wissel.net

Usability - Productivity - Business - The web - Singapore & Twins

By Date: December 2012

Avoiding login prompts in mobile approvals


A customer posted an interesting question: " We send eMail notifications in our workflow applications. Our users don't want to be password prompted when following that link from their mobile devices. What are my options?".
While the Notes client can handle automatic authentication (especially with embedded experiences), in iNotes LTPA has logged you in and on PC platforms Single SignOn is well established, mobile device are trickier.
The "big" solutions would entail some form of Mobile Device Management (MDM), but that's nothing you want to deploy just for one app in question. You do want to plan MDM, but that's a story for another time (IBM recommends to do that in the context of an overall Endpoint management plan).
I see different possible approaches to get around the password prompt:
  • Use a VPN:
    A good VPN server can communicate with the reverse proxy and provide an LTPA token automatically. Sample code is available for Big-IP F5 and Lotus IBM Mobile Connect. Implementing it for other VPN/Reverse Proxy combinations should be possible - check out Puakma SSO and talk to webWise
  • Use X509:
    After you deploy X509 certificates onto Android or iOS you can set the Domino Internet site document for your application to require X509 authentication. Since the certs are deployed on the device no additional prompt is required (of course that depends on how you secured the certs)
  • Go native:
    In a native (or almost native) application you can locally store the access credentials. You read/write data via JSON and https calls. Not too far off: use OAuth to authorise your mobile app.
  • Update (thx Mark, Per): Use OpenNTF's "Auto Login" project
I like the approach using a VPN with LTPA generation best since it saves you the trouble of managing the X509 certificates and adds a security layer on top
As usual YMMV

Posted by on 31 December 2012 | Comments (5) | categories: IBM Notes Lotus Notes Show-N-Tell Thursday

Now that you can have embedded experiences in Notes, you need to send them


Courtesy of Apache Shindig IBM Notes 9.0 (the client) and IBM Domino 9.0 (the server) now can render OpenSocial Embedded Experiences.
While Notes always had the option for custom mail experiences (store form in document, send), the Embedded Experiences allow integration into any application (that supports them).
One of the first things you might want to do is to pimp your existing applications to provide this new experience. It would be much lighter than storing the form and also work with other mail front-ends.
The good news: adding embedded experiences degrades gracefully, so all users not on 9.0 or later won't see a thing. This means you can get started immediately:
  1. listen to Niklas' explanation and get the sample code
  2. create/configure the gadget for your application (that's a separate post, coming soon), check the documentation
  3. create a class that does all the notification sending, classic and EE
To give you a head start for #3 use this.
As ususal YMMV

Posted by on 14 December 2012 | Comments (1) | categories: IBM Notes Lotus Notes Show-N-Tell Thursday

Inbox vs. Stream interaction pattern


A recent Tweet exchange with Alan got me thinking on (inter)action pattern in the collaborative software we use. On one hand we have the incumbent eMail: time tested, loved, loathed and under (so the hype) thread from the new kid on the block: activity streams (a.k.a. river of news), in various technological implementations (from propriety, RSS, ATOM, JSON to activitystrea.ms). I'll compare the two from the perspective of work, where you need to get things done ( pun intended). I will use email actions from Lotus Notes as example, available actions in your eMail software might vary. Similar I use IBM Connections 4 as stream example. Here you go:
Purpose eMail Social stream
What's new? Scan inbox, look for unread marks, switch to "unready only" mode Scan stream, memorise where you left off
Read details Click on item (with preview pane) or open it Click on item, then click "show all", "show more", click on right arrow (in Connections 4)
See conversation Click on triangle to expand or use show menu (when eMail open) Click on item, then click "show all", "show more", click on right arrow (in Connections 4)
Reply Click reply (with too many options ) Click comment
Tag a reply Send & File, Categorize Use # in the reply
Indicate that you concur/endorse an item Send a reply Click the like button
Mark as read Automatic when previewing or reading n/a
Associate with something File in folder(s), categorize (yep, that's like tagging, but not shared with others and in Notes since 1.0) Tag
Information not relevant Delete or remove from inbox (my favourite for "might be relevant some other time" since it still shows up in all documents and search) n/a (in Activities there is tune out, or remove watching a specific tag)
Read later Keep unread, file in folder(s) n/a
Associate with a project or a customer File in subfolder(s) of project/customer folder, use custom plug-in for meta data tagging is flat only, harder to find later
Followup action needed Flag for followup, copy into task n/a (the sharebox might remedy that in future)
Add to personal/team knowledge collection Copy into journal or discussion db (there's a plug-in for that) n/a, but you can use the Evernote browser plug-in
Scheduled action needed Copy into new calendar entry n/a
Let other people know Forward Reshare with @Name in the message
Look at specific information like a project, product, customer Open that folder, look at the categorized view, fulltext search Browse for the tag, fulltext search
Suggest filing/tagging destination Use the SwiftFile plug-in Look at other people's tags for the item
Suggest what else is interesting n/a Social analytics
It seems the interaction patterns for actions in the social space need to mature a bit. Interestingly e.g. Google reader has sorted the problem of read/unread for a stream of news (your RSS feeds) by tracking what entry you focus. Might that make sense for an activity stream (show unread only)?

Posted by on 13 December 2012 | Comments (6) | categories: SocialBusiness Software

Age of first interest ??? Teach what is interesting, useful or captive! Black holes, Dinos, Knights and Smartphones


This article is a translation, paraphrase and comment of Daily Dueck 180, Dezember 2012 titled (with the friendly permission of Prof Dueck):

???Age of first interest??? ??? Bringt bei, was interessiert, n?tzt oder fesselt! ?ber Schwarze L?cher, Dinos, Ritter und Smartphones

I find translating a text into my second language much more challenging than back to my native language. While it is comparable easy for technical text, it becomes more challenging for philosophical texts, especially when it deal with subjects that have a high cultural context, like this one. Nevertheless I give it a shot. Where it deems necessary I'll add remarks for readers with no exposure to German culture and world view (and I know we are often perceived like this). Anyway here you go:

Parents want the [German] child to be able at the first possible moment to: crawl, walk, get teeth, speak, be potty trained, say thank you, clean up the room and brush teeth. Kids are taught that, whether they like it or not. "Cut your teeth! Other babies already have an advantage!" What interests the child itself is perceived rather irritating. "You can't do/understand that yet". Other stuff shouldn't interest them. Better never: Sex. This adult posture conditions the children instead, where one could be helping them to develop their potential.

Maybe I have a bad-Google-day. I searched for "Age of first interest", ???Earliest age??? or ???first interest???, but only got hits like ???first age of intercourse???. Is there a list about one's first interest for: Dinos, planets, atoms, knights (In the US it probably would be rather cowboys or Jedi knights), witches (alert girls like witches better than princesses) or computers? Couldn't we just make all that, what generated a keen interest in kids, subject to the school lessons, at least for a large chunk?

Once kids get interested, they bombard us with questions. Why don't we take advantage of it? They learn ten times faster and much much more. If it is useful, kids (actually anybody) learn even ultra boring stuff, like the written driven test (That's a 50+ multiple choice test you must pass otherwise you can't even get to the car to take the real test), which is passed by EVERYBODY, even high school dropouts and illiterates. Why do we grumble about the kids' clueless use of the internet? We could demand that they pass an internet driving test, in stages like the swimming badges. They will do that! Happily! Free surfing!
Anybody likes to learn if one or more of following applies to the learning subject:

  • it is [personally] useful and enables progress
  • it arrests attention or is a source of joy and fun
  • it opens doors to new interests

Driving school is useful, first aid is useful. Witches, zoo animals and smart phone capture. Often knowledge opens a new view and creates a life-long interest. Construction kits "create" engineers, books humanities scholars (we do value them in Germany), an internship in a retirement home a career in human care. Role models help, as do impressive experiences, victories in sports, music, going on a journey - encounters that stick and often unleash huge amounts of energy: delight, creative enthusiasm, entrepreneurship, conscientiousness or self control.

But there is "no system behind it". If there would we just could follow it. However our education systems gravitate towards rigid systematic structures leading to an industrialisation of education (Note the irony of that. We concluded the post-industrial age, moved on to the information age, but the education system is still working on industrialising, so it is 3 ages behind). The structures seem immune against reproaches like these:

  • Boring to the death, annoying, way too abstract
  • Useless. Nobody needs that in life unless you want to study it
  • No examples, it is not real life

Again and again people are interviewed in TV: "How much [of your education] could you actually use?" The answers are always sobering. In real life one could use economy, psychology, communication, management, law, business processes or medicine, but they are not school subjects. Why learn Latin? Why are the scientific subjects organised that way? It seems the whole science curriculum (mathematics of differential and integral computations, chemistry and the atom model) had been lobbied by early 20 century physicists, so A-level would perfectly prepare one to study physics? Are Horace, Faust II (You might need to add your own figures of history and literature here, the examples are very German) und quantum mechanics the destiny of our existence, that unfortunately is about anything else both during and after school? Did the physicists, literature teachers and classic scholars imprinted our lives for ever?

I try to understand how those principles of education came to be. Anybody knows (maybe Ken does)? I sense the following principles:

  • The accredited historical and cultural values are taught, with disregard of time. Example: Latin is precious (precious in a sense of "valued by scholars"), English useful (insert your own second living language here, like Spanish or Chinese)
  • New stuff is only taught once it has been accredited, gained patina so to say. Useful is what has been time tested for decades
  • Teaching is abstracted and systematic - strictly sticking to scientific structures and principles
  • Everything is taught as early as possible and, if necessary, with multiple levels of abstraction
  • Education is organised by year of birth to ease logistics and form large homogenous classes
  • The driving forces to learn all this are: discipline, diligence, tidiness, sense of duty and suppression of aversion, delight and interest in anything else
  • A self-denying sense of duty isn't the goal of the education, but a prerequisite for its success. One has to have it (implanted by parents or if lucky born in)

These principles are the worst energy vampires you can imagine. Even Kant concluded, that life is easier when affinity and duty converge - but duty coming out on top. According to Kant you perform best when you do with delight what you have to do. Our education principles require this implicitly.

All other life forces remain unused, since they would challenge or weaken those principles. Who wants to unleash kids' "full speed ahead" has to cope with disadvantages and make unpalatable compromises (so it seems). Why do we all read Faust, memorise it and deliberately don't understand what he wants to tell us: ???Grau, teurer Freund, ist alle Theorie, und gr?n des Lebens goldner Baum.??? = "Dear friend, all theory is gray, And green the golden tree of life"

Kids could learn ten times more, but that would require to grow their talents, gifts, aptitudes, powers and affinities as and when they surface. Sights on scientific approaches have to be lowered - in favour of individual content and exemplary problems, which would have more power as symbols or examples and simply could be fun, where science would be dry ("gray"). Sights have to be lowered in systematic and exam logistics! Yes "swallow toads"! (That is German figurative speech for making unpalatable compromises). We all bitch and moan about too systematic knowledge that inhibits, higher valued, networked, associative and creative thinking. Duty needs to be unthroned, it is the primary virtue of a weak underling, as seen by a ruler of times past - or the teacher/crammer of today.

Why not challenge that package of logistics-ruler-scientists-systematic-duty? It is to GRAY!

There is so much green and gold. Any child could master a bachelor in: dinos, comparative smartphonic, black holes, life carrying planets, pop-hit lyrics, witchcraft spells or Jedi knight science. Any! The very moment (s)he develops an interest for it, whatever age. No duty required - affinity alone.

Let us preserve rather than dismiss the largest part of human energy including all those humans who only carry alternative energy, with lots of affinity and not so much duty.

(Please pardon the Gerlish/Denglisch)


Posted by on 11 December 2012 | Comments (0) | categories: After hours eLearning Omnisophie

Hide my Ass on Linux


When you travel a lot in places with some habits, you want to keep your internet activity as private as possible (there are other reasons too) - besides making local access harder). One of the VPN services, aptly named after a gray fury animal is Hide my Ass. I like them, since they have both OpenVPN and PPTP as well as provide access points all over the planet and don't charge for switching between them. When overseas I frequently use the Singapore access point to "phone home".
They provide GUI installers for Windows and Mac, but just a command line script for Linux (anyway Linux user live on the command line, don't we?). So I whipped up a small script that provides a minimal GUI (with lots of room for improvement ). Enjoy:
#!/bin/bash
# HMA Dialog using the Zenity dialog
# (CC) 2012 St. Wissel, Creative Commons 2.0 Attribution, Share-Alike

if [ [ x $1x == 'xx' ] ]
then
selloc=$ ( eval zenity --width= 640 --height= 480 --list --text \"Pick a Location \" --radiolist \
    --column \" \" --column Location $ (curl -s https: //vpn.hidemyass.com /vpnconfig /countries.php |
        sed 's/.*/FALSE "&"/;1s/^FALSE /TRUE /' ) )

        echo "you selected ${selloc}"
else
    selloc= $1
fi

#Now fetch the config
COUNTRY= ` echo $selloc | sed 's/ /+/g' `
curl -s "https://vpn.hidemyass.com/vpnconfig/client_config.php?win=1&loc=$COUNTRY" > client.cfg
#Finally connect
sudo openvpn --config client.cfg --auth-user-pass secret
The script depends on zenity, but that shouldn't be more than an apt-get or yum away.
As usual: YMMV

Posted by on 07 December 2012 | Comments (0) | categories: Software

Graceful degradation


Web development is a curious thing. We constantly push ourselfs to upgrade skills and capabilities, we learn Dojo, jQuery and HTML5. We make friends with Websockets and Webworkers only to subject our creations to a runtime environment (a.k.a. the browser) we can't predict and that in many cases might not be up to the task.
So our play-it-save strategy is to look for the lowest common denominator a.k.a. only legacy supported functions can be used. This limits what we can deliver and frustrates user and developers (interestingly corporate decisions to inflict this suffering onto colleagues by sticking to old versions go unpunished).
I suggest: NO MORE!
Every organisation today has the latest modern browser actually in use: just grab the iPhone, iPad, Androids from any executive. Those are the platforms to aim for. The right approach going forward (besides responsive design) is:

Graceful Degradation

When you lookup the term in Wikipedia you get redirected to the entry for fault tolerant systems. And this is the exactly the view point you need to take:

A missing html5 capability in a browser is a runtime fault, NOT a system constraint

. The task now is to build your application so it degrades gracefully (to a point).
About.com has a nice definition: " Since web browsers have been around as long as the Web, it is possible to have customers viewing your web pages in browsers that are extremely old and missing features of more modern browsers. Graceful degradation is a strategy of handling web page design for different browsers.
A web design that is built to gracefully degrade is intended to be viewed first by the most modern browsers, and then as older, less feature-rich browsers view it it should degrade in a way that is still functional, but with fewer features.
"
The IBM OneUI is a nice example how this can work. It is still workable, but not pretty, when seen through Lynx, the mother of all browsers - available, maintained and text only until today.
So your new application can be designed with all the shiny features, as long as you include your degradation path. One degradation endpoint can be that little infobox that explains the manual steps or " feature xy (that would be your application feature not a technical thingi) is not supported, sorry". Luckily the big libraries contain already a lot of that degradation code.
Just some thought: HTML5 provides local storage and caching. Why not design the app to take full advantage of that and fall back to loading of every page if that's not available?
The discussion around graceful degradation isn't exactly new, read for yourself: As usual YMMV

Posted by on 05 December 2012 | Comments (0) | categories: Software

Hyperlinks need to live forever - Blog edition


THE bummer mistake in any web revamp is a total disregard for page addresses. The maximum to be found is a nice 404 page with a notice that things have been revamped and the invitation to search. What a waste of human time and disregard for a site's users!
The links to the original page live outside the sites control and Jacob already stated in 1998 Pages need to live forever. So what could you do when swapping blog platforms?
If your new platform runs behind an Apache HTTP server (also known as IHS), there is mod_rewrite that allows you to alter incoming addresses (the old links) into the new destinations based on a pattern match ( other http servers have similar functions, but that's a story for another time).
HTTP knows 2 redirection codes:
  • 302 for temporary redirections
  • 301 for permanent ones.
You want to use the later, so at least the search engines update their links.
Now your new URL pattern most likely uses a different structure than the old one, so a simple Regex might not help for that transition. E.g. your existing format might be /myblog.nsf/d6plinks/ABCDEF while the new pattern would be /blog/2001/10/is-this-on.html.
For this case mod_rewrite provides the RewriteMap where you can use your old value (ABCDEF in our case) to find the new URL. Unfortunately mod_rewrite is very close to dark magic. It can be simple from a key/value lookup up to invoking an external program to get the result. For the key/value lookup you need make your key case insensitive, so all the possible case variations work. This is what I figured out:
RewriteEngine on
RewriteMap lowercase int:tolower
RewriteMap blog-map dbm:/var/www/blogmap.map
RewriteRule ^/myblog.nsf/d6plinks/(.*) /blog/${blog-map:${lowercase:$1}} [NC,R=301,L]
Let me pick that into pieces for you:
  1. RewriteEngine on
    This switches the rewrite engine on. It requires that mod_rewrite is loaded (check your documentation for that)
  2. RewriteMap lowercase int:tolower
    This enabled an internal conversion of the incoming string into its lower case format
  3. RewriteMap blog-map dbm:/var/www/blogmap.map
    This defines the actual lookup. The simplest case would be a text file with the key and result in one line separated by a space. However that might not perform well enough for larger numbers of links, so I choose a indexed table format. It is very easy to create, since the tool is included in the Apache install. I generated my translation list as text file and then invoked httxt2dbm -v -i /var/www/blogmap.txt -o /var/www/blogmap.map and the indexed file is created/updated
  4. RewriteRule ^/myblog.nsf/d6plinks/(.*) /blog/${blog-map:${lowercase:$1}} [NC,R=301,L]
    This is the rewrite rule with a nested set of parameters that first converts the key to lower case and then looks up the new URL. If a key isn't found it redirects to /blog/ which suits my needs, you might want to handle things different.
    In detail:
    1. ^/myblog.nsf/d6plinks/(.*) matches all links inside the d6plinks, the () "captures" ABCEDF (from our example), so it can be used in $1
    2. ${lowercase:$1} converts ABCDEF into abcdef
    3. ${blog-map: ... } finally looks it up in the map file
    4. [NC,R=301,L] are the switched governing the execution of the rewrite rule:
      • NC stands for NoCase. It allow to match /MyBlog.nsf/ /MYBLOG.NSF/ /myblog.NSF/ etc. It doesn't however convert the string
      • R=301 issues a permanent redirect response (default is 302, temporary)
      • L stops the evaluation of further redirection rules
As usual YMMV

Posted by on 05 December 2012 | Comments (4) | categories: Blog Software WebDevelopment

Whiteboard Selling


Boring slide driven sales presentations are not efficient, so on the constant quest to improve this IBM uses Whiteboard selling as tool to engage the audience. The seller literally paints the story and vision tailored to the customers situation and needs. Developing a whiteboard is quite an undertaking. The steps now have been outlined in a new book:
Whiteboard Selling: Empowering Sales Through Visuals

Together with The Art of Explanation: Making your Ideas, Products, and Services Easier to Understand you will have a better toolset for your sales pitches. Now go and practise!

Posted by on 05 December 2012 | Comments (0) | categories: Business