My notes

My notes

Something you should see .. selected by me

Emoji on Mac OSX

I just found a very simple way to add Emoji in OSX to (quite) every text box, you have simply to press ctrl + command + space and you will see the list of available Emoji, I think I will never use them but it’s a nice trick to know


Why the OpenSSL Heartbleed Bug is related to marketing (and why it’s a bad thing)

On 7th of April a bug in OpenSSL became public, friendly called “Heartbleed Bug”. In IT world it’s not very rare to find bugs on many layers of an infrastructure. It’s generally a good thing because finding bugs the overall security increases providing a more secure IT world.

In last 2 days there was much much information related to this bug, partially because OpenSSL is a very critical part of anything considered “secure” and partially due marketing.

Internet is generally considered (correctly) an insecure world but thanks to cryptography (which OpenSSL is a very important key) the web became far more secure than before. So it’s important that every people involved in IT know about the bug in order to fix/update what needed.

The problem about this bug is that it was used to make marketing. In last 2 days I received tens of emails from all web-service providers in which they claim/announce they are fixing/already fixed the problem on their end.

If on a perspective it’s good to inform users on some critical fix done on your service, on the other side I’m asking myself why this bug was so advertised. A bug in a webserver or in a database is not less important nor less critical than this one, but nobody alert you when update used db or web server.

I’m for an open, shared and transparent communication (and in general honesty) with customers, but I think that the Heartbleed bug was really treated in a terrible way by everybody and not “by error” but “by marketing”.



Recently I found a very interesting project from @jimaek called jsDelivr.

What is it?
At first it looks like a common CDN service which hosts opensource libraries. You can look for the name of the library and you get urls, not so new but it’s still useful.
Probably you know that other CDN services hosts opensource libraries for free so you could not be so surprised.

Why should I care?
jsDelivr has 40 POPs (Point Of Presence) around the world including POPs from maxcdn AND cloudflare but the really great thing about this project is that it uses all these POPs load balancing them in order to provide to the user the best performing POP (now you should be intrigued).
There are many discussions around if it’s better maxcdn or cloudflare to serve your files but usually the best answer is “it depends”. Using jsDelivr you simply don’t care when is better which service, you can be sure that the best provider will be used based on your visitor’s location/network!

Want more? (really much more)
I was never really interested in hosted libraries because they drive to more requests => many DNS resolutions => many downloads => much more time to complete the page.
The great thing about jsDelivr is that you can combine multiple files into a single request!
Do you need to include bootstrap, jquery, d3js and angularjs? You can do with a single script tag, in a single HTTP request (or HTTPS if you prefer)! (now you should be thrilled)

Probably you understood how interesting is this project and you are thinking “sounds great, how much?” .. good news, it’s totally free!

Included libraries (with surprise)
At the moment jsDelivr hosts 951 opensource libraries but the number is increasing and (great news) you can add them on your own! It’s really simple (I just tried), you can read how to do it in on GitHub. (you should think “oh my ..”)

Last good news
If you like the project and you are thinking to use it to serve your javascript files there is a even better news. It’s not limited to javascript! You can add javascript libraries, CSS frameworks, fonts and even more!

Enjoy jsDelivr and spread the news, this project really deserve more attention!


On WebRTC, WebSocket and Server Side Events

Recently I’m getting interested to WebRTC, WebSocket and Server Side Events (SSE), they are all VERY interesting technologies but focused on different concepts and thought for different purposes.

The main WebRTC mission is to establish connections between clients (browsers), it’s basically an unreliable channel (by default it uses UTP instead of TCP) and a good usage example is a de-centralized communication between browsers (games and so on).

WebSocket is more “common” and is thought to establish a bi-directional connection between server and browser without user’s action. It’s ideal if you have to stream some data to client (back and forth) and you don’t want to use some other tricks like AJAX or similar. It’s basically reliable because it uses a TCP connection.

Server Side Events are a quite simple approach to push data from server to browser without client’s action. The main difference between SSE and WebSocket is the direction of communication, in WebSocket we have a fully bi-directional communication, while in SSE it’s mono-directional from server to client.

Which is the best technology? As always, it depends by what you need.
If you must be sure of reliability of connection you should avoid WebRTC (UTP can loose some packets .. by design).

If you are unsure to choose between WebSocket or SSE the thing to let you decide should be if you need a bi-directional communication or not. 

Support in browsers

WebRTC support is coming, Firefox and Chrome support it but (as usual) IE is behind (

WebSocket support is pretty good in all major browsers (Firefox, Chrome and even IE) (

Server Side Events support is still coming, it’s supported by Firefox and Chrome but (again) IE is behind (

Everyone knows the revolution that AJAX made for the web, now we are pushing the limit ahead with these technologies which will made the web an even more useful and feature-rich place!

Today Apple released OSX Mavericks, tomorrow the number of questions like “How can I fix this in mavericks?” on socials will be huge (as usual)
- the future teller inside me