MacBook, defective by design banner

title:
Put the knife down and take a green herb, dude.


descrip:
One feller's views on the state of everyday computer science & its application (and now, OTHER STUFF) who isn't rich enough to shell out for www.myfreakinfirst-andlast-name.com



FOR ENTERTAINMENT PURPOSES ONLY!!! Back-up your data and always wear white.
URLs I want to remember:
* Atari 2600 programming on your Mac
* joel on software (tip pt)
* Professional links: resume, github, paltry StackOverflow * Regular Expression Introduction (copy)
* The hex editor whose name I forget
* JSONLint to pretty-ify JSON
* Using CommonDialog in VB 6 * Free zip utils
* that hardware vendor review site I forget about is here * Javascript 1.5 ref
* Read the bits about the zone * Find column in sql server db by name
* Giant ASCII Textifier in Stick Figures (in Ivrit) * Quick intro to Javascript
* Don't [over-]sweat "micro-optimization" * Parsing str's in VB6
* .ToString("yyyy-MM-dd HH:mm:ss.fff", CultureInfo.InvariantCulture); (src) * Break on a Lenovo T430: Fn+Alt+B
email if ya gotta, RSS if ya wanna RSS, ¢ if you're keypadless
 
 
Tuesday, July 21, 2015

Jeep owners urged to update their cars after hackers take remote control | Technology | The Guardian:

A security hole in FCA’s Uconnect internet-enabled software allows hackers to remotely access the car’s systems and take control. Unlike some other cyberattacks on cars where only the entertainment system is vulnerable, the Uconnect hack affects driving systems from the GPS and windscreen wipers to the steering, brakes and engine control.
...
The hack was demonstrated by Charlie Miller and Chris Valasek, two security researchers who previous demonstrated attacks on a Toyota Prius and a Ford Escape. Using a laptop and a mobile phone on the Sprint network, they took control of a Jeep Cherokee while Wired reporter Andy Greenberg was driving, demonstrating their ability to control it and eventually forcing it into a ditch.

Unlike the majority of hacking attempts on cars, the vulnerability within the Uconnect system allows cybercriminals to take control of the car remotely, without the need to make physical contact with the car.


I'm not sure why this is so complicated. The Internet is not the only network on Earth. Please, only put things on the net you don't mind someone else viewing. Have one PC with all your scanned docs and tax returns that you keep off of the Internet at all times. OMB... here's a note: Don't store gov't employees' info on machines networked to the Internet. Jeep: Don't share networks for systems that include live driving on cars that can network with the 'net.

The Internet is very convenient. That doesn't make its use intelligent. Erecting barriers to entry is often good, folks.

I'm predicting a huge increase in private, alternate networks in the next 15 years. And I'm also predicting that people will still stupidly connect them to the conventional Internet at the new networks' edges, rendering the disconnectedness accidentally moot.

Labels: , , ,


posted by ruffin at 7/21/2015 05:43:00 PM
0 comments
 
Sunday, July 19, 2015

Appbot's blog has some neat information on it, but I'm not always sure they pay their raw data enough careful attention when showing ways you could usefully use it.

Take the most recent post, Feeling the love: Sentiment in the Top 10 Free vs Paid Apps:

There are 7.5x as many reviews about bugs for the top 10 free apps as there are for the top 10 paid. Interestingly, given that there were 8.7x as many reviews overall for free apps, this actually means that bugs are reported proportionately less often for free apps than paid.

Would be nice if they normalized that in the image. It's nearly useless now, as it just shows total numbers. There's no real eyeballing possible.

For the top 10 paid apps only 17% of reviews about updates are positive, compared with a massive 93% for the top 10 free apps! If you have a paid app, it seems your risk of upsetting customers with an update is significantly greater than with free apps, where updates
seem to be very well received.

This one scares me a bit more -- just because the word "update" is in the review doesn't mean (though I'm not sure it isn't usually a safe assumption) the review is speaking about an update that was just released. It could very well -- and this was my first assumption for paid -- be complaining that there hasn't been a recent update to add more functionality. I can't tell how well they're checking review content before categorizing it. If it's just the word popping up, the processing here isn't worth much.

A later comment plays into a similar line of thought as mine:

The only difference in the top 5 topics was for the third most popular with "feature requests" coming in third for paid and "performance" in third place for free. Paid users seem more inclined to proactively ask for things – and rightly so :) Reviews for the performance topic tend to focus around speed, load times, buffering issues, and so forth. Perhaps this is a greater issue for these top 10 free apps simply because of the huge scale they operate at.

Ultimately, the conclusions Appbots makes from the data are pretty, well, disappointingly qualitative:

If you look at the data for individual apps you'll find that getting your user sentiment up to the level we see in the top 10 paid apps requires a bespoke approach for your app specifically. It's not enough to just throw money at, for example, design and UX because we can see that it's important at a high level. You need to know what improvements your users are asking for and what criticisms they have about your design and UX, in detail, then nail each point.

This, you didn't have to pay to know.


And finally...

highlighted that the app is the best of it's kind,

Pet peeve: Why can't we either give up on using "its" or use it correctly?

Also, a quick, random annoyance: Why can't I set up Touch ID as my password for iTunes purchases, etc without having to set up a lock code? It's not like it's more secure to have to hit my Touch ID once to unlock the phone and then again to authorize a store purchase. I don't like to have my iPhone locked, and I don't like typing my Apple ID password in the "open" to authorize something. Would be nice to leverage the Touch ID there.

Labels: , ,


posted by ruffin at 7/19/2015 05:31:00 PM
0 comments
 
Saturday, July 11, 2015

I was kind of staying away from the Brent Simmons Love post. But let's do a quote, and add two comments.

Yes, there are strategies for making a living, and nobody’s entitled to anything. But it’s also true that the economics of a thing may be generally favorable or generally unfavorable — and the iOS App Store is, to understate the case, generally unfavorable. Indies don’t have a fighting chance.
...
You the indie developer could become the next Flexibits. Could. But almost certainly not. Okay — not.

1. Bugs me that a guy who's actually allowed to make mad cash on apps, due, in part, to what folks were controversially calling The Marco Effect for a while (that is, you're so connected to Mac media and the free* advertising it provides that you really can't help but be more successful than Ground Zero Joe) is raining on the parade so fiercely. I know he tries to pull a Pandora and ends up with hope, but Simmon's post is shamefully pessimistic.

Show me the field where independents are so much more successful with so much less absolute failure, and I'll accept your pessimism. I bet software dev is about as successful as restauranteurs, if you factor in the barriers to entry. (That is, you have to save $100k before you can fail at a restaurant. You just need a laptop to fail at programming. So there are many more doers than absolute dreamers in development...)

2. Simmons did a much better job properly framing the same sentiment when he compared indies to the village toymaker. You don't have to build Vesper (and, on some level, I don't think he believes so either) to be a toymaker.



* Let me make clear that "free advertising" isn't quite the right word. These two guys, Arment and Simmons, have built up huge following, and that's their work paying off. You don't begrudge LeBron for selling shoes. It'd be idiotic to feel leveraging an asset -- popularity -- was underhanded or unfair. Vesper and Overcast are good apps. It's tough to know that there are similarly good apps out there that most of us will never hear about, and that if you build a good app without building Mac clique cred that you won't have the same success they have, but it's not wrong for them to take advantage of their face time.

Labels: ,


posted by ruffin at 7/11/2015 07:24:00 AM
0 comments
 
Friday, July 10, 2015

Here's what I don't get about these PII leaks from the government: You don't have to use the Internet. Is it really that tough to lay down some new cable? Why do we only have one large network in the States? Why can't they just take the danged servers off of the internet? If you want information to be safe, you don't put it on a network where everyone has access. There is no perfectly safe firewall, no perfectly safe security system other than not plugging it in. Blows my mind. Was this stuff even encrypted?

Labels: , ,


posted by ruffin at 7/10/2015 10:26:00 PM
0 comments
 
Thursday, July 02, 2015

TIL there's a "conflict of interest" "behavioral guideline" at Wikipedia. Seems this would be easy to misuse, but it would've been useful when I tried to make the entry for the Midwest Book Review a little more informative, a site that I'm suspicious sells positive Amazon reviews, back when I stumbled over them in 2010.

Fwiw, I'd found an insanely positive review for a book I was considering buying, and the review didn't seem to include the sorts of specifics someone who'd really read the book would've used. I looked over the Midwest Book Review's history, and -- I'm doing this on memory; could be off a little -- the reviews were all very high, with the gross majority 5's. Turned out they took review solicitations.

There was a dude who wouldn't quit editing out some flavor of the following passage:

Jordan Lapp, an author, asked Mr. Cox [Midwest Book Review's Editor in Chief] why Mr. Cox felt that Amazon's rating system was flawed, and why "all of the books [Midwest Book Review] rate merit a 5 star rating." Mr. Cox answered by saying, "So I instructed our webmaster (who does all the posting for reviews generated 'in-house' by the Midwest Book Review editorial staff) to use 5 if the book was given a positive recommendation." Mr. Cox continued by explaining that, "for a book to make it all the way through the Midwest Book Review process... it merited the highest recommendation available under the Amazon rating system. Inferior books, flawed books, substandard books are assumed to have been weeded out and never made it to the 'finish line' of publication in one of our book review magazines."

They do realize those less than 5 star "reviews" would be just as more useful than the ones they let out, right? That is, I'm going out on a limb and say that those sub-5 reviews don't exist. Or at least the "in-house" team isn't paid for writing them.

Reminds you of the Seinfeld episode about car reservations, doesn't it?

"We know why we have the reviews."

"I don't think you do. If you did, I'd have a clue about the book. See, you know how to write the review, you just don't know how to put critique in there. And that's really the most important part of the review. The reading and critiquing. Anybody can just write them..."

Sure, that's my take on the quote, but do note I didn't include anything from Seinfeld in my Wikipedia edit. You're welcome to make your own conclusions. ;^)

And the controversial source for this potentially damning material from Mr. Cox? The Midwest Book Review's website. The page with that quote is still there.

Anyhow, I think once you googled Cirt, the anti-editor who kept taking out my changes, enough, you found a connection. If true, this flag would've really helped.

sigh I've probably detailed that here before. The strange thing to me is how much of what's on Wikipedia can be control by those with the most endurance for making edits. Not exactly a merit-based environment at its edges (core?).

Of course what's most interesting is that it'd be possible to algorithmically track places where folks used this tool to influence Wikipedia's contents, and see if there are any obvious categories of COI usages.

Labels: , , ,


posted by ruffin at 7/02/2015 10:20:00 AM
0 comments
 
Wednesday, July 01, 2015

As evidenced by the last post, I've been boning up on my JSP & Java Servlet skillz this week as we prepare to migrate an app I prototyped in Node over to a WebLogic host, its eventual home.

I thought it'd be safe to develop against Tomcat, but wasn't absolutely sure, so I started googling around a little. So far, so good. Looks like vanilla Tomcat has, at worst, a subset of the features of every other major servlet container.

One of the most promising articles by title, WebSphere vs. JBoss vs. WebLogic vs. Tomcat – presentation from the InterConnect 2015 (it's got everything! All the major servlet containers! It's from this year!) turned out to be a painful foray into marketing-by-blog from IBM, but there was one bonus, the slide (which is now above, but will later be) below:

So 90% of TOC for a software system isn't licensing. That's probably true to no-worse-than-trueish.

An interesting exercise, however, would be to put numbers -- okay, okay, first you have to recategorize ("Developer, admin and end-user training cost" falls in the same category? RLY? etc) -- beside each of the other categories.

Though it's worth saying that a 9% savings is significant any way you look at it, especially for garage-companies where developer and admin cost is paid in elbow grease.

Labels: ,


posted by ruffin at 7/01/2015 01:57:00 PM
0 comments
 
Tuesday, June 30, 2015

Well, all I needed to get *up and running* on JSP and Servlets (current project might be switching stacks) is here. Very good video package so far. Very basic, but thorough, which makes remembering all this stuff that I haven't used in probably 10-11 years pretty simple.

It's all different dialects of the same language, but it's useful to have a primer before changing regions.

I just heard someone on a Mac podcast complain about an irrational hate of Java. I don't get it. Java is a good language, other than the ivory tower syndrome that infests many of its stock objects. There's a reason Microsoft stole a lot from Java when they put together C#, to the point that I'm happy working in either for faceless code. Maybe Objective-C users are prone to another syndrome, Stockholm.

Labels: ,


posted by ruffin at 6/30/2015 11:39:00 AM
0 comments

From CNet:

Also working in Apple's favor: iPhone owners already use Siri for other simple tasks. About 42 percent of iPhone owners turn to Siri at least once a month, according to ComScore.

Is it just me, or is that number waaaay under where you would've expected it'd be?

I try to tell folks to use Siri for directions, which it's pretty good at providing, and which seems to, surprisingly, be a difficult thing for folks to do on their own "by hand". I can almost get it to text for me too, especially when I'm plugged in in the car. "Hey, Siri. Text [pseudo Siri-phonetic pronounciation] blah blah some message blah."

But half of iPhone users not even playing with Siri once a month? That seems like a fail. I wonder how many iPhone users in that survey still have iPhones that can't use Siri. It can't be many. Forty-two percent, though a famous number, here is a real fail.

That said, the point of the CNet piece -- that Siri will be AppleMusic's differentiator -- is interesting. Their example "play the top 10 alternative songs now" is actually pretty compelling. It's Pandora stations with potentially static, user-defined rules on demand. That's pretty cool. Of course, see why I think Apple's (naturally?) moving to streaming music to keep your grain of salt handy.

Labels: , , ,


posted by ruffin at 6/30/2015 10:16:00 AM
0 comments

Support freedom
All posts can be accessed here:


Just the last year o' posts:



Powered by Blogger furthurnet.org Curmudgeon Gamer badge