They have some older APIs that depend on MD5(password) being used directly, to compare against auth credentials or to derive other hashes to verify API requests.
Though older APIs they're still used by many older or infrequently updated clients, such as hardware devices with sold with Last.fm integration.
Unfortunately, the longer you've been around the more likely you are to develop dependencies that make it more difficult to upgrade your password hashing.
A new site can do whatever it wants with password hashing, but it becomes harder for older sites with more legacy dependencies to make that kind of change and Last.fm has been around for almost 10 years.
This isn't to say "MD5 is cool, don't worry", but to try and illustrate some of the reasons behind this.
> There are only 2 groups who don't have JavaScript support
That's not entirely accurate. While those are two of the most common cases there are plenty of other contributing factors (http://developer.yahoo.com/blogs/ydn/posts/2010/10/how-many-..., this comment makes a good case). Errors stemming from network congestion, developer error and even CDNs failing - only a few weeks ago the google hosted version of jquery (iirc) failed leaving lots of sites with broken JS and an effective no-JS experience.
Personally I think building a site that works well without JS and then progressively enhancing it is the Right Thing to do. It means you're building a robust site for the real web and the multitude of clients and conditions that comes with. In your example I wouldn't want JS failing to prevent a checkout process, it should be robust and continue working, albeit less smoothly.
> honestly don't see the point of degrading the experience for everyone based one these two demographics
IMO If you're doing progressive enhancement well then this is not the case. I don't think the iOS/Android comparison is accurate either. The web is much more varied, the differences less well defined.
You're right, it does depend on what you're building and for who. But I don't think the general case is as binary as you've make out.
This article is mostly bullshit and certainly doesn't "help grasp what Tech City UK is all about", notably:
"which started as a government effort to rejuvenate East London" is laughably incorrect. Silicon Roundabout was a jokey term coined (by Matt Biddulph) to describe a bunch of companies working and socialising in the area. That was a few years ago, since then it's become a big PR thing for local companies (mostly co-working spaces) and now government.
Sure, there's tech growth, but an much is from pre-existing companies and people. Gov involvement has brought some attention to the area, but also a lot of sycophants and opportunists.
Another good skeptical read: gigaom.com/2011/11/11/is-london-tech-citys-phenomenal-growth-just-spin/
Spotify is trying to be the perfect on demand music service, Last.fm isn't. It's something we tried and ended up moving away from a year or two back.
On demand music is a very difficult market to be in. There are lots of companies trying but many failing or hitting difficulties, like Spotify in the US. There are real challenges in a) being profitable and b) stay on the good side of labels.
Personally I believe that the on-demand part of music streaming is commodity and more can be easily replaced, where as scrobbling provides a richer and more personal experience. However, I do agree with parts of the article, Last.fm hasn't moved as fast as it could have, some features need adding and some improving. That's part of the plan for this year.
There are so many features, integrations, interesting things, etc. that you could do with your platform, userbase, and data, it just seems like after the acquisition, all future dev. halted. It is a shame, and I'm now looking for an alternative after years of scrobbling, and being an avid user. Lately I've been using http://hypem.com -- it would be fantastic if they could mine my own personal scrobble data and make recommendations based on it.
I can entirely understand that, and kind of agree. We have more data that anyone could know what to do with, but we should be doing more, I'd certainly like us to be.
To try and explain the apparent lack of activity; the last couple of years have had a lot of sorting-house, changes in product (moving away from on-demand, charging for some services, etc) and some technical "house keeping". Last.fm has been around for ~8 years, that is a long time and comes with a lot of technical debt, it can slow you down.
PS: One of my favourite things about Last.fm is our approach to openness of data, our API makes it totally possible for hypem (who are awesome, especially Anthony) to use your scrobbling data, even the recommendations we generate for you, on hypem.
We believe that if the data is visible on the website then there should probably be an API for it, because if there isn't, then someone will have to scrape it anyway.
There isn't a Facebook style "Give me a chuffing great zip" option, but there are lots of API wrappers to pull down your scrobble history (for example). It could be friendlier to non technical users, but it's entirely possible.
Counter data-point here: I just let my last.fm subscription lapse and switched to rdio because of on demand music even though its "related music" throws up a lot more crap than last.fm does.
It's not ideal, but artist-disambiguation is also a non-trivial problem to solve. The effort of which needs to be balanced against a) how many people it affects and b) what else needs doing.
> For that matter, what is your character set? Are you using just letters, or alphanumeric characters? Again, I'd prefer the former since you aren't going to get a significant boost from the extra choices. You might also want to take out 'O', 'o', and 'l' so its unambiguous when written out.
Though older APIs they're still used by many older or infrequently updated clients, such as hardware devices with sold with Last.fm integration.
Unfortunately, the longer you've been around the more likely you are to develop dependencies that make it more difficult to upgrade your password hashing.
A new site can do whatever it wants with password hashing, but it becomes harder for older sites with more legacy dependencies to make that kind of change and Last.fm has been around for almost 10 years.
This isn't to say "MD5 is cool, don't worry", but to try and illustrate some of the reasons behind this.