Weblog Without Honor or Humanity

• weblogs, wikis, comments
• Nokia 7610 (symbian 60 v2.0) phone review
• US gas price watch
• turn a phone into a remote control
• NavMan PiN 100 - Pocket PC and a GPS with mapping for only $499
• ViewSonic VP2290b super-high resolution LCD monitor review
• MPx220 review

I have to say that Microsoft often surprises me. Last time it was explosion of bloggers among Microsoft employees. Today it’s product feedback center where people can submit bugs and suggestions on developer tools. As far as I can tell this is the first such initiative from such a big company for a non-open source product.

It’s interesting not only because Microsoft is brave enough to host a website that lists only bad things about their software (imagine what ammunition it’ll be for a ms-haters, ultimate proof that ms software is full of bugs).

Looking through comments on those bugs, Microsoft is really reading bug reports, tries to repro them and fix them.

I haven’t seen such openess in a software company of this size. Where’s similar commitment from IBM, Borland, Adobe, Apple, Macromedia?

Just in case anyone was wondering, this is an example of one of those little things that Microsoft does that made them the biggest software company.

• what is your phone
• microcontent client
• Sendo X (symbian series 60 phone) review
• Encoder - a web app to encode e-mail addresses so that it’s safe to put them on a web site
• PalmOne shipped 151k Treo’s in last quarter
• PmWiki - looks like a very decent wiki, in PHP
• Fujitsu F900iT docomo phone review
• review of “Building of basecamp” seminar

Personally, I think that marketing is much more than skillful lying, however there are things that re-inforce that image to me. A recent example is Handango’s press release about their InHand on-the-device catalog for downloading and buying applications. The idea is sound but Handango’s marketing team manages to put at least 2 blatant lies in the press-release.

First they say:

XML DATA. InHand is built on an XML data architecture, which ensures very efficient data transmission as well as the ability for licensees to manage the data feeds in-house.

There are many benefits of XML to tout so why they decided to lie by pointing out one thing XML is not good at i.e. “efficient data transimission”? Efficient compared to what? It’s hard to come up with a format that is more inefficient than XML.

Then they try to one-up themselves:

“With this announcement, Handango InHand is now available for virtually every smart or feature phone in the market regardless of whether it is running Symbian OS(TM), Windows Mobile(TM) or Java(TM),” said Randy Eisenman, president and chief executive officer of Handango.

Except Palm based phones like Treo 600. A curious definition of “virtually every”.

Considering blatant lies I guess there’s no point quibbling over small details like using meaningless phrases of the “one-click interface” sort (although technically it must be a lie too; I challange Handango to show how I can accomplish anything with InHand using just “one click”).

• police state isn’t a safe state - Schneier vs. U.S.
• Law #18: The Law of Success
• Python and Eclipse
• C++ port of lucene
• Subversion <= 1.04 heap overflow
• Intro to reverse engineering (pdf)

• photography composition tutorials
• CLR GC perf counter
• US marathon list
• CLR performance blog - subscribed
• review of Phase One P25- 22 megapixel camera
• better code editor of the future - ain’t gonna happen
• RIAA evil as always
• transfer e-mail from Hotmail/Yahoo to Gmail
• Law #17: of unpredictability

It looks like mobile carriers have very limited vision and all their ideas about making money end up doing the opposite - loosing money to competition.

I think they’re just too much in love with easy money. Mobile carriers had a few successes in this department e.g. SMS and ring-tones generated nice revenues in some countries. It’s easy money because the technologies are very simple (if not primitive) . Carriers fully controlled them and could over-charge. And over-charge they did.

The problem is: compare SMS with applications that can be written for real smartphones like Treo or MS Smartphone and you’ll find that SMS is ridiculously over-priced for what it provides. The only way to keep making easy money from SMS is by not letting any other technology compete. That would be a fine (if bad for costumers) strategy except that carriers don’t have that power. Once an open platform like Treo or MS Smartphone or Symbian-based smartphones is launched by just one carrier, the cat is out of the bag. The others have to do the same or slowly loose all their business to the carrier that provides a better, cheaper solution to the user.

There are other cases of mobile carriers trying to extort control with long-term detrimental effort. Some carriers providing MS Smartphone-based phones lock their phones so that only signed applications can be run on them. There are some advantages to this approach but the end result is only one: angry costumers and loosing business. Not every developer can (or wants to) spend necessary time, money and effort to obtain carrier’s approval for signing. Therefore some applications just don’t work on phones requiring signed applications. Customers get angry. This is bad for the carrier, because this problem will be blogged and discussed on user forums and new subscribers will choose a carrier that doesn’t have a locked phone. This is also bad for the platform because most users don’t care about who’s fault it is (carrier’s, developer’s, Microsoft’s) - they spend money on something that doesn’t work to their satisfaction. They’ll switch to competing platform e.g. Treo.

Another case is Danger. Danger released their SideKick smartphone on T-Mobile network more than a year ago. In many ways it was (and still is) a great device, ahead of Palm or Microsoft smartphones. They’ve made a big bet: their platform is closed. In case of Palm or MS Smartphone, anyone can write an application and sell it directly to users via web. For Danger, the only way to sell applications is through Catalog which is fully controlled by Danger and the carrier.

There are advantages to this approach:

• Danger/carrier can (and do) make a cut from every purchase
• Danger/carrier can better control the quality of applications (arguably increasing the public’s opinion about their platform)
• if an app is featured in the catalog, it has a chance of getting high buying rate. Because there’s only one source of applications and it’s built into the device, chances are that an average SideKick user will spend more money on additional apps than an average Palm or MS Smartphone user. Never under-estimate the power of one-click purchase.
• the experience of installing application is much better for the user

All that doesn’t matter given that it might have been a suicidal decision for Danger. The problem is: after more than a year since launching the SideKick, there are no third-party applications available. No one really knows why. It doesn’t make sense for Danger to drag their feets like that because their long-term survival depends on availability of a large number of applications so everyone’s guess is that it’s T-Mobile that, for whatever reason, is responsible for the delays.

Things are bad in developer land. Many developers that were very excited about the prospects of the platform and spent time writing applications for it are angry with Danger and are stopping development efforts until things change.

Hard to blame them: writing software for SideKick is always a gamble. If Danger/carrier doesn’t accept your app for Catalog, you’re screwed. You’ve lost time and money spent writing the software and there’s no way you can make money. Currently Danger doesn’t communicate with developers. They might have a good reason for that (e.g. NDA agreements with T-Mobile) but no-one cares who’s fault it is. The platform looses.

Users of SideKick also loose. They can’t use SideKick to its full potential because there are no third-party apps available. Compare that with thousands of apps avaialbe for Palm.

Danger really is in danger.

GigaOM is an interesting, opinionated weblog that I follow. However, I do have to comment on this entry about alleged security risk of installing Skype. Looks like pure FUD to me. The whole basis for accusing Skype of not being secure are those words (from the CEO of a company making a competing product; can you say “bias” three times fast?):

When I pressed him more, he explained that Skype’s best feature, its ability to pass calls through firewalls and Network Address Translation (NAT) systems, is also its Achilles heel. Hackers can use the voice stream (which is nothing but data) to bypass firewalls and create havoc on the corporate networks. “You can break the whole corporate network in a matter of minutes,” he said.

From the technical point of view, this is just gibberish. Corporate networks broken in minutes yet none have been broken yet (at least none that I know about)?

Using “voice stream to create havoc”? And how exactly?

This is not to say that that Skype isn’t potentially insecure. Any software is potentially insecure and Skype is not different. However, it is quite different to say something is potentailly insecure and say that it is, in fact, insecure. It’s very easy to prove that something is insecure: write an exploit demonstrating that. Publish a vulnerability report on one of the respected sources dealing with security holes in software.

This post does none of that. It’s all witch-hunting and allegations without proof coming from third-party who is Skype’s direct competition.

The post tries to appear impartial by quoting CERN rule:

Skype P2P telephony software is not permitted on CERN’s computing or network facilities. The privacy policy of Skype violates CERN’s Computing Rules by bypassing firewall protections and offering services to others.

Too bad it has nothing to do with security. Skype vilotes CERN’s privacy policy. There’s nothing that implies that CERN thinks Skype is insecure.

Kowalczyk’s second rule of internet: always apply critical thinking when reading stuff on the internet.

SQLite 3.0 alpha has been released. To me software like SQLite shows the real benefit of open-source: you get high-quality chunks of code that you can re-use in your application. Developing them on your own would take ages. Now one can just focus on things related to applications functionality and use SQLite for plumbing.

SQLite is an embedded SQL database. Embedded means that it’s just a relatively small (around 200 kB of code) library that you can use in your programs to create databases using SQL as the interface. It differs from full SQL engines like PostgreSQL or MySQL in that it is optimized for use by one application.

Main difference between SQLite and other SQL engines is that its untyped i.e. all data is stored as text. Personally, I don’t like that. Types have many benefits:

• prevent mistakes (the engine can verify that inserted data conforms to declared type of data)
• make databases smaller (e.g. it takes less space to store an integer as an integer vs. its text representation)
• makes things faster (e.g. when comparing data as integers, SQLite has to first convert it from text to an integer)

But I’m not complaining - SQLite is an excellent product as it is.

The new 3.0 version (which is not yet production quality) goes halfway in implementing types: it implements type manifests. It means that if the value insterted matches the type of the column (e.g. when inserting “123″ to an INTEGER column), it’ll be stored in binary form for a given type (INTEGER in this case). If it doesn’t match the type (e.g. it’s “foo”), it’ll be stored as text.

New version is also faster than the latest 2.8 version and databases are smaller.

There are a lot of applications that can benefit from a database for storing data (actually, I find it hard to think of a non-trivial app that wouldn’t) and SQLite is an excellent choice for that.

The code is in public domain, written in portable C (works on Unix and Windows) and has bindings for all imaginable scripting languages.

• how to implement psexec
• WordPress dev mailing list
• cross-reference of WordPress code - very useful