A blog about computers, open source, software and other perceptions gained over the years as a sysadmin.

Saturday, February 27, 2010

Just ordered a Google Nexus One

Dang it, couldnt help myself. Just ordered a new phone while still very pleased with the one i have. The HTC magic is the best phone ive ever owned and that includes a whole lot of phones over the years. Ive gone through most brands and tried many various models, even an OpenMoko i hacked away on. I really wanted to try a Maemo phone but im so darn pleased with Android.

This year are going to be a very interesting and fun year. Microsoft hacking away like feverish beavers on WinMo7, Nokia and Intel bashing Maemo into shape, Palm hopefully getting some traction, Samsung Bada and all the rest who works like madmen to churn out better phones.

I would love to see this level of competition in the OS field. Come to think of it, whats stopping the next big thing on mobile to seep into home computers? Instead of our phones becoming complex, insecure attention whores what if our computers becomes easier, more secure and simpler? Imagine for a second having a computer you just use? No fiddling with strange settings, no anti-this and anti-that, no defrags, no strange errors happening every other full moon etc?

Friday, February 26, 2010

Your doing it wrong, CPU/GPU cooling should be passive!

One thing that i cant understand is why on earth the CPU is still situated inside the computer case. The same goes for the GPU but atleast some of the graphic card manufacturers have understood that its a good thing to atleast vent the hot air from the heatsink outside the case.

If you would put the hot parts of a computer on the opposite side of the motherboard it would be very easy to use passive cooling instead of using fans. A large heatsink sitting in room temperature can take away much more heat than a fan blown heatsink sitting in 35-50 degree celsius. Another plus side is that all the other parts in the computer can operate in much lower temps. Power consumption will also be much lower because no fans need to be running.

That not one single motherboard manufacturer or computer manufacturer has tried passive cooling is pretty sad. Its perfectly possible to build a high performance workstation that at the same time is dead silent without spending a fortune.

Wednesday, February 24, 2010

Google not under investigation, a lie and PR-trickery.

Apparently Google is not under investigation of the European Commision. Rather its standard procedure to make an inquiry when someone complains. An investigation is a whole other matter and much more serious than an inquiry.

We have some more info on ejustice.fr and from what i can read the man is very lost in the world of pagerank. Dominique Barella is the man to avoid if you want to learn SEO. "He complained that Google told him, not in writing but verbally, that Google would index eJustice's search results if eJustice could provide them in a manner accessible via Google's algorithms."

Well, duh? I cant provide my pages encrypted in wet sponge by truck and get them indexed by Google? How rude!

The complaint against Google is wrong but antitrust regulation is good.

I want to make clear that i have nothing at all against the European Commision doing an investigation on Google, what im against is the way it all happens and who initiates it. Google and the other big corps must be kept in check keeping the playing field level but it should be the EU that initiates the investigations, not a companies biggest competitor of all times.

In a market economy its important that we have the same rules for all the companies. By tailoring these rules we can make the corporations compete in a way that benefits society, consumers and corporations at the same time. The rules should punish competition by dirty tricks and backhand deals that dont in any way improve price, quality or service. For example, it is not acceptable to make a deal that takes away choice from consumers artificially keeping a competitor out of the question.

Without rules the market will premiere the tactics that gives the most money. Sadly the best way to get high returns involves having no competitors or teaming up against newcomers. As such, antitrust regulations are the most important bit of a free market.

Problem is, antitrust regulation is slow, easy to manipulate and often very political. There are numerous questions about a bunch of questions i would like to be answered long before the EU even think about regulating Google. The biggest one is how suddenly over night the choice of a Linux powered Asus eeePC disappeared, despite very good sales. This happened to coincide with Asus and Microsoft teaming up which is very strange. If Microsoft sweetened the deal in return for Asus stop selling computers with Linux its a serious offense that should be looked into right away.

The same goes for Microsoft running around telling people to license Linux related patents without specifying WHAT patents we are talking about so that Linux can avoid those or challange them. Talk about racketeering and coercing in its ugliest form. Its like saying, -"pretty car manufacturing you got there, wanna take my i-wont-sue-your-customers-to-pieces-insurance?"

I think all Microsofts OEM deals should be controlled and checked out, especially the marketing deals. If they in any way punish an OEM for also selling Linux or any other OS it should be severely punished.

My point is, yes Google needs to know they are under constant checking but there are much bigger fish to fry long before that.

My tinfoil hat suspicion is that much of this is Microsoft wanting to have something to point at in their quest to purport Google as the new Microsoft. Up until now Microsoft have found pretty much nothing as ammo against Google, which in itself is pretty calming. If they and their PR corps cant find dirt, Google is probably behaving pretty well for now.

Microsoft and the case against Google.

Microsoft have initiated a probe into Googles search rankings on Google search. The reason they say is that Google push competing companies down in the results.

This is utter bullshit to be frank and its not in any way proven or even plausible that Google push for eg. Foundem down. First of all its an aggregator that pulls content from all over and does not bring much of original content. Those are always ranked lower than the original content. Second the site in question is technically a howto about how not to make your site SEO friendly. Third, its not a popular site which itself makes it rank low when people who get it up as a result in their searches click something else instead. This link has a rebuttal for Foundem.

Foundem are a member of Microsoft founded ICOMP and CIAO! are owned by Microsoft Bing. It stinks and it stinks bad. The french legal search engine ejustice.fr have also filed a complaint but i fail to see where they compete with Google.

Most important of all, Googles search algoritm is very well explained and is well understood. Its hard to manipulate with SEO and is partly based on what users are clicking on. Even if you manage to get your site to show up high with SEO tricks if its not what people search for it will fall down in the results when its not what they was out to find.

The french ejustice.fr complaint is pretty strange. If i search for "legal search france" on bing i dont find it at all in the first 40 results. On altavista i just gave up after 60 results and the only way to find it was to use "ejustice" but that didnt put it better than place 7 in the results. One thing i learned was that there are tons and tons of legal search engines.

It seems ejustice.fr for starters wont show up in other search engines either and secondly have stiff competition from other identical services. It seems right now as if their complaint are that Google does not rank it much much higher than any other search engine.

CIAO! is complaining about standard terms and conditions which is funny. Read an Microsoft EULA from top to bottom, get help translating it into human language and think for a minute, how on earth could you do any worse than that? Then compare it with Googles terms and conditions. It will be an eye opening experience, i promise.

Some links for the interested ones:

Monday, February 22, 2010

A character assasination on a journalist.

Img courtesy of Juen.

Devil Mountain Software recently publicized numbers from their vast network of performance monitors that suggested Windows 7 has some of the same performance issues that Windows Vista has. A problem with how Windows 7 handles virtual memory seems to make the computers consume to much memory and not releasing it properly, thus resulting in sluggish trashing of the hard drives.

The research in question was overwhelmed by astroturfers crying out loud about anything they could think of but none of them managed to rebut the facts gathered. On many machines, Windows 7 is just as sluggish as Windows Vista. Its really not possible to argue about this, anyone can look at someones computer with less than 4 Gb ram and see it for themselves or look one with some heavy applications on. This research only supported that, yes, this seems to be the case for many computers. It proved what many of us has already seen for ourselves wasn't isolated happenings.

Now Microsoft has gone out and made an all out character assassination on Randall C. Kennedy because he had written under a pseudonym as Craig Barth. Writing like this under a different name is not exactly unheard of or even contested. 

Still even if it was bad not using your real name, the timing of the outing is all to convenient to be a coincidence.  From my understanding Windows 7 is really just Vista with some tweaks, twists and bugs fixed and as such has inherited much of the problems Vista was released with. Microsoft do not want that perception to leak out to the general public. They want people to think Windows 7 is much faster than XP, more secure and better in any way.

My belief is that Randall C. Kennedy hit a little to close to comfort and set the Microsoft PR-machinery into full action. If they hadn't found this, it would have been just about anything that could drag his name in the dirt.

The message is pretty clear, dont you dare write anything even remotely critical about Microsoft or their products. Sit journalist sit!

Saturday, February 20, 2010

Been trying chrome OS out.

I have been trying Google Chrome OS out this weekend. I think it can be a success really because i dont feel as restrained as i thought i would. There are an explosion happening online with webapps sprouting up like wildfire.

If Google gets the security and manageless functions working as intended, this is THE computer for people who are either tired of messing about with updates, viruses, defrags and all the problem people associate with computers today.

if i think about that its just a rough snapshot  im sitting on it feels like its going to be very interesting to see what the end result looks like. This year is going to be very interesting indeed.

I hope that Googles ventures into the OS market will make other big companies like HP, Dell etc grow some balls and dare to challange Microsoft at this. We need development to start again in the OS market after 20 years of stalemate. There has been no progress at all on the deeper levels. Mostly its internet that has happened but not much else. Well, woopdedo, when was it the internet was started did you say?

Friday, February 19, 2010

Some games for my 4 year old Girl.

I have been checking around today for some games for my little linuxgirl today. Recently she has been wanting to sit at the computer and write randomly. She almost has the mouse covered so i thought it could be time to get some apps for her to play with.

I have downloaded a bunch and i will use her as a test subject. Well see what works and not later on.

Later on i think i should try  Qimo, a distribution based on Ubuntu for kids. Looks very interesting.

Thursday, February 18, 2010

Very nice way of connecting your Linux desktop to your server with SSHFS.

One thing i have always struggled with is howto connect my desktop to my Linux servers or another Linux desktop. I have used SCP, SMB, FTP, NFS and various other ways but they have not been that optimal for my needs.

  • I want my traffic to be encrypted or atleast the login to be. 
  • Using the remote files should be transparent, both to me and all my applications.
  • I want enough speed to be able to watch movies directly from files off of the remote computer.
  • I want to have the same read/write permissions as the account i setup on the remote server.

SSHFS does all this in a very easy way. You mount your remote machine onto a normal user accounts home directory on its own folder. In my case i mount it to /home/username/Desktop/servername and get all my remote files right there on my desktop in the servername folder.

First you have to install FUSE if you dont already have support for it.

fuselink http://fuse.sourceforge.net/sshfs.html

Then make sure your user is in the fuse group so you have permission to use fuse at all.

Make sure the fuse module is loaded and then try it out.

The command for me is this:

 sshfs root@server:/folder/ /home/username/Desktop/servername/

If you want to make all this transparent, put the sshfs command in your autostart. Then export your keys to the remote server with ssh-copy-id.  See this excellent guide for more info about autostart.  Here you can learn howto login with ssh keys instead of passwords.

I realize it looks hard but its very much worth the hassle. Once done you have transparent access to your remote files over an encrypted tunnel.

A GUI managing this would make Linux to Linux file interaction be a lot easier and above all much safer than most other systems. Copying SMB is a huge step backwars in my opinion.

Wednesday, February 17, 2010

You think Google is bad? Think again.

Microsofts recently started a campaign against Google that in some ways are pretty funny. The result arent really optimal as the worst i have heard is "Google will become Microsoft one day". If all you can do is making your opponent looking as bad as you, your PR firms aren't really worth their money. I also find it pretty amusing that people think the worst thing that could happen a competing company would be if they turned into a new Microsoft. Your customer confidence rating must be pretty low for that to happen.

That said, while Google no doubt has flaws its nowhere near Microsoft. First of all, Google are not a convicted for anything illegal yet. Its history is clean as a babys bottom. This while Microsoft has seen more courtrooms than most Judges. I also have a hard time appointing someone the next successor in line before they actually does something pretty bad.

Google could in theory do criminal  but so could you, or your mother, spouse or kids. That doesn't mean you run around calling them criminals if they have behaved good up until now. A military or hunter isn't a murderer just because they possess a weapon. You need intent and malice for the crime to be committed, not just the weapon.

Microsoft on the other hand do have a criminal record. They have countless successful suits against them. Evidence are in abundance for anyone to read and review. Much of their email correspondence is out in the open from various trials. If in doubt i recommend reading at least some of it just so you don't think its all some conspiracy theory. Its real, it has happened and its thoroughly documented.

    Microsoft timeline
    Suits against MS, other legal issues. 

Now that you have read Microsoft's history you know they did not start all nice and cuddly. They started out bad  to the bone and it has paid off, handsomely.

Google on the other hand is a counter reaction to this. In ways its an experiment, can you make a successful company by being nice? Is it possible to compete against adversaries like Microsoft even if you play fair?

Take a look at the google critisizm page over at Wikipedia. Its at best a description of what possibilities Google have should they turn "evil" tomorrow. I tried searching for more criticism in Microsoft Bing but it didn't turn up much at all. Its all about potential privacy issues should Google go bad.

I'm really not defending Google, i just want to put things into perspective. As i said before, Google has its flaws but compared to most of the competition in the IT world they are very trivial and insignificant so far. Compared to Microsoft, Larry Page and Sergey Brin should have angel wings and rings over their heads.

This could change but there is absolutely nothing pointing at that direction today.

Hackers release fix for XP crashing BSOD problem.

The authors of the TDSS/Tidserv/TDL3 rootkit has released an update that eliminates the problems with Microsofts MS10-015 update. It seems as if the MS10-015 patch conflicts with the rootkit installed in many computers. The update downloads and install itself in the background. No user intervention is needed at all.

Am i the only one finding this event hysterically funny? At the same time its disturbing that so many Windows computers have rootkits on them.

Read more at Zdnet

Tuesday, February 16, 2010

Chrome OS is starting to gain momentum.

With the new version of Chromium OS distilled and packed by hexxeh things is really looking as if they are taking off. Chromium OS is the open source version of Google Chrome OS. While its not Googles official version its very nice to see the development of the OS in almost realtime. 

I could rant all day long about the new version of hexxeh's Chromium build but i just toss the links here for anyone to read.

Hexxeh Chromium build
Hexxeh Blog

HP Airlife 100, a real netbook.

I have read about the HP Airlife 100 on various sites and by the look of it, this is the type of portable computer i have been waiting for. If priced right this is something that can be to HP what the eeePC was to Asus. The revolutionary isn't the size, software or hardware. The really interesting bit is that its very power efficient thanks to its mobile phone roots.

How about 12 hours of  active use or 10 ! days of standby? Note that having this computer in standby is nothing like having a laptop in power saving mode, especially with android. You still get notifications about incoming events, mail and other things.

It also sports a GPS receiver, Ndrive turn by turn GPS software and anything you can download from Android Market.

I can truly say, i want one of those really bad. HP is totally nuts that dont market this worldwide right now. Its a "must have fsck food for a month" kind of product.

PS. Oh, and i forgot, it has a touchscreen. DS.

Original spanish HP announcement
English translation of the original HP announcement.
Slashgear has some purdy pictures of the little gem.

Image courtesy of openclipart.org

Mark Shuttleworth is a bit naive.

Saw an excellent blog-post from TheOpenSourcerer  and then Marks answer. Then TheOpenSourcerer made a followup.

In essence TheOpenSourcerer  begs the question, is canonical slipping towards Microsoft and away from the free software goals?

I would rather say Shuttleworth is setting himself up to be knocked down by being all to nice to a predatory company.

One comment made by Shuttleworth is very alarming:

"But I'm not here to punish Microsoft, or hate them, I'm here to build a better way, if I can. It will be hard, but we can. And in the cases where we have common cause, I am happy to work with Microsoft. That may be a hard concept for people who think that life is easier to understand if you have an enemy to make your own cause right, but I find that attitude leads to bigotry and bad results, and makes it impossible to get past the wrongs of the past."

If Mark Shuttleworth takes a quick gander backwards he will see a ton of wreckege. A pileup of past companies that had the same view on Microsoft lies there in rumbles. History is a good indicator of what lies ahead and ignoring it will never lead to success. Its good to be looking forward but you cant just close your eyes and pretend some things never happened.

The reason you never work with Microsoft has nothing to do with hate, its about survival. The concept of cooperation just isn't in their vocabulary.

Calling these protests about mono and yahoo Microsoft-hate is wrong. We want canonical to survive but not as a vehicle for Microsoft to destroy Linux. Internal email from Microsoft clearly states Linux is Microsofts biggest enemy. The Halloween documents still apply inside Microsoft. Your dilusional if you think MS want to play all nice and clean this time when it has never happened before.

Mark writes:

"Nor were we willing to accept Microsoft's terms of IP licensing, as Novell did. But if there are constructive places where we can work with Microsoft, or Oracle, or IBM, all of whom ship quite a lot of proprietary software, we certainly will engage openly and in good faith. And I believe we do so with the full support of the leaders of the Ubuntu community."

Canonical has clearly accepted Microsofts licensing of the patents in mono and all the loose ends about it.

About working with Microsoft in good faith, again, its only possible if the other side does the same. Why would you go in knowing the other side uses every possible cheat in the book?

The leaders of the Ubuntu community? Since when was Linux about some leaders telling users and developers what to do? Its a grassroots movement, not some kind of pyramid. This is the statement that disturbs me the most. What about the users? I read this as a "end of discussion!", that canonical lost the argument and decided they know best and just ignore the little guys.

Monday, February 15, 2010

Remove mono from Ubuntu.

I really think Canonical should think again about including mono in Ubuntu default installation. Its one thing being able to install it if you need it but its really not good that you need it on your default installation. Every single mono app, from banshee to Novells services on Mono i work with all day have a single common denominator, they suck. Memory, performance and stability are nowhere to be found.

Mono could be tossed out on technical merits alone. But thats not where the problem lies. First of all, what application are we getting that we miss in the vast free software world today? I dont know of anything i miss and im very sure the same goes for most users. If you need a Windows application your chances are far greater if you use Wine than someone being able to get a dotnet app working in mono. Im still waiting for someone getting a dotnet app working reliably in Windows (a real one where more than the interface is written in dotnet).

Second of all, why should Linux be the enabler for Microsfts lies about cross platform compability? If Microsoft wants dotnet on Linux, let them make a runtime of their own just like SUN, Adobe or anyone else. That way any compability issue, patent problem or other IP rights are Microsofts own problem.

Putting Mono in Ubuntu is a timebomb waiting to explode and gives the community nothing while it gives Microsoft all the ammo they could ever wish for.

Ask yourself, why are the biggest astroturfers also the most enthusiastic proponents of Mono on Linux? Shouldnt they want Linux to miss this "excellent" technology?

Linux users have proven themselves very picky before and migrated in droves from popular projects and distributions over night. Ubuntu is no exception and if Canonical dont start to listen to their users they could find themselves obsolete very fast.

If canonical wants money, sell something, anything and ill buy. I dont need support but i would gladly pay for other stuff. An app store with games, movies, music, anything.

One thing i would gladly pay for as well would be turn key ready solutions like ebox on the server side. 

Embracing open source and then censoring it?

I find it very disturbing that Gnome has seen an influx of Microsoft tendencies past year. People like Miquel De Icaza and Philip Van Hoof censor any and all who will post any critic about Microsoft or their technologies. Its bad enough that they are sucking Microsofts tits and implementing inferior buggy infrastructure like dotnet in Linux.

Read this link for more background

Open source are supposed to build on open discussion. Reaching a common conclusion isnt the important part. The crucial thing is having an open honest discussion.

The good part is that people all over starts to realize, you cant play nice with Microsoft. Even if you have good intentions, Microsoft never has and never will. Ask Novell and Yahoo, the latest companies going down the drain just after teaming up with MS.

The Free Software Foundation is more important than ever because open source without them is just being able to read obfuscated code under an NDA. If i would want that i could just as well sit down with a decompiler and a Windows disk.

How Google could take a hefty piece of the SMB market.

No matter how you build a network you sooner or later want to login to something locally. It may be a printer, a firewall, NAC, intranet or a wireless network.

With Google Apps all your accounts are in the "cloud" and there arent any easy way accessing them from a local network, especially before you have been connecterd to the net.

Google could in theory put together a key-turn server where the accounts in Google Apps are synced to a local server that handles nothing more fancy than LDAP and Radius.

This way a  new company could easily use Google apps and this LDAP server as the foundation for other services that are local. Im currently working on implementing Google Apps myself and this is what i lack. I dont want to run a Novell, Microsoft or SUN server, i just want a simple way of having local access to the accounts in the cloud.

I manage to setup my own LDAP/Radius but most SMB dont. Bring this missing key and i think many more companies will consider Google Apps.

Saturday, February 13, 2010

Miquel is working hard for his money.

Our favourite OSS poser Miguel de Icaza is at it again. This time spreading his usual lies about ODF. His goal has always seemed being about getting employment at Microsoft (he was turned down once) and im beginning to realize he must already have gotten it.

I was about to write it up but Roy has an excellent aggregate of all the surrounding facts.


I guess it all comes down to the fact that denmark has chosen ODF. A couple of countries more and Microsofts strangehold on Office suites are but a memory of the past. For the new people in this saga i can tell that ODF is something that scares Microsoft. Its a common format for document exchange so that it doesnt matter what office suite you use.

Remind yourself again, why do you use MS Office really. Is it because you cant exchange documents with others if you dont? Your systems only work with .doc, .xls etc?

Friday, February 12, 2010

LXDE, small and fast.

I primarily use LXDE for my desktop these days. The biggest reason is because it works very well and are fast.

Long ago my computing consisted of changing settings, tinkering and rearranging stuff on the desktop. Nowadays i just want my desktop to be a place where i start applications and then change between them. I rarely use the desktop itself.

LXDE fits my needs and more but most importantly it avoid bloat and slowness. Gnome was good but lately it has just become bloated and fat. The current push from Microsoft/Novell to get mono into it has gotten me running away from it. KDE is nice but just not my cup of tea. I dont want to have ten thousand settings at hand, choose one and choose it wisely and im all set.

So, if you like me like small and fast but IceVM, blackbox etc are to minimal give LXDE a whirl.

Why is open source important for a Microsoft shop?

Even if you are the most fierce Linux opponent free software is still something to keep in mind. Most important is to avoid painting yourself into a corner with proprietary solutions and protocols. An open environment is much cheaper in the long run than a tightly integrated one.

You can build an open environment without free software so that accommodating it later becomes much easier. The key is to avoid interdependencies between different services as much as possible. Especially software that requires specific versions to work at all. If possible always choose open standards (real standards, not pseudo standards like OOXML where Microsoft themselves cant even follow it).

Someone who follows this will find that utilizing free software solutions becomes much easier after a while. The system as a whole also becomes much easier to manage because you can upgrade and replace different parts without having to rip and replace everything or upgrade a whole chain of services and clients at once.

Another reason free software is very important for a Microsoft shop is prices and competition. Free software is right now the only thing keeping prices down. A MS shop has nothing to gain for lambasting free software, rather the opposite. By upping free software Microsoft gets competition, that in turn makes them put that extra effort into making better products.

Free software arent for everyone but it truly benefit all the customers by bringing prices down and quality up.

Im bored!

I think i put too much work into getting all the Linux servers working perfectly and now they do. Not a single hiccup, error, trouble or accident in months on any of them. Except two of them thats in a VMware system out of my control. Hard to keep a virtual guest working when the whole Vmware system goes black or when the SAN stops answering for seconds at a time.

We are about to start a new project ripping the old stuff out and totally redefining our infrastructure but in the meantime all i can do is keep stuff working, try to find new services users perhaps could benefit from and wait.

Right now im whacking away at my collegues Windows servers just to have something to do.

Im darn impressed by just how stable a Linux enviroment is.

Thursday, February 11, 2010

Where do the Google bashing come from?

Im pretty intrigued by the Google bashing that started this fall. In my case i first saw it from my usual friends, the wonderful astroturfers at idg. All of a sudden Google was the epitome of evil and voe upon us if Google wasn't destroyed immediately.

Ofcourse that sparked my curiosity, why all of a sudden did the astroturfing machine turn against Google instead of the usual Linux lambasting?

Well, i googled around and found this little gem at digitaldaily.


Well what do you know, Google has moved up onto MS kill list, at roughly the same time a smear campaign started.

I think this is going to be a tough nut to crack for Microsoft. Mostly because there really isnt much to complain about when it comes to Google so far. That the worst thing they can come up with is pointing their finger and saying -"Google has almost as bad privacy policies as ours!" speaks volumes.

Wednesday, February 10, 2010

Ebox, pretty neat SMB server.


Boycottnovell, not just an angry haters site.

I found boycottnovell while i was following some leads in documenting neartime history about how the linux netbooks came to disappear over night despite being a huge success for Asus. More on that some other post when i have the time to write it all up.

At first boycottnovell can seem like angry rants but i assure anyone inclined to think so, follow the links and it becomes apparent that its just not blind hate. The man, Roy Schestowitz, is relentless in gathering news from all over the world and linking to stuff i have a real hard time finding myself despite hours of searching. Just like Groklaws Pamela Jones he is very good in providing background and context.

Another thing i have found out is that no site i know about aggregates links as heavily and good as Roy manages to do about Linux. Im genuinly impressed both about the volume of links and the quality of the linked sites. He could start a new site with only the Linux links and be the best news aggregator for Linux hands down, even compared to slashdot.org or lxer.com.

My tip is this, if you think people lambasting Microsoft for being a pretty sucky company are nuts. go read boycottnovell for a couple of days and most importantly, follow the links to the various news sites and confirm them. Think about it for a couple of days and then go read the evidence from the Comes vs DOJ trial against Microsoft. Then come back and tell me Google is evil with a straight face.

Chrome OS, the right approach to security.

Im pretty impressed by Google and their approach to security. The main thing that strikes a note in me is that the user is viewed as not knowledgable in security. A user are the last person you should throw important security decisions onto. Any decision possible to make in advance should be made by Google and for everything else a failsafe default should be used if the user just wants the popup go away. Its the exact opposite of UAC on Windows.

History and countless trials have shown people, normal everyday people, are totally unfit to make decisions about computer security. They dont have knowledge enough about the underlying system, they dont want to care about it and most importantly, they have much more important stuff to do on the computer than playing security engineers. Socially engineering passwords out of users are not a problem, neither are telling them to accept whatever security question the computer asks them about.

The design papers for Google Chromium OS are pretty interesting. Especially that they take device theft into account already from the start. As of today thats something bolted on as an afterthought in most OS.

If done right, Chromium OS wont need policies to manage the devices like Windows machines but will be very secure out of the box. Much more so than any Windows installation with an ever so vigilant administrator. I hope some of this work Google does will trickle back to Linux. On the server side it would make for an awfully easy enviroment to manage your services on.

Why do security suck in Windows?

The biggest problem as i see it is not the technical aspect of Windows per see. Its the way the Microsoft management seem to view security. There are just to many ways in wich statistics seems to be more important than real security.

UAC is an excellent example of this. UAC works by asking the user before doing sensitive tasks. At first look this can seem smart but if you think some more about it, not so much. First of all, who should be best equipped to answer a tough security question. Is it the developer of the application or the user? Which one of those has the best knowledge about security? I would say that if the developer cant answer, neither can the user.

The biggest impact UAC has on security is that whatever happens, a user has to press an OK button to make the computer overtaken by someone. Security wont highten much but all the blame is put on the user. That way, most security issues can be marked as insignificant since they require user "consent". Viola, instant virtual security.

Another thing of great grievance for security is the bad habit of not patching holes until they are sufficiently exploited.

This is how it goes. First some hacker or group of professional hackers discover an exploit they use for corporate espionage, economic crimes and card frauds etc. Many times Microsoft already know about this hole but are only fixing it in the next major version of the software. Then in time that exploit sips out to others or are sold away for spammers, botnet herders, hacking tool resellers and the likes. When this happens Microsoft decides its time to start patching. Problem is, this hole has been in use for sometimes years by professionals. The reason? Well Microsofts statistics looks better than the rest since they only patches used exploits while others patches all their holes, used or unused.

For Microsoft security are nothing more than a tick on a sheet, a PR issue.

Android, the game changer for mobile phones?

Im pretty interested to see if Google can make Android into a catalyst for how mobile phones are sold. Right now there seems to be an uphill battle against the old way of releasing mobile gadgets.

Nokia, Sony Ericsson, Motorola etc have all released a phone and then at best fixed bugs in the software but rarely introduced any major updates. For new functionality you have to buy a new phone.

Android can change that if Google succeds in pushing HTC and the other vendors into updating their phones. The backside for the OEM handset manufacturers are that the software becomes more important than the hardware. The upside is that users becomes more interested in what hardware a phone has than before. Instead of looking at a phone like a brick you look at it like a piece of hardware that should accomodate the software of you choice.

While i can understand some handset manufacturers trembling with fear out of being the new PC OEMs, completely in the hands of Google i dont think there is any chance of that, especially thanks to the open source nature of Android. Anyone can take the android code and run away with it laughing hysterically and Google couldnt do a thing. But, it wont be neccesary as its really just an insurance of mutual destruction. Google knows that if it goofs up people will just fork it and the others know that if they fork it they will still have to sync up to Googles code if that code is the one most worked on because its still more popular.

Interesting times indeed as its impossible to predict how the handset manufacturers think right now. One thing is for sure though, Windows mobile is dead, buried and gone with a fork in the forehead. The game stands between Apple, Symbian, Palm and Android. Hopefully nobody wins and a common format for applications can be brought forward...

I can dream cant i?

Ksplice, never reboot your linux box again.

Ksplice is pretty some pretty interesting software for Linux. Its a service that patches the running kernel without any reboot taking place. On a critical server you dont want any downtime on or where you want to choose your own downtime its damn near perfect. Sure you probably have some kind of HA and multiple servers but that doesn't mean its convenient to take the machines down all the time for updates.

If youre interested, take a look at http://www.ksplice.com/paper and read about how it works.

To my knowledge there isn't anything even remotely similar for Windows but its not that much of a problem, they have to be rebooted all the time anyway because of locked files, lost system resources and whatnot.

Software, whats wrong with the development model?

One thing that always strike me is the way most software is developed. Its developed in an evolving manner.

You begin with a rudimentary alpha that roughly resembles the intended product. Seldom are things planned ahead in anything but a list of features the end product should have. As the cycle goes on more and more featureas are added, changed and rearranged until someone says stop. Then its down to hunt bugs down, bugs that shouldnt be there in the first place. Some are fixed, some not.

Imagine someone building anything else with the same development model. Imagine a car built without designers, engineers and experts. Made by salespeople, managers and mechanics. No planning, just slapping bits and pieces together and as work goes on fix the worst mistakes. Wrong drivetrain? We cant change that this late in the process buddy! Work around it!

Linux the kernel can make this model sort of work but its a pretty impressive feat and countless man hours are lost. People submit their work all the time and get it rejected. One wonders what it would look like if some planning would go into it all.

Im fairly certain that with proper planning most software would be a whole other beast. Instead of slapping functions onto functions you would know from the start where you are heading. Biggest reason is that when you sit down and really plan in detail you discover snags that otherwise demands you to use the software IRL before you stumble upon them.

Planning brings predictabilty, both for the developer and the user. You should KNOW in advance what a function does, why and how. Not document how it behaves after the fact.

Friday, February 5, 2010

Perfect software?

Are you just like me fed up with buggy broken software that demands constant patching and care? Do you as many others think this is because its impossible to make high quality software? Ill try to describe why in a couple of blog posts just why todays computers have such low quality, especially their in software.

One problem facing software today is the total lack of any functional guaranties. Of historical reasons software never got the status as goods but by pure chance it got threated as books, photos or musical pieces. A software company has no legal obligation at all to deliver working software. The only demands i know of is that it should do roughly what the documentation or sales material states. As such a customer cant demand anything really if newly bought software is utterly broken. If it works sometimes the vendor is off the hook.

Because of this there isnt really any incentive to write software of high quality. Its easier to just release patches when enough people complain about a specific bug or security issue. The real problem is that the 300 000$ payroll system you just bought was in the letter of the law just a book. Whatever problem they can just ignore it legally and tell you to buy the next version instead. Any patching they do is really PR and nothing they have to do.

This is really a big problem as more and more hardware gets attached to computers and the internet. We already have more than enough infrastructure that peoples lives depend on connected to software. It should warrant at least partial responsibility for security and functionality from software developers.

We have had computers for what, 40 years now and quality has not risen one bit. Especially if you disregard Microsoft who practically invented the notion of releasing broken software and then slowly patch it up to a half-working state.