Web

My tweets and the previous post have gone viral. Lots of reactions both positive and negative. Some retweeted immediately and some calling me a fool for writing about injecting content within an SSL connection. Amazing to see all the responses. There is a pattern to be seen with people who reacted negatively: they tend to don’t care about the ads. Here’s my said tweet: Jangan pake KlikBCA di jaringan @xl123 kecuali login credential lo mau lo share sama xl, kalo begitu monggo. pic.twitter.com/AvNfUuhORN ...

Last Friday, October 4th 2013 I was hanging out with some friends and while searching for a place to do so, I opened up Urbanesia on it mobile web http://m.urbanesia.com/. While I was searching, I noticed there’s a banner displayed on top of the page, it was definitely not Urbanesia’s and so I got curious. When digging into the mobile web source code, we didn’t activated any codes that’ll lead to any banner placements on top so this banner must surely be injected by a third party. My mind were full of technical ideas translating into security breaches/flaws making the injection a reality. ...

All these times coding in PHP, I have yet to experience an elegant way to compile and minify assets including but not limited to CoffeeScript, JavaScript and or CSS. Watchers for specific transcompiler were needed and it blocks me from coding straight up. Well Python and Flask specifically is giving me sweet dreams. Have a look first at Flask-Assets and then dive in to Webassets. FYI, Flask-Assets if you set it up as your dependency will include Webassets also. I love Flask because it’s simple, to the point and very flexible to extend to your liking. ...

Just a few days ago, the latest version of nginx at 1.4.0 was released to the public. The version bump adds a lot of new capabilities for your web stack. The most interesting for me was support for SPDY 2 protocol. Excerpts from Chromium SPDY’s page reads below: As part of the "Let's make the web faster" initiative, we are experimenting with alternative protocols to help reduce the latency of web pages. One of these experiments is SPDY (pronounced "SPeeDY"), an application-layer protocol for transporting content over the web, designed specifically for minimal latency.  In addition to a specification of the protocol, we have developed a SPDY-enabled Google Chrome browser and open-source web server. In lab tests, we have compared the performance of these applications over HTTP and SPDY, and have observed up to 64% reductions in page load times in SPDY. We hope to engage the open source community to contribute ideas, feedback, code, and test results, to make SPDY the next-generation application protocol for a faster web. In order for SPDY to work, one will need an SSL certificate and OpenSSL 1.0.1c at least to compile and run a website successfully with nginx. SPDY needs NPN enabled with OpenSSL and CentOS only provides 1.0.0. According to a blog post here, we can just add a repo to get OpenSSL to work nicely. Here are the steps needed to compile nginx with SPDY support: $ rpm -ivh --nosignature http://rpm.axivo.com/redhat/axivo-release-6-1.noarch.rpm $ yum --enablerepo=axivo update openssl $ cd /opt/src $ wget http://nginx.org/download/nginx-1.4.0.tar.gz $ tar xfz nginx-1.4.0.tar.gz $ cd nginx-1.4.0 $ ./configure --with-pcre --with-http_ssl_module --with-http_spdy_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_stub_status_module --prefix=/usr/local/nginx $ make -j4 $ make install ...

This will be the second time I once again dissect what is really happening with Urbanesia’s analytic results. The first time I dealt with it, we ended up breaking our own sacred oath not putting any inline Javascript with our HTML. Well now, we ended up not using any Javascript (in the future). These past few weeks our servers recorded an increase compared with previous months and somehow Google Analytics is not showing anything unusual. Our requests/second increased significantly with our application and CDN servers, this is a clear example of true users accessing our website. ...

It’s with pride if I answer questions about what I do. I’m a developer running a web startup. There are 2 things in the previous sentence that makes me smile every time I think about it. Let’s dive in. I AM A DEVELOPER I’m lucky enough to be one of the few to work in something that I have loved ever since I laid my eyes on. I fell in love initially with a 8088XT running Digger. I basically wrecked a couple of PCs while learning about it. Anyways, because of the profound impact of computers in such an early age, I was very up to date about technologies back then. In fact I was one of Internet’s early adopters here in Indonesia. The first thing I did when I knew about WWW, I signed up for a free website at Geocities, that was in 1996. ...

On my last post, I mentioned the definition of Augmented Reality (AR). Now I’m adding the word Mobile to it. At the current time, platforms that I’ve tried to developed upon supporting AR are iPhone and Android. Well actually I coded once and used Titanium Developer to make the actual executable files for each platform. Titanium offers current web standards as a mean to create those mobile applications. I’m now using Titanium Developer 1.0 with the 1.1 Mobile SDK. The requirements to be able to run Titanium and produce for iPhone & Android are: ...

This year 2010 is set to be a cloudy year! Why? Well it’s practically the year where everything cloudy are launched. Web Development has never been so fun and so fresh before. The mobile world is getting its taste of how The Web will change its course. [caption id=“attachment_181” align=“aligncenter” width=“282” caption=“Web 3.0”][/caption] Over the years, your mobile phone anywhere in the world has been a primary need in metropolitans. When it’s came to this stage, mobile phones are practically a part of our daily routines. A new revolution is coming and it’s making mobile phones as its stage. ...

My latest adventure! I proclaim myself not just as a web developer but also a web hoster now :) Never really thought about it before until recently. I’m frustrated by the lack of options with just any web hosts. None really offers dynamics when it comes to what I need. A purely simple example is SSH access. Have a look out there and almost none offer SSH. If security is their reasoning then their just not fit to become a web host. Not to say that there isn’t any flaws but web hosters nowadays don’t really understand what they’re doing. Some are just people with capital and enough interest towards the business with minimum technical expertise. ...