Category Archives: Thoughts

Realtime notifications – Pusher

Recent webapps keep pushing into realtime notifications, starting from web chat (for example Facebook Chat), notifications of new items (Twitter), progress status update (for example encoding a file).

The first solution was to provide an ajax poll; which can’t scale easily (a bad implementation could lead to your app to a DDoS) and will have a delay between updates.

On the server side are starting a lot of libraries/servers to provide a solution for this. The great news is WebSockets will be the standard and solution for the realtime notification from browser and server side. The bad news is that WebSockets is changing a lot and is not yet stable across major browsers (Firefox, Safari and Chrome implements it, but different versions)

A good approach has been cloud implementations which removes all the problems of programming and maintaining server resources for this task.

So far I’ve tested two implementations: Beaconpush (which I liked for fast implementation and low message sending, but now it’s planned to close in following months and only allow installed setups) and Pusher

Pusher.com is really a great solution to realtime notifications. The team is very responsive and want to help you all times.

I will detail some advantages and some main problems you could face if you need to make a choice.

Advantages:

  • Cheap, specially if you are going to send a lot of messages
  • Easy to implement in server and client side
  • Uses websockets available in most browsers (it uses the recently Mozilla implementation for example and never had a problem of connection in different versions of Safari/Chrome)
  • Has auth mechanisms which allows to secure your messages (In Beaconpush it was easy to eavesdrop if you don’t hide the user id)
  • Has presence channels which mean you can know the other users in channel without handling at server side
  • You can store data when user is authorized (for example html parsed data) so you can use to render/store in your client side
  • Webhooks which let you know when the channel is empty or occupied (logged/offline if you use an “user channel”)

Disvantages

  • Not sure if they really limit user connections, because if you have a large site with few notifications you could easily hit limits of user connections (I see really low those limits)
  • All is channels, you don’t handle user id, even the solution is easy if you create “user channels” (private channels only for user id and handle authorization)
  • They don’t have api for batch sending a message to multiple channels
  • From server side you cannot get list of users logged in a channel (even will be hard to find as you don’t have user id param, you need to match with a socket_id they provide)
  • Webhooks are great for ajax pages, but won’t work “out of the box” if your user browses several pages as will be get a lot of notifications of user login/logout (they have a solution for client side, but server side you need to implement your own solution)
  • In my dev setup if I left the normal settings I got a delay on connection up to 10 seconds; if I force to use secure sockets worked faster and fine:
    new Pusher(applicationKey, {encrypted: true});

I really think Pusher is a great solution from small to medium sites; since it will allow to make a faster development and realtime notifications have a very good impact on your application.

 

 

Share

Web 2.0 Security Fears Deserve Attention

I read at Innovations this article: Web 2.0 Security Fears Deserve Attention, about the potential harm can cause API’s to create a new harms in terms of spam and getting information of users and their friends.

But surely spam on Social sites is nothing new, I recently received a Philippine Scam on a books site based on the Nigerian Scam, even with their lowest rate of hit they are also harmful.

But in fact what is most harmful to process that social information and send emails / messages faking your friends ID, that kind of spam gets a great hit rate (about 72% versus 16% of not social spam), this is concluded on the article: Social Phising (pre-print paper), also the article points to several interesting results, among them Denial of the attack has been successful, this make phising very effective because of few reports which can be prosecuted.

I Agree on Innovations article (which also pinpoints the article of Social Phising) that the only prevention is not legal enforcement (which can help to prosecute) or close social sites but education about the problem.

Share

Programming Grads meet skill gap in the real world

Programming Grads meet skill gap in the real world

This long article of eweek.com tells about what every developer feels once he graduated, in my case I was lucky since I was developing for a time in the school in other projects larger than school projects. I totally agree with the article in this part:

Scherlis said the onslaught of open source technology has been a big benefit to students, as they are able to bet access to source code more easily and get students up and familiar with technology they are bound to see after graduation.

Byron Sebastian, CEO of SourceLabs, in Seattle, said many less experienced developers can learn necessary workplace skills by actively working on open-source projects in their free time.

Enrolling into an open source project (or checking and altering the code for testing purposes) will help you a lot to get skills in programming.

Share

Who said “Usability is Free”?

I read this article in the Interactions Magazine of this month, you can check from here:
http://portal.acm.org/citation.cfm?id=1273971

The main point in this article is the lack of usability on most linux programs (including distros), without doubt there have been several advantages on good presentation of programs (“eye candy“) like Beryl, but unfortunately some of these changes are only eye candy and doesn’t provides more usability than other solutions.

I think one of the problems which lead to this was the lack of a high level language for developing in Linux, now Mono is available to fast developing but we have really few Mono applications compared with C developed applications (with UI code mixed with normal code).

A good option for UI developing is (in theorical aspect) is XUL because it’s similar to Glade, in XUL you can add Javascript to handle windows and events (and other things like file handling), the problem is the lack of good examples/tutorials for desktop applications (not web developing which I think is now outdated with AJAX and Javascript pure solutions) and the constant use of C++ to develop applications.

Share