Orcmid's Lair  

Welcome to Orcmid's Lair, the playground for family connections, pastimes, and scholarly vocation -- the collected professional and recreational work of Dennis E. Hamilton

Click for Blog Feed
Blog Feed

Recent Items
Republishing before Silence
… And It Came to Pass
Amaze Your Friends: Datamine Unlimited Statistical...
Don’t You Just Hate It When …
Blog Template Unification: Template Trickiness
OOXML Implementation: Can Expectations Ever Trump ...
February Frights Redux: Unification for Creative D...
Worst Nightmare: OpenDocument Format Embraced-Exte...
Abstraction: Einstein on Mathematics+Theory+Realit...
Document-Security Theater: When the Key is More Va...

This page is powered by Blogger. Isn't yours?

Locations of visitors to this site
visits to Orcmid's Lair pages

The nfoCentrale Blog Conclave
Millennia Antica: The Kiln Sitter's Diary
nfoWorks: Pursuing Harmony
Numbering Peano
Orcmid's Lair
Orcmid's Live Hideout
Prof. von Clueless in the Blunder Dome
Spanner Wingnut's Muddleware Lab (experimental)

nfoCentrale Associated Sites
DMA: The Document Management Alliance
DMware: Document Management Interoperability Exchange
Millennia Antica Pottery
The Miser Project
nfoCentrale: the Anchor Site
nfoWare: Information Processing Technology
nfoWorks: Tools for Document Interoperability
NuovoDoc: Design for Document System Interoperability
ODMA Interoperability Exchange
Orcmid's Lair
TROST: Open-System Trustworthiness



Don’t You Just Hate It When …

… You visit a site, create a comment, and

You are asked to log in and you have no idea that you have a password for the particular site.

… You attempt to register at a site, and

They tell you that your e-mail is already registered with them because they are part of a conglomeration of sites none of which you recognize at all and/or have saved a password and account entry for in your password safe.

… They prefill a form with your user name or e-mail address

But it is because you created an account on some other blog of the same service but you filed the password under the name of that other place, having no idea you were registering for wordpress or typepad all over the galaxy and actually had no intention of doing so and you don’t remember what that other place was anyhow

… They will take an OpenId

But you have to explicitly register an account anyhow, and your already-filled comment form is lost in the process.

… They insist on inviting your automatic Disqus logon if the cookie is spotted

But then you have to disable the indiscriminate e-mail river of Disqus commentary because it drowns your inbox and so, tell me again, why did I want to use Disqus?

… You can’t find your password and you seek their help

Only they clearly send you what must have been your original password in a plaintext e-mail.

This situation makes me very happy that I use a random-password generator for every new account, so that the password protects only that one logon and nothing else.  I am unwilling to have the key be more valuable than the lock.

You may notice that I have stopped using Technorati tags, since they seem to have no effect whatsoever and I haven’t figured out how to have them make a difference with any alternative source of tags.  I should figure out de.licio.us, I suppose, except in that case I should first figure out why my de.licio.us feed has stopped.

I also use categories, well no … I use Blogger Labels which are sort of like categories except it is hard to find out what they are and place a current list and links on my sidebar.  Blogger backlinks and Blogger labels remind me of the propensity of some Microsoft developer types to do-it-their-way when there is already an established practice out there.  Yes, developers just want to have fun. But inflicting their NIH syndrome on the rest of us is not OK.  Go do that in the privacy of your own home, please.

For the labels, I think I will periodically post a message that simply goes into every category I have used (Windows Live Writer knows what they are), so I can remind myself not to make up more and maybe even prune the list where I tend to always use multiple labels in combination.

Aren’t you happy that I have spiffed up this blog to the point that it serves as an invitation to my regular blogging on whatever strikes my fancy in the moment?  Just wait, there are five more blogs and I have a great deal of pent-up blogging from my 18 months nose-down in document-standards work.

Labels: , , ,



Blog Template Unification: Template Trickiness

In Orcmid's Lair: February Frights Redux: Unification for Creative Destruction, I commented that I am in a death match between decline of my web-development machine and May 1, 2010, when when Blogger ceases publishing via FTP to my own domain and hosting service.

The laptop is now on life support and, so far, has not entered a vegetative state. But it can't sit up and stand on its own any longer.

Meanwhile, I have been working to unify my Blogger templates around one single "classic" layout. That has been interesting.

Testing Without Ruining the Blog

For dressing-up the sidebar and tidying up some aspects of the blog posts, I was able to confirm template changes using the template-preview provisions of Blogger.

Straightening Out the Archive Structure

It became trickier when I decided that each blog's archives should be in a separate folder. Orcmid's Lair wasn't done that way. Its archive pages were at the same level in the blog folder as the main page and some supporting items. Fortunately, I discovered that the archive-list pull-down would automatically change to reflect the new location once I said archives should go into a separate sub-folder. Then all I had to do was move the existing archive pages to the sub-folder to make the pull-down be true.

I now must remember to republish those few pages that have an older version of the pull-down. In this case, the blog is a little-bit broken, but easily fixed.

Being Conditional About Comments

The next tricky business was creating more cases that were conditional on which page was being generated.

In the past, I had full comments show up everywhere there is a copy of the related post. I decided to simplify and have comment detail only on the individual post pages. The version of an article on the main blog page, and in archives, provides a count and a link, but no comment content.

This became tricky to test because the template preview mechanism only shows what happens to the main page. To see what happens to posts, I must install the template and create a post or repost to see the effect on the individual post itself.

I can cause a repost, usually, by adding a comment to the post. If necessary, I can also change the conditionality to see what everything on the main page, but that is not a complete verification.

And Then There’s Backlinking

Even trickier was seeing how support for links would work. Blogger has a feature called backlinking that will report about other blogs that link to this one.

I don’t think it is exactly a track-back mechanism. I'm also not not sure how it works for blogs that are published via FTP.

To test whether backlinking is operating, despite Blogger indicating that my blog is backlink-enabled, I need to create a blog post that links to another of mine, and see what happens. That is the provocation for this particular post.

Also, I am using the BlogThis! pop-up that is provided if the "Create a Link" link is followed from one of my blog posts. This seems to be one way for Blogger to notice that a link to a Blogger-generated post is being made. Once this post is up, I can also recall it into Windows Live Writer and see whether I could have done it from there too.

Next Attempt

Well, BlogThis! does an awful formatting job. I recalled the post into Windows Live Writer to touch it up as well as see if there is any special indication that this post is linking to another. I don’t see anything.

I’ll repost now and then see if I have to publish from Blogger itself to have backlinking be noticed.

Oh, and By the Way

While I have been rooting around in tweaking the individual blog items and how comments and backlinks appear, I noticed another problem. The permalinks on comments don’t work. I have attempted to use an alternative way for creating the backlink, but there is something not happening. I will have to look at the source-code of the generated HTML pages to figure this one out.

Labels: ,



February Frights Redux: Unification for Creative Destruction

I have moved from February Frights to April Insecurity. Here’s an update on the items that I had on my plate:

  1. Frailty of Compagno, the web-development server, is increasing. Danger, danger … . I am operating on chewing-gum and a prayer for now. I have to do this, but figuring out staging for coming up in a reliable way on the Windows Home Server is daunting for me. More urgency is required.
  2. I have successfully migrated Vicki onto a docked laptop. There are some software installs remaining for the Windows 7 Dell Inspiron 15, and WiFi roaming needs to be figured out. Everything is operating beautifully and I am jealous that Vicki has the most advanced system in the house at the moment. Before removing her 2006-vintage Dell desktop system, I repaved it with Windows 7 too. Worked like a champ, and we gave that system to our niece, Liza.
  3. I rolled Quadro, my Tablet PC, back to Windows XP from Windows 7 RC1. This worked easily, by using the restore discs for the Toshiba Satellite Tablet PC. I forgot about all of the craplets that Toshiba installed on this machine. I miss the improved Tablet functionality (and 3-d chess) of Vista, but being back on Toshiba drivers and a stable configuration is worth it. I gave up on the idea of having it be my e-mail machine and attempting to have more than one version of Microsoft Office was also too painful, but Quadro is in a stable, fully-functioning state now. Of course, I am far beyond Toshiba’s 2-year update commitment and must find a Windows 7 Tablet PC replacement eventually. I figure the later the better.
  4. Upgrading the Development Desktop will wait. There’s no technical reason to hurry and I will keep watching the desktop pricing-performance curves move. The biggie, beside running multiple VMs on a hot processor with fast RAM will be managing to drive a 36” display, once energy-efficient and affordable ones of those become available.
  5. Moving off of FTP’d Blogger to different Blog Hosting. There has been a reprieve. Google will continue support for publishing of Blogger blogs via FTP until the end of April. I’m now trapped in two races, once against a Google deadline, once against entropy death of a frail 1998 laptop. Thanks to advice from Rob Weir and researching other ways of self-hosting a blog, I have a plan. You are seeing the early steps right here:
    • I am going to unify all of the blogs I manage under a consistent Blogger template set. The features and layout will be the same, with changes in color scheme and symbols only. This means that it is all going to be table-based HTML 4.01 transitional too. I fooled around with CSS-only layout enough to know that I will stick with what works and solve the CSS problem later.
    • The first stage is to adjust the Orcmid’s Lair template as the pattern. I am starting with a generic sidebar on the left, and some cleanup to what I call the title block at the top of the page. If I have that right, this post will drive out those changes to the main page and all posts from here on out. I will continue working on changes to the body text and comments on Orcmid’s Lair.
    • The next stage is to propagate variations of the unified template to all blogs. This will including Spanner Wingnut, my laboratory for experimenting with further changes. The format unification accomplishes two things. First, I have been resisting blogging over unhappiness of the formats. I wanted something more pleasant before investing in more posting, especially on Vicki’s blog and my nfoWorks: Pursuing Harmony blog. Secondly, once I have migrated Spanner Wingnut successfully, whatever I had to do to establish a new template matching my desired style can then be replicated back to the other blogs.
    • I want to host multiple blogs on a single web hosting account that has multiple domains implemented on a single site. I also want to retire the existing blogs in place. To continue to develop new, self-published pages on the same folder structure, I don’t think systems like WordPress will work easily. In general, I am reluctant to move to systems that generate pages dynamically and/or use directory-redirection techniques to map URLs to what the blog engine really uses. I learned a lot about exploring WordPress and more checking into Drupal also. At the moment, Movable Type looks like a better choice.
    • The only way to be certain that I have found a worked case is to attempt to migrate Spanner Wingnut first. Once I have a working migration that allows Windows Live Writer authoring and multiple blog hosting, I will move over the main blogs, including this one.
    • There will be some breakage. I will retire the current blogs “in place.” The new blogging system will generate all new pages. But the new-systems RSS feed will start anew and the archive links will not include the Blogger-generated pages. Also, comments will stop working on all “legacy” blog pages. I might find some sort of bulk change procedures to repair some of this later on, but it won’t be that pretty during the cutover. May 1 is no longer in the distant future. The big job is accomplishing migration of Spanner Wingnut and then one other.

Labels: , ,



The February Frights Begin

My computer infrastructure seems to be falling apart.  February is going to be the month in which I have to fix it.  I always fear infrastructure changes and computer upgrades and conversions.  And the price of procrastination is that pay-me-later comes due, with interest.   Here’s what it looks like:

  1. The invalid, my web-development server, the vintage-1998 Dell Inspiron 7000 laptop, Compagno, is on its last legs.  I need to offload everything to the Windows Home Server, including Visual Source Safe (VSS) integrated with Internet Information Server (IIS) via FrontPage Extensions.  I have been avoiding that.  I can’t any longer.   (Hmm, I mean that my laptop is an invalid, not that it is invalid.  Tricky that.)
  2. I need to migrate Vicki off her Dell desktop onto her new Inspiron 15 Laptop with docking for printer, LAN, keyboard+mouse, audio, and 24” widescreen monitor.  This also means moving Office 2003 from her XP SP3 configuration to the Laptop’s Windows 7, finding counterparts for the applications that currently work for her, including FrontPage 2002 (see 1, above).
  3. My Tablet PC has been running Windows 7 RC1 and that is about to expire.  There is no reason to use one of my Windows 7 upgrades on that machine because the manufacturer stopped providing the needed drivers before Vista.   I could reinstall Vista (and play 3D chess again) maybe, or go back to Windows Tablet PC Edition 2005.  This is all a holding action until I figure out what is a decent Tablet PC upgrade path that doesn’t cost a fortune.
  4. I have ambitions to replace my Desktop system with a hot multi-core Windows 7 64-bit kit.  I want to use virtual machines for other operating systems and multiple versions of office productivity software for exercising ODF and OOXML implementations and their inter-conversions.  I can also do better at development of software for multiple platforms this way.  This is not something I’m in a hurry for, because I have to deal with my critical peripherals (HP Scanjet 7400C and E-MU 1820m) being supported.  This should be on the end of the list.
  5. TODAY, after not noticing all this time, I received this happy e-mail from Blogger:
    “[W]e will no longer support FTP publishing in Blogger after March 26, 2010. We realize that this will not necessarily be welcome news for some users, and we are committed to making the transition as seamless as possible.”
    Of course, all of the transitions are to Google hosting of one kind or another.  These all involve changing the domain name.  I use FTP publishing in Blogger because I already have the domain names for my blogs, and far more, and changing domain name and/or hosting is not the kind of transition that works for me.  What I need to do is disintermediate from Blogger.
    I desire a way to bring up some sort of blog publishing function, still usable with Windows Live Writer, alongside my existing blog directories on the servers where my blogs are now published via FTP from Blogger.  I can then make a side-by-side transition from using Blogger as the intermediary for publishing to using a more-or-less direct self-hosted publishing mechanism. 
    That is probably workable, and something I had always meant to do.  Now I have an incentive I can’t ignore.
    Of course, I have no idea what I am going to do about comments on those blogs.  I think about Disqus, but not real hard.  We’ll see.

And I still use Technorati tags despite every indication they are absolutely useless.

But hey, I am driving out yet-another change to my Blogger template with this post. 

Labels: , ,



Monday Morning NaN: Confirmable Experience with my Coffee

F09xx20-2009-05-11-0645-ThreadedTweetsDarren Rowse tweeted about Threaded Tweets, and I went for a look.  I can’t remember the last time I saw a NaN delivered up by a web page, and this may be a first.  I’m not sure whether 14996 replies is a very successful number, but I guess any thread that lives that long deserves some respect [;<).

There are three interdependent themes that I see around the development and sustenance of dependable systems: system coherence, confirmable experience, and trustworthiness.  These and dependability itself are not independent notions.

I think this one is about confirmable experience

Something odd is happening.  Thanks to screen-capture software, I can show you (and the producers of ThreadedTweets) what happened.  In fact, I will tweet about this and if the cycle of learning and improvement is operating, the Threaded Tweets folk will pick up on it, if they aren’t aware of the glitch already.

It would be fun to create a threaded tweet about this as well, but I am not about to provide my Twitter credentials to ThreadedTweets in order to do that (and you can see the reason for distrustfulness here even though they claim to be using OAuth to protect me, yes?).

There is a part of the confirmable-experience cycle that figure in trustworthiness that I can’t account for.  I have no idea how to the tweet threading folks are able to identify the specific difficulty, although it appears to be a stand-out no-brainer, so long as they can see the data on which the failed time-lapse calculation is being done.  Smells like there is a division by zero or a failed data conversion in there somewhere too.

But as an end-user, I don’t know about any of that and my speculation is not the same as having visibility on the process for confirming what is happening, as opposed to confirming how users experience it.  That’s the part I provide.  Also, I notice that the NaN message has disappeared in the past few minutes, possibly because the defect has been noticed, possibly because it is transient and difficult to find.

The tie-in to trustworthiness

ThreadedTweets has a feedback and a support link that I could use to communicate what I noticed to them.   Now that it the NaN is gone, I’m not sure whether that will help.  They want an e-mail to the support address.  I’ll send them a link to this post.

The tie-in to trustworthiness has to do with the demonstration of care for the adopters (a.k.a. users) by the producers of ThreadedTweets.  In this case, it is how friction is removed from the ability of adopters to communicate their experience to the producers.  The back half is how the producers demonstrate remedies or other solutions in a reliable way. 

Since I am very much into identification of confirmable experiences and occasions where system incoherence show up, I have a screen capture utility at the ready at all times.  This is necessary but not ordinary behavior required to to demonstrate what my experience is. 

An interesting problem for an organization that wants to be trustworthy in delivering a dependable web-based service is this: what can be done that would allow ordinary, casual adopters to convey their experience to the producers in a way that is confirmable?  That’s the question to consider.

And your assignment, if you choose to accept it …

That’s the bigger point of this tiny object lesson.   Look for more to come.  Notice ones in your own experience.  Collect the full set.  Entertain your friends. 

Most of all, begin to notice those little moments of truth where your experience of products raises “uh oh” and “ick” experiences for you.  What do you do about them? 

This is not a trick question.  I don’t do much about many that I experience.  It is valuable to notice and even question that, though.  What is it you are putting up with?

I arose at 5:30 am to be prepared for the 7:00 am Monday morning conference call of the OASIS OpenDocument Format (ODF) TC.  The cancellation notice went out about 2:00 am, my time, from Germany, and I had the opportunity to crawl back in bed after a poor night’s sleep or start my day early.  Oh wait, I can post on my much-neglected blog.   Aren’t you the lucky ones.

Labels: , ,



Social-Grid Identity: Please Enter Your Twitter Credentials Here

[update 2009-03-06T20:43Z Hmm.  I just checked onto Twitter over lunch and the first update was from Ed Yourdon about Twitter being hacked in some way that allows accounts to be used or users impersonated in some way.  The instance on Yourdon’s update page suggest that these came in under the guise of posts using the web, so the exploit appears to be against the Twitter home page or the web site.  Ideally, Twitter has finer-grained detail about the path over which these tweets arrive and what the likely exploit is.  I had no knowledge or suspicions about this when I researched and created this post yesterday.]

It’s still happening.  First it was Facebook credentials.  Now it is the new hot: Twitter.

There’s an onslaught of web-based applications that integrate with Twitter and provide additional functions and services for you.  Sounds exciting, yes? 

But all of them want my Twitter credentials.  Like TwitPic, when I wanted to make a comment on this photographic complaint about someone taking a single bite out of the P-I newsroom’s fat-pill supply.  That stopped me short.  They wanted my Twitter credentials simply to comment on the photograph.  I passed.

WAIT!!  Have I already fallen for this?

This has me wonder who else I may have already given my Twitter credentials too. 

  • FriendFeed?  No, they just wanted to know my Twitter name in order to include my tweets in FriendFeed.
  • FriendFeed posting to Twitter?  Not sure.  I can’t tell what it took for those tweets to be forwarded.   I’ve turned it off, turned it on, and turned it off again.  No credential request, but I’m leaving it off anyhow.  I don’t remember providing my Twitter credentials though.  That sort of request usually triggers instant uh-oh on my part.  I know the Linked-in connection ceremony does not involve disclosure to FriendFeed, and expect that no other arrangements like this do either.
  • Twhirl.  Well, this is a desktop (Adobe AIR) application.  It does know my Twitter and my FriendFeed passwords.  It also will forget my passwords if I tell it to.   Apart from the prospect of the application simply stealing that information via my authorization to access the Internet through my firewall, there is no more exposure here than my entering the a password on the Twitter and Friendfeed pages.  Not perfect, but at least retained only on my machine and not someone else’s.

So there are mixed results. 

It doesn’t have to be that way.  When I configured Windows Live Photo Gallery to update to my Flickr account, I never divulged my Flickr (that is, Yahoo!) credentials to the program.  Instead, it worked more like a PayPal transaction, with Flickr arranging a unique credential for Photo Gallery to use that applies only to it, apparently.  I don’t know the details of that arrangement; I will find out more.  This sort of arrangement needs to be more widely understood.  (I’m pretty sure that I can use an Information Card to accomplish arrangements like this too.)

And Now, Some Security Theater

I have resisted two invitations to supply my Twitter credentials, not counting the one at TwitPic today.  On reflection, they are each instructive.

Mr. Tweet Sends Me a Message

Mr. Tweet sent me a direct message.  Well, that means I am following Mr. Tweet, doesn’t it?  Apparently not.  If I go to this page, it tells me I need to follow Mrtweet to start receiving the benefits.  And when I check MrTweet on Twitter, I am not shown as already following it.  Since my only contact with Mr. Tweet was 76 days ago, I have no recollection of anything I might have done that invited that original direct message to me, but I could have. 

On the other hand, this appears to be an interesting arms-length arrangement.  Mr. Tweet apparently provides support that does not require my credentials to access.  Furthermore, its communication with me is via Twitter direct messages.  My opting-in by direct-messaging Mr. Tweet does not require me disclosing my Twitter credentials. 

I would say I am safely intermediated by this clever use of existing Twitter provisions. 

Because I’m not interested in this service, especially not enough to receive direct messages, I am not following Mr. Tweet.  This personal choice has to do with my direct messages coming to my e-mail inbox and also my mobile phone.  I want to limit that traffic. 

Hmm, looking deeper while researching this post, I see that the Mr. Tweet page does have a (Twitter?) login panel at the very top.  Maybe this isn’t cool after all?   Worse yet, if I choose to follow any of those Mr. Tweet lists as interesting followers using buttons on the Mr. Tweet page, it requests my Twitter credentials.  Even though I can click through the links provided to the Twitter pages of those followers and follow them there.

FAIL!!  I did notice someone that I thought I should be following, but I went to the Twitter site to do it.

Mr. Tweet should stop being so helpful and take those follow links of their recommendation page, letting us use Twitter to do it.  Links to individual Twitter pages are all we need.

Now I wonder what the direct-message enablement is all about.  It should be a way to establish that I am the user of the account I would use Mr. Tweet for, but they don’t really need to establish that, it appears.

Mr. TweetSum has Data just for Me.  Not Really.

Tweetsum was being recommended in a Twitter update from Andrew Woods.  I still don’t know what a DBI is, but I saw immediately that I must use my Twitter credentials to get started.  That stopped me cold, as usual. 

On questioning Andrew about this, I was not inspired by his remark that he knew the developers and one was a security expert so he had no problems with providing his credentials.   What failed to inspire my confidence is that there does not seem to be any need for my twitter credentials for them to accomplish what they offer. 

I now see on the TweetSum blog that they know they don’t need the credentials too.  They promise not to keep them and “don't worry, we don't keep this info -- twitter merely tells us you are who you say and we believe twitter.”  

So, wait a minute.  They don’t need my Twitter credentials to do what they do, just as I thought. 

Yet they want to be sure it is me?  Why? 

Someone who asks for Tweetsum analysis for orcmid still can’t impersonate me to Twitter or any of my followers or anyone else.  They can’t do anything with information from TweetSum that they couldn’t do anyhow (like, stalk all my followers or something), with or without automated assistance.  So what’s the point? 

TweetSum having my credentials even for that one check is just security-theater ceremony.  There are a lot of those being passed around these days, but that is no reason to tolerate them. 

There is value in learning to spot security theater illusions, though.   When we encounter these charades it is also legitimate to wonder what else is not being understood about security on the behalf of a service’s users. 

Labels: , ,



WTF: Umm, Flash 10 Detection Not So Simple

Just after midnight coming into Saturday, 2006-12-06, I unloaded my sad experience with Flash Player detection since updating to Flash 10 in IE 8. The details are in the article “WTF: The Adobe Flash Version 1x Crisis.” After that, I created a question on Stack Overflow to explore the geek side of the problem.

I just confirmed that the problem is more subtle than my original suspicions: Flash 10 Detection works in IE 8 beta 2 when I’m elevated to admin and it fails on many (but not all) sites when I am running as a Limited User Account (LUA). So I am seeing what may be a permissions problem that only shows up for users who browse as limited users on Windows XP SP3.

This leaves two mysteries: (1) what is the permissions problem and (2) why does Flash detection work on some sites anyhow?

Not Exactly What I Was Looking For

Thanks to a lead from RoBorg on StackOverflow, I was given some useful leads on Flash Player detection resources. This led me to experiment with Adobe Flash Player Detection Kit 1.5. The Kit’s sample for client-side (that is, in-browser) detection failed, suggesting to me that this would be good code to explore for isolation of the problem. I began to conduct an autopsy on Adobe’s sample code.

My first discovery in using the Client-Side Detection sample code is that the failure to detect Flash 10 is not about an incorrect comparison for desired-or-later version. The client-side detection doesn’t get that far. An internal procedure, GetSwfVer, for finding an installed version of Adobe Flash Player is unable to detect any Flash Player at all. So it reports that it failed to find any version installed.

This had me suspect there is something going on with the Windows Registry (where I can see that there are entries for ShockWavePlayer, the Macromedia name that continues to be used). I can also see that there is an entry for Flash Player version 10. Internet Explorer also shows that it has the player installed and enabled when I check the Tools Manage Add-ons menu selection for all add-ons:

IE 8 beta 2 reports having Flash 10

My plan is to dissect the GetSwfVer JavaScript and bench-test it by parts until I see where the procedure is failing to find the installed Flash Player control and report its version.

I also have observed that the Adobe Flash Player Detection Kit and recommended detection methods have a poor reputation among some developers. I have no reliable evidence to support that. I will, however, also check into the recommended alternative, <swfobject>. If I find that it works where the Detection Kit Client-Side solution does not, that will be worth exploring for what the workaround is. There is a handy article by Bobby van der Sluis on the Adobe Development Center. The sample files there should get me started the same way I have made use of Detection Kit 1.5.

Another Country Heard From

Meanwhile, I noticed that there is also support for Google Chrome. Chrome is the other in-beta browser I keep around to compare with IE 8 beta 2 results and to sometime use as an alternative for some sites that I just can’t get to work with IE 8 beta 2, even in compatibility mode.

I managed to install Flash Player 10 for Google Chrome today. It turns out that Google uses plug-ins, not ActiveX controls, and the same plug-in that works with FireFox and other browsers sharing some of the same code base works with Chrome. It is actually tricky to get Chrome to install a plug-in, but I managed it.

Plugin Setup works for Chrome

This is a plug-in, not an ActiveX control, so its detection and use can be rather different. Nevertheless, I confirmed that Chrome will play Flash 10 for all of the sites where I am unable to have it work for Internet Explorer, including YouTube and the CBS Television NCIS program page. That solves my immediate desire to catch up on programs that I’ve missed. That makes me happy, as a program watcher.

I still want to get to the bottom of this and complete my diagnosis of Flash Payer detection difficulties with Internet Explorer.

A Small Matter of Privilege

Because I had to be running as administrator to install the Flash Player Plug-in, I first tested Chrome-based Flash Player detection and video playing while my Windows XP SP3 account was still elevated to administrator. Everything worked.

As an afterthought, I also attempted to use IE 8 beta 2 under administrator privileges. It works!

Flash 10 Detects and Plays in IE8 when I'm an Administrator

But when I restore to my account to Limited User, it doesn’t:

With IE 8 back in LUA: FAIL!

Hmm, it doesn’t pick up the icon in the address bar either. IE 8 offers compatibility mode for this page, but it doesn’t make any difference to pretend to be IE 7 here.

OK, What’s Next?

I have solved the problem of being able to continue watching my favorite Internet-available programs.

I have not solved the problem of client-side detection in IE8 and what about account privileges has detection work where it doesn’t when I am operating as a limited user.

I will continue my dissection of available client-side code to isolate the problem and determine how some sites manage to get around the limitation I am experiencing.

This business of having applications work while I am administrator and not as limited user is not new. I tend to associate this with my upgrade from Windows XP SP2 to SP3, and it may be related to more-recent security updates. I cannot be certain. I do know I have been putting up with this for some time.

I am hopeful that if I get to the bottom of this one, I may be able to solve other problems (such as having a NewsGator Inbox plug-in for Outlook that only runs when I am administrator).

As far as the specific problems of reliable Flash Player detection in IE8 go, I will continue to work on that as well, but not with the same urgency.

Also, because anything I do from now on will be very geeky, I will provide an account on places like Professor von Clueless in the Blunder Dome and Stack Overflow, as appropriate.

The Incoherence of Confirmable Experience

Although I have wandered off into the weeds on this exploration, there are a number of examples of system incoherence, something where the web is a bountiful source of examples. The difficulty of confirming my experience and isolating it to something that is reproducible by others is also well-demonstrated here.

I am also mindful that the reason there is no great hue and cry over Flash 10 detection problems is that I may be part of that select and small population of devoted LUA users who are seeing the problem at all. This is, of course, fodder for a different sort of rant.

Labels: , , , ,



WTF: The Adobe Flash Version 1x Crisis

Had any problems with Flash Player version detection lately?  Try updating to Adobe Flash Player Version 10.  Prepare to be shocked by the poor quality of Flash version detection in the wild.

After upgrading to a clean install of Adobe Flash 10, I discovered that nearly all video sites that worked for me in the past began denying that I had a version of Flash as good as what that they required.  Still other sites deliver Flash video to me just fine and, on occasion, I am able to experience the higher quality HD streaming that some sites now support.   It is amusing to see who fails to deliver video to me and what they have to say about it. 

I leave as an amusing puzzle how one determines what is going on and what the bug is likely to be.  My suspicion is that the bug is hilariously simple yet spread like some sort of plague throughout the Internet.

Adobe is experiencing its own version of the Y2k disaster, only in a simpler and more hilarious form.  As far as I can tell, the problem is not Adobe’s.  The difficulty is that many sites are completely unprepared for this version of the Flash Player.

[2008-12-08T20:37Z update: Further analysis reveals that my particular problem is related to permissions in some way, not simply comparing version numbers incorrectly.  I have no trouble with Flash 10 detection and playing when I am running as administrator.  The difficulties arise only when running as a limited user.  This doesn’t explain why I am successful some of the time as a limited user, and more forensic work is required.  For details on the dissection so far, see “WTF: Umm, Flash 10 Detection Not So Simple.”
 2008-12-07T00:37Z update: Well, the sample Client-Side Detection in the Adobe Flash Detection Kit 1.5 definitely fails to detect Flash 10.  The script is a bit hairy and one problem may be related to how Flash Player 7 and later versions are recorded in the Windows Registry.  Assuming that the version string is found properly, the next problem may be in the logic of JavaScript function DetectFlashVer.]
 2008-12-06T22:43Z update: I put the questions about this up as a teaser on StackOverflow.  I am already seeing a couple of interesting comments.  The frightening prospect is that the bug is in detection code that Adobe (still) recommends.  So, I had to add the eReader page’s failing of its own demonstration of the proper solution, below.  Stay tuned.]

Here’s how I experienced the widespread (for me) Flash 10 detection failure.

Flash Reports Successful Install (click for larger image)

Updating Flash.  On November 24, I encountered a pop-up advising me of an update to the Adobe Flash Player.  This one promised full screen HD playback, faster performance, and security enhancements.  I wanted it.

Because I run as a limited user when on-line, actually installing the plug-in took a little more effort.  Before I was done, I had removed Flash completely from my computer and then done a fresh install. 

On November 25, I had a successful installation in Internet Explorer 8 beta 2.  (No cracks: IE is not the problem here.  Sometimes I need compatibility mode for a site to render properly, and those issues are separate from whether or not Flash will play.  I have Google Chrome, and could try its Flash plug-in except I need to be admin to install it, as usual.)

This display appeared in IE8 when the install succeeded.

If I select updating any time later, no downloading will occur and I see this display near-instantly.  At this time, version is the latest and I have it installed already.

Hulu shows HD of recent Fringe episode (click for larger image)

Successful HD Video.  Here’s an example of the high-quality video presentation available on Hulu, my favorite site for watching movies and television episodes.  This snapshot is a few seconds into the 480p feed of a recent episode of Fringe.

Hulu works so consistently, while so many other sites are failing, that I was concerned that the site wasn’t serving up Flash at all.  To make sure I wasn’t receiving Silverlight video, I inspected the source code of the web page.  Yes, it is using the Flash Player.  The code is in nice AJax structure and I can find where the player is operated, although I can’t determine how the version is checked.  I also see how messages that I need Flash are produced.  That isn’t happening.

The Flash 10 Player is recognized by Hulu, which plays everything just dandy. 

Change.gov little embedded video works great (click for larger image)

Nice embedded play on Change.gov.  On December 4, I also visited change.gov because of an interesting phenomenon there. 

Here’s a simple video in its own frame on the Change.gov site.   The video and audio play just fine.

I don’t know where this particular video is hosted, so I looked for another that was part of the YouTube video collection for change.gov.

This YouTube-branded video also shows up on change.gov (click for larger image)

Change.gov shows YouTube well.  Here’s a larger video frame from a different page on change.gov.  You can see that the video is YouTube-branded in the lower right corner of the video frame.

What’s fascinating about this and any other YouTube video is that viewing directly on a YouTube page will fail, as shown below.

It also fails if I go to Y! Video for the Yahoo presentation.  The MSN Video works just fine.

Kyte has the most-accurate message of all (click for larger image)

The best rejection of them all.  This is the only accurate message that I received.  About Face author Alan Cooper should be very pleased that someone is learning how to present straight-talking, factual messages.

It is valuable that this message reports the only thing that the Kyte site can be sure of.  It doesn’t speculate anything about my computer and what the problem might be.  If you’re going to fail, do it this way.  This is evidence for a level of care that inspires trustworthiness.
YouTube Fails Flash Detect (click for larger image) YouTube the know-it-all.  Here’s brash You Tube guessing what’s wrong with me.  The statement is completely false.  Also, remember that YouTube video that plays just fine from change.gov?

So, somebody is doing Flash Player version detection differently (i.e., properly) compared to most everybody else.  I wonder how we’ll learn what the difference is.

PS 2008-12-06: Ironically, Google Video does play through Flash 10.  Viddler plays beautifully (and that says a lot about Chris Brogan’s relationship to trust).  MSN Videos play as well, also using Flash for delivery.
This particular CNN page reports that it detected Flash 0 CNN Fails Twice in One Blow.  Notice the version it reports that I am using.

At first, I thought the problem was that all of the failing implementations are truncating “10” to “0”, but that would be misleading.

All we know for sure from this display is that the version was truncated in making the message, assuming it is using a detected version at all.

An interesting aspect of the CNN site is the number of different implementations of Flash viewers there are.  I include two more in the rogues gallery below.
Yahoo! Pretends It Is Stuck (click for larger image) Yahoo! wants my attention.  I went to the solutions page. 

Meanwhile, back on the page that had this message, I start hearing audio.   Returning to the tab with that page, I see that the video is indeed playing.  It is a reduced video image that does not play in the full frame of the Yahoo! player on the page, but the video is playing.

It is difficult to get to the AP feeds in a direct way, and I haven’t tried comparisons with other sites that carry AP or other services delivered via Yahoo!
Yahoo! offers this solution while playing he video anyhow (click for larger image) Not so great, Yahoo!  This “solution” is amusingly inaccurate.  It may be true that they require the version they do, but upgrading won’t get it for me.  The fact that the video was playing while I looked at this makes for a rich Internet experience.
The Site for Demonstrating Flash Detection Done Right: FAIL! (click for larger image)

Oh Oh, Adobe FAIL?  This image shows failure of Flash 10 detection on a web page that is proudly showing off the correct way to detect Flash 8 or higher.   I found this in a link on the Adobe Developer Center article “Best Practices for Flash Player Detection.”

The article has some great demonstrations of hubris:

”Well, folks, today is a good day: The search is over. The wheel has been invented. And tested. And taken on a nice, long road trip.

“Say hello to the newest detection script, which you can implement easily using Macromedia Flash 8. Much like the Six Million Dollar Man, it's better, faster, and stronger. And as an added bonus, you can actually rely on it.”

ending with

”Finally, tell every web developer you know about this article. The sooner Flash Player Express Install becomes standard, the sooner we can stop frustrating users and start handling Flash experiences in an effective manner and improving user experiences on the web.”

Apparently, that is exactly what happened.

The late Michael Williams provided, in 2005, an Adobe Developer Center article on “Future-Proofing Flash Player Detection Scripts.”   There are some weird solutions, but it looks like they should detect Flash 10 (but maybe not Flash 26).
The Client-Detection Sample from the Adobe Kit: FAIL! (click for larger image) Adobe’s Example Fails.  The Client-Side Detection example in the Adobe Flash Player Detection Kit 1.5 fails to detect Flash Player version 10.

Examining the JavaScript file suggests a number of ways that DetectFlashVer might go wrong.  Determining the actual defect requires some careful forensic reconstruction.
Adobe Action Script Example Tries Update (click for larger image) Adobe Unhelpful Helpfulness.  The Flash Player Detection Kit also provides an example of an ActionScript detection technique.  This sample will automatically invoke installation of an ActiveX plug-in, but when I allow it to run all it does is quickly report that the version I have installed is present (as if it has installed it anew).

This “ Installed Successfully” has no impact whatsoever on the already-reported detection difficulties.  In particular, the Client-Side Detection example still fails.

It is time for that careful forensic reconstruction.  I am also curious about the way that the Windows Registry is accessed as part of ActiveX detection activity.
Joi's site reports I have an old version of Flash (click for larger image) Joi’s Wedding-Present Clue.  I have a theory about what is happening here.  It is the kind of thing that is going to embarrass a lot of Web developers while those who got it right are laughing their heads off by now.

[update: The Vimeo video is working fine on Joi’s own site and the link-through to Vimeo.  The full-screen HD rendering is not bad.  But the above message still occurs when I use the direct video link on Joi’s FriendFeed stream.  That makes this a self-contained systems-incoherence demonstration along with the confirmable experience (until they fix it).] 

OK, Let’s Figure This Out, Aye?

I can’t be certain that every detection failure has the same bug, but the odds of a Y2K sort of failure are pretty high.  The way I think it happens is a little different, but it requires having gone from “9” to “10”, giving lots of time for the defective code to be shared among far too many Web developers around the globe.

I’ll leave it at that.  This is a great challenge question for novice developers and experienced ones, the latter probably having committed this one at least once themselves.  I can see how I might have been caught by this myself, although I’d like to doubt that I would simply because I am always aware of representation issues from my experience in early programming languages and machine-language programming.  I am also inclined to over-engineer edge cases, and that might have been appropriate in this case.

Meanwhile, here’s a rogues gallery of other sites that have an unfortunate approach to Flash Player version detection.

CBS insists on Flash 9? (click for larger image) Dylan's Video optional anyhow (click for larger image) 

CNN claims 8 or better (click for larger image) Well, OK, 9 or better (click for larger image)
So 10 not newer than 8?  (click for larger image) Did I leave home without Flash? (click for larger image)
Funny or Die? (click for larger image) Oh, sorry (click for larger image)

There you have it.  I’m sure this is not pleasing for Adobe.  Let’s just hope that the detection problem is not from an Adobe-provided sample of how to do it.  [Update: It appears that the problem has been promulgated in Adobe-promoted materials.] 

[2008-12-06T19:20Z update: I went through and added links to the actual sites and videos where there is narrative.  I also noted some successes where sites simply worked as expected.]

Labels: , , , , , ,



Friday Cat Picture: Weez Ur Trickz n Treatz

[update 2008-10-27: I couldn’t stand the way the picture worked so I am putting in a different one and discussing how it came to be so different.]

Princess and Teh at 14 (redone: click for large image)

Calibrize I am substituting the tightly-cropped version (above), sacrificing the dangling tail of the first arrangement (below).  At the same time, I realize that I had over-warmed and –saturated the image.  To be sure that I obtained something more like I had in mind, I recalibrated my new LCD monitor with Calibrize (thanks to LifeHacker).  This seems to work better than my hueyPro which seems to be confused by my video pipeline.  On the other hand, I may be the one who is confused, having not figured out how to calibrate my display properly by any means.

You, as the viewer, have no idea what I have in mind as a proper presentation of the photograph, above, and the alternative that I found unsatisfactory, below (although the difference in cropping should be obvious).  You can click on the Calibrize button and find your own balanced monitor adjustment (or use your favorite alternative for non-Windows platforms).

That makes this updated post into fodder for my confirmable-experience soapbox and there’ll be more about that in further posts.   Meanwhile, it is time to shop for Halloween candies for the Friday night visitors.  I have a great cat-picture repost to put up at that time.

Princess Psyche and Teh Amor at 14 (click for larger picture)

I really wanted to keep Teh Amor’s tail in the picture, but it makes the composition really cock-eyed.  Looking at it, I think the only solution would be to separate out the two figures and ditch the tail and the framing of them together.  And I’m not going to do that well, just because.  And now I’ve gone and done it.  They are still framed together, but the tail is gone.  Do you see other differences?  Which one looks better in that regard?

The original photograph was taken on Wednesday, October 22, on one of those unexpected and delightful snappy autumn days with bright sunshine.  One or both of the twins will usually laze in the sun on the window side of the vertical blinds.  I have no idea what has them facing into the room.  I was anxious that they not decide to hop down and come closer to see what I was doing.

I’m holding the camera vertically, with the on-camera pop-up flash on the right.  Teh decided to look right into it, hence the village-of-the-demon-cats effect.

No, they’re not dressing up for Halloween and yes, it is a week early.  Maybe they’ve over-dosed on the run-up to the US Presidential Election.  Could be Princess still yearns for Hilary, or maybe for John Edwards?

Labels: , ,



Geek Dinner Collection: 2007-09-12 Hanselman Event

[This 2007-09-13 Orcmid’s Live Hideout Post is being recovered from my Live Spaces blog for improved preservation and consolidation. While it is a way to appear to be blogging more regularly, it is also a serious preservation attempt. I want to move off of Live Spaces anyhow, since I can now accomplish all of the same things in a place where I have complete backup and preservation capability. It also happens that there are some threads that were partly over there that I want to build on over here.

I did not know that this was more urgent than I realized. It seems the latest Windows Live Writer (or Live Spaces itself) will not let me retrieve previous posts beyond the latest 20. So I am literally scrapping this one off of the blog page. We’ll see how it goes.

Scott Hanselman hosted another of his Bellevue Crossroads Geek Dinners this past Monday, 2008-10-06. It is appropriate to retrieve this message while I stall my preparations for a response to Hanselman on a different topic.]

2007-09-12: Scott Hanselman 2007-09-12: Nerd Dinner 2007-09-12: Nerd Dinner 2007-09-12: Nerd Dinner Mystery 2007-09-12: Charlie Owen

2007-09-12: Nerd Dinner 2007-09-12: Nerd Dinner 2007-09-12: Nerd Dinner 2007-09-12: Charlie Owen 2007-09-12: John Lam

My snapshots from the casual dinner meet-up called by Scott Hanselman with swag by Charlie Owen. Here I play with the thumbnails that Flickr provides, along with the ease of using photos in posts via Live Writer. I do fancy my Live Writer, yes I do.

[update 2008-10-09: Along with movement of this post to Orcmid’s Lair, there is also a confirmable-experience moment concerning these digital photos. They appear much darker than on my previous display. This is a noticeable concern and a complex confirmable experience situation. There’ll be something more coherent about that after I manage to calibrate my new monitor for reliable digital-photography work. Oh, I’m also making use of the categories feature and have abandoned any effort to keep cybersmith posts all in one place. Scary.]

[update 2007-09-13: Arun Bhatnagar has put his photo set on Flickr. They provide a great demonstration of how the Crossroads Mall building is unusually inviting for socialization and informal meetings.]

Labels: , , ,



Confirmable Experience: What a Wideness Gains

Four years ago, I replaced a failing 21” CRT display with a 20” LCD monitor.  The improvement was amazing.  I have since upgraded my Media Center PC with a graphics card that provided DVI output and there was more improvement.

But the greatest improvement came when the 20” LCD monitor recently began to have morning sickness, flickering on and off for longer and longer times before providing a steady display.  Before it failed completely, I began shopping for the best upgrade on the competitive part of the LCD monitor bang-for-buck curve. 

These days, 24” widescreen LCD monitors are the bees knees.   For almost half what I paid for the 20” LCD in 2004, I obtained a 1920 by 1080 DVI LCD (Dell S2409W) that is not quite the the same 11.75” height but is 21” wide.  The visual difference is dramatic when viewing 16:9 format video and also when viewing my now-favorite screensaver.  I added a shortcut to my Quick Start toolbar just to be able to watch the screensaver and listen to the bubbles while making notes at my desk.

I'm tempted to zone out over the screen-saver (click for full-size image)

One of the problems I had with the 20” old-profile (6:4, basically) was that I could not work with multiple documents open at the same time.   I don’t mind only having one fully on top, but I often needed to be able to switch between them easily.  In some standards-development work that requires comparison of passages in different documents, it was also tricky to have them open in a way where I could line up the material to be compared and checked.

The wider display permits having more of an application open, such as Outlook, and it also allows access to additional open material. 

What I hadn’t expected was the tremendous improvement that becomes available when there is a 21” task bar at the bottom of the screen.   I did not expect an advantage there as the result of the wider display.  That alone has made my working at the computer more enjoyable and more fluid. 

My desktop is still too cluttered with icons and I am still tidying them up, removing ones that I rarely use.  Even so, the perimeter of the display provides for more icons on the outside of the central work area so that I can find them without having to close or move application windows.  That’s another bonus.

Wideness gains more than height (click for full-size image)

I must confess that I haven’t had so much fun since I progressed from Hercules-graphics amber monitors to full-color displays in the early 90s.  It is sometimes difficult to realize that it wasn’t that long ago.

Oh Yes, the Confirmable Experience …

There are two confirmable-experience lessons here.  First, the subjective experience I am having is mine.  The wide-format monitor is an affordance for my heightened excitement and enjoyment, but the experience is mine.  Others have different reactions and, in particular, have their own ideas about display real-estate, task bars, and other user-interface provisions.

For the second lesson, recall how much emphasis I give to using a screen-capture utility for computer forensic and trouble-reporting work.  That will often provide important out-of-band evidence for a problem that one user is seeing and that another party does not.

These screen captures provide similar evidence of what the wider-format display provides for me.

They don’t provide any assurance that you will see them the same way I do, however.  If you click through to the full-size images, you’ll see a rendition of the same bits that my display shows me.  I assure you that the image I see when replaying those bits to my screen is exactly the same as the one I took a screen capture of.  

There are a number of ways that your experience will be different.   At the most fundamental level, there is no way to know, using these images only, to determine whether the color presented for a particular pixel on your display is the same that I see on mine.   The PNG files do not reflect what I saw.  They do faithfully reflect what my software and graphics card used in the internal image that was presented via my display.  But we have no idea whether your computer is presenting the same color using the same bits.  There are other differences of course, in that gross features may not be viewable in the same way my monitor allows me to see them (unless yours has at least the 1920 by 1080 resolution that mine does).  This is all there to interfere with our sharing this particular experience of mine even without allowance for our different vision and subjectivity influences.

The takeaway for this part is that context matters with regard to what qualifies as a confirmable and confirmed experience.  It’s also useful to notice how many different aspects of the computer bits to displayed pixels pipeline can influence whether or not I have successfully shared relevant aspects of my experience with you.

And we do manage to make it all work, most of the time, for most of us.

Labels: ,



Confirmable Experience: Consider the Real World

Clarke Ching just posted a great illustration of a confirmable-experience situation.  Until a set of comparative photographs was available to illustrate some different experiences, he and his wife did not know how to understand a difficulty that one had and the other did not (and check the follow-up for more important reality). 

This is the entire crux of it. 

I often go on about the importance of confirmable experience in the area of trustworthy and dependable systems.  Providing confirmable experience is something software producers (and motivated power users) need to pay attention to.  Clarke provides the Cool Hand Luke reality version.  Sometimes communication is not simple and it is important to remove the barriers.

I want to post this here and I also want to drag it into my confirmable-experience cybersmith collection too.  I want it here because it is so juicy, even though this is not my main confirmable-experience category location.  Well, I think not.  I will resolve it for now with cross-posting.  Sometimes, I need to make a mess to know that is not the way to do it.  Now I have to dig my way out of it.

Labels: ,



Interoperability: The IE 8.0 Disruption

I've elected to adopt the IE 8.0 beta 2 release as a tool for checking the compatibility of web and blog pages of mine.  I see how disruptive the change to default standards-mode is going to be and how IE 8.0 is going to assist us.  I need to dig out tools and resources that will help me mitigate the disruption and end up with standards-compliant pages as the default for new pages.

Looking Over IE 8.0 beta 2

I avoid beta releases of desk-top software, including operating systems and browsers.  Because the standards-mode default of IE 8.0 is going to place significant demands on web sites, I also thought it time to install one copy of IE 8.0 simply to begin assessing all of my web sites and blog pages for being standard-compliant enough to get by.  I am willing to risk use of beta-level software in order to be prepared for the official release in this specific case.  I'm also sick of having IE 7.0 hang and crash on mundane pages such as my amazon.com logon.  I'm hoping that even the beta of IE 8.0 will give me some relief from the IE 7.0 unreliability experience.  And so far, so good.

With the promotion of beta2 downloading this past week, I took the plunge.  Installation was uneventful and all of my settings, add-ins, favorites and history were preserved.  My existing home page, default selections, menus and tool bars were also preserved.  [I am using Windows XP SP3 on a Windows Media Center PC purchased in September, 2005.  IE 8.0 beta 2 also seems faster on this system in all of its modes.]

I did not review much of the information available on IE 8.0, expecting to simply try it out. 

The IE 8.0 address bar emphasizes the domain name of the site being visited (click for full-size image)

My first surprise was a change to the address bar.  There is a new format where all but the domain name of the URL are grayed.  That was distracting for the first few days and it still has me stop and think.  I realized this is the point: emphasizing the domain name so that people will tend to check whether they are where they expect to be.  I like the idea, even though I have to look carefully and remember the full URL is there when I want to paste it somewhere or share the page on FriendFeed or elsewhere.  I take this provision as one of those small details that demonstrates a commitment to safe browsing and confident use of the Internet.

The broken-page indicator appears any time that a page does not satisfy strict-compliance. What I was looking for, and saw immediately, is the new compatibility-view button.   This "broken page" button appeared on the first site I visited after installation of IE 8.0 beta 2.

Clicking the button causes it to be shown as depressed and the page is re-rendered as a loosely-standard page with the best-effort presentation and quirks renderings of IE 7.0 and earlier Internet Explorer releases.  If you leave the button selected, the setting is remembered and automatically-selected on your next visits to the same domain.  It stays that way until you unselect the button by clicking it again while visiting pages of that domain.  It was this feature that tipped-me over in wanting to check out my own pages using beta2 (although I thought the button was tracked at the individual page level until I read the description of domain-level setting). 

By the way, if a page is detected to require a standards or compatibility mode specifically, no compatibility view option button is presented.The amazon.com site is this way from my computer, and so is Vicki's pottery-site home page.  I looked at the source of the amazon.com site and confirmed that they are not using the special tag that requests that the compatibility view be automatic.  I didn't check the HTTP headers to see if they are using that approach to forcing a compatibility or a standards-mode view.  I know I did nothing of the kind on Vicki's site.  This suggests to me that there is also some filtering going on in standards-mode rendering to notice whether a compatibility view should be offered.  I'm baffled here.  I am curious whether there is any browser indication when the compatibility view is selected by a web page tag or HTTP header.  I suspect not and I'll have checked into that soon enough.

I also checked out the InPrivate browsing feature, which, although popularly dubbed the "porn mode," is very useful when using a browser from a kiosk or Internet cafe and when making private on-line transactions from home.

At this point, I am not interested in special features of IE 8.0 other than those related to improving the standards-compliant qualities of web pages and the browsing experience.  I may experiment with other features later.  My primary objective is to use the facilities of IE 8.0 and accompanying tools to improve the quality and longevity of my web publications.  Once I have some mastery over web standards, I will look into accessibility considerations, another project I have been avoiding.

Disrupting the State of the Web

The problem that IE 8.0 is intended to help resolve is the abuse of Postel's Law [compatibility view offered] that the web represents: "be conservative in what you do, be liberal in what you accept from others."  The abuse arises when what you do is based on what is being accepted, with no idea what it means to be conservative.  The web was and is an HTML Wild West and it is very difficult to enforce conservatism (that is, strict standards conformance in web-page creation).  Since browsers also varied in what they accepted and then what they did with it, loosely-standard pages and loosely-standard browsers have been the norm and web pages are crafted to match up with the actual response of popular browsers. 

Since Internet Explorer is made the heavy in this story, we now get to see the price of changing over to "be strict in what is accepted and be standard in what is done with it."  This is a very disruptive change.  We'll see how well it works.   Joe Gregorio argues that exceptions to Postel's Law are appropriate.  Some, like Joel Spolski [no compatibility view], think it might be a little too late.  There are already some who claim that the IE 8.0 Compatibility view is a sin against standardization [compatibility view offered], no matter that not many of the 8 billion and climbing pages out there are going to be made strictly-conformant any time soon.  With regard to compatibility mode, I think it is foolish for it not to be there and Mary-Jo Foley is correct to wonder how much complainers are grasping at straws.

It was surprising to me to observe how regularly the compatibility-view option button appears and how terribly much of my material renders in IE 8.0's standards mode.  Apparently the button is there because IE 8.0 can't tell whether the page is really meant to be rendered via standards-mode or is actually a loosely-implemented page.  I'm spending a fair amount of time toggling back and forth to see if there is any difference on sites I visit.  This suggests to me that there is going to be a rude awakening everywhere real soon now.  It is also clear to me that I don't fully understand exactly how this works, and I need to find a way to test the explanation on the IE blog and the discrepancies I notice, especially when the compatibility-view option is not offered and I know nothing special was done to accomplish that on the web page I am visiting.  I am also getting conflicting advice when I use an on-line web-page validator.

This change-over to unforgiving, default-standards-mode browsers is going to be very disruptive for the Internet.  In many cases, especially for older, not-actively-maintained material, the compatibility view is the only way to continue to access the material successfully.  There is a great deal of material for which it is either too expensive or flatly inappropriate to re-format for compatible rendering using strictly-standard features.  Without compatibility view, I don't think a transition to standards mode could be possible.  The feature strikes me as a brilliant approach to a very sticky situation.

Although there is a way to identify individual pages as being loosely-standard and intended for automatic compatibility view, that still means the pages have to be touched and replaced, even to add one line to the <head> element of the HTML page.  There are billions of pages that may require that treatment.  Perhaps many of them will be adjusted.  That will take time.  Meanwhile, having the compatibility-view option and its automatic presentation is very important. 

There is also a way to adjust a web server to provide HTML headers that request a compatibility (or standards-mode only) view of all pages from a given domain.  That strikes me as a desperate option to be used only when there is no intention of repairing pages of the site.  I might do that temporarily, but only while I am preparing for a more-constructive solution that doesn't depend on compatibility view being supported into the indefinite future.  The variations on the available forms of control (browser mode, DOCTYPE, HTTP header, and meta-tag) need to be studied carefully.  I expect there to be confusion for a while, probably because I am feeling confused with the ambiguities in my experience so far.

Another problem, especially with regard to IE 8.0 beta2, is that we don't reliably know how badly a loosely-standard page will render with a final standards-mode browser versus the terrible standards-mode rendering that beta2 sometimes makes at this time.  It is conceivable that the degradation might not be quite so bad as it appears in beta2, but there is no way to tell just yet.

The need for expertise and facility with semi-automated tools as part of preserving sites with standards-conforming web pages is probably a short-term business opportunity.   The web sites that may be able to make the transition most easily may be those like Wikipedia, where the pages are generated from non-HTML source material.  (That makes it surprising that Wikipedia pages currently provoke compatibility buttons and compatibility view is needed to do simple things like be able to follow links in an article's outline.)

Mitigating IE 8.0

To mitigate the impact of IE 8.0 becoming heavily used, it is necessary to find ways to do the least that can possibly work at once, and then to apply that same attitude in making the next most-useful change, and so on, until the desired mix of standards-compliant and loosely-compliant pages is achieved.

To find out what tools are available along with IE8 beta 2, these pages provide some great guidance and resources:

That should point you to all of the resources you need to understand how to check sites, how to use the compatibility provisions, and other ways to take advantage of IE8 availability when it exits beta.

I'm looking at a progression that will allow the following:

  1. Have a complete site automatically set to be browsed in compatibility mode (EmulateIE7, in my case), buying time to provide finer grain solutions
  2. Modify templates on blogs such as this one to specify compatibility mode on all new and updated pages until I say otherwise
  3. Find a way to make bulk changes to pages, adding a <meta> head element that specifies compatibility mode for those pages
  4. Decide how to migrate pages so that their results are delivered best in standards mode.  This may be a very long-term approach that doesn't begin implementation until the percentage of old browsers still in use diminishes enough to have standards-mode browsers be dominant.  There should still be a substantial period of time while compatibility mode is grand-fathered by the latest browsers.
  5. Even if compatibility modes eventually disappear from popular browsers or whatever comes after the browser, there will be a lasting need for compatibility view of archival materials, or some other creative solution that allows those materials to be accessed in a standards-mode world.
  6. There will be future breaking changes in standards mode as updated/successor standards are introduced.  The compatibility view requirement may never disappear, although its future achievement may be accomplished with less disruption.  Unless, of course, we fail to learn the lesson.

I will work out my own approach on Professor von Clueless, since I have definitely blundered my way into this.

This post is also being used to identify the IE8 mitigation required for this blog, along with some other improvements:

  1. It is a prospect for assessment of standards-compliant presentation via IE8 beta 2.
  2. It is my first use of Blogger Labels (Categories in other blogging systems) to archive Orcmid's Lair posts by categories as well as having weekly chronological archive pages and the buckets of individual posts made in the same month.
  3. I am setting up Windows Live Writer image-uploading capability to FTP images to a directory of the blog; the images in this post are the confirmation of that.

When I update the template to force compatibility with the current loosely-standard blog-page generation, this post will reflect that too.

[update 2008-08-30T16:42Z I had a few clumsy bits to clean up, taking the opportunity to elaborate further in some areas.  The disruption with standards-mode web browsing is a great lesson for standards-based document-processing systems and office-suite migrations toward document interoperability.  I'm going to pay attention to that from the perspective of the Harmony Principles too.]

Labels: , , , , ,

Construction Structure (Hard Hat Area) You are navigating Orcmid's Lair.

template created 2002-10-28-07:25 -0800 (pst) by orcmid
$$Author: Orcmid $
$$Date: 10-04-30 19:00 $
$$Revision: 69 $