The Physical Web

Yesterday, Google showed off some of its recent work enabling the “Physical Web.” Bluetooth-LE is the enabling technology that will link browsers and the internet to physical objects and the things near you.

Bluetooth-LE (“low-energy”) was introduced around 2011. It brings interesting new features that were not in “Bluetooth Classic.” Beacon functionality was added so that devices can advertise their existence.  B-LE devices do not require the complex pairing operations that Classic devices need. B-LE makes it easier to simply take control of devices that are physically near you.

Google Chrome now has experimental support for Javascript methods to access Bluetooth. This has been in the developer channel for a little while, but it is now available in the general release for desktop and Android.  Chrome for iOS had previously announced support, so there is no change there. Chrome on desktop platforms requires you to enable the feature under chrome://flags#enable-web-bluetooth.

Once you do, you’ll be able to construct a website that uses Bluetooth to control a nearby object. Javascript in the webpage can access the navigator.bluetooth.requestDevice method to look for a particular type of device, or a device advertising a particular service. (Note: the Chrome implementation does not allow code to obtain a list of every nearby device, as the developers view this a security risk.) A webpage may, however, look for a particular device given its UUID – a globally unique identifier.

By enabling the browser with Bluetooth access, a website can dynamically load and execute a Javascript program particular to a certain type of device. Get near a dimmable light-bulb, and it will advertise a web page that lets you control it. The web page and the Javascript are delivered over the web, but the control of the light will be direct from your laptop to the lightbulb. Step up to a parking meter, and a web-page will accept your payment already knowing which meter you’re near.  The payment will be handled by Stripe on a web site, and your device will be able to charge the meter directly over Bluetooth.

Read More

Check out a Code Lab

Cutting the Cord in San Francisco

I’ve been wanting to investigate receiving OTA (Over-The-Air) HDTV broadcasts in San Francisco for a while now.  I am not yet committing to “cutting the cord”, but I wanted to run some experiments to see if it is even possible for me.  Along the way I learned some things and discovered some helpful resources.

Learning about my location

The first thing to do (before buying any antenna hardware) was for me to find out what I might receive.  The best online resource I found was this one.

AntennaWeb helps you see which stations you can get from which towers, and also helps you select an antenna type.  My home out near McLaren park sits high on the hill and has a clear view of Sutro Tower.  AntennaWeb suggested that I could get by with a “Small, Multidirectional” antenna for broadcasts from Sutro.

Continue reading Cutting the Cord in San Francisco

Live-Streaming, MicroBroadcasting Redux

Live-Streaming apps for smartphones have seen a surge in interest in the last year.  Meerkat and Periscope (now Twitter) leapt onto the scene nearly at the same time and captured the imagination of a new crop of people anxious to share their experiences as they are happening – in real time.

Why the sudden interest?

Continue reading Live-Streaming, MicroBroadcasting Redux


HIPAA-compliance is a complicated subject. There are some best practices that are easy to comprehend, and then there are many gray areas with no clear guidance. In a very short summary, for a web-service to be HIPAA compliant, it must ensure that PHI (Protected Health Information) is well protected, and that accesses to PHI are logged for auditing. This places some clear requirements on the providers of a web-service.


  • The servers and database must be secured. A private network and even physical security may be required.
  • Administrator access must be logged.
  • Data should be encrypted while at rest.

These requirements can be onerous, but common best-practices are emerging too. Companies providing “HIPAA-as-a-service” are emerging. (see below.) Aptible, for one, lets you develop your web application using common technologies like Rails or Node, PostgreSQL or Redis, but deploys it to a secure private cloud that they manage for you.

Continue reading WebRTC, HIPAA and Turn-ONLY