Recently while working on a project for a large pharma company I was asked to investigate how we could encrypt emails on one server, deliver them securely, and then decode them on a second server. I knew there was a project called OpenPGP and so I started investigating...

It turns out that this is rediculously easy to use! Once you've installed OpenPGP and Crypt_GPG the process is not tricky.

1. Create a key - the public part to encrypt your email, the private part to decrypt it on the other server.
2. Create an email form (on SSL page), pass form results to a separate php script to handle it.
3. Show form results to user, encrypt form data, send encrypted email
4. Using the private key, either decode the email on arrival, or use another form.

The results are usable and effective! Go have a look at my OpenPGP test script in the sandbox and enjoy sending yourself some 2048bit secure emails!

I've included the important bits of the code below just incase it helps anyone out.

I've come across a couple of good sites which highlight the ongoing changes in browser useage and distribution. Statcounter.com has been around for a long time, and was one of the first statistics websites I recommended to my clients before Google Analytics and Woopra came along. Statcounter Globalstats is their new minisite devoted to browser useage, and it's really interesting to see the slow demise of IE6 and 7 as Firefox and Opera take on new users.

You can view stats by country, region or globally and you can categorise by browser, browser type, OS and search engines. Really quite useful for a grand overview! It still doesn't replace detailed browser stats for your own website, as you will of course need to cater to all your own users rather than taking a global view.

The really interesting thing is that if you view by month or 2 months, you can clearly see the effect that business use has on IE and FF. IE useage for 6/7 spikes during the week and FF spikes at the weekend. This is as clear an indication as you could wish that businesses are not yet on board with the latest generations of browsers. It's also a slight vindication for the EU antitrust ruling against Microsofts browser monopoly - bundling IE with all Windows installations.

The demise of IE will be music to the ears of the crowd at www.bringdownie6.com, a site devoted to advancing the demise of the much maligned standards-uncompliant browser. Set up by .Net Mag, it's a call to action for webdesigners and corporations to ditch the anachronistic browser and update to the freely available standards compliant alternatives.

This image illustrates the slow demise of IE6 as Firefox 3 takes a steadily increasing market share. Notice the large spikes in browser useage on weekdays compared to weekends. IE6 has a lot of business users, companies which have modified the core code for their own purposes and have not had the resources to upgrade to IE7 or an alternative browser. FF and IE7 exhibit less fluctuation, with slight peaks at the weekend, indicating a more general useage pattern.

I've been going for years creating standard driven websites, then in the space of a few days I get asked to stuff the standards twice! This time the client wanted custom scroll bars which would integrate with the page style and create a "full browser experience". I tried to point out that this sort of practice died out along with IE5 and the pop-up blizzard in 1999 but they were adamant.

So I got my thinking cap on. It's perfectly possible to do this in IE5/6 but all the modern browsers completely ignore any styling which tries to alter the way the browser application itself displays. As it happens the solution has been out there for a while, is open source and is really quite elegant.

jScollPane runs on the jQuery library, and allows you to create degradable JS driven scroll bars, which you can customise to your heart's content. The solution the client went for in  the end was to have a fixed-height page container with a jScrollPane driven "div" in the middle which could scroll using the custom styling. If JS is turned off in the browser, then the user just gets whatever the browser renders for them.

And I have to say.. despite all my posturing on standards, it does look pretty good!

As part of my work, I've been asked to create a good looking tag cloud for a homepage. This presents something of a dilemma, as normally I'd shy away from using large font sizes simply because it's quite hard to predict how they are displayed on different screens. It's all very well creating something which looks sweet in Vista with its built in anti-aliasing, but in anything from XP downwards, anti-aliasing is an option which is OFF by default, so you can very quickly turn large text into web horrors.

The answer seems to be sIFR, which allows you to dynamically replace your large font with rendered flash text. To explain - it uses a combination of Java and Flash to replace the target text as the page is loaded. The original html is hidden, not removed, and then the flash plugin renders beautiful true-type font in whatever style you like. Anti-aliased, drop shadow, crisp as you like.

What's better, it's fully accessible and very usable too. If Flash is not installed, or java is turned off, then the browser simply renders the normal HTML with whatever styles you chose. At this point pray the user is in Vista or on a Mac..

Well it's been a while since I've posted here, but thats simply due to the fact that so much has been going on! I've made the move to London, I've accepted a full time post with a Digital Agency, and I'm finishing off work with the various clients I've been working with over the past few months. As an update to my general status, I'm still happy to accept contract work, but on the understanding that timescales will be extended a bit compared to when I was 100% freelancing.

On a completely different note, I received an email today from my hosts stating that fidgen.co.uk had been shortlisted from 10,000 of their hosted websites for their account upgrade awards! Always nice to get something like that out of the blue! Time to upgrade the site again...

The finest white paper...
The smoothest silk finish..
The best quality printing...
An envelope, with a generous portion of sticky, pre-seal glue.

This is no ordinary P-45, this is a Marks & Spencer P-45.

Arrived from a friend in my inbox and tickled me enough to share!

I came across this article on the BBC yesterday, and it's really interesting to see just the sorts of error they are picking out. It's also really important that this information is spread as widely as possible, as everything that has been highlighted is relatively simple to fix. If two of the 25 can account for 1.5million website breaches last year, then I'd be interested to know how many the 25 as a whole can account for! The 25 villains include:

Improper Form Input Validation
Failure to maintain SQL Query structure (SQL Injection)
Cross-site Scripting
Hard coded Passwords

And a whole bunch of stuff which I'd have thought is screamingly obvious for any web designer who has half a care for avoiding these sorts of problems. A lot of the remaining 25 refer to server configuration, but there is something every single coder can do to help kill off this problem... Learn to code properly!

It's about time I posted on here again, things have just been too busy for me to sit down and type an article out! The reason for all this is that I'm set to move house and follow the herd down to London. Whilst working in Norfolk has been excellent in terms of my social life, and a ready network of business contacts, London will be better still on both counts. I'm currently interviewing for several web developer posts, we shall see what comes up!

On a comletely different tack, I've started my revision for my Prince 2 Foundation exam. Once you get past all the bullshit, it is actually a very useful tool! As soon as I know what my schedule is going to be like once I've moved I'm also going to book my Practitioner exam.. no point beating about the bush. I've managed several projects before, and a validatory certificate will be a decent string to my bow.

In what may be a legal first, an Australian lawyer has used the social networking site to serve legal documents on a couple who defaulted on their mortgage. In a ruling that appears to have no precedent in Internet history, the judge in this case ruled that court notices served on the site were binding!

Lawyers who had already exhausted all conventional methods to find the couple decided to get creative, and hit upon Facebook as the solution. Being keen Facebook users, the lawyers put the details provided by the couple on their mortgage application, including their e-mail addresses and dates of birth into the Facebook site.Less than a minute later, he had tracked them down.

The couple now has seven days to respond to the papers before the loan company moves to repossess their home.

This just goes to show once again that there is no-where to hide on the Internet once you sign up to the social networking sites! I try quite hard to limit the amount of data which is publicly available about me, but unless you make your account next to invisible for all but your closest contacts, people will still be able to find out some information about you. If you have been on the web for even a couple of years, your online past will still come back to haunt you - some things I created as an experiment nearly 10 years ago still pop up on google if I search for my own name!