If you want to feel really inadequate, watch Rough Science, where a team of five McGyvers scientists build all sorts of cool stuff from things they find from the surroundings. For example, a light-communication device out of some mirrors, rubber, cans and an old radio.
Makes you think twice about manned space exploration and how useful a team of professionals can really be.
Yes, I totally agree with Clive Thompson about his new Wired column. Regulating your use of physical goods (e.g. gas) is easy, because you always see how much you're using, and how much you have left. With electricity, this is completely invisible - do you know how much your TV really takes electricity? You get a bill every month (or in case of my electricity company, they just make a guesstimate, and read the meter once a year, then charge you the difference). That's not very good feedback.
There was a column in the Helsingin Energia -magazine by Risto Harjanne which said that by 2010, they are hoping to enable most electricity meters in the Helsinki area for remote reading. This would allow you to monitor your own electricity consumption, over the web, instantly. Already about 10% of their customers is already enabled, though there hasn't been that much noise about it.
Clive Thompson also has another good point: the energy consumption figures should be made public. I'd very much like to connect my Facebook account to my electricity bill and compete against others (I would probably lose though; electric saunas are awful energy consumers). But that would be the way to bring it out in the open, and really make people see the difference. Seeing your own figures still tells you nothing. Comparing it to others would give you a baseline level.
Where are the open APIs to remote-readable electricity meters? How about open APIs to car on-board computers which calculate your gas consumption? Anybody need a capable designer for that kind of stuff? ;-)
Here's a story of DRM and copy protection which shows clearly that they are not very error-tolerant technologies.
As you may recall, I lost my SIM card a while back. While I was waiting for a new one, I temporarily switched to using a 6131nfc as my daily phone. Then, I got a new SIM card, and also a new, shiny E61i. I installed all my old software and files back, and thought "phew."
Well, that was just a beginning.
I have exactly one software which I have actually bought (for the rest I'm pretty happy with whatever the company is offering), and that's Navicore. Their "theft prevention" system didn't like both SIM card and phone changing, not one bit. So I had to call their service line to reset the license code.
Having to call someone to enable your legally purchased software is already annoying, and sort of adds insult to injury: having to reinstall everything is a frigging pain, and it's not made easier by having to grovel in front of someone and try to convince them you're not a thief. Well, luckily the Navicore lady at the other end of the line was very nice and helpful, and reset my code.
Except that this didn't help one bit. Turns out that the software locks itself down once you try to register it with a locked license code. So they told me I should install a bit of software to remove the lock - but not that it does not work on the phone I own. So, the only way to proceed is to reformat the entire frigging memory card and reinstall everything! When did you last see a computer that requires that you format the entire hard drive in order to reinstall a bit of software? (On second thought, don't answer that. This is one of the reasons why I refuse to call these cell phones multimedia computers.)
Anyway, so I go and copy all the data to safety, reformat the drive, and reinstall. Of course, I have to reinstall all of the software because none of them survive the copy cycle. Which is totally bogus - Mac OSX doesn't need any stinking software installers, thankyouverymuch. Why the hell would a cell phone?
Everything fine and dandy? No way. Reinstallation of the software tells me again: "Invalid license key." I call Navicore again, and they tell me happily that I can't install a 2007 upgrade without installing the original first ('cos it's an upgrade, even though it's a complete program). So they reset the license key of the original software that I have, and then I go on and reinstall the original version - which of course refuses to install because there is a newer version already installed. After some creative file deletion later, it nearly works - except that I have to call Navicore support again when nothing works, and they tell me that I need to run the installer manually (because it does not run automatically, just like all other software. Because it would otherwise be too easy.)
After about ten minutes of watching the progress bar (why does it take so long?) I actually had a functional, old version. (By the way, all this installation requires Windows. You can't perform the installation on anything else, so you get all the Windows quirks on top of everything.)
Then, reinstallation of the new version (manually, of course, though this time I didn't have to call the help desk. I already knew what to expect.) Again, it takes about five-ten minutes for the installation to complete. But then I finally had functional software!
All in all, I am not at all happy about this experience. While they are of course trying to protect their own assets, this kind of "theft protection" system falls down horribly when you try to do something that the system designers didn't expect to be a common occurrence. Obviously it's a good idea to design for the most common usecase (changing phones), but the system should fail gracefully when confronted with a catastrophic event (e.g. theft) instead of adding to the catastrophe.
In trying to protect their own asset against theft, the software vendor made it very difficult for their own customers to recover from e.g. theft, and cause their own asset, time, being wasted. Not to mention all the money used for support calls and activation SMSs. I have now used maybe four hours or so to try and get one piece of software back to the state it was before. After this experience, I probably won't buy any other software that uses a similar protection system, knowing that if I ever lose my phone, I will have to do this entire round of shit again for every single piece of software that I have purchased.
Later: Wasn't that easy. Oh no... Navicore released an upgrade this month, and trying to install that on top of my now-functional-software broke the License Manager tool, which meant that I have to - wait for it - FORMAT THE ENTIRE FUCKING MEMORY CARD AND REINSTALL ALL MY APPLICATIONS! YES! THAT IS WHAT THE NICE LADY SAID!
You know... it's rapidly becoming easier to steal this software than to try to use the legitimate version. At least then I wouldn't have to put up with this License Management crap. I used to recommend this software to people but now I just can't do that anymore. Stay away from Navicore, 'cos if you lose your phone, I certainly won't be helping you to reinstall.
Later2: And their EULA sucks, too. They for example forbid you to use the software if you are a competitor, back it up remotely over the Internet, or use it in any way "not explicitly allowed by this contract". You also agree in the EULA that they will install spyware on your phone, and you agree to pay all the costs involved. Also, your right to use the software expires if you make a traffic violation while using Navicore (isn't that a bit... preachy?)
All roleplayers have some basic dice skills. This guy is definitely advanced. Very advanced.
(Thanks to Darchik on IRC.)
As an old astronomy geek, the new Google Sky is impressing the heck out of me. It's a part of the new Google Earth, and it allows you to pan and zoom to the sky - courtesy of NASA, the Hubble telescope and a bunch of other observatories.
Highly recommended :-D
My trusty work laptop (decorated with Hello Kitty badges, much to he amusemen of airpot securty peope all over the world) has developed a strange and annoyig poblem: It accidentally transposes letters- r to be pecie, it acts as if a cat was pressing the left rrow key ranomly. This means that I skip a letter, and te extra letter is added to th ight of the cursor, and it then moes forward as Ityp.
Now, I don't mind that it makes me look either retarded or drunk I'mpetty ure that the pople at work are already used t it), but what onearth I a upposed to d with all these extra ltters that are left ovr?
eeosm oesr (e vrehdasro rnlirtt
I was just interviewed for a Forrester Research on Web 2.0 markets. It was interesting to see how these reports are actually collected, knowing that a lot of companies are trusting them and making market decisions based on them. Heck, I used to read them a couple of years back, trying to figure out strategies.
But boy, do they ask hard questions. I kinda like to think that I know a bit about the Web 2.0 world, leading a wiki development effort, but this interview showed some major gaps in my knowledge. Of course, a lot of it was about market shares, sizes, and segmentation, and we haven't really been tracking our users (I don't know of many OSS projects who do) so I just had to give a lot of educated guesses and some "you know, I haven't really looked into that" -answers.
Altogether an interesting and somewhat humbling experience...
Wow, someone has managed to block the entire wordpress.com because of a couple of blogs which allegedly contain slander. That someone turns out to be Harun Yahya alias "Adnan Oktar", a person mostly known for his strong anti-evolution, pro-religion sentiments, and a criminal case against his cult.
It's entirely possible that the blogs do contain slander. But that is something which should be taken to the judicial process, where a (hopefully competent) judge decides whether slander occurred, and punishes the author, not the hosting service. Looks like his strategy is to block all the services in Turkey which don't like him. Looks like the Turkish law is still somewhere in the 20th century on all this internet stuff to allow for something like this to happen...
Well... block this, you overzealous shithead. Hope someone teaches you the term "tolerance" before your sphincter strangles your brain.
Ropecon is totally over again. I spent most of the time in Kaubamaja, helping Outi sell her jewelry, and still managed to clock 8 hours of volunteer work and slightly less sleep.
I guess the whole experience can be summed up with a sign that was posted by an anonymous person in ladies room, over the sanitary pad disposal bin:
"Vampire snacks. 50 cents."
"At 20070809T102250 UTC, do you, node 209c57fe78605e99641d9fca4e7bc232, and you, node 4d930c40123760f0c67f67ec4e9ce0d0, wish to connect permanently to each other and promise to route all packets faithfully until powerloss?"
"This unit wishes to state a positive intent, as witnessed by this packet signed by my private key."
"This unit also wishes to transmit a true, and sign the packet with the private key."
"Now, exchange public keys and sign them with each other's private keys. ... Thank you. You may now plug in the cable."
"Dear networked nodes that have gathered here at this timestamp: I now pronounce your networks connected. MAY your BER approach zero, and your routers have no congestion. You SHALL adhere to the following protocol rules, to be interpreted according to RFC 2119:
- You SHALL NOT route any other packets through eth0 unless addressed to the other unit
- You SHALL NOT turn on promiscuous mode, or else risk a denial-of-service
- You MAY spawn plenty of subnodes to maintain the network
- You SHALL cherish and maintain the link you have by sending keepalive messages with tokens (of love) at regular intervals.
- You SHALL be peers and equal in all traffic, and trust the data routed from the other (if properly signed with the public key)"
(Earlier parts of this story available here, here, here, here, here, here, here, here, here, here, here, here, here, and most especially here. (And, of course, here.))
At the Blackhat 2007 conference they ran the "Iron Chef Blackhat" competition. The aim was to find as many security vulnerabilities from a piece of software in 45 minutes as possible. And the software was... JSPWiki 2.4.
While I'm sort of honored to see this little program attracting attention, I'm kinda cringing, too. At the results. The winner found 17 bugs (including 13 XSS vulnerabilities) in 45 minutes. Not a very good track record (For us. Pretty good for him.) But on the other hand, this really is the first time we've had any sort of a security audit from someone who is not a member of the team. So what can I say? The only thing I can: Keep them coming - that's the only way we can build better software.
Now, however, just a minor request: kindly disclose all the issues you find... ;-)
(Nope. But we're getting closer...)
Well, Dave spilled the beans faster than I did, but yeah - the JSPWiki committers decided that we shall submit JSPWiki to the Apache Foundation. First, as an Incubator project, but with the aim of becoming a full top-level project.
There is a manifesto, and a concrete work-in-progress proposal, to which anyone is welcome to contribute to.
I'm pretty excited about this. While it means that I'll lose control, this will (assuming Apache accepts us) represent a significant step in "maturing" JSPWiki as a serious open source project. Which is good, really really good. I think MediaWiki has been dominating the world long enough ;-). With some nudging, JSPWiki should be up to par with the best of them, as we're already powering some pretty hefty websites.
(And no, this wasn't it either. Although it could've been.)
Dubya is worried about a new threat to US security - ZOMBIES!
(Thanks to Outi for the link.)
(No, this wasn't it either.)
Every year I swear that next year, I'm going to go to the Edinburgh Fringe Festival, the biggest arts festival in the world, and every year I forget. But no matter, the rather excellent The Edinburgh Fringe Show -podcast with Ewan Spence is back on again! It's almost like being there in person...
Oh crap. Lost my SIM card (don't ask me how). Therefore, I cannot be reached at my usual GSM number for the next few days.
Yeah, it's Friday evening. How convenient.
Update: If you need to call, email/IM me for my temporary number.
Update2: Situation over; old number is functional again.
Gang called "Anonymous" terrorizes the internet, says FOX in this incredibly stupid piece which includes e.g. stock footage of a van exploding.
Even though this is completely and utterly idiotic and really serves only to scare people, it makes me wonder whether this is just another step on a co-ordinated attack on anonymity on the internet. After all, if you can equate anonymity with terrorism, wouldn't people be more amenable to having to prove their identity whenever they are logging online? And that would mean turning the internet essentially into a controlled substance - a walled garden where you can play, but only if the owner lets you.
Private comments? Drop me an email. Or complain in a nearby pub - that'll help.
|"Main" last changed on 10-Aug-2015 21:44:03 EEST by JanneJalkanen.|