Log in

David Cameron is clueless

Jan. 13th, 2015 | 11:49 pm

There should be no "means of communication" which "we cannot read", he said.

(I assume that's paraphrasing by the beeb)

He appears to be seriously proposing banning strong encryption. That'd be the "S" in "HTTPS" amongst other things.

On a technical level, this stuff is all-or-nothing. You can't keep any back door for use by the "good guys". If it's there, the bad guys will find it, and use it.

People (and corporations) generally prefer it if the "financial transaction" part of their e-commerce is not vulnerable to crooks like the ones that have been knocking over US retail chains' credit card processing operations on a regular basis for the last couple of years.

Those crooks had to actually do a bit of work for most of those breaches, but without strong encryption, they could just set up in a convenient point in the network and pick up credit card details (or anything else of interest) as they go by.

In short: if enacted, this would kill the entire e-commerce industry.

Assuming they could enforce it, that is - which I doubt, because that would likely require disconnecting the entire country from the internet and destroying all the computers that implement such encryption. Which would be approximately everything that can browse the web, including the pocket computers that people still insist on calling "phones", large numbers of modern televisions, and likely a whole bunch of other computers-in-disguise.

And that's just the *first* objection I could articulate semi-coherently at this time of night.


Link | Leave a comment {1} | Share


May. 20th, 2014 | 09:13 pm

So. I want to decide how to vote. I know! I'll look at some party websites.

Conservative website front page. OK, what are your policies? [Hunts a bit] Aha, "Our Long-Term Economic Plan" Repeated all over the page, bolded in sentences, and its own item in the site navigation bar. Okay, what's that, then? Five bullet points, links to details, spend at least a third of the words on every page attacking the opposition. All pretty much as expected given their behaviour in government over the last few years. More detail would be nice, as would a little less emphasis on "that lot were crap last time they were in", but: core policies outlined, job done.

Labour Party website front page. Hmm. Policies? Anyone? Ah, "Freeze that bill". Clicks link. "Gas and electricity bills will be frozen until 2017" (uh? how, given that they're all privatised?) That's pretty much it. Back. Scours page. Nothing. Scours "blog" and "news". Aha, "A Labour government will protect the NHS" - which leads to a video of Ed Miliband visiting a hospital. More digging... and digging... "Helping mums and dads and helping the economy"... an actual policy statement! In a filing cabinet, in a basement, behind a locked door with a sign saying "beware of the leopard". Maybe "Meet Ed Miliband"? Oh - a well-hidden statement of general principles, though it reads like a personal campaign speech and is awfully "big picture". Seriously? Two days before an election, and that's it? Most of it buried deep in the site?

LibDems. Front-and-centre, big text, "we're pro-Europe" (I paraphrase). Wow, a solid policy statement on the front page. "Issues". Half a dozen links, mostly to "what we've done as the junior party in government over the last few years", frequent digs at both Labour and Conservatives. "More..." link - leads to a page with a general mission statement, and a whole bunch more links to details of what they've been up to in government. All very backward-looking, but I suppose one can extrapolate from that, so not bad overall.

Greens. OK, link labelled "mini manifesto" quite prominent on the front page... and it leads to an actual manifesto, with policies and everything. Good job there. Navigation menu has "our values" link - to a general outline of principles, with further links, which mostly repeat the manifesto. So, a bit bare-boned, but: policies outlined, well done Greens.

...and I think that's about all the parties I'm willing to give mental time to.

Link | Leave a comment {3} | Share

Ancillary Justice, Ann Leckie

Nov. 11th, 2013 | 09:52 pm

Ancillary Justice is billed as Space Opera. I quite enjoy space opera.

I suppose it is space opera, from a certain angle, in the sense that there are spaceships, planetary invasions and shoot-outs on shuttlecraft. It felt like rather more than that, and the core of the plot is built around something else entirely.

Damn good.

(and this interview says the first draft of the next one's almost done, so probably only a year or so to wait)

Link | Leave a comment {1} | Share

Return of the browser weenie

May. 16th, 2012 | 08:43 pm

It’s a while since I wittered about browser stats. Which is a bit of a shame, because they recently got really interesting again.

Read more...Collapse )

TL;DR version: everything has changed around in the last 6 months. The days of “one major browser and a couple of minor ones” are well and truly over - the lead pack is now IE9, Chrome, IE8 and Firefox, with Mobile Safari a little way behind. Mobiles are now a significant fraction of the general browser population.

Note: boilerplate advocacy of "Browser X" in comments will be stomped and/or mocked. I don't want to moderate a Holy War.

Link | Leave a comment {4} | Share

AKICILJ: software liability

Apr. 14th, 2012 | 09:20 pm

At Eastercon, one of the few items I managed to get to, between wrangling offspring, was the "Ethics of AI" panel.

It was an interesting item, if a little "bitty" – I get the impression that there are so many unresolved issues that a single hour’s discussion couldn’t devote any significant period to any of them, so it mostly just bounced from one issue to the next. However, I was struck by how many of the issues are applicable, right now, to "dumb" software, never mind anything approaching an AI.

One of the topics (briefly) discussed was the issue of legal liability for the actions of a piece of software. I mentioned the very common software licence clause denying all liability for anything a program does. majorclanger quickly pointed out that such clauses are unlikely to survive any significant contact with the UK legal system (I don't recall the details he gave of the act in question – something about unenforceable/unreasonable contracts?). There are presumably similar laws in other jurisdictions.

In some ways (i.e. as a user of software) I think thatIs a good thing. If a company releases software that does damage somewhere, then there should be consequences.

On the other hand, as a professional programmer, I'm a little more uneasy. IIRC, one of Alan Turing's great contributions to computer science was a proof that it's impossible to prove exactly what an arbitrary lump of software is going to actually do before you run it. For trivial programs, you can make deductions via human inspection, but that fails utterly for even relatively small lumps of code.

For any real-world-useful software, it's basically impossible to prove that it is bug free. With care, you can probably assert that it probably has no major bugs. For huge software projects (say, an operating system[1]) even getting that far can require carefully-co-ordinated person-centuries or person-millennia of effort, backed up by even larger quantities of automated computational grunt work.

(Things get murkier still if the software in question has eleventy-billion little config switches that the user can fiddle with, some of which are labelled "if you get this wrong, very bad things will happen")

Surely there has to be some sort of cut-off, where a software company can say "look, we did everything reasonably possible to ensure that the software was good, we can’t be held liable for a one-in-a-trillion bug that only kicks in when you make a typo at 12:42pm on a Tuesday in March when the wind is blowing from the south-east"? There are industry standards and quality standards and acceptance testing and so on. Presumably some of those things are actually recognised in law as a defence for the software producer?

So, how many liability issues have actually made it to court? Certainly in my professional experience, screw-ups with major real-world consequences have mostly been resolved via negotiated financial settlements. Has anyone ever tried to seriously lean on a "no liability" licence clause, and if so, what happened?

[1] Scientific American once printed an article (probably about a decade or so back) which argued, totally seriously and very persuasively (yeah, I'm biased) that Windows 2000 was one of the most complex artifacts ever built. Yes, they included things like Airliners and Moon Rockets. Big software is complicated.
Tags: , ,

Link | Leave a comment {13} | Share

(no subject)

Sep. 21st, 2011 | 08:16 pm
music: Crazy Train - Ozzy Osbourne

In the middle of an interesting post about online identity, eggwhite wrote something I want to highlight for everyone working in any sort of software development environment:

I'd been banging on and on about how identity was important, meaning one thing. The folks I'd been working with had heard me banging on about identity being important, but hearing something entirely different. Identity meant different things to different people on the team, and that was muddying the waters.

Spotting this sort of thing happening in real time, especially during spec-thrashing-out type meetings, is an incredibly valuable skill.

Practice, learn, and draw attention to it when it happens, because this stuff leads to bugs. Not just common-or-garden "oops, sorry, fixed in a couple of hours" bugs, but "oh $%^$, we'll have to re-plumb half the world and de-cromulate the dinglebat to even begin sorting that mess out, it's gonna take months, we're doooomed!" bugs.

(consider this a rather late speak-out geek-out thing)

Link | Leave a comment | Share

New Arrival

Feb. 15th, 2011 | 09:50 pm
mood: happyhappy

Elizabeth Margaret Loveridge Long, 7lb 0oz, arrived at 17:53 on Saturday (12/02/2011) and came home last night.

Things weren't quite as medically boring as calatrice would have preferred, but nothing too dramatic, and they're both doing fine.

Link | Leave a comment {12} | Share

Stand back, I'm going to try prognostication...

Jan. 12th, 2011 | 09:51 pm

If you work in the business of generating web pages to display to users, you need to know: there's going to be some major changes in the browser landscape over the next year or three.

There are several things going on out there. Any one of them could make a serious difference to the web at large - but they're all either happening right now, or imminent.

Mobile devices are going be everywhere.

I'm seeing reports[1] that at least one major chipmaker is planning to ship a system-on-a-chip imminently which they reckon will allow roughly-iPhone-3GS-equivalent handsets to sell at retail, without contract, for ~$100. Those things are going to be hitting the high street in less than 6 months.

I'm not sure I believe that precise graph of price vs. time (or even that I read it right) but I don't think they're wrong by more than a factor of two on either axis. Smartphones (more accurately, pocket frackin' computers[2]) are going to go mass market, and soon.

In 2010, smartphones sold roughly 300,000,000 units. That's about the same as the number of desktop PCs sold in the same period, apparently. This year, they're going to sell more. When those $100 beasties hit, it's going to seem like everyone's got one.

Mobile devices are not second class web citizens any more

These things have proper browsers on them. Most are webkit-based (like Chrome and Safari) so they do proper standards-based rendering, including lumps of the new CSS3 whiz-bangs. They have proper javascript engines with better performance than you may expect.

I did some ad-hoc performance testing recently. Mobile safari on iOS 4-point-(mumble) on an iPhone 3GS was about a factor 10 slower than Chrome 8 on my workstation. So: only 10 times slower than one of the fastest browsers out there running on much beefier hardware. That's comfortably in the same league as (probably even somewhat faster than) IE8 on the same workstation. It leaves IE7 in the dust.

Add those two items together (low prices + web capability) and you get: mobile devices are going to become a very popular way to access the web. This is going to happen fast - if we're lucky, we've got a year or two to prepare for it. Right now, I'm seeing mobile safari at about 1.5% to 3% of sessions on the websites I work on. That's up from basically zero 12 months ago.

All those browser support conversation, where you say things like "we'll support all the browsers over 5% market share in our stats"? They're going to get gate-crashed by mobile devices in less than 12 months' time, quite possibly less than 6. Maybe not any one browser on its own, but in aggregate, it all adds up fast.

The only thing I can see slowing this down is the mobile phone operators, and their we're-not-price-gouging-our-customers-honest-guv data payment plans. Even on that front, for $100 or so, I'd be seriously considering buying one of these beasties for use via wi-fi hotspots only (hell, that covers my house and garden, for starters - anything else is a bonus) and screw the phone people.

It's the browser wars all over again

All these new devices come with their own browsers and, unfortunately, there are loads of the buggers [3]. They're all subtly different. They're all running on different hardware, with different screen sizes. You're really, really, really, going to have to test on the real damn hardware.

The good news is that they mostly follow the standards. If you can:
  • persuade the photoshop weenies to give up on pixel-perfection ('cos the screen dimensions are all over the show)
  • do at least a bit of work to tailor the design to the realities of small screens (by dumping cosmetic fripperies and focusing on making the site suitable for whatever it's supposed to actually do)
  • refactor all the UI stuff to cope with touch instead of/as well as mouse interactions (which is quite a big deal, especially if the site's supposed to do any quantity of data entry)
  • avoid the real bleeding-edge stuff like webGL
...then you shouldn't have too much trouble keeping the browsers mostly in line.

Javascript performance has just gone up like a rocket.

IE is still the biggest desktop browser, and it sucks, especially the older versions. On the desktop, almost everyone still has to support IE6/7[4]

All the other desktop browsers are an order of magnitude faster than IE8, which is itself significantly quicker than IE7 and 6. IE9 is going to be seriously competitive with everyone else. Don't get me wrong, performance is still an issue, but the browsers are now probably less of a bottleneck than your code is.

Now, that's not bleeding-edge, but it's sure as hell quick enough to run non-trivial things at a sensible speed. Remember: there was a perfectly-playable port of Lemmings to JS done years ago, before all this optimisation occurred. Some of the stuff that people are doing out there in browser-specific-tech-demo land is amazing (like, real-time-chromakey[5], real-time hardware-accelerated 3D graphics[6])

So: You can now write real app-scale code in websites browsers. This has started to get through to people, though I still see a lot of comments like "javascript is a toy, you can't do anything serious with it" from people who really should know better, if only because it's been smacking them in the face for a year or two now.


Mobile devices are going to become at least a significant way of accessing the web within months. In the long run, a good chance of becoming the dominant way. That's long run in internet time - I'll go out on a limb and say: 5 years, maybe. Mobile devices are probably going to be what finally rams the stake through the hearts of IE6, 7 and maybe 8 (with Firefox and Chrome cheering from the sidelines).

The possibilities for mobile devices to run really cool things via pure web tech are much greater than most people realise - and web tech runs on all of them without having to port to a zillion different native development environments, or get sign-off from Apple before you can ship anything. [7]

The references I can be arsed finding, with added footnotes

[1] http://tech.fortune.cnn.com/2010/12/22/2011-will-be-the-year-android-explodes/

[2] Not that long ago, the state-of-the-art in phone games was "snake". An iPhone 3GS (which is now moderately old hat, tech wise) has far more computational shove than the system I used to play Half-Life all the way through. Yeah, these things happen to be phones, but, first and foremost, they're full-on pocket computers. People just haven't really cottoned on to that bit yet, because the future just went and snuck up on us.

[3] http://www.quirksmode.org/blog/archives/2009/10/there_is_no_web.html [8]

[4] On sites I interact with professionally, I'm still seeing IE6 at about 5-8% and IE7 at 12-20%. I can't quite pull the trigger yet, but IE6's days are numbered.

[5] https://developer.mozilla.org/samples/video/chroma-key/index.xhtml works in firefox 3.5 and up, allegedly. No idea about other browsers.

[6] http://webglsamples.googlecode.com/hg/aquarium/aquarium.html. You'll need a Firefox 4 beta or another WebGL-enabled browser (I believe the pre-release chrome builds can do it too, though I've not confirmed it personally)

[7] I hear the cry: "How do people make money from web apps?". That requires rather more prognosticating than I'm willing to commit to right now. One possibility is Operator Billing - it's going great guns in Africa. But that requires the mobile phone networks to be more forward-sighted than "give us $LOADSAMONEY-per-byte, and Get Orf Our Land Network" and "new handset is 10% better than old one, upgrade now!", so colour me somewhat skeptical for the moment.

[8] On the subject of mobile browser landscape and mobile web, just read everything PPK writes. Even if/when he's wrong (not often, on past track record) he's wrong in interesting and educational ways.

Link | Leave a comment {14} | Share

A mystery solved

Apr. 1st, 2010 | 09:32 pm

Those with eidetic memories[1] may remember this post I made almost exactly 5 years ago:

A couple of nights ago, in a bout of insomnia, I ended up channel-surfing at 02:30. My attention was captured by a music video on MTV2. It was long - over 5 minutes, maybe even 10 - and featured starbursts, video-game spaceships and small octopuses (it was also a bit psychedelic, if you hadn't guessed already).

[...] Does anybody have the first clue what track/artist I'm talking about?

Today, I answered my own question, totally accidentally, by buying the album.

I'm somewhat embarrassed to notice I left out one further detail which is still fresh in my mind: I reckoned the lyrics said something about "a thousand ambassadors", which might have helped people a bit[2].

While (as it turns out) I underestimated the diplomatic quotient by three orders of magnitude[3] I was pretty close considering I was befuddled by lack of sleep:

"The Bright Ambassadors of Morning" by Pure Reason Revolution.

12 minutes long. starbursts. blurry CGI spaceships. octopoids.

Also, mellow electronic burbling, vocal harmonies (with lyrics that make no sense whatsoever) and a really good'n'heavy guitar riff at about the 8'30" mark.

[1] fx: counts raised hands. doesn't take very long.

[2] certainly helped me when I played said album for the first time and went, "hang on a minute, is that what I think it is?"

[3] the actual lyric is "a million bright ambassadors".

Link | Leave a comment {2} | Share

On games design...

Apr. 22nd, 2009 | 09:40 pm

cavalorn rants about game design. He's aiming at MMORPGs in particular, but I want to focus on one bit, which applies to many, many games:

Here is your second cardinal sin. Not explicating your game stats in the bloody game itself. [...] if I get an item that boosts a stat by X amount, kindly explain to me in very basic terms what that entails in practice. What the hell is 'Heroic Defence'? What's the benefit of 'Intelligence'? How does 'Magical Attack' work? Don't make me go and look it up on a third-party website. Let me find out by mousing over, or at the very least, by clicking on a Help button.

This goes way beyond MMOs (of which I have little experience, but since we're piling on...)

I really quite enjoyed SW:KOTOR, despite it being totally not my preferred game genre.

But. Not being a tabletop RPG-er, I didn't have the faintest clue about how the D20 system works[1]. The closest I ever got was playing AD&D about 20 years ago, with a GM who did a good job of shielding the nuts-and-bolts of the mechanics from the players[2]. As a result, I basically had to go around and re-do the first third of the game, when it became clear that most of my early level-up decisions were complete garbage, and I discovered I now had a character who was completely, radically, unsuitable for my playstyle, and I was getting twatted in the most trivial combat encounters, even after turning the difficulty way down. Second time around, I still wasn't great at figuring out how these numbers fitted together, but I stood a chance, at least.

Elsewhere, I basically abandoned a promising (if very, very, nerdy-looking) hex-based computer wargame unplayed when it became clear that my only chance of playing it in a meaningful way was to inhale a copy of "Jane's Armoured Fighting Vehicles Of WW2"[3] first. Then, at least, I'd know which tanks to use against infantry, which against non-armoured vehicles, and which against other tanks, which might let me live long enough to figure out what all the different infantry units do. As it was, I tried to repeat the whole "Germany invades Poland with a bajillion tanks in 1939" thang and got my ass handed to me on a plate by three guys armed with pointy sticks, some of them on horses, because those tanks just bounce off entrenched infantry, and these are useless against any vehicle with more combat capability than a bicycle.

This is why I always preferred SF-based wargames (even in the tabletop arena) over historical - the SF ones *know* that they've got to explain to the players which units are good for what, but most historical ones assume that the player already knows the difference between Panzer II/III/IVs.

[1] Still Don't.

[2] Within reason, I regard this as a Good Thing with an RP group who were far more interested in the "group storytelling dungeon mosh" angle than Rules Lawyering or Meticulous Table-Studying.

[3] If it were planes, it would have been a slightly different story - I have enough of a clue there to survive long enough to figure the rest out - but tanks/half-tracks/etc? No chance.


Link | Leave a comment | Share