Long-form Reading 2011

Here are some long-form articles I've enjoyed this year.

The Hazards of Nerd Supremacy: The Case of Wikileaks (theatlantic.com)

The Octopus Conspiracy: One Woman's Search for Her Father's Killer (wired.com)

Confessions of a Prep School College Counselor (theatlantic.com)

The Great Rubber Robbery: How Julius Fromm's Condom Empire Fell to the Nazis (berlinbooks.org)

Bursting the Bubble (about David Vetter, the "Bubble Boy", houstonpress.com)

The Stutterer: How He Makes His Voice Heard (slate.com)

The Day The Movies Died (gq.com)

Man vs. Machine on Wall Street: How Computers Beat the Market (theatlantic.com)

Authorities in Awe of Drug Runner's Jungle Build, Kevlar-Coated Supersubs (wired.com)

Kiki Kannibal: The Girl Who Played With Fire (rollingstone.com)

The Battle for Tora Bora (tnr.com)

The Humility Imperative: CEOs Keep Your Arrogance in Check (inc.com)

How to Land Your Kid in Therapy (theatlantic.com)

How One Man Hacked His Way Into the Slot-Machine Industry (wired.com)

Cyber Weapons: The New Arms Race (businessweek.com)

Don't Be Evil (on google's narrowly conceived, yet handicapping motto, tnr.com)

A Few Too Many: Is there any hope for the hung over? (newyorker.com)

The Man With the $16 House (dallasobserver.com)

The Wrestler in Real Life (on Ric Flair's long decline, grantland.com)

Enter the Cyber-dragon (on how China is operating with impunity on America's defense and commercial computer networks, vanityfair.com)

Apple's Supply Chain Secret? Hoard Lasers (business week.com)

50 Years of Stupid Grammar Advice (thechronicle.com)

The Rise and Fall of the Columbia House Record Club -- and How We learned to Steal Music (thephoenix.com)

How a Financial Pro Lost His House (nytimes.com)

When Did the GOP Lose Touch With Reality? (nymag.com)

What is Sony Now? (businessweek.com)

The Pest Who Shames Companies Into Fixing Security Flaws (wired.com)

Thanks to Marco Arment's excellent Instapaper  service and iOS app for helping find and keep track of excellent reading material on the web.

Reading List 2011

I was using up all of my accumulated credits on Audible.com just now, and realized I've listened to several great audiobooks over the last year. Here's a list of what I've listened to in 2011, along with a link to the book on Audible.com. I recommend them all.

Judas Unchained, Peter F. Hamilton, Part 2 of the Commonwealth Saga (link)
The Gun, C. J. Chivers (link)
The Windup Girl, Paolo Bacigalupi (link)
Snow Crash, Neal Stephenson (link)
Embassytown, China Mieville (link)
Pattern Recognition, William Gibson (link)
Spook Country, William Gibson (link)
Zero History, William Gibson (link)

I'm pretty excited about my reading list for 2012 (and likely beyond--I had 12 credits to use), which I will share soon.

Multi-page Javascript Bookmarklet

[Disclaimer: I don't know crap about javascript, other than what I pieced together from the 'tubes.]
I read something somewhere (I don't remember where) about having a bookmarklet that automatically opens your favorite sites, each in their own tab, when you click on it. I wanted to set up my own, but the article didn't explain how to do it (just suggested it as an idea). It's actually pretty easy.  Below is commented code:

javascript:(function(){
  /* save a reference to the current window */
  oldWin=window;
  
  /*
   * Replace the current window's or tab's website with this one.
   * If you just want additional windows (or tabs) opened
   * skip this.
   */
  location.href='https://mail.google.com';
  
  /* Each additional window/tab you want opened */
  window.open('https://voice.google.com');
  window.open('http://www.accuweather.com');
   
  /* restore focus to the original tab, since each
   * new window gets focus
   */
  oldWin.focus();
})();

Paste this entire javascript fragment in as the address for your bookmark. It may be easier to bookmark an arbitrary page, then edit that bookmark's title and address.

On the Mac App Store and Sandbox Restrictions

Update: My friend, Chad, creator of Pear Note, has an interesting perspective that is much more in-depth than what I have written. While I don't agree with his conclusion, he is a successful full-time Mac developer where I have no Mac development experience. Also Chad has more SELinux background that I do.

There has been a lot of gnashing of teeth lately over Apple's forthcoming Sandbox restrictions on software sold through the Mac App Store. In the near future, applications sold through the Mac App Store will be confined by very restrictive security policies. These security policies will make it impossible for applications to do many of the things we are accustomed to applications being able to do, such as interact with other applications. Some have described this change, pejoratively, as the "iOS-ification" of the Mac. I think these people miss some important points.

I used to work at a company where most of my time involved developing either SELinux security policies (a technical mechanism that the operating system uses to restrict applications' behavior) or applications designed to be confined by SELinux policies. Unfortunately, although SELinux is extremely powerful, it isn't used to confine most Linux desktop applications. It exposes users to problems that are beyond their ability (or desire) to troubleshoot and fix. Having spent time working with under-appreciated access control mechanisms, I am really excited to see Sandboxes coming into the mainstream on an operating system known for its ease of use. This is a Good Thing for users.

SELinux is similar in some ways to Mac OS X's (and iOS's) Sandbox mechanism. These mechanisms enforce a system-wide security policy that cannot be overridden through traditional user-based file ownership and permissions. For example, an application executed by you shouldn't be allowed to change or delete all of your data (without asking you first) simply because you own the data. An unconfined application could be tricked into doing just that.

Apple has implemented a trusted process model in OS X Lion to handle risky behaviors. An application confined by a Sandbox profile might not be allowed to write its data to your hard disk. Instead, it has to send its data to a Lion-provided process whose job it is to write the data. That trusted process is only allowed to access data on the hard disk. It is not allowed to receive connections from other computers on the Internet. An attacker on the Internet would have to compromise not only your application, but also the trusted process in order to gain access to your data on your hard disk. Think of a building that requires entry through one door followed by another, and no single person has both keys. You have to co-opt both key holders to gain access.

Many things that applications normally do on their own will now have to be proxied through a trusted interface provided by Lion. Some things, such as adding cover art to iTunes albums, become impossible where no sanctioned interface is provided. In the near term, applications in the Mac App Store will become simpler and less capable because of this. I suspect that over time, though, Apple will provide more robust set of mechanisms that applications will be able to use to do more things. This way, applications will be able to do more on behalf of the user without introducing significant risk.

I like knowing that applications I install through the Mac App Store will be confined by a security mechanism that mitigates mistakes made by the developer. I'm happy with it as long as I can obtain applications from outside the App Store when I'm willing to assume more risk. You have choices. If you want an application that not only won't but can't eat your data (or syphon it off to the Russian mafia) get it from the Mac App Store. If you want an application that has more features--and more risk--buy it elsewhere from Chad's website.

Fake Reviews on Amazon?

We all know there are shady marketing/image promotion firms that do things like post fake reviews on Amazon.com and others. However, I've never actually seen a review that I was certain was a fake. That is, before today.

Yesterday I bought a no-name 21 bottle thermo-electric wine cooler from Tuesday Morning. I wanted a feel for whether I got a good deal, so I did some post-purchase comparison shopping on Amazon.com. I couldn't find my exact model there. Again, I'm certain it's a no-name, made-in-china, rebranded by a distributor type affair. I did find a couple of models on Amazon that are extremely similar to my own. So much so that I would not be surprised if they are actually the same unit with minor cosmetic revisions.

As I was reading the customer reviews, they were mostly pretty terrible, complaining of failures within 18 months of purchase. Most also complained that there wasn't a place locally to get the appliance serviced. Unsurprising. Oh, well. Live and learn, I guess :-(.

However, what was interesting to me was that for each of the two items, I found one review that was uncharacteristically positive. Even less likely, both reviews were impossibly similar, following a template, highlighting the same positive features, and using similar wording.

I'm not going to link to the Amazon product listing because I don't want to help boost those items' page ranking, but I have pasted in the product name as found on Amazon, as well as the full review in each case.

From the "NewAir AW-210ED NewAir Thermoelectric Wine Cooler With Dual Temperature Zones"

A four star review:

I ordered this as a present for my wife, and read a lot of reviews. There were so many negative product reviews for wine coolers, I really didn't know which one was actually the truth. I didn't know what to buy or who to believe.

This fridge is really quiet. In an empty room without any other appliances on, you can't hear it.

It's beautiful. It's aesthetically pleasing and fits in well into our dining room. She loves the sleek black finish, we get lots of compliments on it. It gets a lot of attention believe it or not. Some people are really impressed by it. My friends think NewAir should of made room for cans of Bud Light, but I disagree. The unit stores my $[...]bottles of Opus One. It is definitely a higher end unit meant to store wine collections not beer for UFC fights. Same high quality as Cuisinart models we've seen at Bloomingdales, but bigger which means more room for WINE! I would definitely choose this unit over a built in unit. This model requires some room for venting like most refrigerators, which makes sense. We had a built in wine cooler in our last house and it was nothing but problems. When they had to fix because the compressor went I had to contact a laundry list of people because the manufacturer went out of business. Then the guy who came to fix it decided it was ok to damage our granite bar top to access the built in wine cooler.

No assembly except putting on the handle. Let's face it not many of us spoiled Southern Californians are handy.

he temperature holds steady and does not reset when exposed to sunlight, or when the room is warm. It's really easy to read the temp setting, really easy to set, and it works like a dream. The LED lighting is awesome. Also, you can feel the difference in temperature between the 2 zones.

Dollar for dollar, this was competitively priced. I really liked my experience with Air & Water. They were great. And, we're SO happy with it.

I know you will be too.

And from the EdgeStar 21 Bottle Dual Zone Wine Cooler

A five star review:

I ordered this as a present, and read a lot of reviews. There are so many negative product reviews for wine fridges, I really didn't know what to buy. So, let me put your fears to rest:

1) This fridge is really quiet. In an empty room with no AC on, you can't hear it.

2) It's beautiful. Really nice stainless finish, we get lots of compliments on it. On par with Cuisinart models we've seen at Macy's, but bigger.

3) No assembly except putting on the handle. Hallelujah!!!

4) Consistent temperature - the temp holds steady and does not reset when exposed to sunlight, or when the room is warm. It's really easy to read the temp setting, really easy to set, and it works like a dream. You can feel the difference in temperature between the 2 zones.

Dollar for dollar, this was competitively priced. I really liked my interaction with Compact Appliance. They were great. And, we're SO happy with it.

Hope you will be too.

Here are the points addressed by each review, in the same order:

• The unit is quiet, and in a quiet room, you can't hear it
• The unit is beautiful
• Requires little to no assembly
• Keeps a consistent temperature
• Competitively priced
• Interaction with the manufacturer/distributor was great (WTF? you bought it from Amazon.com)
• We're so happy and "hope you will be too."

It's kind of amazing how blatant these reviews are. I guess the most Amazon can do is close each user's account. Since the reviewers are disposable, the PR firm just hires more, or even creates new accounts under new names.

Remarks on Apple, Flash and the "I Hate Apple" People

I've want to put down in words a few loosely related thoughts on controversy regarding Apple's policy of not allowing Adobe Flash Player on its mobile devices, and on the I Hate Apple crowd in general.

First, the "I'm anti-apple" people. I hear this mantra repeated frequently by friends and colleagues and also by noisy people on the Internet. I tend to rail against this sort of thinking, and as a result, come off as an Apple apologist to people who know me. I'll clarify: there are plenty of legitimate reasons to be angry with Apple. This vitriol, however, just seems irrational. Apple, as a company, has a lot of surface area and characterizing them in such broad strokes is problematic. They do things that are frustrating, but they also do things that are great. Most people who revel in waving their Apple-hating flag struggle to articulate just why they they hate them so much. It usually goes something like "grumble grumble, closed, proprietary, grumble grumble, App Store, grumble, no flash on the iPhone." The argument usually doesn't hold together well, and often these people will even admit that they just can't quite put their finger on what they hate so much about Apple. Look, we all are frustrated with Apple's App Store policies, even veteran iPhone and Mac developers. Even John Gruber, often accused of being an apologist is frustrated:
Serious App Store Doubts
Excerpts From the Diary of an App Store Reviewer
The App Store’s Exclusionary Policies

Further, if we're going to jump on the Apple-hating bandwagon, which is very in vogue nowadays, there are a lot of big-company-hating bandwagons we're going to have to jump on and start bitching about and boycotting. That's tiring. I don't have enough hours in the day to hate every company that needs hating. Sigh. Pick your battles.

Moving on to Apple's prohibition of Adobe Flash Player. It's not that complicated. Flash on the iPhone specifically, and cross-platform development frameworks in general, have the effect of diluting all platforms, including the iPhone, down to the lowest common set of platform features. No company should want their mobile device to be reduced to a state of generic similarity to their competitors' devices. Apple is perfectly justified, in my opinion, in wanting to keep this sort of shovel-ware out of the App Store.
This week Apple CEO Steve Jobs penned an open letter regarding his company's position on Adobe Flash Player on the iPhone OS:
Thoughts on Flash
I won't dissect the letter; it's been covered. But I agree with everything in it.

In response, this blustery counterpoint was posted on Linux-Magazine.com:
Apple's Steve Jobs is spreading FUD on Flash

This author's post actually makes me angry. It makes me angry because he is so bigoted against Apple, that he actually comes to Adobe's defense, conveniently forgetting that they've been dragging down the Linux desktop experience for years.

I self-identify as both a a Mac user and a Linux user. For years I was a full-time Linux user. I was the most obnoxious of Linux bigots, so I have that perspective. I have unhappy memories of flash on Linux. Since flash video became prevalent on the Internet, Adobe flash player has been the bane of Linux users' existence. Its performance on Linux has always been abysmal. I remember times when my laptop's fans would spin up to full speed, and the battery would start draining, and it would start scorching my lap. I would have to go hunt down whatever Firefox tab had a flash-based banner ad that was eating my CPU for lunch.

Adobe was slow to update it to the latest release, taking a year or more after it was released on Windows to release a new version for Linux. Also, Adobe still hasn't released a 64-bit version of the Flash Player for Linux or the Mac. Yeah. Seriously. It's 2010. Although major Linux distributions have gotten a lot better at making flash installation easy, you used to have to do weird 32-bit library wrapping voodoo to get Adobe Flash Player to work with 64-bit Linux and Firefox.

Because the Adobe Flash Player is closed and proprietary, Linux distributions couldn't ship with it installed. Users would always have to jump through hoops such as configuring third-party package repositories in order to install it.

Yes, as the author points out, flash is an open specification, so anyone technically can implement it. But to date, there haven't been any open flash players that are worth a damn. Open implementations such as Gnash are turds. They are several versions of the flash specification out of date, their performance is abysmal, and getting them configured and working is black magic. So let's leave flash's "openness" aside, because that's a red herring.

What is material is that much of the Internet depends on your browser being able to play flash. This is just as bad as the Internet of a few years ago requiring Internet Explorer, and being broken on every other browser. An Internet dependent on Adobe Flash Player is bad for Linux users. An Internet that has embraced HTML5, CSS, and Javascript is good for Linux users. Get off your Apple-hating high horse and acknowledge the fact that the two of you are on the same side.

Ubuntu Netbook Remix in VMware

I needed to install Ubuntu Netbook Remix (UNR) in a VMware Virtual Machine so that I could try to reproduce a bug. It was kind of an asspain. Problem is, UNR is made to be installed from a USB flash drive, and VMware can't boot from USB devices. There isn't a DVD or CD ISO image for UNR 9.04 available. It turns out that you can make a DVD image from the UNR .img.

I found the following guide on the Ubuntu forums (see below for a link). It should work from most linux distros:

Make a directory to hold the contents of the UNR DVD image:

$ mkdir unr

Make a mount point to mount the UNR .img file:

$ mkdir realunr

Mount the UNR .img as a loop device:

$ sudo mount -o loop -t vfat ubuntu-9.04-netbook-remix-i386.img realunr/

Copy all the contents from the UNR image to your unr/ directory. Note that realunr/.diskimage is critical:

$ rsync -a realunr/ unr/

Rename syslinux to isolinux:

unr$ mv syslinux isolinux
unr$ mv isolinux/syslinux.cfg isolinux/isolinux.cfg

Generate a DVD image from the contens of unr with the following incantation:

mkisofs -o ubuntu-9.04-netbook-remix-i386.iso -r -J -l \
-V "Ubuntu-Netbook-Remix 9.04 i386" -b isolinux/isolinux.bin \
-c isolinux/boot.cat -no-emul-boot -boot-load-size 4 \
-boot-info-table unr/

mkisofs will generate a DVD image that you can either boot a VM from or burn to a DVD.

Guide on ubuntuforums.org