This talk
- The main problem real people have with the web
- On web languages
- On mobile access
The two gods of literature
according to Ted Nelson
A common benefit, overlap of need.-- but a battle.
Negotiation in style
- Cascading style sheets
- Accessibility
- User font sizes etc (eg HTML mail!)
Unexpected Reuse
is the value of the web.
- Writer insists on pale blue on white, user overrides.
- Writer intends entry through tunnel, user bookmarks deep in site.
- Writer writer, reader indexes.
Essential balance between keeping the intent of the content, and allowing
the reader control over what she does with it.
The intermediaries
- Publishers
- Audio-visual people
- Internet Service Providers
- Web software, Web protocols
In the last case, this conference is concerned.
The unwanted parties
- Seaside banner planes
- Billboards
- Pop-up pushers
Users #1 problem?
- Spam
- Phishing
- Pop-ups
- Viruses
- Computer system destruction
"Malware"
Somebody Else's Problem?
Spam is mail, not HTTP, but...
- Spam and Phishing use HTML
- Pop-ups use a web browser
- Viruses can be downloaded by HTTP, and led to from HTML.
- "User Agent" -- double agent?
- Web publisher and user culture is key.
By the way, use SPF records against spam. Please do to.
Causal elements
- User executing untrusted code
- Confusion between code and data
- By users
- By browser software
- By operating system
- Hooks for malware in OS
- Lack of accountability for hooks and code
Avoidable software problems
- Looking at the URL or filename instead of the Internet Content Type
- Saving it with a filename which implies wrong type
- No concept of the difference between safe information and unsafe: a
column in the table
- Adding unsafe features to existing safe specs, eg Javascript with
unsafe power to HTML, Scripting to Microsoft Word, etc
- e.g. allowing the address bar or status bar to be overwritten! (whose
agent?)
Unsafe information
- A really important part of the language specification, agreement
between parties.
- Defined by software, if not conforming (eg JPG viewer bug)
- Part of the control battle between the gods.
- New features tried out in Javascript, then deployed into CSS, SMIL,
XForms, etc
- Is HTML now unsafe? Yes for some firewalls.
We have let this slide too far, empowering the bad guys
Safe information
Safe languages are
- Declarative, Visible (REST)
- Not turing complete (scripts)
- Maybe not as expressive as first order logic (logic)
- Have a standard meaning
- Separation of form and content
Confidentiality issues
- Data extracted from user's environment by e.g. inclusion in
document
- Smuggled out in modified URI of link, form, etc
- Tip of the iceberg of responsible management of data
- Voice browser situation involved 3rd party
Unambiguity and Accountability
- Communication relies on common understanding of the message
- Phishing relies on meaning seeming to be something else
- Limits on the battle of the gods, like fine print
- Interesting with Semantic Web languages
Semantic Web languages
Languages about real things using URIs as symbols
- Very reader-friendly
- Reader control on many axes:
- Subject of data
- Source of data
- Properties I am interested in
- Views I chose to use, Lenses (Haystack)
Semantic Web stack
- Rules workshop April 2005
- All the languages are more visible than scripting languages
- Principle of least power applies
Architectural notes
If this an old bug, why isn't it fixed?
- Safety of languages has to be specified in standards and enforced
- Use safe languages whenever possible on your web site
- Trusted systems will exclude or sandbox unsafe languages
- Separation of form and content emphasized again
- Independence of the communication from the provider of software
Software, web sites, O/S, users all need to change
Device Independence
Is very related
- Separation of form and content
- Visibility and re-use
- Semantics
Mobile web access
- Drivers:
- Mobile commerce
- Mobile entertainment
- Mobile enterprise
- Location-based services
- Communication
- Benefits:
- Mobile technology industry
- Society and business in general
No lack of hardware...
Source: RusselBeattie.com
Some Statistics
Source: T-Mobile, modeled on Credit Suisse First Boston, Mobile
Data 2004, Pyramid Research, Global Mobile Capex Handbook, August
2004
Internet-Enabled Mobile Phone Penetration
| Region |
April 2004 |
| Japan |
79% |
| Other Asia |
54% |
| Europe |
47% |
| North America |
37% |
| Brazil |
37% |
| Worldwide |
49% |
Source: A.T. Kearny/University of Cambridge - Judge Institute of
Management, July 2004
Challenges
- Cramped user input
- Limited output
- Difficult environment
- Limited bandwidth
- Intermittent connectivity
(Philipp's user on the train)
It's 1996 All Over Again ...
| Web 1996 |
Mobile Web 2004 |
| Too slow |
Too slow |
| Lack of interoperability |
Lack of interoperability |
| "What's new?" |
"What's new?" |
| Child protection |
Child protection |
| Not accessible |
Not accessible |
... But Not Quite 1996
| Web 1996 |
Mobile Web 2004 |
| Few connected users |
Many potentially connected users |
| Lack of content |
Lots of potential content |
| Little industry |
Big potential industry
|
Goals
- Today, mobile Web access is a problem for
Developments
- W3C MWI
Workshop (Barcelona 18-19 Nov 2004)
- Operators: Vodafone, NTT DoCoMo, Orange/France Telecom, T-Mobile,
...
- Browser Vendors: ACCESS, Openwave, Opera, Obigo/Teleca, ...
- Content Providers: BBC, MSN, Yahoo!, ...
- Authoring Tool Vendors: Adobe, ...
- Mobile software: HP, Oracle, PalmSource, Sun, ...
- Handset manufacturers: Nokia, RIM, SonyEriccsson, ...
- Extensive discussion with all major players
- Review by W3C Advisory Committee
- Announcement due very soon....
Announcing the W3C Mobile Web Initiative!
- Best practices for mobile web content
- "MobileOK" trust-mark
- Shared device description database
- Increased collaboration with OMA
- Founders/Sponsors program
- Full Sponsors: France Telecom, HP, and Vodafone
- Affiliate Sponsors: MobileAware, Segala M Test, Volantis
- Founders opportunities still open till July 1
- Possible future work
- Framework/profile, training, marketing, validation services, test
suites, discovery, etc.
- Longer term: Web on Everything - Transportation, entertainment,
appliances, Ubiquitous Web
