Google’s Chrome browser, which accounts for only a very small percentage of all user activity at present, is getting an upgrade. As of the new Beta 4 release, Google is touting a 30% speed increase overall in the browser’s performance. They’re also adding a raft of new features, including bookmark sync, which should help attract more attention to the product.

The sync feature is probably the most interesting one (as others have noted) in this new release. It’s a welcome idea, but it does come with some caveats. According to the announcement, “sync requires that all the machines being kept in step run the Chrome beta, and that the user has a Google account, such as a Gmail username and password. The browser syncs bookmarks using Google Docs, the company’s Web-based application suite.”

Basically, it sounds as if they’re storing a copy of the bookmarks file somewhere in your Google Docs account, where you can access it from any machine on the Internet. I suspect that you probably have to enter your Google account information into the browser’s sync settings (I’m guessing here) and it automatically checks the file revision when you connect. This makes a lot of sense, since some type of central repository has to exist in order to sync the bookmarks file. And of course, you probably can’t sync if Google Docs is down or you can’t connect to it for some reason (e.g. a firewall or other port restriction).

What’s also interesting is that Chrome is interested in improving JavaScript performance. It’s touting “Chrome 4.0’s faster JavaScript rendering speeds” — which also makes sense, since JavaScript is behind Ajax and other Web 2.0 features. I find it amusing that the JavaScript, which was only a toy half a decade ago and seemed to be vanishing in the face of .NET, PHP, and other languages, is rapidly becoming the glue that holds all these cool new features together. Ah, the more things change the more they stay the same.

Today a friend posted an article about the ACTA (Anti-Counterfeiting Trade Agreement) treaty to his Facebook account. It was the first I’d heard of this work, so I decided to have a look at some of the information currently circulating around the Internet about it. At first glance, one would think it’s designed to help slow the tide of illegal Chinese or Russian copying of DVD and other material. However, the negotiations have been labeled as part of “national security” and therefore aren’t available for review by the public.

This is simply idiotic.

Currently, groups like the EFF (Electronic Freedom Foundation) and other civil liberties groups are opposing the treaty as it’s currently written. The problem is that very little information about specific aspects of the negotiations are available. Only one allegedly leaked document has emerged so far. According to the EFF:

A document recently leaked to the public entitled ‘Discussion Paper on a Possible Anti-counterfeiting Trade Agreement’ from an unknown source gives an indication of what content industry rightsholder groups appear to be asking for – including new legal regimes to “encourage ISPs to cooperate with right holders in the removal of infringing material”, criminal measures, and increased border search powers. The Discussion Paper leaves open how Internet Service Providers should be encouraged to identify and remove allegedly infringing material from the Internet.

If true, it casts ISPs in the role of network cops who are supposed to effectively monitor traffic traversing their networks and report infractions to some enforcement body. This is totally in opposition to the concept of the ISP as Common Carrier (like telecommunications companies, which effectively they are). It smacks of Soviet-style surveillance of communications among dissident or other suspicious groups. But is this an accurate assessment?

We don’t know where the “leaked’ document came from. It may be completely legitimate, which means the ACTA should be opposed vehemently by anyone with a brain. If passed and signed in its allegedly current form, it means your iPod or laptop could be searched at any border, and any “illicit” material confiscated. It means you could be arrested for sharing a 1980s rock video on YouTube (which may not even exist anymore due to copyright concerns).

This is the problem with the government blindly labeling so many proposals and treaties as “national security” risks. If people could locate and read the actual text as currently proposed, there’d be far less ambiguity. We’d know exactly what it says and how enforcement is to work. Was the “leak” created by some anti-treaty nut trying to inflame people about the negotiations? Or is it an actual component of the ACTA material? We don’t know.

Write your Representative and Senator. Demand the sort of open access and transparency that the current administration claimed to support in its dealings. The rights you lose will be your own.

Over the last few years, “slim” has been “in.” Laptops, following in the steps of products like the Macbook Air, have tried to become as light and thin as possible. Netbooks, those $300 little jobbies everyone seems to want to own, are also driving this trend. One of the ways it is being accomplished is by removing components some people find indispensable, and others just don’t use: the CD/DVD drive, or “optical” unit. You can trim a lot of weight, and thickness, from a laptop just by removing those components.

PCs have had optical drives of some type installed since the last floppies went out of vogue. In the late 1990s. Manufacturers ramped up to optical storage since software vendors were shipping whole product sets on CD, and later on DVD, as “all on one disK” distributions. No more stacks of 50 Microsoft Office floppies…just one CD. Later it became “just one DVD” as software outpaced 600MB CD capacity, but the component sizes were the same and compatible with one another. Now, however, these are vanishing from cases and leaving us with few easy options when we want to watch a DVD or (heaven help me) install software from CD.

One of the biggest lessons from the craze for “netbooks” — inexpensive little laptops designed mainly for browsing the Web — is “that people were so excited about the small, easy-to-carry size that they didn’t miss having a CD or DVD drive. USB is an obvious choice. With a single port, the user can connect a single CD or DVD drive to their laptop at will, thus re-establishing the balance between input & output device.”

But let’s say you’re seriously into watching DVDs or listening to CDs. The obvious solution is that you should keep your existing unit. Folks like you “might want to think twice if you’re hooked on transferring CDs into MP3s — or if you spend a lot of time watching DVDs on airplanes and don’t want to squint at your iPod.” I’ll admit guilt to the latter, having watched whole movies on flights from Boston to London. But I carry my laptop for both business and writing, and am used to having it strapped across my back on a regular basis.

Maybe on future models the paradigm will involve a big memory stick sized to fit a whole movie. That would be the death knell for the laptop-based optical drive. And it’ll happen, too.

As reported last week, Microsoft is slated to become the functional search engine provider for Yahoo’s long-running and highly popular service (presuming the deal is sanctioned by the government). Under the terms of the ten-year agreement, Redmond will provide all the back-end horsepower and results. They’ll get 12% of the revenue generated during this period. The Yahoo name will (at least for now) remain on the masthead and is what users will see.

Is this the beginning of the end for Yahoo?

According to executives, Yahoo wants to “refocus” on newer products now in development. Why they want to do so while their search service is one of the top three in the marketplace is unknown. Search is the company’s bread and butter, like Google. And they’ve now opened the door to the Trojan Horse that is Microsoft. The end result could be a better Yahoo…or total fragmentation of the company into virtual nothingness after Redmond “negotiates” a more favorable deal for themselves a few years down the line. Only time will tell.

The strange thing about all this is Microsoft’s addiction to becoming a “search leader” in the market. They’ve tried for years, and have failed consistently to capture more than 1/3 of the market. Google is firmly on top, is constantly improving their core product, and its users are unlikely to change. Somehow, Microsoft believes that if it can get “more data” about user behavior from its deal with Yahoo, it’ll cause users to abandon Google in favor of its services. That’s not likely to happen. Once a user becomes comfortable with a given interface, they’re unlikely to abandon it without a very good reason.

This is, in fact, the primary factor behind the popularity of many of Microsoft’s own products — especially Windows-supplied tools like Internet Explorer and Outlook. Get an application in front of a user’s eyes first, and they’re not likely to look for another one. So the chance of Microsoft pulling business away from Google is probably very low.

I think the executives in Redmond are just obsessed with Google. It’s their own personal Great White Whale, and they’re determined to harpoon it no matter what. But we all know how that story turned out. And Yahoo might just be the Pequod that ends up being sunk as a result.

Finally, after a year or more of wrangling and corporate soul-searching, Yahoo and Microsoft have inked a deal. Given, it’s not a done deal yet since it has to pass government anti-trust scrutiny. But the final outcome, if it’s approved, will probably be a major change in the search landscape.

Search has been around since the early days of the Web. Once sites started proliferating, various people established “link lists” and published them on their own home pages. The lists grew. Other people started asking to be included, in order to increase the visibility of their own site (which, at that point, was probably little more than a personal page and maybe some research papers they’d written). Then it all mushroomed once someone wrote the first web crawler (spider). This is just software that starts at a given page, finds embedded links on that page, then follows them. It feeds its results into a database, and voila! the search engine was born.

Over the years, search companies have sometimes relied on outside vendors to manage their actual search function. This is due to the serious increase in volume and the number of sites that need indexing; it’s difficult, if not impossible, to index everything on the web by yourself. In fact Yahoo outsourced some of their work in this area to these geeky Google guys back in 2000, and to Inktomi later on. Lot of good either did them. Most people just moved off to Google and didn’t come back.

Now this latest deal will put Yahoo in Microsoft’s tender little hands in terms of search experience and management. It also puts most of Yahoo’s assets under Microsoft’s control. Redmond wants blood. Blood in the form of biting off a big hunk of Yahoo’s user base that might help it compete with Google in terms of market share. It might work. It really might. The problem is, Microsoft has never had a successful search product. Their online ventures have never really panned out all that well (witness Windows Live). They’re better in the traditional boxed software market space.

So, will the new alliance bring in more search users? Will the presence of Microsoft drive off die-hard Yahoo users (probably into Google’s arms), thus destroying the whole objective of the deal? Or will it actually work…can the new alliance offer some product that will both work properly and lure users away from Google? I doubt the latter will happen. Bing has some cool features, but Google has been doing this a long time and is probably already ahead of the Bing curve. If they’re not, give them six months. Tops.

One thing’s for sure. The game just changed, and might get exciting again for a while. Will we see Yahoo go belly-up after making a deal with the devil? Will Microsoft be driven from the market completely, in favor of any other search engine on the planet? Can their service even deliver at high volume, i.e. millions of searches per minute? Let’s wait and see.

A new SQL (Structured Query Language, used for databases) injection attack emerged recently, and so far it’s apparently infected over 40,000 websites with malicious software. The attack has been termed “Beladen,” which is German for “loaded,” and refers to the website to which the attack attempts to redirect users (e.g. beladen.net).

SQL injection isn’t an uncommon attack method, and it’s easy to use against badly written websites containing forms with unfiltered or unvalidated input fields. Clever attackers can insert SQL commands into these form fields, where they’re executed against the database. This results in anything from bogus data to compromised private information within the database.

In this case, the attack inserts code that attempts to redirect users to the bogus beladen.net website. It tries to “push unsuspecting victims to typo-squatting site ‘googleanalytlcs.net’ that attempts to push malware such as keyloggers onto the victim’s machine. If that’s not successful, it will try to scare them into buying fake antivirus software.”

If you’re a web developer working with data-driven sites, you want to be very aware of the possibility of SQL Injection attacks. The frequency of such incidents apparently rose to an all-time high in 2008, and for good reason. While more sites are doing better at protecting files and access via traditional (OS) methods, not everyone protects their DB appropriately.

For example, I know of many sites that use one (and only one) account to manage database access. The login ID used is often a super-user that has unlimited access to all tables and other functionality. This means anyone can use SQL Injection to perform any task whatsoever on the database. It’s far safer to use multiple accounts that have appropriately restricted access to the system, since this makes a hacker’s job all that much more difficult.

That, really, is the name of the game in terms of defending your website against attack. If a site is harder to break into, a hacker is far more likely to move on to find one that’s less defended. Clean up your code, make sure all form fields are appropriately validated/filtered, and lock down database access to minimum usable levels. The data you save might be your own.

For years software development companies have prophesied the advent of totally web-based applications that will remove the need for local installation, storage, and so forth. Software as a Service (SaaS) is part of that model, and various companies (like Google) have experimented with it. In some respects, it makes sense. Why have users buy hundreds of dollars worth of software they’ll use only rarely? Why chew up gigs of disk space for huge applications that could be run directly across the Internet from central servers? On the other hand, is this model stable and scalable enough for widespread adoption?

One of the problems is that these snazzy new applications are too complex for the current release of HTML, which is at version 4 and has been for some years. In the early days of the web, HTML versions changed pretty rapidly; 2.0 came out in 1995, was succeeded by 3.2 in 1997/98, then quickly surpassed by 4.0 (in reality 4.01) around the turn of the millennium. HTML 5’s working draft just came out in 2008, and many hurdles have yet to be overcome before it really becomes a usable standard.

What all this means is that no one is going to produce huge web-based applications based on the HTML 4 language. For one, it would be technically difficult if not impossible to do so due to limitations in the current version. For another, it makes almost zero sense to write new code against an ancient standard like 4.01. So the “growing sense that the Internet and browsers–rather than a computer’s operating system–will be the future foundation for application development” is just that…a sense. It’s not reality yet.

The other issue, of course, is that every browser now in use speaks 4.01 and older HTML only. Users would need to upgrade to new (and as yet unwritten) versions of IE, Firefox, Chrome, etc. in order to make use of the HTML 5 standard. And the proposed new release involves lots of interesting new bells & whistles. Apparently there are “five main HTML 5 concepts: canvas tags, video tags, geolocation, application caching and database, and Web Workers.” They’re all designed to extend the HTML 4 standard by providing new capabilities, including an easier method of dealing with layout issues (canvas tags).

Mozilla and (I suspect) Microsoft are working on HTML 5 browsers. They’re probably hedging their bets on which portions and variants of the proposed standard will end up being adopted. I suspect we have some time to wait before real “cloud” computing becomes a reality — if it ever does. The dream of a new form of “dumb terminal” computing based on network loading of OS and software has been an I.T. wet dream since the mid 1980s. I’m not sure it’ll ever be as widely adopted as some expect.

I’m not a Gmail user, but recently on another discussion list it was brought to my attention that Google serves ads (of course) via that service. I had no idea, but it’s not at all surprising. Another contact told me that Google earns 97% of its revenue based on online advertising. That’s a lot of money.

One of the points that Google makes is that this is how it “pays” for the service. “Gmail users can’t opt out of receiving ads because these sponsored links help Google support the cost of providing Gmail for free to our users. Instead of serving pop-ups and untargeted banner ads, Gmail displays text ads using our contextual advertising technology. These ads should be relevant to the content of your messages and we hope you’ll find them useful.” Italics mine.

The bad thing about this is that sometimes there are unintended consequences. According to one colleague, “a large proportion of my email is from people with questions about abusive teen boot camps: I get ads for them alongside the emails detailing horrible abuse at the places.” The whole thing is handled via Google’s ‘AdSense’ program, which is the same engine that generates all those context-sensitive ads on other web pages.

Now, you can remove these ads if you want. There is, for example, a Firefox Add-in called CustomizeGoogle that will remove the ads from view (or most of them). However, this just means you’re not seeing the ads. Google is still, for all intents and purposes, “reading your mail.” This doesn’t mean real, live humans are parsing your messages and clucking disapprovingly about your taste in friends or clothing. It means Google’s systems are scanning your emails in order to decide which ads are “relevant” to your experience.

Exactly how much of this information is stored and retained by Google is unknown. The company is very tight-lipped about its data retention policies. Maybe they know that John Smith of 123 Main St. in Wakita Oklahoma regularly exchanges mail about drug addiction clinics or gambling services. Or maybe it’s all just aggregated together, de-identified (i.e. all personally identifying data removed), and used to improve ad statistics.

Who knows. But be careful what you send over email. It’s likely someone is able to see it.

Ever wonder what happened to all those early pages everyone wrote back in the late 1990s, when the web was just getting started? Many of them might just be out there, lurking silently on a site known as the Internet Archive, or (in a nod to the old Bullwinkle cartoon series) the “Wayback Machine.” This site has been ’scraping’ web pages for years, archiving them as images in order to preserve rendering and appearance.

The archive recently got a major upgrade. It needed it, since it basically re-indexes the whole Internet every 2 months to look for new and changed pages. It’s maintaining one of the biggest (possibly the biggest!) databases on the planet, and the new datacenter “fits in a 20-foot-long outdoor metal cargo container filled with 63 server clusters that offer 4.5 million gigabytes of data storage capacity and 1TB of memory.” It’s installed at a Sun Microsystems (which provided the hardware) facility.

The system is pretty cool overall, and is invaluable as a tool to show how the web has developed over time. One of the hazards of digital libraries — of which the web is one, when you think about it — is that in many cases there’s no preservation system behind them. The US has the Library of Congress, plus there are all those other “analog” libraries that keep copies of various books permanently. But once a web page is altered or taken down, it’s gone. Hence the Archive. It’s a means of keeping all those old pages around for future reference.

Some might ask why anyone would care about millions of really badly designed pages (several of my early efforts are out there, and I cringe when I look at them). But that’s the point, really. Someone should keep copies of such things so we can see how far we’ve come in a very short period of time. Only 10 years ago, we were worrying about making invisible images in various sizes in order to achieve layout on a web page. It was pretty horrible. Nowadays, with the increased use of CSS and improvements in the XHTML standard, life is a lot better for web developers.

Plus, who knows how many useful documents were once on the web, but have been taken down over the years. Remember: computing is all about data.

An interesting WiFi service recently came to my attention. It’s called FON, and it’s being offered worldwide. Both the technology and the business model are interesting, since the company is effectively building their WiFi network in partnership with their customers.

The service works like this: you buy their “La Fonera” WiFi router and connect it to your existing broadband connection. This provides you with immediate local WiFi on your own private network via the FON service. It also starts broadcasting a public signal that can be accessed and used by any other FON subscriber (known as “Foneros”). This is where the business model gets interesting.

According to the FON website, the company “will pay you 50% of the net revenue that we get every time a visitor purchases a FON Access Pass through your FON Spot.” They claim this is presently about 3.02 Euros (not dollars) per month at present, with a claimed network of 300,000 active FON Spots worldwide. Other Foneros can access the public WiFi spot at any time, but you don’t make any money from them. Users are only paid when non-subscribers pay for temporary access.

Users who want to make a bit more cash can buy a “Fontenna,” or WiFi extender, that boosts the signal much further than would normally be possible with standard WiFi (I suspect this is just a commercial strength antenna, as used by many corporations).

The concept is very interesting, and obviously is growing. The current map shows FON Spots all over the planet, and you can look them up by postal code or address on FON’s mapping site which uses Google Maps under the covers. At a current price of $39.95 for the La Fonera+ (2-connection, one of which is wired) it’s apparently an easy and cheap way to get WiFi access while possibly earning some extra cash on the side.

Obviously providing public access is not going to earn any money for someone living in a rural area with few locations for day-users to connect. But for urban dwellers, it might just be a handy way to pay for your WiFi habit. Plus, as a member you get free FON WiFi access worldwide, so it may be a great option for frequent travelers as well.