Tag Archives: Google

mod_pagespeed is not (always) the answer

What is mod_pagespeed

Google recently released a chunk of code in the form of an Apache module. The idea is that you install it in your Apache server, it sits in between your application and the web browser and modifies the served requests to make the page load faster.
It does this by using combinations of filters, some are well known best practices, others are newer ideas. For example on filter simply minifies your JavaScript while another embeds small images in a page using data-uris. The changes these filters make range from low risk, to high risk. It should be noted that not all the filters will improve the page time some even making pages slower in some cases.

So what’s the issue?

The issue here really isn’t mod_pagespeed, but it’s the way people are viewing it. In my job as a Web Performance Engineer I have had several people recently say to me “let’s put mod_pagespeed on our web server to make it faster”. This is a break from normal attitudes, if someone were to to say “we should put our images into data-uris” then people would question the speed benefit, or the extra load on the server. For some reason when Google implement a page speed module people just assume that it will make their page faster, and that it will work in their environment. The truth is that Google really have no idea what the module will do to your page.

The second issue is that all these tweaks can usually be better implemented at the application level. If you minimize all your JavaScript as part of your build process then the web server will not have to do it for you. The same applies to data-uris. If they are simply part of the page then the browser doesn’t need to read in the extra image, uuencode it, then compress it. All that is quite a lot of work, which only really needs to be done once.

So what should I use mod_pagespeed for then?

You don’t always have access to the application code. If you are using third party software then before mod_pagespeed you may have had no control over the minification of CSS. This is where the module really shines. It gives you a layer between the application code and the web browser where you can apply all sorts of performance tuning.

The other advantage I can see is for looking for the best tunings to apply to your application quickly. You can setup mod_pagespeed and and run experimental tests with the filters on of and with a control to quickly figure out what rules you should apply in your application.

Google’s Privacy Bungle

Google has recently taken a large amount of criticism for capturing unencrypted wireless network traffic as part of its Street View project. Google admitted to the world that although it was only looking to capture station MAC addresses it inadvertently also captured the payload data. Many articles have emerged blasting Google for what Senator Conroy calls ‘This is probably the single greatest breach in the history of privacy’. I believe Google hasn’t done all that wrong, to understand why you need to know how a wireless network works.

Wireless networks can either be encrypted or unencrypted but in both these cases only the payload is encrypted. The packet headers which contain information about who the packet is addressed to and who it is from. The reasons for this are similar to why you might write a letter in code, but you would not write the envelope in code. In an unencrypted network the whole packet is sent in clear text including the envelope and contents. The difference between these analogies and how a real network works though is that to read the envelope you need to physically obtain it and there is only one copy. A wireless network broadcasts everything to everyone within 100 meters.

This isn’t really a problem if your network is encrypted as people will not be able to read it easily. If however your network is not encrypted its the equivalent of yelling out everything that you type into and read from your PC. Almost all banking websites will ask your PC to use extra encryption, but many other sites will not. So anyone in a 100 meter range of your computer or access point can watch everything you do on your computer.

What Google were trying to do was get a list of the locations of these access points. So they would have captured the headers of all packets they saw, grabbed the wireless routers address out of it and marked its location on a map. Except according to them they accidentally put code in that captured the whole packet. This meant that for all the unencrypted networks the Google Street View cars drove past they may have captured private information.

There is a class action in Germany against Google for capturing this data, and more can be expected elsewhere soon. Suing Google for this is like walking in to a public place, yelling out a bunch of private information and then suing anyone who happened to be recording at the time, or suing someone for writing down smoke signals you send to someone from the top of a mountain. If your access point is sending data unencrypted then every wireless device within 100 meters cannot help but hear your data, you’re just lucky most will ignore it.

If you really cared about your privacy you would at least make some attempt to restrict others access to your data. Not knowing is much an excuse as not knowing people were recording in that shopping mall. Don’t take your privacy for granted, check whether your network is encrypted, and if you don’t know how, get someone who does. Ignorance is not an excuse! This time it was Google, the next time it could be an identity thief.

Random Thought: If privacy is so important to people at the moment, what’s with all the data on Facebook?

Google G1: Six Months On

So six months ago I bought my Google G1, my first impressions were excited and extremely positive. Has this phone stood the test of time though?

Physically

The phone is still in good physical condition, which is more than I could have said about my old XDA Atom Flame after six months. There are a few scratches on the screen, but I bought a screen protector for it so I can simply peel them off. Surprisingly the various crevices on the phone have avoided build ups of dust which commonly plagues my phones. The battery is beginning to fade, and can only last me around 12 hours with my ordinary usage (which is probably considered heavy usage). This makes weekends away from home interesting as I have to avoid using my phone to stretch the battery over 24 hours.

When I first got the phone I expected that the keyboard keys would fade, or that the keyboard snap mechanism would somehow break. I was wrong, the keys are still as visible as when I first got it, and the snap mechanism still works perfectly.

The OS

In the time I’ve had this phone Android has gone from 1.1 to 2.0. Sadly there haven’t been any official new releases of the phone software. There have however been releases of the well known mod for this phone called ‘CyanogenMod’. Currently CyanogenMod is at Android version 1.5 with parts of 2.0 ported across.

Since the first week I had the phone I’ve been using CyanogenMod and have seen the improvements in it take it from strength to strength. Originally it looks almost the exact same as the original OS but now it includes several features that I could not live without. My favorites would be:

  • Tethering to my Linux PC
  • OpenVPN settings
  • 360 degree rotation
  • Improved contacts screen with direct call links
  • Voice Search

The Applications

Like any mobile OS the best part is the applications. This is where an OS either make it or breaks it. While Google have been constantly improving the Android platform old apps have remained around and stayed compatible with the phone. Google has also held two developer competitions during the time I’ve had the phone which has brought loads of new apps and innovation. So as each application is its own entity I’m going to review my favorites separately.

Google Maps

When I got the phone Google Maps was simply a map, with limited search capability and able to give directions. Since then however Google have added Street View, Navigation (US Only sadly), Buzz and much better searching. For something I used once a month I now use it almost daily.

ConnectBot

One of the reasons I went for a phone with a hardware keyboard was to make SSHing into my Linux machines easier. ConnectBot handles this perfectly. I cannot stress enough how useful this application is. Recently it has been improved to include support for SSH agents too which improved things even further.

My Tracks

As someone who enjoys hiking and walking having a GPS logger can be extremely useful. My Tracks basically turns your Android phone into a GPS logger and displays the data for you on a map. It also allows you to export the logs in popular formats or simply upload them to My Maps on Google. It can also graph your elevation, speed and display interesting statistics.

Conclusion

All up I still enjoy this phone, and still use it daily. I am looking at moving to either an N900 or the Google Nexus One next. I haven’t moved because the N900 has been having trouble with the USB connectors breaking off, and the Nexus One is too expensive to import into Australia. I doubt I’ll be moving to another phone any time soon and this phone doesn’t look like it will give out any time in the near future.

Random Thought: What is the cell phone market going to look like five years from now? And where the hell is my wristwatch phone?

Google C&Ds CyanogenMod

In an act that appears to contradict both the ‘do no evil’ and the ‘android is open’ mantras of Google they sent a Cease and Desist to CyanogenMod creator Cyanogen. This effectively means that all cooked versions can now no longer include and Google applications, sync with Google services or the many other closed source parts of the ROM. I use Cyanogen’s mod and this effectively cripples it to a worthless Linux phone distribution. Google have essentially said to me “You know that T-Mobile G1 you brought that was supposed to be completely open? Well we never made all the good bits open, and now we’re taking them away.”. I can’t use the Official ROM because I live in Australia and it constantly sends text messages to T-Mobiles myFaves which costs me a fortune. So Google has removed my ability to use their services on my ‘Google’ phone. So now wherever you read a press release where Google claims that Android is open you know what they really mean is they made the stuff they had to open and closed the rest.

I see only one way out of this mess, we need developers to replace all the closed source parts of Android with free software solutions. This means Android will be free and fully open source. Why stop there though? Lets make Google’s decision into one they will regret! As the open source community is replacing the closed source apps we should build in functionality to allow the phone to work with Google’s competitors. When you first used the G1 you had to sign in using your Google account. What if that same box let you sing in with your Live Id, your Yahoo account or even OpenID? Imagine the Android phone being written in completely open source to work on any operator! It wouldn’t be hard either, most are beginning to provide APIs to their accounts and I’m sure they’d love to help.

Edit: According the the Save Cyanogen Petition application on the market it is impossible to even run the ROMs that Google claim to support without the Google binaries.

Random Thought: Did you know the first Australian computer was built by Trevor Pearcey and Maston Beard in 1947-1951.

The T-Mobile G1 Phone

The T-Mobile G1 Phone goes by a few names. HTC Dream and Google Android Development phone are two more. Essentially they are the same hardware and the only change is the software. The Android Development phone unlike the others comes with an unlocked bootloader allowing you to flash any software image you want where the other two will only allow software signed by either HTC or T-Mobile.

I bought mine two weeks ago and it has completely replaced my Windows Mobile phone to the point where I actually gave it away. The main issues that I have with Windows Mobile was the instability and the difficult to use interface. This new phone was a breath of fresh air. Amazingly when I was testing it out with the seller it received a weeks worth of SMSes indicating that my Windows Mobile phone had stopped accepting them.

I opted for the T-Mobile option. Mainly because I found one cheap on eBay but also because I knew of an exploit to easily get root, flash a new bootloader and install whatever OS I wanted. I knew with almost absolute certainty that I would want to be able to play with root access to the OS. I could have went with the HTC Hero or Magic (the successors to the G1) but I liked the idea of the flip out keyboard way too much.

The G1 is easy to use without a stylus, in fact it won’t work with a stylus as is uses a capacitive touch screen. This means all the applications, the keyboard and the core OS are designed with that in mind. While I could use my old phone with my thumbs many of the controls were impossible to use without perfect precision. Generally all the controls on the Andriod are larger and easier to manipulate, where the Windows Mobile controls are clunky and small.

The Android marketplace is also something that Windows Mobile could certainly have done with. It is an almost perfect image of the iPhone App Store, except that in the culture of open source most of the applications are free. The applications are easier to search for, review and download making the Android Marketplace a much easier to use and more polished tool.

One thing this phone and my last one have in common was the hacker community around them. Both have multiple ROMs available and its relatively easy to flash a new one. I’m currently running the latest stable CyanogenMod (4.0.4) which was extremely easy to flash courtesy of the latest kernel vulnerability and some specially designed tools.

Random Thought: I thought Androids could make breakfast for me.