Great and impassioned article from Ian Rogers, who works for Yahoo! Music, on why he is not accepting any more customer-unfriendly schemes from the music industry. He’s an interesting guy who used to run Winamp.com. Now he is reflecting on the failure of Yahoo! Music:

I’m here to tell you today that I for one am no longer going to fall into this trap. If the licensing labels offer their content to Yahoo! put more barriers in front of the users, I’m not interested. Do what you feel you need to do for your business, I’ll be polite, say thank you, and decline to sign. I won’t let Yahoo! invest any more money in consumer inconvenience.

For a little historical perspective, see here for the same author’s more positive view, on the launch of Yahoo! Music in May 2005.

I feel I played my own small part in this. When I tried the Yahoo! Music service two and a half years ago, I was appalled by the way it installed and posted a blog article about it, which still gets occasional comments from frustrated users.

DRM is actually only part of the problem here. The other part is that apparently nobody other than Apple can write software that makes dealing with DRM-ed music half-way tolerable. Given how much is at stake, I find this extraordinary. It’s not clear to me how many of the issues are Microsoft’s fault, and how many down to third parties like Yahoo! or the BBC (see my comments on iPlayer, which also uses Microsoft DRM).

The point of interest now is whether the inherent disadvantages of DRM will be enough to unseat Apple from its market dominance with iTunes.

A few notes on the first day at the Future of Web Apps conference in London. These are supplementary to my posts yesterday.

Heidi Pollock of Bluepulse spoke on mobile web apps. This was a depressing session, through no fault of Pollock. She explained how to keep to the compatible set of HTML and CSS markup that works on most mobiles, but acknowledged that even this will not work well for all users. Apparently CSS support is disabled by default on Blackberry devices, for example. She also noted that most mobile web users were either in urgent need of information, or bored. A reminder that the mobile web still falls a long way short of its potential.

Microsoft’s Mark Quirk gave a demo of 10 things developers can do for free on Microsoft’s platform. This is a tough crowd for the company. We were shown the complete works of Charles Dickens on a single page, then zooming in to read the text. Great demo, but no applause. Why? Because it’s Microsoft, and the average attendee here carries a Mac and develops on an open source stack.

Zoho gave a sparsely-attended demo of its online application suite. It seems very capable; yet I get the impression that Zoho is losing the battle for attention. Possibly its products do too much, at the expense of usability. I am reminded of Om Malik’s comment yesterday, on web apps that “don’t address the principle of fixing someone’s pain point… a lot just do too much and it’s not clear who they are for”.

Steve Souders from Yahoo spoke on performance. He says to fix the front-end; in most cases the bottleneck is not in the database or server-side algorithms. He has a great collection of tips for speeding the performance of web pages. The crowd was impressed and I’m told that copies of his book were being snapped up on the bookstall afterwards.

Matt Mullenweg talked about the architecture of WordPress.com. He does a good job of de-mystifying scalability. Apparently his site is now somewhere around the 20th most visited in the USA, but runs on relatively modest hardware. His three “magic tools”: Pound (load balancer), Wackamole (manages IP addresses for a cluster) and Spread (messaging). He also uses MySQL in master/slave configuration. Another point of interest – everything is in Subversion, even kernels. Favourite quote: “Spam is the Achilles heel of Web 2.0.” Slides are here.

I interviewed Mullenweg and will post a link in due course.

Best of show so far? John Resig on the future of FireFox. He’s now posted his slides; see also my comments.

John Resig is a brilliant developer who is the creator of JQuery, a fast and lightweight JavaScript library. He is also JavaScript evangelist at the Mozilla Corporation. He spoke here at The Future of Web Apps on the future of FireFox and JavaScript.

It was a fascinating presentation which demonstrated that it is not just Adobe (Flash, AIR), Microsoft (Silverlight) and Sun (JavaFX) who are in the Rich Internet Application game. Resig began with a tour of new features in JavaScript 2.0, most of which was familiar to me as it seems to be essentially ECMAScript 4.0 a.k.a ActionScript 3.0. In short, JavaScript is becoming more like Java, complete with full object orientation, optional strict typing, and a Just-in-time (JIT) compiler. Adobe has donated much of its code for the ActionScript runtime, in the form of the Tamarin project, which will eventually be part of FireFox 4.0.

My interest perked up when Resig started talking about three monkeys. These are:

• Action Monkey – Tamarin in FireFox 4.0
• Screaming Monkey – Tamarin in IE, via the Flash runtime, enabling developers to use it cross-browser
• Iron Monkey – Python and Ruby for Tamarin

This was new to me. Resig continued by showing some of the work Mozilla is doing to support advanced graphics and multimedia. The Canvas element in HTML 5 interacts with OpenGL to support 3D effects. There is even the possibility of embedding C code in the browser for raw performance, though the security implications mean this is unlikely to be used for general Web pages. Resig also showed generic audio and video support built into the browser. This will integrate with SVG, and we saw how live video can be played back in SVG elements even while they are being dragged around a canvas. Just like Microsoft demonstrates for Silverlight, as it happens.

After showing us how Mozilla might make Flash and Silverlight unnecessary, Resig went on to tackle offline applications. He told us that Mozilla is working to “converge” the three popular offline APIs – Mozilla’s own, Google Gears, and WHATWG. “A final amalgam will be in FireFox 3”, he said.

Resig also described plans for offline applications. This includes Webrunner, a desktop host for XUL applications, and Prism, which lets you install a web application as a desktop application. XUL is Mozilla’s XML user interface language – analogous to Microsoft’s XAML and Adobe’s MXML.

None of this is coming out soon. By the time it does, won’t Adobe and perhaps Microsoft have wrapped up the market for rich multimedia in web applications? And isn’t Mozilla on collision course with Adobe, despite the Tamarin collaboration, since much of what Resig demonstrated competes with Flash, Flex and AIR? After all, Adobe ceased supporting SVG after its acquisition of Macromedia and thereby Flash.

I asked a question about this, and Resig answered tactfully:

Adobe and Mozilla are two separate beasts. They sometimes have very similar goals, like getting the Tamarin virtual machine out. Sometimes the goals differ a bit. We have a pretty good vision of the open web as a viable platform for anyone to develop on. HTML, CSS, JavaScript. This is the core that people should be developing with.

It would be great to see Mozilla disrupting the progress of these two proprietary internet plug-ins, Flash and Silverlight, by providing an open alternative, but it does look as if it will all come too late.

Update: Resig has posted his slides here. He has also clarified the timing:

Of the features mentioned in the presentation, the ones that are coming in Firefox 3 are: SVG Foreign Object, Offline Web Apps, Webrunner/Prism, and JavaScript 1.6-1.8.

The forthcoming Radiohead release “In Rainbows” will be sold online:

This is an intriguing development for several reasons. First, there is no label mentioned; it seems to be an independent initiative. Second, the download is not priced; you can pay what you want:

Other points of interest:

• The discbox costs a hefty £40, but comes with bonus CD, 2 vinyl records, a book with a slipcase, and download rights.
• The site does not mention what the download format is. The bitrate, file format and DRM status is unknown (though it seems unlikely that the band would bother with DRM if the download is available for nothing).
• Making a purchase is arduous. The site did not work when I tried using Internet Explorer 6 – you can add an item to the basket, but when you continue the basket is empty. It worked in FireFox, but to make a purchase you have to give a mobile number, agree to receive marketing emails, and type in a CAPTCHA code. For someone spending forty quid, that seems extreme.

Significance of all this? It’s a gimmick of course, and annoying for the subset of customers who just want a CD at the usual price. At the same time, it is smart publicity (here I am writing about it), and a kind of acknowledgment that in the real world digital downloads of almost anything are indeed available for whatever you feel like paying, from nothing upwards. Apple, Amazon, are you watching?

Technorati tags: multimedia, radiohead, downloads, itunes, amazon, drm

One of the first things I tried with my Samsung i600 was to start up Visual Studio 2005, start a new Windows Mobile 6.0 application (I upgraded my i600 to WM6), and attempt to debug it on the device. Note that before you do this you have to install the appropriate SDK.

If you do this, you will likely get an error beginning “The device security configuration disallowed the connection.” The reason is that even unlocked devices like mine are somewhat locked down. This is a good thing for security, but inconvenient when you want to test and debug custom apps.

How do you fix this? The answer is to install two SDK certificates on your device. On my system, the installer for these is here:

C:\Program Files\Windows Mobile 6 SDK\Tools\Security\SDK Development Certificates

I copied certs.cab to the i600, clicked on it in File Explorer, confirmed the installation, and after that everything worked. This blog by Scott Yost has the details. He suggests downloading a great tool called Security Configuration Manager in order to inspect the configuration of your device.

This is not so easy with a locked device. If the security tool tells you that Grant Manager Role does not include UserAuth, you will not be able to install the CABs.

That said, there seems to be a way round this. Conchango’s Stuart Preston has the details. In essence, to lower the security settings, you need to edit the registry, so all you need is a registry editor that is already signed with a fully privileged certificate.

All good news if you want to develop apps for your Windows Mobile device.

You have to admire a magazine which runs an editorial dismissing its own cover-mounted CD  as “that wretched disc.”

So says Dick Pountain in the October 2007 issue of PC Pro. He says in his column that the only reason PC Pro continues to have a cover-mount CD or DVD is because its competitors do, and that none of these competing mags has the courage to be the first to stop.

Is it pointless? In these broadband Internet days, pretty much. It’s true that there is sometimes software included which cannot be downloaded. Software vendors use it for special promotions, or allow mags to distribute old versions as a taster for the latest and greatest. But why not just have subscriber-only downloads, or downloads protected by a key printed in the mag? Sure, someone might post the key to a newsgroup, but then again they might upload the binary from the CD, so there’s little difference.

I don’t altogether follow DP’s logic though. I can’t be the only one who rarely looks at what is on the cover disc. In fact, knowing that CDs are not exactly bio-degradable, I feel a twinge of guilt as they hit the black bin. So if DP is right and that the mags want to lose the disc, all it would take is 10 pence off the cover price and a flash saying “New lower-price environmentally-friendly CD-free issue”, and it’s done. I doubt this would cost sales; in fact, it might make the others look just a little behind the times.

Microsoft’s web server is grabbing market share from the open source Apache, according to Netcraft’s August 2007 survey.

In November 2005, Apache was found on 71 percent of web sites, putting it more than 50 percentage points ahead of Microsoft IIS (20.2 percent). At the time, Apache’s market share advantage seemed insurmountable. But less than two years later, Microsoft has narrowed that 50 percent gap to 16.7 percent. The margin is even tighter in active sites, where Apache leads Microsoft by just 12.2 percent.

Note that even this 12.2% figure equates to about a 33% lead for Apache, so you can spin the figures one way or another according to preference. In addition, Netcraft now reports Google as a separate web server, accounting for 4.4% of sites, yet Google is running an adapted version of Apache as I understand it (Google Front End). It’s perhaps better to look at IIS in isolation. In August 2006 it had around 30% share, whereas today it has 34.2%, which is a significant increase.

How should we interpret these figures? It is difficult, and I would like to see a deeper analysis. I suspect that a significant factor is the move away from smaller ISPs which Netcraft identified in its June 2007 report:

This month’s data also yields some of the strongest evidence yet of the power shift in web hosting, with search portals and domain registrars experiencing enormous growth while paid hosting specialists lag behind. Microsoft (+532K) and Google (+521K) each gain more than half a million sites, while Go Daddy (+455K) and Demand Media (+245K) continue to amass huge numbers of users on their hosting platforms. This trend, along with the growth of social networks and image/video hosting services, is prompting deals in the hosting industry as providers seek the scale and breadth of services to compete.

The BBC is widening its iPlayer beta and I got an invitation to try the service. It has not been a good experience so far, for all sorts of reasons.

I understand the DRM issues that make this Windows-only for the time being, but that doesn’t explain why Vista is not supported. The system insists on XP, IE, and Windows Media Player. Anyway, I fired up an XP box, logged on, chose a programme to watch (The Proms), and clicked Download.

Here’s where it starts to go wrong. I realise this is billed as a beta, but it is a high profile one and deserves careful attention to usability. The download option I’d clicked was just a tease, because at this point I’d not yet installed the player software. So instead of sweet classical music I got a dialog asking me to download and install iPlayer. That seemed to go OK, but then I found myself being asked to log in. I thought I’d already done so, but iPlayer requires a second log-in, being your BBC membership, for which I had not even registered. I guess this will be easier when the beta is finished.

Fine, I registered, I logged in, and refreshed the page. IE was nagging me to run an ActiveX component called Kontiki User Interface binary. I presumed this was required, so I let it do so.

If you’ve been paying attention to the iPlayer saga you will know that it uses the Kontiki peer-to-peer content delivery system, but what if you haven’t? Unless I missed it, the BBC does not bother to warn you or inform you about what this means, as part of the install process. It should, because there are implications. Peer-to-peer downloads mean you have to allow other users to upload data from your PC. That’s not evil, but nevertheless it should require informed consent. There are also technical issues, of which more below.

Now I re-selected the programme I wanted to watch, and clicked download again. For real this time, or so I thought. At this point the web page communicates with a desktop application called BBC iPlayer Library, placing the selection in a download queue. It looks like this:

As you can see, it says Downloading 0% (0MB) in the Expiry column – not a great bit of UI, but it gets worse. Nothing was being downloaded. I went into Preferences and had a poke around. First I looked at the storage options. I don’t use this XP box much and the default drive is nearly full. The library will always leave 1GB free, and as a result there was insufficient space. Online help says not to change this setting:

If you need to move the programmes to a different directory or drive, BBC iPlayer may have problems playing them and they may not appear in your Library.

Sounds like poor coding to me, and I’m not sure what else you are meant to do if the default drive is full. I pointed it to another drive with plenty of free space. Still no download. Perhaps iPlayer does not like my firewall? That’s pretty likely, since I run behind ISA server which itself is behind a NAT router. I looked for the proxy settings, but there are none. Just a button which says: Repair my proxy settings. Meaning what? I clicked it. Here’s the dialog I got:

What is curious is that I didn’t get this dialog until I specifically went into the Advanced settings and asked to have my proxy settings “repaired”. Further, I dislike this dialog. What modification to the registry does iPlayer want to make? Surely I have a right to know. Is it an iPlayer (Kontiki) setting, or something more general? I understand about proxies – why can’t iPlayer just give me a connection dialog where I can enter the details? Nevertheless, like a lamb to the slaughter I clicked OK, though I would not do this on my main work machine without investigating further.

Next I got a script error:

Never mind, something seemed to improve, because when I restarted the iPlayer library downloads started happening. Initially it was not the concert I chose, but rather lots of short branding clips, of the kind that TV stations show between programmes to remind you what you are watching. These came down slowly, but when the programme itself started downloading the speed picked up markedly and is quite acceptable.

Does Kontiki benefit from opening additional ports? That’s what Sky says in its download FAQ – and Sky also uses Kontiki. If so, I am not sure how the BBC can make this a seamless process, particularly for people like me who always disable UPnP in their routers. It would be good to have proper technical information about this.

Once the programme had downloaded, I optimistically hit play. I was warned that once I had played the programme, it would expire after 7 days. OK. It opened in iPlayer, showed the BBC 4 logo, then nothing. No error message, just a black space. I clicked the button to open in Windows Media Player, and got this:

Sigh. So I poked about a bit, cleared the DRM folder in documents and settings\all users\DRM (be sure to back up your licenses if you try this, if you have any DRM Windows Media content that you value, and if WMP will let you), deleted the Proms from the iPlayer library, and downloaded it again. That seems to be how it works – to get a new license, you have to re-download the whole thing. Mad.

Finally, it worked. Quality is OK, no better than TV, but little worse.

My initial thoughts

I think this is a great initiative and congratulate the BBC on the bold step of making its content available over broadband for 7 days after initial broadcast. Let me emphasise, I am really looking forward to being able to catch up on broadcasts that I’ve missed. BUT…

There are a number of issues here that do not inspire confidence. I am not talking only about the DRM, but about the overall presentation and usability.

I dislike the Kontiki software, the obscure proxy settings, and the fact that apparently you have to download a separate utility called Kclean to uninstall it. I don’t mind doing peer-to-peer but I want to be able to monitor it. This article by Dr William Cooper shows that a Kontiki monitor app exists, but I don’t seem to have it, nor can I find where to download it. I suspect Dr Cooper may have special sources given that he is former head of interactive at the BBC Broadcast division. Some folk on the iPlayer messageboard say that Kontiki slows down their internet connection unacceptably. The Kontiki site is no use – it is pure sales, no support to be found.

Usability is not what it should be for a project of this importance. I would expect a higher standard in both the web application and the player.

The whole thing strikes me as an uncomfortable hybrid between browser app and desktop app. Given that you have to install the iPlayer libary, which is desktop, why not make the whole thing a desktop application, in the style of iTunes? You could do this nicely in WPF, or just as a standard Windows application. That would remove the requirement for Kontiki’s ActiveX control.

It’s beta and may improve, but I predict continuing complaints about iPlayer, and not just because of DRM or Windows.  

Postscript

See the comments to this Register article for a few more iPlayer experiences. Seems I was lucky.

I’ve recently set up a server with Ubuntu, in the course of which I learned that Linux SATA RAID works best if you set the controller to AHCI in the BIOS. Typically this defaults to IDE.

More on Ubuntu later, but what if you dual boot with Windows Vista, or just want to enable AHCI on your Vista box?

Vista works fine with AHCI, and you will not run into problems with a new install. However, if you change this setting underneath an installed Vista, it will likely blue-screen on you. The trick is to edit the registry setting here:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Msahci

Edit the Start key and change its value to 0. Then shut down, change the BIOS to AHCI, and reboot. All going well, Vista will detect the change, install new drivers, ask you to reboot once more, and it’s done.

Microsoft has a knowledgebase article on this, number 922976, though curiously it is not currently available in English. Perhaps that means there is some risk involved, or that Microsoft do not think you should fiddle with a working system. Consider yourself warned. However, the article is available in French, and Wikipedia suggests that English-speaking folk read it via Babelfish:

http://babelfish.altavista.com/babelfish/trurl_pagecontent?lp=fr_en&url=http%3A%2F%2Fsupport.microsoft.com%2Fkb%2F922976%2Ffr

This link enables me to confirm the benefits of AHCI:

AHCI provides several functionalities for peripherals SATA, in particular, the hot connection and the management of the food.

According to the latest Click Fraud Index, 15.8% of clicks on pay-per-click ads are fraudulent, rising to 25.6% if you look solely at content networks, such as Google Adsense.

This is a can of worms. Almost any question you can ask is hard to answer with confidence.

What is the real level of click fraud? Google’s Shuman Ghosemajumder says that estimates such as the Click Fraud Index are overstated. In addition, a proportion of the fraudulent clicks are detected by Google and not charged for. Which leads to another question –

How many fraudulent clicks are actually charged to advertisers? Google says very few – but they would. Intriguingly, it also apparently discounts content network ads on the grounds that there is more fraud there:

We know there is a more direct incentive for fraud on the content network and we do much more to protect advertisers, ban bad publishers, and improve ROI through SmartPricing discounts. As a result, average ROI on our content network is nearly the same as on Google.com. Yes, you read that right. ROI is the same on average – and not by accident, but because we automatically provide discounts to advertisers to make it so.

Is that not a tacit admission that advertisers are paying for some fraudulent clicks? It sounds like that to me – Google discounts all the clicks to compensate for for the fact that some are bogus.

How is click fraud detected? Some of this is obvious – rapidly-repeated clicks from the same IP number, for example, and clicks from known botnets. As I understand it, the Click Fraud Network goes further by attempting to analyze the activity after the click has landed. However, nobody is going to publish the exact algorithms they use, for fear of helping the fraudsters (and giving away secrets to competitors).

What about clicks from unknown botnets? What about click fraud programmed skillfully enough to replicate likely human behaviour? I’m sure the fraud detection is imperfect; the question is, how imperfect?

Probably the best way to figure this out would be to penetrate the criminal underworld that executes the fraudulent clicks and discover their techniques. Even this would not catch the casual fraud – for example, someone who goes into an Internet cafe from time to time and clicks on a few ads on their sites.

How can advertisers audit their bills? Difficult, because as I understand it the agencies (such as Google) do not supply enough detailed information. You would need the exact time and IP number of every billed click, which you could then match to your log records, analyze behaviour, and check out against known compromised IP numbers. There is a general lack of transparency.

About the only thing you can measure is results. In other words, attempt to correlate sales against ad expenditure. Google says the same – watch your ROI. The reason advertisers meekly accept a certain (unknown) level of fraud is because they feel it is worth it. After all, there is waste in every other form of advertising – TV viewers who skip ads, print ads that are never opened, etc. 

That’s all very well, but the main difference with click fraud is that it is not just waste, it is also fraud. How many people are getting prosecuted? Another question that I can’t answer, but I suspect, nowhere near enough.