[Header Picture]

# My View of 2012

Over on John Dowdell's blog, which carries Adobe branding, but supposedly only reflects his views, he asked a series of far reaching questions which basically boil down to:

This is the full text of the comment I posted. John makes a reference to "Software wars elsewhere," so hopefully he doesn't take it that way.

I won't mention what devices I carry, because it's not relevant to my message. What is relevant is that I carry both a phone and a tablet, and they're made by different manufacturers. Otherwise, they're basically the same device in different sizes. When the contract on my phone is up, I will be ditching it, because I've found that the tablet works way better for me.

I've always lived on the edge of technology. In Jr. High I was playing with these things called BBS's. By high school I had found this internet thing. I was the first person I know to have something faster than a modem at home. Through all of this, I've learned that I seem to be naturally attracted to that technology which will later become popular.

I've discovered a new way of living now that I have my tablet. The experience is not seamless yet, and the company which made my tablet is horribly clueless in some key areas, but it's helped me to realize what these devices mean and where we are going. Fundamentally, we have not only crossed the tipping point, but the slide is happening, and we're starting to see a burst of human creativity as people adapt their current business and start new businesses to fill the new needs opening up. At the same time, other businesses are going to close down or be drastically reduced because they were unable or unwilling to change their business model in this age of abundant information.

As more people carry around an ever increasing variety of personal screens, from phones with 4" screens to tablets with 13" screens, businesses that want people to come in off the street are going to have to find a way to get their information onto these screens. People in an urban environment are going to rely less on looking at the signs around them, and instead will find an out of the way corner on the sidewalk to check yelp, foursquare, facebook, google maps, or whatever their favorite site happens to be. As a result, I predict that businesses that once spent a lot of money on flashy signs to attract customers will instead spend a lot of money on flashy bluetooth and location based marketing services. In 10 or 20 years, cities like tokyo and hong kong may be able to see the stars again.

These screens mean more than that, however. While the software powering these screens will be many and varied, the hardware will be surprisingly uniform, from a user POV. You interact with these devices by touching, dragging, pushing and prodding, just like you do in the real world. The experience is one of intimately interacting with objects on your screen, not indirectly interacting with them like you do with a mouse. When I read a book in the Kindle app on my tablet, I can absentmindedly put my finger on the right egde, move to the left just a little, and the page curl animates and tracks my finger perfectly so that it look exactly like what happens when I do the same with a real book. Even better, mentally, it FEELS the same as when I read, minus the tactile feel of the paper against my fingers.

Attention to detail like that creates an experience that transcends the device. I forget I'm holding a screen and just fall into the book.

Having provided some background which I think is important to a number of questions you raise, I will attempt to predict what I would write if I were somehow able to travel back to 2010 from 2012, and communicate the important trends and events.

Users, for the most part, will use the devices and software that give them a warm and fuzzy feeling. (Some of my friends gets a warm and fuzzy feeling from using keyboard shortcuts. Some people juggle geese!) There will be a variety of devices to fit almost any need, but generally users will fall into one of 3 categories:

Netbook users - Users who have a very specialized application that requires a keyboard, users who have a disability that makes using a tablet difficult, and users who get stuck in their way of doing things and will not even consider a device without a keyboard. (CF, IE 6 users.) These users will largely run full desktop OS's like windows and ubuntu and probably fall outside the scope of your questions.

Geeks/Power Users - Users who aren't afraid to root their devices and generally judge their machines by the hardware specs and feature list. These users are the ones who tend to push the limits of what their devices can do, and are the most vocal about how the software should operate. (Unfortunately, their collective opinion in that area often contradicts what the 3rd group wants.) These users will be divided into 3 groups: ipad/iphone users, android users, and users of an OpenEmbedded based Linux OS that was put together by independent hardware developers who didn't want to deal with google and the android headache. (Sorry MS, palm and RIM.)

Average Users - These users treat their screens as a black box. They turn it on, it will do stuff for them, and as far as they're concerned it runs on magic. They don't care about how open it is, or what it supports, or have any idea that there's this company called Adobe whose software probably created every icon they look at every time they use their screen. If they are aware of Adobe, it's only because sometimes they get a PDF, and they have to install that $!@# reader software again.

Of the people carrying their own personal screens, 70-80% of them fall into the average user category. Worldwide, 50% of the devices sold have an apple logo on them. The other 50% is split between android, RIM, MS and Palm, in that order. (Palm being bought by Motorola gave them a shot in the arm, but the infusion of cash was too little, too late and WebOS never really gets more than 1% market share.)

Because the market is still young, and it can take 5 or 10 years for a company that has gotten funded and is losing money at a slow rate to die, there will still be lots of options for producing content for these screens. End users will generally favor those sites and apps which give them the most pleasing experience for their device. Sometimes the content or features of an app with a poor UI will be enough to overcome the poor UI and still give users a pleasing experience overall, but those apps will generally be discarded when something with good enough content or just enough features comes along with a really slick interface. The slick app can improve their content problem a lot faster and easier than the app with a poor UI can improve their problem.

This meant that content and application creators had some stark realities to face. They've had two years to watch and examine the market as it's shaped up, and it's clear now that there are two strategies that have worked and two that work well enough to make money in some cases. The rest have been or are in the process of turning into miserable failures.

Working Strategy 1 - Throw money and developers at it, build native apps for every platform that comes along. Most of the big household names did this, and some of the big tech names.

Working Strategy 2 - Learn HTML5 and do it all on the web. Provide an API so 3rd party developers can write native apps for you. Once you've figured out your web app, use nimblekit or phonegap to write cross-platform apps in HTML/CSS/JS. Because Adobe tried to keep flash proprietary, and refused to support HTML5 and canvas in their otherwise excellent content creation tools, these companies are using a piece of software that didn't even exist in 2010, but now looks poised to take most of the RIA creation market from flash. Combined with tools like acorn and pixelmator, most of these companies no longer use any adobe products. Most of the cloud and internet companies that only tech geeks know went this route, as did most of the small (less than 20 employee) design firms.

Partially Working Strategy 1 - Target only apple devices. With 50% of the marketplace plus having more affluent users on average compared to other platforms, companies in the right market segments find that they make enough money here. Successful companies employing this strategy risk being put out of business when Apple rolls out a version of iPhone OS that makes their app redundant.

Partially Working Strategy 2 - Use only Adobe flash. Due to flash's ubiquity on the desktop and finally releasing flash 10.1 for a variety of mobile platforms, companies which have already invested heavily in adobe tools are still muddling along. None of their content ever gets to the iphone or ipad, however, and on the other platforms they're looking at a mixed bag. When it first came out, flash on most of the mobile devices was buggy and/or slow. As new devices came out and adobe improved the software situation, it got to be where you could rely on a subset of flash's features to work on every device, and if you were careful you could use some of the fancier features on a case by case basis. If you target a particular device with your SWF, you could use every feature that worked, but that meant a lot of testing and tweaking per device. Many a mobile flash developer is heard to lament that he misses the days of IE6 and Firefox 1.

History is showing a long march towards more open, and open source, software. As we figure out the best ways to organize our data, and the most efficient interfaces for interacting with software, we're finding that the lower-level foundations that everything is built on changes less and less. The majority of computers in the world now run on top of an open source operating system. Mac OS X, Android, WebOS, and Symbian are all operating systems built around an open source core. A large number of embedded systems are based around linux, bsd and qnx. While qnx isn't "open source," the source is available, and qnx is known to accept patches from companies that have fixed bugs on written features they really needed. (No word is said publicly on how much money is exchanged to make that happen.)

More significantly, history is showing a march towards more interoperability through open and ad hoc standards. As we're discovering certain technologies to be very useful it's natural that some people will want to use these technologies in their brand-new devices. Thanks to the continuing increase in hobbiest electronic designers and companies like gumstix, a world of niche devices has popped up. A device that is being touted as "The Next Chumby" has just been released and is doing things with HTML5 that are incredible.

Every single mobile device released in 2012 supports HTML5. As you would expect, some devices have better support than others, but since every device is based on either WebKit or the Firefox rendering engines the lowest bar in 2012 is higher than the highest bar in 2010.

We have realized that while native apps nearly always deliver a better experience, the web is the long tail. The backend programmer who wants to put together an app for his daughter's soccer team isn't going to spend a week learning enough flash, java or objc to knock together an app, he's just going to write a webapp in an afternoon or a weekend. Doctors, engineers, designers, and other white-color professionals aren't going to learn how to write desktop apps, but they might try their hand at web design with dreamweaver and jquery and learn to make something simple that meets their need. After all, if it gives them some basic interactivity and a way to perform calculations and transformations, isn't that programming?

Apple, once again, jumped-started the "user created webapp" bandwagon with iLife '11 and iWork '11. Numbers has a new "Publish to iWork.com as Application" feature, which lets users create an application inside of Numbers to be posted on iWork.com. During the keynote, Steve brought onto the stage 4 people recruited off craigslist, gave them each an ipad, and asked them to create spreadsheets to solve a need they had. (They had obviously been pre-screened, and while they obviously didn't know what they had to do ahead of time, their tasks were tailored to that person's background, and they already knew how to use Numbers.)

Meanwhile, Steve went on to talk about the other new features of their iLife suite. After the release of iLife '11 for the Mac, and iLife '11 for the iPad last year, there was a lot of dissatisfaction with how they sync, or rather didn't. This year, he announced that not only do they sync, but they automatically sync to MobileMe, and like Numbers, you can create interactive web apps with just a few mouse clicks. Interactive features like commenting, password protection, update notifications, etc, are all built in.

Coming back to the people with iPads, he gave them each some stage time. A car salesman showed off his customized loan calculator, that gives him a hidden slider to adjust the number of extras he includes by default (sneaky.) A science teacher shows off her plant identification guide, which her students will use on a field trip to some wetlands. A System Administrator shows off his Application Scaling chart, which allows him to plug in numbers and instantly project how much server capacity he'll need. Finally, a woman who owns a plumbing company will show off the work report form which her plumbers will use after each job to report basic status information back to her.

All of these applications which people have posted behave exactly like Numbers on the iPad, but they're HTML5 and work in any web browser. Using cookies for session tracking and AJAX for data storage and retrieval, users will be able to exit and come back to these sheets without any data loss. Application owners will be able to log into iWork.com to view and manage all stored data. The option to email a sheet and a PDF or Numbers doc will be available, and able to be toggled on and off when the web app is published.

After that demonstration, Steve revealed that the projector in the background and the audio being played out in the hall were coming from a computer connected to the new iWork.com presentation service. Create a presentation in keynote, post it to iWork.com. After posting the presentation you can use Keynote on your mac or ipad to connect to the presentation service as a presenter. Audio picked up your microphone or headset will be streamed to anyone who is viewing your presentation. You control which slide they see displayed on their screen, and you have highlighting and "virtual laser pointer" tools available to you for pointing out specific information.

The real shocker, was the One More Thing. Apple had opened this platform up to 3rd party developers. On the stage for the keynote were the CEO's for FileMaker, Evernote, Box.net and The OmniGroup. They each showed off what they had come up with in the last two months to allow users to create their own applications in the cloud.

It was obvious to everyone after the Apple keynote that the cloud and the ubiquitous touchscreen computer were combining to change the fabric of society. Within weeks other large application producers had announced plans to bring cloud computing to their users. Microsoft announced something called Windows Home SharePoint Server, which was apparently a simplified version of SharePoint designed to be used in place of Windows Home Server. It got about the reaction you'd expect.

I've written quite a lot about the last two years in this piece. Two years ago, I'd have said that there's no way this much would happen so quickly. However, as you point out, these devices were cheap, and economy of scale made them cheaper. When the device with the highest quality components and the best manufacturing quality starts at $500 on release day, prices have nowhere to go but down.

During the holiday season of 2010, many people bought cheap tablets for around $250 which whetted their appetites. Because these were cheap chinese tablets running android or linux, they had no flash support. Adobe wasn't willing to release the source for flash 10.1 so the manufacturers couldn't just make it work, and the manufacturers didn't want to pay Adobe to do the work. Since these are cheap tablets based around software that is not popular, the number of apps is small. However, they do have extremely high quality web browsers that support HTML5 and H264 thanks to WebKit, and since most of it's open source the manufacturer can write the driver needed for the H264 acceleration chip.

When Hulu and Netflix came out with support for streaming their content to any browser that supported HTML5 and H264 in the middle of 2011, those cheap $250 tablets became a lot more useful to their owners. Here in 2012, we are seeing more and more people dropping their TV's off at recycling centers. Mostly it's TVs from bedrooms and kitchens, but it's becoming more common to hear that someone's TV broke and they don't plan to fix or replace it.

The much lamented "digital divide" is shrinking thanks to these cheap, small, portable screens. More people than ever before have access to the internet and are taking advantage of it. It's becoming increasingly common for people not to have any phone at all, and to only use email, facebook, or websites. However, a new digital divide is forming, and no one is quite sure whether it's a bad thing or not.

More and more people are not replacing their computers as they break. Since all they do is go online to play farmville, send some emails, and look at pictures of celebrities, a tablet not only meets their needs, but does so with less work and hassle. Schools are using tablets in their classrooms, and the richer schools are giving every student their own tablet. In fact, HTC and Apple seem to have set aside their patent fights, and instead are playing a game of "Anything You Can Do I Can Do More Generously," where each week has an announcement from one saying they've given away tablets to more schoolchildren than the other thanks to their latest donation-matching program.

This sounds like a great thing, but neither HTC or Apple have programming environments available on their tablets, and the tablets given to schools are often locked down so that no non-approved software can be installed. There's a growing worry that young kids will not have an opportunity to discover and be interested in programming. A few people worried about this is 2010, but it was largely dismissed. Now, as more kids have tablets at home but not computers, the worry is spreading.

Some people are taking action, though. Cory Doctorow decided to start the Boing Boing Foundation For Little Hackers. To raise seed money for the charity, which would fund after-school programming and robotics clubs in low-income schools, he announced that he would take a hot air balloon trip wearing only a red cape and chain-mail underwear, and that he would blog using a netbook and 4G data card during the trip. His trip will take him from San Jose, the heart of Silicon Valley, to Hollywood, the heart of Silicone Valley.

That about covers all the major events. 2012 is certainly a year full of surprises. If I had to give Adobe one piece of advice right now, it would be to invest in giving flash the ability to export a flash project in SWF or HTML5. As you can see, there are a plethora of devices on the way, and supporting them all is a lot of work. To fulfill your customers desire of not having to rewrite their app for multiple platforms, it's your best shot. Your strength lies in your content creation tools, not the flash runtime that you don't even charge money for.

posted at: 2010 Apr 23 11:07 UTC | category: tech | (story link)

# Have You Ripped Your Music Recently?

This is part one of a (hopefully) multi-part series on organizing a typical geek's music collection. This part provides some background and discusses ripping a CD collection using modern tools.

A few months ago I picked up a NAS (A Thecus N5200 Pro) and some drives for it. I now have a total of 2.8TB of fast, reliable storage.

Since then I have been collecting up my data and trying to organize it all into one place so I don't have to remember which of the 5 bare hard drives has what I'm looking for on it.

Part of this process is getting my music in order. Over the years I've built different collections of music from a variety of sources. I now have 3 or 4 collections of music with a ton of overlap of varying qualities. In all I have some 50gb of music laying around with maybe 20gb of that being unique.

The first part of wrangling some order out of this mess is to start with a collection of high quality (in terms of audio quality) files ripped from CD. Like most geeks I've gone through the pain of ripping these in the past, but I've been inconsistent in terms of format and quality. By reripping all of my CD's I not only take advantage of the higher quality of newer music formats (like AAC) but I can use encoders that are better than what I originally used.

I'm going to assume that you're using iTunes for this. I use iTunes because I'm an Apple whore. ;) There are other programs that do (almost) everything iTunes does, but I don't use them.

Format and Bitrate

The first thing you have to decide on is which format you're going to rip in and what your bitrate will be. If you're using iTunes, you basically get to choose from MP3, AAC and Apple Lossless. If you want the best possible quality and don't mind using up 300mb per 45 minutes of music, choose Apple Lossless and move on to the next section.

Finding that 300mb per album number hard to swallow? So was I. Let's look at the choice most people will make: AAC or MP3?

Everyone knows what MP3s are. They're the standard format in the industry. Everything can play them, including the iPod. The abilities and limitations of the format are well known.

A lot of people are confused about AAC files, and think they're tied to Apple somehow. Additionally, they're often unclear about why you would want to use AAC and why iTunes defaults to this format.

AAC stands for Advanced Audio Coding and it was designed to be the successor to MP3. It's part of the MPEG2 and MPEG4 standards and is actually used by heavily by both Apple and Sony (I just lost the last two anti-apple fan boys still reading this. ;)

The bottom line is that for the same audio quality AAC files will be smaller than MP3 files. On top of that AAC files have more features and ultimately it's the format everyone will move to. I highly recommend using AAC for all your new music rips, even if it means you have to transcode some of your collection to MP3 for certain devices (covered in a possible future article.)

This leaves the question of bitrate. For bitrate you have two basic choices, and it comes down to how much of an audiophile you think you are.

In both cases we'll be setting custom settings, so open up iTunes Preferences —> General —> Import Settings. Choose your Encoder (AAC or MP3) and then select the "Custom..." option from Setting.

First, the audiophile settings. For this we want to ensure that we use the highest possible bitrate at all times and the best sampling rate. First, ensure that "Use Variable Bit Rate Encoding (VBR)" is unchecked. Set "Sample Rate" to "48.000 kHz" and "Stereo Bit Rate" to the highest setting, which is currently 320 kbps.

This will still result in larger files than most people want, for very little (if any) perceptible gain in quality. Most people will want to use VBR to reduce the size of their file.

The idea behind VBR is that you don't always need the full bitrate for every part of the music. The higher bitrates allow you to capture more of the high pitched part of the music. This is especially important for hearing the flutes and piccolos in a symphonic piece or the cymbals and high hats in jazz. However, when these instruments aren't playing that higher bitrate increases size for no quality gain. You can often produce the exact same waveform with a lower bitrate.

When you check the VBR box, you'll notice that you can't select as many bitrates as you could before. This is because instead of specifying an absolute bitrate, you specify a target average. When you specify that you want 192k VBR files, you're saying that you want it range from approximately 128k - 256k.

For most people 192k AAC is fine. If you're using MP3 you want to step up to 256k to make up for MP3's deficiencies. I have a lot of symphonic music in my collection so I choose to use 256k AAC VBR.

I also leave Sample Rate at Auto, because CD's have a 44.1k sample rate so the higher rate doesn't gain much except a little bit of insurance against misreads.

While you're here, be sure that "Use Error Correction" is checked. It may be faster to import without, but you'll pay for it with glitches in your music.

Ripping Workflow

Now that we have our format and quality settings worked out we move on to workflow. Unfortunately the CDDB database suffers from a quality problem. It saves a lot of time, but often you have to correct the genre and sometimes the artist. The other problem is that sometimes tracks are meant to be listened to back-to-back, which doesn't work well if you ever use the random/shuffle feature.

This means that we need to set iTunes to "Show CD" on insert, rather than automatically importing. Most of the time we need only set the Genre, but this is still a very important step, even if you don't think you'll use it (trust me, you will.)

Another thing you might have to do is join tracks. For example, Pink Floyd's Dark Side of the Moon has "Brain Damage" and "Eclipse," which flow into each other and are almost always played back-to-back. By joining them you'll end up with a single file containing both songs, and no gap.

To join tracks select two adjacent tracks and go to Advanced —> Join CD Tracks.

How To Deal With The Physical Media

My CD's had been scattered around all over the place. Some were in cases, some were in CD folders, and some were stacked on spindles. Additionally, a lot of them weren't very clean. The first thing I did was to collect them all into one place. I had a 100 disc spool I could easily empty, so that became my "Done" spool.

Tip: When stacking CD's on a spool, alternate which side is up so you always have label against label, and data against data. This will help prevent scratching.

The first task was to sort through all the CD's. Any CDR's got put straight onto the Done spool. Since most of my burned CD's were burned from MP3s I don't want to accidentally put low-quality music into what is supposed to be a high-quality archive. A couple 3" CD's provide an easy to find gap in the spool should I need them later.

After that I had a stack of CD's ready to import. I looked at each disc first, and if it was dirty and/or scratched I took some windex and a clean microfiber cloth to it. Make sure you use a microfiber cloth because paper products are too rough.

For really bad cases I had to hold the disc under the hot water tap (as hot as you can stand, but not as hot as it will go.) Rinse for a few seconds, scrub using your microfiber cloth with circular motions, repeat until clean.

For discs that are scratched and can't be fixed through cleaning you can use a glass or plastic polish to clean them. See instructables or ehow for instructions.

Notes For Symphonic Music

If you are ripping symphony pieces you have a little extra work for each CD. Most of these discs are inconsistently tagged in CDDB. I find that on most discs I have to set the genre (I like tagging mine with the period it was written) and the Artist (Conductor / Symphony if known, Composer otherwise) and I usually have to remove the redundant portion from the titles of joined tracks.

I like to join the different movements of each piece into one track. This allows me to use shuffle for variety without compromising the listening experience. However, iTunes simply concatenates the names of each track, so I often have to fix the names. I find it's easiest to do this before importing, by removing the redundant portion of the name from all but the first joined track.

I've created screenshots showing a CD before and after fixing the tags and joining movements. This part is purely a matter of personal taste, but the better you do at consistently tagging your music now the easier it will be later when you're trying to figure out what to listen to.

posted at: 2008 Nov 02 22:10 UTC | category: tech | (story link)

# Safari XHTML: Enabled

If you use Safari to read my blog you may notice that the page renders more quickly. This is because I've turned on the proper Content-Type. Now Safari, OmniWeb and Firefox browsers get a speed boost.

If you have any rendering errors you probably need to upgrade Safari.

posted at: 2008 Oct 12 13:42 UTC | category: tech | (story link)

# Debian/Ubuntu Packages for Epic5 and Amenesiac

If you can read this, welcome to my new server.

I've been setting a new Ubuntu 8.04 LTS based server, and I'm retiring the old Slackware server I've been using for the last year or so. Slackware is ok, but I just don't have the time to do upgrades. The occasonal "apt-get upgrade" when I need to deal with a security problem (like this week's openssl fiasco, thanks debian) is much prefered to either compiling from source or having to track down and fetch an updated package.

One of the things that I had to do myself was build epic5 packages. There are packages for epic4, but since I work on amnesiac I need to be able to use epic5. Since other people irc from this machine I like to provide a copy of the script in /usr/share/epic5/script. Given all that, it made sense to build a package for amnesiac as well.

I've automated the whole process, so updates to each should be easy. If you're the kind of person who likes to IRC, and you like to use a debian based distribution, and you like things that update automatically, you can benefit from my work. Just add the following lines to your /etc/apt/sources.list:

  # epic5 and amnesiac packages
  deb http://darkstar.frop.org/debian/ irc epic5 amnesiac tsx
  deb-src http://darkstar.frop.org/debian/ irc epic5 amnesiac tsx

You will also need to add my gpg key to your keyring. You can do so with this command:

  curl http://darkstar.frop.org/debian/zwhite.gpg | sudo apt-key add -

Finish everything up by running "sudo apt-get update" and you should be all set. The two new packages available are "epic5" and "amnesiac".

posted at: 2008 May 19 19:42 UTC | category: tech | (story link)

# An Ode To On Call

once upon a midnight 'berry
as I awoke from dreams so airy
the screen announced like a sorrowful brute
quoth the kernel, unable to mount root

bleary eyed I thumbed the wheel
that would hold back my sire's steel
as I pondered profanity stronger than, "Shoot"
quoth the kernel, unable to mount root

my fingers dance, ciphers entered
I'm in like flynn and down like bender
meanwhile this server just won't boot
quoth the kernel, unable to mount root

I have a look see, and what do I find?
a botched migration, well yes I do mind 
you have to check your hardware first you ignorant kook
quoth the kernel, unable to mount root

Put it all back, is all I reply,
before slamming my leash down onto my thigh
no problem was fixed, but now it's all moot
quoth the kernel, unable to mount root

posted at: 2008 Apr 04 10:36 UTC | category: tech | (story link)

# To paraphrase Fermi: where are all the viruses?

Apple is known for cultivating a cloud of smug. The users are arrogant and have an inferiority complex. In addition, Apple has been been playing up MacOS X's security in ways that some people find irritating.

David Maynor, for example, was willing to tarnish his reputation and be a laughing stock in order to, as he put it, poke a lit cigarette into the eye of Mac users. Granted, he was quoted saying that while he was supposed to be off the record, but it demonstrates just how much Apple gets under some people's skin.

Given that, you would think that by now someone would have written a self-propagating virus that targets Mac users, but it just hasn't happened.

It's not like it'd be difficult. I can think of 3 or 4 security issues that exist in MacOS today that would allow me to escalate from a normal account to root. Most of them involve exploiting the keychain, which by default is left unlocked while the user is logged in. Others involve getting the user's password from certain locations in memory that are accessible to all programs through various device and swap files.

All of the problems I just mentioned can be fixed by end users, but the point is that by default these are vulnerable points in the system that can easily be used by an attacker.

Getting the virus payload into the system is easy enough, too. Mac users are just as susceptible to dancing babies and love as PC users.

There are millions of Macs out there. More Macs than FreeBSD servers, but FreeBSD servers have been worm targets. Granted, they tend to be on faster connections, but given the low number (in the low hundreds of thousands, at most) of FreeBSD machines on the Internet why have they been targeted by malware when Macs (numbering in the millions) have not?

I'm not sure I have an answer to this. I know the answer is not "Because windows is the biggest target so all the kiddies look there." What better way for an obscure black hat to get his nick out there than to have written the first MacOS X virus that actually spreads? In one fell swoop you earn fame and reputation. You get to embarrass a giant corporation and show that they're not as invulnerable as they claim in their ads.

That seems like a much bigger prize to me than being just another anonymous entry in some antivirus vendor's database.

posted at: 2007 Oct 09 14:52 UTC | category: tech | (story link)

# Emacs Users Need To Stop Holding Back Unix

So for those who don't know, I've been using Ubuntu the last week or so. I've been keeping notes and I may write about it later, but I had to rant about this now.

It is late in the year 2007. The last time I used a unix-like desktop was in 2003, and I had the same problem then: A useless right alt key.

Why is the right alt key useless? Because for some reason it's been assigned the function "Super" instead of "Meta". Why was it assigned Super? What is Super? Why hasn't anyone fixed this minor detail that has existed for the 10 years linux has been a plausible threat to MS?

Super is just another modifier key, like shift or control. Old sun keyboards all have dedicated super keys. Back in the 80s it was used quite a bit, I've been told. These keyboards also had a single alt, a single control, and another modifier key called compose.

Meanwhile, in the real world, IBM came along and make two alt keys standard for the vast majority of computer users. They also put in two control keys and (one of their few bad moves on the keyboard) put capslock next to A, where control had historically been. This has since become the standard keyboard for everyone, even sun and apple.

So why is it that on a standard linux installation, no matter which distro you choose, the right hand alt key has been assigned Super? Emacs.

You see, Emacs is this software that does everything. It handles your email, it will monitor logs, you can play games in it, talk to a virtual psychiatrist, and even edit text files. If you need to perform a command in emacs there is probably a command for the exact situation you're in, assuming you can find it.

Learning emacs requires a harness and a rope, plus good ice shoes and a pickaxe. You will need this equipment to scale the steep and slippery learning curve. It is the only software still used that uses super. It will also use compose, snoz and snorglebutt modifier keys if you happen to have them assigned to your keyboard.

Emacs users are a small but vocal minority in the open source world (much like the religious right.) They command an unusually large amount of mindshare in the open source world (much like the religious right.) The rest of us could really do without emacs users, but they contribute a lot of code back to the community, so we put up with them (s/code/money, and again, much like the religious right.)

<colbert> EMACS USERS! I'm putting you, "On Notice!"</colbert>

Before a distribution like Ubuntu will be popular with the masses (and it's so very close) this default will have to be changed. It is unreasonable to suggest that the majority of users change their configuration or be stuck with a useless key so that the minority of emacs users don't have to change anything. You can do it now or do it later, but sooner or later it will have to be done.

If it's not, someone like my grandmother will never use Ubuntu (at 75 she, on her own, went out and bought a computer, learned what she needed to about it, and called me up and asked me to bring her Firefox and Thunderbird because it was taking too long to download over her dialup.)

posted at: 2007 Sep 24 15:13 UTC | category: tech | (story link)

# Bodyguardz Protective Skins

So I bought a Treo 755p to replace my 2 year old Treo 650. The phone is fine, it's basically my 650 with EVDO, no antenna and miniSD instead of SD.

I never had any sort of protection on my 650, and it held up great. However, it got pretty badly scratched up. I decided I'd see what sort of protector I could get for my 755. After looking at cases and researching for a few days I bought a set of plastic skins from BodyGuardz.

I put the skin on this morning. It hasn't cured for the full 24 hours yet, so this is a review of the installation process only, plus first impressions.

On a technical, "Can I do this" level, the installation was a breeze. Just spray on the solution and apply the piece in the right spot. Lift or slide until it's in position. I found that the skin didn't slide across the rubberized paint of the 755p very well, but peeling and resticking was fine.

However, on a "How hard was the install" level, it's meticulous. You have to clean the treo, then spray your hands, peel the next piece, spray it, then start applying and sticking it. I found I was spending 5-10 minutes per piece to get it on. The squeegee was useless for the body protector, again because of the rubberized paint. Pressing hard with fingers worked perfectly to stick the cover and work out bubbles.

The fit is not perfect, but it's close enough. There are a couple places where it stuck over the edge slightly, but a razor blade was able to cut those bits off (it was right where the battery cover meets the phone, so I had to trim it.)

The screenguard works as expected, although even with the solution getting bubbles out wasn't easy. This is a place where the squeegee helped. If anyone from Bodyguardz is reading this, please keep those in here, they are very useful for this step. :) My screenguard is slightly smaller than the screen, but once placed you don't notice it unless you look for it.

So first impressions? Seems great. By now the solution has dried and I can see how it'll look. I think it'll do a great job, provided it actually stays on the phone.

All is not rosy, however. The most scratched up part of my 650 is the part of the case that frames the screen. The Bodyguardz don't protect most of this area. Also, there are some corners that look like perfect candidates for catching and becoming a removal point, possibly when I don't want it to be removed. I'll keep an eye on those.

So should you buy your own? Well, I like it so far, and would tenatively say yes. At $25 it's cheaper than most cases, and it keeps my treo sleek enough to stay in my pocket.

I'll post another review in a few weeks, when I've had a chance to really put it through the paces.

Company BodyGuardz
Product BodyGuardz for PalmOne Treo 750 / 755
Price $24.95
Other Info They have skins for almost any phone, plus sheets you can cut to shape yourself.

posted at: 2007 Aug 16 21:36 UTC | category: tech | (story link)

# Why Are CS Degrees So Worthless?

There's a debate starting on Dave Farber's Interesting People list. They're starting to discus why it is there aren't more CS students, but I think that's focusing on the wrong aspect of the debate. The better question is why CS programs suck so much.

I sent this post to Mr. Farber, in the hopes he would post it to his list. This is a question I have wondered about for many years.

There's one question I have for everyone on this list: Why do we need 
more CS students? 

A bit of background for everyone before I jump into my question:

I'm currently 28 and have been working professionally in one tech job 
or another for 10 years now. I've been interested in and learning about 
technology since I was in grade school. Somehow my personal track kept
me away from programming and steered me towards a sysadmin career, but my 
experience has put me into contact with many different programmers and
technical people. Today, in addition to my system administration work,
I also write web applications in php and python that are used in a number 
of different organizations in the energy sector.

I have not attended college. I graduated from high school in 1998 and saw 
the writing on the wall. I moved immediately to Northern California and 
started working in the tech industry on the basis of my technical skill.
Had I gone to college I would have graduated just in time to hold a 
degree that might get me a McJob (2002, just after the bubble burst.) 

In my past I've worked for ISPs, local tech houses, software companies
and non-technical companies. There are a number of roles for which
companies indicate they want someone with an EE/CS or equivilent. 
No matter what their actual dutites I've seen 4 basic archetypes: 

The Genius; The genius was the smartest guy at the company. He knew how 
everything worked and was the guy that management went to when they had 
something new to do.

The Programmer; The programmer was just that, the average, everyday 
computer programmer.
The Admin; The senior system administrator, who made the decisions on 
what their technical infrastructure looked like.

The Tech; The tech was generally a semi-skilled worker doing grunt work,
such as help desk, QA or system maintenance.

Let's take a look at The Genius first. The Genius is the guy that's been
programming since he was 8. He started on a C64 or an Apple II with basic 
and moved on from there. In high school he was reading Diijkstra and
Knuth. From there he either went on to the working world or he went on to 
study EE and/or CS, often on a full scholarship.

These guys have universally put me to shame. I have tried to debate them
in my weaker moments and have always lost. I've talked to many of them
about their college experience and except for one guy all of them said
it was a waste of time. Of those that didn't attend college they have 
universally said that they've never regretted not going.

The Programmer is by far the most common player. This is also the 
player that is most likely to benefit from a CS degree. The problem?
They didn't learn anything useful.

I have had to educate programmers in basic skills they should have
picked up in CS 101. For example, not long after I joined a well-known
dot-com there was a vulnerability discovered in OpenSSL. Naturally I
upgraded it to avoid the exploit. 

A couple weeks later our head programmer (who held a CS degree from 
Caltech) came to talk to me about it. Apparently because I had installed
both the shared and static versions of OpenSSL it was now being compiled
against the shared version. I spent an hour explaining the difference 
between shared libraries and static libraries. He still wasn't convinced
it didn't matter. So I spent 30 minutes explaining to him (in step by 
step detail) how to change '-lopenssl' to '/usr/local/lib/openssl.a' and
how it was no different than not having the shared library in the first 

The kicker? A couple hours later he came back with my boss and they asked 
me to remove the shared library because they thought it was causing 
problems. I did so and it didn't fix their problem. A month later I put 
the shared library back and never heard another complaint.

For those of you unfamiliar with Unix the problem I just described is 
a basic one. A programmer who doesn't know the difference between a 
shared library and a static library is similar to a car designer who
can't tell you the difference between a carborator and fuel injection,
and has to ask the mechanic to explain the differences. 

The Admins and The Techs are really in the same boat when it comes to 
a CS degree. There's no reason for having them go through a CS program. 
If these jobs need any training after highschool it's best handled either 
on-the-job or in some sort of vocational school. (Those have their
problems too, however. I will not hire an ITT grad, for example, as I've
never seen any worth their salt.) 

This brings us around to my question; Why do we need more CS students?
Or, more correctly (if a bit harsh); Why are CS degrees so worthless? 

The smartest guys, those who should be involved in getting their
doctorate, see it as a waste of time because they learned it all in high
school. There's nothing a CS degree will teach them they don't already

The guys that would actually benefit from a CS degree aren't learning 
anything either. Why? They're not being taught. Current CS degrees focus
so much on algorithms and math that they see the basics as unimportant. 
They're teaching students to jump and do cartwheels but they don't teach
them how to walk. 

There are a couple interview questions I ask every candidate that anyone
with a CS degree should be able to answer in under a minute. Most (~60%)
of the candidates I've seen can't answer these questions. 

The questions:

Please write a program that prints out the numbers 1 through 10 
in the language of your choice. 

Please demonstrate a snippet of code in the language of your
choice that will swap the value of two variables. 

I'm not looking for specific answers here. I'm looking for whether they 
can answer these very basic questions in under 5 minutes. 

I've asked a number of candidates these questions. Those who did not
have a degree answered them every time, typically in under a minute.

It's only the people who have a CS degree that have ever failed these 
questions. Some of those guys had more than 5 years working experience, 
too! To be fair, most of the guys that failed these questions were trying 
to get their first job. 

It still leaves me wondering: How did these guys gradutate with a CS
degree in the first place?

posted at: 2007 May 29 18:13 UTC | category: tech | (story link)

# Flavourswap 1.1! Now with flavor!

Hot on the heels of the initial Flavourswap 1.0 release is the highly anticipated release of Flavourswap 1.1!

Changes in this release include support for arbitrary browsers. No more browser specific code!

Because I wanted to keep this lightweight I'm not using any external libraries. It's pure python and shouldn't add much overhead. However, you're limited to simple string matches. You can match anything that the find method of a string will match.

If you're the sort of person who runs pybloxom and want to customize your site with a unique look based on the person's webbrowser, download it today and give it a spin.

Also, this release means that OmniWeb users now get to enjoy the same rendering speed boost that gecko users enjoy. Unfortunatly Safari as shipped still doesn't recognize &copy; and &nbsp; so only OmniWeb gets the boost.

posted at: 2007 Apr 19 17:17 UTC | category: tech | (story link)

Page 1 of 4  -->

Copyright © 2006-2008 Zach White