This story was written by Keith Dawson for UBM DeusM’s community Web site Develop in the Cloud, sponsored by AT&T. It is archived here for informational purposes only because the Develop in the Cloud site is no more. This material is Copyright 2012 by UBM DeusM.

Friday Four for 1 November

Four items hand-picked to interest developers.

As usual this week in Friday Four, I bring you four hand-curated topics from around the Net calculated to intrigue developers.


App makers cited for lack of privacy policy
California is the only state that requires mobile apps to publish a privacy policy in a conspicuous way. (Federal law has no such requirement.) Last spring all the major mobile app platform vendors -- Amazon, Apple, Facebook, Google, Microsoft, and others -- agreed to require privacy policies for any app they host. The state's Department of Justice gave app makers some slack to get their privacy policies available. At the end of October the clock ran out, according to reporting by Bloomberg.

Sources told Bloomberg that as many as 100 app makers were sent a letter warning that they had 30 days to file a plan to come into compliance. Those receiving the letter included Delta Airlines, United Airlines, and Open Table, the sources said. (I haven't seen these particular companies confirmed.)

Fines for violating this law are up to $2,500 per download (presumably, by a citizen of the state of California).

Blow-by-blow account of an advanced persistent threat attack
I don't know about you, but I love detailed recountings of the ways hackers go about their work. This one, unwinding an APT attack on a Swiss bank, took six weeks to reconstruct; it took the hacker two weeks to perpetrate, according to Gianni Gnesa, security researcher at Switzerland-based Ptrace Security.

Rackspace lets customers build their own virtual networks
We have written about Open Stack -- this is the open-source cloud technology on which Rackspace is built. We haven't yet delved into Software Defined Networking in this community; it is of interest more to network engineers and IT managers than it is to developers. It may be of interest to those shopping for cloud resources that Rackspace now lets you configure your cloud via SDN. Those who are particularly concerned about the security of public clouds -- the isolation of one client from another in a multi-tenant environment -- can take heart at this announcement, which is assuredly only the first of many offerings mashing up Open Stack and SDNs.

Compressive images
Responsive Design will be familiar to many here. Lately we've been discussing the progress toward standards for specifying responsive images (see: Getting to Responsive Images) to work gracefully in such designs. Now Scott Jehl of the Filament Group has posted a simple technique that could provide a stopgap until the full generality of the <picture> element and the img@srcset syntax reach standardization and are widely implemented. This technique is called "compressive images" and it is counterintuitive, to say the least.

We learned long ago not to let browsers do image scaling; in the early going they did a poor job of it. We may need to revisit this bit of common folklore. It turns out that if you let the browser scale down a JPG image saved with the image quality set to zero, the result can look nearly indistinguishable from a larger, more traditionally handled image.

Note that the Filament Group also employs Mat Marquis, chair of the Responsive Image Community Group working on <picture>, so we can be sure that the RICG is aware of compressive images and will take them into account.

The Friday Four gives a hat tip each week to Ron Miller, whose collection of five links for developers and IT pros runs weekly on