recentpopularlog in

charlesarthur : software   74

Apple announces release dates for OS updates, new iPhones, and Apple Watch • MacStories
What I find so interesting here is how close the release of 13.0 and 13.1 are: just 11 days apart. Typically, it's six weeks. Something has really changed about how Apple has handled this update regime.
apple  software 
11 days ago by charlesarthur
Navy reverting DDGs back to physical throttles, after fleet rejects touchscreen controls • USNI News
Megan Eckstein:
<p>The Navy will begin reverting destroyers back to a physical throttle and traditional helm control system in the next 18 to 24 months, after the fleet overwhelmingly said they prefer mechanical controls to touchscreen systems in the aftermath of the fatal USS John S. McCain (DDG-56) collision.

The <a href="https://news.usni.org/2019/08/06/ntsb-lack-of-navy-oversight-training-were-primary-causes-of-fatal-mccain-collision">investigation into the collision</a> showed that a touchscreen system that was complex and that sailors had been poorly trained to use contributed to a loss of control of the ship just before it crossed paths with a merchant ship in the Singapore Strait. After the Navy released a Comprehensive Review related to the McCain and the USS Fitzgerald (DDG-62) collisions, Naval Sea Systems Command conducted fleet surveys regarding some of the engineering recommendations, Program Executive Officer for Ships Rear Adm. Bill Galinis said.

“When we started getting the feedback from the fleet from the Comprehensive Review effort – it was SEA 21 (NAVSEA’s surface ship lifecycle management organization) that kind of took the lead on doing some fleet surveys and whatnot – it was really eye-opening. And it goes into the, in my mind, ‘just because you can doesn’t mean you should’ category. We really made the helm control system, specifically on the [DDG] 51 class, just overly complex, with the touch screens under glass and all this kind of stuff,” Galinis said during a keynote speech at the American Society of Naval Engineers’ annual Fleet Maintenance and Modernization Symposium.</p>


I saw this via Tony Fadell (as in, the iPod and Nest). Now if Elon Musk had tweeted it, that would have been really notable and I'd have expected retrofits on Teslas. As it is...

Also, the reason why the iPhone had a touchscreen was to allow a single screen to do multiple jobs via software. That's just not the case for an engine throttle, which is a classic YHOJ.
navy  touchscreen  software  ux  ui 
5 weeks ago by charlesarthur
The best algorithms struggle to recognize black faces equally • Wired
Tom Simonite:
<p>
Idemia’s algorithms don’t always see all faces equally clearly. July <a href=“https://www.nist.gov/sites/default/files/documents/2019/07/03/frvt_report_2019_07_03.pdf”>test results from the National Institute of Standards and Technology</a> indicated that two of Idemia’s latest algorithms were significantly more likely to mix up black women’s faces than those of white women, or black or white men.

The NIST test challenged algorithms to verify that two photos showed the same face, similar to how a border agent would check passports. At sensitivity settings where Idemia’s algorithms falsely matched different white women’s faces at a rate of one in 10,000, it falsely matched black women’s faces about once in 1,000—10 times more frequently. A one in 10,000 false match rate is often used to evaluate facial recognition systems.

Donnie Scott, who leads the US public security division at Idemia, previously known as Morpho, says the algorithms tested by NIST have not been released commercially, and that the company checks for demographic differences during product development. He says the differing results likely came from engineers pushing their technology to get the best overall accuracy on NIST’s closely watched tests.</p>
Facialrecognition  software  machinelearning 
8 weeks ago by charlesarthur
D-Link agrees to new security monitoring to settle FTC charges • Ars Technica
:
<p>Tuesday’s agreement settles a 2017 complaint by the US Federal Trade Commission that alleged D-Link left thousands of customers open to potentially costly hack attacks. The hardware maker, the FTC said, failed to test its gear against security flaws ranked among the most critical and widespread by the Open Web Application Security Project. The 2017 suit also said that, despite the lack of testing and hardening of its products, D-Link misrepresented its security regimen as reasonable.
Specific shortcomings cited by the FTC included:

• hard-coded login credentials on its D-Link camera software that used easily guessed passwords<br />• storing mobile app login credentials in human-readable text on a user’s mobile device<br />• expressly or implicitly describing its hardware as being secure from unauthorized access<br />• repeatedly failing to take reasonable testing and remediation measures to protect hardware from well-known and easily preventable software security flaws

“We sued D-Link over the security of its routers and IP cameras, and these security flaws risked exposing users’ most sensitive personal information to prying eyes,” Andrew Smith, director of the FTC’s Bureau of Consumer Protection, said in a <a href="https://www.ftc.gov/news-events/press-releases/2019/07/d-link-agrees-make-security-enhancements-settle-ftc-litigation">release</a>.</p>


There are almost surely more egregious IoT flaws out there, but they simply haven't come to the FTC's notice. (Though my current router has had a firmware upgrade available for roughly two years, and I haven't wanted to install it because, well, it works fine at the moment.)
dlink  iot  software  hacking 
11 weeks ago by charlesarthur
The coming Boeing bailout? • Matt Stoller
Matt Stoller writes about monopolies and industrial concentration:
<p>Bad procurement is one reason (aside from military officials going into defense contracting work) why military products are often poor quality or deficient. For instance, the incredibly expensive joint strike fighter F-35 is a mess, and the Navy’s most expensive aircraft carrier, costing $13bn, was recently delivered without critical elevators to lift bombs into fighter jets. Much of this dynamic exists because of a lack of competition in contracting for major systems, a result of the consolidation [DoD official Bill] Perry pushed [on military contractors] in the early 1990s. Monopolies don’t have to produce good quality products, and often don’t.

At any rate, when McDonnell Douglas took over Boeing, the military procurement guys took over aerospace production and design. The company began a radical outsourcing campaign, done for political purposes. In defense production, plants went to influence Senators and Congressmen; in civilian production, Boeing started moving production to different countries in return for airline purchases from the national airlines.

Engineers immediately recognized this offshoring as a disaster in the making. In 2001, a Boeing employee named L. Hart Smith published a paper criticizing the business strategy behind offshoring production, noting that vital engineering tasks were being done in ways that seemed less costly but would end up destroying the company. He was quickly proved right.</p>


A good view on what's been going on at Boeing to make the 737 Max calamity inevitable.
boeing  business  software 
11 weeks ago by charlesarthur
Boeing's 737 Max software outsourced to $9-an-hour engineers • Bloomberg
Peter Robison:
<p>Increasingly, the iconic American planemaker and its subcontractors have relied on temporary workers making as little as $9 an hour to develop and test software, often from countries lacking a deep background in aerospace - notably India.

In offices across from Seattle’s Boeing Field, recent college graduates employed by the Indian software developer HCL Technologies Ltd. occupied several rows of desks, said Mark Rabin, a former Boeing software engineer who worked in a flight-test group that supported the Max.

The coders from HCL were typically designing to specifications set by Boeing. Still, “it was controversial because it was far less efficient than Boeing engineers just writing the code,” Rabin said. Frequently, he recalled, “it took many rounds going back and forth because the code was not done correctly.”

Boeing’s cultivation of Indian companies appeared to pay other dividends. In recent years, it has won several orders for Indian military and commercial aircraft, such as a $22bn one in January 2017 to supply SpiceJet Ltd. That order included 100 737-Max 8 jets and represented Boeing’s largest order ever from an Indian airline, a coup in a country dominated by Airbus.

Based on resumes posted on social media, HCL engineers helped develop and test the Max’s flight-display software, while employees from another Indian company, Cyient Ltd., handled software for flight-test equipment.

In one post, an HCL employee summarized his duties with a reference to the now-infamous model, which started flight tests in January 2016: “Provided quick workaround to resolve production issue which resulted in not delaying flight test of 737-Max (delay in each flight test will cost very big amount for Boeing).”</p>


Boeing says those programmers didn't do the MCAS software that's blamed for the crashes. There seems to be a deeper problem at Boeing, dumping its institutional memory (experienced staff) on the basis that its products are "mature".
software  india  boeing  outsourcing 
12 weeks ago by charlesarthur
Before you use a password manager • Medium
Stuart Schechter:
<p>In this article, I’ll start by examining the benefits and risks of using a password manager. It’s hard to overstate the importance of protecting the data in your password manager, and having a recovery strategy for that data, so I’ll cover that next. I’ll then present a low-risk approach to experimenting with using a password manager, which will help you understand the tough choices you’ll need to make before using it for your most-important passwords. I’ll close with a handy list of the most important decisions you’ll need to make when using a password manager.

There are a lot of password managers to choose from. There’s a password manager built into every major web browser today, and many stand-alone password managers that work across browsers. In addition to remembering your passwords, most password managers will type your password into login forms. The better ones will create randomly-generated passwords for you, ensuring that you’re not using easily-guessed passwords or re-using passwords between sites. Some will even identify passwords you’ve re-used between sites and help you replace them.
</p>


The low-risk approach seems like a good plan. It's the idea of jumping in that many people find problematic.
security  software  privacy  password 
june 2019 by charlesarthur
Display the macOS Dock in the Touch Bar • Pock
Pierluigi Galdi:
<p>Display your macOS Dock in the Touch Bar.
It's free and open source!</p>


My first reaction is that this is a great idea, though looking at my Dock, it has 56 apps, 31 of them open, and 5 folders, plus the Trash. They're pretty small because I have the Dock on the left-hand side of the screen - leaving it on the bottom is a criminal waste of space.

I guess there's more real estate in the Touch Bar? (I don't yet have a Touch Bar Mac.) Then again, I've got a lot of apps I never use in there, and when I launch apps I tend to do it via Spotlight.

Plus the Dock has one advantage: if you click and hold on an icon, you get a menu of all the open windows and can navigate directly to any of them. Probably can't do that with Pock. Even so, nice idea.
software  mac  dock 
june 2019 by charlesarthur
P2P weakness exposes millions of IoT devices • Krebs on Security
Brian Krebs:
<p>The security flaws involve iLnkP2P, software developed by China-based Shenzhen Yunni Technology. iLnkP2p is bundled with millions of Internet of Things (IoT) devices, including security cameras and Webcams, baby monitors, smart doorbells, and digital video recorders.

iLnkP2P is designed to allow users of these devices to quickly and easily access them remotely from anywhere in the world, without having to tinker with one’s firewall: Users simply download a mobile app, scan a barcode or enter the six-digit ID stamped onto the bottom of the device, and the P2P software handles the rest.

<img src="https://krebsonsecurity.com/wp-content/uploads/2019/04/i-lnk-map.jpg" width="100%" />

But according to an in-depth analysis shared with KrebsOnSecurity by security researcher Paul Marrapese, iLnkP2P devices offer no authentication or encryption and can be easily enumerated, allowing potential attackers to establish a direct connection to these devices while bypassing any firewall restrictions.

Marrapese said a proof-of-concept script he built identified more than two million vulnerable devices around the globe (see map above). He found that 39% of the vulnerable IoT things were in China; another 19% are located in Europe; 7% of them are in use in the United States.</p>


You might say "why would you trust Chinese P2P software?" but the problem is that it's often embedded in the device, and you don't really get a chance to query it. And Chinese software is notoriously bad. There'll be a botnet using these within a few days, at a guess.
china  p2p  software  hacking 
april 2019 by charlesarthur
How the Boeing 737 Max disaster looks to a software developer • IEEE Spectrum
Gregory Travis:
<p>Long ago there was a joke that in the future planes would fly themselves, and the only thing in the cockpit would be a pilot and a dog. The pilot’s job was to make the passengers comfortable that someone was up front. The dog’s job was to bite the pilot if he tried to touch anything.

On the 737, Boeing not only included the requisite redundancy in instrumentation and sensors, it also included redundant flight computers—one on the pilot’s side, the other on the copilot’s side. The flight computers do a lot of things, but their main job is to fly the plane when commanded to do so and to make sure the human pilots don’t do anything wrong when they’re flying it. The latter is called “envelope protection.”

Let’s just call it what it is: the bitey dog.

Let’s review what the MCAS does: It pushes the nose of the plane down when the system thinks the plane might exceed its angle-of-attack limits; it does so to avoid an aerodynamic stall. Boeing put MCAS into the 737 Max because the larger engines and their placement make a stall more likely in a 737 Max than in previous 737 models.

When MCAS senses that the angle of attack is too high, it commands the aircraft’s trim system (the system that makes the plane go up or down) to lower the nose. It also does something else: Indirectly, via something Boeing calls the “Elevator Feel Computer,” it pushes the pilot’s control columns (the things the pilots pull or push on to raise or lower the aircraft’s nose) downward.</p>


Related to yesterday's link about Boeing, I received this email from Drew, one of our readers.
software  boeing  aviation 
april 2019 by charlesarthur
Boeing 737 MAX software fix: easy to upload, harder to approve • Reuters
Eric Johnson, David Shepardson and Allison Lampert:
<p>Boeing engineers armed with laptops and thumb drives will be able to upload a crucial software fix for the 737 MAX anti-stall system in about an hour. That’s the easy part.

Before Boeing’s workhorse of the future can resume flying, the upgrade must first be approved by the US Federal Aviation Administration (FAA) and then by wary regulators around the globe who have grounded it in the wake of two deadly crashes.

Regulators in China, Europe and Canada have signaled they will not rubber stamp an FAA decision to allow the planes back into the air but conduct their own reviews.

With the FAA under pressure for its role in certifying the newest 737, and other regulators challenging its leadership of the airline safety system, Boeing’s money-spinning jet could remain parked for months.

“We are guessing this thing’s not going to be put to bed until the July or August time frame,” said Charlie Smith, chief investment officer at Fort Smith Capital Group, which holds shares in Boeing.

The world’s largest planemaker has been working on the upgrade for its MCAS stall-prevention system since October’s Lion Air crash, when pilots are believed to have lost a tug of war with software that repeatedly pushed the nose down.</p>


The FAA now has the same problem as Boeing: persuading people that its decisions are safe. Just a part of Trump's legacy (the FAA director position hasn't been formally filled).
faa  boeing  software  mcas 
march 2019 by charlesarthur
Ethiopian Air crash: where did Boeing go wrong with the 737 Max? • Slate
Jeff Wise:
<p>To maintain its lead, Boeing had to counter Airbus’ move [of rolling out the A320neo in 2014]. It had two options: either clear off the drafting tables and start working on a clean-sheet design, or keep the legacy 737 and polish it. The former would cost a vast amount—its last brand-new design, the 787, cost $32bn to develop—and it would require airlines to retrain flight crews and maintenance personnel.

Instead, it took the second and more economical route and upgraded the previous iteration. Boeing swapped out the engines for new models, which, together with airframe tweaks, promised a 20% increase in fuel efficiency. In order to accommodate the engine’s larger diameter, Boeing engineers had to move the point where the plane attaches to the wing.

This, in turn, affected the way the plane handled. Most alarmingly, it left the plane with a tendency to pitch up, which could result in a dangerous aerodynamic stall. To prevent this, Boeing added a new autopilot system that would pitch the nose down if it looked like it was getting too high. According to a preliminary report, it was this system that apparently led to the Lion Air crash.

If Boeing had designed a new plane from scratch, it wouldn’t have had to resort to this kind of kludge. It could have designed the airframe for the engines so that the pitch-up tendency did not exist. As it was, its engineers used automation to paper over the aircraft’s flaws. Automated systems can go a long way toward preventing the sorts of accidents that arise from human fecklessness or inattention, but they inherently add to a system’s complexity. When they go wrong, they can act in ways that are surprising to an unprepared pilot. That can be dangerous, especially in high-stress, novel situations. Air France 447 was lost in 2009 after pilots overreacted to minor malfunctions and became confused about what to expect from the autopilot.</p>


This seems to have been the cause of the Ethiopian Air crash. The UK has grounded all upgraded 787s. And <a href="https://www.nytimes.com/2019/02/03/world/asia/lion-air-plane-crash-pilots.html">the NYT was writing about the Lion Air crash</a> - and the associated changes - at the start of February. The Ethiopian Air crash seems to have been avoidable, if the lessons had been learned quickly enough.
boeing  autopilot  software  design 
march 2019 by charlesarthur
America’s cities are running on software from the ’80s • Bloomberg
Romy Vaghese:
<p>The impetus for change is often public outcry over a crisis, such as the chaotic 2009 crash of a disco-era computer system regulating traffic signals in Montgomery County, Md., or the cyberattacks that brought Atlanta’s government to a standstill last March. And promises to improve are no guarantee of success: Minnesota spent about a decade and $100m to replace its ancient vehicle-licensing and registration software, but the new version arrived with so many glitches in 2017 that Governor Tim Walz has asked for an additional $16m to fix it.

Of course, improvements cost money that constituents don’t always want to pay. “We’re dealing with an irrational public who wants greater and greater service delivery at the same time they want their taxes to be lower,” says Alan Shark, executive director of the Public Technology Institute, an association for municipal tech officials.

In San Francisco the assessor uses a Cobol-based system called AS-400, whose welcome screen reads, “COPYRIGHT IBM CORP., 1980, 2009.” As the city tax rolls jumped 22% over two years, workers were struggling to keep track of the changes on their ancient systems. At one point they fell three years behind. It’s a “lot of manual work” just to perform basic functions, Chu says.

Searches that should seem simple take much longer because of the system’s quirks. If a resident contacts the agency saying her house should have a different assessed value, a worker has to look up the block and identification number that’s technically taxed; there’s no way to filter by address. Also, all street numbers need to have four digits, so 301 Grove St. becomes 0301 Grove St. Another problem: The system doesn’t flag data entry mistakes, such as if a worker misidentified 301 Grove St. as 0031 Grove St. </p>


Got to love the way that the hard-coded systems rule the way people function. (Side note: long time since Cobol appeared here.)
america  cities  software  cobol 
march 2019 by charlesarthur
Lessons from 6 software rewrite stories • Medium
Herb Caudill:
<p>Almost two decades ago, Joel Spolsky excoriated Netscape for rewriting their codebase in his landmark essay <a href="https://www.joelonsoftware.com/2000/04/06/things-you-should-never-do-part-i/">Things You Should Never Do</a>.
He concluded that a functioning application should never, ever be rewritten from the ground up. His argument turned on two points:<br />• The crufty-looking parts of the application’s codebase often embed hard-earned knowledge about corner cases and weird bugs.<br />• A rewrite is a lengthy undertaking that keeps you from improving on your existing product, during which time the competition is gaining on you.

For many, Joel’s conclusion became an article of faith; I know it had a big effect on my thinking at the time. In the following years, I read a few contrarian takes arguing that, under certain circumstances, it made a lot of sense to rewrite from scratch. For example:
• Sometimes the legacy codebase really is messed up beyond repair, such that even simple changes require a cascade of changes to other parts of the code.<br />• The original technology choices might be preventing you from making necessary improvements.<br />• Or, the original technology might be obsolete, making it hard (or expensive) to recruit quality developers.

The correct answer, of course, is that it depends a lot on the circumstances. Yes, sometimes it makes more sense to gradually refactor your legacy code. And yes, sometimes it makes sense to throw it all out and start over.

But those aren’t the only choices. Let’s take a quick look at six stories, and see what lessons we can draw.</p>


Netscape, Basecamp, Visual Studio, Gmail/Inbox, Fogbugz/Trello, FreshBooks/BillSpring. In depth, fascinating.
software  programming 
february 2019 by charlesarthur
A few days with the Luna Display • All this
Doctor Drang got a <a href="https://lunadisplay.com">Luna Display</a> (which plugs into a Mac and turns an iPad into a wireless second display. He didn't like it, and took it back:
<p>everything felt wrong when I was running Mac apps through my iPad. Buttons were too small, even when I tried tapping on them with the Pencil. Resizing windows was a chore; dragging felt off. I confess I didn’t spend time examining why the behavior just didn’t feel right, but it didn’t.

I use both my Macs and my iPad a lot, and while I don’t have any trouble switching between the two, I found it very annoying to be forced into using Mac-like actions on an iPad. This was surprising to me, as I have nearly 35 years of Mac use under my belt and only 2½ years of iPad use. But my immediate sense—a sense that didn’t change over the 4–5 days I used the Luna—was one of unease.

Would I have felt this unease had I been using the Luna Display in a more keyboard-centric manner? Maybe not. And I can see where people who are iPad-first users would find the Luna very convenient if they only occasionally need to be hands-on with their Mac mini server. But for my use, the neither-fish-nor-fowl behavior that the Luna forced me into was very inconvenient. It made me have to think about what I was doing instead of just doing it, and that got in the way of my real work.</p>
ipad  mac  software 
january 2019 by charlesarthur
Word processor inventor Evelyn Berezin has died • Quartz
Corinne Purtill:
<p>After graduating from New York University in 1945 with a degree in physics, Berezin became interested in the nascent computer industry. Her particular expertise was building computing networks for a specific task. In 1962, as an employee of the company Teleregister, she built a computerized booking system for United Airlines, the first system of its kind.

Yet opportunities for women in tech’s early days were extremely limited. Berezin told NPR that a 1960 job offer from the New York Stock Exchange was rescinded because, the hiring manager told her apologetically, “They said that you were a woman, you’d have to be on the stock market floor from time to time. And the language on the floor was not for a woman’s ears.”

If she wanted to move up at a company, she realized, she would have to create it herself. She founded Redactron in 1969 with the goal of creating a tool that would revolutionize the workplace—the word processor. Two years later, Redactron brought to market the Data Secretary, a device that transformed the laborious work of producing documents. Redactron sold 10,000 of its $8,000 machines to law firms and corporate offices before being sold in 1976, as its larger competitor IBM flooded the market with alternatives, according to the New York Times.

Berezin went on to serve on the boards of several companies and as a fellow of the Computer History Museum. She was inducted in 2011 into the Women in Technology Hall of Fame.</p>


Not into the Technology Hall of Fame? Those two inventions are basically what keeps the modern world going.
wordprocessing  software 
december 2018 by charlesarthur
Notice: Google Fusion Tables turndown • Google Support
Where by "turndown" what they mean is "death":
<p>Google Fusion Tables and the Fusion Tables API will be turned down December 3, 2019. Embedded Fusion Tables visualizations — maps, charts, tables and cards — will also stop working that day. Maps using the Fusion Tables Layer in the Maps JavaScript API v3.37 will start to see errors in August 2019.

Fusion Tables was launched almost nine years ago as a research project in Google Labs, later evolving into an experimental product. For a long time, it was one of the few free tools for easily visualizing large datasets, especially on a map.

Since then, several Google alternatives have been developed, providing deeper experiences in more specialized domains.

Google BigQuery – Fast, highly scalable, cost-effective, and fully managed cloud data warehouse for analytics, with built-in machine learning…

Google Cloud SQL (…Fully-managed database service)

Google Sheets (…Fusion Tables can be imported into Google Sheets.)

Google Data Studio (…Data Studio is Google’s free-to-use business intelligence tool.)

Coming soon – Teams at Google have developed internal tools that can create powerful map visualizations. We are working to make some of these tools publicly available and will have more to share in the coming months—sign up to stay in touch.</p>

OK, so there are paths forward; but this will break a lot of embedded older content. There's always a hidden price in "free"; the difficulty is always figuring out where it is before you commit yourself beyond the point where it costs more than paying.
Google  fusiontables  support  software  web 
december 2018 by charlesarthur
The IoT needs a new set of eyes • IEEE Spectrum
Stacey Higginbotham:
<p>two challenges [are] driving the silicon shift. First, processing power: Many of these [IoT] cameras try to identify specific objects by using machine learning. For example, an oil company might want a drone that can identify leaks as it flies over remote oil pipelines. Typically, training these identification models is done in the cloud because of the enormous computing power required. Some of the more ambitious chip providers believe that in a few years, not only will edge-based chips be able to match images using these models, but they will also be able to train models directly on the device.

That’s not happening yet, due to the second challenge that silicon providers face. Comparing images with models requires not just computing power but actual power. Silicon providers are trying to build chips that sip power while still doing their job. Qualcomm has one such chip, called Glance, in its research labs. The chip combines a lens, an image processor, and a Bluetooth radio on a module smaller than a sugar cube.

Glance can manage only three or four simple models, such as identifying a shape as a person, but it can do it using fewer than 2 milliwatts of power. Qualcomm hasn’t commercialized this technology yet, but some of its latest computer-vision chips combine on-chip image processing with an emphasis on reducing power consumption.

But does a camera even need a lens? Researchers at the University of Utah suggest not, having invented a lensless camera that eliminates some of a traditional camera’s hardware and high data rates. Their camera is a photodetector against a pane of plexiglass that takes basic images and converts them into shapes a computer can be trained to recognize.

This won’t work for jobs where high levels of detail are important, but it could provide a cheaper, more power-efficient view of the world for computers fulfilling basic functions.</p>

If you know the lens's distortion, you can adjust for it in software.
Iot  camera  software 
november 2018 by charlesarthur
Oi, Elon: you Musk sort out your Autopilot! Tesla loyalists tell of code crashes, near-misses • The Register
Thomas Claburn:
<p>The car biz has plenty of ardent fans who love the idea of beta testing buggy code at high speeds and reflexively characterize critics as trolls or short sellers of Tesla stock. There are of course people who highlight Autopilot problems with an eye toward investment, as can be seen from this tweet.

But there are also customers who worry the technology isn't ready and isn't safe, without an ulterior motive.

Effusive reviews of the latest Autopilot update can be found, as can less positive ones, such as a detailed critique posted to the Tesla Motors Club forum earlier this month that notes Navigate on Autopilot "tries to kill you any time a lane ends."

Twitter user @trumpery45, posting under the name Justin, gathered a collection of replies to the Tesla's leader's request for fix suggestions in his Twitter feed. The Register asked Justin whether we could attribute his observations to a full name but he expressed reticence, citing the potential for harassment by Tesla fanatics.</p>


I wonder if the Tesla fanatics (there's a ton of them on Twitter) actually own Tesla cars and use Autopilot, because you'd think their numbers would be getting thinned out. The tweets that follow in the story show there's a significant problem.
tesla  autopilot  software 
november 2018 by charlesarthur
Estimating project costs? If statements should cost $10,000 each • Dave Rupert
Dave Rupert:
<p>“Whoa, whoa, whoa, that would never work” I hear you say. But there’s never been an easier way to convey the scope and cost of a project than if-statement based billing. What is an if-statement? An if-statement is the most essential unit of business logic. A small piece of logic that will linger in your codebase for the life of the entire project. Larger software applications have more business logic, thus are more expensive. We can use if-statements as a proxy for complexity and bill accordingly. At the end of the day developers can count up the number of if-statements and invoice the corresponding cost centers.

What about small projects, you say? Well, the beauty of this is something simple like a blog is actually free! Free website? Yes, please.

But let’s say your app has a logged-in or logged-out state, well, that’s at least 2 if-statements. Starting price: $20,000. Never before has it been this easy to price and scope out complex stateful apps!

Do you build Component Systems? Simple static components are free. But most components increase their cost due to the The Nine States of Design. Each component likely has a mix of “none”, “one”, “some”, “too many”, “error”, and “done” states. That’s a lot of logic and use cases packed into a little module, so it’s gonna cost ya. But you’ll rest assured that you’ve covered all your bases as well as billed appropriately.

Need an if-statement with 2 conditionals? Look, I’m not a scam artist so I’ll give you the second conditional at half-price. But if it gets any more complex than that and we <a href="https://twitter.com/davatron5000/status/1044698430319267841>have to build a big juicy Karnaugh Map</a>, that gets into bitwise operators (which are generally a terrible idea in JavaScript) and will double the cost per switch case.</p>

This is both hilarious and yet also true.
Software  programming  estimation  project 
october 2018 by charlesarthur
Sonos now lets you update devices automatically • Android Police
Rita El Khoury:
<p>Our connected life is certainly getting more complex with time. With the convenience of smart/Wi-Fi enabled devices comes the trouble of keeping everything up-to-date. Some companies choose to stick with manual updates, forcing you to manually approve every minor version change. Others opt for automatic updates, removing the guesswork and friction out of the process. Sonos used to be part of the first category, but now the company has added an option for seamless updates.

In the latest Sonos app update to v9.2 (APK Mirror), there's a new Automatic Updates toggle under System Updates. Flip it on and you can set your Sonos updates to happen overnight to avoid disrupting your listening during the day.</p>


Same on iOS. Thank the flipping stars for that. I love Sonos's stuff, but the nagging about updates and the impossibility of just letting it get on and do it has been a pain for ages.
sonos  software  updates 
october 2018 by charlesarthur
Lessons from losing a week of photos to memory card failure • QT Luong's Blog
Mr Luong:
<p>Landscape expeditions can be taxing in the long days of summer, even more so if you are also doing night photography. After flying to Seattle, I arrived at the coast of Olympic National Park around 11 PM – many view Treasured Lands as a culmination of my work in the national parks, but I am far from being done with them! Seeking stars, I woke up before 2 AM for the short window between moonset and astronomical twilight. However, the marine layer had rolled in while I was hiking to the beach, and I shivered until past sunrise time without even seeing a sliver of sky. The next day, since I had to drive from Heart of the Hills Campground and hike 45 minutes to Hurricane Hill, I rose before 1 AM.

[He captured a beautiful shot. Click through the headline to see it.]

On the last day, temperatures in the inland plains of Hanford Reach rose above 100F. When I came home from the week-long trip, I went straight to bed. The next morning, I reached for my cameras, took the memory card out, and inserted into the card reader. This resulted in the dreaded…

<img src="https://www.terragalleria.com/images-misc/mac-unformated-drive.jpg" width="100%" /></p>


Uh-oh. Though his experience was very unusual.
memorycard  software 
september 2018 by charlesarthur
Software disenchantment • tonsky.me
Nikita Tonsky is in software development:
<p>Look around: our portable computers are thousands of times more powerful than the ones that brought man to the moon. Yet every other webpage struggles to maintain a smooth 60fps scroll on the latest top-of-the-line MacBook Pro. I can comfortably play games, watch 4K videos but not scroll web pages? How is it ok?

Google Inbox, a web app written by Google, running in Chrome browser also by Google, takes 13 seconds to open moderately-sized emails.

It also animates empty white boxes instead of showing their content because it’s the only way anything can be animated on a webpage with decent performance. No, decent doesn’t mean 60fps, it’s rather “as fast as this web page could possibly go”. I’m dying to see web community answer when 120Hz displays become mainstream. Shit barely hits 60Hz already.

Windows 10 takes 30 minutes to update. What could it possibly be doing for that long? That much time is enough to fully format my SSD drive, download a fresh build and install it like 5 times in a row.

Modern text editors have higher latency than 42-year-old Emacs. Text editors! What can be simpler? On each keystroke, all you have to do is update tiny rectangular region and modern text editors can’t do that in 16ms. It’s a lot of time. A LOT. A 3D game can fill the whole screen with hundreds of thousands (!!!) of polygons in the same 16ms and also process input, recalculate the world and dynamically load/unload resources. How come?</p>
software  programming  performance 
september 2018 by charlesarthur
Tesla touchscreens to offer minimalist 'fade mode' • Engadget
Nick Summers:
<p>Screens can be distracting and, therefore, dangerous if you're driving an expensive car down the freeway. If you own a Tesla, though, fear not: the company is adding a software feature that will make its giant touchscreens less intrusive. Tesla CEO Elon Musk, replying to a tweet by EV owner Andrew Gold, confirmed that a "fade mode" will soon be added that hides all but "essential info." It sounds like a neat option, and heck -- if the display isn't working so hard, maybe it will save some battery life too?

Fade Mode will form part of version 9, a highly anticipated firmware update for Tesla's electric fleet. The update will change the UI in the Model S and crossover Model X to be closer to the Model 3. It should also include some "significant advancements in autonomy," Musk hinted on a conference call in August. The company's autopilot software could be patched with a long-anticipated "on-ramp to off-ramp solution" that will move into faster lanes on the freeway, identify your exit, move into the correct lane for the exit and then hand back control at a suitable time.</p>


Can't think that having a stonking big tablet just by the steering wheel is anything but a massive distraction. Physical controls on the dashboard might be old-fashioned but they have terrific affordance: you know what the controls can do just by feeling them, in general.
tesla  software  controls 
september 2018 by charlesarthur
The war over supercooled water • Physics Today
Ashley Smart:
<p>[Renowned chemist David Chandler] and a graduate student, David Limmer [from UCal Berkeley], had used simulations to explore what happens when liquid water is cooled far below its freezing point. It was well known that pristine water—free of dust and other impurities on which ice crystals can nucleate—can be supercooled tens of degrees below 0 °C without freezing. But below what’s called the homogeneous nucleation temperature, around –40 °C, the liquid crystallizes almost instantly, no matter the purity. Chandler and Limmer wanted to know what that deeply supercooled water looks like in the instant before it freezes. What they found was seemingly unremarkable: at every temperature and pressure, the liquid basically resembled ordinary water.

To Princeton University’s Pablo Debenedetti, however, that result was mind-boggling. Two years earlier, Debenedetti and his coworkers had done their own simulations of supercooled water, at temperatures and pressures similar to those Chandler described. The Princeton simulations had revealed something far more intriguing. Yes, the liquid could take a high-density form that resembled water. But it could also take a low-density form, with the molecules arranged into airy hexagons reminiscent of those in ice. The water could morph back and forth between those two forms in much the same way it morphs between ice and liquid, or liquid and vapor.

In his 20-minute presentation, attended by many of the biggest names in condensed-matter theory, Chandler was essentially declaring that the Princeton team had gotten it wrong. “It was a matter of people saying, ‘Who are you going to believe, Chandler or Debenedetti?’” recalls Angell. “And Chandler carried the bigger stick.”

Over the next seven years, the perplexing discrepancy would ignite a bitter conflict, with junior scientists caught in the crossfire. At stake were not only the reputations of the two groups but also a peculiar theory that sought to explain some of water’s deepest and most enduring mysteries. Earlier this year, the dispute was finally settled. And as it turns out, the entire ordeal was the result of botched code.</p>


Now go back to the first paragraph, and the second: ah yes, that word "simulations". With so much science now relying on code, journals surely should insist on the publication of the source code used to reach conclusions. (Though read the comments on the story too, which point out that often it's impossible, because many use commercial code - and Matlab isn't going to publish its source.)

And yes, the whole story is a bit like a novella in the leadup to Kurt Vonnegut's Cat's Cradle.
software  science  coding  water  physics 
august 2018 by charlesarthur
Don't do this in production · Stephen Mann
Mann was called in to help find the bugs in an about-to-launch product, where the developers turned out to be eager, but inexperienced:
<p>“Move fast and break things,” they said. It turns out that’s a pretty bad idea when your business relies on a small number of large customers. Broken products tend to scare them off, which in turn tanks your business. There’s a lot to be said for building things that work, but “move slowly and steadily towards a goal” just doesn’t have the same ring.

In reality, there’s a balance between moving fast and and moving slow. It’s difficult to communicate that balance because every type of product demands a different balance. I suppose that intuition comes from experience, which is a terrible answer for someone trying to learn.

What’s a new developer to do?

The natural tendency seems to be asking the internet. It turns out that this is incredibly effective.

It’s also incredibly dangerous.

This company continued to work with me after that product launch. I reviewed a significant amount of code, helped mentor their developers, and built new projects for them. Everything went swimmingly.

One day, I ran into a section of code that triggered my spidey sense. I could have sworn that I had seen it before. Sure enough, after pasting a line into a search engine, I found the exact section of code in a blog post. Naturally I read the whole thing, right up to the line that said, “Don’t do this in production.“

Yet here it was, tipping its hat at me from the front lines of a production codebase.

It didn’t take long to find many sections of code from similar blog posts. Almost all of the blog posts either wrote a disclaimer or should have written one. They all solved one small piece of a problem, but took many liberties in their solution to make it simpler to read. It’s understandable. Most readers appreciate brevity when learning a concept.</p>


Ah, the joys of StackOverflow. Great when you're learning, but as he says - dangerous if used unwarily.
software  production 
august 2018 by charlesarthur
Nike hit back at Quest in court case • The ITAM Review
"Rich" on a row between Quest Software, which says Nike owes $15.6m for use of its software since 2001, and Nike, which says it owes $0.34m. It's only a 98% difference:
<p>Nike state they have: “…not agreed, under the SLSA or otherwise, to pay for licenses for Quest Software for persons or systems who could theoretically access the Quest Software, but who do not actually use the software”

And go on to point out that “People legitimately need to access these servers, but have no need to run Quest software – for example “NIKE’s cyber security and forensics professionals.” A situation that will be common to many organisations worldwide.

Looking at section 12 of the SLSA, the audit clause between Nike & Quest states: “In the event that an audit conducted as set forth herein discloses that Licensee has caused or permitted access to or use of the System by persons or entities that are not authorized under the terms of this Agreement to such use or access, Licensee shall pay Quest the underpayment, in the amount of the negotiated fee applicable to the particular Software Product or Product to which unauthorized access was permitted, for all such unauthorized users”

It seems Quest are relying on the language that states: “permitted access to…the System by person…not authorized…to such use or access” to make their claim that Nike are liable for all potential users based on system access.

Nike, however, are arguing that the clause simply states they must pay for: “All unauthorized users”</p>


On that (and some more) turns $15m, one way or another.
software  licensing 
june 2018 by charlesarthur
How computers could make your customer-service calls more human • WSJ
Daniela Hernandez and Jennifer Strong:
<p>Cogito is one of several companies developing analytics tools that give agents feedback about how conversations with customers are going. Its software measures in real time the tone of an agent’s voice, their speech rate, and how much each person is talking, according to Dr. Place. “We measure the conversational dance,” he says.

That dance is sometimes out of sync, such as when an agent speaks too quickly or too much, cuts a customer off, has extended periods of silence or sounds tired.

When the software detects these mistakes, a notification pops up on a window on an agent’s screen to coax them to change their strategy. The alerts are useful not just for the agents, but also for their supervisors, Cogito says.

When insurer MetLife Inc. started testing the software about nine months ago, Emily Baker, a 39-year-old supervisor at a call center in Warwick, R.I., thought: “Why do I need this artificial intelligence to allow me to be more human? How much more human can I be?”

But the program has come in handy when coaching new agents, she says, especially those with little experience. One of her 14 agents said the software noticed he wasn’t speaking with enough energy, so it prompted him with a message to pep up plus a coffee-cup icon, she says.

Tiredness can come off as lack of confidence, Ms. Baker says, and it’s important for clients to “feel confident about the service we’re providing” because callers are often going through potentially life-changing events. The call center where Ms. Baker works is focused on disability insurance.</p>


Machines to watch over us, and correct us when we aren't good enough with each other.
callcentre  cogito  ai  software 
june 2018 by charlesarthur
Tesla lawsuit highlights risks of inside threat • CNBC
Kate Fazzini:
<p>The incidents described in CEO Elon Musk's email to employees and the <a href="https://www.cnbc.com/2018/06/20/tesla-sues-former-employee-for-allegedly-stealing-gigabytes-of-data-making-false-claims-to-media.html">company's lawsuit against the former employee</a> are jarring because they show how much access insiders have to critical systems of these vehicles, and how difficult it might be to determine whether they are altering code on machines that test the cars.

Cybersecurity professionals have demonstrated how to hack into the infotainment systems of several vehicle brands over the years. These demonstrations have shown that, while it's fairly easy to break into the computer systems that control dashboard computers, getting deeper into the systems that actually run a vehicle – and control its steering, acceleration and braking -- is much harder. It is often difficult to get to these computers physically, and they typically aren't connected to the internet or remotely available, making it necessary for an attacker to have physical access to the device.

It's even less likely outside attackers could get access to computers used in vehicle testing.

But insiders have far greater access. Employees may not only have physical access to the critical systems that run manufacturing or program car components, but they may know important information that allows them to write code that can cause meaningful damage to the vehicle.</p>
tesla  software  selfdrivingcar 
june 2018 by charlesarthur
NTSB: Autopilot steered Tesla car toward traffic barrier before deadly crash • Ars Technica
Timothy Lee:
<p>The <a href="https://www.ntsb.gov/investigations/AccidentReports/Reports/HWY18FH011-preliminary.pdf">preliminary report</a> confirms that Autopilot was engaged ahead of the crash, and it appears to confirm that a navigation mistake by Autopilot contributed to Huang's death.

Huang's Model X was driving south on US highway 101 just ahead of a point where a left-hand exit split off from the main road. Logs recovered by the NTSB show that eight seconds before the crash, the vehicle was following behind another car, traveling at 65mph.

Then, seven seconds before the crash, "the Tesla began a left steering movement while following a lead vehicle." That "left steering movement" carried the vehicle into the "gore area"—a triangular area of paved road that separated the highway's main travel lanes from the diverging exit lane.

At four seconds before the crash, the Tesla vehicle was no longer following the car ahead of it. The car's cruise control was set to 75mph, so it began to accelerate, reaching a speed of 70.8mph just before the crash. There was "no precrash braking or evasive steering movement detected," the NTSB says.

Huang's hands were detected on the steering wheel for 34 seconds out of the final minute of his trip. His hands were not detected on the steering wheel for the final six seconds prior to the crash.</p>


As had been suggested: it diverted into the white lines of the gore. Now the question is whether this was caused by a Tesla software update, since the car had been along the same stretch of road a number of times. I suspect Tesla won't like the answer. Software updates that kill: now a feature in cars.
tesla  crash  software 
june 2018 by charlesarthur
Apple's software chief details how iOS apps will run on Macs • Wired
Lauren Goode:
<p>When addressing my question about whether iOS apps moving to macOS is a natural precursor to touchscreen Macs, Federighi told me he's "not into touchscreens" on PCs and doesn't anticipate he ever will be. "We really feel that the ergonomics of using a Mac are that your hands are rested on a surface, and that lifting your arm up to poke a screen is a pretty fatiguing thing to do," he said.

Federighi added that he doesn't think the touchscreen laptops out there today—which he referred to as "experiments"—have been compelling. "I don't think we've looked at any of the other guys to date and said, how fast can we get there?" (It's worth noting that Microsoft's Surface laptop, which has a touchscreen and is considered a top MacBook rival, has received largely positive reviews.)

Speaking of competition, Apple's biggest competitors in mobile and desktop software are both already offering some version of mobile apps that can run on laptops and desktops. Microsoft's Universal Windows Platform, introduced back in 2016, lets developers write just one app and have it run across PCs, tablets, mobile phones, and the XBox One. That same year, Google said it was bringing the Google Play app store to Chromebooks, which meant people could download and use Android apps on their ChromeOS computers.

Microsoft and Google have different technical approaches to running similar or the same versions of apps across different devices. But both systems are an acknowledgement of a basic truth: While people really love mobile apps, it can be inefficient and costly for developers to have to build entirely separate apps for multiple platforms.</p>

Federighi is being a little disingenuous about the "fatiguing" thing there. I'm writing this on an iPad Pro - lots of screen touching goes on. The interaction paradigm of a mouse, though, allows for much more precision, and a native desktop/laptop allows for far more information density. This is what advocates of touchscreen laptops overlook: a mouse is a pixel-precise device. A finger isn't.

This looks to me more like an effort to keep the Mac platform alive, by making it easier to write for, than any convergence. I could be miles wrong - Apple has made sweeping architecture changes in the past - but the need for precision is too big to ignore in desktop work.
Apple  software  ios  macos 
june 2018 by charlesarthur
Software is eating the world, Tesla edition • Marginal REVOLUTION
Alex Tabarrok:
<p>Last week Consumer Reports refused to recommend Tesla’s Model 3 because it discovered lengthy braking distances. This week Consumer Reports changed their review to recommend after Tesla improved braking distance by nearly 20 feet with an over the air software update!

…The larger economic issue is that every durable good is becoming a service. When you buy a car, a refrigerator, a house you will be buying a stream of future services, updates, corrections, improvements. That is going to change the industrial organization of firms and potentially increase monopoly power for two reasons. First, reputation will increase in importance as consumers will want to buy from firms they perceive as being well-backed and long-lasting and second durable goods will be rented more than bought which makes it easier for durable goods producers not to compete with themselves thus solving <a href="http://www.jstor.org/stable/725018">Coase’s durable good monopoly problem</a>.</p>


Coase's durable monopoly problem (in case you don't have a JSTOR login) is <a href="https://en.wikipedia.org/wiki/Coase_conjecture">explained on Wikipedia</a>: essentially, it's that in a market where you can't resell a particular product, a monopoly provider will have to go for the lowest, rather than highest, possible price.

Tabarrok is saying that over-the-air updates make items more desirable over time, which keeps pricing higher. Makes sense. There's also some fun discussion in the comments about how Tesla improved its braking distance so much and so quickly.
tesla  software  technology  economics 
may 2018 by charlesarthur
These 299 MacOS apps are so buggy, Apple had to fix them in AppKit • Worth Doing Badly
Zhuowei Zhang:
<p>Looking through the list of apps tells a lot about what apps Apple considers essential to the Mac platform: after all, they put special effort to make them work on newer system versions. So what apps do Apple consider important?

• Productivity apps from large companies:<br />most of the Adobe suite; the Microsoft Office suite; Autodesk’s AutoCAD and Maya; Matlab; Ableton Live; Intuit Quicken/QuickBooks; TurboCAD; VMWare Fusion

• Communication apps:<br />Google Chrome; Opera Browser; Twitter for Mac; Tencent QQ, WeChat; AOL Messenger; Citrix GoToMeeting; Cisco Spark; HipChat; Sketch; Spotify; Evernote; Dropbox

• A surprisingly high number of games. I suspect there are even more IDs in game-specific libraries such as OpenGL.

Blizzard’s games: installer, Diablo 3, Heroes of the Storm, Starcraft 2, World of Warcraft, Hearthstone, and Battle.NET; Grid 2 Reloaded; Dragon Age 2 (of course)

• Open-source apps:<br />Firefox; VLC; Blender; Eclipse; AquaMacs (an Emacs port); OpenJDK; Textual IRC…</p>

It's a remarkable list - in many cases, Apple puts in fixes so that the apps (older or newer versions) won't crash immediately, or at some random point. (See? All those feedback notes you send when the apps crash do have some effect.)

Now try to guess how many of these patches there are for UIKit, Apple's iOS foundation to which first- and third-party apps are written.
programming  software  Apple  macos  apps 
may 2018 by charlesarthur
Warning signs for TSB's IT meltdown were clear a year ago – insider • The Guardian
Samuel Gibbs:
<p>When Sabadell bought TSB for £1.7bn in March 2015, it put into motion a plan it had successfully executed in the past for several other smaller banks it had acquired: merge the bank’s IT systems with its own Proteo banking software and, in doing so, save millions.

Sabadell was warned in 2015 that its ambitious plan was high risk and that it was likely to cost far more than the £450m Lloyds was contributing to the effort.

“It is not overly generous as a budget for that scale of migration,” John Harvie, a director of the global consultancy firm Protiviti, told the Financial Times in July 2015. But the Proteo system was designed in 2000 specifically to handle mergers such as that of TSB into the Spanish group, and Sabadell pressed ahead.

By the summer of 2016, work on developing the new system was meant to be well under way and December 2017 was set as a hard-and-fast deadline for delivery.

“The time period to develop the new system and migrate TSB over to it was just 18 months,” the insider said. “I thought this was ridiculous. TSB people were saying that Sabadell had done this many times in Spain. But tiny Spanish local banks are not sprawling LBG legacy systems.”

To make matters worse, the Sabadell development team did not have full control – and therefore a full understanding – of the system they were trying to migrate customer data and systems from because Lloyds Banking Group was still the supplier.

“This turned what was a super-hard systems job [into] a clusterfuck in the making,” the insider said.

By March 2017, the nightmare for customers that was going to unfold a year later appeared inevitable. “It was unbelievable – hardly even a prototype or proof of concept, yet it was supposed to be fully tested and working by May before the integration work started,” the insider continued. “Senior staff were furious about the state it was in. Even logging in was problematic.”</p>


Hard-and-fast deadline for delivery. Sprawling systems. Lack of understanding. Hard to think why this project abruptly crashed, so that a week after all the accounts were switched to the new system, it still isn't working for millions of customers.

That's what hard-and-fast deadlines get you in the IT world.
banking  software  tsb 
april 2018 by charlesarthur
They write the right stuff • Fast Company
Charles Fishman:
<p>It’s an awesome display of hardware prowess. But no human pushes a button to make it happen, no astronaut jockeys a joy stick to settle the shuttle into orbit.

The right stuff is the software. The software gives the orders to gimbal the main engines, executing the dramatic belly roll the shuttle does soon after it clears the tower. The software throttles the engines to make sure the craft doesn’t accelerate too fast. It keeps track of where the shuttle is, orders the solid rocket boosters to fall away, makes minor course corrections, and after about 10 minutes, directs the shuttle into orbit more than 100 miles up. When the software is satisfied with the shuttle’s position in space, it orders the main engines to shut down — weightlessness begins and everything starts to float.

But how much work the software does is not what makes it remarkable. What makes it remarkable is how well the software works. This software never crashes. It never needs to be re-booted. This software is bug-free. It is perfect, as perfect as human beings have achieved. Consider these stats : the last three versions of the program — each 420,000 lines long-had just one error each. The last 11 versions of this software had a total of 17 errors. Commercial programs of equivalent complexity would have 5,000 errors.

This software is the work of 260 women and men based in an anonymous office building across the street from the Johnson Space Center in Clear Lake, Texas, southeast of Houston. They work for the “on-board shuttle group,” a branch of Lockheed Martin Corps space mission systems division, and their prowess is world renowned: the shuttle software group is one of just four outfits in the world to win the coveted Level 5 ranking of the federal governments Software Engineering Institute (SEI) a measure of the sophistication and reliability of the way they do their work. In fact, the SEI based it standards in part from watching the on-board shuttle group do its work.</p>


This is not a brief article. It is very good.
software  programming  culture  nasa 
april 2018 by charlesarthur
Does Injong Rhee’s departure spell doom for Bixby? • Medium
Philip Berne:
<p>The scale and effort to create Bixby cannot be undersold. It was a massive undertaking of talent and brute force that few companies could muster. According to the company’s own Newsroom, Samsung spent over $13.6bn (14.8trn KRW) on R&D in 2016. In the same year, Apple spent about $10.4bn. Samsung has the resources to tackle massive projects like Bixby, but does it have the will?

Injong [who is going to Google to work on its Internet of Things projects] provided the will. This was a point we hammered to media repeatedly, especially when Milk Music, or the TouchWiz interface, or any other Samsung software failures came up. What’s different here is Injong. Injong has a track record of success. He has proven that he would not quit until the project is successful.

Well, Injong just quit. Of course Samsung won’t be giving up on Bixby right away. In one of the most boneheaded design decisions ever, the company put a dedicated button on their flagship phones. In another boneheaded move, they KEPT putting the Bixby button on phones, and it seems the upcoming Galaxy S9 flagship will feature that button. Feature. Thankfully, they positioned the button opposite the power button, so users will be able to squeeze it accidentally and will get to experience Bixby for themselves.

I actually liked using Bixby, and I loved Bixby’s ambition. Like Samsung Pay’s magnetic stripe compatibility, Bixby was truly filling a gap in the smartphone market, helping users navigate archaic interface designs. Also like Samsung Pay, it was a gap that persisted from the past, and would likely be filled by future innovations…

The question is whether Samsung can hold onto this ambition, as the chief architect and cheerleader for not giving up has himself moved on to something better.</p>
Samsung  bixby  software 
february 2018 by charlesarthur
Fiat Chrysler pushed a UConnect update that causes constant reboots with no announced fix (updated) • Jalopnik
Jason Torchinsky:
<p>It appears that the over-the-air update to the UConnect system went out on Friday, and many, many owners have not had working center-stack systems since then. Many of these vehicles are nearly brand-new, which makes the issue even more maddening.

(I reached out to FCA to find out what was known about the issue, if it was affecting all versions of the system, when a fix was expected, and so on, but I was surprised to find that the representative I spoke with wasn’t aware of the problem until I described it. I reached out to FCA two more times, but the first time I was told they had no statement or information yet, and the most recent time I had to leave a message. We’ll update with FCA’s response when we get it.)

The failure of the UConnect system isn’t just limited to not having a radio; like almost all modern automotive infotainment systems, the center screen, controlled by UConnect, handles things like rear-view camera systems, navigation, cell phone connection systems like Apple CarPlay or Android Auto, some climate control functions, many system and user settings, and more.

Losing access to the system on a new FCA vehicle is a major problem.</p>

To say the least. Naturally, one's imagination jumps forward to how it could be with self-driving cars.
Uconnect  cars  software 
february 2018 by charlesarthur
Scoop: Apple delays iOS features to focus on reliability, performance • Axios
Ina Fried:
<p>Software head Craig Federighi announced the revised plan to employees at a meeting earlier this month, shortly before he and some top lieutenants headed to a company offsite.

On the cutting board: Pushed into 2019 are a number of features including a refresh of the home screen and in-car user interfaces, improvements to core apps like mail and updates to the picture-taking, photo editing and sharing experiences.

What made it: There will be some new features, of course, including improvements in augmented reality, digital health and parental controls. In addition, Apple is prioritizing work to make iPhones more responsive and less prone to cause customer support issues.

But, but but: While a renewed focus on quality and performance might ease some outside criticism, some inside the team question whether the approach will actual lead to higher quality. Plus, customers tend to pay for features more than security and reliability, which are tough to assess at the time of purchase.</p>

I don’t think customers pay for software features on phones. They pay for the phones, and the software comes along for the ride; its quality decides whether they pony up when it comes time to replace it, though. (A friend told me today how his Moto G died on him in France. Annoyed, he has replaced it with an iPhone 6S, which he’s delighted with.)

The offsite meeting might be the “top 100” group which sees what it coming up for the rest of the year. New Mac Pro, iPhones.. what else?
Apple  ios  software 
january 2018 by charlesarthur
If your iPhone, iPad, or iPod touch unexpectedly restarts • Apple Support
<p>If your device with iOS 11 unexpectedly restarts repeatedly on or after December 2, 2017, learn what to do. 

Try to update your device to iOS 11.2. After you tap Download and Install, the download will continue even if your device restarts. Wait for the update to complete.
If you can't update, turn off notifications for all the apps on your device, then update your device to iOS 11.2:
• Tap Settings > Notifications.<br />• Tap an app, then turn off Allow Notifications. Repeat this step for each app.<br />• Update your device to iOS 11.2.</p>


Software is hard.
apple  software 
december 2017 by charlesarthur
May 2014: Software is forever • net.wars
Wendy Grossman, writing in May 2014, when Windows XP was about to be wiped from the face of the earth, because nobody would want to keep using an OS that wasn't supported, surely?
<p>The end of official support for Windows XP has occasioned a lot of unsympathetic comments like: Windows 7 (and 8) has fundamentally better built-in security, you should have switched long ago anyway; they gave you years of notice; sheesh, they supported it for 13 years; nothing lasts forever.

The notable dissenter, whom I encountered at the event launching Trustwave's 2014 report, was Matt Palmer, chair of the Channel Islands Information Security Forum, who argued instead that the industry needs a fundamental rethink: "Very few organizations, small or large, can afford to turn over their software estate on a three-to-five-year basis," he said, going on to ask: "Why are they manufacturing software and only supporting it for a short period?"

In other words, as he put it more succinctly afterwards: we need to stop thinking of software as temporary.

This resonates strongly to anyone who remembers that this exact short-term attitude that software was temporary was the precise cause of the Y2K problem. For those who came in late or believe that the moon landings were faked: despite much media silliness (I remember being asked if irons might be affected), Y2K was a genuine problem. It affected many types of both visible and invisible software in some trivial, some serious ways. The root cause was that throughout most of the second half of the 20th century coders saved on precious memory resources by coding two-digit fields to indicate the year. Come 2000, such software couldn't distinguish 1935 from 2035: disambiguation required four-digit fields. "Nothing happened" because coder-millennia were spent fixing code. Remediating Y2K cost $100 billion was spent in the US alone, and all because coders in the 1950s, 1960s, 1970s, 1980s, and even some of the 1990s did not believe their software would still be in use come January 1, 2000. The date of the earliest warning not to think like that? A 1979 paper by Bob Bemer…

…People expect to measure the lives of refrigerators, thermostats, cars, or industrial systems in decades, not months or years. Even if you want to say it's unreasonable and stupid that people and companies still have old XP boxes running specialized, irreplaceable applications today, one day soon it's your attitude that will be unreasonable. Software has a much longer lifespan than its coders like to think about, and this will be increasingly true.</p>


Still true: parts of the NHS and, I think, some bits of the UK Armed Forces are still using XP.
software  lifespan 
november 2017 by charlesarthur
Software matters in the world – Fog Creek Software • Medium
Anil Dash:
<p>When our company, Fog Creek Software, was started as a little indie firm way back in 2000, we mostly saw bugs that way, too. We made a bug-tracking app and tried to help people make sure they were fixing what was wrong in their software.

While that was happening, our cofounder Joel Spolsky also wrote a lot about the culture of making software. Back then, at the height of the dot-com boom, it was seen as a bit eccentric to put as much focus on the human factors and ethical behavior as our founders did. But it helped us win fans, and some of those people tried out the various apps we built along the years, and we’ve been lucky to keep thriving as what feels like one of the last few independent tech companies that’s still relevant.

But we missed something important, too. Those ideas and insights about how to treat people, how to listen to customers (and to communities), and how to be thoughtful and responsible in creating technology were even more important than anything we built into our software. They were the first steps to trying to fix what we could now think of as “Big Bugs”. Little bugs were mistakes in the software. Big Bugs are when we exacerbate (or cause!) major problems in society.</p>
software 
november 2017 by charlesarthur
Software is a long con • emptywheel
Quinn Norton:
<p>I had a conversation with a bridge engineer one evening not long ago. I said, “Bridges, they are nice, and vital, but they fall down a lot.”

He looked at me with a well-worn frustration and replied, “Falling down is what bridges do. It’s the fate of all bridges to fall down, if you don’t understand that, you don’t understand bridges.”

“Ok, I do understand that,” I replied. “But they fall down a lot. Maybe if we stepped back and looked at how we’re building bridges –”

“You can’t build a bridge that doesn’t fall down. That’s just not how bridges work”

I took a deep breath. “What if you could build a bridge that didn’t fall down as often?”

“Not practical — it’s too hard, and besides, people want bridges.” By now, he was starting to look bored with the conversation.

“I bet if you slowed down how you build bridges, you could make ones that lasted decades, even in some cases, centuries. You might have to be thoughtful, set more realistic expectations, do a lot more of the design of a bridge before you start building it, but..”

He interrupted me again. “Look, you’re not a bridge engineer, so you don’t really understand how bridges work, but people want bridges now. So no one is going to build a bridge like that, even if it were possible, and I’m not saying it is.”

“But people get hurt, sometimes die, on these bridges.”

“Bridges fall down. Sometimes people are on them when they do. That’s not my fault as a bridge engineer, that’s literally how gravity works,” he said…

…Just then, a friend of mine, also a writer, also interested in bridges, stopped by.

“Hey guys!” he said. “So it looks like there’s a crew of Russian bridge destroyers with hammers and lighters who are running around in the middle of the night setting fires to bridges and knocking off braces with hammers. They started in Ukraine but they’re spreading around the world now, and we don’t know if our bridges are safe. They’ve studied bridges carefully and they seem to be good at finding where they’re most flammable and which braces to knock off with their hammer.”

We both regarded my friend a long moment, letting it sink in. I turned back to the bridge engineer and said, “Maybe we need to make them out of non-flammable material and rivet them instead of using exposed braces and clamps.”

But he was already red in the face, eyes wide with anger and fear. “GET THE RUSSIANS!” he screamed.</p>


Of course that's only the beginning.
security  software  ethics 
september 2017 by charlesarthur
Tesla extended the range of some Florida vehicles for drivers to escape Hurricane Irma - The Verge
Andrew Liptak:
<p>As Hurricane Irma bears down on Florida, Tesla issued an over-the-air update to drivers in the state that unlocks the full battery capacity of its 60 and 70 kilowatt-hour Model S and X vehicles. The update provides those trying to escape the path of the storm with an additional 30 to 40 miles above the typical range of the vehicle, according to Electrek.

Tesla’s 60 and 60D vehicles offer a range of just above 200 miles on a charge. Faced with an order to leave, one Tesla owner contacted the company, saying that they needed an additional 30 miles of range to get out of the mandatory evacuation zone they were in. In response, the company issued an update to other drivers in the state, providing them with the full 75 kWh capacity of their vehicles through September 16th. One driver posted a screenshot of his app, which showed off the new extended range. A Tesla spokesperson confirmed that the company’s 70kWh vehicles also received the update.</p>


So what's to stop someone trying to figure out what the software update does, and applying that to their battery firmware? (Maybe it's signed with a Tesla cryptographic key?) This seems really strange - that the only difference is a few lines of code, and that the low-end car is intentionally hobbled not through physics but software. And what Tesla can give, it can take away. That's scary too.
tesla  software  upgrade 
september 2017 by charlesarthur
Model S 60D upgraded for free to 75? • Tesla Motors Club
<p>Currently posted on Reddit. Owner speculates Tesla may have upgraded it for them to get out of hurricane impacted area.

<a href="https://www.reddit.com/r/teslamotors/comments/6z2fwd/did_tesla_just_upgrade_my_60d_due_to_the_hurricane/">Did Tesla just upgrade my 60D due to the hurricane? • r/teslamotors</a></p>


Indeed, Tesla confirmed to one of the forum posters that it had upgraded for free to give the 60D greater range - and that the upgrade will be "removed" on September 16. This raises lots of questions: if that capability exists in the 60D, and just awaits software, what's to stop someone hacking the car themselves? Who owns the car? Who owns the software? Who owns the access to the software upgrade? Tesla may think it has dealt with this in its contract of sale/lease, but a court might find differently.

And if it can apply to Tesla, it can apply to other makers. IBM used to pull the same trick with its mainframes: upgrading was just a simple tweak, for which it charged huge amounts.
tesla  upgrade  software 
september 2017 by charlesarthur
Apple updates its App Store review guidelines, here's all the changes • iClarified
<p>CHANGED 2.5.2 in 2.5 Software Requirements
(Old) 2.5.2 Apps should be self-contained in their bundles, and may not read or write data outside the designated container area, nor may they download, install, or execute code, including other iOS, watchOS, macOS, or tvOS apps.

(New) 2.5.2 Apps should be self-contained in their bundles, and may not read or write data outside the designated container area, nor may they download, install, or execute code, including other apps. Apps designed to teach, develop, or test executable code may, in limited circumstances, download code provided that such code is not used for other purposes. Such apps must make the source code provided by the Application completely viewable and editable by the user.</p>


This doesn't look big on the surface, but it's significant: being able to download code is important. It's still a frustration for apps such as Pythonista that it can't use iCloud to sync executable files. I really don't know how Workflow managed it before.
apple  software 
june 2017 by charlesarthur
While Android leaps forward, Samsung’s software still has trouble catching up to its hardware • XDA Developers
Daniel Marchena:
<p>While everyone’s baseline for what is acceptable is different, it is hard to deny that bloated options like the Samsung Experience have a detrimental effect on device performance. I am jealous every time I watch a video showing off the HTC U11 or Google Pixel; they are just so instantaneously responsive, something my S8 cannot match even on its best days.

It’s not just the amount of added applications and services, it is also the optimization of them that matters. On your Galaxy S8 right now, there are dozens of services running that simply do not need to be there for most users, that are taking up valuable system resources, and even if the impact of them is low it is still something running that simply does not perceptibly or substantially add to our experience. These running services take up your available RAM, but more importantly are using valuable CPU time and attention. Have you ever used the the Samsung DeX system? Well, its software is running on your S8. Ever used Samsung’s woefully broken and useless “Connect” or “Bixby” services? Well, those services are running right now on your S8. Even if you have never applied a theme to your phone, there are at least two themes services that are running that have no need to be, because if disabled, your phone works exactly as it did prior to disabling them; I know, I have them disabled. If you have ever used GearVR, the Oculus suite is installed and stays running at all times, even if you haven’t used your headset in days or weeks or since a reboot. Normally most users won’t even notice one or two of these services running in the background, but when those services add up to dozens of unneeded running tasks, it quickly becomes a problem. 

Samsung’s insistence on adding a growing amount of limited use and poorly-optimized software adds little more than a bullet point during an announcement and some usefulness to a small subset of users. Inversely, its negative impact affects all users of the device even if they never use the services or even know it exists. There is a reason why one of the most common comments in Galaxy S8 reviews was the skepticism over if the device will remain responsive, because the Galaxy S6 and S7 have not aged as gracefully as their less-bloated brothers from other manufacturers, and it’s not because the S7’s Snapdragon 820 magically got slower over time.</p>
Samsung  android  software 
may 2017 by charlesarthur
Who pays? • SMBlog
Steve Bellovin on the question of who should pay for the updates to ageing software:
<p>Historically, the software industry has never supported releases indefinitely. That made sense back when mainframes walked the earth; it's a lot less clear today when software controls everything from cars to light bulbs. In addition, while Microsoft, Google, and Apple are rich and can afford the costs, small developers may not be able to. For that matter, they may not still be in business, or may not be findable.

If software companies can't pay, perhaps patching should be funded through general tax revenues. The cost is, as noted, society-wide; why shouldn't society pay for it? As a perhaps more palatable alternative, perhaps costs to patch old software should be covered by something like the EPA Superfund for cleaning up toxic waste sites. But who should fund the software superfund? Is there a good analog to the potential polluters pay principle? A tax on software? On computers or IoT devices? It's worth noting that it isn't easy to simply say "so-and-so will pay for fixes". Coming up to speed on a code base is neither quick nor easy, and companies would have to deposit with an escrow agent not just complete source and documentation trees but also a complete build environment—compiling a complex software product takes a great deal of infrastructure.

We could oursource the problem, of course: make software companies liable for security problems for some number of years after shipment; that term could vary for different classes of software. Today, software is generally licensed with provisions that absolve the vendor of all liability. That would have to change. Some companies would buy insurance; others would self-insure. Either way, we're letting the market set the cost, including the cost of keeping a build environment around. The subject of software liability is complex and I won't try to summarize it here; let it suffice to say that it's not a simple solution nor one without significant side-effects, including on innovation. And we still have to cope with the vanished vendor problem.</p>
software  update  costing 
may 2017 by charlesarthur
Complexity and strategy • Hackernoon
Terry Crowley worked at Microsoft leading Office development for ten years:
<p>Anyone that follows the tales of disruption in the technology industry is well-attuned to the fact that asymmetric business model attacks enabled by new technology advances is one of the most effective strategies a competitor can take.

One thing that was clear to us was that the cloud/browser development strategy did not offer a breakthrough in the constraints of essential complexity like I am discussing here. In fact, the performance challenges with running large amounts of code or large data models in the browser and managing the high relative latency between the front and back end of your application generally make it harder to build complex applications in a web-based environment. Hyper-ventilation by journalists and analysts about the pace of Google App’s innovation generally ignored the fact that the applications remained relatively simple. Prior to joining Microsoft, I had built a highly functional multimedia document editor which included word-processing, spreadsheets, image, graphics, email and real-time conferencing with a couple other developers. I knew the pace of innovation that was possible when functionality was still relatively low (“highly functional” but still small N compared to the Office apps) and nothing I saw as Google Apps evolved challenged that.

In fact, several areas that demonstrate real cross-cutting complexity challenges is where Google’s slower pace is especially relevant. Google Apps have been announcing some variant of offline editing for almost 8 years now and it is still semi-functional. The other “real soon now” promise is “better compatibility with Office”. This has the flavor of the laundry detergent claims of “now with blue crystals”.</p>
microsoft  office  google  software 
march 2017 by charlesarthur
How software is eating the banking industry • CNBC
Ari Levy:
<p>Digit's software plugs into a user's checking account, analyzing expenses and income and determining how much money could be stashed away without the customer feeling it. Based on the personalized algorithm, Digit puts a few bucks or so a week into a savings account, notifying users with a simple text to help them pay off college or credit card debt or prepare for a wedding. It also serves up reminders to eliminate late fees and recently launched a notification bot on Facebook Messenger.

Digit says that it's saved more than $350m for its customers.

That includes people like Jenn Chenn, a former community manager at a San Francisco software company who's now in between jobs. Chenn has saved close to $16,000 over the past three years using Digit, money that would have otherwise remained in her checking account and more than likely have been spent.

"It started off small and as time went by, I started seeing different ways I could increase that amount and be OK," she said.

The savings were of particular importance after a hit-and-run accident left her with a hefty out-of-pocket payment for hospital bills.</p>


Ah, American healthcare. Nearly as broken as the American banking industry.
banks  software 
february 2017 by charlesarthur
Disable your antivirus software (except Microsoft's) • Eyes Above The Waves
Robert O'Callahan:
<p>(Perhaps it should go without saying - but you also need to your OS to be up-to-date. If you're on Windows 7 or, God forbid, Windows XP, third party AV software might make you slightly less doomed.)

At best, there is negligible evidence that major non-MS AV products give a net improvement in security. More likely, they hurt security significantly; for example, see bugs in AV products listed in Google's Project Zero. These bugs indicate that not only do these products open many attack vectors, but in general their developers do not follow standard security practices. (Microsoft, on the other hand, is generally competent.)

Furthermore, as Justin Schuh pointed out in <a href="https://twitter.com/justinschuh/status/802491391121260544">that Twitter thread</a>, AV products poison the software ecosystem because their invasive and poorly-implemented code makes it difficult for browser vendors and other developers to improve their own security. For example, back when we first made sure ASLR was working for Firefox on Windows, many AV vendors broke it by injecting their own ASLR-disabled DLLs into our processes. Several times AV software blocked Firefox updates, making it impossible for users to receive important security fixes. Major amounts of developer time are soaked up dealing with AV-induced breakage, time that could be spent making actual improvements in security (recent-ish example)…

…What's really insidious is that it's hard for software vendors to speak out about these problems because they need cooperation from the AV vendors (except for Google, lately, maybe). Users have been fooled into associating AV vendors with security and you don't want AV vendors bad-mouthing your product. AV software is broadly installed and when it breaks your product, you need the cooperation of AV vendors to fix it.</p>
security  software  antivirus 
january 2017 by charlesarthur
Cars as featurephones • Benedict Evans
Evans says that current cars are still in the featurephone area, awaiting their smartphone moment:
<p>a computer should never ask you a question that it should be able to work out for itself. These alerts and warnings, and all those buttons, are questions. And so, just as Windows doesn't ask you what sound card you have and smartphones don't ask you where to save a file or what your password is, what is a back-up warning but a question - do you want to stop now? Really, a car shouldn't have a back-up warning - it should just rubber-band to a halt. And that, in turn, is a step to autonomy - to level 3 and 4, the car that will try not to let you crash, and will increasingly drive itself. 

That is, the end-point is to have no interface at all. In a fully-autonomous, 'Level 5' car, with no steering wheel or manual controls at all, the only human-computer interface is when you say "take me home now". But most people in the autonomous driving field think that's at least 5 years away and more probably 10, or more. In the mean time we have a transitional phase, as you go from lots of warnings to one and you ask what fundamentally that warning should be, and as you sit in a car where you need to be in the driving seat and steering, mostly, or ready to steer, but the car might stop you, or drive itself. Something that drives itself until it doesn't can easily become dangerous. So, my struggle to turn off the HUD on my borrowed car might become something rather more urgent.   

This could, incidentally, be the best car opportunity for Apple. A car that you just tell to go home and forget about is Google's sweet spot, without much scope for Apple to add any unique insight as to how the experience should work. Conversely, a car that you still need to drive, somehow, but in radically new ways, seems like a fruitful place for thinking about how interfaces work, and that's Apple. </p>


I'd love a reversing system that stopped me reversing too far.
cars  apple  ux  software 
january 2017 by charlesarthur
Intellectual Ventures case: why software patents will take a big hit • Fortune
Jeff John Roberts:
<p>The <a href="http://www.cafc.uscourts.gov/sites/default/files/opinions-orders/15-1769.Opinion.9-28-2016.1.PDF">ruling</a>, issued on Friday by the U.S. Court of Appeals for the Federal Circuit, found that three patents asserted against anti-virus companies Symantec SYMC 0.63% and Trend Micro were invalid because they did not describe a patentable invention. The patents were owned by Intellectual Ventures, which has a notorious reputation in the tech world as a so-called “patent troll,” a phrase that describes firms that buy up old patents and wage lawsuits in order to demand payments from productive companies.

The most important part of the decision, which has created a stir among the patent bar, is a concurrence by Circuit Judge Haldane Mayer. In striking down a key claim from U.S. Patent 5987610, which claims a monopoly on using anti-virus tools within a phone network, Mayer says it is time to acknowledge that a famous Supreme Court 2014 decision known as “Alice” basically ended software patents altogether.</p>
law  software  patents  business 
october 2016 by charlesarthur
Snake oil software - or how SoftRAM hoodwinked the world • Digital Trends
Brad Jones:
<p>When Windows 95 launched in August 1995, there was only one piece of software available that was specifically written for the brand new operating system. SoftRAM 95 was a utility intended to double a system’s memory without the need for a hardware upgrade, and it was in stock at retail locations around the country as consumers ventured out to make the jump from Windows 3.1.

There was only one problem. SoftRAM 95 didn’t work.

Unfortunately, this wasn’t common knowledge. No one knew until after the software had become a best-seller across the globe. Back in the 1990s, SoftRAM hoodwinked hundreds of thousands of people. But that was before the age of widespread internet connectivity. Today, we’re more informed and harder to fool — right?

“The reason that it got as much attention and publicity as it got was that on the day that Windows 95 launched — August 24, 1995 — it was the only Windows 95-specific software available,” recalled Larry Seltzer, then a technical director for PC Magazine.

“Someone told me that they had been testing this, and that their claims are full of crap,” Seltzer continued. “I had already been involved in test labs for a long time, and the people involved with those labs talked with each other, so there was a lot of behind-the-scenes chatter about it.”

Despite these rumors of wrong-doing, SoftRAM was a hit with the general public.</p>


It took a while to tear down (much longer, oddly, than the real problem with <a href="https://en.wikipedia.org/wiki/Pentium_FDIV_bug">Intel's flawed multiplication a year before</a>) and prove false. But as Jones points out, "placebo" is still around today - you just don't pay for it with money.
software  fake  placebo 
september 2016 by charlesarthur
Software now to blame for 15% of car recalls • Popular Science
Apps freezing or crashing, unexpected sluggishness, and sudden reboots are all, unfortunately, within the normal range of behavior of the software in our smartphones and laptops.

While losing that text message you were composing might be a crisis for the moment, it’s nothing compared to the catastrophe that could result from software in our cars not playing nice.

Yes, we’re talking about nightmares like doors flying open without warning, or a sudden complete shutdown on the highway.

The number of software-related issues, according to several sources tracking vehicle recalls, has been on the rise. According to financial advisors Stout Risius Ross (SSR), in their Automotive Warranty & Recall Report 2016, software-related recalls have gone from less than 5% of recalls in 2011 to 15 percent by the end of 2015.

SSR points to the sheer volume of software code that interfaces vehicle components, many of them developed to different protocols. While there are about 9 million lines of code in an F-35 fighter jet, today’s cars can contain up to 100 million lines, the firm says.
car  software 
june 2016 by charlesarthur
This $5bn software company has no sales staff • Bloomberg
Dina Bass:
<p>Brandon Cipes, vice president for information systems at OceanX, has spent enough time in senior IT positions to hate sales calls. “It’s like buying a car—a process that seemingly should be so simple, but every time I have to, it’s like a five- to six-hour ordeal,” he says. “Most of our effort is trying to get the salespeople to leave us alone.” Cipes didn’t always feel that way, though. Back in 2013, he was used to the routine. His conversion began when he e-mailed business-software maker Atlassian, asking the company to send him a sales rep, and it said no.

Atlassian, which makes popular project-management and chat apps such as Jira and HipChat, doesn’t run on sales quotas and end-of-quarter discounts. In fact, its sales team doesn’t pitch products to anyone, because Atlassian doesn’t have a sales team. Initially an anomaly in the world of business software, the Australian company has become a beacon for other businesses counting on word of mouth to build market share. “Customers don’t want to call a salesperson if they don’t have to,” says Scott Farquhar, Atlassian’s co-chief executive officer. “They’d much rather be able to find the answers on the website.”</p>
business  sales  software 
may 2016 by charlesarthur
Software update destroys $286m Japanese satellite • Hackaday
Rud Merriam:
<p>The Japanese X-ray telescope Hitomi has been declared lost after it disintegrated in orbit, torn apart when spinning out of control. The cause is still under investigation but early analysis points to bad data in a software package pushed shortly after an instrument probe was extended from the rear of the satellite. JAXA, the Japanese space agency, lost $286m, three years of planned observations, and a possible additional 10 years of science research.

Hitomi, also known as ASTRO-H, successfully launched on February 17, 2016 but on March 26th catastrophe struck, leaving only pieces floating in space. JAXA, desperately worked to recover the satellite not knowing the extent of the failure. On April 28th they discontinued their efforts and are now working to determine the reasons for the failure, although a few weeks ago they did provide <a href="http://global.jaxa.jp/projects/sat/astro_h/files/topics_20160415.pdf">an analysis of the failure sequence</a> at a press conference.</p>


Soon to be a plotline in a disaster movie.
failure  software 
may 2016 by charlesarthur
Google – closed source » Radio Free Mobile
Richard Windsor:
<p>Android L (5.0) is currently on just 34.1% of Google’s Android devices despite having been available for around 18 months which corresponds to the penetration one would expect with virtually no updates being made.

This is a massive problem because it means that any innovations that Google makes to Android to compete against iOS, Windows or China will take 4 years to fully penetrate into its user base.
In my opinion this renders the innovation worse than useless as it will be fully visible to the competition who can copy it and get it into the market long before Google can.

This is why I think that Google has to take complete control of Android culminating in the migration of the Android Run Time (ART) from the Android Open Source Package (AOSP) into Google’s own proprietary Google Mobile Services (GMS). Its recent [court] loss in its war with Oracle has given Google the perfect excuse to close down its version of Android and blame Oracle when developers complain.

I don’t think that this is likely to happen this year, but in 2017, I see the possibility for Android to follow its little brothers Android Auto and Android Wear in becoming fully closed and proprietary. This would allow Google to roll everything up into a single release and distribute it through Google Play, thereby fixing the endemic fragmentation and distribution problems in one go.</p>


Windsor's point that the penetration of each version of Android is no more than you'd expect from simple sales is well made. And if it does become a sort of Windows, bypassing OEMs for updates, that would allow it to monetise (through the newer features of later releases) more effectively.

Might be a tough one for the "Android is open, open wins" crowd to explain, though. (Some of them are inside Google.)
android  software 
march 2016 by charlesarthur
Thousands of apps running Baidu code collect, leak personal data: research » Reuters
Jeremy Wagstaff and Paul Carsten:
<p>Thousands of apps running code built by Chinese Internet giant Baidu have collected and transmitted users' personal information to the company, much of it easily intercepted, researchers say.

The apps have been downloaded hundreds of millions of times.

The researchers at Canada-based Citizen Lab said they found the problems in an Android software development kit developed by Baidu. These affected Baidu's mobile browser and apps developed by Baidu and other firms using the same kit. Baidu's Windows browser was also affected, they said.

The same researchers last year highlighted similar problems with unsecured personal data in Alibaba's UC Browser, another mobile browser widely used in the world's biggest Internet market.

Alibaba fixed those vulnerabilities, and Baidu told Reuters it would be fixing the encryption holes in its kits, but would still collect data for commercial use, some of which it said it shares with third parties. Baidu said it "only provides what data is lawfully requested by duly constituted law enforcement agencies."…

…"It's either shoddy design or it's surveillance by design," said Citizen Lab director Ron Deibert.</p>


Tricky choice.
baidu  software 
february 2016 by charlesarthur
Apple’s elephant in the room » Medium
Alexandra Mintsopoulos on the meme about Apple's "declining" software quality:
<p>If the biggest example that can be pointed to is iTunes or its back-end (which seem to generate the <a href="https://www.reddit.com/r/technology/comments/44u4ju/apple_takes_its_eye_off_the_ball_why_apple_fans/">most criticism</a>) then there isn’t any validity to the idea that Apple’s software quality is declining. iTunes has been the target of complaints for as long as anyone can remember and it seems clear that it will be reworked much like Photos, iWork, or Final Cut have been (and likely receive the same backlash for missing functionality). The reason it hasn’t been done sooner is obvious: it has hundreds of millions of users and transacts billions of dollars in sales, revamping it from the ground up is akin to fixing an airplane while it’s in flight and won’t be done lightly.

There is a massive disconnect between enthusiasts and Apple’s broader customer base on the perception of Apple’s software quality. That is a PR problem for Apple to solve, not a software one.</p>


I thought it was pretty clear in Eddy Cue's appearance on John Gruber's podcast (linked here yesterday) that Cue said iTunes is being redesigned, but you don't do that sort of thing in an afternoon. The vast majority of iTunes-on-desktop users are not using Apple Music. The problem that then needs to be solved is to what extent iTunes could, or should, be broken into multiple apps.
itunes  software  design 
february 2016 by charlesarthur
Automated scanning of Firefox extensions is security theatre (and here’s code to prove it) » Dan Stillman
Stillman wrote a simple Javascript extension that grabs sites and passwords, yet passes Mozilla's "scanner" which looks for "malware":
<p>I asked in February how the scanner would possibly catch things like this, and the response from Mozilla’s Add-ons Developer Relations Lead was that most malware authors are lazy and that he believed the scanner could be made to “block the majority of malware”. The fact that, nine months later, and a few weeks before an enforcement deadline that was already postponed by several months, someone can write a trivial extension in a few minutes that steals passwords, runs a local process, and executes arbitrary remote code, but that is still automatically signed, demonstrates just how ill-conceived this scheme is. It also destroys any argument that whitelisting would put users at greater risk for malware, and it’s infuriating that we’ve had to waste the last few months arguing about the dangers of a whitelisted Zotero. And it’s just depressing that the entire Mozilla developer community spent the last year debating extension signing and having every single counterargument be dismissed only to end up with a system that is utterly incapable of actually combating malware.</p>
firefox  security  software 
november 2015 by charlesarthur
More Apple Car thoughts: software culture » Monday Note
Jean-Louis Gassée:
<p>what we’ve grown to accept in our personal computers [in the form of software crashes and bugs] can’t be allowed in a vehicle carrying human beings at 60 miles per hour.

Just because the software running inside Apple’s personal computing devices is considered high quality doesn’t mean that the culture that produces it is capable of producing the high-reliability, real-time embedded software needed for an electric car.

I am one of the many who believe culture always wins. Culture eats strategy for breakfast, it causes mergers and acquisitions to fail and, above all, it resists virile executive calls to change. Culture evolves slowly, as if having its own independent will, or not at all.

The bottom line is this: For the hypothetical Apple Car project to succeed, a necessary (but not sufficient) condition is a culture change of a kind rarely, if ever, achieved by large organizations.
Perhaps the new software culture could arise in a new, separate group, well protected against the corporate lymphocytes always prone to attack what they see foreign objects. But that would break Apple in two separate cultures, and be the beginning of a dangerous process for a company that, today, strives on having a united functional organization.</p>
apple  car  software 
november 2015 by charlesarthur
The staggering impact of IT systems gone wrong » IEEE Spectrum
<p>We’ve scoured our archives to create a rogues’ gallery of the most notable, interesting, and emblematic failures from the past decade. We’ve included a diverse assortment of failures, which means there’s no single metric for measuring their impact. Some, like failed IT system upgrades or modernization projects, have straightforward financial consequences. Others, like operational outages and disruptions, are better measured by the time wasted and the number of people affected.

Keep in mind that the failures below are just the tip of the iceberg. They’re just a tiny fraction of the hundreds of incidents we’ve covered in Risk Factor, and an even smaller fraction of the global total. A complete list would be several orders of magnitude larger.</p>


The UK comes out top for the NHS IT writeoff! Hooray! No, wait. (Via <a href="http://twitter.com/ballantine70">Matt Ballantine</a>.)
economics  software  engineering 
october 2015 by charlesarthur
You have the right… to reverse engineer » getwired.com
Wes Miller:
<p>This NYTimes article about the VW diesel issue and the DMCA made me think about how, 10 years ago next month, the Digital Millennium Copyright Act (DMCA) almost kept Mark Russinovich from <a href="http://blogs.technet.com/b/markrussinovich/archive/2005/10/31/sony-rootkits-and-digital-rights-management-gone-too-far.aspx">disclosing the Sony BMG Rootkit</a>. While the DMCA provides exceptions for reporting security vulnerabilities, it does nothing to allow for reporting breaches of… integrity.

I believe that we need to consider an expansion of how researchers are permitted to, without question, reverse engineer certain systems. While entities need a level of protection in terms of their copyright and their ability to protect their IP, VW’s behavior highlights the risks to all of us when of commercial entities can ship black box code and ensure nobody can question it – technically or legally.</p>


Miller advised Russinovich on whether he could publish. The VW case is surely going to lead to a lot of questions about the DMCA and engine control unit (ECU) software - as highlighted yesterday.
ecu  software  dmca 
september 2015 by charlesarthur
EPA says VW intentionally violates clean air standards » Associated Press
Matthew Daly:
<p>The Environmental Protection Agency said Friday that Volkswagen intentionally skirted clean air laws by using a piece of software that enabled about 500,000 of its diesel cars to emit fewer smog-causing pollutants during testing than in real-world driving conditions.

The agency ordered VW to fix the cars at its own expense. The German automaker also faces billions of dollars in fines, although exact amounts were not determined.

The cars, all built in the last seven years, include the VW Jetta, Beetle, Golf and Passat models, as well as the Audi A3. The vehicles all contain a device programmed to detect when they are undergoing official emissions testing, the EPA said. The cars only turn on full emissions control systems during that testing. The controls are turned off during normal driving situations, the EPA said, allowing the cars to emit more than the legal limit of pollutants.</p>


The internet of intentionally sneaky things.
volkswagen  software 
september 2015 by charlesarthur
Toyota recalls 625,000 hybrids: Software bug kills engines by THERMAL OVERLOAD » The Register
Iain Thomson:
The recall is for Prius vehicles sold between 2012 and 2014, and affects 109,000 vehicles in the US, 340,000 in Japan, 160,000 in Europe, and sundry other locales. Toyota didn’t say how many cases the Prius had suffered, but did mention that there were no reports of injury as a result of the flaw.

"In the involved vehicles, the current software settings for the motor/generator control engine control unit (ECU) and hybrid control ECU could result in higher thermal stress in certain transistors, potentially causing them to become damaged," Toyota said in the <a href="http://corporatenews.pressroom.toyota.com/releases/toyota+recall+prius+v+july15.htm">recall notice</a>.

"If this happens, various warning lights will illuminate and the vehicle can enter a failsafe mode. In rare circumstances, the hybrid system might shut down while the vehicle is being driven, resulting in the loss of power and the vehicle coming to a stop."


Seems not good.
toyota  shutdown  software 
july 2015 by charlesarthur
I was an Invisible Girlfriend for a month » Fusion
Kashmir Hill tried being one of the workers who texts (but never, never sexts) with people who want not-really-just-virtual-but-real boyfriends or girlfriends:
Over all, the number of users who seemed to really want companionship outnumbered the skeptics. The founders say one user told them she was going through chemotherapy and that her real-life boyfriend had dumped her. So her invisible boyfriend had become a serious emotional support while she fought cancer.

I didn’t encounter anyone like that. Instead, I met a guy in his late 20s who wanted to have an extended conversation with his “lovingly nerdy, best-friend-turned-girlfriend” about taxidermy. He said that if he were a taxidermist, he would sew a cat to a dog. I texted, “Would you put a cat head on a dog body or a dog head on a cat body?” But I didn’t get to see his response, nor find out if the conversation was about to go to a darker place that might warrant alerting authorities.

It’s hard to put a price on love. But Crowdsource did. It’s worth a whopping five cents. That’s how much I got paid to write each of these texts.

If I spent an hour answering texts, and took the full five minutes to write each one, I’d be making 60 cents an hour, far below the minimum wage. This is legal because all the workers on the platform are classified as independent contractors rather than employees.


But of course. She'd get $5 for answering 100 texts; the service charged $15-$25 for the same.

Also, this is frighteningly reminiscent of Her, whose "hero" writes cards for people too busy to write cards.
fake  internet  software 
july 2015 by charlesarthur
iPad update won't work on old devices - Business Insider
Tim Stenovec:
the bad news is that the new features may not work on your iPad, unless it's one of the newest models.

And Split View, which allows you to use two apps at the same time, and is one of the best new features, only works on the iPad Air 2, Apple's latest iPad, which starts at $499 and was released last fall. 

The cynic would say the fact that the new features, which are part of a software update coming later this year, only working on the latest and greatest iPads is a ploy to get you to upgrade your iPad. Apple has struggled with relatively sluggish iPad sales — the company still sells millions each quarter, more tablets than any other single company — but sales continue to fall…

…Of course, using two apps at the same time, or watching a video in the background while doing something else on your iPad, certainly requires more processing power than just using one app, so it may be that the features only work well enough for Apple to include it on its latest and most powerful iPad.


Yeah, but the cynic will disregard that sort of logical argument. All software can run on all hardware, regardless of age, according to the cynic.
ipad  software 
june 2015 by charlesarthur
Toyota unintended acceleration and the big bowl of “spaghetti” code » Safety Research & Strategies, Inc
[Embedded software expert Michael] Barr testified:

"There are a large number of functions that are overly complex. By the standard industry metrics some of them are untestable, meaning that it is so complicated a recipe that there is no way to develop a reliable test suite or test methodology to test all the possible things that can happen in it. Some of them are even so complex that they are what is called unmaintainable, which means that if you go in to fix a bug or to make a change, you're likely to create a new bug in the process. Just because your car has the latest version of the firmware -- that is what we call embedded software -- doesn't mean it is safer necessarily than the older one….And that conclusion is that the failsafes are inadequate. The failsafes that they have contain defects or gaps. But on the whole, the safety architecture is a house of cards. It is possible for a large percentage of the failsafes to be disabled at the same time that the throttle control is lost."

Even a Toyota programmer described the engine control application as “spaghetti-like” in an October 2007 document Barr read into his testimony.

Koopman was highly critical of Toyota’s computer engineering process.


Remember how shonky the interfaces for VCRs and DVDs were? What if the people who did those were writing your car code? What if they already are?
cars  programming  software  embedded 
june 2015 by charlesarthur
Boeing 787 Dreamliners contain a potentially catastrophic software bug » Ars Technica
Dan Goodin:
A software vulnerability in Boeing's new 787 Dreamliner jet has the potential to cause pilots to lose control of the aircraft, possibly in mid-flight, Federal Aviation Administration officials warned airlines recently.

The bug—which is either a classic integer overflow or one very much resembling it—resides in one of the electrical systems responsible for generating power, according to memo the FAA issued last week…

…The memo doesn't provide additional details about the underlying software bug. Informed speculation suggests it's a <a href="https://twitter.com/floatingatoll/status/594177816423346176">signed 32-bit integer overflow</a> that is triggered after 231 centiseconds (i.e. 248.55 days) of continuous operation.
faa  software  overflow  bugs 
may 2015 by charlesarthur
Samsung Gear Fit, or hardware obsoleted by software » Glazblog
Daniel Glazman has one - released with the Galaxy S5 on 11 April 2014. But he's not happy:
The Gear Fit has a few downloadable extensions, based on a SDK also released a year ago. The fact extra apps can be created and maintained is a very important indicator of not only the market success of a given device, but also of the obsolescence of the device.

That SDK is not available any more from http://developer.samsung.com, as it is confirmed <a href="http://developer.samsung.com/forum/board/thread/view.do?boardName=SDK&messageId=272382">here</a>. And it's not a very recent change. Samsung then turned obsolete - because of software - a hardware they released less than a year ago. From a customer's perspective (again, I bought that device), that's pretty shocking.

The Samsung Gear Fit is still available everywhere here in France, from Orange stores to supermarkets. But it's a dead duck without a SDK. Don't buy it.
samsung  software 
april 2015 by charlesarthur
gotofail and a defence of purists » Lockstep
Remember the "gotofail" bug in Apple's iOS 7? Stephen Wilson wrote this at the time, considering his history writing software for implantable defibrillators:
I want to suggest that all software is tragically fragile. It takes just one line of silly code to bring security to its knees. The sheer non-linearity of software – the ability for one line of software anywhere in a hundred million lines to have unbounded impact on the rest of the system – is what separates development from conventional engineering practice. Software doesn’t obey the laws of physics. No non-trivial software can ever be fully tested, and we have gone too far for the software we live with to be comprehensively proof read. We have yet to build the sorts of software tools and best practice and habits that would merit the title "engineering".

I’d like to close with a philosophical musing that might have appealed to my old mentors at Telectronics. Post-modernists today can rejoice that the real world has come to pivot precariously on pure text. It is weird and wonderful that technicians are arguing about the layout of source code – as if they are poetry critics.

We have come to depend daily on great obscure texts, drafted not by people we can truthfully call "engineers" but by a largely anarchic community we would be better off calling playwrights.
coding  software 
march 2015 by charlesarthur
BMW fixes security flaw in its in-car software » Reuters
Edward Taylor:
BMW said officials at German motorist association ADAC had identified the problem, which affected cars equipped with the company's ConnectedDrive software using on-board SIM cards - the chips used to identify authorised users of mobile devices.

BMW drivers can use the software and SIM cards to activate door locking mechanisms, as well as a range of other services including real-time traffic information, online entertainment and air conditioning.…

…cybersecurity experts have criticized the automotive industry for failing to do more to secure internal communications of vehicles with network-connected features.

The danger, they say, is that once external security is breached, hackers can have free rein to access onboard vehicle computer systems which manage everything from engines and brakes to air conditioning.

They fear it is only a matter of time before hackers might break into wireless networks on cars to exploit software glitches and other vulnerabilities to try to harm drivers.


<a href="http://twitter.com/0xcharlie">Charlie Miller</a>, ex-NSA, is very interested in hacking cars - just to see what can be done. He was the person who showed publicly how to hack the iPhone back in 2009. So what he's thinking, the NSA - and many others - probably are too.
cars  software  hacking 
february 2015 by charlesarthur
My thesis on Microsoft >> Beyond Devices
Jan Dawson:
I see a downward trajectory over time in sales of Windows in total, even accounting for the many different form factors Windows runs on. As such, last quarter’s poor performance in Windows sales is much more indicative of the longer-term trend than short-term headwinds. I see Windows 10 slowing the decline a little, but I actually think the free upgrades could stall or postpone new device purchases for some users, which may be counterproductive in the short term. I don’t see Windows 10 solving any of the fundamental challenges I just outlined.

Software sales to consumers will shrink to zero

To my mind, the other major question about Microsoft’s future is its ability to continue to sell software to consumers for a price. I’ve talked for some time now about the fact that, in Microsoft’s two major software categories (OS and productivity), its two major competitors and essentially every other company now give their software away for free.


Hard to argue with any part of this. The downward pressure on Microsoft is inescapable. Strange that at a time when software is eating the world, the ability to charge for it is vanishing.
microsoft  software 
january 2015 by charlesarthur
iOS 8 Share extensions will *only* show up if they explicitly support *all* of the provided activity items · Issue #5 · tumblr/ios-extension-issues >> GitHub
<blockquote class="quoted">Here’s how we think this should work, using the Tumblr app as an example:

The user long-presses on a photo
We put the image data, the posts’s URL, and maybe a text summary of the post, all in the activity items array
We’d expect share extensions that support either image data or URLs or text to all show up in the activity controller
What actually happens is that only share extensions that explicitly support images and URLs and text will show up.

Hard to figure out if this is something which Apple should tweak, or where developers just have to knuckle under and roll with. (The latter will probably happen.) That said, I've found Extensions on iOS 8 to be just right - not too many, not too intrusive.
ios8  extensions  software 
november 2014 by charlesarthur

Copy this bookmark:





to read