Matt Webb (Schulze & Webb)Books read February 2015

By date finished...

Somewhere in Bee (originally published 1937) I finally twigged that, for thousands upon thousands of years in the west, bees were the source of sweetness (no beet or sugar cane in Europe); booze because mead is made from honey and was invented before beer; and, using wax, candles.

Bees: Tasty food, entertainment, artificial light. That's quite a technology.

In German, animals "devour" (fressen) food, and they "perish" (crepien). Except for humans and bees, who instead eat (essen) and die (sterben).

And this: [the bee] is the only creature that has come to us unchanged from Paradise.

ProgrammableWebNew Relic Extends Real-Time Analytics Reach into Mobile Apps

New Relic recently extended the reach of its application performance monitoring tools into the realm of mobile computing applications.

ProgrammableWebWunderlist Will Open its API, Focus on Enterprise

Wunderlist, a to-do list and task manager app, has announced that it will launch its API to the general public in 2015. The API has been in private beta for some time. In a recent blog post, Wunderlist chief executive officer and co-founder, Christian Reber, announced a number of significant features and options Wunderlist will unveil this year, and touted the API as "one of the most important and exciting features we will ever launch."

ProgrammableWebWaveMaker Announces API Gateway for Legacy SOAP-Based to REST-Based App Conversion

This article is a company-provided press release and ProgrammableWeb cannot vouch for the accuracy of the statements within. If you have questions regarding the information below, please contact the company that issued the press release.

Amazon Web ServicesAWS Week in Review – February 23, 2015

Let’s take a quick look at what happened in AWS-land last week:

Monday, February 23
Tuesday, February 24
Wednesday, February 25
Thursday, February 26
Friday, February 27

Upcoming Events

Help Wanted

Stay tuned for next week! In the meantime, follow me on Twitter and subscribe to the RSS feed.


ProgrammableWebCanonical Starts to Build IoT Ecosystem

Canonical, the company behind the Ubuntu distribution of Linux, is pulling together an ecosystem of Internet of Things partners that promises to make it easier to both bu

Matt Webb (Schulze & Webb)Books read February 2015

By date finished...

Somewhere in Bee (originally published 1937) I finally twigged that, for thousands upon thousands of years in the west, bees were the source of sweetness (no beet or sugar cane in Europe); booze because mead is made from honey and was invented before beer; and, using wax, candles.

Bees: Tasty food, entertainment, artificial light. That's quite a technology.

In German, animals "devour" (fressen) food, and they "perish" (crepien). Except for humans and bees, who instead eat (essen) and die (sterben).

And this: [the bee] is the only creature that has come to us unchanged from Paradise.

ProgrammableWebGoogle Releases gRPC to Speed Up HTTP/2 Support in Applications

After more than a decade in the works, HTTP, one of the most important specifications of the Internet, got a new version, HTTP/2. The new version brings several benefits to make the Web faster, including cheaper requests via multiplexing messages on a connection at the same time, header compression, and reducing server and network load.

Daniel Glazman (Disruptive Innovations)Manly Beach

Soooo... When I was in Sydney, I had to find a doctor and then a pharmacy to buy a strong antiseptic cream. Beach's sand (more probably sharp bits of shell) created four scratches between two toes of my right foot and after a day and a half, it became slowly red, and it started swelling and oozing. And the smell was not normal. It was also quite painful. It was of course an infection, that the cream fortunately helped curing in less than two days. But now it happens I have a second extremely similar skin infection elsewhere, also happening on sand scratches, and that started very slowly after my last half-day in Sydney, half-day I spent on the same beach while my CSS WG friends were scuba-diving 300m away.

I have never walked barefoot outside of the beach, I had socks inside my light shoes so the only place I could get it from was the beach.

I am therefore seriously questioning the cleanliness of the sand at Manly Beach or worse, the pollution of the water. I read that bacterial water pollution can be rather high in Manly after rainfalls or storms and I wonder if the sand on the main beach is not accumulating that bacterial pollution... In Europe, such spots are regularly disinfected and I wonder if it's the case on Manly beach. All in all, getting not one but two skin infections from sand scratches at the same beach, on two different moments, does not seem to me a coincidence... FWIW, I never had such skin infections before.

ProgrammableWebSurvata’s Consumer Feedback API Helps Power Business Decisions

The success of a company is so often related to how well they understand their customers. With today’s growing fascination with big data, users’ opinions are sometimes ignored.

ProgrammableWeb: APIsZillow Mortgage GetMonthlyPayments

The GetMonthlyPayments API aims to return the estimated monthly payment that includes principal and interest based on today's mortgage rate. The goal is to return the estimated monthly payment per loan type (30-year fixed, 15-year fixed, and 5/1 ARM). If a ZIP code is entered, the estimated taxes and insurance are returned in the result set.
Date Updated: 2015-02-27
Tags: [field_primary_category], [field_secondary_categories]

ProgrammableWeb: APIsZillow Mortgage GetRateSummary

The GetRateSummary API allows developers to access the current rates and the previous weeks rates per loan type from Zillow Mortgage Marketplace. Current supported loan types are: 30-year fixed, 15-year fixed, and 5/1 ARM. The GetRateSummary API aims to return rates for a specific state if the optional state parameter is used.
Date Updated: 2015-02-27
Tags: [field_primary_category], [field_secondary_categories]

ProgrammableWeb: APIsZillow Neighborhood GetRegionChart

The GetRegionChart API aims to generate a URL for an image file that displays the historical Zestimates for a specific geographic region. The API's objective is to accept the region as well as a chart type: either percentage or dollar value change. Optionally, the API accepts width and height parameters that constrain the size of the image. The historical data can be for the past 1 year, 5 years or 10 years.
Date Updated: 2015-02-27
Tags: [field_primary_category], [field_secondary_categories]

ProgrammableWeb: APIsZillow Property GetUpdatedPropertyDetails

The GetUpdatedPropertyDetails API aims to return all of the home facts that have been edited by the home's owner or agent. The objective of the result set is to contain the following attributes: Property address, Zillow property identifier, Posting details such as the agent name, MLS number, price, and posting type (For Sale or Make Me Move ™), Up to five photos of the property, Updated home facts such as beds, baths, square footage, home description, and neighborhood and school names.
Date Updated: 2015-02-27
Tags: [field_primary_category], [field_secondary_categories]

ProgrammableWeb: APIsZillow Property GetDeepComps

The GetDeepComps API aims to return a list of comparable recent sales for a specified property. The goal of the returned result sets is to list the address, Zillow property identifier, and Zestimate for the comparable properties and the principal property for which the comparables are being retrieved while also returning property data for the comparables.
Date Updated: 2015-02-27
Tags: [field_primary_category], [field_secondary_categories]

ProgrammableWeb: APIsZillow Home Valuation GetZestimate API

The Zillow GetZestimate API allows developers to access Zillow's home estimates. For a specified Zillow property identifier (zpid), the GetZestimate API returns: The most recent property Zestimate, The date the Zestimate was computed, The valuation range, The Zestimate ranking within the property's ZIP code, The full property address and geographic location (latitude/longitude) and a set of identifiers that uniquely represent the region (ZIP code, city, county & state) in which the property exists.
Date Updated: 2015-02-27
Tags: [field_primary_category], [field_secondary_categories]

Amazon Web ServicesNew Elastic Load Balancer Checks for AWS Trusted Advisor

We’re adding four new checks to AWS Trusted Advisor. As you may know, AWS Trusted Advisor inspects your AWS environment and looks for ways to save money, increase performance & reliability, and to help close security gaps. Today’s checks are for Elastic Load Balancing, with a focus on security and fault tolerance.

Security Checks
The following new checks are designed to help you to improve the security profile of your Elastic Load Balancers:

ELB Listener Security – This check looks for load balancers that do not use recommended security configurations or protocols. It checks to see if the latest version of applicable security policies are in place and verifies that only recommended ciphers and protocols are used.

ELB Security Groups – This check looks for load balancers that do not have a security group, or that have a security group which allows access to ports that are not configured for the load balancer.

Fault Tolerance Checks
The following new checks are designed to help you to make your Elastic Load Balancing configuration more fault tolerant:

Cross-Zone Load Balancing – This check looks for load balancers that do not have cross-zone load balancing enabled. This feature makes it easier for you to deploy and manage applications that run across more than one Availability Zone.

ELB Connection Draining – This check looks for load balancers that do not have connection draining enabled. With this feature enabled, the load balancer will stop sending new requests to instances that are deregistering (in-flight requests will continue to be served).

Available Now
These new checks are available now and you can start to benefit from them today!


Amazon Web ServicesCustom ODBC/JDBC Drivers and Query Visualization for Amazon Redshift

A few months ago, I discussed 20 new features from Amazon Redshift, our petabyte-scale, fully managed data warehouse service that lets you get started for free and costs as little as $1,000 per TB per year.

The Amazon Redshift team has released over 100 new features since the launch, with a focus on price, performance, and ease of use. Customers are continuing to unlock powerful analytics using the service, as you can see from recent posts by IMS Health, Phillips, and GREE.

My colleague Tina Adams sent me a guest post to share some more Amazon Redshift updates. I’ll let her take over from here!


I am happy to be able to announce two new Amazon Redshift features today!

The first, custom ODBC and JDBC drivers, now makes it easier and faster to connect to and query Amazon Redshift from your BI tool of choice. The second, Query Visualization in the Console, helps you optimize your queries to take full advantage of Amazon Redshift’s Massively Parallel Processing (MPP), columnar architecture.

Custom Amazon Redshift Drivers
We have launched custom JDBC and ODBC drivers optimized for use with Amazon Redshift, making them easier to use, more reliable, and more performant than drivers available on

Informatica, Microstrategy, Pentaho, Qlik, SAS, and Tableau will be supporting the new drivers with their BI and ETL solutions. Note that Amazon Redshift will continue to support the latest PostgreSQL ODBC drivers as well as JDBC 8.4-703, although JDBC 8.4-703 is no longer being updated. If you need to distribute these drivers to your customers or other third parties, please contact us at so that we can arrange an appropriate license to allow this.

Our JDBC driver features JDBC 4.1 and 4.0 support, up to a 35% performance gain over open source options, keep alive by default, and improved memory management. Specifically, you can set the number of rows to hold in memory and control memory consumption on a statement by statement basis.

Our ODBC driver is available for Linux, Windows, and Mac OS X. The driver features ODBC 3.8 support, better Unicode data and password handling, default keep alive, and a single-row mode that is more memory efficient than using DECLARE/FETCH. The driver is also backwards compatible with ODBC 2.x, supporting both Unicode and 64-bit applications. The driver includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit.

To connect to Amazon Redshift, find your Cluster Connection String by going to the Cluster tab detail view in the Amazon Redshift Console. For more information please see Connecting to a Cluster.

Query Visualization in the Console
The Console now helps you visualize the time Amazon Redshift spent processing different parts of your query, helping you optimize complex queries more quickly and easily. By going to the Actual tab of the new Query Execution Details section, you can view processing times tied to each stage or “plan node” (e.g. merge, sort, join) of a query execution plan.

This information is pulled from system tables and views, such as STL_EXPLAIN and SVL_QUERY_REPORT. In addition to identifying the parts of your query that took a long time to run, you can also see skew in execution times across your cluster. Plan nodes that caused an alert in the SVL_ALERT_EVENT_LOG system view will show a red exclamation, which you can click to see a recommended solution. For more information please see Analyzing Query Execution.

You can also click on each plan node to view the underlying steps and a detailed comparison of estimated and actual execution time:

Keep Following
There’s a lot more to come from Amazon Redshift, so stay tuned. To get the latest feature announcements, log in to the Amazon Redshift Forum and subscribe to the Amazon Redshift Announcements thread. You can also use the Developer Guide History and the Management Guide History to track product updates.

Tina Adams, Senior Product Manager

Matt Webb (Schulze & Webb)Coffee morning 6

Hardware-ish coffee morning was awesome today! Thank you for coming this HUGE CROWD of people: Tom T, Kirsty, Daniel, Gavin, Karey, Siri, Anna, Maximilian, Oliver, Sam, Tom W, Basil, Utku, Grace, Matt C-W, Aly, Mark, Mike, Reetta, Alex and Ben.

Here's a photo.

Lots of prototypes too... Fedelis which is like a physical key for smartphone touch screens, Radio Music which is a sample player that performs like an old-school radio, Ben's flood sensor for the Oxford Flood Network which is 1/100th the cost of existing ways of doing river sensing, and a sneak preview of Fabulous Beasts which is Alex's new game.

Phew! /breathes out

I had about a trillion conversations; my notebook is a blimmin mess.

Mark asked why are people interested in hardware at all? which I thought showed a certain casualness with tact given the gathering and besides, the hardware company he himself started is now eight years old and he's done a ton more too. Anyway, Marc Andreessen's essay Why Software Is Eating The World is probably a decent starting point on that topic, with Internet of Things technologies making much of the physical world tractable to the same software-based transformation. Grace said that maybe it didn't matter why, just the itch that founders have to chase hardware down is enough to make it interesting and worthwhile.

Then a good chat with Grace on the usual challenge: Any hardware company has to lock up a bunch of capital between the factory and the consumer's hands... inventory on shop shelves, stock, parts, pre-orders, factory tooling... and a startup has to pump prime that pipeline with cash. Working capital is a poor use of equity financing. Kickstarter's pretty good, but my feeling is that you should cut margin to the bone with crowdfunding: Using Kickstarter to build a buying community is infinitely more valuable. So are there other pump priming financing options? Don't know. Would like to think of some.

Oddest chat of the morning:

Karey revealed that the portfolio on her website offers Party Mode. Click the button at the bottom of the page, and mouse over the various projects -- the page becomes an instrument, it's like a synth! And then, I swear I heard this right, when you use Party Mode, there's an Arduino in her studio that plays the music.

ALL OF WHICH LED US TO the idea that all websites should have their live stats played like ambient electronica in offices. And that somehow got recorded in my notes as what if Brian Eno cosplayed Google Analytics.


Oh yes, congratulations to Karey who is starting a new job with an Internet of Things company next week, bringing her funemployment to an end. And congratulations also to Sam who has just started with Little Riot who make Pillow Talk.

Next time

Coffee morning 7 will (probably) be three weeks from now, Thursday 19 March.

Join the coffee morning announce list for a reminder.

Thanks for coming everyone! Super good.

ProgrammableWebCiti Extends Mobile Developer Challenge

Citi, this week in collaboration with IBM, announced that it is extending its Citi Mobile Challenge to create a new generation of mobile computing applications that will be hosted on the IBM Bluemix cloud integration platform.

ProgrammableWebIBM Opens Watson Zone to Consolidate Developer Tool Access

IBM this week opened a Watson Zone on its Bluemix cloud integration platform where it will consolidate access to APIs for the cognitive computing platform along with other supporting tools and documents for developers.

ProgrammableWebEBay Finally Ceases Deprecated Shopping API Calls

Developers and affiliates who use eBay’s Shopping API were officially notified of the deprecation of certain “finding” calls back in 2011. The original time frame was extended to give partners more time to adapt, but the time has finally come to migrate to the latest API.

ProgrammableWebGoogle to Reveal Android Pay API at I/O

Google will launch a new API at its I/O developer conference in May with the goal of making it easier for consumers to pay for goods within apps and in retail stores.

ProgrammableWebTropo Connect Brings IoT, Cloud Apps to Live Phone Calls

Tropo today announced Tropo Connect, a way for developers to add cloud-based apps to phone calls and text conversations. By expanding its platform to all mobile calls, Tropo has given developers a significantly larger potential customer base.

ProgrammableWebOpbeat Unveils Operations Platform for Developers

Opbeat, which bills itself as the first operations platform for developers, today announced the release of a complete version of its platform that includes performance metrics.

ProgrammableWeb: APIsZillow Neighborhood GetRegionChildren

The GetRegionChildren API aims to return a list of subregions with the following information for a specified region: Subregion Type, Region IDs, Region Names, URL to Corresponding Zillow Page (only for cities and neighborhoods), Latitudes and Longitudes, A region can be specified at various levels of the region hierarchy. An optional childtype parameter can also be specified to return subregions of a specific type.
Date Updated: 2015-02-26
Tags: [field_primary_category], [field_secondary_categories]

ProgrammableWeb: APIsZillow Home Valuation GetSearchResults

The GetSearchResults API allows developers to find Zillow listings for a property for a specified address. The aim of the returned content is to contain the address for the property or properties, the Zillow Property ID (ZPID), current Zestimate®, the date the Zestimate was computed, a valuation range and the Zestimate ranking for the property within its ZIP code.
Date Updated: 2015-02-26
Tags: [field_primary_category], [field_secondary_categories]

ProgrammableWebACRES Launches Multi-User Interface for Shared Clinical Research Data

The Alliance for Clinical Research Excellence and Safety (ACRES), high performing global system for clinical research, has launched the first phase of a shared multi-user interface that allows sponsors, CROs, government agencies, funders, and IRBs access to professional experience, verified training, and collaborative data warehouses: ACRES BlueCloud.

ProgrammableWebHighwinds CDN API Powers Multi-Platform Entertainment Properties

Highwinds takes an API-centric approach to providing Content Delivery Network (CDN) services to entertainment companies.

ProgrammableWebTwilio Acquires Authy to Drive Two-Factor Authentication Adoption

In a move that extends the scope of its cloud services to include two-factor authentication, Twilio today announced the acquisition of Authy.

ProgrammableWebMusikki API Gives Developers Access to Real-Time Music Information

One of the problems facing music fans today is that there is so much content on the Internet that it becomes difficult to sift through the mass to find quality information and media on their favorite artists. Musikki is combatting this by creating a space that brings together everything about music. The company is releasing its Music API to allow third-party applications to access this real-time data set.

ProgrammableWebFeedzai Releases Fraud Detection API Enhancements

Feedzai, a data science company dedicated to making commerce safe, has launched a number of enhancements to the Fraud API it launched last Fall.

ProgrammableWebRingCentral Launches Custom Integrations Platform

RingCentral, a cloud-based business communications solutions provider, has announced the launch of the RingCentral Connect Platform, a custom integrations platform that features a developer portal, APIs, SDKs, tutorials, and other developer tools.

ProgrammableWeb: APIsZillow Home Valuation GetComps

The GetComps API allows for access to Zillow's database of recent sales for a specified property for comparision. Returned results aim to contain the address, Zillow property identifier, Zestimate for the comparable properties, and the principal property for which the comparisions are being retrieved.
Date Updated: 2015-02-25
Tags: [field_primary_category], [field_secondary_categories]

ProgrammableWeb: APIsZillow Home Valuation GetChart

The GetChart API allows developers to generate a URL for an image file that displays historical Zestimates for a specific property. The API uses the Zillow Property ID and a specified chart type: either percentage or dollar value change as an input. The historical data can be for the past 1 year, 5 years or 10 years.
Date Updated: 2015-02-25
Tags: [field_primary_category], [field_secondary_categories]

ProgrammableWeb: APIsSift Science Label

Sift Science Label API is a REST API that labels bad user within the Sift Science system. This API allows the business user to label behavior, categorize events, and confirm or deny sift scores. The Sift Science system uses data to learn and predict bad behavior patterns. Labeling is made through a HTTP POST to the Label endpoint, user id, and API key, which generates a HTTP status code. This API also allows for the unlabeling of a user, incase of error. Sift Science is a company focused on monitoring website's traffic and events and protecting sites from users intent on malicious activities such as: fraud, credit card chargebacks, money laundering, abuse of referral programs, and general spamming.
Date Updated: 2015-02-25
Tags: [field_primary_category], [field_secondary_categories]

ProgrammableWeb: APIsSift Science Score

Sift Science Score API is a REST API that provides a risk score for users on an e-commerce website. The Sift score for users are assessed through JSON requests containing an API key and user id and provides a JSON response. This API allows for HTTP notifications to endpoints of the company's choice and up to two hundred daily email notifications. Sift Science is a company focused on monitoring website's traffic and events and protecting sites from users intent on malicious activities such as: fraud, credit card chargebacks, money laundering, abuse of referral programs, and general spamming.
Date Updated: 2015-02-25
Tags: [field_primary_category], [field_secondary_categories]

ProgrammableWeb: APIsYandex Dictonary

Yandex, a European internet company, provides this dictionary API. Yandex Dictionary uses standard HTTP with access via XML or JSON interfaces. Use of the API requires an API Key which is available by request, for free, from Yandex. The app will return translations or word and phrase definitions. Yandex has a Terms of Use document that they recommend reading before getting started with the API.
Date Updated: 2015-02-25
Tags: [field_primary_category], [field_secondary_categories]

ProgrammableWeb: APIsHappy Inspector

The Happy Inspector API allows developers to access and integrate the functionality of Happy Inspector with other applications. Public documentation is not available; API access comes with account service. Happy Inspector is a platform for property and rental managers and management companies.
Date Updated: 2015-02-25
Tags: [field_primary_category], [field_secondary_categories]


The API allows developers to access and integrate the functionality of with other applications and to create new applications. Public documentation is not available; interested developers should contact for more information. is an on-demand roadside assistance application.
Date Updated: 2015-02-25
Tags: [field_primary_category], [field_secondary_categories]

ProgrammableWeb: APIsTrackin

The Trackin API allows developers to access and integrate the functionality of Trackin with other applications. Public documentation is not available; interested developers should email for API access. Trackin is an online ordering and delivery management platform for restaurants.
Date Updated: 2015-02-25
Tags: [field_primary_category], [field_secondary_categories]

ProgrammableWebMicrosoft Offering Preview SDK for Its Band Wearable

Microsoft has pushed out an update to its Band wearable and at the same time made available a Band SDK Preview. The new software adds functionality to the wearable while the SDK promises to let developers target the Band with their own apps. 

ProgrammableWebHardcat Launches API Access to Asset Management Platform

Hardcat, an asset management solution provider, has released version 4 of its flagship asset tracking software. V4 includes a new graphic interface, grid-format database construction, links, data retrieval, and an API that allows users to tweak the front end according to personal requirements.

ProgrammableWebIBM Applies Watson Artificial Intelligence to API Management

IBM today unveiled a range of products and services designed to advance the state of API integration, including the API Harmony service running on the IBM Bluemix integration platform that the company claims will make it simpler to identify the contextual relationship between different APIs.

Amazon Web ServicesAWS Podcast #100 – Week in Review + Stefano Bellasio of Cloud Academy

After some fits and starts, I am now recording and producing the AWS Podcast on a regular basis. I am committed to releasing at least one new episode every week, with a stretch goal of two!

Last week I spent some a couple of days at the AWS Pop-up Loft in San Francisco!

With my trusty Zoom H5 recorder nearby, I sat down in the (relatively) quiet basement of the Loft and interviewed a total of six startups and AWS partners. I’ll be editing and publishing them as quickly as possible.

My first guest was Stefano Bellasio of Cloud Academy:

We talked about what Cloud Academy does, and how it relates to AWS.  We also discussed his background, his motivation for founding the company, and his experience coming to the US from Italy.

You can listen to the full interview to learn more. At the end of the interview, Stefano announced a special promotion for fans of the AWS Podcast. Simply visit to receive a 30% discount on the Cloud Academy PRO Plan.



ProgrammableWebAlgorithmia API Exposes Collective Knowledge of Developers

The collective knowledge of algorithm developers around the world is a vast ocean of possibility. Developers are constantly working on projects to make processes faster and more efficient, as well as new ideas that will add to the progressive environment. Now algorithm marketplace Algorithmia is working on combining the work of developers by using a new API that looks to celebrate their collective talents.

Matt Webb (Schulze & Webb)Filtered for myths and archetypes


More on archaeoacoustics:

Currently, Russian and Finnish researchers are studying "palaeoacoustic" ringing rock sites on the shores of Lake Onega in Russia. They have found that the sound these natural stone "drums" make when struck is amplified by the surface of the lake, causing it to carry for kilometres around. The features are surrounded by concentrations of rock art.

So what gets me here is that the marks - the visual human intervention - the art - is a sign that there is something here that we can't see: In this case, a natural megaphone for rhythm.

From the same article:

The Native American tribes of the Great Lake region believed that a spirit world existed behind rock surfaces, which were conceived of as being like "membranes" between that world and this. ... their shamans could penetrate through cracks and crevices in the rock-face into the spirit world beyond, and also that spirits could pass through from behind it into the human world.


Sipapu is a Hopi word which refers to a small hole or indentation in the floor of kivas used by the ancient Pueblo peoples and modern-day Puebloans. It symbolizes the portal through which their ancient ancestors first emerged to enter the present world.

I saw these when I visited Mesa Verde a year or two back... funny having grown up in the west and seeing crucifixes everywhere as the dominant symbol: also the x-y axes of Cartesian space, that in the west we measure and situate our [world, values, selves] inside a shared and objective universe; also in Riddley Walker the Christ figure is conflated with Adam-the-first-man and Atom-which-is-split, arms out wide, being torn apart. Then to see an alternative symbol, an indentation, sipapu.

For the ancient Pueblo peoples, the sipapu - the place of emergence - is somewhere near the Grand Canyon: their ancestors emerged from the Third World through a crack, into this, the Fourth World, in a place known as Sipapu.


Tales from Ovid: 24 Passages from the Metamorphoses, the magical translation by Ted Hughes.

I mean, read this.

Last comes the Age of Iron.
And the day of Evil dawns.
Go up like a mist - a morning sigh off a graveyard.

Snares, tricks, plots come hurrying
Out of their dens in the atom.
Violence is an extrapolation
Of the cutting edge
Into the orbit of the smile.
Now comes the love of gain - a new god
Made out of the shadow
Of all the others. A god who peers
Grinning from the roots of the eye-teeth.

Now sails bulged and the cordage cracked
In winds that still bewildered the pilots.
And the long trucks of trees
That had never shifted in their lives
From some mountain fastness
Leapt in their coffins
From wavetop to wavetop,
Them out over the rim of the unknown.


In Our Time episode on Metamorphosis.

Now I am ready to tell how bodies are changed/ Into different bodies.


Ley lines and associated topics.

But why straight lines? Dobkin de Rios suspected that they derived from the entoptic patterning that occurs in the human cortex early in trance states as a result of poorly-understood neurophysiological mechanisms. These entoptic ("within vision") images are universal to the whole human race in all periods of time, and adhere to a specific range of "form constants" - grids, dots, webs, spirals and tunnel forms, arabesques, nested curves, lines, and so on.

And from Michael Witzel's origins and dispersal of our first mythologies,

Archetypes are those psychic contents that have not yet been submitted to conscious elaboration. Myth is the secondary elaboration of archetypes. Their images are embedded in a comprehensive system of thought that ascribes an order to the world. Common archetypes include the (great) Mother, the Father, the Hero, the Miraculous Child, the Wise woman, the Shadow. Since they are generally human, they can turn up everywhere and anytime in dreams, visions and myths.

This Laurasian approach suggests that there is a coherent mythology (with a common story line) for much of Eurasia, North Africa and the Americas.


the ultimate of origins of the universe and the world, subsequent generations of the gods, an age of semi-divine heroes, the emergence of humans, and the origins of "royal" lineages. It frequently includes a violent end to our present world, sometimes with the hope for a new world emerging out of the ashes. Ultimately, the universe is seen as a living body, in analogy to the human one: it is born from primordial incest, grows, develops, comes of age, and has to undergo decay and death

So. Yeah.

Amazon Web ServicesNew in the AWS Marketplace – Oracle Linux

Version 6.6 of Oracle Linux is now available in AWS Marketplace, with both hourly and annual pricing:

The 64-bit Unbreakable Enterprise Kernel was designed to provide scalability, reliability, and performance improvements for demanding enterprise applications, including Enterprise Oracle workloads.

This is a fully supported way to run Oracle Linux on AWS. Patches and updates are available from Oracle; 24×7 premium support is available through Orbitera.

The AMI (HVM) makes use of EBS volumes for storage and is recommended for use on the c3.large instance type (it can also be run on many other instance types).

To learn more, read the Oracle Linux Product Page and the Oracle Linux FAQ, then Launch Oracle Linux in the AWS Marketplace!

Oracle Linux is available today in the US East (Northern Virginia), US West (Oregon), US West (Northern California), Europe (Ireland), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), and South America (Brazil) regions. Software usage fees start at $0.06 / hour.





Anne van Kesteren (Opera)Same-origin policy

The same-origin policy, sometimes referred to as SOP, is the foundation of the web platform’s somewhat flawed security model. Without a browser, https://untrusted.example/ (Untrusted) can access any number of servers through curl. It cannot however access any servers located behind a firewall. With a browser, Untrusted can fetch resources from servers accessible to the user visiting Untrusted. Therefore, when a browser is involved the reach of Untrusted is what Untrusted can reach through curl plus with what the user can reach through curl. SOP prevents Untrusted from accessing the contents of resources on https://intranet.local/ (Intranet).

SOP also protects the contents of resources that depend on HTTP cookies and/or authentication (credentials). Most request contexts, such as img and script elements, include credentials in fetches by default. Thus if the user has stored credentials for https://credentialed.example/ (Credentialed), they will be included in outgoing fetches from Untrusted. (See ambient authority for why this might lead to problems.) Being able to access the contents of resources of Credentialed would be as problematic as accessing those of Intranet.

Because of SOP XMLHttpRequest has historically had a same-origin restriction. Reading the contents of resources of Credentialed and Intranet would be problematic. However, this also excludes access to notable non-Credentialed non-Intranet servers, such as (Example). The problem with Example is that it cannot be distinguished from Intranet (private IPv4 address ranges are not reliably used). We invented CORS so that Untrusted can access the contents of resources on Example (and even on Credentialed and Intranet) as long as the resource opts in. To better understand CORS we first need to look at the historical request contexts.

At some point the same-origin policy did not exist and various requests could be made across origins, including credentials, leading to some leakage of Credentialed and Intranet data. Because of the network effects of the web these holes could not be fixed and are now enshrined and part of the security model:

  • CSS can be fetched across origins as long as the MIME type is text/css. document.styleSheets is not available unless CORS is used, but since CSS rules are applied and getComputedStyle() exists, a leak exists.
  • Images can be fetched across origins and will leak the width and height of any resources that can be decoded as an image. With scripting timing attacks can be used to determine whether there is a server on the other side. When a cross-origin image is painted upon a canvas context, that context is tainted and certain methods that expose pixel data will cease to operate. CORS can be used on the image to keep the context fully working. Audio and video have similar leakage. (No MIME type checks enforced on the fetched resource.)
  • JavaScript fetched across origins will execute. And it gets worse. JavaScript fetched from Credentialed by Untrusted will execute with the powers of Untrusted, creating that ambient authority problem mentioned earlier. When CORS is not used SyntaxError exceptions thrown will not expose any data. That is good because MIME type checks are not enforced for JavaScript either, but also comments and dead code blocks might get exposed that would otherwise not be.
  • Forms can be submitted across origins and have a couple of additional vectors. Forms can use the POST method. Forms can also include request bodies of the types text/plain, application/x-www-form-encoded, and multipart/form-data. The response however is not exposed.

Now as should be clear from above what CORS enables is allowing reading the contents of resources across origins (e.g. from Untrusted to Credentialed). To a far greater extent than the enshrined information leaks that already exist. CORS also enables the full power of XMLHttpRequest across origins. However, that would be far more than what has been traditionally allowed through images and forms (e.g. custom methods and headers). Therefore requests that use the full power require a CORS preflight request. The CORS preflight request confirms that the URL understands CORS. The final response still has to include the relevant CORS headers.

Hopefully this makes it clear that the same-origin policy solves a real problem. And that we need CORS due to Credentialed, Intranet, the more powerful requests it allows, and the inability to distinguish Example from either Credentialed or Intranet. This is also the reason we do not have a TCP API. It would be great to have a solution that would remove the need for CORS and allow a TCP API, but if you think you have one and it involves asking the user, think again. And if you want to expand the information leaks (e.g. allowing document.styleSheets without CORS), reconsider. All the information leaks we have are enshrined bugs from the time JavaScript became a thing.

(Please understand that this is introductory material. It is simplified somewhat for brevity.)

ProgrammableWebGoogle Tool Scans App Engine Apps for Security Vulnerabilities

Securing your applications on the public web is an essential part of deploying any application. Various tools exist to test out against known vulnerabilities in web applications and if you have a web application hosted on Google App Engine, you know that because of a sandbox runtime, it has not been easy to pick and choose the testing tool of your choice.

ProgrammableWeb: APIsYandex Speech Recognition

This Speech Recognition API is provided by Yandex and requires an API Key, which are available by request. The API currently supports queries (general search requests) and maps (for accessing addresses) in Turkish and Russian languages. With interfaces for iOS, Android, and Windows Phone, this app offers developers the ability to integrate voice input interfaces into their mobile apps. See their extensive Doxygen documentation for detailed instructions on getting started with the Speech Recognition API
Date Updated: 2015-02-24
Tags: [field_primary_category], [field_secondary_categories]

ProgrammableWeb: APIsWeTransfer

The WeTransfer API allows developers and advertisers to access and integrate the functionality of WeTransfer with other applications. The main API methods are integration of WeTransfer functionality and retrieving statistics. WeTransfer is a file sharing and storage platform.
Date Updated: 2015-02-24
Tags: [field_primary_category], [field_secondary_categories]

ProgrammableWeb: APIsCoinleap

The Coinleap API allows developers to integrate digital currency methods into a project. Coin features such as incoming and outgoing transactions are available. This service is about simplifying payments by sending digital currency. Documentation shows an option to display parameters and responses in the same place.
Date Updated: 2015-02-24
Tags: [field_primary_category], [field_secondary_categories]

Amazon Web ServicesAWS Cost Explorer Update – More Filtering and Grouping Dimensions

AWS Cost Explorer is a spend management tool that lets you analyze, visualize and allocate your AWS spend to internal teams or projects. Using Cost Explorer, you can visualize your daily or monthly spend in easy-to-read bar and line charts or simple downloadable data tables. You can also choose to see your spend only for specific service types, linked account and tags and group the spend by both service types and linked accounts. Since the first launch of Cost Explorer in April 2014, thousands of customers have signed up to use Cost Explorer and have provided us with feedback about how easy and convenient it has become to analyze their AWS spend. They have also provided us with many suggestions for further improvements!

Group Spend By Tags
Last summer we added the ability to group your AWS spending by tag (this was a frequently requested feature, but one that I neglected to blog about at the time). Many of our customers attach tags to resources to track usage by internal departments or groups (such as setting the Environment tag to either Development or Production to allow separation of development and operational costs) and want to group the billing data in the Cost Explorer with these name/value pairs to easily perform cost allocation. To take advantage of this feature, you simply select the tag key that you would like to group your costs by (Environment):

Cost Explorer interface then displays costs broken down by all values applicable for that tag key in one report:

More Filtering and Grouping Dimensions
Today, based in large part on the response to last year’s launch, we are adding additional options for filtering and grouping your costs. In addition to the existing groupings (Service and Linked Account) you can now group by Availability Zone, Purchase Option (Reserved or Non-Reserved), and API Operation. You can also filter by multiple tag keys at the same time. You can use these new options to gain additional insights in to your AWS costs and the cost drivers behind them.

Here’s the newly updated Filter menu:

After you select a filtering option you can choose the value to show. For example, I can filter by API Operation and choose individual AWS API functions:

Or by Availability Zone:

Multiple filters can be used to further control the display. For example, I can look at costs for all development resources in a single Availability Zone:

Available Now
These features are available now and you can start using them today!


ProgrammableWebDigium Launches Respoke WebRTC Cloud Service

As a set of APIs, the WebRTC standard has the power to transform how communications are delivered inside the application experience, assuming developers can find a way to easily access it. To address that issue, Digium today unfurled Respoke, a cloud platform designed to allow developers to access WebRTC API as a service.

ProgrammableWebTop 10 Mapping APIs: Google Maps, Microsoft Bing Maps and MapQuest

The popularity of digital maps and the use of digital mapping tools have grown rapidly in recent years. While Google is still the leader when it comes to maps, there are now many other companies in the map technology industry. The immense popularity of digital maps should not be surprising; maps can be useful, informative, beautiful and fun.

Matt Webb (Schulze & Webb)Filtered for listening


Artificial skylight that uses the same physics behind the sky being blue to create a blue sky.

Comes in a variety of models e.g. For enthusiasts of Nordic countries, CoeLux 30 is available, with a 30 degree angle beam relative to the horizon. It is a wall window and is capable of reproducing a warm, grazing light.


Archaeoacoustics, including this playful idea:

[A] trowel, like any flat plate, must vibrate in response to sound: thus, drawn over the wet surface by the singing plasterer, it must emboss a gramophone-type recording of his song in the plaster. Once the surface is dry, it may be played back.

Not true, but fun to believe this: He claimed to have extracted ... the word "blue" from an analysis of patch of blue color in a painting.

Also, reproducing the sound of drums in Stonehenge.

Also, extracting sounds from pictures of gramophone records in books.

Also, the ghost between the original recording of Suzanne Vega and an MP3.


Sci-fi books upcoming for 2015.

  1. Seveneves by Neal Stephenson (May): The world is ending, and the human race makes a desperate effort to get some survivors off the planet. Five thousand years later, the descendants of humanity are divided into seven different races, all of which decide to pay a visit to the old homeworld.
  2. Aurora by Kim Stanley Robinson (July): A generation ship novel! Robinson returns to the future after a sojourn in the distant past, and tells the story of the first ever arduous journey to another solar system.


In the Qur'an, Solomon understands the language of the ants.

Until, when they came upon the valley of the ants, an ant said, "O ants, enter your dwellings that you not be crushed by Solomon and his soldiers while they perceive not."

So [Solomon] smiled, amused at her speech, and said [...]

ProgrammableWebFieldVal Tackles Lackluster API Error Handling

A new JavaScript library called FieldVal aims to solve some of the biggest problems associated with API error handling.

Amazon Web ServicesAWS Week in Review – February 16, 2015

Let’s take a quick look at what happened in AWS-land last week:

Monday, February 16
Tuesday, February 17
Wednesday, February 18
Thursday, February 19
Friday, February 20

Upcoming Events

Help Wanted


Stay tuned for next week! In the meantime, follow me on Twitter and subscribe to the RSS feed.



Updated: .  Michael(tm) Smith <>