Inconvenience without Security

Apparently there’s news of an exploit that completely hoses Vista’s security and which probably can’t be fixed. Before the Microsoft-haters all start celebrating, let me make a couple of observations.

  • It’s not clear whether the general approach taken might not be equally effective against other operating systems.
  • The people discussing this exploit seem entirely too gleeful. Remember, you’re supposed to be good guys looking for security holes so we can fix them before bad guys take advantage of them.

“… the genius of this is that it’s completely reusable. They have attacks that let them load chosen content to a chosen location with chosen permissions. That’s completely game over.”

That just doesn’t sound like a dispassionate researcher reporting significant findings that may be of concern to us all. It sounds more like someone relishing Microsoft’s discomfort, or maybe Hudson — that guy in Aliens who totally loses it.

Here’s a link to the actual paper.

Game over man.

Note: the actual researchers are quite reasonable and their paper is entirely aimed at helping Microsoft and other vendors improve their platforms’ security. The guy I was quoting was “popular security researcher” Dino Dai Zovi. I think he’s popular because he says insane crap like that.

Verizon Customer Retention, The LG Dare, iPhone Flaws

While we were in Denver visiting family we visited an Apple Store (it was the most crowded store in the Mall, of course) and, of course, started drooling at the prospect of replacing our aging Motorola Razr v3cs. “We’ll just wait until our Verizon contract expires,” we agreed, and continued wandering around. Then we stumbled across a Verizon store. “I’ll just go find out when our contract expires,” said my wife as she ran off, leaving me with the twins.

It turns out that our plans have already expired! “OK, let’s go to the Apple Store,” I said (loudly) at which point the Verizon reps (who outnumbered the customers in the store) tried to sell me on the virtues of the LG Dare which, they explained, is better rated by independent reviewers than the iPhone and is superior in most ways.

I won’t go into their sales pitch — I basically tried out the Dare’s web browser (which was an exercise in self-flagellation) and left the store — but I did check the LG Dare out online after I got home. (Of course, if I’d had an iPhone I could have checked it out on the spot.) Here’s the thing, the LG Dare does get better reviews than the iPhone from the likes of C|Net, but not from more critical reviewers such as Engadget. Indeed, MacWorld gave the iPhone 3G a four (out of five) mouse review.

It seems to me that this isn’t  because a lot of review sites are anti-Apple, or that people love to criticize the iPhone — although both things are true — but because when you use an iPhone you suddenly start comparing it to what you imagine it could be, versus what it actually is, whereas when you use most cell phones you compare them to other cell phones (say, your current cell phone). The iPhone isn’t a phone, it’s a touchscreen computer that happens to be a phone. As such, its connection is kind of slow, its screen is kind of small, its performance isn’t always stellar, the virtual keyboard is kind of lame, and so on. It’s easy to imagine a device that’s better in pretty much every way.

I like my Razr — I just wish it had a slightly bigger screen, a better menu system (which let me customize shortcuts to, say, the calendar), better battery life, and synced properly to my Mac. I don’t wish it let me use iWork applications, support pen drawing so I could use it as a sketchpad, and let me play Grand Theft Auto. I don’t mourn the lack of an SD card slot that would let me grab pictures from my D50, or videos from my TZ3. I don’t wonder when there’ll be a decent image editor for it.

The iPhone 3G doesn’t deserve better reviews. It just deserves its own category.

Anyway, we’ve decided: my wife will get an iPhone. I’ll get an ordinary cellphone (possibly a disposable, since I hardly call anyone ever) and an iPod Touch. And that way we’ll be able to test our apps on both the iPhone and Touch and pay AT&T as little money as possible. I wonder if Apple will release a Touch with GPS.

Does Apple have an “Out” Clause for its partnership for AT&T?

The main problem with the iPhone 3G launch appears to have been AT&T. AT&T didn’t ship enough phones to its stores, and wasn’t able to handle activations fast enough. If you look at the number one reason stopping would-be iPhone users from buying one, I’m pretty sure it’s AT&T.

Our last experience with AT&T was having our account padded with a bunch of services we didn’t ask for (in fact explicitly refused) but not noticing it because during the first two months on a contract it’s impossible to figure out your bill (it has all kinds of whacky one-off items) and then not being able to turn off the features we didn’t want and weren’t using when we discovered them for over six months, and then not being able to be refunded for them afterwards. When we switched to Verizon (whom we hate for different reasons) AT&T reps called us to ask if there was anything they could do to change our minds. Well, you could go back in a time machine and not rip us off.

Generally, a contractual agreement between business partners, such as Apple’s exclusivity deal with AT&T, has “out” clauses for such things as non-performance. Recently, for example, Paramount was sued by licensees of the Star Trek brand for producing lousy Star Trek series and destroying the value of the brand. If a famous athlete is discredited for taking steroids or sexually assaulting someone he/she will lose his/her endorsement contracts. Perhaps the most germane example I can think of is Apple’s iTunes licensing agreement with the big music studios which gives them an “out” if Apple fails to address any cracking of iTunes DRM within 30 days.

Just how badly can AT&T screw things up and not give Apple an early “out” from their exclusivity deal? It almost makes me wonder if Apple’s incredible efforts to put iPhones in their stores were an attempt to force AT&T to fail some benchmark. (It would also explain AT&T’s deliberate understocking.)

Ubuntu in Action: Oh My Bleeding Eyes!

I’ve finally surrendered to the inevitable and installed Ubuntu 8.04 LTS over Vista on my company laptop. (Note that I am lucky enough to work for a company that is perfectly happy for its employees to use any Linux variants they like on their laptops.) Vista had gotten itself confused to the point where I was unable to get much of anything done on the computer, and I have another Vista box for testing now so my laptop’s dubious utility as a test platform is now irrelevant.

I’m writing this entry on said laptop and one thing that’s highly annoying when using Ubuntu is that it doesn’t have any of the fonts we take for granted and the combination of the fonts it does have and the anti-aliasing algorithm Ubuntu (Gnome? X?) uses to render those fonts is not terribly pleasant. Ubuntu’s fonts resemble well-known fonts such as Times, Century Schoolbook, Helvetica, and Verdana, but by and large they’re much less refined. So this means every bit of text you read in Ubuntu will be just that little bit uglier.

Even if Ubuntu had great fonts and great font rendering, it is still ugly. Whoever has set up the UI options has definitely tried hard to make the best of a bad lot, but all of the different theme and widget options are just bad. Text isn’t properly centered in widgets, spacing is wrong, everything just looks clunky. And of course it all suffers from the fundamental architectural mistakes of Windows and all the well-known Linux desktop environments — menubars belong to Windows not the OS. So the most valueable real-estate on the screen (the top 20 pixels or so) is wasted with a useless “faux Mac menubar” or — if you customize it — a window’s titlebar, and the menu you really want is somewhere below. Yuck. The fact Ubuntu, by default, pretends to have a Mac menubar is obviously some UI designer painting lipstick on a duck.

Low level usability in Ubuntu (or is it Gnome?) remains problematic. E.g. if I double-click on a directory name in a URL in FireFox it selects the whole URL. (It doesn’t recognise “/” as a word-delimiter.) Now FireFox doesn’t do this on a Mac, but Evolution does this in an email’s body text, so I’m blaming the operating system (which includes Gnome). Low level usability issues are the worst because they affect every application that isn’t written by fanatics — it’s why even the best Amiga applications tended to suck.

Next, Apple’s new MobileMe website simply refuses to run under Ubuntu. The problem isn’t FireFox, so I guess it’s Ubuntu. Is this just Apple being gratuitously anti-Linux or is it, just possibly, font-related? I’m guessing the very refined UI they’ve built relies on the known metrics of fonts that can be assumed to be present on any vaguely modern Mac or Windows PC. In any event, the error dialog is very annoying — it features a continue button that simply pops up the same dialog again.

Ubuntu’s online help is almost comicly bad. To begin with a lot of the time you type in a query or click a link and it just … disappears. Not even an error dialog. I’ve sat there several seconds wondering if another window is going to appear or a web page will be opened… but no. Nothing.

It’s possible to install an application in Ubuntu and then to have no obvious way to find it (Ubuntu’s search capabilities are pretty awful, and it hides a lot of stuff from you). Turns out you can (sometimes?) launch it by opening a terminal and typing its name (of course it’s case sensitive).

Speaking of installation, there are multiple installation mechanisms in Ubuntu but while you can use two different installation mechanisms at the same time, you can’t use the preferred mechanism (which if it’s already in use. E.g. if you’re installing some giant app slowly and then you browse the web while bored and need to install a plugin, the slow installation continuing in the background blocks the quick one (and it does rather badly in that you aren’t given the option to queue the second install and you “lose your place”).

Don’t get me wrong: Ubuntu’s Add/Remove… command is great. You can just add more software with a single click (and you can pick a bunch of things and then click install and it will do them all). But you can’t add to the queue while it’s working.

Overall, I’m liking Ubuntu. Yes, it’s a little ugly. Yes, it’s occasionally mystifying. But it works, it runs fast, and it’s certainly no uglier or more mystifying than Vista.

Illustrator Replacements, Cont’d

It seems like this is a popular topic right now. In Drawing Conclusions Jon Whipple provides a very thorough comparison of Intaglio, Vector Designer, LineForm, and ZeusDraw (he dismisses some contenders for being too expensive, or having terrible websites, and InkScape for running on other platforms — which seems a bit odd since Illustrator runs on other platforms and is expensive). I do like the fact that Mr. Whipple is well aware of Illustrator’s numerous shortcomings (unlike some reviewers who simply assume it’s superior to its competition in all respects).

It’s a long article, so I’ll cut to the chase and say he picked ZeusDraw as his favorite. I’d not heard of it before and will check it out , but he found pretty crippling limitations in all the programs (as did I).

Afterword: after using ZeusDraw for five minutes, I’m pretty irked by the interface. Some things are great — it’s amazingly easy to set up custom brushes, although there aren’t a bunch of nice presets — but the user interface is unstable (it morphs into different forms based on the selected tool, and often deselects the object you’re working on for no reason) and the bezier tool is gratuitously different and worse (i.e. less interactive) than the one we’re all used to.