look up from that smartphone

Found via Tim Moore. Click to see the source.

this article also appears in the GSG blog

{ 0 comments }

san francisco housing crisis

If you’re looking for some deep insight into the current fight in San Francisco over housing, gentrification, haves vs. have-nots, and techies vs. everyone else, Kim Mai-Cutler has written an excellent really-long-form piece on the various factors that contributed to the current situation. It’s not just the influx of techies moving in for cushy jobs and the long-time working class locals they’re displacing, but also:

  • “The Great Inversion”: the current migration to cites in general,
  • a willingness to create jobs matched by an equal unwillingness to creating housing,
  • San Francisco’s byzantine planning process and zoning regulations,
  • San Francisco’s city government,
  • people’s tendencies to live in their own bubbles,
  • rich non-techies trying to keep development to a minimum,
  • progressives who refuse to believe in supply and demand,
  • environmentalism as an excuse to curb development,
  • a lack of affordable housing,
  • incentives that fuel that lack of affordable housing,
  • the city’s poor shape in 1978, compounded by Reverend Jim Jones (yes, the “drinking the Kool-Aid” guy), the murder of Harvey Milk, gas lines from the Iranian crisis, and Howard Jarvis’ tax revolt,
  • incredibly low property and corporate taxes,
  • the complex effect of rent control, especially with the lack of vacancy control,
  • an economy prone to booms and busts,
  • the Ellis Act, an act explicitly designed to let landlords go out of business, and its abuses,
  • resentment against incoming techies, their amenities, and the businesses that seem oriented solely towards them, and
  • the “new nativism”.

It’s a big, complex mess, but as Mai-Cutler points out a couple of times in her long essay, it doesn’t have to be this way. At the end of her piece, she makes some calls to action:

  • To techies: To participate in the communities in which they now live, and participate in San Francisco’s civic life, as other companies like The Gap, Levi Strauss, and Salesforce have done, and to understand that there are locals who could benefit from their help.
  • To homeowners: Enough with the NIMBYism and generation theft, already!
  • To activists: You can’t logically fight both development and displacement. Worse, your antagonism will force deals to take place behind closed doors.

sfba upward mobility

Mai-Cutler points out that one of the reasons San Francisco, like many other cities, is attractive to all sorts of people is that it provides opportunities not just for the rich, but for the poor as well. While the income inequality in the San Francisco Bay Area is distressing, it’s also an area with the highest chance that someone in the bottom 20% will end up in the top 20%. WhatsApp founder Jan Koum is probably the most recent high-profile example.

I’m going to finish with the closing paragraphs of her article:

In conclusion: The crisis we’re seeing is the result of decades of choices, and while the tech industry is a sexy, attention-grabbing target, it cannot shoulder blame for this alone.

Unless a new direction emerges, this will keep getting worse until the next economic crash, and then it will re-surface again eight years later. Or it will keep spilling over into Oakland, which is a whole other Pandora’s box of gentrification issues.

The high housing costs aren’t healthy for the city, nor are they healthy for the industry. Both thrive on a constant flow of ideas and people.

So while Google may not be opening a giant office in Detroit anytime soon, the people of Detroit and the Midwest are coming here.

I meet them every day.

There are people like Brian Clark, who actually did move from Detroit, and was living off various hackathon winnings while teaching coding in MissionBit’s after-school programsfor San Francisco’s public school students. Earlier this spring, he was literally sleeping on friends’ couches, eating one meal a day. But he won the Launch Hackathon and now has initial funding for a new startup called Vue, a mobile feedback and user engagement tool he built.

Or like Rey Faustino, who I wrote about last month. He grew up in a working-class family in Southern California that relied on social services to make ends meet. Now he’s working on fixing the problems he remembered as a child through One Degree, which is a Yelp-like platform that helps Bay Area families find the right non-profits and social services for them. It’s supported by Y Combinator and has thousands of users. 

Many of the people who come here will stay, and make vital contributions for decades through their work, their taxes and their charitable contributions. Some will come for awhile and then go back and invigorate entrepreneurial ecosystems back home. This circulation of creative talent is crucial not only for the Bay Area, but for the rest of the United States.

I would not want to deny anyone — rich or poor — the chance to transform or be transformed by this place.

Read the article. It’s fantastic food for thought.

{ 0 comments }

Windows Phone 8.1 Reviews

windows 8.1 reviews

In Ars Technica, Peter Bright writes this about Windows Phone 8.1: ”Windows Phone 8.1…has a lot of work to do. It needs to take further steps along the path toward Microsoft’s vision of a unified operating system. It needs to work better on a wider range of hardware to both strengthen its position at the low end and give it a chance of making inroads at the high end. It needs to also offer features: it needs to do things to get people talking about the platform while attracting both users and developers. Remarkably, Windows Phone 8.1 delivers on all fronts.

Here’s how his review ends:

The result feels a whole lot more mature and a whole lot more capable than its predecessor. The 0.1 version bump, chosen to align the phone platform with its desktop sibling, belies the true nature of this upgrade. It is substantial, and makes Windows Phone tremendously better.

We might still wish that there were a few more apps, and that developers spoke of the platform in the same breath as iOS and Android, but even in spite of this, Windows Phone 8.1 is a polished, fun, clever, and personal smartphone platform that’s just about everyone can enjoy. It’s a magnificent smartphone platform.

windows 8.1 verge summary

The Verge’s summary of Windows 8.1. Click to see at full size.

David Pierce reviewed Windows Phone 8.1 for The Verge. He says that with 8.1, Microsoft have an mobile operating system worth switching to; the problem is actually getting people to switch. “Microsoft is still without a truly killer, can’t-live-without-it app,” he writes, “iOS and Android may not have one either, but they have market share on their side; Microsoft needs to swing bigger.”

Pierce wraps up his review with this:

Windows Phone 8.1 is a good operating system. It can’t hide the still-lacking Windows Phone Store, which simply still doesn’t have the quantity or quality or timeliness of apps that Android and iOS do, but it goes a long way toward making Windows Phone feel competitive. It feels finished now, really for the first time. It gives Microsoft its best chance yet to attract the billions of people who haven’t yet bought a smartphone. But Microsoft hasn’t changed the game here, only proven it can play; Windows Phone 8.1 will make a lot of Windows Phone 8 users very happy but won’t make anyone at Google or Apple sweat.

windows phone 8.1 02

In his review for Engadget, Brad Molen says with 8.1, Windows Phone feels complete for the first time. ”There are no more gaping holes in its features or functionality; I can now use Windows Phone without feeling like I’m giving up something I’d otherwise enjoy on an iPhone or Android device.” As with the other reviews, he praises Windows Phone’s “Cortana” virtual assistant, the new notification center, the new gesture-sensing keyboard, and the other features that make 8.1 feel more polished than its predecessors.

He closes with:

Of course, Microsoft still has plenty of challenges ahead. After all, it’s still unclear what kind of changes will happen to Windows Phone after the Nokia acquisition is finalized, and we still haven’t seen a ton of manufacturers announce new hardware yet, despite Microsoft’s claim that there’s renewed interest in the platform. The OS has struggled to grow since its conception and is just now starting to hit double digits in market share (in certain regions, anyway). My hope is that this update ushers in a change in momentum for Microsoft. With new leadership, a better product and the company’s “One Microsoft” vision, Windows Phone 8.1 could easily be the boost the company so needs right now.

cortana

And finally, here’s how Eric Limer wrapped up his review for Gizmodo, which is tellingly titled Gloriously Good Enough:

There’s not much in Windows 8.1 to make it appealing over other options, and if you’re a true fanboy on either side of the iOS/Android divide, Windows Phone 8.1 offers little reason to switch.

But! If you are OS-curious and Windows Phone hardware calls to you—specifically the 1020′s camera magic—8.1 finally makes that a fling worth having. The inclusion of a notification center and voice assistant finally makes the entire operating system feel natural and full in a way it never did before. The update to 8.1 makes Windows Phone not only average, but inclusive to people who “grew up” with other operating systems in a way that’s really promising for the future of Windows Phone, and the future of the mobile OS power-balance on the whole.

Here are the links to all the reviews above, plus a couple more:

Battle of the virtual assistants: Cortana vs. Siri vs. Google Now

assistant battle

With Windows 8.1 comes Cortana, the virtual assistant that borrows not just its name, but the voice actor who played the artificial intelligence of the same name from the Halo game series. C|net’s Jessica Dolcourt has an article in which she compares Cortana against the virtual assistants from Android (Google Now) and Apple (Siri).

Before the iPhone, Android didn’t have touchscreen support

android sooner off

Android 2006 “Sooner” device, powered down. Click the photo to see it at full size.

One of the interesting side effects of the Apple-vs.-Samsung patent infringement suit is the exposure of confidential documents that give us a look into both companies’ thinking, strategies, intentions, and what kept them up at night. We’ve looked at some of these documents in earlier posts on this blog, from Apple and from Samsung.

Re/code has reported on the latest internal company document to be exposed, which comes from neither Apple nor Samsung, but from Android’s creator, Google. Titled Android Project Software Functional Requirements Document and dated July 6, 2006, and it’s a pretty good overview of the Android operating system as it was conceived and being implemented back around that time, six months before the keynote during which Steve Jobs introduced the iPhone.

In that document is a notable passage about Android’s approach to touchscreens at that time:

Touchscreens will not be supported. The product was designed with the presence of discrete physical buttons as an assumption. However, there is nothing fundamental in the products architecture that prevents the support of touchscreens in the future.

Instead, what they envisioned was a product similar to the flagship smartphones of that era, with physical keyboard, “pick up” and “hang up” buttons, and a D-pad for navigation. Here’s Steve Jobs from the 2007 iPhone keynote, showing these phones:

steve jobs and 2006-era smartphones

Seen today in 2014, it’s no longer a set of flagship smartphones, but a “Where are they now?” gallery of once-dominant smartphone manufacturers.

Here’s the Android hardware reference device, codenamed “Sooner”, which would’ve been the model for Android hardware partners to follow:

android sooner on

Android 2006 “Sooner” device, powered up. Click the photo to see it at full size.

Things changed after the iPhone keynote. Here’s an excerpt from Fred Vogelstein’s book, Dogfight: How Apple and Google Went to War and Started a Revolution:

On the day Jobs announced the iPhone, the director of the Android team, Andy Rubin, was six hundred miles away in Las Vegas, on his way to a meeting with one of the myriad handset makers and carriers that descend on the city for the Consumer Electronics Show. He reacted exactly as DeSalvo predicted. Rubin was so astonished by what Jobs was unveiling that, on his way to a meeting, he had his driver pull over so that he could finish watching the webcast.

“Holy crap,” he said to one of his colleagues in the car. “I guess we’re not going to ship that phone.”

And they didn’t.

Here’s the full Android Project Software Functional Requirements Document:

this article also appears in the GSG blog

{ 0 comments }

heartbleed

By now, you’ve probably read an article or seen a TV or video report with the logo for “Heartbleed”, the popular name given for the security vulnerability in OpenSSL, a popular piece of software in situations where secure communications between computers is required. This may be the first time that such a bug has merited its own logo.

First, you should know that Heartbleed is not a malicious piece of software like a virus or trojan, nor is it the name of an organization of malicious techies trying to break into systems. It’s a programming mistake in widely-used software that malicious techies can take advantage of.

browsers and https

If you’ve ever bought something online, done online banking, checked your email, or even checked your Facebook or Twitter account, you’ve made use of OpenSSL. Whenever you visit a site whose URL begins with https:// rather than http://, not only do you see the lock icon in the address bar, you’re making use of software that follows the TLS/SSL protocols that specify how to encrypt data. By following these protocols, your communications with that site is scrambled in transit so that it’s incredibly, incredibly, incredibly difficult for an unauthorized party to read or alter it.

decoder ring

The protocols are just “recipes” for encrypting data; someone has to write software that follows those recipes to actually make the protocols work. Think of the protocols as the formulas, and software like OpenSSL as a sort of “decoder ring” that follows those formulas to encrypt and decrypt data. OpenSSL is one of the more popular decoder rings out there, as it’s available free of charge and it’s open source, meaning that anyone can examine its underlying code to see how it works, and ideally, find flaws and make improvements.

If you use a mobile phone or participate regularly in a conference calls regularly, you’ve probably had a moment where you heard nothing on the other end of the line and asked “Are you still there?” If someone answers back, you know the connection’s still there and all is good. If not, you have to hang up, call them back, and in the case of a conference call, enter your login credentials all over again.

This sort of thing can also happen with secure TLS/SSL communications, and the way the problem is resolved in a similar fashion. One computer asks the other computer “Are you still there?”. The other computer should send a response, saving the first computer from assuming that the connection was broken. As with phone conversations, it’s far less costly in terms of computer resources to check if there’s still someone active on the other end than to re-establish the connection.

In TLS/SSL, the “Are you still there?” check is called the heartbeat, which, like a human, is something you check to see if s/he is still alive. In the TLS/SSL heartbeat, the computer that wants to know if the other one is still on the line sends a heartbeat message. This message contains two things:

  • Some data, which can be as little as a few bytes and as much as 65,535 bytes, and
  • A number representing a number of bytes of the sent data to repeat back to the first computer

Typically, the first computer sends a heartbeat message made up of x bytes, and some number less than or equal to x, and if the other computer is still connected, it will repeat the first x bytes of the data that it received. The “repeat the first x bytes of what I sent you” does more than just confirm that the other computer is still on the line; it also helps prove that no one is altering the data in the exchange between the two computers.

trick question

There’s a history of computer security breaches brought about by “fooling” some software with a “trick question”. The vulnerability in OpenSSL that we know as Heartbleed is exploited by such a trick question that came about when some clever techie asked this question:

What would happen if I sent a heartbeat with a certain number of bytes of data, but lied and said that the data was much much bigger? What would I get back?

The end result is explained quite well by the latest installment of the nerd-centric webcomic XKCD:

xkcd - heartbleed

Suppose the sending computer sends a heartbeat message that is 5 bytes long, but lies and says it’s 500 bytes long. The receiving computer takes the first computer at its word and returns 500 bytes of data. That data can’t come from just anywhere; it has to come from somewhere in the responding computer’s memory. The first 5 bytes it returns is the data sent from the first computer. The next 495 bytes is from the chunk of memory that immediately follows. That memory could contain anything, which may include passwords, confidential data, or even the keys necessary to decrypt the secure connection. If you repeat this trick often enough, you can extract all sorts of data from the receiving computer without its knowledge.

It’s kind of like dealing with a gullible bank teller and say “The bank account attached to this account number is mine…and so are the bank accounts for the next four account numbers. And I’d like to withdraw all the money from all of them, please.”

At this point, you may have figured out how the vulnerability got the name “Heartbleed”: it’s in OpenSSL’s implementation of TLS/SSL heartbeat, and it leaks information.

what now

At this point, you’re probably asking “What should I do now?”

  • While you should start thinking up new passwords, don’t update your passwords with certain sites or services until you can confirmed that they’ve fixed the bug on their systems. Many organizations are still fixing this bug in their systems, and until they do so, changing passwords for those systems is useless.
  • Remember that it’s not just web sites that are affected, but anything that uses OpenSSL to do secure communications. Unfortunately, that’s lots of things, including databases, mobile devices, and internet-connected appliances. You’re going to have to keep an eye out for updates from all sorts of services, vendors, and providers.
  • Beware of scammers! The fear brought about by Heartbleed will probably give con artists an opportunity to try and sell scam “Heartbleed solutions” or “Heartbleed anti-virus” fixes that do nothing but take their money and maybe their personal information or access to their computer.

If you’d like to find out more about Heartbleed, here’s some recommended reading:

this article also appears in the GSG blog

{ 0 comments }

vaya con ios
I’ve been meaning to get back to regularly featuring articles on programming, and there’s no better time than the present! Global Nerdy will feature a regular category of articles called “Vaya con iOS” (a play on the Spanish blessing, vaya con Dios), which will be about various aspects of iOS development. There’ll also be an Android development category, which you should start seeing in a couple of days.

Let’s get started, shall we?

grand central dispatchGetting the hang of GCD

Once upon a time, if you wanted concurrency in your apps, you’d have to use threads. With modern Cocoa systems, which include iOS 4 and later, you have another option: Grand Central Dispatch, or GCD for short. GCD lets you define tasks — functions or blocks — that can be queued for parallel execution on available processor cores, while keeping your code relatively simple and free of all the “yak-shaving” that comes with managing and scheduling threads.

If you’ve been meaning to learn how to program with GCD, Ray Wenderlich’s site has a couple of tutorials that you should find helpful:

Avoiding the “staircase of doom”

staircase of doom

There are a number of times in Objective-C programming where you end up having one completion block containing another, which contains another, and so on, and in the end, you have to close them all with what Richard Turton calls on his blog, Command Shift, the “staircase of doom”:

                }];
            }];
        }];
    }];
}];

“Any time you see this in your code,” writes Turton, “you’re doing it wrong.”

He’s got a couple of articles on avoiding the staircase of doom in certain situations:

  • Using dispatch groups to wait for multiple web services: If your app needs to make a number of web services calls, all independent and started by a single method, Turton suggests using a dispatch group to do the job. “A dispatch group monitors work that has been added to it,” he writes, “and it will know when that work is done.”
  • Stop nesting animation blocks: ”Chaining animations together has always been a little bit awkward. You’d do the first step, then in the completion block, do the second step, then in that completion block, do the third step, and so on, until you close it all off with a staircase of doom.” Or you could use the animateKeyFramesWithDuration:options:animations:completion: method, and he shows you how to do it.

Talking to the user and other machines

talk iconTwo of the more recent articles on NSHipster cover communication-related classes:

  • AvSpeechSynthesizer: “Introduced in iOS 7, AVSpeechSynthesizer produces synthesized speech from a givenAVSpeechUtterance. Each utterance can adjust its rate of speech and pitch, and be configured to use any one of the available AVSpeechSynthesisVoices.”
  • NSURL / NSURLComponents: ”Here [in a URI], in a single, human-parsable string, is every conceivable piece of information necessary to encode the location of any piece of information that has, does, and will ever exist on a computer…A solid grasp of network programming is rooted in an unshakeable familiarity with URL components. As a software developer, this means having a command over the URI functionality in your programming language’s standard library. If a programming language does not have a URI module in its standard library, run, don’t walk, to a real language that does.

{ 1 comment }

How to REALLY install the Windows 8.1 update

by Joey deVilla on April 9, 2014

windows 8.1 update

Yesterday, Tuesday, April 8th, 2014, Microsoft released Windows 8.1 Update, the first update for Windows 8.1 (which in turn was an update for Windows 8). Yes, they could’ve named it Windows 8.2 to make things a little more clear, but this is the company that named the 2009 version of Windows Server “Windows Server 2008 R2″ and the 2013 version “Windows Server 2012 R2″.

Windows 8.1 update, which has been called “the spring update” to help clear the name confusion Microsoft caused, is important for a couple of reasons:

The update is free, but getting it can be tricky. This guide is here to help.

How NOT to get the update: Windows Store

Many announcements say you can download the Update from Windows Store, but when I searched for Windows Update on the Store, the top result I got was this fakety-fake app made by some independent developer with the deceptive name “Windows Update.” (the period is part of the name):

fake windows update

Click to see the fakery at full size.

This is the sort of deceptively-named bait-and-switch that Windows Store’s vetting process is supposed to catch! I did more searching and was unable to find the Update app. I decided to update Windows 8.1: the old fashioned way, via Control Panel. It’s how you got updates before the Metro/Modern interface era, and it’s still built into Windows.

Getting the Update via Control Panel

Go to the desktop and push your cursor into the upper right-hand or lower right-hand corner of the screen. The Charms bar will appear; click the Settings charm:

windows update 01

The Settings menu will appear. Click the Control Panel menu item.

windows update 02

The Control Panel window will appear. In the search box near the upper right-hand corner of the window, type windows update and hit the Enter key. A list of options should appear along the left of the window; click on the Check for updates option. Make sure you’re connected to the internet at this point, otherwise it won’t work:

windows update 03

Click the image to see it at full size.

Your system will check for updates, after which you’ll see something like the screenshot below. Click on the important updates are available link:

windows update 04

Click the image to see it at full size.

You’ll see a list of the available updates that are considered important. Make sure that the ones in the Windows 8.1 category are checked, then click the Install button:

windows update 05

Click the image to see it at full size.

And now, you play the waiting game…

windows update 06a

Click the image to see it at full size.

…and continue to play…

windows update 07

Click the image to see it at full size.

…and finally, when the download and installation process are done, restart your computer by clicking the Restart button.

windows update 08

Click the image to see it at full size.

I keep my system up-to-date with automatic updates, and even so, it turned out that I needed updates prior to installing the Windows 8.1 Update. To be certain, repeat the process to get to Control Panel and check for updates. Click the important updates are available link when you get to it, and if you see a Windows 8.1 update with the ID KB2919355, make sure it’s checked. That’s the Windows 8.1 update. Click the Install button:

windows update 09

Click the image to see it at full size.

If you didn’t see any updates the second time around, you may not need them. Skip ahead to How to confirm that Windows 8.1 Update was installed to check.

You’ll wait through the usual download and install process, after which you’ll be asked to restart your computer. When that happens, you should see something like this:

windows update 10

…followed by this:

windows update 11

…and finally, you’ll get into Windows. Let’s make sure that it worked.

How to confirm that Windows 8.1 Update was installed

One of the keyboard/mouse-friendly features of Windows 8.1 Update is making the Taskbar available even in “tile mode”. Put Windows in “tile mode” by tapping on the Windows key. Move the cursor down, as if you’re trying to move it past the bottom of the screen. The Taskbar should appear, which means that yes, you’ve got Windows 8.1 Update!

windows update 12

Click the image to see it at full size.

{ 1 comment }

The most dangerous phrase in the language is…

by Joey deVilla on April 9, 2014

This photo’s been floating about Twitter and other online venues for the past couple of weeks. We’re firm believers in this philosophy, so we’re more than happy to share it with you:

the most dangerous phrase

The quote is attributed to Rear Admiral Grace Hopper, whose achievements in tech are notable. Here’s the first paragraph of her Wikipedia entry:

grace hopperGrace Murray Hopper (December 9, 1906 – January 1, 1992) was an American computer scientist and United States Navy rear admiral.[1]A pioneer in the field, she was one of the first programmers of the Harvard Mark I computer, and developed the first compiler for a computer programming language.[2][3][4][5][6] She popularized the idea of machine-independent programming languages, which led to the development of COBOL, one of the first modern programming languages. She is credited with popularizing the term “debugging” for fixing computer glitches (inspired by an actual moth removed from the computer). Owing to the breadth of her accomplishments and her naval rank, she is sometimes referred to as “Amazing Grace”.[7][8] The U.S. Navy destroyer USS Hopper (DDG-70) is named for her, as was theCray XE6 ”Hopper” supercomputer at NERSC.

this article also appears in the GSG blog

{ 0 comments }