All posts by onlyconnect

google, internet, security, Web

Anti-virus software continues to fail

2 Comments

I received an email from Trusteer noting that anti-virus detection rates for the latest Zeus variant are very low. This analysis shows that at the time of writing only Panda, among the major anti-virus products, picks it up. Does this mean we should all switch to Panda? No, because next time it will be one of the others that works, or none of them will work. You can only sympathise with users who imagine they are protected from malware because they have security software installed which tells them so.

The solution? Well, white-listing, visiting only trusted web sites, not opening attachments, keeping your OS fully patched, and so on. None of them perfect.

Alternatively, a new model of computing. One of the attractions of locked-in platforms like Apple’s iPhone and iPad is that they are harder to infect. Google’s forthcoming Chrome OS is even better designed from a security perspective. I am surprised that this aspect of cloud+device computing does not get more attention.

apple, iphone

Ten reasons the Apple iPhone 4 beats the Android HTC Desire

7 Comments

I’ve recently been trying the Android-based HTC Desire for some development research. I’ve also been using the iPhone 4 since its release in the UK. How do they compare? Yesterday I posted Ten ways the Android HTC Desire beats Apple’s iPhone. Now here’s the opposite – ten ways the iPhone is better. Conclusions then? Maybe in another post.

1. The iPhone gets left alone by the operators, presumably at Apple’s insistence. When the OS is updated, everyone gets it at around the same time and from the same source – Apple. Contrast this with Desire, the software for which is customised by each OEM with different apps and possibly some bits missing. Orange UK removes Google Talk, for example. Right now everyone wants Android 2.2 “Froyo”, but whether you have it or not depends on which operator you are with and/or whether you are willing to hack your phone a little to remove the branding.

2. The iPhone is more beautiful. The Desire is not bad, but purely as a design object does not come close to the iPhone with its smooth lines and solid, cool metal and glass construction.

3. The iPhone is a better music player. Not surprising given that it evolved from the iPod family of devices. iPod for iPhone is delightful to navigate, does videos and audiobooks, and integrates with iTunes for buying songs over the air. Now, you could always install Amazon MP3 for Android to enable OTA music download, whereas – no surprise – this is not available for iPhone. The speaker is better on the iPhone, not that you are likely to use it much for music.

4. The battery life is better. My Desire is only a month old, but I struggle to get a full day out of it if it is used with any intensity for wi-fi, 3G internet, web browsing and so on. The iPhone normally makes it. Neither is great of course – there are simpler phones that last for a week, though they do much less. The Desire’s battery problems are mitigated by the ability to carry a spare, though given the way the back case clips on I suspect it might break if frequently removed and refitted.

5. The iPhone has better text input. It is not too bad on the Desire, bearing in mind that it is a touch device only, but the iPhone has that great press-and-hold edit bubble that lets you move the cursor (though the Desire has the optical joystick which also works for this). Another iPhone advantage is that if you touch the wrong letter, you can slide to the correct one, whereas the Desire keyboard uses this gesture to enabled accented characters and so on, which is less useful for me.

That said, the iPhone has its annoyances. Here’s one that drives me nuts. There must be a lot of people at Apple called Tom, because whenever I type my first name it wants to correct it:

image

At this point, if I hit return I get Tom. If I hit spacebar, I get Tom. In order to keep what I have actually typed, I have to tap the word Tom, which is counter-intuitive as it feels like selecting it, then it goes away. Having mentioned it here, I am sure someone will point out a way to fix it; please do.

6. App availability is better on the iPhone and the quality is better. I say this with reluctance, because the iPhone App Store is also full of rubbish, but overall I find the standard slightly higher. This is actually logical: the Apple App Store has a higher barrier to entry, both financial and in terms of developer skills. In addition, the App Store is nicer to use than the Market, and works better. In my case I had to open a port on my firewall before I could download from the Market at all.

7. The iPhone scores on “it just works”, with greater UI consistency and a sense that Apple has thought about all the common actions on a smartphone and made them work well. Often the iPhone goes one better and makes everyday apps fun to use. The messaging app on the iPhone, for example, is attractive as well as functional. The Desire equivalent is effective, but dull. The single main button on the iPhone makes it quick to learn, whereas the Desire’s five buttons (Home, Menu, Trackpad, Back and Search) give you more to think about, and mean more frequent switching between touching the screen and clicking a button. The Desire is missing some basic things out of the box, like a notes app, though you can add one for free from the Market.

If money and freedom are no object, I’d suggest iPhone over Desire for someone who wants to get on with their work and not tinker with their phone.

8. The iPhone has a better screen. 960 x 640 vs 800 x 480, and is a little better in sunlight than the Desire.

9. I prefer the Exchange app on the iPhone. For example, I use a lot of folders, and the iPhone shows me these on the main screen. On the Desire, I have to click Menu, then Folders, then select a folder from the pop-up window.

10. The iPhone has smooth, attractive transitions between screens. For example, if I am on the home screen and tap Mail, I get a nice zoom animation. On the Desire, screens typically just appear, or there is some lag and brief ugliness. It all contributes to a smooth-as-silk impression operating the iPhone, whereas Android feels rough and ready by contrast.

All these things are relative. Next to my old Windows Mobile 6.0 phone, Desire is delightfully smooth.

Steve Hoffman Forum, the who

The who’s music brilliantly discussed

Ever wondered what Tommy is really about? Curious about those odd Who tracks like Dogs and Circles? Interested in what reviewers at the time thought about the Who’s classic tracks? Or where to get the best-sounding versions?

I highly recommend this discussion on Steve Hoffman’s forum, and especially the contributions by a Norwegian called Chris who goes by the user name Devotional. He has written meticulous, affectionate and well-informed essays on every Who release he knows, and they make excellent reading. Unfortunately the thread and Devotionals contributions are taking their time, and after 9 months it is only up to 1970, but good things are worth waiting for.

As the thread is lengthy, here’s a few entries to get you started:

Anyway Anyhow Anywhere

My Generation

My Generation (Album)

Substitute

The Kids are Alright

Happy Jack

A quick one

I can see for Miles

The Who Sell Out

Dogs

Magic Bus

Pinball Wizard

Tommy

You will also find the thread stuffed with photos and press clippings, many of which I had not seen before.

bbc, php

BBC iPlayer goes a little social – but what can it learn from YouTube?

BBC’s iPlayer, which offers but live TV and radio and an on demand catch-up service, has gone live with a new version that adds personalisation as well as links to Facebook and Twitter for limited interaction with your social media contacts.

Presenting a personalised iPlayer web page is more demanding, as every visitor sees a slightly different page. Technical Architect Simon Frost explains that the BBC adopted PHP and the Zend framework in order to enable sharing of components and modules – previously the site was built with Perl and server side includes.

It has been interesting to see the reaction in user comments to the announcement by James Hewines, which are more negative than positive. The gist of the complaints is that many users want the site to get out of the way rather than be a more interactive web destination, and find that the new version adds clutter rather than speeding navigation:

This site should not be fun to use. It should be … a very brief stop between powering the computer up and watching or listening a programme.

This does not necessarily mean the BBC is getting it wrong. It is not really hard to find items, and linking BBC content to social networks does have a certain inevitability. It is a shame though that the most interesting feature described by Anthony Rose back in May seems to be missing – integration with Live Messenger so that you can see your contacts comment on the live content. This is what it was meant to look like:

image 

That said, does it make sense to hook into Live Messenger when Facebook is more at the centre of today’s social networks on the Web? Still, this may appear at some future date.

As it is, we get only limited social interaction through recommendations. No ratings, no public comments or reviews attached to items, nothing that might add real interest to the site.

Contrast this with YouTube. It is a different kind of broadcasting of course, much of it amateur, quantity not quality, no live broadcasts as such, and content that persists (whereas BBC content disappears after a few days). Perhaps because it was born as a social media site, rather than being a traditional broadcaster trying to grok the Web, YouTube does community to a far greater extent than the BBC. Individuals can even create their own “channels” of content, becoming a destination within a destination that appeals to friends or those with the same niche interests.

The BBC’s exploration of social media is just too timid to make an impact. I interviewed Rose back in 2008 and he made a telling comment about how the BBC would remain a place safe from the unpleasantness of one-star ratings and nasty comments:

Rose says that upcoming iPlayer features, such as ratings and discussions, will be restricted to networks of friends, rather than made public. "Rating works really well in YouTube where you’ve got a million videos. In iPlayer, if you rate Parliament channel as zero stars, are you saying that Parliament is rubbish, or that you just don’t want to watch Parliament? Rating in the context of the BBC is very useful, but only when you’ve got a friends network."

Unfortunately safe also means dull, and I doubt the social aspect of iPlayer will make much impact as currently implemented.

I still love iPlayer. I have less time to watch than I would like; but I clicked the HD channel and was soon watching a stunning programme about scaling ancient buildings, in this case Durham Cathedral. Played full-screen, the photography was beautiful and the content both entertaining and educational, the BBC at its best.

image

image

Note that there was no need to involve the desktop player to enjoy this; it worked fine from the web; and I suspect that the download player gets relatively little use compared to the iPlayer site – the BBC won’t discuss this, saying “We cannot report on playback of downloads due to technical and data privacy restrictions”, which makes little sense to me.

Perhaps the comments are right – the BBC should concentrate on its content, and leave the social stuff to others who do it better.

apple, google, iphone, mobile

Ten ways the Android HTC Desire beats Apple’s iPhone

6 Comments

I’m just getting started with Android development, for which I got hold of an HTC Desire. And I’ve been using Apple’s iPhone 4 since its release in the UK. So which is better? There’s no satisfactory quick answer to that, though the two phones are certainly comparable; perhaps too much so, judging by Apple’s lawsuit. I thought it would be fun though to do a quick couple of posts on how they compare, of which this is the first. Reasons to prefer iPhone coming next. The following points are based on the Desire running Android 2.2 “Froyo”.

1. You can plug in a micro SD card to expand the storage. Apple does not support this with the iPhone; it may be because it wants to control what goes on the device, or because it uses storage space as means of selling more expensive versions of its devices.

2. Related to (1), you can copy a file to the phone by attaching it to a PC and using the filesystem. To do this with the iPhone you need additional software, or a solution like Dropbox which copies your document up to the Internet then down onto the iPhone.

3. You don’t need to install iTunes to get full use of the device. Some like iTunes, some do not; it is better on the Mac than on Windows, but it is great to avoid that dependency.

4. You can share your internet connection without fuss, either by creating a portable wi-fi hotspot, or through a USB connection.

image

5. Adobe Flash works on Desire. Coming soon is Adobe AIR, which will enable developers to create Flash applications as well as Flash-driven web content.

6. The platform is more open. Developer registration is only $25.00 (vs $99 for iPhone) and there are fewer restrictions concerning how you develop your application, what sort of app you create, or what language you use. The standard language is Java, which is easier to learn and more widely used than Apple’s Objective C.

7. The Desire has instant screen switching. Press home when already on the home screen, and you get thumbnails of all seven screens; touch a thumbnail to bring it to the front. Widget support means you can put those screens to good use too – not just for storing app shortcuts.

8. The battery is removable. The obvious advantage is that you can carry a spare with you.

9. It uses a standard USB cable. A small point perhaps; but it is easy to lose your cable or not have it with you, and being able to use a standard cable is convenient.

10. There’s no issue with the antenna when using the Desire without a case.

.net, professional, silverlight, software development, visual studio, web authoring

Decompiling Silverlight

1 Comment

A Silverlight application is a .NET application. Most developers will be aware of this; but it is worth noting that whereas ASP.NET code executes on the server and is not normally available for download, Silverlight code is downloaded to the client and can easily be decompiled. It is almost as easy to view as JavaScript code in the browser.

If you want to investigate this, the first thing to do is to find the .xap file which contains the Silverlight application. You will likely find this in your browser cache, or you can download it directly from the web site hosting the application. If you have out-of-browser Silverlight apps, they are usually located at:

C:\Users\[username]\AppData\LocalLow\Microsoft\Silverlight\OutOfBrowser

Copy the .xap file somewhere convenient, and rename it to have a .zip extension. Then extract the files. The result looks something like this:

image

Next, you need a .NET decompiler such as Redgate .NET Reflector. Run Reflector and open a .dll file containing application code. Select a method, and Reflector does its best to show you the code. It does a good job too:

image

The purpose of this post is not to encourage decompiling other people’s code, but rather to make the point that even though Silverlight code is “compiled”, it is trivial to read it – just in case anyone thought it was a bright idea to store passwords or other authentication secrets there.

The solution is to never to put anything security-critical in client-side code. Second, you can use an obsfuscator such as dotfuscator to make the decompiled code harder to read.

adobe, google, mobile, software development

Getting started with Android – a few hassles

3 Comments

I’m setting myself up for Android development, and my HTC Desire arrived today. It is a lot of fun, though I have had a few hassles, partly because my device is locked to Orange and of course I wanted to upgrade to Android 2.2 “Froyo” right away. There are also a few issues with the Orange branding on a Desire, including the absence of Google Talk and applications like Orange Maps that you probably will not use. I went through a series of steps to unbrand the phone and install Android 2.2.

It is an odd situation, where mobile operators work hard at adding their branding and applications to the device, only for canny users to work out how to remove them. Branding also delays updates. If Android is updated, the operator has to receive the updated operating system image from the phone manufacturer, HTC in this case, add its customizations, and then apparently sent it back to HTC for packaging.

My guess is that if an operator decided to ship the standard Android image it would be a selling point and attract more customers. I even have a catchy name to offer: “Naked Desire”. How about it?

Still, all went well with my hacks; and eventually I was up and running with Android 2.2 and of course Flash 10.0:

image

That said, I had an annoying issue with Android Market. I selected an application, it would appear to start installing, but stuck on “Starting download” or “Downloading” with no actual progress.

It turns out this is a common problem – see here for one of many discussions. A popular fix is to change your account from someone@gmail.com to someone@googlemail.com, but this did not apply to me. I discovered the reason, which is that my wifi is behind Microsoft’s ISA Server. Android Market requires TCP outbound connections on port 5228. I configured ISA accordingly, and after cancelling and restarting the downloads they succeeded.

Finally, I wanted a screen grab or two to decorate this post. I used the method described here, fine for developers but not ideal for casual users.

image

I’ll report more impressions shortly, including no doubt the inevitable iPhone comparison.

apple, flash, iphone

Samsung Galaxy Tab – among the first of many iPad clones

4 Comments

Samsung has announced final details and specifications of the Galaxy Tab, a tablet device running Android 2.2 “Froyo”.

image

It has a 7-inch1024x600 multi-touch screen, 1.00 Ghz processor, GPS, wi-fi, 3G internet, 1.4 megapixel webcam, 7 hours battery life if playing a video (I imagine much longer than that in normal use) and 16GB or 32GB RAM plus optional MicroSD.

Apple’s iPad has a 9.7-inch 1024 x 768 screen and better battery life – 10 hrs while playing a video, according to the specs.

So why would you buy a Galaxy Tab? Well, it is smaller and therefore handier, though you will squint a bit more. It has some freedoms that the iPad lacks, such as Adobe Flash, MicroSD, and FLAC playback. It has a camera. You will not need iTunes in order to interoperate with a PC.

I imagine the main reason, though, is that the Galaxy Tab will be cheaper – even though I cannot find prices anywhere, it is inevitable. This and other would-be iPads will be positioned as cheaper alternatives.

This will not harm Apple at all. It likes to occupy the premium ground and does so with great profitability.

But could the Galaxy Tab be better than an iPad? Well, it will be for certain tasks where the iPad is lacking – see above – but it will lack the careful design and attention to detail which characterises Apple’s device, and of course will not be compatible with all those iPad apps – though in some cases there will be Android equivalents.

Further, all the same doubts which were expressed about the iPad before its launch apply here as well. Do you really want a smartphone and a tablet and a notebook, and if not, which one will you abandon? Is it worth yet another contract with a mobile provider just to keep your tablet connected? It is possible that although Apple can make this category work, others will struggle.

When I played briefly with a Dell Streak, a 5-inch Android tablet, I found myself thinking that it will be a good deal when they sell them off cheap. Without that incentive, it is too big for a phone, too small for much else other than watching videos on the plane.

I would like to try one of these devices, of course, but whether they will succeed is an open question.

.net, adobe, development, flash, internet, microsoft, professional, silverlight, software development, visual studio, web authoring, windows, windows 7

Silverlight versus HTML, Flash – Microsoft defends its role

2 Comments

Microsoft’s Brad Becker, Director of Product Management for Developer Platforms, has defended the role of Silverlight in the HTML 5 era. Arguing that it is natural for HTML to acquire some of the features previously provided by plug-ins – “because some of these features are so pervasive on the web that they are seen by users as fundamentally expected capabilities” – he goes on to identify three areas where Silverlight remains necessary. These are “premium” multimedia which merges video with application elements such as conferencing, picture in picture, DRM, analytics; consumers apps and games; and finally business/enterprise apps.

It is the last of these which interests me most. Becker’s statements come soon after the preview of Visual Studio LightSwitch, which is solely designed for data-driven business applications. Taking the two together, and bearing in mind that apps may run on the desktop as well as in browser, Silverlight is now encroaching on the territory which used to belong to Windows applications. With LightSwitch in particular, Microsoft is encouraging developers who might previously have built an app in Access or Visual Basic to consider Silverlight instead.

Why? Isn’t Microsoft better off if developers stick to Windows-only applications?

In one sense it is, as it gets the Windows lock-in – and yes, this is effective. I’m aware of businesses who are tied to Windows because of apps that they use, who might otherwise consider Macs for all or some of their business desktops. On the other hand, even Microsoft can see the direction in which we are travelling – cloud, mobile, diverse clients – and that Silverlight fits better with this model than Windows-only desktop clients.

Another consideration is that setup and deployment issues remain a pain-point for Windows apps. One issue is when it goes wrong, and Windows requires skilled surgery to get some app installed and working. Another issue is the constant energy drain of getting new computers and having to provision them with the apps you need. Microsoft has improved this no end for larger organisations, with standard system images and centralised application deployment, but Silverlight is still a welcome simplification; provided that the runtime is installed, it is pretty much the web model – just navigate to the URL and the app is there, right-click if you want to run on the desktop.

If Microsoft can also establish Windows Phone 7, which uses Silverlight as the runtime for custom apps, the platform then extends to mobile as well as desktop and browser.

The downside is that Silverlight apps have fewer capabilities than native Windows apps. Printing is tricky, for example, though Becker refers to “Virtualized printing” and I am not sure what exactly he means. He also highlights COM automation and group policy management, features that only work on Windows and which undermine Silverlight’s cross-platform promise. That said, via COM automation Silverlight has full access to the local machine giving developers a way of overcoming any limitations if they are willing to abandon cross-platform and browser-hosted deployment.

A winning strategy? Well, at least it is one that makes sense in the cloud era. On the other hand, Microsoft faces substantial difficulties in establishing Silverlight as a mainstream development platform. One is that Adobe was there first with Flash, which has a more widely deployed runtime, works on Android and soon other mobile devices, and is supported by the advanced design tools in Creative Suite. Another is the Apple factor, the popular iPhone and iPad devices which are a spear through the heart of cross-platform runtimes like Silverlight and Flash.

Finally, even within the Microsoft development community Silverlight is a hard sell for many developers. Some us recall how hard the company had to work to persuade Visual Basic 6 developers to move to .NET. The reason was not just stubborn individuals who dislike change – though there was certainly some of that – but also existing investment in code that could not easily be migrated. Both factors also apply to Silverlight. Further, it is a constrained platform, which means developers have to live with certain limitations. It is also managed code only, whereas some of the best developers for both desktop and mobile apps work in C/C++.

I suspect there is division even within Microsoft with regard to Silverlight. Clearly it has wide support and is considered a strategic area of development. At the same time, it is not helpful to the Windows team who will want to see apps that take advantage of new features in Windows 7 and beyond.

Yesterday Windows Phone 7 was released to manufacturing, which means the software is done. Another piece of the Silverlight platform is in place; and I guess over the next year or two we will see the extent to which Microsoft can make it a success.