Posts by DrXym 5327 publicly visible posts • joined 18 Jul 2007
Imagine a tablet that has a touch friendly tablet UI when you're walking around with it, but plug it into a dock and suddenly you have a full desktop on it. Even if that desktop just has MS Office, Outlook, IE it's still useful.
I do think MS are making a terrible mistake not including emulation of any kind. I just hope they make it easier for devs to target non x86 devices than they have in the past so that at least some popular apps make it across.
a) It's not just a case of recompiling. You still need to thoroughly test the device, support it and so forth.
b) Most enterprises are still bogged down with crappy applications that only run on IE6/7 or similar. Their heads would explode trying to contemplate a move to ARM.
I'd argue that in the first instance Windows on ARM needs emulation even if its just crappy slow emulation, and secondly MS should stop their tools from targetting x86 at all by default. Do what LLVM does and target an abstract processor and convert to native instructions at runtime. The latter means devs only have to build, sell and test one app regardless of where Windows is running.
MS has been here before. When NT ran on a multiple architectures they let developers fairly easily target different Windows architectures from a drop down in DevStudio. How many developers actually bothered to target those architectures? Practically none of them.
It's a pain in the arse to build the same code multiple times, test, QA, certify, produce, sell and support products for each architecture. It's just not economically viable.
Microsoft really needs to implement some form of x86 emulation in ARM or it will suffer a dearth of apps. No legacy app is going to work on the device which includes a vast array of useful stuff. It doesn't have to run fast but it has to run. I expect an emulator could probably produce something passable, maybe netbook fast given that the Win32 APIs would be native and only the app's code would be emulated.
In parallel MS really need to move devs away from targetting chipsets at all. Things like LLVM mean I could compile a C++ app into an intermediate form and have it run on any architecture. At runtime the intermediate form would be translated into native instructions so it doesn't matter to me the developer what chipset is underneath. That's what Microsoft should be promoting - a platform neutral way of developing apps. I'm not talking .NET either but lower level. LLVM would be a good example to follow.
I expect even Apple will go this approach too. They sponsor LLVM after all and use it in iOS. While they may still support fat binaries, it's still a pain to test two builds of the app. Therefore I expect they'll include LLVM support in their next OS X update and devs will be expected to build with that. Then when their ARM device turns up it won't matter, the apps will still run.
Android and iOS have native clients with IMAP / POP3 / Exchange support to access virtually every mail server in existence. You also don't need to tether your tablet to a phone in order to read email from the device. There are also various webapp and native clients floating around for specific services.
There is no excuse for what RIM are doing. By all means they should offer a way to tether the device to a phone. By all means they should strongly encrypt the data to protect it from inadvertant loss. But to ship a device with no native email client and require tethering to a phone is inexcusable and certainly not justifiable for reasons of "security".
If RIM are so worried about lost tablets, the logical course of action is not to make them at all. Given that they do make them, crippling them so they are not fit for purpose seems more than a tad counterproductive.
If RIM were serious about protecting data why not strongly encrypt it on the device and require a login if the device is inactive for more than an hour? Without the login you don't get the key and without the key you don't get the data.
It seems a more likely reason the device has no email reader is because the software to do it was broken, or the infrastructure it connects to is. So they kludge a bridge between the phone and the tablet and pretend its for "security".
Truecrypt is fine but even easier is just install 7-zip and create an encrypted 7z file. Drag and drop stuff into that. Problem with Truecrypt volumes is they change so much that the dropbox client would be forever trying to upload the file everytime it changed.
It also wouldn't hurt if the client offered an optional client side crypto where a user could create a key, associate it with a particular folder and everything put in that folder is scrambled with the key. There would be absolutely no way server side to read the data because the key remains on the client (unless the user is stupid enough to drop their key in dropbox). Of course the user would be responsible for distributing the key to their various machines and it might disable web access, but it would still be a useful option for people who want security without the hassle of Truecrypt
I doubt anyone is going to get free stuff until the store is up. I think the best thing would be to drop a time limited £25 credit into everyone's wallet which would stimulate the market and make the 3rd parties happier than if Sony just lobbed out a free game of Wipeout HD or similar.
"- Why did it happen in the first place?"
Wait for the postmortem analysis. It sounds like in broad terms there was security but it's abundently clear it was insufficient in some measure, especially for post mortem analysis such as secure logging which would have helped identify how far the hacker got.
"- How long did it take you to get the damned thing back up again?"
Why do you think? I expect that physically relocating, security hardening, extensively testing and bringing back up a network the size of PSN is a non trivial operation. Everything has to work perfectly, so doing a half assed release that collapses or fails again is in nobody's interest. Even if that means enduring people moaning how long its taking.
"- Why do I need a bloody software update and why is the damned password reset server down?"
The software update presumably deals with the abnormal situation in some manner, e.g. by directing you to different IP addresses for login or some additional security measures. PSN is being rolled out by region therefore if its not up now it will be shortly.
In summary things are coming back which is cause for some celebration instead of moaning.
I have a dual CPU G4 and it was very easy to get inside and change things. Added an extra drive and swapped out the crappy DVD-RAM for a DVD-RW with no trouble. I recall that there was even a little 3rd party economy going on selling CPU upgrades & daughterboards but I never bothered with them because they were so horrifically expensive. To switch out my CPUs would have cost more than junking the box and buying a new one.
One of the nice things about PCs is that there are standard case and board layouts and if you stick with the standards you can literally upgrade your PC one thing at a time. My first PC started life as a 486SX, then a DX2 and then a DX 4 and eventually became a Pentium through CPU, board and HDD upgrades. Case, keyboard, cards remained fairly static over the years but the machine itself was faster each time. It enjoyed a long life cut short when ATX form factors took over from AT.
While PC standards exist, it is highly annoying that some manufacturers like Dell choose to ignore them but at least there is that choice. When a Dell reaches end of life it's as useless in its own way as Apple computers are since they use proprietary case layouts.
Most laptops have hatches which provide simple access to things like memory, hdd, wifi. Even my HP Mini 210 which has no hatches can be popped open to insert more memory. It was a bitch to do but it was serviceable.
Business models tend to be far more serviceable. Things like Thinkpads can be stripped down to their component parts and there is plenty of documentation to do it. A business might have a pool of laptops and if one goes kaput they might like to use it for spares for the others. If another one goes wonky, e.g. hard disk fails off they can cannibalize the dead one.
"Think on this, all those laughing at Apple kit and the "mugs" that buy it, are you perfect at everything you do? Can you strip out the engine your car, right down to the components, clean it and it put back together and have it running better than before?"
No but I can change a tire or a battery or a bulb or the wipers or the oil or top up the fluids if I want. And even if I couldn't or if the job were more involved than I would be comfortable with I can still drive the thing to a mechanic of my choice to do it. And in the process of servicing my vehicle I could purchase parts from virtually anywhere that sells them - Halfords, Tesco, Kwikfit and so on. Hell I could even walk into the local scrapyard and grab parts from a similar model.
Now imagine a car where the bonnet is sealed shut with special latches to prevent you from opening it. Imagine if its filled with proprietary parts and connectors that cannot be purchased in any store. Imagine if 3rd party parts cause the car to malfunction such as cause it to overheat. Imagine that using an unauthorized garage (one which has purchased special tools to pop the bonnet) will void your warranty. Imagine if the official garage requires you drop your car off for a week and when you come to pick it up you get someone elses refurbished car not your own one.
That is the Apple model. I doubt anyone objects with them producing appliance like devices. However the reality is they deliberately go out of their way to prevent you servicing your device, even for trivial things like changing a battery. All of this is great if you're a shareholder who enjoys watching people throw away a perfectly functional device because the battery is dead. It's not so good for anyone who has an ounce of sense in their head and doesn't want to be fleeced by a model which absolutely runs against to the consumer's interests.
Your questions are utterly ridiculous.
1. Advertising, services, apps
2. Google make billions from android. Even at the end of 2010 they were suggested they were making a billion that fiscal year alone. Not surprising when there are over 100 million android devices and more every day.
3. Yes 100 million devices vs zero. Devices which can be built to suit specific requirements such as appearing in a netbook form factor. A number of which have appeared already including the Eee Transformer.
4 / 5) Chrome OS is a thin OS to support a browser. If it hadn't escaped your notice, Android contains a browser - Chrome. Any missing functionality such as native client is surely easier to add to Android than maintain two completely different operating systems.
Producing two operating systems in the same space of devices is just an invitation for confusion. There is nothing whatsoever applying the same business model as proposed in their IO2011 presentation to a device decked out with Android. Except such a device would be vastly more useful for enterprises than ChromeOS.
The hardware that runs a chrome book could be used to run Android instead. It would be a vastly more useful device given the amount of apps, local storage and so on. It's not like anything done in Chrome OS couldn't be implemented in Android anyway.
It beggars belief that Google would even bother to keep the two operating systems separate like this. Just merge native client into Android and be done with it.
I'm sorry, but a doorless car is just an invitation for tramps & drunks to use it as a doss house and public toilet. No doors might be okay for people renting / hiring them to day trippers but they'd better have somewhere to lock them up.
It does look nicer than a G-Wiz car (which looks like it was styled by Trabant), but at least the latter has doors, electric heaters and some other mod cons for around the same price total.
The price of both this and the G-Wiz are way too expensive though. Granted the batteries may cost £3k or so, but where the hell is the remainder going?
Just because something is "free" should not mean I have no input into what I think would make it a better product.
In this case the app is not "free". I may not pay for it with coin but I pay for it with the private information of my wherabouts, routes, stop off points and so forth that my phone sends to Google. This data is used to price their geolocation based ads and probably other things.
Nor does it mean I should stay quiet when it doesn't do what I want it to do. As a user I would be more inclined to use an app which does what I want than one which doesn't. It's obviously in Google's interests to make people use their app more.
It is also obvious that a driving directions app that has an offline mode, or a docs app which possesses an offline mode is more useful than an app that doesn't. One of the main reasons Ovi Maps is frequently praised (despite all the other crap going on in Nokia) is it's free and works offline. If Nokia can manage it then why not Google?
I know google are big into online cloud services but they have to recognize that people do need to disconnect their devices from time to time, when they're out of coverage, abroad, on a plane or whatever.
Therefore I wish they would think a bit more about that aspect when they produce these apps. An example which irks me is the Google Maps driving directions functionality. I want to be able to program a route before I leave and for the app to cache the route and major side roads in case I get a bit lost but not have to stay online the whole time. Docs should also let someone work away offline and sync up later.
A considerable number of PCWorld's appear to be situated directly next door to a Currys. There is easily a 30% overlap in the stuff they sell - computers, games, televisions, cameras, satnav, consumables are all common between the two. Two brands, two sets of staff, one company.
Why not just shut one store down and move into the other? Failing that, knock holes through the walls between and make a single open plan space. And get rid of 30% of the staff who could probably be shed in the process.
Meanwhile, start selling stuff at REASONABLE prices. If I can buy a cable or USB hub or an SD card reader from poundland for a quid, why does the equivalent item (sometimes even identical) in PC World cost 10 quid? When I see PC World trying to rip me off on the little things it makes be disinclined to visit them at all. They need to get footfall by having weekly deals and lots of cheap essentials with the intent of flogging people higher value stuff.
By cutting costs, perhaps they can start competing again. If not, well so long PC World / Currys / Dixons.
This GL_ARB_robustness extension just sounds like a hack, a bit like the alleged "safe for scripting" bit that MS used to allow ActiveX controls to set if they wanted to run in a browser. What does it even mean on the backend? Are NVidia / AMD really going to sanity test every single value coming through their OpenGL implementations? I'm not sure how you could ever be certain that a card is safe from hacks given the multitude of ways they could be abused.
<p>
That said, the same is probably true of regular 2D canvas operations too. If Firefox or any other browser ultimately uses hardware acceleration its quite possible that a bug in the impl could make the entire machine vulnerable in some way.
AC, it's not about mere access but actual rights. Yes Amazon could steal 3.0 code in some manner, e.g. supposing Samsung built their tablet then Samsung probably has a copy of 3.0 knocking about. But then Amazon (and Samsung) would be in a heap of legal hot water. As for ASUS providing source code, no they don't. They provide source to the modified kernel and that's it.
I don't doubt the source will appear eventually. I just think it's a rather convenient excuse to delay releasing source code when it's obvious to the world and his uncle that Amazon is poised launch a tablet that could seriously fragment the platform.
As to SuccessCase's inane dribble. I suggest Android is already making them a small fortune through ad words, marketplace, search, even hardware sales. It is estimated to be running at $1 billion a year which is easily enough to fund development many times over.
http://money.cnn.com/2010/10/14/technology/google_earnings/
And soon they can add books, music, video etc. there too. YouTube just started rentals, they just launched music yesterday and books are there too. It's clear they are making boatloads of money.
It's keeping the source code to itself to stop Amazon branching the platform. That's the only reason this is happening as far as I can see.
Amazon are obviously developing an Android tablet and could easily break away from Google's control since they have most of the services they need to do so. By withholding version 3.0 Google is forcing Amazon to delay or come out with an inferior product or come back to the negotiating table.
The "cloud" is just data storage and services that run remotely on servers. Some cloud services also have to deal with honking amounts of data for scanned documents, videos, backups and so on and EMC is stepping up to provide the hardware that can meet that demand. Not sure what the hate is for.
Not sure where you get the idea that it's for cheap hardware. It may well be that you have 100 crappy disposable boards serving up content to customers but ultimately the data they're serving comes from somewhere such as a bigtable database running on a proper enterprise class storage device.
SFU was an acquisition that Microsoft didn't really want to support but threw out as lipservice to cross compatibility. They didn't want people to use it unless they had to and they certainly didn't want people being comfortable with it if they did.
Thus it felt cobbled together, retrograde, bloaty and everything else. I think the only thing most people used it for was as a NFS client which is something Cygwin doesn't do although it can be an NFS server.
Services for Unix was execrable. It sunk its claws deep into Windows OS, was very primitive, clunky, ate loads of memory and was treated like an illegitimate child by MS. I won't miss it at all.
<p>
I think in most cases Cygwin is a perfectly adequate substitute. It's completely self contained, supports the majority of popular open source projects, it's user-land but it does allow you to run daemons such as sshd as services if you want.
MS never charged for Hotmail or Messenger so why assume they'll charge for Skype. What should be more worrying is there are versions of Skype for Linux, OS X, Android, PSP, Symbian and the iPhone. From a strategic standpoint it makes little sense to help other operating systems with an app as ubitquitous as Skype.
It's possible that MS will do their usual of proclaiming cross platform support and then allowing the non-Windows platforms to bitrot and die. Then they'll discontinue support entirely and lamely claim it was all down to a lack of consumer interest.
I also wouldn't want to be someone working in their Windows Live Messenger group. It's obvious which IM client is going to get the chop or sidelined if MS splash out on Skype.
PC World have them out on display and they're very easy to use and play with. Biggest issue, and it's a big issue is it's just too expensive. There is no reason for tablets to cost that much money. The Advent Vega is half the price and that's really where I expect the brand names to be eventually. Problem at the moment is they're in greed mode and don't have enough competition. Once the field fills out and perhaps Amazon / Google light a fire under their backsides with their own tablets we might see better pricing.
Raspberry Pi has enough memory to run an embedded Linux, maybe a few tools and maybe a simple gui and one simple app on top. Any more than that and you're going to run out of space. Maybe you could augment with swap but that's through a USB storage device. That's not to say you couldn't cross compile from another device with more memory but if you think you're going to run any full blown Linux app on the actual device - forget it. That said I think it's an incredibly cool concept and it's bound to spawn lots of interesting things like media players, file servers and so on.
It kind of defeats the purpose to produce a tiny device that needs a tangle of wires emanating to make it do anything.
I hope there is a version of Raspberry Pi, perhaps housed in a little box like an Apple TV which has a network jack or wifi and a couple of USB ports. This could probably get sold for a tenner more and still be an attractive device.
9 out of 10 of apps really don't care what architecture they're running on.
If Apple are smart they'll offer a LLVM compiler target in OS X. i.e. the app wouldn't be compiled into x86 instructions or ARM instructions, they'd be compiled into LLVM bitcode. At runtime the OS would compile the bitcode into a native binary and cache it somewhere for subsequent execution. It would mean the app would work any supported architecture - ARM, x86, anything. It would mean no more fat binaries, no more worries the next time the OS moves again.
LLVM is an incredibly powerful abstraction layer and I suspect Microsoft will have to do something similar.
Users won't care about the processor driving their laptop assuming their existing apps all run on it. That means it has to have strong emulation. Without that, I see Apple being stuck in the same boat as Microsoft with their ARM aspirations. Yes the larger companies will make ARM fat binaries for their customers but legacy apps won't work and neither will some smaller apps.
Of course being Apple perhaps they'll "helpfully" remove all free will from owners of such laptops and force people to obtain them through the Mac App Store where they will only be able to install the apps that they have presented to them.
There used to be a game called Creatures that featured cute little animals called Norns that you could train. You'd train them to play with toys which would make them happy, train them to speak to say what they were feeling, punish them to stay away from dangerous things, teach them the right foods to eat, teach them to be social and ultimately breed them. Their intial characteristics were based on genes and their learning was from a sophisticated neural net.
So of course some people set out to systematically torture them. One guy called Anti-Norn was notorious for uploading abused Norns and challenging people to rehabilitate them.They had violent mood swings, attempted self harm, ate poison, cowered in corners, tried to drown themselves and so forth. Some of them were clinically mad. And all of this happened in a mainstream game which appeared 15 years ago.
So while it's interesting to see research that shows computers go mad, it's not like it's a new phenomena, although computer isn't actually "mad" in either case, it's the software simulation on top which is.
If you buy a kettle from Kay's catalogue, one would assume that a callback service would provide you with enough context to recognize it was asking for payment. I suppose it could go further by quoting a reference back to you that you filled in your order in the first place.
Flash shared objects are not just cookies. Flash can by default store up to 100k against an app which could be anything - preferences, table column order, session state. As far as the NPAPI is concerned, it has no idea what this data is, just that there is some. The data is associated with a particular domain so most of the time it should be obvious which is which, but it may not always be the case.
I do agree apps are pretty poor if they just break if the content is zapped, but it's also quite clear that a browser that needs fine grained control so users can keep the stuff they want and remove the stuff they don't want. The only exception to this IMO is when you enter / leave private browsing mode. I would hope and expect the browser and plugin to cooperate and ensure that a) preferably no data is written to disk, or b) if it is, that it is securely wiped afterwards.
Flash does let you clear shared objects but you have to do it through a bloody awful UI which is itself a miniscule flash object residing in the Macromedia domain. You could have 500 domain objects and the display is so tiny it will only show 3 or 4 at a time, unsorted. It beggars belief it's taken this long to fix the UI, or at least allow it to be integrated with browsers. Even now I'm not convinced it will offer all it's supposed to offer.
The NPAPI extension is just a couple of methods to enumerate private data and delete it. But what about active blocking? What about controls of the camera / microphone? The Flash settings need to be completely revamped and the plugin needs to provide a scriptable interface and listener callback so its actions can be vetoed or modified at runtime.
iTunes is bloatware and an enormous millstone for people who (reasonably) expect to be able to use a device without tethering it to a PC to do anything except transfer files. Who knows, perhaps this is baby steps towards Apple making iTunes completely optional and eventually superfluous.
I can't think much reason it has to stay around these days - the phone should be able to handle things like downloads & purchases for itself, and the cloud can do the rest. Of course cloud based computing has its own issues for privacy and price. I wouldn't be surprised if Apple try and reposition iTunes as a cloud proxy.
The fact that Sony have said they're moving data centers suggests that may very well be how someone broke in. Either they plugged into the same network, trojaned their way in or sat in the car park and broke in through the wifi network. It may well be that the public interfaces to the service were extremely well protected but if someone can gain access to the intranet you need more than that to protect yourself e.g. closing all non-essential ports to the data servers, using 2-way ssl, logging everything, limiting physical access to the servers, encrypting backups, not handing the keys to the kingdom to just a single person and so forth.
The password only requires a 1-way hash (with salting preferably) since it never needs to be decrypted. The credit card data does need to be decrypted so presumably there was a key sitting around somewhere which provided access to the data.
Amazon's Android app store makes zero sense in any other context than their own tablet device. I doubt even 1 in 500 people would bother installing Amazon's app store unless it came preinstalled on their device, which implies Amazon are making a device. It's also clear from B&N selling 3 million Nook Colour devices that there are rich pickings to be had.
The big question for me is what version of Android this device will run and how open it will be. Will it be a fork of 2.x or running 3.x?
I strongly believe that all the shenanigans from Google about not releasing the Android 3.0 source code happened precisely because of Amazon. By withholding the source they're probably hoping to moderate Amazon's stance or risk running a fork and not benefit from the changes in Android 3.0. Maybe Amazon will ditch their app store for Google Marketplace or come to some other arrangement. If no arrangement is made I can see an interesting battle taking place.
As an Android developer I would be interested in writing apps for the any Kindle tablet but Amazon aren't exactly making the prospect look sweet at the moment by charging a $100 annual developer fee for the privilege. Maybe if they're looking at a war they should be getting the devs on their side first.
Go read up on the press conference and the Q&As. They did hash the passwords, they did encrypt the credit card information, they didn't store the CVV2 data. The manner of hashing has not be disclosed, e.g. whether it was salted but it was hashed.
They also state they had security at the perimeter as might be expected when dealing with inbound traffic. It is likely therefore that in broad terms their security was following industry practice.
I suspect the failure was something else and compounded by lack of due diligence that allowed it to happen. The manner of failure has not been disclosed but given that they're talking of moving the data center to a more secure location suggests to me it was likely an inside job, or someone simply walked in and nabbed the info, or someone sat outside in the carpark and broke in through a wifi point. i.e. nothing to do with the network facing service, but a weakness within their intranet configuration, e.g. production servers were not firewalled from people coming in from the intranet.
I think Unity is perfect for netbooks where space is at a premium. In a netbook it probably makes sense to have a single global menu since it removes a pile of clutter. It's probably easier to "find" the menu too with a quick swipe on a touchpad.
The problem is not everyone uses a netbook and as the screen size increases, the global menu becomes increasingly annoying. I could have two apps side by side and want to open the menu of the second app. In the traditional way I could just move a short distance with the mouse and click straight on the menu I want within window, move down and click the item. In the new model I have click the window, wait for the menus to flip, locate the sub menu I want, move my mouse up to the top, click, move it back down again and finally select.
It's just more hassle and really doesn't help me at all. Maybe it's not a big deal for Mac users who are unused to more sensible windows on menus, but it sucks for everyone else.
Put simply, it should be a switch. Cater for people who like it one way due to their background / device and the other. I assume since the global menu is retrofitted and is disabled for "classic" ubuntu that it's little more than an environment variable.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
