Not Obvious

Apple Should Have Named It The iAudrey

I interjected myself into a Twitter conversation between @natevw and @hjon tonight which ultimately led to me rummaging through a couple of the "miscellaneous" bins from the past couple moves to find Audrey. (No, it's not the skeletal remains of a relative or cat, nor is it a stuffed version of either either).

Audrey is/was a $500.00 USD "Internet appliance" released by 3Com in 2000 that ran QNX - a popular embedded *nix-like OS. You could surf the web, listen to music and e-mail folks (plus run a few other apps that came with it). It had a touchscreen (tho, you needed a stylus) with a virtual keyboard, but you could also use a wireless keyboard. My setup is a bit worse for the wear, but she still works:

Uploaded with plasq's Skitch!

The device failed because it was too expensive and just a bit ahead of it's time (you have to remember, the Internet was a different place back then, with the intended, primary means of connecting the Audrey being dial-up). I believe it also failed because there was no good way to develop for it, thus snubbing early adopters who might have been able to get 3Com over the 1st gen hump and provide it a stream of cool apps to make it worth the money for the general public.

I grabbed my device after it was discontinued because it then became hackable. Ah, the days of crafting CF cards just-so in order to bend the device to my will and adding the USB-to-Ethernet adapter to surf via the lame excuse for broadband back then.

The iPad is not new. Audrey had a great deal of the iPad goodness going on a decade ago. It had decent industrial design and the non-hacked device worked very well for the intended purpose given that it used a 200 MHz Geode processor (no "cores" back then) with a whopping 16 MB of flash ROM and 32 MB of RAM (all in a 9x12 package). It packed two USB ports and a CF card slot as well, making it far more open than Apple's offering.

But, 3Com had to go and be the gatekeeper. It had to dictate what you could use the device for. And, it failed.

I have no problem abstracting the innards of the OS from the end-user. In fact, Microsoft and Apple do that every day with the Windows Explorer and the Finder. If the average Joe sticks to relatively benign software (iWork, Safari, Mail - for OS X), there is little chance of things going awry.

But, if you desire to dig deeper or even make your own stuff, you can. Gratis (kinda...as I've said, you do pay for the OS). With dozens of tools both provided by Apple and other entities.

I had a chance to show Jarrod - now 9 - Terminal.app on Sunday (we built his blog - Jarrod's Place). While we were setting up various elements, I showed him how I could do everything he was used to doing via dragging & clicking by typing. Seeing his eyes light up at the understanding of the power contained in there was really cool. He is a bit away from Unix command-line hacking (he still needs to practice typing :-), but he wouldn't be able to do that at all if I just handed him an iPad. He'd be a surfing, viewing, tapping, gesturing, average person. I'm glad he wants to be more, and I cannot wait to show him Audrey working tomorrow.

As I said to @hjon & @natevw, we are heading down a path where tinkering will be equated with terrorism and where the government, media conglomerates and companies like Apple, Microsoft and Google will be the gatekeepers into what we see, hear and experience. Given the economic hole the West got itself into, there is little other choice. We don't make anything but bits that fly across screens and those who deliver that content will have to find a way to bleed every dime out of us to keep making gobs of money. The only way to do that is control. What were you doing opening up that case? Trying to circumvent copyright restrictions? Oh, you want to watch that video? Not on that device...you might be able to copy it! You want to use that cool app? I'm afraid it will cost you $0.99. Oh, you want to make an app for that? Please hand over your developer fee and purchase this overpriced development workstation and make sure you don't do anything too crazy since we will be reviewing what you post (oh, wait...there's already a platform like that).

Focusing on the current fad for a moment, Apple - the gatekeeper - has deemed no Flash on their device (or, so it seems). What is really stopping them from ensuring your feature-rich web app designed for their mobile environment doesn't work so well (because it competes with an app you would normally have to pay for)? One answer will be "because you'll switch to the Android/Windows Mobile 7/etc device instead". And, when they begin the lock-in, or when all the carriers start getting miffed at all the upgrades they need to do that they start charging more for access or just restrict what you can do in general?

Be very wary about the technologies you embrace, whether it be iPads or iPhones or Blu-ray players (you know you are one update away from not being alb to play your movies any more, right?) or video screens with really scary connectivity options (you know DVI and HDMI connections can have HDCP enabled to prevent you from viewing content on unauthorized devices, right?).

Perhaps my paranoia is unfounded (I'm old and curmudgeony, so I get to be paranoid). In a way, I hope the iPad is a complete failure, if only to delay what I see as the inevitable. If I am right, you better start accumulating spare parts for the open and pseudo-open devices you want to keep working and using and make sure you keep a few linux/BSD distros on many media types. You never know when you are going to need them again.

Loading mentions Retweet

Why Do (I) People Hate Flash?

Nick Wangler (@SweetTea023) asked me why people hate Flash (no doubt referred to me by @Wygle or one of my Seattle cohorts). The answer is far more than 140 and has been answered posited and pondered by many more qualified than me. I will, however, endeavour to round out the corners of the various arguments against it and be as non-duplicative as possible.

Security

A very quick search on NVD shows 77 vulnerabilities for "Flash Player". Flash is an add-on for your browser; an expansion that you install (or have installed for you by an OS distribution or computer manufacturer) in addition to the base components. By default, that creates yet-another vector for attackers and even levels the playing field a bit for them since they can target multiple platforms and multiple browser configurations with roughly the same exploit. Believe me, Microsoft & Apple do not need any more help making their browsers or their systems more vulnerable to attack and we certainly do not need to give the malware writers more soft targets.

Flash is also one of the few items on my system (yes, I have it installed despite loathing it) where I actually need to hit an external site to configure it. If you've never been to one of those settings screens, they've been around in one form or another since ~2004. Even those settings could not stop a pretty nasty attack vector that Adobe had to close by removing functionality (that it should never had added in the first place).

From an enterprise perspective (the whole world does not revolve around home users), it is a royal pain to manage Flash versions across even a moderate large user-base, especially since Adobe has removed or munged functionality enough that some divisons or workgroups actually need to keep older versions installed. That means I have vulnerable target systems that I have to account for when I do a risk/threat profile. If such an institution is, say, a bank, that unpatched endpoint becomes one means for the "bad guys" to get to your data. (And, if you think that isn't likely, you have never been employed by a large financial institution).

Performance

Before I start this section I need to do a full disclosure: I am primarily an OS X user but have two Windows 7 boxes, a Windows 7 VM, a dedicated linux server at home, a linux VPS in Cali and countless linux VMs). I have to do that because - invariably - I will get the "you're just a whining Mac user" comment.

Flash browser performance - in general - sucks, just like Java applet performance - in general - sucks. This is primarily due to bad programming If Adobe (and before them, Macromedia) asks me to extend my browser, the least they could do would be to provide tools and a deployment process to ensure that inept programmers have to pass some sort of test before crashing my browsers (well, not Chrome, thanks to the process model Google uses, which I'll bet is due - in part - to Flash).

I know when Flash kicks in on a site because my fans start whirring, the CPU starts spiking and the batter starts draining much faster. Most Flash-heavy sites are even a dog on my Mini 9 with 2GB of RAM running Windows 7! And, forget about full-screen Flash video on linux. Adobe will swear it's not their problem, but they should have either not lowered the entry bar or figured out a way to truly optimize their code. They chose to make the plug-in and it not the responsibility of the OS builders to help them out.

Design

For those who have been around this Internet of ours for a while will understand the following: Flash is the modern equivalent of the <blink> tag and animated gifs. The minute I see Flash content (on a non-dedicated gaming site [kongregate/armor games] or non-dedicated movie site [hulu/youtube]), here's what goes through my head:

• "oh, another design crutch" (i.e. the developers were not talented enough to use cross-platform HTML, CSS, graphics creation & Javascript techniques)
• someone is attempting to sell me something

Not exactly two things I'd want associated with my site.

Granted, there are exceptions (I've seen some brilliant data visualizations in the New York Times and other sources), but in general, Flash == ugly and is there only in a pathetic attempt to grab my attention away from what I really want to see on a site (hence the continued growth of ClickToFlash usage by OS X Safari users).

Gatekeepers

While there may be some open source means of cranking out Flash, expensive Adobe tools are the primary means to develop these beasts and I am not fond of gatekeepers (I promise to not turn this into an iPad rant). In my infrequent programming ventures, I really shy away from closed frameworks because I do not want to be locked in. Until they made .NET a tad more open (e.g. the Mono project), this was the primary reason I stopped trying to make Windows software. While I consider myself a semi-proficient OS X developer, I loathe the fact my apps cannot run on any other platform (except the iPhone...and talk about gate-keeping!). At least Apple's tools are relatively free (I do pay for the OS, which is fine since I'm getting a much better experience than desktop linux). I can even make first-rate apps with relatively free (though a bit more expensive than Apple) Microsoft tools (SharpDevelop & IronPython).

While the majority of end-users do not care, I do and I refuse to learn Adobe's insidious incantations just to make bits fly about in a browser window. It's the same reason folks do not just make PDFs of their Word documents and put them up as web pages (and this is coming from someone who used to code PostScript by hand). Generally speaking, we want the freedom to express our creativity without lock-in which is one reason I'm really looking forward to ubiquitous implementation of HTML 5.

Concluding

It turns out I ranted a bit and did, in fact, re-hash some well-worn arguments. Just as it's applet, tag and animated counterparts, Flash had it's day and will - hopefully - be a fading memory as open standards start to become more rich and versatile. Until then, I will enjoy my Flash-placeholder-boxes in Safari and the blue Lego block of ambiguity on my iPhone.

Loading mentions Retweet

First Apple Patch Of The Year

Quick summary - it protects you from:

• Evil graphics (there always seems to be one of these in every patch from almost every OS maker)
• Evil printer queries
• Evil Flash (well, isn't all Flash evil?) - WARNING: this gives you version 10.0.42 of the plug-in
• The recently exposed flaw in SSL

Grab it via auto-update or from Apple's site

Loading mentions Retweet

Suppressing Stealth Google Updates On OS X

If you run Google Chrome or Google Gears on your Mac, Google has installed something that you may not be aware of. Deep within the confines of your system lies a property list named com.google.keystone.agent.plist, which is a configuration file for Apple's launchd subsystem that is a replacement for cron and is the foundation for most automatic program execution on your system. The purpose of this "launch agent" is to keep your Google kit updated. This is not a bad thing, but Google was a bit evil in that they did not ask your permission to put the file there, has not told you what it is doing (and when) and has not given you the option to bend it to your will. This is the default configuration for it:

That window shot indicates that every 3523 seconds (StartInterval), launchd will execute the program listed in Item 0. That means, that every hour or so, Google will phone home, download and mount a disk image and check to see if you are running the latest and greatest versions of their code. You can see some of this if are running Growl and have HardwareGrowler configured.

You can also watch the network traffic with WireShark.

I really do not like applications doing things without my control and I also really dislike Google executing this every hour, especially since it means that it will execute almost every time I wake my MacBook Pro from sleep (a side effect from StartInterval launchd behaviour). I heartily recommend deleting it from your LaunchAgents folder (full path: /Library/LaunchAgents/com.google.keystone.agent.plist). But, never running this program means you may miss critical security updates from Google (unless you are vigilant and always watching for their updates). You can do the updating by hand if you head into Terminal.app and wind your way down to the path in Item 0 and execute:

However, that is a bit much to ask the average Mac user to go through. I have bundled the appropriate commands into an Automator app which can be grabbed from my Dropbox. Download that file, unzip it (if your system did not unzip it for you) and you have an app you can run at-will to ensure you keep up with our Evil Overlords at Google.

Loading mentions Retweet

Twitter's Blue Bird Has a New Friend Down Under: Kiwi Twitter Client For OS X

YourHead software released Kiwi, a new Twitter client for OS X. It has all the expected Twitter functionality, including the support for multiple accounts. It uses the new Twitter re-tweet API (vs "RT" or "(via)") with no option for switching to the old school format. You can search right from the timeline window, and it was not obvious on how you save searches between app reloads. Kiwi has two built-in URL shortening services and also ties in to three image upload services, both non-customizable with your own favorite sites.

Kiwi does have a great theme API and a good set of core themes. The two bread-and-butter features, though, are account groups and rules. Account groups let you create mashups by construct your own groups of users and merging many accounts into one timeline. This feature would be even better with support for Twitter Lists.

Rules are nothing more than a filtering engine that lets you hide, color, mark or theme tweets matching given text or regular expressions, but that can really help you focus on certain topics or ignore conference twitterings.

It's a solid app with some more subtle feature that have not mentioned and is really what Twitterrific should have morphed into by now. At $15 USD, it may not garner a huge user-base as there are many free alternatives with richer feature sets, though not native to OS X. With Adobe's new AIR framework being released in early 2010, those of us who have been die-hard AIR-detractors may just be willing to give AIR apps a try again, which adds significantly more free and entrenched competition to Kiwi. If YourHead adds support for Twitter Lists, gives in to Growl (the developer does not like Growl) and reduces the price to $10 USD, I think they have a real winner.

Loading mentions Retweet

2010 : Year of the iPhone Dock Port?

A recent post on Engadget jarred some neurons loose and made me wonder: will 2010 finally be the year developers and manufacturers take advantage of the iPhone & iPod Touch dock port? The new 3.0 SDK makes it easier to work with the port and our Apple overlords even whetted our appetites with the promise of pre-Borg-like interfaces being in the works.  But, to-date, I have not seen any real products that use the new dock port programming & interfacing capabilities. Sure, the regulars are still there if you want to connect the devices to your car or home stereos, but where are the ODB-II diagnostic apps? The Rev does not count since it does not use the dock port. Where are the cycling app/device combos that work like the Garmin Edge? CycleMeter also doesn't count as it took a similar approach to Square , utilizing the 3.5mm audio jack and SMHEART LINK took the Rev approach. Even Nike took the easy way out, building some enhanced app support around built-in Nike+ hardware.

Are non-audio manufacturers afraid to marry themselves to a proprietary connector or has 2009 been too unstable of an economic climate to invest in anything beyond application development? We've already seen a highly utilitarian example, from Apple itself, on how such hardware interfaces can trump existing solutions (though Apple has not announced any plans to extend the footprint of their iPod Touch handheld POS/scanning system outside of their Apple Stores).

Personally, I would like to see an RF interface that can make the iPhone a universal garage door opener (yes, you can kinda do that now if you have an X10 setup that is a bit more complex than most consumers want to deal with). I would also be the first in line for a connector that did interface with the same Garmin cycling & running gear that I have. Perhaps audio and lighting board manufacturers would consider creating a system where your presets can be controlled from an app/hardware combo (which you could then take to any other compatible rig).

There are countless possibilities, but what has been holding this market segment back? Will kit makers finally bring us these more intimate interfaces in 2010?

What gear would you like to see hooked up to your i-devices?

Loading mentions Retweet