I never imagined I’d reach anything even close to 10k rep. Lots of thoughts and some analysis to come on this in a future post – but I’ve got two deadlines coming up, so very rushed right now.
(from 1982. Blogged now because … the named individual who apparently came up with this scam)
(for those that haven’t been following: four years after Langdell tried to bully an award-winning iPhone game into giving him their money, using his invalid trademark to threaten legal action … the USPTO has finally started cancelling each of his trademarks. Trademark law is FUBAR: 4 years for a fraudulent(*) TM to be cancelled? Ouch.)
(*) – my opinion, but: read the case notes … he apparently committed blatant fraud to keep-alive a trademark that legally had already expired
Modem A: hey babe, you dtmf?
Modem B: u know it
Modem A: what u up 4 2nite? wanna v.8?
Modem B: i wanna ack u like my daddy net2phone use 2 ack me
Modem A: um ok… v.8 then
Modem B: lol jk, u comin?
Modem A: brt just gotta turn off echo suppressors n cancellers
Modem B: ok i wait
Modem B: my pcm is so modulated
Modem A: lol rly? u think u can handle V.90/V.92?
Modem B: D/A?
Modem A: …D?
Modem B: wtf no, im not into that
Modem A: lol jk we can do V.42 LAPM if u want im down 4 nething
Modem A: up to 3429 o/c
Modem A: u know i give as good as i get, ne way u want it, loud or soft, high or low, fast or slow, i got all the time in the world 4 u babe, my clock source is internal
Modem B: of course no 3429. and same 4 me. except i might lose track of time, lol
Modem B: and honey if u with me we gon be makin sum NOISE
Modem B: 6db at LEAST u know how i like it
Modem A: lol i hear ya, 3200 all nite long, the way u get me goin maybe we even go 2 4800 lol
Modem A: set ur pre-emphasis filter params n put on that 1920 hz carrier frequency i got u
Modem A: im here baby
Here’s the magic URL, that you can’t access directly from the site:
In 5+ years of flying with Virgin, their online booking system has always, every single time, failed – and redirected me to a page where I get that link to get THEM to phone ME.
(which is useful, since the evil mobile network operators don’t like Virgin’s 08-something numbers, and turn them into premium-rate bills)
It’s a pain going to the site, going through the pointless online booking, knowing that you’ll end up on the “our booking system sucks, click here” page.
So I’m blogging this so I never need to do it again!
Why does the login URL for internet banking:
…redirect to the newsletter for global investors:
Do you *want* people to think your website has been hacked?
Or do you just not know what a cool URI is?
I think your VP Marketing / Marketing Director needs a slap upside the head…
As a developer, I’ve been using iPhone’s since they first came out. I have to test my apps on every version!
iOS 6 is the first version of iOS “post Steve Jobs”. But it’s terrible – it seems to be a 2nd-rate product rushed out by a small team of startup programmers, working from their garage.
As a developer … I’m dismayed. Consumers are famously slow to change (en masse) – but they are neither stupid nor indifferent. Their tolerance is high, but not infinite. The iOS 6 experience is going to force a lot of people away from iPhones. Looks like we’ll be doing a lot more Android development in 2013 than I was expecting …
1. It will DELETE your photos
Yes, really. You can recover them (from what I’ve seen so far: all of them) if you use backup recovery tools. But seriously: WTF?
Many google hits for this, plenty on Apple’s own support forums, with no response from Apple.
Or … it will randomly delete half your photos (happened to a phone I saw).
Or … it will REDUCE the quality of all your photos until they become tiny pixellated blobs.
AND … photos taken after you upgrade iOS 6? Forget it – they’ll be inaccessible too.
Deleting people’s photos is – commercially – unforgivable. I was amazed the first time I saw this happen.
2. It crashes. A LOT.
Until iOS 6, Apple’s OS was getting better and better with each release. I don’t *try* to crash phones, but it happens accidentally when you use the phone a lot. But iOS 6 is a total disaster.
- iOS 2: took me 3 days to crash it
- iOS 3: took me 3 weeks to crash it
- iOS 4: took me 3 months to crash it
- iOS 5: …never managed to crash it…
- iOS 6: took me 3 seconds to crash it
To be clear: this is through normal usage, nothing special, nothing “developer-y”.
The iOS 6 crash was 100% reproducible, triggered by simply moving an icon on Springboard to a differnt screen, and then hitting the home button. Wow.
3. It removes GPS and Maps from your phone
iOS 6 REMOVES Google Maps, and there is NO WAY to get it back.
So, now … unless you buy an additional “mapping app” (and there are none that are as good as Google Maps, unless you spend a huge amount of money), then … that GPS chip in your phone, that’s part of the cost of the phone? For most people it’s now a hunk of useless metal.
In the last 10 years, very little in mobile phones has changed the way people live their lives quite so much as the instant availability of detailed, accurate, maps with GPS no matter where you are on the planet.
4. You cannot return to iOS 5
iOS 5 worked. It was stable. It had a GPS! and Maps!
…but Apple forbids you from running it if you ever install iOS 6.
As a developer, this has been a recurring nightmare: we had to make sure no-one ever upgraded a phone – even by accident. (as a developer: you test your app on every old version of iOS that you can. Not just on a simulator, but on each physical phone)
Now consumers get to find out quite how (unnecessarily and unfairly) painful that process is…
Screenshot taken straight from the official blog post:
You see, they wanted to add a feature where you could “watch” a repository.
Only … due to some weak design (or perhaps: technology-led) decisions in the past, they already had a feature with this name, which didn’t really do what it claimed to do. Rather than fix it … they added a meaningless button that does what the existing button (Watch) pretends to do. So now, when you want to watch a project, you must NOT CLICK the Watch button, with its excellent icon, but instead the “burning lump of gas” button. Um.
Here’s a hint: if you’re designing a UI, and at any point you decide:
“STARS! Starring items is the answer!”
…and the question was anything other than “how do we Rate items?”, then: you’re wrong. Try again.
(PS: they’ve also fixed the extremely annoying long-time bug that people could raise Issues, or Comment, on your repository – but you’d never find out, again because of technical decisions / implementation issues on their system. Apparently alll fixed now. Yay!)
So far this week, from Unity3d, I’ve received:
- A “personal” email asking me to respond if I want to know more about Unity4.
- When I replied, I got an auto-responder saying “I’m away for two weeks and will not be responding to email”; which reminded me this account manager had told me they’d be leaving a few days *before* I received the email “From” them
- So, I re-forwarded my email to the named “in my absence, speak to” contact – no response
- A few days later: a new “personal” email, again asking me to respond to their marketing push for Unity4, but this time from the “in my absence” contact
- This despite no response to my email I’d already sent about the last such email from Unity
- And, again … when I replied … no response
If someone’s on holiday – no problem there, of course!
If someone’s ignoring your emails *responding to their marketing* … and then “personally” sending you marketing emails days later … that’s mildly offensive.
If the company is sending out fake emails that pretend to come from people who – by the sounds of the auto-responder – were already out of the office and not responding to email … that’s definitely offensive.
I think Unity needs to do some a bit of work re-thinking their spamvertising – sorry, I mean – their marketing.
StackOverflow.com now blocks anyone running Firefox 3.x (probably not deliberate – just someone wrote some bad code and didn’t test it?). But it’s interesting that sites that decide to go anti-HTML and pro-AJAX/JS can so easily break their whole site, just from some errant JS code.
Because there’s just not enough funny in the news these days:
To anyone in the games industry, this should be a cause for weeping and decrying the Godless universe:
(I’m guessing it’s just Network Solutions being typically crap and screwing-up the domain renewal)
…but they decided that only people with a Credit Card registered in USA or Canda are allowed to use it (even though it’s free).
So. I’m going to repay that smack-in-the-face by not linking to it, nor naming it.
Autodesk marketing: #FAIL.
One of the peculiar distinctions of Jack Vance’s writing is that he vomits obscure words onto the page as if he’d just eaten a dictionary that severely disagreed with him. Sometimes he seems to be parodying his characters – but other times he happily does it for himself.
To be clear: I’ve never seen him mis-use or abuse a word. When you know what all the words mean, it’s a joy to read (although he uses very few words – preferring to use the exact correct – single – word … than to use 10 more commonly-known words to describe the same thing)
Many of them I know – although I know that most people don’t. But at least as many I *don’t* know – although I do recognise them as genuine English words.
And then, occasionally, you meet an Archveult. And then it gets interesting.
JustF***ingGoogleIt: Google: Archveult
The only dictionary hit I could find was an evil bit of SEO that claimed – in the lies it told Google – that it held a definition for the word, but actually just provided a page that said: “I think you mistyped XXXX instead”.
Next step: commercial, offline, paper dictionaries. Real ones, Shakespearean ones, etc.
In the meantime, my best guess – and this is rather funny if true – is that it’s a deliberate portmanteau of “Archmagician” and “La Reyne le Veult” (the Royal Assent). Because the only story I’ve found it in so far (where the word is used repeatedly) is about an (almost) all-powerful woman attempting to conquer the universe by turning all men into women.
(and read the story before you get too excited by that)
Filed in “game design” because … well.
I feel sorry for Toshiba; they make good products, but their marketing
seems to belong to a much smaller, poorer company.
Take this advert, from April 2012, when Apple is already far along with shifting their whole laptop lineup to “ultra thin” MacBook airs (rumour suggests the non-thin models will continue to be phased out next cycle – doesn’t matter so much for this post, but if true, it adds extra emphasis to the post):
…and compare it with Apple’s photo from the same period:
The iPad 3 is considerably heavier and thicker than the iPad 2. This is a pain for users, but for Apple Marketing it’s a disaster. They’ve been fighting to prevent people equating “iPad” with “low power, low utility, inferior Laptop”. The iPad 1 had a fair go, but struggled. The iPad 2 went a long way to achieve it with it’s ultra slim/light/long battery life.
With other companies (e.g. Google) we’d assume that Apple did intensive market research on iPad 1 vs iPad 2, and found that weight didn’t factor into the purchase decision much. Given this is Apple … I expect it was an internal decision instead. They decided that the sheer awesomeness of the Retina display meant the pain of the weight + thickness would just have to be accepted. Personally, I agree: the Retina makes such a huge difference that it’s a no-brainer to buy an iPad 3.
(NB: even with the considerable increase in weight, and in battery quality, the iPad 3 has a considerably shorter battery life than previous iterations)
So, what does Apple do?
It’s not a bug, it’s a feature: Apple redefines Reality
All previous Apple marketing for iPad/iPhone has included side-on photos on the front page. iPad 3 is the first to use an isometric view – not just on the front page, but *everywhere*.
APPLE LESSON 1: If it’s bad, hide it.
The photo they use is EXTREMELY poorly positioned. The iPad 3 is contorted, the image is squished by perspective, the flower image looks terrible.
But you won’t notice any of that (unless you’re a product-photographer). No, you’ll notice HOW THIN IT LOOKS!
Apple carefully chose the angle to use perspective to hide the actual width of the product. It’s just shallow enough an angle to make it appear that you’re seeing the width – but just deep enough an angle to hide most of the width. (recall that the iPad 2 and iPad 3 both have a very deep bevel on the underside).
Apple also carefully chose the lighting: white iPad 3, ultra bright lights (my gut feel is these are even brighter than normal in Apple ads, which is very bright to start with), even the photo of a delicate thin flower (see what they did there?) is itself over-exposed a little. The iPad itself seems to almost … disappear … on the advert.
APPLE LESSON 2: If it’s really bad, make a photo that lies.
Toshiba: Fat, dark, and ugly
Let’s revisit Toshiba’s photo:
- the angle TRIPLES the width of the lid
- the angle DOUBLES the width of the base (look at the extreme bottom right edge – the base appears to mirror around the white hilight stripe)
- the inside is DARK, with HEAVY, THICK, DIRTY lighting
- the shadow underneath the laptop is ALMOST AS THICK AS the laptop itself, and coloured DARK BLACK
OK, so I could forgive poor colour scheme – marketing had no choice in that.
You could (maybe) forgive the stupid choice of perspective – maybe the laptop just looks ugly at any other angle. Or maybe they “needed” to show the ports on the side (if so, they failed: the lighting is so bad you can’t see the important ones).
But … who in Toshiba Marketing approved a photo with a black shadow underneath that makes their “thin” laptop look considerably thicker than it is? There’s no excuse for this: it’s a terrible photo (should have been rejected during the photo-shoot) – but it’s a catastrophically bad piece of marketing.
TOSHIBA LESSON 1: ?
Third Reich vs. Game of Thrones … one of the best Downfall mashups I’ve seen (particularly like the timing on “Headless”)
(see what I did there? topical music + animated gif combo!)
Finally, I worked out how to type pinyin on a mac, using only the keyboard.
Only, GoogleTranslate acts like a prick, and pretends it has no idea what you’re saying. This, Google, is just silly:
(for comparison, I tested – if you hit the “switch” button, and type “Hello”, you can copy the output, hit switch again, and Google still pretends you’re talking gibberish)
To add insult to injury, if you don’t manually hit the “Turn OFF instant translate”, it keeps manually switching the From language … to English. Every time you type a letter, it reverts to “English –> English”. HOW MANY WORDS IN ENGLISH EVER USE ACUTE, GRAVE, OR CIRCUMFLEX? Sigh. Not very smart.
Worst bit is … this was working fine a couple of months ago. Then Google “rewired it”, and now it’s broken. My friends at Google say this (constantly breaking things, never letting the user keep a working version) is “good” and “the future” because it puts control into Google’s hands: one version, on all desktops. If this is the future of Cloud Computing, Cloud Computing is dead and buried already… Version control is not a “feature”, it’s a right.
Two things here: if you run any Rails site, check out the security hole ASAP if you haven’t already. You might be safe – but given that even GitHub wasn’t, I’d double check if I were you. (The Rails community seemingly isn’t patching it – and there’s nothing recent on the Security list. Which leaves me going: WTF? The evidence is right there on GitHub of how bad this is right now, in the wild).
Secondly … what just happened? Apart from doom and gloom and “the end of every unpatched Rails site on the planet”, there’s a fun story behind this one. As someone put it “it’s the whitest of white-hat attacks” (i.e. the “attacker”‘s motives appear extremely innocent – but foolish and naive)
It seems that GitHub got hit by the world’s nastiest security hole, in Rails – trivial to take advantage of, and utterly lethal. The hole appears to allow pretty much anyone, any time, to do anything, anywhere – while PRETENDING to be any other user of the system. So, for instance, in the attack itself, someone inserted arbitrary source code into a project they had no right to.
Hmm. That’s bad. It effectively destroys GitHub’s entire business (it’s already fixed, don’t worry)
But it gets worse … it’s a flaw in the RoR framework, not GitHub itself (although apparently GitHub’s authors were supposed to know about the flaw by reading the Rails docs, as far as I can tell from a quick glimpse at the background). Rails authors have (allegedly) known about it and underestimated how bad it is in the wild, and left Rails completely open with zero security by default.
So, allegedly, the same attack works for most of the web’s large Web 2.0 sites – any of them that run on Rails.
Who was the perpetrator of this attack? Ah, well…
Classy. Dangerous (high risk of someone calling the police and the lawyers), but if people won’t believe you, and *close* your issues, claiming it’s not that important, what more amusing way to prove them wrong?
Whoops, shouldn’t have done that
I can’t state this strongly enough: never attack a live system. Just … don’t.
Any demonstration of a security flaw has to be done very carefully – people have been arrested for demonstrating a flaw allegedly *at the owner’s request*, because under some jurisdiction’s it’s technically a crime even if you’re given permission. In general, security researchers never show a flaw on a real system – they explain how to, and do it on a dummy system, so no-one can arrest them.
(why arrest the researcher? Usually seems to be no reason beyond ass-covering by executives and lawyers, and a petty vindictiveness)
Homakov appears to have been ignorant of this little maxim, hence I’m writing it here, let as many people as possible know: never attack a live system (unless you’re very sure the owners and the police won’t come after you)!
On the plus side, they fixed it within hours, on a weekend. And then proceeded to tell every single user what had happened. And did so in a clever way – they put a block on all GitHub accounts that practically forces you to read their “here’s what happened, but we’ve fixed it” message. They could have kept it quiet.
Which is all rather wonderful and reassuring.
On the minus side, IMHO they rather misrepresented what actually happened, portraying it more as a malicious attack, and something they fixed, rather than what it was – the overspill from an argument between developers on some software that GitHub uses.
And they initially reported they’d “suspended” the user’s account. Normally I’d support this action – generally it’s a bad idea to let it be known you’ll accept attacks and not fight back. But in this case it appears that GitHub didn’t read the f***ing manual, and the maintainers apparently (based on reading their tickets on the GitHub DB) refused to accept it was a serious problem – and apparently didn’t care that one of their own high-profile clients was wide open and insecure. The attack wasn’t even against GitHub per se – it was against the Rails team who weren’t acting. IF it had e.g. been a defacement of GitHub’s main site, that would have been different, both in impact and in intent. Instead, the attack appears to be a genuinely dumb act by someone being naive.
Seems that GitHub agreed – although their reporting is a bit weak, it happened days ago, but they never thought to edit any of their material and back-link it.
“Now that we’ve had a chance to review his activity, and have determined that no malicious intent was present, @homakov’s account has been reinstated.
…and it’s pleasing to see that their reaction included a small mea culpa for being unclear in what they expect (although anyone dealing with security ought to be aware of this stuff as “standard practice”, sometimes it’s not security experts who find the holes):
“We haven’t been as clear as we should have been on how to responsibly disclose security problems, and for that I’m sorry. To prevent future confusion about security-related account suspension, and to make explicit our stance on responsible disclosure, we have added a section entitled Responsible Disclosure of Security Vulnerabilities to our Security policy.”
I’d expect: shame, weeping, and BEGGING the web world to forgive their foolishness. I’m not sure, but it’s going to be interesting to watch. As of right now, the demo’s of the flaw are still live. I particularly like one commenter’s:
drogus closed the issue 5 days ago
5 days ago
“I’m closing it (again).
@drogus was close it, but it still open.
kennyj closed the issue 5 days ago
“github bug?” LOL, no – massive security flaw :).