LiMux, a project to convert local government institutions to Linux and open source software in Munich, has exceeded initial expectations. The project has done slightly better than projections of 8,500 and now boasts 9,000 Linux migrated workstations.
Being the geeks we are here in scriptingland, we all love weird tech, right?
Well, kindly allow me to blow your mind, courtesy of Nokia.
They've recently released materials describing new concepts they're exploring for radical new phone designs, but rather than recap them here this video communicates much more effectively than any words can describe:
Intel Mac plans predated Jobs' return Sat, Nov 12, 2011 7:28 AM
A panel discussion titled "Steve Jobs: A Legacy of Vision and Leadership" hosted by The Churchill Club this week had many interesting insights into Steve Jobs' legacy.
But as The Mac Observer notes, perhaps the most interesting was that Apple's plans to switch from Motoral to Intel predated Jobs' return in 1996. In fact, this desire to move to Intel was one of the reasons Apple acquired Jobs' NeXT.
Forbes provides this quote from Larry Tesler during the session:
"It was actually one of the reasons that the company decided to acquire NeXT... We had actually tried a few years before to port the MacOS to Intel, but there was so much machine code still there, that to make it be able to run both, it was just really really hard. And so a number of the senior engineers and I got together and we recommended that first we modernize the operating system, and then we try to get it to run on Intel, initially by developing our own in-house operating system which turned out to be one of these projects that just grew and grew and never finished. And when we realized that wouldn't work we realized we had to acquire an operating system, either BeOS or Next, and one of the plusses was once we had that we could have the option of making an intel machine."
With Steve Jobs' passing this blog became stale. It seemed too important to post anything else, but in all honesty I have to admit I have nothing to contribute here in these modest pages that hasn't been said much better a thousand times around the Web.
As with nearly any issue, there are many ways to present the data. Here's another view of the same report:
Malware becomes the measure of success in smartphone market
Android takes the lead with disappointingly small number of threats, as iOS struggles with none (From IT World)
In spite of the potential risk from such threats, the actual number of people affected by them is rather low.
This should not be surprising to Mac users, since Android is inherently far more secure than is possible with OS X, which also has few affected people in spite of having been labeled "the most dangerous OS":
With Android, the risks made possible by an app's use of APIs is presented to the user before install, so the user can make an informed decision based on the app's capabilities.
In contrast, there's no way to know what any Mac app will do once you launch it on your machine. Heck, even spoofing the authentication dialog in OS X is so trivial any LiveCode newbie could replicate it in minutes.
For all the useful info in the report, that iOS was said to have zero threats raises questions of the report's thoroughness.
This was not the first iOS security flaw discovered.
In fact, just last year we learned that simply visiting a malicious web site with an iPhone triggered a non-trivial security breach:
iPhone SMS database hacked in 20 seconds, news at 11 ... This week, a pair of gentlemen lured an unsuspecting virgin iPhone to a malicious website and -- with no other input from the user -- stole the phone's entire database of sent, received and even deleted text messages in under 20 seconds, boasting that they could easily lift personal contacts, emails and your naughty, naughty photos as well. (From Engadget)
It would be naive to assume that risks to iOS, or any OS, will magically abate.
Those who follow security issues will recall the results from this year's Pwn2Own in March:
Firefox, Chrome, Android and Windows Mobile 7 all remained unpwned.
Apparently, even the most recent version of Safari, 5.0.4, released just a day before the competition, is still vulnerable to the attack.
On the other hand, the most recent iOS upgrade for the iPhone, iOS 4.3, heads off the exploit used at pwn2own. That's good news for iPhone 4 and 3GS users, who can upgrade, but bad news for earlier Apple devices, which can't be upgraded. (From Naked Security)
(Does that last line sound like - gasp! - the "f" word, "fragmentation"?)
True, by eliminating all possible means of obtaining software for your device other than the ones Apple ostensibly reviews, iOS is no doubt somewhat safer than any more open alternative.
But on balance, market share may play a role in this as well:
Right now more people choose Android than all other mobile platforms combined, nearly twice as many as choose iOS (52% and 29% respectively).
Many factors come into play in making a sound assessment of risk, and fostering a naive "What, meworry?" approach to security does no service to the users of any platform.
Software is complex stuff, and there will alway be new zero-day exploits waiting to be discovered in any OS.
McAfee's report was useful in reminding ALL of us of the risks of using any device connected to the Internet.
Thinking about inventive users and open source software...
When I first read about the Open Source movement, I though that it was a group of developers that wanted to create software in the same way that an artist creates his work:
A lasting work of art that trascend time because of his many outstanding and unique qualities...
Hmmm, looks like I was wrong in my first impression about Open source, but just in case:
Could anyone show me these outstanding artistic qualities in Open Source software?
Artistry takes many forms, some more subtle than others. The HTML5 site built for the OK Go Chrome app may be a good example: while the site itself was funded by a corporate record label to promote proprietary IP (OK Go's excellent music), the underlying technology that makes it happen is largely based on FOSS works, such as WebKit.
FOSS contributors bring many things to the table, but perhaps one of the greatest is also the most subtle: quality control. As Linus' Law states, "given enough eyeballs, all bugs are shallow".
But there's even more to it than that, and I'm not sure if I can describe it but that won't stop me from trying.
It's a whole different type of community.
Software development in general fosters sharing. Indeed that was one of the impressive features of this vocation that compelled me to drop out of film school to devote my time to software. I was impressed by being able to take a printout of my lame C source to my local game dev meeting and some of the best game devs in LA would patiently pass it around and mark it up for me, showing me the good parts and the areas where it could be improved. One of them even grabbed a ream of printouts from his office showing some sprite-handling techniques he thought might be helpful and handed the pages to me, pointing out the good parts worth studying. Ah, those were the days. One of the best moments of those early days was when one of the most published devs at the meeting looked at my source and said, "Hmmm...good use of function pointers." :) (Coming from a language that uses "do" and "value" liberally, function pointers didn't seem at all exotic to me .)
FOSS takes this spirit of sharing to a whole other level. Completely unencumbered by DRM, everything not only can be shared freely, but such sharing is actively encouraged. As traditional software development has grown only more and more proprietary, the FOSS world keeps the spirit of sharing alive for our industry.
I attend a variety of local FOSS meetings locally partly because I use the technology but mostly because I enjoy the people such meetings attract. I rarely use Drupal, but I love going to my local Drupal meetings because the people are so cool, so full of enthusiasm and generosity and so many other traits that are just make for really pleasant conversation. Attending this year's SoCal Linux Expo was like one big party for me, chock full o' generous people helping each other solve problems and discover new things together to a degree that I'd never experienced before.
But where this sense of community translates into tangible works is more subtle, and in ways that are focused by the interests of the personalities involved.
Open source software is made by programmers, and while a good many FOSS devs working on larger projects like Mozilla Foundation, Gnome.org, and others are paid (some 3/4 of the contributors to the Linux kernel are salaried), most open source devs are volunteers who contribute to scratch an itch: they want some software, so they sit down and make it.
Since the developers knows what they want the software to do, documentation is often a weak link in software experience. Some larger projects, like Ubuntu, have attracted sizable teams of volunteers to write extensive docs, but other projects have relatively few tech writers even when they have plenty of programmers, so you'll see things like the marvelous Blender, an astoundingly capable 3D program that's as feature-rich as some of the best in the business, but can be hard to get started with because the documentation isn't as strong as the software itself (though Blender may not be the best example, because it's gotten enough attention in recent years that these days it's not hard for newcomers to find good tutorials).
And because open source programmers are programmers, many of the apps they write may be a bit "geeky" compared to proprietary works that have to appeal to the broadest possible audience to be viable.
The skill set of a programmer capable of writing something like HyperCard is will very rarely motivate such a programmer to actually make something like HyperCard; they're already comfortable with C, so why not put that time into a library that makes their C work that much easier?
PythonCard may be a good example. Python is a wonderful language, and the idea of providing a card-metaphor framework for it is a powerful one. But Python isn't HyperTalk, so grafting an HC-like paradigm onto an OOP system is both challenging and in some ways limiting, and for all the longevity of PythonCard the project hasn't grown much in recent years.
Python itself has grown a lot, though. The range of libraries available for it make it as easy for someone proficient in Python to crank out stuff almost as easily as LiveCode in many respects, but using very Python-specific ways to accomplish those goals, ways that would seem foreign to a native Xtalker.
If we were to look for examples of artitry in open source, I'd think we'd want to look at both the small and the large scale.
On the small scale is the work itself, the many thousands of FOSS apps that help people every day, from browser to email clients to office suites to drawing and painting programs and more. And we could look at what the development community has learned from FOSS project and their advocacy of such things as Agile methodologies, which have benefitted the industry as a whole.
On the large scale we could look at the social impact of FOSS. While the GNU licenses have created a foundation for a great many software projects, they've also influenced other areas of human activity.
For example, a growing body of artworks both visual and literary are being distributed under the Creative Commons licenses.
One could even argue that the open source movement has made a positive contribution to the growth of the microfinance industry by encouraging and validating fresh thinking about such business fundamentals as value, ROI, and the nearly infinite variety of ways that worthwhile projects can be funded.
The artistry of open source may be subtle, but it's pervasive.
25 Most Dangerous Software Errors Mon, Jul 11, 2011 8:10 AM
As more of us LiveCoders build web apps and net-savvy standalones, security in client-server setups becomes an ever more important part of our daily work.
While the LiveCode engine is almost completely immuine to buffer overruns, one of the key forms of exposure, keep in mind that our apps don't live in a vacuum. Modern client-server apps often integrate with MySQL, PHP, Apache, and other components, each of which has their own exposures.
And even within LiveCode itself, no matter how solid the engine is there are plenty of ways we can shoot ourselves in the foot, such as accepting arguments to RevServer or our CGIs which are processed with the "do" command.
Think about that one: it may be tempting to write an open-ended system that lets you control the engine remotely with such convenience, but processing any arguments with the "do" command or the"value" function are just an invitation for outsiders to control your server.
Then there are things like storing passwords unencrypted, which is especially troubling for user-defined passwords since most folks use only a few passwords for all of their accounts. Sure, it might be nice to be able to send the user their password if they forgot it rather than having to reset it, but think about the cost of that convenience: it would be a serious drag if the humble game you put together was hacked and the perp was able to use some of the passwords stored there to gain access to your users' bank accounts. Rememer, just because strong passwords are a smart thing to do doesn't mean everyone uses them; the average IQ is only 100.
There are a great many other considerations, but rather than attempt to list them myself we can rely on security specialists - this recent report at the CWE site provides valuable insight and reminders of best practices for data security:
As much as I enjoy Ubuntu, it's not often that I find something in its design that I feel is truly better than its OS X counterpart. While the benefits of community process are well demonstrated for engineering, there's an argument that design and engineering processes are inherently different enough that what works for one doesn't always work as well for the other. An old blog post from Ubuntu developer Matthew Paul Thomas seems to acknowledge this.
But as with much of life, sometimes the unexpected happens.
With Windows 8, Mac OS X Lion, and Ubuntu Unity, there's an effort across the board to simplify the presentation of the user interface, removing any unnecessary clutter to bring the user ever closer to their data.
While I believe each of these OS makeovers delivers many exciting benefits, and look forward to exploring those more here in the coming weeks, for now let's focus on just one small detail: the scrollbar.
Scrollbars serve two goals:
1. They allow the user to move among content too large to fit within the screen.
2. They provide a visual indication of where the user is in the content and how much content remains out of view.
This screenshot of the "old school" (pre-Lion) OS X scrollbars shows both of the benefits well supported:
Both OS X Lion and Ubuntu Unity serve the first goal well: When you use the trackpad to scroll or move the mouse pointer over the right edge of a scolling region, the scrollbar appears and it can be grabbed to use it like old-school scrollbars.
Here's a shot from Apple's site showing their scrollbar's drag bar when activated:
But with the second goal we have very different behaviors between Unity and Lion.
With Unity, there's a persistent slender indicator line that provides at-a-glance feedback about the current scroll position and total amount of scrolling content, as users have come to rely on.
This set of screenshots from Mariano Calixte's blog shows that this indicator line is even present in inactive windows, just grayed as with older scrollbar designs:
I was unable to find a really good video focusing just on Lion's scrollbars, but check out this video I linked to above and note how the scrollbars in Lion completely disappear whenever they're not actively in use:
This video shows Unity's implementation, with always-present visual feedback:
Obviously, Apple's a very smart company and no doubt has what they feel are good justifications for removing this visual feedback from the experience.
But like any company, Apple isn't perfect, and as we've seen with the demise of the hockey puck mouse and OS X's earlier loud pinstripe motif, when they make a decision that's suboptimal they're willing to change.
Given Apple's willingness to evolve in smart directions, I'll go out on a limb here and predict that Apple will eventually adopt a visual feedback element similar to Ubuntu's, probably by OS X 10.7.2.
Okay, the last post was far more ambitious than the expo actually allowed. The original aim was to post periodically during the conference, but the reality is that it was so fast-paced and deeply involving that blogging just wasn't possible. So it goes.
Met some new friends there, including some who want to start an Ubuntu Hour in Pasadena with me, and a bright gentleman from San Diego who works on the Kubuntu project.
And boy did I learn a lot, from scripting GIMP to tunnelling SSH and more. With six simultaneous tracks the hard part was having to pick only one at a time.
On the exhibits floor I finally had a chance to put my hands on one of the Ubuntu-powered laptops from ZaReason. The Verix 1656 felt rock solid in my hands yet amazingly light for its high-res screen, and the good keyboard and excellent NVidia card make it a contender for my next laptop.
All in all a truly great first SCaLE for me, one of the best conferences I've been to in a long time. Definitely going back next year....
Yesterday's UbuCon pre-expo mini-conference was really great - got to meet some Canonical employees working on Unity and other projects, and met a lot of enthusiastic users of Ubuntu, Fedora, Debian, and the rest, including David Wonderly who works on the Kubuntu team.
Today the expo proper begins, and it looks great so far. The exhibitors are still setting up for the 10AM opening, and they fill two large ballrooms here at the LA Hilton. All in all, this is perhaps a bit bigger than regional Mac conferences I've been too, maybe close to twice as large.
SCaLE 9x is running SIX simultaneous tracks this year. With so much to choose from it's not always an easy choice to make.
Fresh Thinking: Tab Candy Tue, Feb 15, 2011 2:20 PM
Just when we could begin thinking that everything we might want to see in a software category has been done, something comes along that completely changes the game.
With web browsers, there are so many and they're all so much alike it's been tempting to stop thinking about them altogether, and indeed many have, focusing instead on what goes on inside the browser, like Google Apps, rather than asking any big questions about what the browser itself could be.
As Linux adoption continutes to grow, one of the biggest players in the field hit a very major milestone - from Forbes:
Red Hat At $1 Billion
Based on the run rates of the current quarter, Red Hat will likely reach $1 billion in annual revenue in 2011. Only a handful of companies, probably less than 20 software firms, have ever hit this milestone. Red Hat will be the first open source-focused company to break the billion dollar barrier.
It all just leaves me wondering if this is what we'll see in Lion when we click to download an installer package or DMG from any of the Mac software vendor sites we enjoy today:
This morning they issues a press release that finally allows developers to make their own choices about the languages they use to program apps for iOS:
He attributes the growth to a change in buying habits: at first netbooks were seen as a second computer, but are increasingly being purchased as a primary device.
Intel's Atom processor for netbooks represented 20 percent of Intel's mobile PC processor shipments during the first quarter of 2010, according to an IDC study released last month. iSuppli last week said netbook shipments are projected to be 34.5 million units in 2010, up 30 percent from 2009. Total PC shipments are expected to be about 209.5 million units this year, an increase of 25.5 percent year-over-year.
These stats may surprise some who've been following the Morgan Stanley report suggesting that Apple's iPad has reduced interest in netbooks. But a closer look at that report reveals that the iPad's effect isn't limited to netbooks but affects a broad range of devices, even cannibalizing sales of Apple's own iPhone Touch and notebooks.
The reality of netbook success even with the advent of the iPad isn't surprising to those who've read the iPad's system requirements, which note that a Mac or PC is required to make full use of the iPad.
So what does this mean for Rev developers?
Over the years we've become accustomed to thinking of screen size as getting ever larger, and many software developers have begun to feel very confident that we could target 1024x768 as a minimum screen size to design for.
But netbooks are here and they're here to stay, so to capitalize on that growing segment it makes sense to make your layouts resizable, with a minimum useful screen size matching the netbook's WSVGA, 1024x600.
I've been reworing most of the apps I manage to make sure they work well with the shorter screens, and since the difference is only 168 pixels vertically it hasn't been too bad.
Resizable windows are the easiest of course, but we've had a few dialogs that were taller than 580 pixels (the screen size minus the Windows task bar or Ubuntu menu panel), and some of those required adjustments to work well.
But overall the process of ensuring that our software works well on netbooks has been pretty straightforward, and it's given me a good excuse to spend even more time with Ubuntu so I'm not complaining. :)
"I think it's a mistake for Apple to miss such an easy opportunity to acknowledge Mac developers," says Red Sweater Software proprietor Daniel Jalkut. "While the iPhone and iPad are understandably hot right now, the Mac is still a huge part of Apple's business, and Mac developers are important in sustaining that."
Rogue Amoeba CEO Paul Kafasis agrees. "Ultimately, I find these moves disappointing. Having an iPhone slant at WWDC is one thing, but completely cutting the Mac out of the ADAs? That feels like a snub to plenty of Mac developers who continue to do great work on a well-established, popular platform."
