Posts by Blain Hamon

Brilliant!

So what this extra chunk of change gets you is a bit of dead cow on top and tech support that doesn't suck?

I won't dispute the advantage of a nub mouse or quality of the parts (except ruggedness. You expect me to believe that, when dropped, the leather stays spotless?). But really, any Thinkpad has that, saddle or not.

The tech support seems to be the only real value added. To some, it's a bargain at twice the price, really. It's just that it's a wasted oppurtunity.

They could have made it a desktop with wood panelling, and a subwoofer in the power supply. Then call it a "Twentieth Anniversary Mac."

Mmm, books.

Tim might be onto something here. Books almost never need charging, save for when it's dark out.

Re: Anon coward. Wow. You're still on the battery trolling? C'mon. That's almost as outdated as the one-button mouse claim. Move up to talking about scratched displays, at least.

There's actually reasons the iPod stores the songs with 4-letter file names and a database, as opposed to a straight folder layout. Less CPU needed to sort and scan for file names is one, but the other is that this way, only one copy of a song is needed, even if it's in a dozen playlists, as opposed to a copy in each folder. Fun fact: not only can you mount an iPod without drivers like any other removable drive, but you can even boot off of it, if your computer can boot from an external drive.

Is it me, or does this all come to rock, paper, scissors? Downloaded files are more convenient than DVDs because it's instant access. Steaming/broadcast is more convenient than downloaded files because then you can use advertising revenue. DVDs are more convenient than streaming/broadcast because you don't have to have any ads, and you can fast forward. And Downloaded files are more convenient than DVDs...

Vs. Java

As it might or might not have been mentioned, Obj-C was one of the inspirations for Java. The real difference is not just C and its speed, but in what things are vs. what they can do.

A big win of Obj-C and cocoa is the delegate and protocol concepts. That is, rarely do you subclass in as much as simply support various messages; since it's dispatched at runtime, it'll work out. If it handles the functions fine, who cares what the internal structure looks like?

As for UI, there is a Cocoa for Java API, but it's quickly falling by the wayside. And using straight Java is pretty much a garunteed failure. Not just for the usual reasons (Speed, etc) but because mac users are very demanding on the interface. What is perfectly fine for Windows and Linux is considered barely marginal at best for the Mac.

For example, we expect any text field to support the text-to-speech, interapplication drag-and-drop, the full spell-checker, unicode and multi-lingual support, and the other services in text fields. Fortunately, NSTextField provides all this for free. Want a spell-checker in your program for this text field? Check a box in Interface Builder. These are features that a one-size-fits-all approach will fail to have.

DRMs haven’t worked, and may never work

Which MS DRM? The Zune Marketplace one, or the ironically-named PlaysForSure one, which are incompatible? And as a resident "Macintard", I have to add that it shouldn't be Fairplay either, and you can bet that Apple wouldn't bother even if Symbian begged. Remember the ROKR? Neither can I. I have to agree that, in terms of DRM you can actually license, MSFT's the only real player. But it's like saying that in terms of hands to cut off, cutting off the left hand is better. The best answer is "none of the above."

Want in on a secret? DRM was never a key to iPod lock-in, because it never works. It was only there to appease the pigopolists. Because the real lock-in, the one that actually works, is user interface. They never even competed with the likes of Sony or PlaysForSure; their competition was bittorrent, kazaa, and gnutella - Offer a slight premium ($1 vs free) for added value (Time saved not downloading mislabeled tracks). That's why they put that big "burn CD/Defeat the DRM" button right in front. Lock in with a comfortable ripper/burner/mp3 player, and since iTunes works so well with iPods...

Anyways, my money is on that this is not for full-out music in as much as the much-more-highway-robbery ring tones.

More education!

"As a U.S. Citizen, I can honestly but sadly say that the less that U.S. Government knows about hacking and cracking, the better"

A knee-jerk instinct agrees with this, in the line of knowledge is power. But at the same time, I'd argue that the Gov't should know MORE about this. But whom in the Gov't; that's the key.

What should really be done is not just high-end security training, but a crash-course education in tech in general to elected officials. As funny as it is, Ted "Series of Tubes" Stevens chairs the Commerce Committee. As it's been pointed out, he can steer the course for decisions that not only affect the internet in the US, but because of how intertwined things are (Google, Youtube, Amazon, MSFT, Apple, etc), can affect the internet and global technology as a whole. That's why it's vital that lawmakers have at least a decent grasp on hacking and cracking, which they sadly currently lack.

Autoimmune Diseases?

As tempting as a white hat VX is, does anyone remember the Nachia/Welchia worm? Fighting fire with fire doesn't always help.

But I suppose you could try to use the decentralized nature of the fast flux against them. What's stopping a computer from acting as if it's part of the botnet, and then claiming to be one of the redirecting servers, poisoning the stream? If the white hat systems can't tell which head of the hydra is the root, how would the others? If you have this at the ISP level, only a handful of moles in each subnet, the IPs of the moles would be random enough that later botnets can't filter them out without excluding a major portion of their 'market'.

That way, unlike Nachia, which flooded the network indiscriminately, the poison pill is only going to those already infected and listening in, and not infecting innocents.

Borrowing from Brazil...

SAM:

You got the wrong URL.

JACK

I did not get the wrong URL. I got the right URL. The wrong URL was delivered to me as the right URL! I accepted it, on trust, as the right URL. Was I wrong? Anyway, to add to the confusion, it crashed on us. Which, had it been the right URL, it wouldn't have done.

I don't really care whether or not it's IE or Firefox. Actually, I'll fall into the 'It's both' camp. But the important thing is the response. To work to make sure it won't happen again, regardless of whose fault it was, is the correct response. To do nothing beyond finger pointing is not the correct response.

Why pay a turk?

I've heard of some porn sites advertising free images protected by a captcha. Thing is that the captcha is actually an image from some other site. So the dope enters it in, playing the unsuspecting turk.

And if they really wanted to make it tough to thwart, their malware would turn the infected user into a turk. That is, suppose someone wants to sign up to yahoo, but their computer is infected. The malware can then pre-fetch a failed signup, so when the user does the captcha, the malware registers its spamaddress instead, and throws up a 'failed captcha' page. The user figures they misread an 8 for a B, and registers a second time, this time going through, none the wiser that two accounts were made.

I'm not sure how to combat that level of trickery.

A godsend

(If only my phone had proper ajax support)

The problem with using waypoints, beyond the extra time of picking them, is that sometimes the mapper has an absolute obsession with a some routes. For example, if I want to travel along, but not on a freeway that I know is going to be congested, adding waypoints besides the freeway will do no good, because it'll insist that you go from point a, hop onto the freeway, hop off for point b, visit point b, and hop back on for point c.

Sure, I could add more waypoints, but in order to do that, I need to know what, exactly those waypoints are, in terms of an address. And if I know enough to spoon-feed the mapper, well, I wouldn't have needed it in the first place!

Tripwire?

" when your little app accidentally comes up with someone's REAL number, you'll be reimbursing them will you? "

Like what Andrew Bell said, the chance is exceedingly small. And if credit card companies were to get into the act by providing known false numbers for our fictional firefox extension, so much the better.

Hmm. Suppose these fakes were tripwires. Whenever a credit card company got these numbers, not only would it be denied, the response would be akin to the 'take card'-- "This guy's not a bad entry, it's one likely from a phishing site. Keep an eye on him."

Yes, some idjit will start using these for real, but here's where it gets better. Say John Joker starts using them on Amazon. Amazon gets the flags back from the credit card company, and shuts John Joker's account down. But the Jokers are a tiny minority of the credit cards processed.

Now Phisher.com starts getting credit cards. With a firefox extension like that, most of the cards will be tripwires. MasterCard at first will warn Phisher.com that the cards are invalid, so Phisher marks those off and knows which ones are legit. But after the first thousand or two where the majority of cards have been tripwires, MasterCard shuts down Phisher.com's account appropriately.

Issues remaining: The phishing checks would be by zombies, so IP tracing won't help. Phisher.com would most likely not check in the first place, or would go through a third party. And if they do check, they'd pepper the checks with enough known goods to possibly not trip Mastercard. Hmm.

Nah,

We'll still keep parading "Better Security" around, because it's a relative term, not an absolute.

Sure, it's less secure than BSD or Linux, mostly in things like not needing to be root to mount .dmg files and the like, but there was never a claim of best, only better than Windows.

Which, let's face it, pretty much everyone is. Beyond the red herring of larger market share, there's all the backward compatibility luggage, creeping featurism, and huge inertia about.

Yah! You tell 'em!

Our waste of an obscene amount of money and oil is much better than your waste of an obscene amount of money and oil because yours goes in a loop while ours goes in a differently-shaped loop!

At least Motocross gets more than 5 miles per gallon, has vehicles you can use elsewhere, and has things like jumps. And if you must burn fuel quickly, drag racing is short enough and you end up a different place than when you started.

"It's not stupid, It's advaaanced!"

" Once again, Apple outsmarts the market by packaging old technology in a slick wrapper "

Bully for them, then! By using 802.11b/g, and not n, and EDGE and not the not-as-supported-in-its-target-market 3G, it does have a slower connection speed, but longer battery life! Furthermore, you're more likely to find a wifi hotspot than a 3G antenna, especially since you can install the former in your own home. And while most people won't notice the connection difference save when looking at bullet points, smartphones' short battery life is one of the common complaints.

It's like how the ipods weren't color until the prices of the displays were cheap and efficient enough. Or they had hard drives until they could get good prices on flash memory. And the iPods still don't have wireless. But what would you rather have, being able to squirt, or being able to listen for longer?

Doing more with less. Fancy, that.

"But Blain," you cry, "3G is what's big in Europe, where Apple isn't selling!" And in the states, the steering wheel's on the left side of the car.

Yes, yes, we know.

Blah blah open office blah. Please. There is a time and a place for advertisements. I use Apple's Pages, and don't have any Microsoft product on this computer that was made this millennium, and you don't see me blathering on about it.

Those that know about OpenOffice have already made their decision, and those that don't will be put off with your preaching.

P.S. http://spellbound.sourceforge.net/ will help your cause. Trust me on that.

If we're all here talking about it...

Then it's already won. Seriously, the key to success is recognition, asking for it by name. We've got people in countries where it won't be released for months, maybe even over a year from now, talking about it.

When's the last time you've seen any phone, mobile or not, with this much attention?

That's alright. Keep on believing that market share is the only factor

This is the part where I mention the Witty worm, which targeted only 12,000. And that 1.5M macs that were sold last quarter.

Then you counter about me being an apple fanboy, and possibly the claim of not supporting two-button mice. Sure, that claim was false a decade ago, but it's always a party favorite.

Then I retort something about I'm sure Windows security is surely stronger. You want to rename a file. Cancel or Allow?

Great fun is had by all.

5 minute halo

What would be interesting would be a report by EB games et al regarding their in stock/sold numbers, to give a better estimate on how many sales were full sales, and how much of it is simply channel-stuffing.

Regarding gaming pdas, time and moore's law will prove me wrong, but for now, I can't see something as complex as halo scaling onto a pda without massive compromises. Doom is too different, in terms of hardware demands, to ensure Halo's runnability.

Doom came out in 1993, on a single floppy disk, requiring 4MB of Ram for your 386. There's versions of Doom ported to digital cameras, even. While a PDA is more powerful (200mhz ARM chips, last I recall), it still lacks the cpu, ram, and gpu for the graphics. And if it did have such, it'd have an even shorter battery life than an UMPC.

(Let's take a moment to imagine Halo's speed and graphics quality on a 386. Or let's be generous. A pentium 166. With a voodoo card. On two 9-volt batteries.)

Yes, I know of things like Metroid on the DS or Me and my Katamari on PSP. But those are custom-built, taylored to the unique traits of those platforms, like dual CPUs and a single known gpu. And an entire scene is less complex than Master Chief's model.

Direct X and the game would need a massive redesign in order to fit with the limited processing power, limited battery power, limited bandwidth, and unknown inputs. And that would defeat the purpose and negate any pda advantage.

On the plus side, we've still got minesweeper. And Wordpad. And we all eat our meals with swiss army knives, because they've got more features than a fork, right? Right?

Simpler answer

Even at $3.50 a gallon, it's still cheaper to clog the freeways than to take a plane or train ride. Not to mention faster, less of a hassle, can go at any time, and it's the American Way.

Sad but true.

Quick question:

So, when the flu or some other nasty bug goes around, do you get a new vaccine, which only makes sense if the virus evolved, or do you just pray instead?

FYI, Jesuit colleges and schools around here proudly teach evolution, physics, etc, and not Intelligent Design, Creationism, or Geocentric views. Even when the school is named after the guy who persecuted Galileo Galilei.

Do no evil? Redefine evil!

Keeping your search history is a good thing, citizen! We only share it with affiliates or anyone else who pays us, but that's only to better target you with advertisements. Surely you want us to build a database on what you do. It's to stop terrorism! And it's for that reason that privacy is double-plus ungood.

Death isn't the handicap it used to be in the olden days!

Death is analog. You can have parts of your body die while you're still alive. Compare cancer with being shot. Slow death, fast death, sudden death, mostly dead, barely alive, dying, etc. We've got those phrases for a reason.

The perfect defense as long as they attack on a sunny tuesday afternoon

There are geiger counters and they do scan incoming cargo at major ports. But frankly, an attack doesn't even need to get that involved. I don't think it'd matter much if the bomb is at the heart of a city, or simply near it, undocked, were it strong enough, or held high enough up to spread the cloud far. And considering that it's natural for important sites to be by bodies of water.

The only way to win is not to play. Gunboat diplomacy only goes so far. The best defense is to not to be such an offense.

The crux of the issue

" The effect is that if you send a message to a nil object using a selector that's expected to return a boolean, int, float, etc, you'll effectively get NO, 0, 0.0 (respectively) back *because* the appropriate value is already in r3. The effect is the same with the Intel implementation. 'Self' is passed in the EAX register, and EAX is used for the return value. This is -- I believe -- the reason why GCC ensures that Self is the last value that's placed in EAX immediately before the dispatcher call."

Aha. I didn't think about that. Honestly, I try to avoid depending on this activity, to a degree. No, I don't check before [fooObject release]; but I'd avoid {if ([fooString length]) }, using {if ((fooString != nil) && ([fooString length] != 0)) }. The latter, while chattier, is actually faster, safer, etc. True, it uses a couple more bytes. But the checks against 0, if I'm not mistaken simplify out to the same assembly. And a nil will reduce another function call of send_msg. More importantly, here's where you're fighting resistance.

This bit about handling nil sounded familiar. Indeed, it's a really nasty design tradeoff. You don't always get 0 back from a nil call.

http://ridiculousfish.com/blog/archives/2005/05/29/nil/

r3 is 0, true, but r4 (The lower half of a long long return value) is the selector, and fpr1 is the first floating argument in, and the floating result out. And none of the registers have been changed. In other words, for PPCs

- (UInt32) [nil fooInt]; returns 0.

- (UInt64) [nil fooLongLong]; returns (long long)(@selector(fooLongLong)) on 32 bit systems, but 0 on 64-bit systems.

- (float) [nil fooFloat: (float) barArg]; returns barArg.

- (float) [nil fooFloat]; is undefined.

There needs to be a happy medium between tight code and flexible code. And there is a lot of bloated code out there, regardless of language. But if you over-optimize, bad things happen. This isn't to diminish your message. Honestly, I enjoy your articles, despite playing the devil's advocate so often.

The problem with Gates is...

He's too rich. And I don't mean that in any sort of communist sense. I mean simply that in his own little billionaire's club, where he's got an army of people sorting out his email and can buy a hundred of anything, he doesn't see things from our plebeian angle.

End to spam? Sure! For him, it's already happened. Just have a huge department to delete his viagra spam for him. Use a PC with a 3 hour battery life as his phone? No problem, he's got a few $100 batteries on standby. His tablet PC is a success for him! Why, he probably owns half a dozen of them himself. Never an outage in his hermetically-sealed, UPSed, IT-back-uped world.

Meanwhile, for us where some have never used a computer, a PC is overkill. Especially if there's a power failure, and the only working device is the ancient kit which gets 48V from the copper wires from the telco office. Especially in the country, where POTS is the ONLY communication network. Doubly so where you want a phone that doesn't need to reboot, and you don't need to buy antivirus for a touch-tone.

Small sample size

Okay, we have a listing of 2006, and a listing of 2007. That's it. And then there's Microsoft, and everyone else. That's it. As much as I want shaudenfraude regarding Vista et al, this is way too limited a result to make any actual heads or tails of it.

"All Others"? Did someone phone this in? No mention of hardware manufacturers? What about IBM? Adobe? Apple? Logitech? Blizzard? EA? Sony? Sun? Dell? HP? RealNetworks? AOL, even? For all we know, the computer industry as a whole did much worse than MS, save for everyone and their iPods raising up that "All Others". Doubtful, but still, two points does not a curve make.

Also: I think Microsoft does outsource the peripherals. I can't find any proof of this, however, but I do remember some note about the Xbox being the first device they designed and made in-house.

inverse square and transmitting wires

They don't mention which iPod it is, given the larger ones have a full metal backing. But that wouldn't cause the issue to go away when it's turned off. I suppose, in theory, the length of headphones wire could serve as an antenna, messing with either the pacemaker or the test equipment. (Although iPods 'mess with our pacemaker-monitoring-sensors' makes for a much less compelling tag-line) Especially since headphone wires are neither twisted pair nor coaxial.

As for danger from other things, don't forget that distance is important. 2 inches is 5cm. 1 m is, well, 100cm. That means a 20:1 distance ratio. A computer 100 times stronger but 20 times further means it's 100/(20*20)=100/400= a quarter of the influence. (Besides, the bigger danger was the CRT, not the computer)

That said, I'd say it's a fluff article until there's confirming and significant proof. It's great that the 17 year old is starting research so early. But he probably knows as well as anyone that, until it's been reproduced by others, it's just an interesting theory.

This calls for guarded optimism

If the license agreement is like it used to be, this is far from a dead cert for Linux/Kubuntu, etc. Firstly, it used to be that Dell et al had to pay the licensing fee for windows regardless of the os actually installed. In other words, it's possible that you'd be paying the Windows Tax even without a lick of MSFT code on the machine.

Hopefully this isn't the case. But this still has another obstacle: Remember all the crapware that you get on a Dell system? That's not for the user, and it's not at MSFT's request. Instead, it's how Dell and others make profit, by selling you as advertisement to the crapware. If there's no such setup on the linux machines, there's a possibility that the linux option will be more, not less, expensive than the windows option, to offset that loss in advertising revenue. Hopefully, things will turn out well for this linux option, but it's got a danger of seriously backfiring, with Dell's pricing and flaky hardware giving Joe Six-pack an impression of FOSS of expensive and unreliable.

Mr. Hall is right, in my assumption, that this is a proxy battle. That Dell's doing this for eyeballs and a better bargaining position with MSFT, the same reason why Michael Dell made noises about wanting to sell Dell boxes with OSX, even though it's a dead impossibility.

Sorry, but history is against this notion of OSX on Dell. The last time Apple had clones was in the late 90s, and it almost killed Apple. One of Jobs's first actions was to end the licensing. Add to that the utter enmity between Apple and Dell, starting with the "Give the money back to the shareholders" comment. It's continued with advertisements, both Dell and Apple going at it. And finally, Jobs has used a Dell as the "Example of what not to do" when comparisons are done, be it on system looks (when the iBook G3/500 was introduced, Jobs brought out a Dell laptop: "Our backside looks better than their front") or on price/performance (When the Mac Pro was introduced, it was compared against a Dell system).

That's nice

I am so glad that people use anal violation as a highly technical and logical explanation of things. It gives it that "mature" air, don't you think? I know when someone comes across as a 13 year old to me, that inspires me to base my purchasing decisions on their word.

P.S. Boot camp.

Anyways, you know it as well as I do, Clay. The attempts to pin the old "overpriced" label, regardless of reality, remain. Thus Gateway's bit about "extremely expensive propositions from boutique specialists." Remember! Save 20% on the price by getting half the machine!

More details: Quicktime and Java

http://www.matasano.com/log/812/breaking-macbook-vuln-in-quicktime-affects-win32-apple-code/

Hunh. Turns out it's some interaction between Quicktime and Java. So if you use MacOSX and Safari, or MacOSX and firefox, or Windows and IE, or Windows and Firefox, and you have Quicktime (read: iTunes) installed, you can get hit. If you disable Java (Not Javascript), you are not affected on either platform. Is this the premise of write once, run anywhere?

I see the old excuse of market size has been brought out again. While it might be a contributing factor, there's a few counterexamples. The "What?" post has already covered the MacOS 9/X one. I've actually seen Sevendust in the wild on an iMac running 8.6

Furthermore, SQL slammer had a target population of 100K, and the Witty worm had a target population of only 12K. Apple shipped 1.6M Macs in 07 Q1 alone. Were it purely a function of market share, why haven't there been 3-30 worms a month for MacOS X? Especially considering how fast, virulent, and devestating SQL Slammer and Witty were, despite having a market several orders of magnitude smaller than MacOS X.

http://www.caida.org/analysis/security/witty/

http://www.caida.org/analysis/security/sapphire/

Is MacOS X fully secure? Is Safari? Firefox? Linux? No. Of course not. To claim otherwise is folly. (Andy, you're frothing at the mouth. Remember, we're supposed to be good fanboys. No rabies) Should we simply declare the field level, and simply chalk up IE and ISS's woes to larger market share? Neither that, because it wrongly removes responsibility.

But does this really matter? Should we celebrate other systems' misfortune? No. Worms and other such things affect my systems and servers, even if they never touch or infect them; It adds more strain to the network, and can crowd out legitimate traffic. In this regard, no system is immune to the effects. Should we always strive for improving security? Yes, yes, a thousand times yes. Infighting and OS wars blind us to this fact, that it's everyone's problem.

Shame FUD can be easily disproven

on user replaceable batteries - http://newertech.com/support has video instructions.

not acting as an external drive without drivers - Sorry, it works fine with bog-standard USB Mass Media storage drivers, just like any USB drive.

Let's see. What else are the usual claims?

Oooh! Oooh! Wanting to use disposable batteries. http://home.speedfactory.net/tcashin/ipodbattery.htm

How about the old DRM complaint? http://www.apple.com/ipodshuffle/specs.html

MP3, DRM-Free AAC, and even WAV and AIFF if you so choose.

I couldn't find any real numbers on Zune advertising, beyond MS expecting to "lose hundreds of millions of dollars", Apple $287M in 2005 and $206M in 2004, and Creative spending $100M in 2004. I couldn't find any numbers for SanDisk. You'd think that if advertising was the deciding factor, MS wouldn't be in back with Creative.

http://www.amazon.com/gp/bestsellers/electronics/172630/

(The ranking of the Zune and the Zen have been swapping every time I hit refresh.)

Hey! You kids get off my lawn!

Programming has always been a tradeoff. You know it as well as I. If you really wanted to get the most performance, you could make your own custom strstr, dropping even a function call overhead, looping through character by character, shaving off the cost of memory lookups by doing compares through constants, which stay in the opcode. Better yet, C allows for inline assembly for a reason!

But that would defeat the point. Libraries are inherently inefficient in that they have to be generalized, and won't reach the fine tuning we could achieve by rolling our own. Yet we use them because unwritten code is debugged code, and we read code more than write it. In other words, by taking a step back, it's easier to reduce errors, etc, etc. Not only that, but a library allows a coder to share his skills with another, outweighing the losses.

I know that key binding is much slower than using the older event handling and hand-updating values. And common sense dictates that having an NSButton on a window, that means a lot of extra work that I could, theoretically, pre-render. But having the key bound means I don't have to pour through my code looking for a missed update, and with Quartz Extreme, that code is offloaded to the GPU, meaning better performance, contrary to common sense.

Does that mean we should not heed the point of the article? No. Personally, I hope he leaves it as is, or all these comments will make no sense. NSString is a bad example for reasons mentioned above, but that reinforces the underlying crux. Use the right tool for the job.

C is a honda civic: light, fast, and good for small things. Objective C is a dump truck: heavy, strong, and can help you move a lot in one go. It makes no sense to use a dump truck just to bring home a bag of potting soil. It's pure waste to use a honda civic to carry away tons of dirt away from the construction site of an underground parking lot.