Tried out Spotify.

Now, the back story here is that I’m not very big on Internet apps for music. Basically there’s nothing missing in my life that iTunes cannot do. So I’m not a big user of Last.fm, Pandora, Muxtape, or any of those other things. I’m all mainstream and iTunes. So I had some skepticism for Spotify. But I figured I’ll give it the benefit of doubt and give it a go.

I’ve now been using it for a couple of days — more than I anticipated. And there are several good things about it.

The first thing I like, before talking about music, is the general high quality of engineering and design. It’s a really well done piece of client software. Specifically, it is small and super fast in all aspects. It starts pretty much instantly. When starting to play audio tracks, there is no perceivable delay. Searches are lighting fast, much faster than iTunes. The whole thing is extremely snappy and responsive.

There’s a quote from one of the readings in my design classes that’s been haunting me for a long time, and in a good way. Originally I read this in Bill Buxton’s “Sketching User Experiences”, but apparently the original source is Bayles & Orland, p 29.

The ceramics teacher announced on opening day that he was dividing the class into two groups. All those on the left side of the studio, he said, would be graded solely on the quantity of work they produced, all those on the right solely on its quality. His procedure was simple: on the final day of class he would bring in his bathroom scales and weigh the work of the “quantity” group: fifty pound of pots rated an “A”, forty pounds a “B”, and so on. Those being graded on “quality”, however, needed to produce only one pot — albeit a perfect one — to get an “A”.

Well, came grading time and a curious fact emerged: the works of highest quality were all produced by the group being graded for quantity. It seems that while the “quantity” group was busily churning out piles of work — and learning from their mistakes — the “quality” group had sat theorizing about perfection, and in the end had little more to show for their efforts than grandiose theories and a pile of dead clay.

Put more simply: you don’t get better at making pots by researching making pots, or thinking about making pots. You get better at making pots, by making pots. And pots here are, of course, only a placeholder for… just about anything.

Just came across this example. I don’t mean to pick on this particular site, I just stumbled on it.

The following happens on these pictures. I am looking at the classic form which says “Lost password? Enter your e-mail and we send you the activation link”. I enter my e-mail and click submit. It tells me that this e-mail was not found. I hit their “back” link (NOT my browser’s “back” button) and come to the same form… except that the “submit” button is disabled. I can enter another e-mail, but I can’t submit.

What’s going on?

We see the following code in the page that shows me the form:

<form id="request_pass" method="post"
action="login.php?action=forget_2"
onsubmit="this.request_pass.disabled=true;
if(process_form(this)){return true;}else
{this.request_pass.disabled=false;return false;}">

So… when process_form validates the form to be OK, the button is disabled. Which is a good idea to disable multiple clicking. But, on the resulting page, you come back with javascript:history.go(-1), and this does not reset the previous page state. The page is shown exactly as the browser last saw it. With the submit button disabled.

How to fix? There are two ways:

1. Instead of javascript:history.go(-1), use a normal URL that triggers a page reload and script resetting.
2. Remove the validation and button disabling from the form. Less desirable, since does not prevent multiple clicking, which may in the worst case trigger several password reset emails and confuse the user.

Twitter has had two security blunders recently. In January, their admin password was bruteforced with a dictionary attack, enabling celebrity pranks.

And just this weekend, Martin told me that Twitterrific used non-HTTPS authentication unless you secured it yourself. Well, this apparently was true until Twitterrific’s latest 3.2 version, released Jan 29, in whose release history notes you see this:

All communications with Twitter are now encrypted using HTTPS

The Twitter API documentation does not really mention “HTTPS”, “SSL” or “security” (in encrypted connection context) anywhere. But you need to be smart enough to figure out that you can just substitute HTTP with HTTPS in the API calls and then it’s secure.

It’s been quiet here. Hello? Anybody home? Yes I am. Just been very busy with other stuff. And being busy lead me to think about my Internet presence and make some changes.

For a while now, I had this Misc Random site. I used it to post miscellaneous snippets about anything, but it was also where I reposted my Delicious, Twitter and Google Reader shared items. Except that the Twitter part broke a while ago. And I didn’t bother to fix it.

So now, I sat down and thought: is there any point to that Misc Random site? I couldn’t find any. Aggregation is better done elsewhere. Except, that is, until recently I didn’t know of a nice aggregation services. Yes, there were many around, but none that I would call “nice”.

I’ve now figured that I like Friendfeed. So I shut down Misc Random and redirected the Misc Random feed/domain there. I aggregate everything about my Internet presence there.

This also led me to think a bit about the sites I use to post all sorts of stuff about me for various purposes.

• Friendfeed. Everything below aggregated to the same place. And I like its commenting system, you can comment about anything.
• This blog.. Rare postings, work- and technology-related stuff.
• My Estonian blog.. For my Estonian friends and family.
• Twitter. I may not use it at all on some days, but at other days, I post a lot. Both about work and about random stuff.
• Flickr. For my photos.
• Tumblr. A new site I created for posting random thoughts and photos that are too long for Twitter. Like movie reviews and screenshots. I wish it would save full-resolution images though, so that people could click through to them. Would be nice for screenshots.
• Delicious. My bookmarks, both work/technology and “misc random” kind of stuff.
• Google Reader shared items. I tag interesting things from my feeds from time to time.
• Youtube. I have very few videos, but occasionally may post.
• Facebook. Most of my Master’s friends are there.
• LinkedIn. My work profile.
• Dopplr. My travels. Friendfeed doesn’t seem to support this yet.

Quite a list, but somehow it works out. For each thing, I know right away where to put it, don’t really have to think. I guess it is both because a lot of them (Flickr, YouTube) are media-specific, or I post things right in context (Google Reader) without having to go elsewhere.

And while I’m posting something: our company now has a website. I have nothing else to plug yet, other than the fact that the site exists. And that you can come work for us.