Pages

A sample iWidget



Finally I got iWidget published :) A simple one that fetches my friend feed.Click on "View" button to fetch the data. The interesting thing is that this "patent-pending" Write Once Run Anywhere widget platform will provide the users publish their widget to Facebook,Myspace,igoogle,netvibes,widgetbox,clearspring as of now.Others like hi5,orkut,gigya are on the way. I think this platform could become a good tool for opensocial gadget developers.

A try on iWidget Creation Technology

I tried to build and publish a widget in the iWidgets platform.A data view widget in which my friendfeed will be displayed in it.The UI is similar to other mashup tools like yahoo pipes,Presto wires . It has a customization wizard for the widget, its cool.It supports native widgets.Their WidgetWORA™ technology is patent-pending and it is going to have a wide audience.Peter Yared, Founder & CEO was CTO of Sun Microsystems' Application Server Division.They have a Social Media Accelerator Program with a pay-per-performance pricing as well a free Self-Service form with ads.A good model for monetization.I tried to publish my widget. I couldn't find any link for showing my widget in my blog :( Also these social gadgets can be published to facebook,igoogle,myspace.My iWidget web workspace looked like a desktop tool.


A gmap opensocial gadget - Voila


Recently I started working on an opensocial application platform based on java and php.Previous posts on opensocial and apache shindig is written while I am  involved in the development. The open social applications allow to share the data between different sites and social networks.I developed a sample gadget to mashup data from our social application platform with Google maps, I named it "Voila".Using this one can save the last location you been and share it with friends.Also you can view your friends shared locations.One can play around for those who don't carry a location based device.It uses Opensocial's persistence feature. 



I made another gadget which uses a job site's service .The gadget named "Empleo" is intelligent , it automatically gathers owner's job interests and update each time .Also he can go for search tool embedded within it.Another thing I did was to integrate Tell-a-Friend WOMM widget with an opensocial gadget.So the user can tell a friend about a job of him using any service.

Empleo Screenshots viewed inside preview window .



Web 3.0 A case study part -1

While I was with TeamTa , a case study on Web 3.0 was made. It was really a wonderful experience for me as I was able to learn a lot about the emerging technologies. Atleast I came to know that how vast emerging web is the potential of web of entertainment to defense purposes.It is like another universe in which it has its own economy, culture,society,technology etc.. I tried to read as much as I can... yes it was really vast , infinite potential.Many research papers, many articles, many magazines... I know I am good at research.I was able to understand concisely. I am not expert in all these buzzword technologies ... I think one need not be working in high end technologies, but can learn about it and share it or use the idea in some other field.Internet did open human minds around the globe.Anyway I was able to understand and express the way I got it... I decided to open it and share it to world as its an interesting one... so someone somewhere will read it comment about it. As time pass by I will be able to review on the past works I have done.Anyway this blog was made for that purpose.View my case study.

web 3.0 part1
View SlideShare presentation or Upload your own. (tags: web 3.0web)

What i think about event processing...

An amateur thought.

I think the most interesting area of information processing is about event processing.Most of the large scale enterprise applications are based on event driven architecture.Event based information processing is the most advanced area i haven't gone through yet.But reading about it i found it really interesting.The state models,lexical analysis,reactor patterns, callback event models etc are the used behind it.Event driven design is an approach to program design that focuses on events to which a program reacts.According to these events there event handlers registered will respond.This is the fundamental of any GUI based application.An event listener will be attached to a button and handler responds to events.I think it is the basic underlying architecture of any responsive application.If you worked on a 3D application the events on 3D positions of polygons have to be registered.Every movement in space and trigger an event.. good gaming.. If i have to think big , consider the finance stock viewer online.The stock responses are reflected in real-time...most of them know about ajax based technology which is popular behind the dynamic graphs. But what about the complex business logic? Any rule engine will define a set of rules to act according to changes in input.I can compare this system as a stimulus response of an organism.If we take human brain, the predefined genetic rules will be there to adapt to these ever changing environment.There can be sudden stimuli or gradual one, depending on inputs.What about the pattern recognition ? Human brain is highly sophisticated ... mmm i am boring now.If it is about realtime processing, then I like to refer to CEP, Complex Event Processing (CEP) which is a technology for low-latency filtering, correlating, aggregating, and computing on real- world event data. If this complex event processing is enabled in a network...? To a collective intelligence? I read that context based switches are now implemented in CDNs.Whatever.... its really complex and interesting..No wonder the huge amount of data in the web can be used for social "business" intelligence ...CEP actually builds on what business intelligence (BI), services oriented architecture (SOA), cloud computing, business process modeling (BPM) provide.Mashup technologies along with semantic web can provide more granulated data where most of the technology based products moving into.Some people say SOA, some WOA and SaaS,cloud and so on..Consider about NASA satellite data.Huge amount of data from satellites gushing all through the channels are processed using various algorithms of image processing,signal processing algorithms... What about all those RFID based data affecting the supply chain tracking? What if we are going to track every consumption of fule in the world in a realtime using gps trackers and sensors ? What about streams of data processed by supercomputers on weather forecast based on certain models ? They are crucial and brain forging.That`s how information technology becomes the backbone and most sophisticated part of human civilization.

Its all about data and Network is the computer!!

May be we are trying to make an efficient system as fast as our brain.At least the model of all these logical applications are expert systems.Why should I write about stuffs that are very complex to me ... I am not expert in all these.. just blogged in curiosity.There are basics to learn...

There is a good article in wikipedia about CEP

http://en.wikipedia.org/wiki/Complex_Event_Processing

Another article in infoq

others... Link Link .

An article on NASA funded CEP project Link


Mozilla ubiquity in unified communications

The mozilla ubiquity is a cool graphical keyboard commad-line ui in which the user can enter commands and get them executed. Browser as the platform and network as the computer is evolving into a new phase.The unified communications paradigm that converge media did revolutionize the telecommunication industry.These web 2.0 revolution is reflected in all the areas of human communication.Recently I have seen a video where the Druid team, used the mozilla ubiquity tool integrated with their unified communication platform Druid. Druid bring together voicemail, VOIP, mobile phone, faxes and instant messaging into a common platform so that data from multiple sources get merged ;that's what uc meant to ....

video



Instead of writing a plugin/addon from scratch, this excellent tool enabled them to give a new provision for command execution.In the video Druid with SugarCRM turns Firefox into a powerful UC application that allows users to dial numbers, send faxes, set presence, and many other cool applications.Druid got a SOAP API to integrate with other applications like Zimbra, SugarCRM etc. Druid is open source.

really cool !!

Druid site

For those developers and ip telephony guys ..

http://in.youtube.com/voiceroute

UI redress vulnerability

The hot trend that catched my interest in web application security is clickjacking a.k.a UI redress vulnerability.It is a vulnerability in the DOM model of web browsers.According to a bug reported in 2002 on mozilla - http://bugzilla.mozilla.org/show_bug.cgi?id=154957 where the browsers allow transparent iframes to be rendered.Most browsers do. So any crooked head use this idea to show an iframe which is transparent one "over" his site, he can make the visitors to click the buttons in the pseudo web pages.When the poor user clicks , he might be clcking on a advertisements.. (click frauds).The innocent user will be using the buttons in the malicious web page even though the site in front of him is urging him to do a harmless action ! The web page might be having different iframes... Now a days facebook apps, opensocial apps are common around the web.So we might be clicking hidden buttons on the hidden iframe!!
Some can spy on you .How ? Its simple. If we have a web cam,microphone , it can be accessed by adobe flash if we allow to do so.So if the site is having a hidden iframe and the useris unknowingly clicking the allow button to leak your personal world to web.Anyway adobe has resolved the issue in flash player 10.

http://www.adobe.com/support/security/advisories/apsa08-08.html

More details
http://ha.ckers.org/blog/20081007/clickjacking-details/

Solutions ?

1.window.top != window to inhibit rendering, or override window.top.location.
if if (top != self){ top.location.href= location.href} which is iframe-breaker

2.re-authentication on all ui actions (not practical!!)

More on Google's solution(by famous hacker Michal Zalewski )

http://lists.whatwg.org/pipermail/whatwg-whatwg.org/2008-September/016284.html

If you use Noscript or disable javascripts etc the clickjacking can be prevented.Even then most browsers wont disable IFRAMES.

More
http://www.gnucitizen.org/blog/more-advanced-clickjacking-ui-redress-attacks/
http://hackademix.net/2008/09/29/clickjacking-and-other-browsers-ie-safari-chrome-opera/
http://www.cgisecurity.org/2008/10/interview-jerem.html