How Not To Design a Protocol

Published: October 30, 2010

“Google security researcher Michael Zalewski posted a cautionary tale for software engineers: amusing historical overview of all the security problems with HTTP [categorySeeAlso slug=”cookies”], including an impressive collection of issues we won’t be able to fix. Pretty amazing that modern web commerce uses a mechanism so hacky that does not even have a proper specification.”


The Myth of the 3 Click Rule

Published: October 29, 2010

“The assumption that users must be able to access all content with a maximum of 3 clicks is simply false, and we have the data to prove it.”

Chris Wright @

Minimalist Web Design: Elements and Principles

Published: October 24, 2010

How to create minimalist web designs:

  • Leave out unnecessary elements
  • Remove elements until the function of the design breaks
  • Understand and use the role of white space
  • Work with the details of remaining elements
  • Use color with extreme caution

Source: Lars @

Top Ten Specialty Web browsers

Published: October 23, 2010

“These oddly useful alternative browsers offer such advantages as 3-D searching, social networking, easy scriptability, and powerful page manipulation.”

Source: Peter Wayner @ InfoWorld

Via Slashdot.

Visual Hierarchy in Web Design

Published: October 18, 2010

The Hierarchist’s Toolbox

  • Size
  • Color
  • Contrast
  • Alignment
  • Repetition
  • Proximity
  • Density and Whitespace
  • Style and Texture

Source: Brandon Jones @ Webdesigntuts+

Web Design: East and West

Published: October 16, 2010

Web Design Differences: Asia and US

Hong Qu was one of YouTube’s first employees: he designed, programmed, and launched vital parts of the site such as sharing tools, user profiles and video responses. More recently, Hong helped develop YouTube’s localization strategy in Asia.

In a recent interview with SGEntrepreneurs, Hong said:

One key difference between Asia and US is that in Asia, the web is used more for entertainment, so websites have been traditionally more cluttered. Whereas in the US, the web is used for more productivity tools and so sites are usually cleaner to focus on the core feature.

Hong Qu @ SGEntrepreneurs

Hong also sees a difference between “sites generally designed in Silicon Alley (New York City) versus Silicon Valley is the greater emphasis on aesthetics from the NYC dwellers, being a hub for the creative (art, fashion, design).”

Sites of Interest

Published: October 13, 2010

33 Beautiful Purple Websites

How to Become a Web Designer

In the News

Published: October 11, 2010

New Web Code Draws Concern Over Risks to Privacy

Worries over Internet privacy have spurred lawsuits, conspiracy theories and consumer anxiety as marketers and others invent new ways to track computer users on the Internet. But the alarmists have not seen anything yet.

In the next few years, a powerful new suite of capabilities will become available to Web developers that could give marketers and advertisers access to many more details about computer users’ online activities. Nearly everyone who uses the Internet will face the privacy risks that come with those capabilities, which are an integral part of the Web language that will soon power the Internet: HTML 5.

Tanzina Vega @ New York Times [via Slashdot]

New Tool Blocks Downloads From Malicious Sites

Science Daily Headlines reports that a new tool has been developed (funded by the National Science Foundation, US Army Research Office and US Office of Naval Research) to prevent ‘drive-by downloads’ whereby simply visiting a website, malware can be silently installed on a computer to steal a user’s identity and other personal information, launch denial-of-service attacks, or participate in botnet activity. The software called Blade — short for Block All Drive-By Download Exploits — is browser-independent and designed to eliminate all drive-by malware installation threats by tracking how users interact with their browsers to distinguish downloads that received user authorization from those that do not. ‘BLADE monitors and analyzes everything that is downloaded to a user’s hard drive to cross-check whether the user authorized the computer to open, run or store the file on the hard drive. If the answer is no to these questions, BLADE stops the program from installing or running and removes it from the hard drive,’ says Wenke Lee, a professor in the School of Computer Science in Georgia Tech’s College of Computing. Blade’s testbed automatically harvests malware URLs from multiple whitehat sources on a daily basis and has an interesting display of the infection rate of different browsers, the applications targeted by drive-by exploits, and the anti-virus detect and miss rates of drive-by binaries.

Hugh Pickens @ Slashdot

Google Releases New Image Format Called WebP

Published: October 1, 2010

Google has released WebP, a lossy image format based on the image encoding used by VP8 (the video codec used in Google’s WebM video format) to compress keyframes. According to the FAQ, WebP achieves an average 39% more compression than JPEG and JPEG 2000 while maintaining image quality. A gallery on the WebP homepage has a selection of images which compare the original JPEG image with the WebP encoded image shown as a PNG. There’s no information available yet on which browsers will support the WebP image format, but I imagine it will be all the browsers which currently have native WebM support — Firefox, Chrome, and Opera.