Technical

Apple Adopts Cold War Tactics

January 19, 2012

Apple’s recent announcement that it joined the Fair Labor Association is good news for the effort to promote humane labor standards. As a cynical and tactical effort, though, I think it’s comparable to the US military buildup during the Cold War which contributed to the collapse of the Soviet Union. Apple is the only consumer electronics manufacturer with anything other than razor thin margins. Most manufacturers subsist on single-digit margins and squeak by on volume and struggles for efficiency. Apple, thanks to Tim Cook, is incredibly efficient, and their ability to focus on a small number of products and premium [...]

Read more →

SOPA and Lost Sales

January 16, 2012

A lost sale is customer demand that can’t be filled. SOPA, and most discussions of digital piracy, treat every illegitimate download as a lost sale. I’m not pro-pirate, but that understanding of lost sales is a bad reading of the issue. Tim O’Reilly nailed the problem in a recent Google+ post: The lack of clear evidence in economic harm due to electronic piracy. There’s plenty of emotional baggage evidence in the form of “he’s watching my show/reading my book/playing my game and never paid for it.” This is absolutely true, absolutely unfortunate, and absolutely indicative of bad action on the [...]

Read more →

Please Just Stop – It’s Probably Not Exponential

December 23, 2011

The end of the year brings a flood of lists purporting to sum up the the year we’re leaving or to make bold predictions about the year to come. Far too many of them predict exponential growth of something. I understand that, to most people, “exponential growth” is really just an expression which loosely translates to “really freaking fast”, but come on. It’s math. Being cavalier with math never pays off in the long run. So, I have produced a handy guide to growth rate taxonomy. Linear Growth Linear growth occurs at a constant interval. If it went up by one [...]

Read more →

A Tale of Two Pirates

July 9, 2011

Piracy on the internet is nothing new. With the rise in indie publishing, though, a lot of individuals and small businesses are running into what big publishers have known for a long time: Content piracy is easy and preventing it is hard. I don’t intend to talk about the ethics or effects of piracy. Instead, I want to distinguish between two types of content theft and their different goals. When most casual observers think of piracy, they think of people sharing files via downloads, torrents, or peer-to-peer networks. This is traditional piracy. The person sharing the content knows that sharing [...]

Read more →

Security, Dropbox and the Illusion of Control

June 22, 2011

My wife and I drive similarly. Neither of us is particularly aggressive, we always use turn signals, we maintain similar speeds in comparable conditions. I tend to follow a little closer than she does, and she tends to brake a little later than I do, but there’s no real difference in how we drive. Yet when I’m driving, I know she often has a tight grip on the armrest. When she’s driving, my foot reaches for the imaginary passenger brake. We take identical risks and the same precautions, but I feel less safe when she’s driving, and she feels less safe [...]

Read more →

Smurfs Running Up Your Credit Card Bills

March 16, 2011

Apple is already starting to see issues managing authorization in their payment systems as in my last post. In this case, it wasn’t malware related, but it was still a function of trying to find the right balance between user convenience and payment authorization. When you make a purchase through iTunes, your password is cached for fifteen minutes. In this case, parents were buying on iTunes then handing their phones over to kids who would go on to make huge purchases of Smurfberries in Smurf Village. It does sound irresistible. What’s happening is that Apple is changing the model for online [...]

Read more →

Smartphones, Malware and Payment Systems

March 10, 2011

A flurry of Android malware has been in the news lately, including some discussion of a hack which roots the device. That’s as significant as a compromise gets, but it’s not very interesting. Malware has been rooting devices for a long time, and Android, like anything else will have exploitable vulnerabilities. Much more interesting to me is a trojan app which runs up charges on premium SMS numbers. It’s simple as far as attacks go. The app appears to be a media player, but sends expensive texts in the background. It’s also very clever, as it takes advantage of a [...]

Read more →

Smartphones and Steganography

February 11, 2011

Security researchers published a scary proof of concept attack on Android smartphones. It’s a pair of Trojan apps which cooperate to steal credit card numbers — either spoken into the phone or entered on the keypad — and then covertly relay them back to the attacker. The attack was very cleverly done and highlights new threats enabled by powerful mobile devices. They received a flurry of publicity, but I think the coverage missed one of the really interesting points of their attack. It’s a practical application of steganography to create a covert communication channel inside a device. Steganography is the discipline [...]

Read more →

Choosing an Open Source Desktop Search Tool: Part 4

March 26, 2010

Evaluation of open source desktop search tools continue from Part 1, Part 2 and Part 3 with a late entry and some updates.  During my work on Strigi, their documentation referred to related projects.  Of the several other search tools mentioned, there was one which wasn’t already on my list or a defunct project:  Pinot.  Another C++ based and GPL2 licensed tool, Pinot uses a xapien back end for its index and relies on dbus for its interprocess communication.  On its face, it’s very similar to recoll.  In testing, it showed some interesting differences. Pinot setup and searching Pinot was [...]

Read more →

Choosing an Open Source Desktop Search Tool: Part 3

February 28, 2010

My search testing continues in this post with tracker, details on using tracker, recoll, and strigi.  My overall intent and plans are laid out in Part 1.  Testing environment details and my work with beagle appear in Part 2. Tracker setup and searching As with beagle, tracker was installed using apt-get install tracker.  Apt had a hefty package count for tracker — 201 for tracker vs. 208 for beagle.  These fell into only two general buckets, though:  Tracker and its related libraries/parsers and X/gnome.  Tracker is a C based tool, so there was no need for all of the Mono [...]

Read more →

← Previous Entries