At the very least, I got to meet the man who wrote so many of the commands I use on a daily basis.

For those who don't spend their free time reading and listening to security and open source bloggers, you might not know what OpenID is all about. At it's simplest, it's a system for a distributed identity system.

What is a distributed identity system? It's the ability to ask the proper source if this person has access to this identity. Identity doesn't proove that this is a person, group of people, my cat or a bot. All it can do is proove that some requestor should be associated with this identity.

So what's new? You already have a distributed identity. However it's not tied together at all, (unless your username is unique enough to never be taken) so nobody would ever realize that this guy on Slashdot is that guy on delicious. It's protected by 50 different passwords. And there isn't any sort of way to say if you want to know more about me then go here. OpenID has all that. One password properly protects your access to all OpenID enabled sites, and since your OpenID is tied to your own blog, there's always a reference pointing back to you. That reference is something you own or trust somebody to maintain for you, taking more control of your own identity back for yourself.

In OpenID, identities are URIs. I can be qedi.videntity.org, infornography.ca, or sad_mcemopants.livejournal.com (if I had that login, which surprisngly doesn't exist). Which makes sense from a blogger perspective. You are your URI anyway.

So once you go to some site that allows you to log in with OpenID, you can throw in your blog URI. Then, some backend magic happens and some site talks to your blog, and determines your identity provider (which could be your blogging software, something you've written youself, or some other provider you want to trust) and sends you there. You log in with your idendity provider, and determine what information you want to give or deny some site. After all, it may be useful to let some site in on one of your secrets, like your location or contact information, if you think it is useful, and this way you don't have to enter it in yet again. Your provider will then pass that on, and you'll be identified with your blog URI to some site.

It makes things a lot simpler, especially with more and more people coming on board with OpenID. AOL has made your AIM id into an OpenId for you to use if you want. Microsoft has pledged support. LiveJournal, Wordpress and a whole lot of others already provide one to use. Sites are just beginning to utilize it. Technorati, Zoomr, and Imageshack with more to follow.

As it turns out, last Friday, the CBC ended up posting an article about Ubuntu adoption. It's pretty much what I tried to post last time.

And if you want to read about some humming and hawing about the article, benefits, drawbacks and trolls about it all, the Slashdot discussion

The Pitch

With the recent press that Linux (and Ubuntu in particular) has been getting, it seems to be a good time to go back and look upon reasons for switching. HardOCP spent 30 days with Ubuntu and found installation "from the LiveCD is incredibly easy and problem free." Their bottom line was

For those who stick it out throughout the learning curve period, the rewards are great.

I'd admit, not everyone wants the same things from their computers. They're very general purpose for that very reason, so migrating to Linux may not be worthwhile for you. When I changed over seven or so years ago, it was fun. It was a huge learning experience that I never could have gotten from Windows. I had access to the code that ran everything I was doing, and it was like my first steps on the web. A wealth of knowledge.

At the time, that knowledge was a bit of a puddle of mud. I was stuck in it and needed how to learn how to breathe. Luckily I was looking forward to getting dirty. Nowadays though, installing and setting up a Linux system isn't nearly as dirty. Most of that is done for you, and for those that aren't, there are quite a few resources sitting about.

So why should you bother putting a Linux CD in your computer? First of all, it's free. Free as in "free beer" and free as in freedom. You won't have to worry about being mistakenly identified as a dirty pirate, functionality won't be forced away from you in an upgrade, and it inter-operates well with other systems. While no operating system has perfect security, you'll have less malware infecting your computer. It will also be generally easier, cheaper and have more choice when extending functionality.

Starting out is simple. You can download a copy of Ubuntu and get started without even installing anything to your machine.

The Resources

Ubuntu Documentation Team has a great desktop guide. For specific questions, The Ubuntu Guide is comprehensive, if not a little overwhelming.

The best thing you can do is to use the system and ask questions when you have them. Google may solve them for you. They were probably already solved on the Ubuntu forums, and if they weren't, you can probably ask it there.

Oh, and just asking me would generally be a good option as well

I just started to create a claimID profile. So now you can check out my claimID.

I'm still debating the usefulness of this over the simple concept of just having a home page (like this one) that's properly laid out. However, data duplication issues aside, it is a well done site, simple to use and has a well-focused attention.

Why it's useful:

It's fully controlled by me so I can show off the person I think I am to the world. I determine the importance of the links, who I choose to link to and who I don't. It can be the things I write, participate in, have done, or have said about me. I could even throw my own crediblity out the window by claiming I wrote all of Slashdot.

It's also current; it properly uses MicroID to validate the sites I actually own. It creates a proper HCard page I could use for integration with and to other identity sources.

Why it's not:

It's not yet visible enough. If people don't know about the page, they won't be able to see what I want them to, they'll be back at the position of just googling Ryan Bianchi and coming up with data that I might have been a fullback for California State Polytechnic University (which I wasn't). But even that is always changing.

So I think it can be a useful "personal resume", a kind of addendum to the more formal resume. I think of it kind of like a resume for someone who just met me. An interested new co-worker or something like that.

Phil Zimmerman once asked 'Why don't you send your paper mail on postcards?' Would you send a love letter or will on a postcard, in an unsealed envelope? It may seem rediculous, sure, but this is exactly what people are doing every day. In fact, with email, this is exactly what we're doing with our everyday communications.

Most people are sending around email on the web that is horribly insecure. You may, incorrectly assume that since you have to log in with a password to read your email, and I have to log in to read the email you sent me, that this is a secure channel. Would you care if someone started reading your email, without your knowledge or consent? This writeup, then, is for you. It is mostly an introduction to cryptographic concepts for non-mathematics enthusiasts.

What's wrong with sending an email from my system to yours if we both log in? The most obvious, people could sniff your password. Shoulder surfing, dictionary attacks or collecting all network traffic are common ways of figuring out someone's mail password. Even if your account was secure, however, that doesn't imply that your message was secure. When you send an email to me, it will traverse through anywhere between 5-30 routers/computers. Any one of these points along the way can read, and store if they wanted, the email in transit. If your traffic goes through a foreign router that logs data and invades your privacy, how would you properly protect your rights in that country, not being a citizen of it?

First, a bit of background. Public/Private keys are asymmetric, whatever is done with one can only be undone with the other. Therefore when you send information to me, you encrypt it with my public key. Only my private key can decrypt it. When I send you something, I do so with your public key. Also, I can sign something with my own private key. Since I am the only one that knows my private key, only I could have signed it, if you check and decrypt it with the public key (which anyone can do). The concept is simple.

So, if I have convinced you, what should you do? A good introduction to installing and setting up GPG on a windows machine is done rather well by Brendan Kidwell, with A Practical Introduction to GNU Privacy Guard. If you use Gmail, or your service provider's email, you can use Thunderbird, with the Enigmail extension. Setting up Thunderbird is the same as any other mail application, and here's help configuring enigmail.

infornography
Function: noun
obsession with, or excessive working with the gathering, storing, creation and manipulation of information

I now am a CIRA member, and have a domain name. The school term is done, and the summer begining. Thanks to Jay for the gift.

So up next for this humble site, is getting a signed ssl certificate (hopefully through a reputable, free certificate authority) to better secure the non-blog areas of the site. After that, I don't know what I want to do with it. Are there web based services that your lives are missing? All I have implemented for friends is a calendaring system, and this blog. I've been toying around with a Digg/Kuro5hin clone, but that idea would only work if it was used by people who weren't me. (> 5 people at least)

I've always made an effort of keeping the things I deem important around, especially if it's something I've made. Sketches from economics class, code I've written, school projects, every piece of email sent or recieved by me (that wasn't an automated reply for forgetting my password, mailing list or SPAM) since 2001 are prime examples. It's good to have around, old projects I can refer to not just to see progression, but to refactor in new toolkits and such.

I guess I'm just living life as some subspecies of electronic packrat. The evolution of hard drives helps. Backing up data like this has historically been a pain. I don't want to waste space (especially when you have to span it across media) on some piece of data that is more or less derivative of other data, or already backed up somewhere else. My programs never get backed up. They're already on the Ubuntu .deb archives. Anyway, a little while ago, when running Gentoo, I liked the way they showed changes in /etc configuration files to me. Doing a diff between the updated version and mine. The wheels started turning. Why not log my configuration files in CVS? I mean, CVS is a great way for making incremental changes to text files.

Later on, trying to back up my email, I came across the same idea. It wasn't until I had ditched CVS and switched to SVN for my code that I found Keeping your life in Subversion, some time before November. So now, with the prodding of Sarah wanting to do something similar, I've decided to put my life in SVN.

So what's the deciding factor of what goes in or not? This is my only remaning problem. What policy should I come up with? Email, code and personal text is obvious. Important dotfiles are there now too, such as my .vimrc and .bash_profile. But at the same time, it would be a waste of space to throw my ~/tmp or some silly dotfile like ~/.Adobe/Acrobat that I don't care about.

So once that's settled, I have a reasonable way of porting my homedir across as many machines as I need. And the nifty part about this will be the ability to travel back in time, and I can physically log into my system as it was X units of time ago.

The OpenID spec is an interesting thing.

Since you're already logged into say, LiveJournal, you trust and are active on the site. That means that your Livejournal authentication expires rarely. On the other hand, you post here rarely. Authentication would be a big pain in the ass to remember a separate password just to post to this blog three times a year in comments.

Enter OpenID. This will let you use your exisiting (Livejournal) authentication to also authenticate yourself here, or any OpenID enabled* site. It will transfer you to Livejournal for a moment, ask you if you want this site to know who you are on Livejournal and then tell that to this site. But none of your authentication needs to even be transmitted to this site.

Damned convienent, you might say. I agree. Some buddies may have noticed infornography.gotdns.com popping up in their LJ user list. That's me, using it in the reverse. I already have a blog, so why be anonymous or create a livejournal account just for commenting? You could even trust that user if you do a friends only page, as it's still an authenticated user.

What's possible for OpenID's future? Imagine your friends list populated not just with Livejournal friends, but my blog posts just the same. Never having to create accounts on Slashdot, kuro5hin or other forums. Tying together FOAF (Friend of a friend) data, not only with blogs, but with people you regularly communicate (via blog comments, forums, etc).

So, with that in mind, I announce that I've done a bit more work on a WordPress plugin for OpenID. Try it out. Use it, break it, talk to me about it. There's no server (yet), but OpenID servers are easy to come by;

• Videntity
• MyOpenID

are two existing examples. (And linking them to your current blog is easy, if you're not a Livejournal member)