New Computer #2 – Dana

The other week I built Tiffany2, New Earth‘s new media centre computer. She’s well-established and being used to watch movies, surf the web, and whatnot, now, so I thought I’d better fulfil my promise of telling you about my other new smaller-than-average computer, Dana, whose existence was made possible by gifts from my family over Christmas and my birthday.

Dana‘s size and power-consumption is so small that it makes Tiffany2 look like a bloated monster. That’s because Dana is a DreamPlug, an open-architecture plug computer following in the footsteps of the coveted SheevaPlug and GuruPlug.

A dreamplug (seen here with a two-pin power connector, which helps to give you a sense of its size).

The entire computer including its detachable power supply is only a little larger than the mobile telephones of the mid-nineties, and the entire device can be plugged straight into the wall. With no hard disk (it uses SD cards) and no fans, the DreamPlug has no moving parts to wear out or make noise, and so it’s completely silent. It’s also incredibly low-power – mine idles at about 4 watts – that’s about the same as a radio alarm clock, and about a hundredth of what my desktop PCs Toni and Nena run at under a typical load.

I’ve fitted up mine with a Mimo Mini-Monster 10″: a dinky little self-powered USB-driven touchscreen monitor about the size of an iPad. Right now the whole assembly – about the size of a large picture frame – sits neatly in the corner of my desk and (thanks to the magic of Synergy) forms part of my extended multi-monitor desktop, as well as acting as a computer in her own right.

Dana's Mimo Mini-Monster touchscreen: Dana herself is completely concealed behind the screen.

So on the surface, she’s a little bit like a wired tablet computer, which would seem a little silly (and indeed: at a glance you’d mistake her for a digital photo frame)! But because she’s a “real” computer underneath, with a 1.2GHz processor, 512MB RAM, USB, WiFi, and two Ethernet ports, there’s all kinds of fun things that can be done with her.

For a start, she provides an ultra low-power extension to my existing office development environment. I’ve experimented with “pushing” a few tasks over to her, like watching log file output, downloading torrents, running a web server, reading RSS feeds, and so on, but my favourite of her tasks is acting as a gateway between the rest of the world and my office.

A network diagram showing the layout of the computer networks on New Earth. It's more-complex than your average household.

While they’ve come a long way, modern ADSL routers are still woefully inadequate at providing genuine customisability and control over my home network. But a computer like this – small, silent, and cheap – makes it possible to use your favourite open-source tools (iptables, squid, sshd, etc.) as a firewall to segregate off a part of the network. And that’s exactly what I’ve done. My office – the pile of computers in the upper-right of the diagram, above – is regulated by Dana, whose low footprint means that I don’t feel bad about leaving her turned always-on.

That means that, from anywhere in the world (and even from my phone), I can now:

  1. Connect into Dana using SSH.
  2. Send magic packets to Toni, Nena, or Tiffany2 (all of which are on wired connections), causing them to turn themselves on.
  3. Remotely control those computers to, for example, get access to my files from anywhere, set them off downloading something I’ll need later, or whatever else.
  4. Turn them off when I’m done.

That’s kinda sexy. There’s nothing new about it – the technologies and standards involved are as old as the hills – but it’s nice to be able to do it using something that’s barely bigger than a postcard.

I have all kinds of ideas for future projects with Dana. It’s a bit like having a souped-up (and only a little bigger) Arduino to play with, and it’s brimming with potential. How about a webcam for my bird feeder? Or home-automation tools (y’know: so I can turn on my bedroom light without having to get out of bed)? Or a media and file server (if I attached a nice, large, external hard disk)? And then there’s the more far-fetched ideas: it’s easily low-power enough to run from a car battery – how about in-car entertainment? Or home-grown GPS guidance? What about a “delivered ready-to-use” intranet application, as I was discussing the other day with a colleague, that can be simply posted to a client, plugged in, and used? There’s all kinds of fun potential ideas for a box like this, and I’m just beginning to dig into them.

× × ×

Looking for Wikipedia?

As you may have noticed, the English-speaking Wikipedia is “blacking out” in protest at SOPA/PIPA. This is a very important thing: SOPA/PIPA are potentially extremely dangerous bits of legislation (if you’re looking for a short explanation of why, here’s a great video).

I’m going to assume that you’re aware of the issues and have already taken action appropriate to your place – if you’re in the US, you’ve written to your representatives; if you’re in the rest of the English-speaking world, you’ve donated to the EFF (this issue affects all of us), etc. But if you’re in need of Wikipedia, here’s the simplest way to view it, today:

Accessing Wikipedia during the blackout

  1. Go to the English-language Wikipedia as normal. You’ll see the “SOPA blackout” page after a second or so.
  2. Copy-paste the following code into the address bar of the browser:

javascript:(function()%7Bdocument.getElementById('content').style.display='block';document.getElementById('mw-sopaOverlay').style.display='none'%7D)()

That’s all. You don’t even have to turn off Javascript in your browser, as others are suggesting: just surf away.

If you get sick of copy-pasting on every single Wikipedia page you visit… you can drag this link to your bookmarks toolbar (or right click it and select “add to bookmarks”) and then just click it from your bookmarks whenever you want to remove the blackout.

And if you just came here for the shortcut without making yourself aware of the issues, shame on you.

New Computer #1 – Tiffany2

This weekend, I integrated two new computers into the home network on New Earth. The first of these is Tiffany2.

Tiffany2 is a small "media centre" style computer with an all-in-one remote keyboard/mouse.

Tiffany2 replaces Tiffany, the media centre computer I built a little under four years ago. The original Tiffany was built on a shoestring budget of under £300, and provided the technical magic behind the last hundred or so Troma Nights, as well as countless other film and television nights, a means to watch (and record and pause) live TV, surf the web, and play a game once in a while.

The problem with Tiffany is that she was built dirt-cheap at a time when building a proper media centre PC was still quite expensive. So she wasn’t very good. Honestly, I’m amazed that she lasted as long as she did. And she’s still running: but she “feels” slow (and takes far too long to warm up) and she makes a noise like a jet engine… which isn’t what you want when you’re paying attention to the important dialogue of a quiet scene.

Tiffany and Tiffany2. Were this a histogram of their relative noise levels, the one on the left would be much, much larger.

Tiffany2 is virtually silent and significantly more-powerful than her predecessor. She’s also a lot smaller – not much bigger than a DVD player – and generally more feature-rich.

This was the first time I’d built an ITX form-factor computer (Tiffany2 is Mini-ITX): I wanted to make her small, and it seemed like the best standard for the job. Assembling some of her components felt a little like playing with a doll’s house – she has a 2.5″ hard disk and a “slimline” optical drive: components that in the old days we used to call “laptop” parts, which see new life in small desktop computers.

Examples of six different hard drive form factors. Tiffany2 uses the third-smallest size shown in this picture. The computer you're using, unless it's a laptop, probably uses the third-largest (picture courtesy Paul R. Potts, CC-At-SA).

In order to screw in some of the smaller components, I had to dig out my set of watchmaker’s screwdrivers. Everything packs very neatly into a very small space, and – building her – I found myself remembering my summer job long ago at DesignPlan Lighting, where I’d have to tuck dozens of little components, carefully wired-together, into the shell of what would eventually become a striplight in a tube train or a prison, or something.

She’s already deployed in our living room, and we’ve christened her with  the latest Zero Punctuation, a few DVDs, some episodes of Xena: Warrior Princess, and an episode of Total Wipeout featuring JTA‘s old history teacher as a contestant. Looks like she’s made herself at home.

(for those who are sad enough to care, Tiffany2 is running an Intel Core i3-2100 processor, underclocked to 3GHz, on an mITX Gigabyte GA-H61N-USB3 motherboard with 4GB RAM, a 750GB hard disk, and DVD-rewriter, all wrapped up in an Antec ISK 300-150 case with a 150W power supply: easily enough for a media centre box plus some heavy lifting if I ever feel the need to give her any)

× × ×

The men who really invented the GUI

This link was originally posted to /r/technology. See more things from Dan's Reddit account.

The original link was: http://www.computeractive.co.uk/pcw/pc-help/1925325/the-invented-gui

The IBM PC is not alone in having a significant anniversary this year. It is 25 years since Steve Jobs and Steve Wozniac started flogging Apple 1 circuit boards from a Palo Alto garage. But it was not until 1984 that the first Apple Mac made its appearance, with its revolutionary mouse-driven graphical user interface (GUI).

Apple’s achievement in recognising the potential of the GUI and putting it into a mass-market machine cannot be denied. But Apple did not invent the system, as many still believe.

The basic elements of both the MacOS and Windows were developed at Xerox’s Palo Alto Research Centre. Xerox did not patent them and blithely showed them off to Jobs, who promptly snaffled the lot.

The roots of the system go back still further. Every computer history website will tell you that Doug Englebart, hired by the US Defense Department to find new ways of harnessing the computer, invented the mouse in 1963.

But this is true only up to a point. Englebart’s contribution was important, but his ideas didn’t come out of the blue.

Roots in radar

Like the pulse circuits that provide the heartbeat of computing, the GUI has its roots in early radar systems. It was wartime radar work that got Englebart thinking about dynamic information displays, and radar engineers were the first to encounter the problem of how to use these displays to communicate with an intelligent machine.

Two engineers came up with a trackball, the innards of the mouse, a full 11 years before Englebart unveiled his device. Moreover, it was used to select a position on a screen to convey information to a processor, which is the fundamental operation of a GUI. One of the engineers, 80-year-old Tom Cranston, is still alive and living in Scotland.

Cranston’s early career nicely mirrors the shift the electronics industry went through in the 1940s and 1950s. Pre-war electronics was overwhelmingly analog, using thermionic valves as amplifiers, oscillators and detectors.

Cranston, who was born in Canada, spent World War II in Britain maintaining Air Force analog radio equipment.

After the war he took an electronics-focused engineering physics degree at the University of Toronto, before joining Ferranti Canada at a time when it was trying to gain a foothold in the nascent computer industry.

This used valves predominantly in switch mode for logic circuits. “What I studied in electronic circuits at university had nothing to do with what was set before us at Ferranti,” he said.

The Datar system – starting from scratch

Cranston was project engineer with a team working on a system for the Canadian Navy called Datar, an attempt to marry radar to digital computers which was way ahead of its time when it started in 1949.

Datar enabled a group of ships to share sonar and radar information. Up to 500 objects could be identified and tracked, and each ship saw the whole position plotted relative to its own moving position.

These calculations would be trivial today, but for Datar the logic had to be hard-wired using around 10,000 valves per ship.

Everything had to be done from scratch. The young engineers recruited for the project even had to prove that data could be transmitted by radio – a demonstration (using pulse-code modulation) that finally persuaded the cash-strapped Canadian government to back the scheme. Positional information was stored on a magnetic drum, a precursor of the hard disk.

The demonstration system on Lake Ontario used standard radar displays with a rotating beam that showed the blips of nearby aircraft, and ships; sonar data from notional submarines was simulated. They needed a way for an operator to identify a target blip and to enter its position.

These displays were drawn by conventional analog circuitry: there was no video RAM to play with. An electronic dot cursor could be thrown up during a brief flyback period between screen sweeps; the engineers needed to find a way that the operator could position this cursor smoothly over a target blip and store the co-ordinates.

To Cranston and his colleague Fred Longstaff, this was just another problem to be solved. “It didn’t seem a big thing… there was a tremendous urgency about all this and it is hard to recreate that atmosphere.”

The simplest answer would have been to set the dot’s X and Y deflections separately using two variable resistances, as used in nearly all electronic level controls, and then translate these values into digital co-ordinates.

Cranston and Longstaff came up with a far more elegant solution that used one control instead of two, and delivered the co-ordinates directly.

The wheel thing

Cranston, while on a visit to a naval establishment, had seen someone using a wheel on a stick, like a miniature pedometer, to measure distances on a chart. “We need something like that which works simultaneously in two dimensions,” he said to Longstaff.

Longstaff then came up with the idea of two follower wheels resting at right angles to a ball that was free to roll in any direction. The prototype actually used two pairs of wheels driven by a standard 4in Canadian bowling ball resting on an air bearing, a feature that is simpler to make than it sounds.

“You just mix up some plaster and stick a ball in it when it is beginning to set,” explained Cranston. “Then you let the plaster harden, take the ball out, drill holes into the plaster, and pump air through them. The result is like magic.”

A circle of holes close to the rim of each wheel passed a beam of light to a photo-sensor, which produced a string of countable pulses as the wheel rotated. Counting circuits were well understood by then, Cranston recalls.

One wheel measured upward movement and its opposite registered down, and the count was incremented or decremented accordingly to provide the Y co-ordinate; the other pair worked similarly to get the X co-ordinate.

Shutters blocked light from the two wheels’ measuring movements opposite to the current rotation. A button – the equivalent of a mouse click – was pressed to indicate a target.

Now and then

Through today’s eyes, this arrangement seems over-elaborate: why not use two wheels and a direction flag? Half a century later, Cranston cannot recall the details of why it was done in this way, but it seems to have been a matter of using what was at hand. Nowadays, a single line of code could cope with the changing directions; the Datar team had to hard-wire everything.

Also routine now is the control of screen positions by numbers, but it was new and intriguing to Cranston and Longstaff. An analog control would have a unique position for each screen co-ordinate, but there was no such direct relationship in the case of the trackball: if you moved the cursor by altering the stored number, the ball would still work regardless of its orientation.

They thought of the device as “centreless” and Longstaff jokingly referred to it as the “turbo-encabulator”.

The whole exercise was what in today’s jargon would be called a proof of concept. The team had to show Datar could work in order to raise the money to refine it, and it needed a lot of money. Valves were unreliable and not really suitable for use on a ship, so the whole system would eventually need rebuilding round new-fangled transistors.

Canada could not afford to do this itself and was seeking a partnership with another country. A system was demonstrated to a succession of military and technical decision makers. One US military observer was so astonished by the sophisticated display that he peered under a table to ensure there was no tomfoolery going on.

Nobody bought into the system. Britain and the US, the most likely partners, had their own projects and there was probably a “not invented here” factor.

Ironically, a prototype US system that Cranston saw later at MIT didn’t need a trackball because it was more advanced: targets were identified and tracked automatically.

Research unrewarded

Many people, though, had seen the trackball. The question of patenting it never arose. Ferranti UK, the parent company, had limited contact with its Canadian arm. Executives had little idea of what was going on at the research level.

Cranston said: “Think about the state of play in the computer world in 1952. There were only a handful of operating computers in the world. Almost all were unreliable. There was no common software language… pulse rates were only 50-100kHz. The idea of using a ball to control a cursor which could intervene and change program execution was a million miles ahead.”

Ball resolvers were not new. They had appeared in navigational and ballistic control mechanisms. The achievement of Longstaff and Cranston was to see how one could be used in conjunction with an electronic display. It was, Cranston says, a generation before its time.

Where Datar went

The Datar experience went into a programmable computer called the FP-6000 which was launched in 1961 by Ferranti Packard – the original company merged in 1958 with Packard Electric.

The FP-6000 was one of the first to use an operating system and was ahead of IBM rivals in its ability to multi-task. Its chief architect was Longstaff. He ended his career as a comms guru with Motorola and died five years ago.

The FP-6000 ended up with ICL, after being bought by Britain’s International Computers and Tabulators, and the two UK firms sold 3000 of them worldwide as the 1900 series.

Cranston left Ferranti in 1956 to take what he describes as a “giant leap backwards”. He joined the Canadian arm of a US company making data loggers and alarm scanners for the Canadian power industry that used logic in the form of mechanical switch arrays.

Electronic computers were considered too unreliable and too expensive for the task. Telephone relay logic filled the gap for another decade.

In fact, Intel’s seminal 4004 was designed originally for tasks like this.

Cranston left after 11 years and moved near to Inverness with his Scottish wife, setting up home in an old mill that he converted himself. He taught for several years in the local technical college, introducing students to the mysteries of the microprocessor.

Surprisingly, Cranston does not have a computer. “They are too fascinating,” he said. “I’d get so involved, I wouldn’t have time for anything else.”

Banned From Facebook

Apparently I’m too cool for Facebook.

The message I see when I try to log in to Facebook. Sadly, I'm also prohibited from using Pidgin to connect to Facebook Chat, which is just about the only thing I use Facebook for these days.

Okay, that’s not what that message actually says, but that’s how I chose to read it. It turns out that my name isn’t real. I went through their forms to tell them that “no, really, this is my name”. They also asked me “what I use Facebook for”, to which I – of course – answered “chatting to friends and stalking exes, same as everybody else – why, what do YOU use Facebook for?” But when I submitted the form, it just ran me back around in a circle back to where I started.

Also: Facebook! Is that exposed HTML code in your message? Dear me.

I’d be less frustrated if I didn’t just send them a copy of my driving license earlier this year, in order to prove that my name was really my name. I guess that the media claims that Facebook keeps all of your information indefinitely aren’t true, and in actual fact they have the memory of a proverbial goldfish.

I’d be more frustrated if I actually used Facebook for anything more than pushing blog posts out to people who prefer to see them on Facebook, and occasionally chatting to people, thanks to the wonderful pidgin-facebookchat plugin.

So on average, I suppose, I’m pretty indifferent. That’s the Facebook way.

×

Cold-call scam attempts to trick users into thinking their PC has a fault, sells them a “solution”. Here’s a recording.

This link was originally posted to /r/technology. See more things from Dan's Reddit account.

The original link was: https://news.bbc.co.uk/today/hi/today/newsid_9637000/9637033.stm

More and more people are facing calls from companies claiming falsely that their computer is infected by a virus.

Technology correspondent Rory Cellan-Jones had one such call and outlines how the scam works and how to avoid it.

Goodbye Reader

Goodbye, Google Reader. It was fun while it lasted.

Long ago, I used desktop RSS readers. I was only subscribed to my friends’ blogs back then anyway, so it didn’t matter that I could only read them from my home computer. But then RSS feeds started appearing on news sites, and tech blogs started appearing about things related to my work. And smartphones took over the world, and I wanted to be able to synchronise my reading list everywhere. There were a few different services that competed for my attention, but Google Reader was the best. It was simple, and fast, and easy, and it Just Worked in that way that Google products often do.

I put up with the occasional changes to the user interface. Hey, it’s a beta, and it’s still the best thing out there. Hey, it’s free, what can you say? I put up with the fact that from time to time, they changed the site in ways that were sometimes quite hostile to Opera, my web browser of choice. I put up with the fact that it had difficulty with unsigned HTTPS certificates (it’s fine now) and that it didn’t provide a mechanism to authenticate against services like LiveJournal (it still doesn’t). I even worked around the latter, releasing my own tool and updating it a few times until LiveJournal blocked it (twice) and I had to instead recommend that people switched to rival service FreeMyFeed.

The new Google Reader (with my annotations - click to embiggen). It sucks quite a lot.

But the final straw came this week when Google “updated” Reader once again, with two awful new changes:

  1. I know that they’re ever-so-proud of the Google+ user interface, but rebranding all of the other services to look like it just isn’t working. It’s great for Google+, not-bad for Search, bad for GMail (but at least you can turn it off!), and fucking awful for Reader. I like distinct borders between my items. I don’t like big white spaces and buttons that eat up half the screen.
  2. The sharing interface is completely broken. After a little while, I worked out that I still can share things with other people, but I can’t any longer see what other people are sharing without clicking over to Google+. This sucks a lot. No longer can I keep track of which shared items I have and haven’t read, and no longer can I read the interesting RSS feeds my friends have shared in the same place as I read (and share) my own.

So that’s the last straw. Today, I switched everything over to Tiny Tiny RSS.

Tiny Tiny RSS - it's simple, clean, and (in an understated way) beautiful.

Originally I felt that I was being pushed “away” from Google Reader, but the more I’ve played with it, the more I’ve realised that I’m being drawn “towards” Tiny Tiny, and wishing that I’d made the switch further. The things that have really appealed are:

  • It’s self-hosted. Tiny Tiny RSS is a free, open-source solution that you host for yourself (or I suppose you can use a shared host; there are a few around). I know that this is a downside to most people, but to me, it’s a serious selling point: now, I’m in control of what updates are applied, when, and if I don’t like the functionality of a part of the system, I can change it – I’m in control.
  • It’s simple and clean. It’s got a great user interface, in an understated and simplistic way. It’s somewhat reminiscent of desktop email clients, replacing the “stream of feeds” idea with a two- or three-pane view (your choice). That sounds like it’d be a downside, until you realise…
  • …with great keyboard controls. Tiny Tiny RSS is great for keyboard lovers like me. The default key-commands (which are of course customisable) are based on Emacs, so if that’s your background then it’s easy to be right at home in minutes and browsing feeds faster than ever.
  • Plus: it’s got a stack of nice features. I’m loving the “fresh” filter, that helps me differentiate between the stuff I’ve “saved for later” reading and the stuff that’s actually new and interesting. I’m also impressed by the integrated authentication, which removes my dependency on FreeMyFeed-like services and (because it’s self-hosted) lets me keep my credentials securely under my own control. It supports authentication using SSL certificates, a beautiful and underused technology. It allows you to customise the update frequency of your feeds, so I can stalk by friends’ blogs at lightning-quick rates and stall my weekly update subscriptions so they don’t get checked so frequently. And unlike Google Reader, it actually tells me when feeds break, so I don’t just “get no updates” for a while before I think to check the site (and it’ll even let me change the URLs when this happens, rather than unsubscribing and resubscribing).

Put simply: all of my major gripes with Google Reader over the last few years have been answered all at once in this wonderful little program. If people are interested in how I set up Tiny Tiny RSS and and made the switchover as simple and painless as possible, I’ll write a blog post to talk you through it.

I’ve had just one problem: it’s not quite so tolerant of badly-formed XML as Google Reader. There’s one feed in my list which, it turns out, has (very) invalid XML in it’s feed, that Google Reader managed to ignore and breeze over, but Tiny Tiny RSS chokes on. I’ve contacted the site owner to try to get it fixed, but if they don’t, I might have to hack some code to try to make a workaround. Not ideal, and not something that everybody would necessarily want to deal with, so be aware!

If, like me, you’ve become dissatisfied by Google Reader this week, you might also like to look at rssLounge, the other worthy candidate I considered as a replacement. I had a quick play but didn’t find it quite as suitable for my needs, but it might be to your taste: take a look.

The new sidebar, showing what I'm reading in my RSS reader lately.

Oh, and one more thing: if you used to “follow” me on Google Reader (or even if you didn’t) and you want to continue to subscribe to the stuff I “share”, then you’ll want to subscribe to this new RSS feed of “my shared stuff”, instead: it can also be found syndicated in the right-hand column of my blog.

Update: this guy’s made a bookmarklet that makes the new Google Reader theme slightly less hideous. Doesn’t fix the other problems, though, but if you’re not quite pissed-off enough to jump ship, it might make your experience more-bearable.

Update 2: others in the blogosphere are saying good things about Reader rival NewsBlur, which recently turned one year old. If you’re looking for a hosted service, rather than something “roll-your-own” like Tiny Tiny RSS, perhaps it’s the tool for you?

× × ×

QR Codes of the Bodleian

The Treasures of the Bodleian exhibition opened today, showcasing some of the Bodleian Libraries‘ most awe-inspiring artefacts: fragments of original lyrics by Sappho, charred papyrus from Herculaneum prior to the eruption of Mt. Vesuvius in 79 CE, and Conversation with Smaug, a watercolour by J. R. R. Tolkien to illustrate The Hobbit are three of my favourites. Over the last few weeks, I’ve been helping out with the launch of this exhibition and its website.

Photograph showing a laptop running Ubuntu, in front of a partially-constructed exhibition hall in which museum artefacts are being laid-out in glass cases.
From an elevated position in the exhibition room, I run a few tests of the technical infrastructure whilst other staff set up, below.

In particular, something I’ve been working on are the QR codes. This experiment – very progressive for a sometimes old-fashioned establishment like the Bodleian – involves small two-dimensional barcodes being placed with the exhibits. The barcodes are embedded with web addresses for each exhibit’s page on the exhibition website. Visitors who scan them – using a tablet computer, smartphone, or whatever – are directed to a web page where they can learn more about the item in front of them and can there discuss it with other visitors or can “vote” on it: another exciting new feature in this exhibition is that we’re trying quite hard to engage academics and the public in debate about the nature of “treasures”: what is a treasure?

Close-up photograph showing a small plaque with a QR code alongside interprative text, in an exhibition case.
A QR code in place at the Treasures of the Bodleian exhibition.

In order to improve the perceived “connection” between the QR code and the objects, to try to encourage visitors to scan the codes despite perhaps having little or no instruction, we opted to embed images in the QR codes relating to the objects they related to. By cranking up the error-correction level of a QR code, it’s possible to “damage” them quite significantly and still have them scan perfectly well.

One of my “damaged” QR codes. This one corresponds to The Laxton Map, a 17th Century map of common farming land near Newark on Trent.

We hope that the visual association between each artefact and its QR code will help to make it clear that the code is related to the item (and isn’t, for example, some kind of asset tag for the display case or something). We’re going to be monitoring usage of the codes, so hopefully we’ll get some meaningful results that could be valuable for future exhibitions: or for other libraries and museums.

Rolling Your Own

If you’re interested in making your own QR codes with artistic embellishment (and I’m sure a graphic designer could do a far better job than I did!), here’s my approach:

  1. I used Google Infographics (part of Chart Tools) to produce my QR codes. It’s fast, free, simple, and – crucially – allows control over the level of error correction used in the resulting code. Here’s a sample URL to generate the QR code above:

https://chart.googleapis.com/chart?chs=500×500&cht=qr&chld=H|0&chl=HTTP://TREASURES.BODLEIAN.OX.AC.UK/T7

  1. 500×500 is the size of the QR code. I was ultimately producing 5cm codes because our experiments showed that this was about the right size for our exhibition cabinets, the distance from which people would be scanning them, etc. For laziness, then, I produced codes 500 pixels square at a resolution of 100 pixels per centimetre.
  2. H specifies that we want to have an error-correction level of 30%, the maximum possible. In theory, at least, this allows us to do the maximum amount of “damage” to our QR code, by manipulating it, and still have it work; you could try lower levels if you wanted, and possibly get less-complex-looking codes.
  3. 0 is the width of the border around the QR code. I didn’t want a border (as I was going to manipulate the code in Photoshop anyway), so I use a width of 0.
  4. The URL – HTTP://TREASURES.BODLEIAN.OX.AC.UK/T7  – is presented entirely in capitals. This is because capital letters use fewer bits when encoded as QR codes. “http” and domain names are case-insensitive anyway, and we selected our QR code path names to be in capitals. We also shortened the URL as far as possible: owing to some complicated technical and political limitations, we weren’t able to lean on URL-shortening services like bit.ly, so we had to roll our own. In hindsight, it’d have been nice to have set up the subdomain “t.bodleian.ox.ac.uk”, but this wasn’t possible within the time available. Remember: the shorter the web address, the simpler the code, and simpler codes are easier and faster to read.
  5. Our short URLs redirect to the actual web pages of each exhibit, along with an identifying token that gets picked up by Google Analytics to track how widely the QR codes are being used (and which ones are most-popular amongst visitors).
By now, you’ll have a QR code that looks a little like this.
  1. Load that code up in Photoshop, along with the image you’d like to superimpose into it. Many of the images I’ve had to work with are disturbingly “square”, so I’ve simply taken them, given them a white or black border (depending on whether they’re dark or light-coloured). With others, though, I’ve been able to cut around some of the more-attractive parts of the image in order to produce something with a nicer shape to it. In any case, put your image in as a layer on top of your QR code.
  2. Move the image around until you have something that’s aesthetically-appealing. With most of my square images, I’ve just plonked them in the middle and resized them to cover a whole number of “squares” of the QR code. With the unusually-shaped ones, I’ve positioned them such that they fit in with the pattern of the QR code, somewhat, then I’ve inserted another layer in-between the two and used it to “white out” the QR codes squares that intersect with my image, giving a jagged, “cut out” feel.
  3. Test! Scan the QR code from your screen, and again later from paper, to make sure that it’s intact and functional. If it’s not, adjust your overlay so that it covers less of the QR code. Test in a variety of devices. In theory, it should be possible to calculate how much damage you can cause to a QR code before it stops working (and where it’s safe to cause the damage), but in practice it’s faster to use trial-and-error. After a while, you get a knack for it, and you almost feel as though you can see where you need to put the images so that they just-barely don’t break the codes. Good luck!
Another of my “damaged” QR codes. I’m reasonably pleased with this one.

Give it a go! Make some QR codes that represent your content (web addresses, text, vCards, or whatever) and embed your own images into them to make them stand out with a style of their own.

× × × ×

What’s Wrong With My Phone

In my review of my new HTC Sensation earlier this month, I tried to explain how my new phone – with it’s swish and simple interface – didn’t feel quite… geeky enough for me. I picked up on the way that it’s process management works, but I’ve since realised that this is only symptomatic of a deeper problem. This is entirely to do with the difference between traditional computers (of which my old N900 was one) and modern consumer-centric devices (which, inspired by the iPod/iPhone/iPad/etc.) try to simplify things for the end-user and provide strong support for centralised repositories of pre-packaged “apps” for every conceivable purpose.

To take an example of the difference: my N900 ran Linux, and felt like it ran Linux. As a reasonably-sensible operating system, this meant that all of the applications on it used pretty much the same low-level interfaces to do things. If I wanted, I could have installed (okay, okay – compiled) sshfs, and be reasonably confident that every application on my phone, whether it’s a media player or a geocaching application or whatever, would use that new filesystem. I could store my geocaching .gpx files on an SSH-accessible server somewhere, and my phone could access them, and my geocaching app wouldn’t know the difference because I’d have that level of control over the filesystem abstraction layer.

Similarly, if I installed a game which made use of Ogg Vorbis to store its sound files, which therefore installed the Vorbis codecs, then I can expect that my media player software will also be able to make use of those codecs, because they’ll be installed in the standard codec store. This kind of thing “just works”. Okay, okay: you know as well as I do that computers don’t always “just work”, but the principle is there such that it can “just work”, even if it doesn’t always.

On these contemporary smartphones, like the iPhone, Android devices, and (I assume) modern BlackBerrys, the model is different: individual applications are sandboxed and packaged up into neat little bundles with no dependencies outside of that provided by the platform. If you have two applications installed that both use sshfs, then they both have to include (or implement) the relevant bundle! And having them installed doesn’t automatically give sshfs-like functionality to your other filesystem-accessing tools.

It’s not all bad, of course: this “new model” is great for helping non-technical users keep their devices secure, for example, and it means that there’s almost no risk of dependency hell. It’s very… easy. But I’m still not sure it quite works: I’ll bet that 90% of users would install an application that demands dubious levels of permissions (and could, for example, be stealing their address book data for sale to scammers) without even thinking about the risks, so the security benefits are somewhat nullified.

In summary:

Pros Cons
Traditional-computing device (e.g. N900)
  • User actually “owns” device
  • Applications to be combined (e.g. pipes, automation, new middleware)
  • Open-source development likely to thrive
  • User can probably “brick” device
  • Full potential requires learning investment
  • Harder to monetise platform, as a developer
“New model” device (e.g. iPhone, Android)
  • Easy for non-technical users
  • More secure (in theory) as platform exposes little
  • Centralised “app store”/”marketplace”
  • Potentially limiting for technical users
  • Only as secure as the user is savvy.
  • Centralised “app store” store can act as a “lock in”

Needless to say, the new model devices are winning, and already tablet computers powered by the very same platforms as the mobile phones are beginning to be seen as a simpler, easier alternative to conventional laptops. It’s to be expected: most of today’s users don’t want a learning curve before they can use their smartphone: they just want to make some calls, play Angry Birds a bit, keep up with their Facebook friends, and so on. But I hope that there’ll always be room for a few folks like me: folks who want to tinker, want to play, want to hack code for no really benefit but their own pleasure… and without having to shell out for a developer license in order to do so!

A New Sensation

I’ve recently gotten a new phone – a HTC Sensation running Android 2.3, and I thought I’d offer up a few thoughts on it. But first…

Hang on: what was wrong with your old phone?

Well-remembered! You’re right, of course, that last year I got a Nokia N900, and that it was the best mobile communications device I’d ever owned. I don’t care so much about a slim profile or an “app store”, but I do care about raw power and geeky hardware features, and the N900 delivers both of those in spades. I’ve had several phones that have, at the time, been the “best phone I’ve ever owned” – my 7110 and my N96 both also earned that distinction, whereas my 7610 and my C550 – the latter of which had only one redeeming feature – fell far short.

Nokia N900 with keyboard extended

Awesome though it is,  with it’s beautiful hardware keyboard, mighty processor, FM receiver and transmitter, Bluetooth and IR, etc., and completely unlocked, tamper-friendly architecture, the N900 suffers from one terrible, terrible flaw: for some reason, the engineers who built it decided to mount the Micro-B USB port (used for charging, tethering, mounting etc. the phone) not to the hard plastic case, but to the fragile inner circuit board. Allow me to illustrate:

A cross-section of a Nokia N900, showing how the USB port is mounted directly to the circuit board, and doesn't touch the hard plastic case.

Why is this a problem? Well, as Katie explained to me at the New Earth housewarming party, most of her other friends who’d had N900s had encountered a problem by now, whereby the USB cable used to charge the device eventually puts a strain on the connection between the port and the board, tearing them apart. “Nope,” I told her, “I’ve never had any such problem with mine.”

A cross-section of a Nokia N900, showing the USB port snapped off by the USB cable.

Looks like I spoke too soon, because that very week, I managed to break my N900 in exactly this way. My theory: that girl is cursed. I shall be attempting to exorcise the anti-technology demons in her the very next time I see her, possibly in some kind of ceremony involving high-voltage direct current. In any case, I found myself with a phone that I couldn’t charge.

So you replaced it?

No, of course not. My N900 remains a fantastic palmtop and a great device. It’s just got a minor problem in that it’s no longer possible to charge or “hard”-tether it to anything any more. The latter problem was an easy one to fix: a separate battery charger (I already carry a spare battery for it, so this was no hardship), bought for about £4 on eBay, made it easy to keep the device rolling. The second problem’s not so much of an issue, because I tend to do all of my synchronisation by Bluetooth and WiFi anyway. But even if these were an issue, it looks like a pretty simple job to re-solder the USB port (and epoxy it to the case, as it should have been to begin with!). I might give it a go, some day, but my current soldering iron is a little big and chunky for such fine and delicate work, and I’m a little out of practice, so I’ll save that project for another day.

The repairing of a Nokia N900 USB port

However, I’m a big believer in the idea that when the Universe wants you to have a new phone, it finds a fault with your current phone. Perhaps this is the geek equivalent of thinking that “When God closes a door, He opens a window”.

So: I’ve got myself a HTC Sensation, which narrowly beat the Sony Ericsson Xperia Arc after carefully weighing up the reviews. I’d always planned that I’d try an Android device next, but I’d originally not expected to do so until Ice Cream Sandwich, later this year. But… when the Universe closes your USB Port, it opens a Gingerbread shop… right?

The New Sensation

After a few difficulties relating to my name – it turns out that my mobile phone network has recorded my name correctly in their database, and I can’t change it, but whenever I use their web-based checkout it asks me to enter a longer surname even though I don’t have a surname field to change – I finally received my new phone.

HTC Sensation seen from the back, front, and side.

The first thing one notices about this phone is that it’s fast. Blindingly fast. I’ve used a variety of Android-powered HTC devices before, as well as other modern touchscreen smartphones like the iPhone, and I’m yet to use anything that consistently ramps up high-end graphics and remains slick and responsive like this does. Its mighty dual-core 1.2GHz processor’s the cause of this, little doubt. I originally worried that battery life might be limited as a result – I don’t mind charging my phone every night, but I don’t want to have to charge it during the day too! – but it’s actually been really good. Using WiFi, GPRS, GPS, playing videos, surfing the web, and other “everyday” tasks don’t put a dent in the battery: I’ve only once seen it dip to under 10% battery remaining, and that was after 40 hours of typical use during a recent camping weekend (with no access to electricity).

It’s also been really well-designed from a usability perspective, too. Those familiar with Android would probably just start using it, but I’ve not had so much exposure to the platform and was able to come to it with completely fresh eyes. Between Android 2.3 and HTC Sense 3, there’s a nice suite of “obvious” apps, and I didn’t have any difficulty synchronising my contacts, hooking up my various email accounts, and so on. There are some really nice “smart” touches, like that the phone rings loudly if it thinks it’s in a bag or pocket, more quietly after you pick it up, and silences the ringer completely if you pick it up from a table and flip it from face-up to face-down. These simple gestural touches are a really nice bit of user interface design, and I appreciate the thought that’s gone into them.

Browsing movies for HD streaming on the HTC Sensation.

The Android Marketplace is reasonable, although I feel as though I’ve been spoiled. On the N900, if there was an application I needed, I usually already knew what it was and where I’d find it: then I’d either apt-get it, or download the source and compile it, right there on the device. For somebody who’s already perfectly confident at a *nix command-line, the N900 is fab, and it feels a little restrictive to have to find equivalent apps in a closed-source environment. It’s not that the pricing is unreasonable – most of the applications I’ve wanted have been under a quid, and all have been under £4 – it’s just that I know that there are FOSS alternatives that would have been easy to compile on my old device: I guess it’s just a transition.

On the other hand, the sheer volume of applications so-easily available as the Android Market is staggering. I’ve been filled with app ideas, but every idea I’ve had but one or two already exist and are just waiting to be installed. It’s a little like being a kid in a candy store.

It’s also taking me quite some time to get used to the way that process management works on an Android device. On Android devices, like the iPhone/iPad, returning to the home screen doesn’t (necessarily) close the application, but it might – that’s up to the developer. If it doesn’t, the application will probably be “paused” (unless it’s a media player or it’s downloading or something, then it’ll likely keep going in the background). And when you re-launch the same application, it could be simply unpausing, or perhaps it’s relaunching (in which case it may or may not restore its previous state, depending on the whim of the developer)… You see all of the keywords there: mightprobablylikelycouldperhaps. Great for most users, who don’t want to have to think about what their phone is doing in the background, but it feels like a step backwards to me: I’m used to being able to ALT-TAB between my currently-running applications, to know what’s running, when (and I can always use top and find out exactly what resources a process is eating). Putting all of this process management into the hands of developers feels to me like giving up control of my device, and it’s a challenging change to undergo. Yes: despite the openness of the platform, Android feels just a little out of my control compared to what I’m used to.

Hacker's Keyboard, my preferred keyboard layout for SSH, etc.

Switching from a physical to a virtual keyboard for the first time is a significant change, too, and it’s slowed me down quite a lot, although applications like SwiftKey X – with its incredibly intelligent personalised predictions – and Hacker’s Keyboard – which gives me back some of the keys I was “missing” – have helped to ease the transition a lot.

In summary: the HTC Sensation seems to be a fantastic device, and I’m really enjoying using it. I’ve got a few niggles to contend with, but these are all things that were destined to catch me out upon switching away from a platform as open as the N900, and they’re not severe enough to make me give up and get an N950 instead: I’m reasonably confident that I’ll come to love the Sensation and we’ll go on to be very happy together.

But will it become my latest “best phone ever”? Time will tell, I guess.

× × × × ×

On This Day In 2003

Looking Back

On this day in 2003, I first launched this weblog! That means it’s eight years old today! I’d bought the scatmania.org domain name some time earlier with the intention of setting up a vanity site separately from my sub-site on the avangel.com domain, during a rush on cheap domain names perpetrated by some of the friends I’d lived with in Penbryn, but never found a significant use for it until this day. It was at about the same time that I first set up (the long-defunct) penbryn-hall.co.uk, a parody of Penbryn’s website launched as an April Fools joke against the hall, which eventually got me into some trouble with the management committee of the halls. Some friends and I had made it a tradition of ours to play pranks around the residence: our most famous one was probably 2003’s joke, in which we made a legitimate room inspection out to be an April Fools joke, with significant success.

scatmania.org in August 2003. The theme is simplistic, and the blog itself is powered by a custom-built PHP engine back-ending onto a stack of flat files. It worked, just about, but it wasn’t great.

In my initial blog post, I took care to point out that this wasn’t by any stretch of the imagination my first foray into blogging. In actual fact, I’d run a weblog, The Åvatar Diary, for a few years back in college: a few fragments of this still exist and are archived here, too. I suppose that this means that, ignoring the occasional gap, I’ve been blogging for almost thirteen years. The Åvatar Diary died after an incident with a rather creepy stalker: remember that this was in 1999, back in the day when Creepy Internet Stalkers were still new and exciting, and I panicked slightly and shut the Diary down after my stalker turned up in person somewhere that I’d hinted that I might be in a post.

I didn’t mention the new site launch, to begin with, hoping that folks might just “pick up on it” having re-appeared (I’d been promising to launch something at that domain for ages). Later, I launched Abnib, in an attempt to unite the LiveJournal users with whom I associated with those of us who hosted our own blogs. Abnib still runs, after a fashion, although I’m likely to let it die a natural death as soon as it wants to.

scatmania.org in November 2005. The site looked a lot more professional by now, and was beginning to sport the thick blue header that was it’s hallmark all the way up to 2010.

Looking Forward

So here I am, eight years later, still blogging on the same domain. The frequency with which I write has waxed and waned over the years, but I still find that it’s just about the best way for me to keep in touch with my friends and to keep them posted about what’s going on in my life: it’s unintrusive and can be dipped in and out of, it’s accessible to everybody, and – because I host it on my own domain – it’s under my control. That’s a million points in its favour over, say, Facebook, and it’s nice to know that it’ll exist for exactly as long as I want it to.

A recent screenshot of scatmania.org. Whoah: this has all gone a bit recursive.

It also provides a great “starting point” by which people find me. Google for me by name or by many of the aliases I go by and you’ll find this site, which I think is just great: if people are trying to find me online I’m happiest knowing that the first pages they’ll get to are pages that I control, and on which I write what I want to: I’ll bet U.S. Senator Rick Santorum wishes that he had that.

I enjoy blogging about geeky stuff that interests me, things that are going on in my life, and my occasional and random thoughts about life, the universe, and everything (with a particular focus on technology and relationships). It’s put me in contact with some strange people – from pizza delivery guys who used to bring me food on Troma Nights back in Aber to crazy Internet stalkers and confused Indian programmers – and it’s helped me keep in touch with the people closest to me. And because I’m a nostalgic beast, as this and similar posts show, it’s a great excuse to back-link my way down memory lane from time to time, too.

This blog post is part of the On This Day series, in which Dan periodically looks back on years gone by.

× × ×

Leading By Example

This week, I was reading the new EU legislation [PDF] which relates to, among other things, the way that websites are allowed to use HTTP cookies (and similar technologies) to track their users. The Information Commissioner’s Office has released a statement to ask website owners to review their processes in advance of the legislation coming into effect later this month, but for those of you who like the big-print edition with pictures, here’s the short of it:

From 26th May, a website must not give you a cookie unless it’s either (a) an essential (and implied) part of the functionality of the site, or (b) you have opted-in to it. This is a stark change from the previous “so long as you allow opt-outs, it’s okay” thinking of earlier legislation, and large organisations (you know, like the one I now work for) in particular are having to sit up and pay attention: after all, they’re the ones that people are going to try to sue.

The legislation is surprisingly woolly on some quite important questions. Like… who has liability for ensuring that a user has opted-in to third-party cookies (e.g. Google Analytics)? Is this up to the web site owner or to the third party? What about when a site represents companies both in and outside the EU? And so on.

Seeking guidance, I decided to browse the website of the Information Commissioner’s Office. And guess what I found…

Hey! I didn't opt-in to any of these cookies, Mr. Information Commissioner!

…not what I was looking for: just more circular and woolly thinking. But I did find that the ICO themselves does not comply with the guidance that they themselves give. Upon arriving at their site – and having never been asked for my consent – I quickly found myself issued with five different cookies (with lifespans of up to two years!). I checked their privacy policy, and found a mention of the Google Analytics cookie they use, but no indication about the others (presumably they’re not only “opt-out”, but also “secret”). What gives, guys?

Honestly: I’m tempted to assume that only this guy has the right approach. I’m all in favour of better cookie law, but can’t we wait until after the technological side (in web browsers) is implemented before we have to fix all of our websites? Personally, I thought that P3P policies (remember when those were all the rage?) had a lot of potential, properly-implemented, because they genuinely put the power into the hands of the users. The specification wasn’t perfect, but if it had have been, we wouldn’t be in the mess we are now. Perhaps it’s time to dig it up, fix it, and then somehow explain it to the politicians.

×

Deliciously Silly Password Restrictions

After hearing about the recent purchase of social bookmarking service del.icio.us by Chad Hurley and Steve Chen, I remembered that once, long ago, I had a del.icio.us account. I decided to check if my account was still alive, so I trekked over to del.icio.us and took a look.

Delicious as it appears today.

The site’s changed quite a bit since I last used it. It took a while for me to remember what my password was (it was an old, old one, since before I started using passwords the right way). It also appeared that the site still knew me by my former name (it really had been a while since I last logged in!), so I updated it with my new name.

The next step was to change the password. I generated a random password:

#AOOZ*Qs9xsj6^bT@MtN4rq1!0FK&2

But when I went to change my password, it was rejected. Apparently it didn’t meet their security rules. What? That 30-character, randomly-generated password, containing uppercase letters, lowercase letters, numbers, punctuation, and special characters… isn’t secure enough?

A little investigation (and some experimentation) later, it turns out there’s a reason: my password must be insecure, because it contains my surname!

I have a single-character surname. That means that a 30-character password will (assuming a dictionary of 26 letters, 10 digits, and let’s say 20 special characters) have about a 40% chance of being rejected on the grounds that it contains my surname. The longer my password is, the more likely it is to be rejected as insecure. My experiments show that “abcdefghijklmnop” is considered by delicious to be more secure for my account password than, say, “@Ubj#JeqPACrgmSQKn9qRYMBM9nPOj”, on account of the fact that the latter contains my surname.

Silly, silly, silly.

After delicious finally died a death, I retroactively imported all my delicious bookmarks into this blog.

× ×

Bank Security

Having found by coincidence a (minor, perhaps exploitable as part of a more-complex attack) security problem with the website of a major high street bank, one would think it would be easier than it evidently is to get it reported and fixed. Several phone calls over a couple of days, and the threat of making a complaint about a representative if they didn’t escalate me to somebody who’d actually understand what I was explaining, I’ve finally managed to get the message through to somebody. How hard was that? Too hard.

If this still doesn’t work, what’s the next step? I’m thinking (1) change banks; (2) explain why to the bank; (3) explain why to the world. Seriously, I expect better from the people looking after my money.

And on that note: time for bed.

Edit: Meanwhile, we see that the PlayStation Network hack may have resulted in the theft of personal information from users’ accounts. While most of the media seems to be up in arms about the fact that this might have included credit card information, I’m most pissed-off about the fact that it might have included unencrypted passwords. Passwords should be stored using irreversible encryption: there’s no legitimate excuse not to do this, these days (the short version for the uninterested: there is a technique which can be used to store passwords encrypted in a pretty-much irreversible format, even if the hacker steals your entire computer: it’s very easy to do, protects against all kinds of collateral damage risks, and Sony evidently don’t do it). If any of Sony’s users use the same password for their email account, social network accounts, online banks, etc. (and many of them will, despite strong recommendations to the contrary), the hackers are probably already getting started with social hacking attempts against their friends, identity theft attacks, etc. Sony: you are a fail.

World Backup Day

It’s World Backup Day, folks. That means it’s time for you to look at your data and check that you’re backing it all up to a satisfactory level.

Have a look at the computer you’re sat at. If it’s hard drive(s) broke, irrecoverably, or if it were stolen: what would you lose?

Me? I like my backups to go “offsite”, so I use online redundant storage to shunt my important stuff to (I use a personal Amazon S3 bucket and some software I’ve written for that purpose, but you don’t have to be that geeky to use online backups – just check the World Backup Day website for suggestions). If you’re not quite so paranoid as me, you  might make your backups to CDs or DVDs, or onto a pendrive. It doesn’t take long, and it’s worth it.

Backups are like insurance.

Now go celebrate World Backup Day by making some backups, or by checking that your existing backups restore correctly. You’re welcome.