All posts by onlyconnect

Uncategorized

Ian Rogers at Yahoo! Music says no to DRM

Great and impassioned article from Ian Rogers, who works for Yahoo! Music, on why he is not accepting any more customer-unfriendly schemes from the music industry. He’s an interesting guy who used to run Winamp.com. Now he is reflecting on the failure of Yahoo! Music:

I’m here to tell you today that I for one am no longer going to fall into this trap. If the licensing labels offer their content to Yahoo! put more barriers in front of the users, I’m not interested. Do what you feel you need to do for your business, I’ll be polite, say thank you, and decline to sign. I won’t let Yahoo! invest any more money in consumer inconvenience.

For a little historical perspective, see here for the same author’s more positive view, on the launch of Yahoo! Music in May 2005.

I feel I played my own small part in this. When I tried the Yahoo! Music service two and a half years ago, I was appalled by the way it installed and posted a blog article about it, which still gets occasional comments from frustrated users.

DRM is actually only part of the problem here. The other part is that apparently nobody other than Apple can write software that makes dealing with DRM-ed music half-way tolerable. Given how much is at stake, I find this extraordinary. It’s not clear to me how many of the issues are Microsoft’s fault, and how many down to third parties like Yahoo! or the BBC (see my comments on iPlayer, which also uses Microsoft DRM).

The point of interest now is whether the inherent disadvantages of DRM will be enough to unseat Apple from its market dominance with iTunes.

internet

Charles Fitzgerald: Oracle will buy Salesforce.com

I enjoyed this thoughtful post on Fitzgerald’s Platformonomics blog. I am personally guilty of thinking too much about technology and not enough about the bottom line; this kind of analysis is a useful corrective, though bear in mind that it comes from a competitor to both companies.

It is true that Salesforce.com is an Oracle company at heart, a point that has been made to me several times when I have talked to its spokespeople. It is a platform for database applications, and the database is … you guessed.

internet, software development

Hosted platforms and the risk of lock-in

Two interesting posts for anyone considering building an application on a hosted platform like force.com (Salesforce). Onstartups has a thoughtful article about what it would be like to succeed on such a platform, and how much money and control you might end up ceding to the hosting vendor. Bob Warfield’s Smoothspan blog takes up the theme with a response that is longer than the original. What does it all boil down to? This, I think (from Smoothspan):

First, it has to be possible for you to move your software in a reasonable amount of time to new lodging if it gets too ugly.

As Smoothspan notes, this is what makes a service like Amazon S3, which you can easily switch out for another service, more attractive from this point of view than force.com, with its proprietary Apex language and forms.

That does not mean force.com is necessarily a bad deal. It means there has to be a lot of added value – such as productivity, high-level components, rich services – before it makes business sense to accept the lock-in.

software development, web authoring

New Silverlight book with live web coding examples

Adam Nathan is supporting his new book on Silverlight 1.0 with live code examples. This means you can modify the code in the browser and see the Silverlight canvas immediately update. It is a excellent way to get an idea of how the XAML works.

Of course you can easily invalidate the code, in which case you get a parser error.

Works on FireFox; not tried it on the Mac.

Technorati tags: , ,
internet, multimedia

Radiohead’s pay-what-you-like download: 160kbps MP3

Radiohead’s distribution experiment, in which customers are invited to pay what they like for the band’s latest album, In Rainbows, in digital form, will be available from tomorrow as 160kbps DRM-free MP3s.

That bitrate is likely to be sufficient for most listeners. 128kbps is sometimes considered the minimum acceptable for reasonable fidelity in MP3. Audiophiles will prefer to purchase the “discbox” which includes a CD, a bonus CD, and vinyl formats, or wait in the hope that a conventional CD release will appear, as it probably will.

My earlier comment is here.

Technorati tags: , , ,
internet, software development

An SLA for Amazon S3

5 Comments

Amazon has announced an SLA (Service Level Agreement) for its Simple Storage Service (S3).

S3 is great, and I noticed how it kept getting mentioned at the Future of Web Apps conference last week. The fact that people are using it, and liking both the performance and the price, says far more about it than any amount of PR.

The lack of an SLA was a snag for enterprise users who need assurance of reliability. So now there is one – but how much is it worth? Not much. The SLA guarantees 99.9% uptime, but you only get between 10% and 25% discount on your usage fees if it slips below that. There’s no coverage for consequential loss:

…your sole and exclusive remedy for any unavailability or non-performance of Amazon S3 or other failure by us to provide Amazon S3 is the receipt of a Service Credit

Given the keen pricing of S3 that’s not surprising. Still, the SLA does have some value, if only for setting expectations about what level of service S3 is likely to deliver.

Update: WordPress is now using S3 as its primary store, but Matt Mullenweg says the SLA means little to him. 

Technorati tags: , , , ,

linux

RM’s Linux miniBook

3 Comments

Palm may have abandoned its Foleo; but others are willing to take a crack at the sub-notebook market. Educational suppler RM has partnered with Asus to offer a Linux miniBook starting at £169.00 (around $300). That’s substantially cheaper than a Nokia N800 internet tablet. Here are the specs:

  • Mobile Intel Celeron-M ULV 900MHz processor
  • 7″ TFT screen
  • 256MB or 512MB Memory, 2GB or 4GB Solid-State Hard Drive, SD card reader
  • Integrated Modem and LAN, Internal wireless 802.11g
  • Integrated webcam, microphone and speakers
  • 3 USB ports, VGA out port

According to the press release:

Students will be able to use the RM Asus miniBook to send and receive email, create and edit documents, view photographs, play videos and MP3 files, browse the Internet, listen to online radio and participate in instant messaging.

It caught my interest because I am constantly frustrated at having to carry a relatively bulky laptop in order to get my work done. So I could be in the market for one of these, though it is aimed at students. Bluetooth is not mentioned, which is a shame as this helps with mobile phone integration. According to this post, based on a preview, Windows may be available as an optional extra – I presume this would be Windows Mobilethis article says Windows XP.

If the category succeeds, of course there will be others like it. Why will this be different than other failures or semi-failures, such as the Windows CE Handheld form factor, Tablet PC, or UMPC? Price, mainly. The mass market is reluctant to buy a sub-notebook when there are much more powerful laptops available for the same or less money. That’s now changing, and at this level it just might catch on.

Technorati tags: , , , , , ,

internet, security, web authoring

Paying on the web? Look for the small padlock, not the big one

6 Comments

A friend drew my attention to a security issue on thetrainline.com, a UK website for purchasing train tickets.

She planned her journey and then entered her credit card details, noting that the browser confirmed that she was on a secure page:

In this case, Internet Explorer shows the url in green, which means it uses an Extended Validation (EV) SSL certificate, giving extra confidence that all is well. Indeed, in normal circumstances it would have been.

Unfortunately she made a small error with the card details. The site then bounced her to an insecure page, inviting her to re-submit her details but this time over HTTP. The image below shows part of the web page, including the credit card details (albeit with whatever errors caused the validation to fail) and the IE property dialog confirming that the page is not encrypted:

Now the comforting green url is gone, replaced by plain black on white:

However, the big padlock graphic is still in place, along with logos for Verified by Vista and MasterCard SecureCode.

It looks to me as if the card details are sent in plain text twice, first when bounced back to the user for correction, and second when re-submitted.

The site was advised of the problem 24 hours ago, but I was able to replicate the issue just now. Moral: look for the small padlock in the address bar, not the big reassuring graphic on the page itself.

Is this a big security risk? As far as I’m aware, the chance of a criminal intercepting internet traffic to look for useful information is slim. That’s just as well, given the number of sites that do bad things like emailing password reminders in plain text. The risk is not just theoretical though; the traffic could be logged or intercepted.

Let me emphasise: thetrainline.com is a respectable web merchant and I am sure this is no more than a bit of careless coding. After all, there is no advantage to the web site if you send your card details unencrypted. They get them anyway.

Technorati tags: , ,
blogging, microsoft, web authoring, windows

The curious silence of the IE team – Microsoft needs to rediscover blogging

4 Comments

There are huge numbers of Microsoft bloggers; yet in some important areas Microsoft seems happy to let its opponents make all the noise.

Internet Explorer is an obvious example. There is an official IE Blog, but you won’t find anything there about IE8, just occasional news of minor IE7 tweaks. The comments on the other hand are full of questions, many of them good ones that deserve an answer, or at least an acknowledgement that someone is listening.

I spoke to Microsoft’s Chris Wilson at the Future of Web Apps conference back in February, noting that he gave a “good bridge-building talk”. There have been other similar talks, but little of substance since then. Anyone searching the web for news of browser development and innovation will find little from Microsoft, lots from Mozilla and others.

This is not about Microsoft bashing. Rather, it is about web developers and designers who need to make stuff work. Having some idea about where Microsoft is going with its browser helps with that.

Microsoft needs to rediscover the value of high quality blogging that engages with the community. It is not just IE. Soon after the release of Office 2007 I was among those who reported on performance problems with Outlook. This blog still receives thousands of visits from users who search for why Outlook 2007 is slow. Where were the bloggers from the Outlook team? Months later there was a tech note and patch which helps a little, but Outlook 2007 is still slow and there is no real evidence that the company cares.

What about Open Office XML, viciously attacked by IBM and other sponsors of the rival Open Document Format? Brian Jones has a good marketing blog; yet I’ve seen relatively little technical blogging from the OOXML folk at Microsoft, in response to questions raised.

See also Dave Massy’s blog.

Technorati tags: , , , ,
internet, search

Who’s got the best search engine?

Please try the test here and vote because this is fascinating. It’s simple: perform a search and pick which is the best result, as in, which result best corresponds with what you are looking for. The script gives you the top result from Google, Yahoo and Microsoft (not in that order), but – crucially – does not show which is which. Currently, after 1400 votes, 34% have voted for the first, 53% for the second, and 29% for the third.

Of course this is an inexact science. Two different people could perform the same search and prefer different results. Further, it is not quite fair, in that the search engines could have personalization algorithms that will not operate when you go via a third-party script. I also hope nobody is cheating here, since unfortunately the test is insecure, in that you can work out which search engine is which and vote accordingly.

It is still interesting because it removes branding from the search results. This counts against Google, which has the best brand for search. After all, the brand has become a verb, “to Google”. Some people probably think Google invented web search.

Although number two is significantly ahead, the figures are already closer than actual market share would suggest. That implies that factors other than pure results are of critical performance in the search wars – though I suppose you could argue that if one search engine gives you the best result 53% of the time, you will end up using it 100% of the time.

Has anyone done a more secure test, maybe showing the first page of results rather than just the top hit?

Technorati tags: , ,