Filed under Technology

At around 8:00pm on Friday the pages started coming in.  A new automated SQL-Injection attack was bringing one of our servers to its knees.  The server wasn’t vulnerable to the attack, but the act of having to process so many invalid requests was putting significant load on the processor, and was filling ColdFusion’s running process limit, preventing legitimate requests from having time to run.

Ordinarily this becomes a night-killer for me.  I’m already out, on my way to dinner, and now I’ve got to go home to deal with this issue.  But tonight I get to try something different.  I’ve had an iPhone since around Christmas, and it’s a nice little device, despite a few shortcomings.  But what I’ve always wanted was a way to actively manage a server without the hassle of carrying around a laptop.  With the release of WinAdmin for the the iPhone, I’ve got it.

I was able to connect to our company’s VPN, remotely log into the desktop of the affected server, download and install the free version of ISAPI_ReWrite, and block any URL’s containing the offending SQL injection code.  The processor utilization dropped dramatically, regular pages were being served in a timely manner, and I was able to continue on to dinner.

Last week, I attended a brown-bag lunch on social media organized by the Association Forum. While we started the discussion talking about blogs and various other social media, the conversation soon gravitated to the pros/cons and dos/don’ts of corporate wikis. And if the Society for Information Management’s Advanced Practices Council (APC) study is accurate, it’s no wonder: the study predicts that by 2009, at least 50% of organizations will use wikis as important work collaboration tools.

The APC identified 7 strategies after surveying more than 160 “active corporate wiki users.” I’ll focus on integration and culture.

Integration
I know I’ve already talked about integration in my last two blog posts, but I can’t emphasize this point enough. Just like you wouldn’t hire someone and then seat them in a faraway corner, separated from everyone else, new media has to be fully integrated within the company for it to truly be effective. As the APC report states, the wiki should be integrated as “one of several important tools in an organization’s IT collaboration architecture.”

Culture
One of the APC’s recommendations is to understand that “wikis are best used in work cultures that encourage collaboration. Without an appropriate fit with the workplace culture, wiki technology will be of limited value in sharing knowledge, ideas and practices.”

At Duo, collaboration is one of our core values. To facilitate collaboration, we started an internal wiki two years ago. “At first, I thought only the tech guys would use the wiki, but I’m amazed at how quickly everyone in the company embraced it. Now the project managers use it regularly… and the wiki has become a repository of shared knowledge, great for troubleshooting issues,” said Jason Priestas, a senior developer.

For companies where active collaboration and open sharing of information is not so much a part of the work culture, a fellow participant at the Association Forum brown-bag lunch recommended some ways to make wiki use a habit. For example, instead of simply answering questions over email, people can be incentivized to direct each other to the wiki instead. The APC also suggests assigning a champion to each wiki.

Interestingly, the State Department has its own internal wiki, Diplopedia, a resource that contains biographies of political and business leaders, reading lists and even instructions on how to order lunch. It may surprise some that such a top-down organization is actively using grassroots technology – especially technology that allows anyone to change entries. But according to Noam Cohen, “Diplopedia does not allow anonymous contributors, so bad actors could be tracked down.” Such safeguards have, so far, successfully prevented people from “committing career suicide,” as Mr Johnson from the State Department’s Office of eDiplomacy puts it.

—

To learn more about wikis and how to implement them effectively, come listen to the wiki master and evangelist, Stewart Mader, give his keynote address at the Web Content Conference 2009 in Tampa Bay, Florida! Mader is the author of Wikipatterns: A Practical Guide to Improving Productivity and Collaboration in Your Organization and founder of Wikipatterns.com.

With the recent release of iPhone 3G and the launch of Apple’s App Store, location-aware social networking applications will be making their way into the hands of more people than ever before.  The ease of use and simplicity in downloading new apps means that Apple has virtually removed the tech know-how barrier to participation.  Many of the launch day applications are free iPhone versions of popular social networking web sites.  Just about every major player has an app available for download either now or in the near future - Facebook (links open in iTunes if installed), MySpace, Twitter (via a third-party), Pownce, Flickr (via Exposure, by a third-party), and Loopt, who presented their app during Apple’s keynote announcement.  Most of these apps use your location in some way, opening up some exciting possibilities for extremely localized search, directions, and more applications hitherto unimagined.  All of these location-based apps are opt-in due to a restriction in Apple’s iPhone software development kit - the phone will prompt you if the application wants to gain access to your current location.

Of those mentioned above, Loopt has created a bit of a debacle and garnered a great deal of ill-will this week by broadcasting your phone number and current location to everyone in your contact list.

The point of Loopt is to be able to let your friends know where you are so you can get together (without having to actually communicate with anyone via text message, phone, or email).  I for one am a bit reluctant to constantly reveal my current location, even to friends, but by sending SMS text messages to everyone whose phone number you’ve ever added to your contact list, Loopt breaks a social contract by violating their users’ privacy.

Even without installing the Loopt app on my iPhone I’ve been barraged  by text messages from others who have installed it and unwittingly been sending out scores of SMSes without knowing it.  Aside from privacy concerns, sending and receiving text messages costs both the sender and recipient money.  I pay for a 200 text message plan, but after that texts are $.20 to send or receive - imagine the costs involved if you have a lot of contacts in your contact list!  Since contacts are one of the easiest things to sync to my iPhone, I have a lot of contact info for people that I don’t necessarily want to spam with text messages asking them to join a service so they can spam other people with costly SMSes.

Given the backlash on the Internet, it will likely be just a matter of time before Loopt corrects this issue, but in the meantime, be very, very careful which networks you trust with your sensitive information, including your current whereabouts.

UPDATE (16 July): Loopt has announced that they will disable the feature that automatically sends invites to everyone on your contact list in their next update.  No word yet on updates to their SMS service that will respond to the industry standard “STOP” message so non-subscribers can stop receiving spam from them.

Back in 2002, the engineers at IBM were already talking about location-based services on mobile phones. They envisioned scenarios where you could access information on the go, informing you if there was a traffic jam ahead, or helping you find the location of the nearest bakery. But they were working with WAP (wireless application protocol), which did not end up taking off as expected. Mobile web browsing was slow and the user interface was not ideal for displaying lots of information.

Last week, activation issues aside, the launch of the iPhone 3G and App Store breathed new life into location-based services. According to Matt Dickman at Fleishman-Hillard, the “single most important element of the new iPhone 3G” is GPS. “For the first time ever, GPS will be fully integrated on a user-friendly consumer device,” he wrote. Even more important, developers are also able to create applications using the GPS technology. (Note: old iPhone users can still download 2.0 firmware, but location-based services will use the less accurate tower-assisted AGPS - thanks Jough!)

What this means for social media:

• Mobile social networks may increase in popularity

When Twitter was first launched, I remember thinking it was both creepy and unnecessary for people to know what I was doing at that moment and vice versa. But over time, microblogging sites have evolved into useful communication devices. News stories sometimes break on Twitter before hitting the mainstream media, companies are using Twitter for customer service, and Twitter even helped a student when he was arrested in Egypt.

Similarly, while it may seem creepy to be asked “Where are you now?” the potential for location-based social interaction to take place may later have us wondering how we lived without it. Mobile social networks to check out: Loopt, Brightkite, and Whrrl.

What this means for marketing:

• Higher level of customer engagement with the ability to deliver more relevant, location-specific messages

Another dimension of customer segmentation is now available to marketers – exact current location. An obvious use of this information is to offer an opt-in program to receive coupons for a specific store when the mobile device is within close proximity to the store. Some Asian countries already have such programs in place.

The possibilities are endless. Someone at Duo suggested a store-specific Starbucks application that will alert the store when you are two blocks away. By the time you arrive at that Starbucks, your drink will be ready and waiting for you to pick it up and go.

With 1 million iPhone 3Gs sold in the first weekend and 10 million App Store downloads, it will be exciting to see how the implications of location-based services continue to grow.

That’s revenue Google gets by focusing on the effectiveness of its advertising engine. “The Human Hands Behind the Google Money Machine” in today’s New York Times, shows the importance of analytics and how it is used by Google to drive revenue. The story reviews the genesis of the Googles AdWords program, five years ago when GoTo.com was acquired by Yahoo. GoTo was the first to pioneer advertising, but Google made a critical advance improving the system by actually looking at the click-throughs, not just what people were willing to bid for ads, that pushed Google ahead to stay. On the web it’s all based on metrics and analytics. At Duo we keep harping about analytics and how clients should benefit from studying what really go goes on with their sites – but few take advantage of that recommendation. The advantage there is there for those that do – and they are going to reap the rewards.

“The economy and a newly designed Web site are being credited for a dramatic increase in interest in the Chicago Public Library system,” WBBM’s Bernie Tafoya reported last month. In this interview, You can reserve a book, CD, or DVD online, and if it not available it will be delivered to the library branch of your choice and you will be notified by email.

The Chicago Tribune, in a recent article about this Find it, Chicago service appropriately labels it “NetBooks” because it offers the functionality of NetFlix without the subscription fee. At Duo we’re just glad that the thousands of hours spent learning about users needs, designing the new interface, and developing the enhanced functionality has paid off for the Library and citizens of Chicago.

Last week IBM’s developerWorks ran an article about The Future of PHP about the upcoming PHP 5.3 and 6.0 releases. While the new features in PHP6 may be underwhelming in terms of sheer quantity, the release marks a major milestone for PHP: Unicode support. Since Unicode recently surpassed other character encodings on the web, having every PHP function support Unicode will greatly improve the ease at which content may be managed within an application. There are numerous other efficiencies and optimizations added as most of PHP’s built-in functions have been overhauled, which should increase performance for existing code, as well.

What’s in a name(space)?

The biggest gain in PHP’s upcoming releases, however, is the addition of namespaces to the object model. Because class names must be unique, we’ve previously had to use naming conventions as workarounds to avoid naming collisions (which could be common when you include third-party class libraries), writing classes named such as:

class DuoConsulting_WebService_Xml_Parser

With namespaces, you can specify a namespace to keep class names shorter and saner:

namespace DuoConsulting::WebService::Xml;
class Parser
{
...
}


Then when you use these objects the code is more readable and less error prone. You can also use aliases to assign a shorter keyword to a long namespace:


use DuoConsulting::WebService::Xml as xml;
$parser = new xml::Parser();


You can read more about the PHP 5.3 implementation of namespaces in the CVS repository.

What’s Missing?

Nearly all of the features that have been removed in PHP6 were already deprecated in PHP5, which means you probably shouldn’t have been using them for the past three years anyway. Most PHP5-only code (such as the Zend Framework) should require no modifications, whereas some code ported from an older PHP4 codebase may need to be updated to run in PHP6. Since it was bad practice to use the vast majority of removed features even in PHP4 (such as <code>register_globals</code> which automatically created new variables based on GET and POST parameters such as those passed through a URL or web form) their removal should only reinforce better coding practices rather than break existing applications.

The near future looks bright for PHP, and since the biggest changes to the language are going to be coming in the next major point release, I suspect it may not be long before 5.3 is the de facto minimal version under which a number of applications will run.

A post over at “The Official Google Blog” points out that unicode is the most widely used character encoding in indexed pages. It’s about time! Read more here.