Curiouser and Curiouser!

My Dad & I just got back from seeing The Incredibles.  We both really enjoyed it.  The humor works, it's well paced, and it looks fantastic.  My only complaint was no out-takes.  I know they been done, but this was a film crying out for outtakes.  And, heck, it rewards you for reading those endless lists of animators names :-)

And talking of credits what the hell is a Sweatbox manager?  Hmmm.... maybe I don't want to know after all ;-)

Bayesian Explained.

Bayesian inference is useful in practice yet it's difficult to grasp fully or explain clearly. If you always wanted to learn about Bayesian inference, this article by Paul Meagher is probably your best bet. I make a terrible teacher but, at least, I can recognize good ones.

[Don Park's Daily Habit]

A useful link from Don.  I'd really like to find something similar for Hidden Markov Models and the Viterbi algorithm.

Gurteen Knowledge Quote of the Day - Tuesday November 30, 2004

"In the dim background of mind we know what we ought to be doing but
somehow we cannot start."

*** William James ***

For more information on this quotation and the author see:
http://www.gurteen.com/gurteen/gurteen.nsf/id/X0001D17A/

Hmm... i'm more familiar with the subject of this quotation than i'd like ;-)

I was just thinking about the way I use my browser (Mozilla) and some of the things I'd like to be able to do which seem to be impossible given the current browser security model which prevents pages in the browser from performing actions which are potentially abusive. Whilst I agree with this as a default position (I like security) the fact that there is no way around it bothers me. For example the Mozilla authors have decreed that Javascript will never be able to create new browser tabs. I hate that!

This sort of thing stems, I think, from the fact that everything inside the browser context is deemed to be untrustworthy. But does it have to be that way? What I have in mind is the ability to designate to the browser a set of scripts which are to be co-loaded into every page. You would do this through the browser preferences with appropriate warnings and so on. The scripts would be regular Javascript and would be automatically embedded into every page just as if the author themselves had put them there (with control over the load order). The key difference would be that these scripts would be trusted.

This would allow browser functions such as window.open() to determine whether the calling script was trusted or not and act appropriately. For example in a call to window.open(), the openintab=true modifier would be only be honoured if the calling script was trusted, otherwise the call would open a new browser window as normal.

I think such a trusted code mechanism would open the way for exploding the functionality of the browser. You could expose all kinds of mechanisms to Javascript code.  For example what happens when you click on a link? At the moment it's a fixed action but you could make it possible for trusted scriptlets to override this action. Maybe this would be useful to build in anti-phishing deterrents.  I might also like a way of submitting all links I click on to my own link tracking database.  Basically whatever you can think of.

Obviously it's not without issues.  Some scripts would be autonomous (such as the link click callback script) but to really open it up would require a way for untrusted script to call trusted scripts.  But we already have workable models for how this sort of things can be done (I'm thinking of the personal firewall approach) and, besides, the ability to install these scriptlets would be a control point.

For me, allowing a trusted Javascript model opens up all kinds of possibilities. I wish it would happen.