32 posts • joined 22 Dec 2009
Yup.. rubbish permissions handling in Android
Like the article says (and various other articles have said before and commentards commented on), this is a fundamental problem with Android. I've got a Nexus 5 and Android's permissions handling is the main thing that would push me back towards using an iOS device.
Yep... that and SwiftKey are going to be fantastic enhancements for iOS
Does Uber use journey GPS data to determine fares?
I suspect that this might all hang on whether or not Uber uses GPS data from the actual journey to determine the fare.
So, for example, if you go onto the Uber website/app, provide your journey details, and get a fixed price for the journey then there's no taximeter issue since there's no metering in the vehicle and e.g. delays in the journey, detours etc. won't affect the price.
However, if the fare is determined at the end of the journey based on GPS data logged by a device in the vehicle (and e.g. transmitted to an Uber server which calculates the fare) then there must be a strong argument that it brings a taximeter into effect in the vehicle. There's caselaw where having part of a device/system in a different location wasn't a get-out-of-jail-free card.
So I think that it might depend on exactly what that GPS data is used for - logging journeys for live journey status info, passenger safety and optimising future fare calculations is one thing. Using it to meter the journey is another...
Not competitively priced, but enough to retain customers?
Yep... definitely not competitive against 3 with its unlimited 4G data deal. Ditto, GiffGaff are offering a similar 4G package (running on O2's infrastructure) at £12.99. However, if the price difference isn't too much (and e.g. BBC iPlayer still requires a wifi connection to download/stream shows) then maybe the majority of people just won't bother to move.
Re: STARTTLS checker?
Thanks for all the suggestions and feedback.
mxtoolbox.com was an easy way of checking whether STARTTLS is stated as being supported - just do an MX lookup on the chosen domain to identify the MX server(s) and then click on the "SMTP Test" button for each MX server. The "Session Transcript" box then shows the response to EHLO - as per comments, you're looking for "250-STARTTLS".
However, http://checktls.com is vastly better (since it's designed just to check TLS) - does a very detailed check of all MX servers, and gives a commented, easy to understand, session transcript/analysis. Amongst other things, it checks the full certificate chain and gives a nice colour-coded summary results panel.
So with the email address/domain I was interested in, MX servers include service19.mimecast.com and service20.mimecast.com. The results tell me that both have incorrect certificate chains because Mimecast are using certificates issued for *.mimecast.com instead of the specific service19 and service20, and include RFC references. The summary results include the helpful message that:
"Note: Cert failures do not affect TLS encryption, but may mean the site isn't who they say they are."
Another email address I tried has Google providing all MX servers, and passed all checks.
Yahoo fails for the same reason as Mimecast.
Interestingly, there's a lot of variation in the crypto algorithms used, which is interesting since I would expect there to be some kind of an industry consensus on what to use. Thoughts/comments anybody?
Minor tweak on the question from @theodore - I'm wondering if there's an *easy*/convenient way to double-check whether STARTTLS is correctly set up on a domain.
For example, an email address I can send mail to from my domain, or a service that can be pointed at an email address on my domain, and which will return results on whether STARTTLS is correctly set up.
Consumer convenience v security
Just set up voicemail on a new mobile on EE, and it does give you the option of requiring a PIN every time you call the voicemail number, even from your own phone. It seems from the page on the 3 website linked to by the article that they have the same option.
That said, the marketing droids could have actually given a direct answer to the question/issues raised, rather than the usual tripe that they seem to churn out.
I guess that ultimately this might come down to the mobile phone companies providing the mass-market convenient option of not having to enter a PIN when calling from a number that appears to be your own, whilst providing the "always on" PIN requirement for those who want some security.
CLI spoofing has been an easy option for many years, so the fact that it provides a way to get into people's voicemail doesn't surprise me. Oh well...
Cert issue on CDN?
I'm going to put my neck on the line here, but... maybe since multiple streams from multiple providers have gone down then it's an issue with an expired certificate held by the CDN, e.g. Akamai or whoever else they use. If the CDN is delivering an encrypted Flash stream then it should have master video streams which are then encrypted on a per-user basis (http://en.wikipedia.org/wiki/Protected_Streaming). If encryption is with a key held by the CDN (e.g. its own key used to encrypt a whole range of streams) then that might explain why BBC, Sky etc. are affected.
Re: Well just to balance things out.
Ultimately, you will have to pay for all of the gas and electricity you have used. So whether it's worth under-paying now depends on how gas and electricity prices move in the future - if they e.g. increase above inflation (or at a greater rate than the interest rate on your bank account minus tax) then it's actually better to pay for everything now (or even over-pay i.e. pay for gas and electricity you haven't used yet) since you'll end up paying more for the same gas/electricity later.
Passwords were hashed
I was a bit stressed about what they did with passwords as well - the comment (link below) from a Kickstarter person is that:
"... we're being very public with how we hashed them: older Kickstarter passwords used using SHA-1 digested multiple times. More recent passwords are encrypted with bcrypt."
Discussion here - https://news.ycombinator.com/item?id=7245349
Re: QNAP User
Erm... simplest thing is to backup to an external drive via USB, pull out the old drives, insert new (larger) ones, and restore from backup. Then use RAID expansion (below).
However, an alternative solution is to pull out a drive from your RAID, plug a new (larger) one in, and let it repair the RAID array by creating the missing disk image on the new drive. Repeat for the other drives in the array. This can be *very* slow. Then use RAID expansion (below).
Whichever option you've gone for, you now have new drives with RAID images using only part of the drive capacity, and you can then do RAID expansion. Just go into the Storage Manager web app and expand the RAID (basically, creates an additional RAID volume on the available space on the drives, and attaches it to the existing RAID volume). Just requires a few mouse clicks.
IMHO, the best thing to do is just buy the largest drives possible when you first get the box, and go for the first option (backup to external drive via USB and restore to new drives from backup) when you eventually bite the bullet and decide you need more space.
@Eguro - you could try spamgourmet (http://www.spamgourmet.com/)
And they've mucked up searching from the address bar...
Not mentioned in the release notes, but unbelievably annoying, Firefox 23 has changed the search behaviour for text entered into the address bar so that it now uses your default search engine.
You might previously have used the address bar for Google searches, and have dictionary.com or suchlike set as your default search engine in the search box to the right; now all searches from the address bar will be to your default search engine.
This addon fixes it, but it's not exactly the smartest move from Mozilla:
Re: Netware 3.11 - the good old days...
Crumbs... it's all a bit of a blur, but I think that you're talking about the SALVAGE utility.
If you knew about the accidental deletion fairly quickly then you could usually get files back before they were purged from the volume. Depending on how you were doing for available space on the volume, you could have a fairly extended version history.
Next. I'll be reminiscing about Word Perfect 6.1...
Netware 3.11 - the good old days...
For me as a non-IT person who was responsible for IT of a small company back in the early/mid-90s, Netware was perfect - simple, easy, and *it just worked*. Our office file/print server just never went down, backups ran happily every night, and the dozen or so users never really appreciated or noticed what was going on. Internet access and email (thanks Paul Smith and vPOP3) was seamlessly added, and we had a small business set-up that ran happily for many years.
Re: Youview FAIL
Yes, but the issue for the Beeb is having to support iPlayer on all of those platforms/devices - I suspect that it's an absolute nightmare and a total black hole for developer time and resources. At which point, some open/defined standards in terms of minimum hardware and OS can help, and that gives us YouView. If it takes off and device manufacturers incorporate it in future TVs and STBs then they'll be able to deliver a single build of their IPTV service for an awful lot of devices.
So presumably irrespective of how iPlayer progresses, the prospect of reduced costs and a more consistent and better user experience will ensure that the BBC are keen on YouView. That and the fact that, as you say, they'll be able to control to a certain extent how their channels and services are presented. Big fish in a relatively small pond.
GoogleTV could be the real issue for them. However, as the broadcast content provider they'll be able to decide whether or not to support it and therefore until it gains a critical mass and their hand is forced, they'll probably avoid it like the plague - much bigger pond and an awful lot more fish to fight with for people's attention.
Re: Right pitch, wrong platform.
Agreed - the price point is massively wrong, and the large amount of snagging is very worrying. Lack of what is now basic features in terms of apps/subscription services (Lovefilm etc.) also looks bad.
I've said it before, and I'll very happily say it again - should have ditched YouView a couple of years ago when HbbTV was clearly going to be the winner. We need a single platform that all manufacturers and content providers can target so that the box, format, interface and functionality used in France or Germany etc. is essentially the same as that in the UK - would lead to more products, lower prices and much quicker and more complete (and broader) delivery of apps/channels/services from content providers. Would also give a much better chance of decent firmware and speedy bugfixes.
The winner here is going to be the box that provides freesat/freeview, catchup TV (and other online content) from terrestrial broadcasters, apps/services etc. from other content providers (and the ability of the user to add their own chosen services etc. - enter URIs of your own chosen repos for content/services), gigabit ethernet with access to content on the home LAN and the ability to copy recorded content onto the home LAN, remote access for scheduling recordings, excellent search (all recordings, all scheduled broadcast content, all catchup TV, all online content, all LAN content), and a fantastically simple and easy-to-use interface. Not much to ask... :)
Overall, good on Humax for putting out the box (even though it has issues), but as ever a fail for YouView.
Re: ...and the bubble starts to deflate
Hmmm... Eduardo Saverin's probably not too happy that the share price is still low and is under massive pressure (http://www.theregister.co.uk/2012/06/01/eduardo_saverin_tax/) - he'll presumably have to pay the IRS at some point.
Facebook share price chart (year to date):
Re: "it’s hard to argue that it’s still the best."
I was going to have an outraged moan and conclude by saying "how on earth can Apple put out something with such a low spec at that price?", but I think that we all know the answer.
The depressing thing is that I've been talking with my wife about replacing her Mac, and I really don't want to go anywhere near this one. Might give it a few months if, as per people's comments, there's a chance of a vaguely better model emerging.
However if (as I suspect) the right to write an app is jealously guarded and vetted by YouView genuinely useful apps like this will probably not get approved and in a world of increasingly "smart" TVs I reckon that'll be the death of YouView.
That's my concern as well - for anything to succeed now, it must be open so that you can add your own chosen content and content providers. Otherwise, it will just end up as an annoying and frustrating walled garden. There will always be content out there that you want and that you should be able to access, but which won't be available through a closed members-only platform. For example, new online TV/video providers, and overseas providers might not make it on. Similarly, I'd love to see content from my NAS box seamlessly integrated into whatever other content is available. Zero chance of that on the current offering.
Also, do remember that everybody else is going for HbbTV, so targeting YouView will require special effort from content providers, which may translate to delay in content becoming available, or in it never becoming available at all.
My suggestion - let's just have open standards for the hardware and content provision so that anybody can supply content and can DRM things as required, and an open UI so that users can select their own content repos and add whatever channels/content providers they want. Works great on XBMC. Include a single integrated search across all content sources and you've got something that might be worth paying for.
Oh... and you'll probably want to support apps as well. In fact, why not go the whole hog and use HTML5 for as much as possible? Could even make the apps run as browser windows. Hmmm... maybe just build the whole thing on Android around Chrome? Could the ultimate solution be what Google TV is currently morphing into?
Re: large multinationals
Basic trademark infringement. Sounds like the decision is a repeat of the Tesco v Levis case from ten years ago - that one went to the ECJ. The ECJ confirmed that Levis could control the first sale of their jeans in Europe - Tesco couldn't buy the product from outside of Europe and place it on the market in Europe without Levis' consent (which of course they didn't have).
Trademark law creates a "wall" around Europe which means that only the trademark owner (or somebody authorized by them) can be the first person to put the product on the market in Europe. This allows manufacturers to control movement of goods into Europe, but *not* within Europe. So manufacturers can e.g. establish different prices in different regions (e.g. Europe, USA, Asian countries etc.) - for example sell into India with a lower profit margin in order to achieve sales and develop the market, and sell into the established European market at a higher price point.
European free trade laws ensure that once the product is legitimately on the market in Europe, the trademark owner has exhausted their rights and (generally - might have to re-label or replace instructions for language/safety issues) can't control further movement/sales within Europe.
Please just give us decent open standards
Like most people, I increasingly want online content rather than broadcast (satellite or Freeview), and the current offering and options just doesn't provide what I need.
An open standard for delivering content (e.g. hbbTV) would be great - for example, the iPlayer app on my 2011 Bravia is utter pants compared to the web app, and LoveFilm on the Bravia is okay but nothing like as good as on the PS3. So if an open standard makes it easier for broadcasters/content providers to provide their content and make sure that the UI and user experience is top-notch then that would be fabulous.
However, the one thing that always strikes me is that right now I'm just not in control of what content is available through my TV - I get the online services that Sony deems I should get. Frankly, I don't give a monkey's what Sony think - I want to be able to add any service that I want. It might be e.g. a German or French TV station, Netflix, a future alternative to that, or a future ElReg channel. Irrespective, I want to be in control of available channels/services and that's just not possible right now.
If that can be done through HbbTV then that would be amazing. Ultimately, I just want to be able to add my own chosen repo of broadcaster information (like with XBMC) or enter a custom URL for a chosen broadcaster. With that, it could be fantastic.
Beyond that, full HTML5 rendering must surely go a long way to delivering everything presently required.
Anyway, in the same way as I bought my Humax satellite box, I'll probably buy a set top box which stands a chance of getting custom firmware.
Here's the case - not just Nokia, opposing
The EPO's record for the case is here:
Opponents are Nokia, T mobile, Vodafone, Ericsson and HTC.
The detailed written decision hasn't yet issued (and will be in German) - expect that to take at least another month or two. When it does issue, it will be in the "All documents" section (link at the top left of the page). They'll probably appeal the decision, so this will go on for at least another year.
The patent itself (English language claims on page 9 of the PDF here): http://worldwide.espacenet.com/publicationDetails/originalDocument?CC=EP&NR=1841268B1&KC=B1&FT=D&ND=1&date=20100317&DB=EPODOC&locale=en_EP) requires the mobile phone itself to do the work in prioritising traffic - reads a value off the SIM, gets data from the network, and figures out whether or not the call can be made.
Involvement of the phone and network means that both the mobile phone manufacturers and networks would be affected by the patent.
Re: Bottling it
We've got the same thing at our office (in fact, the bottles look identical to ours, other than the logo) - much cheaper than buying bottled water, and much more environmentally friendly.
LANs and wireless signal penetration - powerline and Airport Express
My house hasn't got particularly thick walls, but wireless signal penetration from the front of the house (where the router is) to the back is a bit patchy for e.g. mobile phones. 5Ghz goes absolutely nowhere, so I've pretty much given up on it. Add to it the NAS and printer that are in the cellar and really need an unbroken/unbreakable connection to the router, and I've gone for a combination of solutions which seems to be working very well.
Before anybody talks about router antennae and positioning, it's a WNDR3700 (internal antennae), high up on a shelf, and (unfortunately) needs to be located there.
What knits everything together is powerline ethernet - connects the router to the cellar very happily at >100Mbps, so NAS and printer resources are easily available wherever the wireless can get. A gigabit switch in the cellar also gives high bandwidth access to the NAS where necessary for big backups etc.
The other really useful thing has been an Apple Airport Express with an ethernet connection to another powerline ethernet unit - this is at the back of the house and operates as a wireless base station on a separate (non-overlapping) frequency to the main router, but with the same network ID so wireless devices switch between it and the router as necessary. It's also wired into a pair of speakers, so we've got music in the kitchen (and elsewhere - various other Airport Express units).
So we've now got good wireless access across the whole of the house, music across the whole of the house, and router/switch (in the cellar) providing gigabit ethernet connections for cabled devices.
Overall, it's a nice setup, hasn't been too expensive, and has avoided the need for any additional cabling to be installed which would have been a total pain. The only downside is that the wireless guest network provided by the router is not extended by the Airport Express, but that's an incredibly minor issue.
Here's the lawsuit
This is the lawsuit:
IMHO, if Boundless have been copying the selection and arrangement of information that is presented in the books, let alone the pagination etc. so that the Boundless books can act as a direct replacement for course texts (so that e.g. references in course notes to content on a particular page, paragraph or section number of a book is reference to the same content in the Boundless book) then they've got a real problem.
That selection and arrangement of information should have lots of copyright in it.
Ultimately, if I've spent a large amount of time and effort researching a subject and writing a book which gives readers a very carefully tailored learning experience then I will have lots of copyright in that book, which is the right thing - if I've done a good job and it's a good book then I will be rewarded for my work with income from sales, encouraging me to do more of the same.
However, if somebody else comes along and copies the book, particularly the structure and content, to deliver the same learning experience (even if they paraphrase things) then they are basically trying to steal my work. If a court does not find them to be infringing my copyright then there is no incentive for me (the skilled author) or my editor (there will also be copyright in the editorial input) to write any more books, and at that point there will be no commercial reward for authoring textbooks, so why should anybody bother?
Alternatively, if they want to independently author their own books (and the critical thing is that they do it independently of my books) then that's absolutely fine - they're not trying to copy my work and it's a bit of competition for me - good old capitalism - and should encourage me to improve the content/price/usability/available formats/distribution channels etc. Perhaps they could try some kind of an open collaborative online system where anybody and everybody can share their knowledge and freely contribute, discuss, and edit the material. Hmm...
Should be interesting...
It's just patent offices trying to be more efficient
From an innocent/naive level, this is basically WIPO trying to do its job. So long as North Korea already has internet access, a "treasure trove" of information won't suddenly be made available to North Korea.
However,... if their internet access is limited (it seems to be - http://en.wikipedia.org/wiki/Internet_in_North_Korea) then it might be very useful. A quick search on WIPO's PATENTSCOPE database (http://www.wipo.int/patentscope/search/en/search.jsf) shows that 25 International patent applications have been filed at the North Korean patent office since 1990. I don't know how many local/"national" patent applications there are in North Korea, but I suspect very few. That doesn't exactly require 48TB of storage space, nor does it require a high speed duplex laser printer. And it doesn't exactly require full time use of the new hardware, which raises the question of potential "dual use".
Patent applications get published - tens of millions of them from patent offices all over the world here: http://worldwide.espacenet.com/ (contains all of the publications on the WIPO database and more).
So those publications are already available to anybody and everybody for free - you just need an internet connection.
Any patent application directed to "restricted" subject matter (where national security restrictions etc. apply) will not be published, and so will never make it onto the public database.
I would guess that the storage space on the server means that it either has, or is designed to have, a local copy of WIPO's public PATENTSCOPE database in order to allow staff at the patent office to search it easily, i.e. without needing an internet connection. The only searching they would have to do is presumably to determine patentability of local/national patent applications, not the International ones that WIPO handles.
So I suspect that part of the concern here might be the ease of access to the very large volume of technical data on that database (with 48TB, it might have the plain text/XML plus the TIFF/PDF images, including drawings).
So it's really the "dual use" question of:
1. what they are going to use the hardware for when it's not being used to process patent applications filed at the patent office, and
2. whether they have got a local copy of the PATENTSCOPE database, and if so what use (outside of searching for local/national patent applications) they might put it to,
and whether any of that breaks any UN bans on technology transfer.
Absolute bullet in the foot if done via iPlayer
I think that the comments about pay-per-view weakening the case for the license fee are extremely valid. I'm sympathetic to the BBC's desire to get an additional revenue stream from pay-per-view, but really do wonder how they can achieve that via iPlayer.
What's the problem? Well, as I understand it (and I could be very wrong - this is just going from my recollections of previous media discussions about BBC commercial activities), the BBC is legally required to do all of its commercialisation via a separate commercial arm - BBC Worldwide Ltd. That ensures that the commercial marketplace for products is not skewed in the BBC's favour, and ensures that it does not use license fee money (which it presumably spends an awful lot of on iPlayer) to disadvantage competitors (e.g. subscription services). If the BBC starts charging for TV programs via iPlayer then you can guarantee that Sky, Virgin etc. will complain that license fee money (spent on the iPlayer platform) is being used to compete with them for online services such as viewing old shows etc.
It might be that the forthcoming YouView platform will allow the BBC (or maybe BBC Worldwide) to provide pay-per-view as e.g. "BBC pay-per-view", *totally* separate from the main BBC iPlayer service and so not breach its legal obligations.
However, the main thing seems to be that the BBC needs to be able to license content so that it can be distributed online very shortly after broadcast, instead of e.g. having to wait for DVD box sets to be released etc. That sounds like more of a commercial issue with rights holders than a fundamental issue with whether or not the BBC (in whatever guise) can offer pay-per-view.
Have a look on LoveFilm and NetFlix - the TV show content is somewhat limited, and they would presumably love to get their hands on more recent shows, subject to the price being right.
Simplest and safest thing for the BBC is to sort out licensing so that programs can be licensed at reasonable rates for online distribution very shortly after broadcast, and for the BBC *not* to offer those online commercial services themselves as doing so would just threaten the license fee.
Last thing - who on earth is going to pay £1.89 for a show?! 10p maybe, but at that kind of price it's a total no-go. To work, it has to be commercially attractive to punters.
Just a patent application - *not* a granted patent
This one is just a published patent application, *not* a granted patent.
Here's the publication:
Getting the images is a bit of a pain - they're TIFFs, so your browser will probably need a plugin like AlternaTIFF. Should be available as a PDF from the link below ("Original document" link on the left) in a week or so:
For those that are interested in what happens to the case, use Public PAIR (http://portal.uspto.gov/external/portal/pair) and search for 20120036433 as document/publication number.
Humax definitely comes top
Yes there is some minor snagging with the EPG on the Humax, but the additional firmware that oldcodger links to (above) is absolutely fantastic. Personally, I copy recorded TV programs from it directly to Flex Player running on an iPad (no need for format-shifting - just drag-and-drop). The end result is that I can easily watch full quality TV shows on the iPad whilst sat on the train.
For me, apart from the minor GUI tweaks, the only extra thing that I would want is gigabit ethernet instead of the current 100Mbit. Overall, excellent piece of kit.
Mmmm... very nice
I've got a DS408 (i.e. two generations previous to the DS410) running very happily at home - it's never crashed and for the non-Linux folks amongst us, it just works, so long as you are happy to stick to the GUI and pre-packaged apps (see the Synology website). If you want something more then somewhat inevitably it probably won't be anything like as simple as installing a program on a Windows/Mac machine.
Re the noise levels for home users, it's worth flagging up that this model has a scheduled on/off feature (my DS408 is set up to turn itself off overnight) as well as wake on LAN. It also has auto reboot after power failure, which is great for when you're nowhere near home.
The four bays might be overkill to some, but obviously do allow for RAID configurations beyond RAID 0/1 and much more storage space. The OS also (I think) supports live volume expansion so you can just swap in larger drives as and when you need more space and the volume expanded accordingly, and you can also change volume type on-the-fly.
I think that ext4 is now the default file system, meaning that drive volumes of much greater than 8TB should be possible, subject to drive compatibility. However, don't quote me on that - if it's important to you then speak to Synology who are usually quick to reply to emails.
GUI is very good, although I found with earlier versions that copying/pasting/moving large numbers of files was difficult. That might have been fixed with DSM 2.3, and I would strongly recommend applying the latest version as part of an initial install (which itself is an absolute breeze). In any event, for most people and most of the time it can be easiest to do file operations on your PC/Mac/whatever desktop, having set up mapped drives etc.
Overall, the Synology DS4xx series is seriously nice.
Aspera FASP technology
I'm guessing that this is their "FASP technology" (WO2006/071866):
As for "It sounds like Aspera could have a new application ahead of it; transferring data files to the cloud.", try this one (WO2009/091580):
- Teardown Pop open this iPhone 6 and see where the magic oozes from ... oh hello again, Qualcomm
- Analysis Apple's warrant canary riddle: Cock-up, conspiracy, or anti-Google point-scoring
- Pics Facebook's Oculus unveils 360-degree VR head tracking Crescent Bay prototype
- Bargain basement iPhone shoppers BEWARE! eBay exposes users to phishing vuln
- Something for the Weekend, Sir? Oh God the RUBBER on my SHAFT has gone wrong and is STICKING to things