26 July 2012

Mac v PC

I'm hesitant to write this piece, because there are a lot of people out there who don't analyse functionality - they just adhere to brand preference. It's a bit like the Holden v Ford wars of the 80's.

Anyway, I own a new Mac Mini with 8 GB of RAM and Mountain Lion (as of today), an older Mac Mini with Leopard, and a bunch of Windows 7 machines. I even have a Windows 8 preview, which I can't stand and never use.

I think Mac OS X is not as convenient to use as Windows 7. I think Ubuntu 12.04 is not as convenient to use as Windows 7. I would never by choice use either as a day to day machine. I think OS X is a terrible operating system - as bad as Ubuntu.

There, I've said it. But why? Now, bear in mind that I suspect many of my complaints can be fixed with tweaking, but I don't tweak Windows 7 either.

For document management, the Finder is truly awful. Each of the views in the Finder doesn't display all of the information you need, nor the display you last requested.

Even something as simple as "Don't reopen my windows on next boot" is simply ignored by the Finder. EVERYTHING friggin' opens all the time without me requesting it.

Reopening documents I've finished with is even worse.

Cut and paste files? It seems to work in some scenarios but not others.

Connect to an SMB/CIFS share? Not only is it stupidly slow to connect, it takes 20 seconds to enumerate a file listing that takes 1 second on my slowest Atom powered netbook. Is Apple trying to be funny?

The moment you don't want Apple's defaults - say, moving your music folder, you need to learn about UNIX symbolic links. On Windows you right-click and re-home the folder.

The stupid Finder file views don't make any sense at all.

Desktop web shortcuts always default to Safari - why can't I make them open in Chrome?

Sherlock on the Mac has always been superior to any other OS - that's one good thing.

The Dock is a very odd and not very intuitive GUI element. And by the way, the incredibly subtle little dot underneath running apps is an exercise in modesty. I don't know how to improve the Dock, but it just doesn't feel right.

My Mac is every bit as unstable as every Windows 7 machine I've used. It freezes just as often - say, every fortnight or so.

I'll add to this post over time, but really, five months with the Mac and OS X has made me realise that Windows 7 is the best currently available.

22 July 2012

Cyberspace August 2012

I regularly revisit technology that I think has potential but hasn't made it yet. In the mid-90s I wasted a lot of time on voice recognition on the Macintosh, and asking the computer what time it was usually ended up in launching WordPerfect. I've done the same with Linux over the years, and a recent trial of Ubuntu 12.04 reminded me why I still don't use it.

I decided to revisit voice recognition this year, and purchased Dragon NaturallySpeaking 11.5 Premium (available for Windows and Macintosh). I normally use it wearing a headset at my computer, but there is an iPhone client which allows you to dictate as if you were speaking on the phone, and later upload dictation for transcription later. The voice recognition is very accurate, and after learning the basic set of commands I can navigate my PC, open and close applications, dictate magazine articles, and look at documents rather than the computer while dictating, just as I would do with a normal handheld dictaphone.

Is this more productive? I think it is - I recently wrote a 3,000 word paper using the system and I believe I saved approximately one third of the time I would have taken to type it myself, despite being a fast typist. I can now read, look at other documents, use both hands with a book and avoid common spelling mistakes while getting my thoughts down. It is reasonably tolerant of background noise and regularly processes the dictation it receives to create a voice and audio profile that seems to negate some of the effect of working in an open plan office. The transcription is context sensitive, so it makes fairly accurate judgements as to whether I want to use for or four, and it can insert commas and full stops for you. If it struggles with a word you can spell it and it will remember that word and all your particular pronunciation of it. The main requirement is to speak clearly, because it is not as intelligent as your secretary - however that does not mean that you need to speak like a robot. On the contrary, it prefers you to speak naturally in full sentences so that it can understand the context of the words you dictate.

Would I recommend it to another lawyer? Yes. It provides the freedom of dictation with instant results.If you are happy to go back and revise it yourself you can get a lengthy document out quite quickly. I haven't fully explored all the commands available or the customisations you can carry out, so that inserting footnotes and other rather specialised activities are still a manual process for me but I have no doubt that I will master those in time as well. I can even open an e-mail in Outlook, reply and send the reply all without touching the keyboard. It works in most applications, including browsers, so if you use Web based e-mail you can still dictate. It can also scan your e-mails to learn the names of people you correspond with, so you can say "new e-mail to Joe Bloggs" and it will understand who that person is and his e-mail address.
One particularly interesting modification you can make is to set up commands that will automatically insert boilerplate content or signatures and logos. For example, you may have a standard limitation of liability clause for trusts – you can insert a whole page with one command.

Both Windows 7 and the next version of OS X, Mountain Lion, have built-in dictation abilities. However, they are not sufficiently advanced to use in practice. You may be able to make them work, but the cost in time will far outweigh the cost of buying a dedicated product.

18 July 2012

Arcane Spellcaster

I bought an Android TV dongle from Kogan recently. The setup wizard is described as follows:

"Simple arcane spellcaster"

Who's been playing too much World of Warcraft?

Cyberspace July 2012


You might recall that in October last year First State Super (FSS) responded to a report from one of its members that he was easily able to access other members’ statements, because the website used a “direct object reference” style of programming. This is a very simple way of extracting data from a database, but it means that the “key” is in the URL, and it is easy for a user to change the key simply by typing in the URL bar. This happened in 2000 to the ATO, which is used the ABNs as the key in the URL. According to the Sydney Morning Herald, FSS responded with legal threats against the member. The technology community expressed outrage however, as the security breach apparently was due to direct object reference coding.

The Privacy Commissioner conducted an own motion investigation and recently reported that while FSS had not breached National Privacy Principle 2, it had breached Principle 4.1. FSS had outsourced its IT systems to a third party, Pillar, who had conducted over 200 security tests, but had not tested the website in question. The Privacy Commissioner concluded that there had been a breach of Principle 4.1 due to the limited testing, leading to a failure to have adequate security measures in place.this

There are a few lessons from this case. The first is that outsourcing IT by you or your clients will not protect one from a finding of breach due to a failure by the outsourcing company. While you may obtain warranties and indemnities from the IT company, this will not protect you from reputation damage.

The second lesson is to ensure that you do have adequate warranties and indemnities from the IT company. You should also ensure that such insurance cover as is available is held by the outsourcer so that the indemnities are actually worth something.

The third lesson is to become involved in the security regime, and not merely leave it to the contractual position. This will probably involve gaining access to a great deal of confidential information and intellectual property held by the IT company. While there may be reasonable resistance to this, it should not deter you from satisfying yourself that your or your clients’ personal information is adequately protected. In particular, a suitably qualified person should understand the technology used, the ownership of the hardware and software, the testing regime and be able to understand the results of testing. Bear in mind that Pillar had conducted over 200 tests, but had failed to test the system that ultimately failed.

Depending on the nature of the system outsourced, it may be worth treating the systems as if they were an asset during the due diligence. If software was the primary asset being purchased you would want to understand the commercial value based on quality, security, ownership of intellectual property and the ability to adequately maintain the software.

A final lesson is in how FSS ultimately responded to the event. The Privacy Commissioner publishes a data breach notification guide, and FSS carried out many of the steps in the guide. These included: understanding the extent of the breach, resolving the flaw immediately, contacting the police, seeking assurance from the member that the information had been destroyed, engaging a penetration testing consultant, and updating policies and processes. While some components of the response were probably a bit wanting, they showed sufficient effort that the Privacy Commissioner ceased his own motion investigation.  They also no doubt had the desired effect of ensuring that the member did not carry out the same activities again.