Thursday, December 20, 2007

A simple request...

I want to buy a mobile computing device! Hear me oh great makers of
iPhones, O2s, Palms, Blackberries, Nokias... I WANT TO GIVE YOU MY
CASH. But first of all you have to make a really complete mobile
device. It doesn't exist yet. I think the first manufacturer to do so
will make a bundle (if they are not too greedy with locked plans). The
iPhone is oh-so-close, but it's flawed in a minor and major way. The
minor way is no 3G or GPS. The major way is that it is locked in most
countries, and prohibitively expensive in the others. I don't want to
play around with Jailbreak's that may or may not survive future
updates.

So here is the wish list:
o Unlocked phone
o 3G/Wi-fi/802.11/Bluetooth connectivity
o Decent audio/video capabilities
o At least 8 GB solid state memory, preferably upgradeable without
buying a different model
o Inbuilt GPS receiver, I can pay extra for the navigation software
o Sexy iPhone like interface
o Open platform for applications
o Proper web browser and email functionality
o Battery lasts two full days on standby, one day with heavy use.
o Camera... I don't care.
o Under $1000 USD, unlocked, before network costs, including all taxes.

At the rate the major providers are going, Google's Android platform
is going to be on the first devices with these specs.

Tuesday, December 18, 2007

IT Geeks are the new mechanics?

Okay, a quickie to get back into the blogging habit.

I'm wondering whether the IT industry in the 21st century attracts workers that 50 years ago would have been mechanics? If not mechanics, then television repairmen, or telephone exchange workers, or any other kind of technical but not rocket-science job.

Let me put it another way: would IT support offices around the the world be full of magazine pictures of scantily clad women if it weren't for contrary workplace policies? I've seen some "IT guys" these days that definitely break the stereo-type of "nerdy 20/30 something with wispy facial hair." Don't get me wrong. More diversity is good; but what I really can't help thinking is, if I was born 50 years ago, would I have been a petrol head?

Monday, July 2, 2007

Is effective DRM possible?

The short answer is yes, but only by returning to analog publishing formats. The rest of this post is the long answer. Along the way I'll be giving a basic description of how DRM (digital rights management) is supposed to work today.

So why isn't DRM effective with digital publishing? Because digital formats don't degrade. Every bit of every song or movie is meant to stay uncorrupted for all time. The error correction used on the internet and on physical media are designed to ensure this. If the data does get corrupted --- from a scratched disk, or a failed hard drive --- the song or movie basically becomes unplayable around the damaged region and is permanently lost. So what's this got to do with DRM? Well to make a perfect copy a digital file all you need to do is perfectly replicate all the bits in the file. As long as you can read the bits of a digital file someone will always be able to invent a way to make a permanent copy of them. So DRM doesn't focus on preventing copying (although ideas such as ARccOS unsuccessfully try to). Instead, the more successful attempts at DRM use encryption technology. The idea is that the bits that make up the media file are encrypted so that they are apparently a completely random jumble of bits. The legitimate purchaser is given the cryptographic key (a long sequence of numbers) that is used by the playback software to transform the random bits back to their original form, on-the-fly. Sound's reasonable?

But there's at least two fundamental flaws with this approach to DRM. The first is the well established key distribution problem in cryptography. Surprisingly, perfect theoretical cryptography exists. It's called the One Time Pad. But it's more or less impractical because it assumes that the cryptographic key is kept perfectly secret, it's perfectly random, and it's the same length as media file itself. Even just the "perfectly secret" bit should convince you that this isn't going to work for mass publishing of media. Every individual would have to take delivery of two files per purchase, sent through separate secure channels such as one by the internet (the actual movie), and the other by post (the key). Then every individual would have to declare, under the threat of dire consequences, that they would never let any other individual have both the encrypted media and key files at once, and would never distribute their own unencrypted version. So DRM typically uses a scaled back approach. When you buy a DVD you receive both the encrypted media file and cryptographic key on the same disk.* When you buy a song, from iTunes for example, you download the encrypted media file and you download the cryptographic key for that file. From a key distribution perspective, both of these approaches are dumb because the key is basically delivered to you in the same way as the media. To compensate, publishers go to great lengths to hide the key on the DVD, or in the case of iTunes, on your hard drive somewhere. They also try to protect the schemes used to reassemble the key. But this can only last so long. At the end of the day, if the key and the media are distributed together, someone will always figure out how to recover the key and make that knowledge open. Which then allows every Tom, Dick and Harriet to decrypt and copy the media illegally. Examples of this are DVD Jon's original cracking of the CSS DVD protection, and the recent discovery of several HD-DVD/Bluray title keys that use the newer AACS protection.

So what's the second fundamental flaw? Consider for a moment the unlikely possibility that music and movie studio research discovers an uncrackable way to hide a key, such that only authorised software can reconstruct it. But at some point in the chain of events between your song or movie being legitimately decrypted, and when it emerges on your speaker or monitor, the file exists in your playback device's memory in unencrypted form. Even though this occurs in small chunks at a time it is possible for an enterprising cracker to discover the region of computer memory where it resides, and take a copy of the unencrypted media chunks. Reassemble the chunks, and voilĂ , you have a perfect copy of unencrypted media. Perhaps the best known example is software that extracts songs being played back with iTunes. Apple quite successfully figured out how to hide keys on a system. So successfully that it was easier for crackers to extract the files from memory after iTunes decrypted it for them. Operating systems like Vista now go to great lengths to provide internal media playback services that retain DRM until the the last possible moment before it emerges from your screen or speakers. These systems partly rely on the latest generation of audio/video connector standards, such as HDMI/HDCP. But even then, there is the assumption that all the hardware manufacturers play ball. There is already an example of HDMI hardware that removes HDCP protection. In fact, I believe digital audio/video connectors is one of the dumbest decisions that the entertainment industry could make if they are serious about DRM. Sure, we get much better quality, but we also get more opportunities to make perfect digital copies.

So why would a return to analog technology make DRM easier for the studios? Analog signals have the property that it's essentially impossible to make a perfect copy. In contrast, there's negligible error in digital to digital copies. This is because analog has an infinite range of values, not just 0 and 1's. Even the best hi-fidelity hardware and recording formats cannot perfectly reproduce an analog signal. At a physics level, electrical components all inject a small amount of noise into analog signals. Digital is so much better because you can continuously clean up all that noise (to restore things back 1's and 0's), but in analog you don't know what's noise and what's real signal. Think back to the dark days of VHS tapes. Even leaving aside technologies such as MacroVision, when you tried to copy a VHS tape from the video store to another VHS tape, the end result was often really poor quality. If your friend then tried to copy your copy, then the result might be unwatchable. Hang on to your copy for a year or two and it would also become unwatchable because the analog magnetic signals (and the plastic tape) degrade over time. In short, even though copying was fairly easy, there were serious physical constraints on how far a copy could propagate. These days, thanks to the media studios fascination with the idea that digital technologies are easier to protect, illegal digital copies can very quickly and perfectly be distributed around the planet.

Footnotes: * This is a simplification of CSS encryption for DVDs. Part of the key resides with the playback device. The situation becomes even more complex in AACS encryption for HD-DVD/BluRay; but doesn't alter the basic argument.

Friday, May 4, 2007

Nuclear Fusion and Politics

We have a much better chance of saving the planet if we can teach our politicians the difference between nuclear fission, and nuclear fusion.

So what is the difference?

Nuclear fission is what we all know, benefit from, but have secret fears of. It involves mining a really heavy element from the earth, uranium, and splitting its atoms to create a slightly lighter atoms and an awful lot of heat. We use the heat to boil water to run a turbine, which in turn generates the electricity. We then re-bury the slightly lighter atoms because they have the tendency to keep becoming lighter, i.e., they are radioactive. This is nuclear waste. The other unfortunate part is that fission is naturally pretty unstable. If the control mechanisms used in nuclear fission fail, we have, in the worst case, a Chernobyl like incident.

Nuclear fusion on the other hand, is an important potential technology to generate large amounts of power from just water, and leaving no harmful waste products. It's kind of the reverse of fission. Instead of splitting atoms to get lighter atoms and heat, you fuse atoms to get heavier elements and heat. Sounds bizarre? But we know it works because it created life on this planet and maintains life: the sun is a giant nuclear fusion reactor, turning light hydrogen and helium into a spectrum of heavier elements. We also know it works because it has been done in large scale experiments.

So what's the catch? Well, to produce the kind of fusion that generates power, you need a really, really, really hot environment. Basically the kind of temperatures you get in the sun. Just maintaining such a reactor at temperatures that melt most metals is a tough scientific and engineering challenge. And it's a political challenge because such research doesn't come cheap. But spend a fraction of the amount that the planet spends on war and defence each year, and that buys quite a few experimental reactors.

You might have heard of cold fusion. The idea is that you can fuse atoms together without the big temperatures. This is, despite some damaging frauds late last century, well proven. The big BUT is that you probably can't get power this way... there's no excess energy released by such cold processes. There's still enough hope in cold processes that the US defence agencies put money into it.

Just imagine... a source of massive amounts of energy, with water for fuel, and no pollutants. Mind-boggling up front investment is required, but you don't have to then carve up the planet looking for fuel. And best of all, with near unlimited power, you can start to actively clean up the planet by removing our dependence on fossil fuels, scrubbing the atmosphere of harmful chemicals, and reversing the trend of rising temperatures in the oceans.

So next time you have a politician to yourself, explain the difference!

I'm writing this post because I attended a dinner by a prominent federal politician, who in response to a question about fusion, managed to demonstrate that he had no clue that it is different from fission. I suspect the fusion confusion is wide spread, and that slows down funding to the area.

Wednesday, April 11, 2007

Software development is a mug's game

What's wrong with current software development?
  1. Emphasis on features rather than robustness or user friendliness.
  2. Despite the combinatorical explosion in the possible choices of language/gui framework/compiler/platform for development, there is no clear winner. All software lacks either ease of use, robustness, or portability.
  3. Defacto standards create monopolies, no matter how poor the standard... e.g., MS Word .doc format and Excel .xls. For an outsider, it's extremely difficult to penetrate both these formats and these markets.
  4. Good software developers are like gold... Google and MS can hire them on the principal that it's better to stop anyone else getting them. Everyone else is dealing with the rejects.
  5. Most universities are now geared to vocational studies rather than producing graduates that know anything about the fudamentals of software engineering or computer science.
  6. Most programmer employers don't know the difference between computer science and software engineers.
  7. Most companies don't follow fundamental software engineering practices, like requirements gathering and testing.... which frequently leads to problem 1.
  8. Insistance on legacy support causes robustness issues and stifles creativity.
  9. Insistance on binary legacy support creates Microsoft Windows.