Posts tagged need

Why Web Tools Like AngularJS Need To Keep Breaking Themselves

As the line between native and Web applications increasingly blurs, more developers are turning to Web application frameworks like AngularJS. AngularJS, developed and open sourced by Google, has been especially hot, whether measured by general interest, jobs, or open source contributions, largely due to its ease of use

See also: Ember, Angular and Backbone—Which Web Framework Is Best For You?

But not everyone is happy. According to AngularJS critic-in-residence Danny Tuppeny, the AngularJS development community has “lost its marbles” of late. But is his criticism valid?

Why AngularJS?

AngularJS is a popular Web application framework—a collection of JavaScript code libraries, templates and other software intended to make it easier for developers to build dynamic Web pages or Web apps.

See also: Why Even Simple Technology Can Be Hard For Developers

Web frameworks are hot in general, but AngularJS is blisteringly so, as measured by relative growth in job postings:

Source: Job Trends

There are several reasons for this popularity, and Starsheet VP of Products Adam Conrad names three:

  1. It’s Google-approved: “Angular is built and maintained by dedicated (and highly talented) Google engineers. This means you not only have a large open community to learn from, but you also have skilled, highly-available engineers tasked to help you get your Angular questions answered”
  2. It’s comprehensive: “No other plugins or frameworks are necessary to build a data-driven web application”
  3. It’s easy: “With a few attributes added to your HTML, you can have a simple Angular app up in under 5 minutes”

These are good reasons to use AngularJS. It turns out, however, that there are some pretty strong reasons not to, some of which emerge in the comments section of Conrad’s article.

Why Not AngularJS?

Some criticisms are particularly focused. Tom Dale, one of the creators of EmberJS, a rival framework, worries that AngularJS may be attempting too much:

Dale is, of course, biased, and occasionally lets it show in rants like this one

But he also has a valid point, one that comes through even more strongly in Tuppeny’s broadside. For Tuppeny, the problem with AngularJS isn’t its ambition or its pace of development, but rather the way it routinely leaves developers behind:

Our current codebase has parts that are over 10 years old; and we hope our new codebase will last this long too. It seems that if we start writing Angular today; we’ll be forced to rewrite the frontend in three to four years at latest (and with the way apps are going, the frontend is likely to be a large codebase). This doesn’t sound very attractive…. We need frameworks that are stable and supported long-term; not that are constantly inventing new concepts and being rewritten with breaking changes every 5 minutes. Of everyone, Google should know how hard it is to maintain large web apps

Google and the AngularJS community, in other words, may be acting like… well, Google, which regularly dumps or revamps its Web applications after just a few short years. This is par for the course with fast-moving Web companies, but may not fit a more staid enterprise application lifecycle.

Which may be the point.

AngularJS: Breaking By Design

We don’t live in a world with 10-year product lifecycles anymore. If your company does, you may want to find a new job. As Ars Tempo founder Zlatko Đurić writes:

[W]e should rebuild our components every 3-5 years anyway. Do you still write code the same way you did 4 years ago? If yes, then why using angular in the first place, why not just use components you’ve built your stuff with before it? Using the same browser APIs, the same things you relied on in the past?

The payoff is worth it, he continues:

To me, it’s still the … ideas that power the Angular framework that matter. Like DI and data binding. Those things make me able to develop a new webapp in 3 weeks instead of 3 months. That’s what matters. And if in 5 years, when I’m two years into Angular2, somebody asks me to extend my old app built with 1.2, I’ll probably be pissed at how verbose or stiff the old Angular API was. Or that I can’t just use a finished component for it.

AngularJS developer Pascal Precht echoes this sentiment:

I think before you judge about the new templating syntax that comes with Angular 2.0, [Tuppeny] should at least mention why that is. The next version of Angular is built for the future. That means, embracing technologies like Web Components. In order to do that, Angular has to be rewritten, since the current version of it sits on top of a design made like 4 years ago.

The Web, in other words, pushes us forward, and AngularJS seems to be willing to sacrifice backward compatibility to get there. Yes, it probably could be done more cleanly, with less heartache for developers. But no, the alternative is not to comfortably recline in the easy chair of the current Web. 

The Web, after all, will force us to continuously break with the past, perhaps more often than is comfortable. But that’s the pace at which innovation goes today. 

There is no rest, saith the Web, for the application developer.

Lead image courtesy of Shutterstock

View full post on ReadWrite

Paid Search Roundup Q3 2014: From Performance Trends To Key Product Updates, What You Need To Know

The quarterly reports and earning statements are in. Overall, all signs point to continued global growth for paid search advertising in Q3. Here’s a look at performance results and the biggest announcements and changes to come from Google AdWords and Bing Ads in the third quarter 2014. What…

Please visit Search Engine Land for the full article.

View full post on Search Engine Land: News & Info About SEO, PPC, SEM, Search Engines & Search Marketing

What Country Do You Need to Be In? An AdClarity GeoSurf Review [SPONSORED] by @lauraTrueVoice

Disclosure: This is a sponsored post by AdClarity GeoSurf. In preparing to check out AdClarity GeoSurf, I’ll readily admit I’ve only used a proxy a few times. When I was, I was looking to recruit international affiliates and at that point I would have loved to have this program. So I’m going to write as if I was using this in the advertising network arena, because that is where I can see the most benefit. I realize there are a few groups this will appeal to: those who currently use free proxies, those who have not yet seen the potential of […]

The post What Country Do You Need to Be In? An AdClarity GeoSurf Review [SPONSORED] by @lauraTrueVoice appeared first on Search Engine Journal.

View full post on Search Engine Journal

7 Popular Content Marketing Myths You Need to Stop Following by @neilpatel

As content marketing gets more popular, people are coming up with their own notions of what everyone should be doing. A lot of these notions are myths, and if you keep following them, you will hurt your traffic. What are the 7 myths you should be avoiding? In this post, not only will I break each one down, but I’ll also tell you what you should be doing instead. Here it goes: Myth #1: Everyone Should Have a Blog Having a blog isn’t for everyone. Sure, it can help drive more traffic to your business, but the big problem with creating one […]

The post 7 Popular Content Marketing Myths You Need to Stop Following by @neilpatel appeared first on Search Engine Journal.

View full post on Search Engine Journal

What Do I Need To Do a Podcast? by @albertcostill

Several years ago, most people wrote off podcasts as a fad – and with good reason. While podcast usage stayed stagnant for years, a majority of marketers focused on producing content for social media outlets. Then, an interesting thing happened. Podcasting became the next big thing. Again.  Edison Research found podcasting reached an all-time high in 2014. In fact, there are an estimated 39 million podcast listeners in February 2014, right here in the US. But, does that justify you jumping on the bandwagon? Jeff Bullas suggests that “podcasting is worth checking out” because is can help you get noticed in an ever-more […]

The post What Do I Need To Do a Podcast? by @albertcostill appeared first on Search Engine Journal.

View full post on Search Engine Journal

Open-Source Projects Need More Than Good Code—They Need Marketing

Most open source developers focus on writing great code and don’t bother marketing their project. Which is why most open-source projects fail. Utterly.

While it’s a convenient fiction to believe that open source is a meritocracy where the best code wins, it’s just that: fiction. As Apache Storm founder Nathan Marz writes in a recent blog post, solving an important project with useful code is only half the battle. It’s equally important—and sometimes more so—”to convince a significant number of people that your project is the best solution to their problem.”

See also: How To Get Started In Open Source

That’s called marketing, and most developers are terrible at it.

Telling Stories

I’ve written before that every technology company needs at least one English major. It’s easy to believe that the world will beat a path to your project’s door, Field of Dreams style (“If you build it, they will come”). But the world doesn’t work that way.

People—and developers are people, too—have a finite amount of attention. That’s why we’re seeing the fading of the polyglot programmer. As former Googler Tim Bray notes, “There is a re­al cost to this con­tin­u­ous widen­ing of the base of knowl­edge a de­vel­op­er has to have to re­main rel­e­van­t.”  

See also: Why Every Tech Company Needs An English Major

As the number of open source projects booms, getting developers interested in your particular project is non-trivial. By marketing a project well, developers can cut through the noise and help their project to stand out. As former Facebook and Google engineering executive Santosh Jayaram articulates, English majors are critical for helping companies “tell stories” about their projects. 

And while no developer really wants to read some Randomly capitalized Blurb on GitHub about a Project!, as the worst marketing “professionals” are prone to do, project leads who can tell a compelling story around their project, English-major style, are more likely to find developers that want to use and/or contribute to a project.

The Accidental Marketing Of Storm

This is what Nathan Marz discovered as he sought to increase adoption of Storm, a real-time computation system. In 2011, I joined Dave Rosenberg to build a company (Nodeable) focused on delivering Storm as a service. The company was a bit ahead of its time and ended up getting acquired by Appcelerator.

Storm, on the other hand, really took off. 

Twitter started acquisition talks with Marz in May 2011 to acquire his company, Backtype. To help increase the valuation Marz wrote this blog post, touting the potential of Storm, which was at the heart of Backtype’s technology stack. 

In the process he stumbled on the value of marketing the project:

The post had some surprising other effects. In the post I casually referred to Storm as “the Hadoop of realtime,” and this phrase really caught on. To this day people still use it, and it even gets butchered into “realtime Hadoop” by many people. This accidental branding was really powerful and helped with adoption later on.

From then on, Marz spent a great deal of time both developing the technology and (in his words) hyping it, bolstering that marketing hype with documentation because “people cannot use your software if they don’t understand it.” 

But it wasn’t just code. Marz also hit the campaign trail, blitzing conferences:

Over the next year I did a ton of talks on Storm at conferences, meetups, and companies. I believe I did over 25 Storm talks. It got to a point where I could present Storm with my eyes closed. All this speaking got Storm more and more exposure.

The result, however, was worth it:

The marketing paid off and Storm acquired production users very quickly. I did a survey in January of 2012 and found out Storm had 10 production users, another 15 planning to have it in production soon, and another 30 companies experimenting with the technology. To have that many production users for a major piece of infrastructure in only 3 months since release was very significant.

Get Yourself A Story Teller

Storm has become an incredibly important project, but it never would have reached this stage without a lot of marketing along the way. As should be clear by now, I’m not talking about billboards along Highway 101 or pop-up ads on Hacker News (if those existed). 

Rather, I’m suggesting highly informative marketing like Marz did to raise awareness of and interest in Storm:

Building a successful project requires a lot more than just producing good code that solves an important problem. Documentation, marketing, and community development are just as important. Especially in the early days, you have to be creative and think of clever ways to get the project established. Examples of how I did that were making use of the Twitter brand, starting the mailing list a few months before release, and doing a big hyped up release to maximize exposure. Additionally, there’s a lot of tedious, time-consuming work involved in building a successful project, such as writing docs, answering the never-ending questions on the mailing list, and giving talks.

This isn’t the sexy work of a code jockey. But it’s this very marketing drudgery that often will make the difference between a great project that no one uses and a great project that changes the world. Linux, for example, didn’t hit its stride in the enterprise until IBM committed to spend $1 billion marketing and promoting it. 

Storm, for its part, didn’t require a $1 billion injection. But it did require a heck of a lot of Marz’s time spent marketing, not coding.

Lead image courtesy of Shutterstock

View full post on ReadWrite

Why SEOs Need To Stop Automating Email Outreach For Links

Link building is a time-consuming process, so it may be tempting to take shortcuts. But email outreach is one area where you should always invest the time.

The post Why SEOs Need To Stop Automating Email Outreach For Links appeared first on Search Engine Land.

Please visit Search Engine Land for the full article.

View full post on Search Engine Land: News & Info About SEO, PPC, SEM, Search Engines & Search Marketing

6 Lessons About Non-Linear Content That SEOs Need to Know by @garyshack

In a not so distant past, linear storytelling was the pervasive marketing communication tactic used to reach consumers. Brand storytellers and traditional marketing agencies built fortresses on 30-second stories expecting people to simply listen and sit until the end.  It worked, no doubt about it. We enjoyed it. We bought the idea, and their products, too. We had no choice. First off, let’s revisit what linear storytelling means. It can be visualized as a chronologically arranged plot of a story. It starts from A, goes to B, and ends at C. End of story. Most TVCs run this way. Linear Storytelling: Non-linear storytelling, […]

The post 6 Lessons About Non-Linear Content That SEOs Need to Know by @garyshack appeared first on Search Engine Journal.

View full post on Search Engine Journal

Everything You Need To Know About The Shellshock Bug

Judging by how the past week has gone, it’ll be a while until we see the end of the Shellshock bug, an old but recently discovered flaw in Unix-like operating systems that’s widespread, difficult to patch and not too hard to exploit. It’s like the trifecta from hell.

Worried about what it is and how you can protect yourself? Here are some plain-English answers to your questions about this nasty bug.

What Is Shellshock?

The bug stems from coding mistakes in bash, a low-level computer program that’s been part of many, but not all, Unix-related systems for decades. That makes the bug mostly a problem for servers that run Unix, Linux or other similar operating-system variants, although Mac users might also have something to worry about.

The name “Shellshock” is a bit of wordplay based on the fact that bash is a “shell,” a type of program used to execute other programs. Bash, like many other shells, uses a text-based, command-line interface. (If you’re on a Mac, you can see this by opening your Terminal program.) Programmers can use bash to access another computer or computer system remotely and feed it commands.

Bash is short for “Bourne Again SHell,” a pun on Stephen Bourne, the computer-scientist author of an earlier Unix shell known simply as sh. It is compatible with every version of Unix, which made it an obvious choice for the default shell for Linux and Mac operating systems.

Bash is several decades old, and security researchers believe the Shellshock bug has lain undetected in bash for at least 22 years.

So Who’s Vulnerable?

Technically, any computer or system with bash installed is vulnerable. Since bash is installed by default on Unix systems, that includes a lot of computers. 

Windows computers are safe; they don’t use bash. But if you’re using a Mac or running Linux, Ubuntu, or some other Unix flavor where bash is the default interpreter, then you could be at risk.

Just because your computer is vulnerable to Shellshock, however, doesn’t mean hackers can target it. For them to do so, they’d have to be able to access your computer’s bash program via the Internet.

If your computer is connected to the Internet through a password-protected wireless network—or physically via an Ethernet cable—you’re still basically safe. If you’re using an open, untrusted Wi-Fi connect, though, you could theoretically be vulnerable to a Shellshock exploit. 

Even that’s extremely unlikely, though. The most likely targets, according to cyber security firm FireEye, are Internet servers and related large computer systems.

What About Me? Do I Have To Worry?

Eight versions of bash contain the vulnerability, from 1.13 up to the latest 4.3. To figure out which version you are using, you can open up your Terminal program and type the following:

$ bash --version

To search for the bug, type:

$ env X="() { :;} ; echo vulnerable" /bin/sh -c "echo stuff"

If your computer responds with “vulnerable stuff” then your version of bash is indeed executing variables like code, and therefore contains the vulnerability.

Even if your computer is vulnerable, it’s still extremely unlikely that you will be targeted through the Shellshock bug. It’s too much effort for hackers to bypass your password-protected Internet connection just to get to it. 

How Do Hackers Take Advantage Of The Bug?

Let’s take the simple test people are using to check for bash vulnerability, a command you’d issue to bash in this form:

$ env X="() { :;} ; echo vulnerable" /bin/sh -c "echo stuff"

If bash was working correctly, that command would assign the variable X a value—the string of characters “() { :;} ; echo vulnerable”—and would print this on the screen:


The bug, however, causes bash to interpret everything following that weird collection of parentheses, brackets, colons and semicolons as another command. In this case, that command just prints the word “vulnerable” on the screen:

$ env X="() { :;} ; echo vulnerable" /bin/sh -c "echo stuff"

But it could just as easily search for sensitive bank information, erase all your files, grant a new user untrammeled access to your computer or worse. Since bash is a key component for working on computers remotely, the hacker doesn’t even need to be anywhere near the system to do it.

See also: New Security Flaws Render Shellshock Patch Ineffective

This is only the first of at least six bugs associated with Shellshock that security researchers have found. The latest, known to researchers as CVE-2014-7186, assists with creating denial of service attacks in which hackers can disrupt a computer’s Internet service.

How Do I Protect Myself?

That’s the tricky part. Security experts keep issuing patches, but researchers are simultaneously finding new related vulnerabilities. So “protection” is a moving target here, at least so far.

If you’re using Linux or Unix, Red Hat developed a patch over the weekend, but you have to install it over the command line and it’s got a lot of steps. This is Red Hat’s second patch for the bug but definitely not the last—as researchers keep finding more vulnerabilities associated with Shellshock, they have to keep reinforcing the patch. This patch only offers partial protection, but you can get instructions for installing it on your machine here

See also: The Bash Bug Makes Every Mac Vulnerable; Here’s How To Patch It

Apple has maintained that the “vast majority of users” are not susceptible to the bug, only those who have customized their advanced Unix settings. To play it safe, Apple has released a patch, though security researchers have discovered new vulnerabilities associated with Shellshock that this patch doesn’t fix.

What’s The Real Danger?

Researchers have just discovered the first Shellshock botnet. (A botnet is a network of hacker-controlled computers operating maliciously as a group.) This botnet is called “wopbot” and seems to be targeting a content delivery network named Akamai as well as parts of the United States Department of Defense.

When the wopbot gets ahold of susceptible computers, it uses the aforementioned CVE-2014-7186 vulnerability to launch a denial of service attack. Akami and the DoD have managed to remove wopbot’s command and control center, but the server that runs the bot is still live and looking for targets. 

Is This As Bad As Heartbleed?

The Heartbleed bug let hackers exploit the way your browser talks to a website over an encrypted channel. An attacker could theoretically exploit the bug to unravel the secure channels used by banks, e-commerce sites and other sensitive locations to steal passwords and other sensitive information.

See also: What You Need To Know About Heartbleed, A Really Major Bug That Short-Circuits Web Security

Some security researchers say Shellshock will be “worse than Heartbleed” since bash allows hackers to explicitly inject code on remote computers, while Heartbleed only allowed them to passively listen in on server conversations they shouldn’t have had access to. 

Furthermore, it was possible to patch Heartbleed immediately once security experts disclosed its existence. (Though many sites weren’t exactly fast off the mark.) Shellshock has been a different story so far.

We’ll update this explainer as more information is available.

Photo via Shutterstock

View full post on ReadWrite

Lessons From Google@Manchester: You Don’t Need To Be Big To Be Best

Two talks at the annual Google@Manchester conference in the UK this week revealed the light at the end of the tunnel for SMEs everywhere.

The post Lessons From Google@Manchester: You Don’t Need To Be Big To Be Best appeared first on Search Engine Land.

Please visit Search Engine Land for the full article.

View full post on Search Engine Land: News & Info About SEO, PPC, SEM, Search Engines & Search Marketing

Go to Top
Copyright © 1992-2014, DC2NET All rights reserved