Our Legacy: Environmental Barbarians

Almost everyone who looks at the history of North America through the lens of current times is appalled at the brutal decimation of native populations, at slavery, and at the complete absence of any concept of human rights.

It occurs to me that 50 to 100 years on, survivors of the environmental apocalypse will look at us in a similar way. Sadly, we’ll be even more culpable. We’ve known the planet was destined to become overpopulated with humanity for at least 30 years, and our response has been indistinguishable from nothing.

Polar ice caps are disappearing more quickly than even the most alarmist had expected. Climate change wreaks trillions of dollars of damage on our economies. Critical ecosystems collapse and even species we deem to find attractive border on extinction. Meanwhile, we worry about bailing out car manufacturers.

It looks to me like we’ll just keep on trying to get by and maintain our “standard of living” until there’s a real environmental crisis, until we pass the “tipping point”. Then we get to try to put our lives back together in the face of huge population migrations, limited food resources, war, disease, and eventually feudalism. Then we’ll “buy locally” — there won’t be any other choice!

Our legacy will be that we’re the ones who ushered in the Second Dark Ages. Our barbarism will make the early history of the continent look like innocence. The worst, the saddest, part is that it might be too late to change a thing.

Simplifying Joomla Template Layouts

Since the early days of Joomla 1.5, component layouts have bothered me. First there’s the problematic nomenclature (which I’m probably using incorrectly). Layouts are component-specific snippets of HTML and PHP logic that generate the actual code (usually HTML) that goes to the target device. A template can override the default layout, which is just one of the many powerful features that give Joomla sites so much flexibility.

My biggest problem with layouts is that they typically embed too much logic. Why should a layout be determining what to do if a category description isn’t present? Worse yet, why does it have to check access to see if an article body should be displayed or not? Surely the actual view should be responsible for this sort of thing, and the layout should be strictly concerned with how to present the information that’s available.

The other problem is that layouts are ugly beasts. Most layouts need to flip between HTML and PHP dozens of times, just to do the most simple thing.

I’m not exactly a patient person. Maintaining the existing layout code in the Joomla core components is bothersome enough, but recently I started doing extensive work on a third party component, adding my own view in the process. That’s when that familiar snapping sound resonated in my head. Always a sucker for diversions, I decided to follow the tangent and see if I could improve Joomla layouts.

It took about triple the expected effort, largely because the initial results were pretty exciting, and I decided to do more than a hack job. The result is JTML, and the results are described in the white paper Simplifying Joomla Template Layouts.

Every once in a while, the idea of creating a simple language for creating Joomla extensions comes up, but that is a very big job indeed, and there are many, many other things to do in the project. So it remains a bit of a dream. I’m hoping JTML is one small step in that direction.

How to: Ubuntu PHP Remove Suhosin

One of my projects for the “holidays” is moving one of my servers from Gentoo to Ubuntu. During planning for this, I noticed that the Ubuntu version of PHP5 includes Suhosin. That’s a problem.

The problem with Suhosin is that it’s designed to stop sloppy applications from doing bad things. I’m sure it does a reasonable job of that, but in the process it can interfere with good applications (see examples for Joomla). Since I’m in the business of writing good applications, Suhosin is a bad idea. Worse yet, it can provide a false sense of security, since it can’t deal with anything except typical PHP errors. As far as I’m concerned, this class of “security blanket” provides false comfort and is no replacement for auditing and testing.

How the Liberals Should Elect a Leader

There is no question that the Liberal Party of Canada needs to pick a new leader, and fast. Not only do they have to do it quickly, but they have to do it right.

While Michael Ignatieff might be the right choice, and might even be the winner at a convention, Bob Rae’s observation that a process of installing him is “undemocratic” carries some weight. Simply installing Ignatieff based on polling results and some “consultation” with riding leadership may be prudent, but it’s not smart.

I put “undemocratic” in quotes for two reasons. Firstly, the word has been horribly misused over the past few weeks. All the political drama we have just experienced has been nothing but democracy. Those who call it otherwise are merely uninformed. Anyone who says “I voted for Harper, not Dion” is in desperate need of education on the political system that this country uses. On the second count, the normal process that the Liberals use to pick a leader is anything but democratic. To anyone who wants to argue this, I merely observe that this was the process that got Dion the leadership in the first place.

The “transferable delegate” system might make for great television, but it has clearly been demonstrated that not only is it out of touch with the party grassroots, it doesn’t pick the best leader. Time to chuck this tradition along with Mr. Dion. This time, let’s lose the baby and the bath water.

This gives the Liberals an amazing opportunity to demonstrate that there is a fix for the problem. What they should do is quickly set up an online leadership voting system. They should mail cards with a security PIN code to every party member in good standing. Party members should then be required to combine this PIN with some piece of personal information that’s on file, such as the member’s phone number and year that they joined the party. There will need exception handling process for those who have problems, but I guarantee that they’ll get a democratically elected leader in a short period of time and at a lot less cost than a convention.

The catch to all of this is that we’re talking about a party that can’t manage to get a critical video for a national address done on a reasonable schedule, and even then they can’t do a job that wouldn’t embarrass a grade seven student. It’s painfully evident that the Liberal communications people are under siege at best, or woefully incompetent at worst.

Still, an online leader selection process would be relatively straightforward. I’d even be willing to help implement such a system, because I think real democracy is important. Then we can talk about moving federal elections to a Single Transferable Vote system (in particular, BC-STV) and then maybe we can get on to building governments that are formed from meaningful, relevant, and functional coalitions. It is possible. (more…)

TD Bank Tries an End Run Around Site Tracking Blockers

I’m well aware of the value of site analytics. Most of my sites make extensive use of them. But at the same time I’m aware of a user’s absolute right to not be tracked, be it anonymous or not. When it comes to my personal information, I’m usually happy to let most sites drop in a statistical tracking cookie, but I almost always set the lifetime of those cookies to “session only”.

Basically, I’m happy to let someone know how I navigate their site, because that information is likely to result in improved usability. What I don’t like is disclosing how many times I visit a site over a period of time, and what my multi-visit user patterns are like.

With browsers like Firefox and now even Internet Explorer providing easy tools to manage cookie acceptance and lifetime, more and more users who don’t want to be tracked are limiting cookies. This is giving marketers a more challenging time and skewing their statistics. Poor babies.

Some marketers are fighting back. What’s not commonly known is that Adobe’s Flash Player lets sites store cookie-like information as well. Now Adobe hasn’t quite caught up with the concept of individual liberties, so the default configuration of the Flash Player is to allow local storage without any explicit user permission. Adobe pretty much has a monopoly when it come to this sort of thing, so there’s little incentive for them to change.

So now marketers who claim to seek to improve customer service have a method where they can gather data even if their customers have taken explicit steps to prevent it. News Flash: That is NOT good customer service! It’s really rather offensive customer abuse.

Some time in the past few months, TD Bank decided to join the ranks of companies who have elected to bypass their customer’s wishes. I recently connected to my online banking site, and got asked for permission to allocate local storage to an invisible bit of Flash. So I cranked open the page and found this link: https://easyweb46w.tdcanadatrust.com/dojo111/dojox/storage/Storage.swf?baseUrl=/dojo111/dojo/. At least its name reflects its purpose.

Anyone familiar with the big Canadian banks has become accustomed to dealing with these arrogant behemoths, protected from significant international competition by legislation, and reading from some version of a dictionary where the meaning of “service” is very different from the commonly accepted definition. Really the only surprising thing is that they haven’t found a way to charge me 25 cents per byte of information that they want to store on my computer.

But you don’t have to be subject to corporate whims. These things are configurable. Don’t go looking through your browser, plugins or program settings for the control panel, though. Follow this link to your Flash Player control panel. This looks like a screen shot of what a control panel might look like, but don’t be confused: it’s a live presentation of your current settings. Click on the second tab, “Global Storage Settings”. There’s a reasonably good explanation of the settings below the panel, but if you move the slider to the left until it reads “None”, then every site that tries to save data in flash will have to get your approval first. If you don’t want to be asked, set the “Never Ask Again” check box. Then go to the last tab, “Website Storage Settings” to take a look at which sites have left tracking codes on your computer. Delete all the ones you don’t trust.

Now you have control of your information again.