Archive for March, 2009

Trading(up) Spaces.

Posted by Eric, 20:26, March 30, 2009
Cache In, Moving Forward, Waste of Electrons / No Comments

Like most Mac users addicted to megapixels, I add new spaces even more often than I add new monitors. Currently, with about 8MP of LCD’s and six spaces, I stare into a glorious ~48 megapixel world from my desk.

Spaces, Apple’s name for virtual desktops, allows users to create different environments, seemingly for different tasks. It is a savior for everything from work/life balance to privacy, and it is one of the most compelling arguments for why Windows only lives in VMs on my workstation.

Compliments aside, I think that spaces and virtual desktops have a long way to grow. Currently, I run several VM’s and applications that I would like to have a dedicated physical monitor, something that is not possible with the current software. Of course, one can dictate that an application always be on the forefront of the desktop space that it occupies, but that does not quite do it for me. Digital graphics representation is becoming an ever more important part of our lives, and it would be fantastic to be able to control each monitor like a separate physical machine.

In the next iteration of OSX and Linux environments, I would like to see a number of features. First, I would like to have the ability to assign applications and VMs their own monitors, treating them like completely separate machines. This would mean that if other monitors were turned on or off, the separated panels would not be impacted. This could allow for substantial energy savings by giving a user the ability to turn off unneeded monitors while still being able to see necessary output. Next, I would like to be able to select which monitors participate in spaces, leaving a scratch monitor that is application agnostic like a clipboard for applications. This would allow a user to drag an “alias” of output or programs onto a monitor that would remain identical in every space, comparing graphics or figures from programs that normally occupy different spaces. This can be done by dragging applications to corners in the current environment, but there is no command I know of that will put them back. Finally, I would like to see a command that would create “derivative” spaces where the visible applications do not change, but which monitor they are displayed on does. For instance, if using three identical monitors (positioned L-C-R), a derivative command could be created to move applications from L or R to the center panel.

The virtual desktops currently available are miles ahead of any other workflow options, but I have been given an inch and want a mile. Particularly for Apple, these enhanced features could be coupled with the Fingerworks-offshoot multi-touch gestures. If implemented correctly, an improved spaces could approach the usability of the fabled “touch wall”. I cannot think of a better excuse to add multi-touch to the desktop input devices, creating a truly unique hardware/software line.

Robots and the Recession.

Posted by Eric, 21:42, March 29, 2009
Waste of Electrons / 1 Comment

On a shopping trip to Ikea, I was surprised to find that the only option at checkout was an automated cashier. Usually, I only use automated cashiers at my local grocery, and their attraction is limited only to the fact that many people are averse to them; making the lines shorter compared to the stations manned by cashiers.

Ikea is usually a trendsetter in the world of big box retailing, and I will not be surprised to see the automated stations show up in more large retailers, like Costco and Best Buy. Usually at the grocery store, I find the automated cashiers to be slow and demanding (forcing you to put an item in a bag even if you do not want one) in addition to being unable to deal with unmarked goods like produce, but there is no doubt this technology will be improved if it becomes the norm.

It must be fairly scary to those who count on a cashier position for their livelihood, since the positions will likely be eliminated quickly and at multiple retailers, making a simple employer switch unlikely. It is also not a stretch to imagine that older cashiers (more likely to command higher wages and hold full-time positions) will be disproportionately let go as younger employees are kept on to man the computerized replacements.

Speaking of job security, upon exiting Ikea in my area, there is now a sign with a clock for the weekdays and each weekend day, colored in red, yellow, and green, showing shoppers when the downtimes are. I would sure be scared looking at that sign as a customer-service employee.

Where to Break the Chain?

Lately I have been involved in a lot of talks about encryption.  As laptops become more important, and people are literally storing their digital lives on them, some level of encryption is a good idea to protect data in the event of theft.

Most of the time when encryption comes up, breaches are the first thing mentioned.  ”I heard that by freezing the RAM you can take data off of a sleeping computer”, etc.  Most of these claims are likely true, but like anything else, data protection is a continuum.  For the purpose of this discussion, we will compare encryption to cars.  Triple AES-768 will be an Abrams Battle Tank (there is harder out there, but it is not going to move around much), and a system password will be a convertible.  An Abrams and a convertible both have measures to protect the interior of a vehicle.  Even though an Abrams is comparatively impenetrable, you see a lot more convertibles on the road.  Why is this when the smaller car does not do nearly as good of a job at protecting items in it?  To begin, an Abrams costs millions of dollars, weighs 70 tons, and is not normally accessible to the public.  To a novice computer user, the AES-standard is an impossible concept.  It is difficult to implement, requires a great deal of specialized knowledge, and is slow and bulky.  Since our hypothetical user would at least like some protection from unexpected bad weather, a convertible is in order.  It is cheap to run, accessible, and sporty.

You never hear people, even the Phil & Ted stroller-pushing new moms, mention that they want an A1 Battle Tank.  Many try with an Escalade or the like, but once again, there is a continuum.  They do not want the tank because they understand the costs and limitations of a 70-ton treaded vehicle (not to mention tearing up the subdivision).  They understand that depleted-uranium armor is not needed to get from home to day care and back.  

However, when we transfer the analogy back to the digital world, this understanding goes away.  Everyone all of a sudden wants the most hardened security in the world, regardless of their status as a target or their activities.  I manage to offend many people when I mention that the weakest link in any modern encryption platform is the user.  They may get tired of slow read times and turn off disk encryption, they may use the same key for encryption or computer protection as they use to log into Gmail.  They may write the key on a post it and leave it on their monitor, or tell a friend their password or e-mail it to themselves in case they forget.  Even if they do not do these things, passwords are incredibly uncreative, and the concept of a passphrase is not yet mainstream.  Knowing full well that most users will do things like this, it is hardly worth debating the relative merits and flaws of various encryption algorithms and standards.  Users also need to understand their status as a target.  Someone must be highly motivated to even attempt to guess a password, yet alone break disk encryption.  If they are sufficiently motivated, any casual protection standards will not be a significant deterrent, and it is always a good idea to have a backup plan if you lose your data or if someone else gets it.  Things like identity theft are a huge pain, but armoring yourself so heavily that you stand out from the pack will honestly just make people curious.  Like the tank, there is no point having the armor unless you are willing to go through the training to operate it, and spend a great deal of time with maintenance.  An Abrams with the keys left on a panel marked “car keys” in the garage is an awfully expensive front.

My personal data is protected to the highest standards that I can understand and maintain, and I am willing to accept performance slowdowns to compensate.  However, beyond a certain point, my data protection priority shifts from protection from theft to protection from loss.  If a dedicated team decides to devote tremendous resources, they will likely be able to obtain portions of my data.  However, it would take an incredible feat to remove my data in a way that I too would lose it.  Part of my redundancy involves offsite storage transfered online, and it is ironic that in choosing this redundancy, I expose my files to the wild land of the Internet.  Even if you hide yourself in an impenetrable cocoon, you then have to worry about redundancy, and if you are paranoid enough, multiple site redundancy.  At some point, one must bow to reason and realize that if someone wants your data badly enough, they will be able to obtain it, and the harder your security, the more likely it is that you will be the link in the chain that gives.  A tank is not necessary to protect your family photos, just make sure you have your top up when you go out in bad weather…

If you are worried about your protection standards, just make a better password, and read up about data protection.  As you understand a little more, you can switch to some home directory or full-disk options, and fall down the spiral of paranoia from there.  

GE Follows American Express Into the New World of Mobile Contact

Posted by Eric, 23:36, March 05, 2009
Cache In, Cyberlaw, Virtual-Reality Detachment, Whose Data? / 1 Comment

Until recently, the mobile phone has been a quiet place in the world of telemarketing. As someone that uses mobile phones for all of my lines, I have greatly appreciated the lack of interruption. Considering that my lifetime score to positively responding to an unsolicited telemarketing call is zero, this has been a great relationship for both parties. Thanks to laws, lack of phonebooks, opt-outs, and so on, most of the calls that I receive are wanted, or at least not out of place.

Now that mobile phones are not only commonplace but even replacing landlines for mainstream consumers, the telemarketers must have needed a profit-saving change.

My blissful silence was halted by an e-mail this afternoon from GE’s capital arm announcing that the terms to my service were changing:

 

You agree that GE Money Bank and any other owner or servicer of your account may contact you about your account using any contact information or cell phone numbers you provide (whether previously provided or provided in the future).

You expressly agree to the use of any automatic telephone dialing system and/or artificial or prerecorded voice when contacting you, even if you are charged for the call under your phone plan.

The above provision will become part of your account agreement if you consent to the provision by (i) using your account more than 15 days after this notice is delivered to you or (ii) keeping your account open after March 15, 2009. If you do either of these things, we will conclude that you have consented to being contacted on your cell phone in this way. If you do not want to be contacted on your cell phone in this way, you may call us at ***-***-**** at any time.”

 

I am left with two choices: Close my account ASAP, or agree to be bothered by all kinds of robot nonsense not stopped by conventional preventions because I have explicitly agreed to the contact.

Normally, I would instantly send them packing, but after reading an article on Wired.com about similar changes to American Express terms (discussing the security issue with the change which I did not even consider), I can only assume this change will quickly spread over the whole credit card community. Although this is an exceedingly aggravating change of terms, I am not sure that I am willing to give up credit cards as a whole. I have already called the opt-out number I was given, and opted out my mobile phone. Based on the wording of the message above, I will be interested to see if my account is closed.

I am not looking forward to having similar terms added to all kinds of phone-based (and unrelated) services. Everyone has been asking how Twitter and Facebook and the like are going to make money, and I am afraid that this is part of the answer.