Disclaimer

The content of this blog is my personal opinion only. Although I am an employee - currently of Nvidia, in the past of other companies such as Iagination Technologies, MIPS, Intellectual Ventures, Intel, AMD, Motorola, and Gould - I reveal this only so that the reader may account for any possible bias I may have towards my employer's products. The statements I make here in no way represent my employer's position, nor am I authorized to speak on behalf of my employer. In fact, this posting may not even represent my personal opinion, since occasionally I play devil's advocate.

See http://docs.google.com/View?id=dcxddbtr_23cg5thdfj for photo credits.

Thursday, March 31, 2016

Notify only on the device you are closest to

I have disabled notifications for nearly everything except email from my VIP list - but I still get too many notifications.



E.g. just right now, I received an email from somebody I work closely with.



It beeped on my MacBook.



It beeped on my iPhone.



It buzzed on my Pebble Watch.



I prefer to get notifications on my watch.  I find the buzzing on my wrist much less objectionable than the sound that I need to grab my attention on my MacBook. Ditto iPhone.  And it is much easier to look at my wristband, even if I have to scroll, than to pull my iPhone out of my pocket.



Yeah, I know I can disable the notifications on my MacBook and on my iPhone. I have done that in the past.  But this is suboptimal when I have forgotten to wear my watch - rare, but sometimes happens.  Similarly, I much more often forget my iPhone.



I want notifications on my wrist (for only the important subset), when I am wearing my watch.  When I am not wearing my watch but when I have my iPhone in my pocket, I want notifications on my iPhone.  When neither my smartwatch nor my mobile phone is nearby, I want notifications on my laptop.



I.e. I want the device to which the active notification is delivered to be based on whichever devices I am closest to.



Failing that, distance:  if my watch is being worn, notify my watch.  If my iPhone is more than 6 feet away from my watch, buzz my iPhone.  If my MacBook is not near either my watch or my iPhone, buss my MacBook.



The last may be a problem, because while my watch is usually paired to my iPhone, if the iPhone is misplaced my watch has no way of telling the laptop that it is nearby.   TANSTAAFL - you can't have everything.











There are lots of articles on the web about notification overload.  Choosing one:



Zombification from notifications: How to fix the problem of too many alerts | VentureBeat | Mobile | by Shruti Gandhi:



'via Blog this'



Choosing this one because the poster talks about "OS level mindfulness", and how contextual awareness alone is not the answer.



She's close - but it has to be trans-OS, if you think of the watch/phone/laptop as having separate OSes.



Or it can be OS-level --- when we have an OS that is trans-device --- when any of your devices can be managed from any of your other devices.



I would prefer trans-OS, since I would prefer to be able to have different devices from different vendors.



But trans-device OS integration may be easier for a suitably motivated company to get right.



I think that this is what happened way back in the PC software market, when people realized that they wanted their word processor to talk to their spreadsheet to talk to their presentation software to talk to their database to talk to their email to talk to their calendar...   What they wanted an application suite or integration.   Providing that was one of the things that allowed Microsoft to become so big - the Office suite (Word/Excel/PowerPoint/...) apps were not individually the best, but they were good enough, and the fact that they worked together pretty well was enough to give Microsoft dominance, and drive nearly all SW vendors away from these apps, on Windows at least.    Email and calendaring were slow to arrive at Microsoft, but eventually Outlook got there.



I think that integrating software across multiple devices - watch / phone / laptop, possibly also earphones, web and cloud based - may be a similar  opportunity for whoever can do a good job of doing trans-device integration to displace the large number of not very well integrated apps that we have now.



I don't know that Microsoft will be able to repeat this integration.  But I think that the company did it once before, and I am not aware of anyone else having ever done so.



I suspect that Apple does not want to do trans-devices-from-different-vendors. Apple may want and be able to do this for all of the devices that it sells.



It is hard to see how small startups can play in this space, since they need to be an many different platforms.

Wednesday, March 30, 2016

Back to the future: RCS

I have long been frustrated by the poor support for nested repositories in all version control systems that I am aware of:  Mercurial, Git, Bazaar...



Yeah, yeah, Git 2.8 has better submodules support.   Mercurial has subrepos. Blah, blah, blah.



My problem with all of these that I have looked into in detail is that they require a posteriori identification of a module.  And there is overhead at the root of a modules.



Whereas I have, for many years, maintained a personal source code tree where nearly any subdirectory tree and any time can be cloned, and used independently.  I do this because I want to use arbitrary libraries of my own in arbitrary other projects - e.g. my employer does not want me to insert my entire library tree into any source code of theirs, not if I just have too random libraries from disconnected places in my tree.  I also try to structure my libraries so that the minimum necessary can be imported.



TBD: Insert anecdote about discussing this with Linus - after his explanation, he said "Yeah, you need to add a porcelain to git."



But not just a porcelain. I do not usually want the whole history of the whole repository, all the way up to its root.  Usually I want only the subdirectory tree history (with provision for files in the subdirectory that may have been moved, i.e. that may have history, outside the tree).



And often I do not want the history at all, just a pointer to the repo.



E.g. today: I want to import one of my libraries for the umpteenth time into a project at work.



Way back when I started doing this regularly, my personal source code tree was CVS, as was my company's.  You can make a CVS directory be a symlink to outside CVSROOT, and it works pretty well. (Except that the company history doesn't have its own history of my tools.)



I have not found an equally satisfactory system since I gave up CVS.



Oftentimes, I use two VCS in the same module:



My company may be using Perforce, /p4/workspace/project



My library may be in ~glew/src/lib/a/b/glewlibXX, under Mercurial (or git, or bzr, or...)



and I clone my library using my VCS to the company workspace



Possibly in

/p4/workspace/project/users/glew/src/lib/a/b/glewlibXX



But preferably in a better location, like

/p4/workspace/project/external-dependencies/glewlibXX



I check all of the files into the company repo (perforce).



When I edit, I check into the company repo using the company VCS, e.g. perforce.  If I am allowed, I also check into the my personal repo using my VCS, e.g. hg.



If the company wants, they can pull updates that I have made to my personal library from my VCS into their VCS.  And so on.



If I am using a DVCS, this creates a history, typically

/p4/workspace/project/external-dependencies/glewlibXX/.hg



This wastes diskspace, since the company has its history in their depot, and I have my history in mine.  But we don't care about diskspace any more, right?



It's a minor pain, since I have to remember to push history from

/p4/workspace/project/external-dependencies/glewlibXX/.hg

to

~glew/src/lib/a/b/glewlibXX,

in addition to having to checkin to the company repo.

I can automate that.



A bigger annoyance is the question: does the cloned module's history and metadata,

/p4/workspace/project/external-dependencies/glewlibXX/.hg,

get checked into the parent repo?  I.e. is there a history of the history?

I have tried it many both ways.  Either way has problems









Anyway: frustrated, I have been thinking about going back to what worked well..



I was considering going back to CVS, since as I mention above it is fairly easy to link CVS directories.





The annoyance there is that CVS requires CVSROOT.  And I would prefer not to go back to having a full CVS repo.









Anyway: frustrated, I have been thinking about the simplest possible thing.



If not CVS, then next simplest is RCS.  (Or maybe SCCS, but I would rather not think about that.)







I.e. I am considering using RCS, only for this submodule sharing.    I would be using a different VCS for my master, and the company would continue to use its own.



I.e,. RCS might be just the VCS for fine grain submodule sharing.







I will use comments to this post to record further thoughts and issues.





































Sunday, March 27, 2016

Judicial Watch: State Department Documents Show that NSA Rebuffed Hillary Clinton’s Attempts to Obtain a Secure Blackberry

Conservative website Judicial Watch continues to chase Hillary Clinton's use of a personal email server:
Judicial Watch: State Department Documents Show that NSA Rebuffed Hillary Clinton’s Attempts to Obtain a Secure Blackberry - Judicial Watch: "“These documents show that Hillary Clinton knew her Blackberry wasn’t secure.  Then why did she use it to access classified information on her illicit email server?"
'via Blog this'
But from my point of view, items earlier in their own post explain the real story:
[W]e began examining options for S [Secretary Clinton] with respect to secure “Blackberry-like” communications … the current state of the art is not too user friendly, has no infrastructure at State and is very expensive…each time we asked the question “What was the solution for POTUS?” we were politely told to shut up and color. 
the issue here is one of personal comfort … S [Secretary Clinton] does not use a personal computer so our view of someone wedded to their email (why doesn’t she use her desktop when in SCIF?) doesn’t fit this scenario … during the campaign she was urged to keep in contact with thousands via a BB … once she got the hang of it she was hooked … now everyday [sic], she feels hamstrung because she has to lock her BB up … she does go out several times a day to an office they have crafted for her outside the SCIF and plays email catch up … Cheryl Mills and others who are dedicated BB addicts are frustrated because they too are not near their desktop very often during the working day…
Secretary Clinton, ... does not use standard computer equipment but relies exclusively on her Blackberry for e-mailing and remaining in contact on her schedule, etc.  
Blackberry security waivers were issued during the tenure of former Secretary of State of State Condoleezza Rice, 
use expanded to an unmanageable number of users from a security perspective, so those waivers were phased out  
Some news pundits suggest that Clinton's use of her own private email server was an effort to  avoid public records laws.

Myself, I see this as just the most prominent BYOD (Bring Your Own Device) event.   (Well, actually, Obama's Blackberry is probably even more prominent.)

I see the NSA acting like "Mordac, the Preventer of Information Services" in the Dilbert cartoons: "Security is more important than usability."

Actually...  I am sympathetic to NSA folks who said to Clinton et al "No, we don't have the resources to secure a smart phone".   BYOD is hard. But Clinton wasn't asking for BYOD (Bring Your [Her] Own Device).   She was just asking for a device that she could carry around to do her work.)  There's a moral here:
if IT cannot provide IT services in a form factor the user wants, smart users will often find a way to avoid IT's proscriptions.

Judicial Watch says
“These documents show that Hillary Clinton knew her Blackberry wasn’t secure.  Then why did she use it to access classified information on her illicit email server?”
Myself, I have long been in the same situation.  I usually err on the side on being too compliant with IT rules - but as a result I am hamstrung in my work.  I often find myself unable to read email for days, sometimes weeks, because I just cannot stomach the IT approved email clients, which are much less efficient.

My own experience leads me to suspect that there may be an aspect to this email 'scandal' that is not disclosed in the emails:

The last time I went through this sort of IT discussion, seeking permission to read company email on my iPhone, I was told, by one of the heads of company IT security, no less:

1) The official IT policy does not allow you to read email on your iPhone

2)  But...  You should go ahead and do it anyway.  We don't actively prevent it.   I read my own company email on my personal, non-approved, iPhone [said the company IT guy].

I can't help but wonder if the same conversation occurred in the hallways of the State Department or NSA.  Or outside.   Not on email.   Unrecorded.

Or perhaps there was just plain wishful thinking:
  • No previous US Secretary of State has used a .gov email account.  
  • Not the two most recent SoS's under a Republican administration  Colin Powell, not Condoleezza Rice  
  • Lots of US government employees use their personal email accounts. 
  • Those guys use commercial services like Gmail - at least we [Clinton's team] will try to be a bit more secure, by using a private email server.
I am sure they would not ask permission - after all, when they asked permission earlier they were rebuffed. "It is better to ask forgiveness than to seek permission".   After all, if the US government folks in charge of security were serious, surely they would have monitored and detected a lot of email from .gov addresses going to Clinton's non .gov email address?

I am not condoning this.   But I can understand it.   I don't do this myself.  But I have thought about doing it, when frustrated by corporate IT.   (By the way, I suspect that Gmail is more secure than any email server I would set up, or at least has professionals monitoring, and is probably more secure than my company's IT department.   But I am sure that Google can read all Gmail, unless encrypted, and that using any such commercial email service is an even bigger violation of official secrets acts that using a personal email server.   Using the former, you know that non-approved individuals can read your email; using the latter, you don't know - although they may be able to if they break in.)

Friday, March 25, 2016

AlternateLambdaSyntax - Python Wiki

It's fun to see the Python guys thrashing over lambda syntax.  Eventually Guido gave in and kept the historic lambda syntax.



AlternateLambdaSyntax - Python Wiki: "AlternateLambdaSyntax"



'via Blog this'



I must admit, I find the Python lambda syntax a bit unpleaasant:



Ordinary function

def foo(x):
      return x+1
Lambda

lambda  x: x+1
It is a pity thaat Pythin's lambdaas are not multiline:

http://stackoverflow.com/questions/1233448/no-multiline-lambda-in-python-why-not



This seems to be aa consequence of Python not being indentation sensitive inside parens.



I think that it is also a pity that Python's lambdas are strictly anonymous - although you can assign them a named variable.



I personally often use lambdas not just for anonymous functions, but also for named functions that I want to define near point of use, in the narrowest scope possible.



Even if they could be a lambda, naming them gives nicer stack traces.


Thursday, March 10, 2016

Amusing:

Blogger.com reports that the Chrome browser on iOS is unsupported.

Both are Google, right?

It is increasingly obvious that Google's blogger / blogspot platforms are not well supported, even by Google.

Annoyingly, I chose to use Google products such as blogger and plus/circles because I figured that Google was less likely to evaporate than so many other web.here-today-gone-tomorrow.COMpanies. But since Google has started seriously deprecating so many old apps, this heuristic applies much less.

Still... Google has so far been pretty good about warning and giving time to migrate when they remove a service.  If only those emails were not classified as unimportant or spam - by Gmail.  ;-}

I need to script up a cron job to periodically back up all of my Google  state. To avoid the rush when they deprecate a service.


swipe to archive on message in reading pane, not just in message list

Currently the Microsft Outlook app for iPhone has configurable swipes in the message list. This is good.

But in the reading panel, where you can actually see the message contents, the swipe actions are hardwired - scroll in conversation, or go to next conversation. This is less good.

I am a big fan of apps like Zero.app and Triage.app, that allow me to do my most common actions via swipes when I am looking at a screen where much of the message can be read - more than the preview in the message list.

My most common actions are read, dispose of (I archive, not delete), or skip and move to next/previous.

It is easier to swipe, eg swipe up, to archive, which I can do in Triage and Zero, than it is to poke the archive icon. Especially than to poke the tiny icon on my iPhone screen (easier on my iPad), when using Outlook.app in landscape mode with list and reading panes side by side. Or to swipe the current message in the message list (which, by the way, is hard to tell apart from the other messages - you should have a better color scheme. I often end up at giving the wrong message when I have to go back to the message list)

Much easier to swipe than it is to switch back to list on another screen, in portrait mode.

In portrait mode, you should be able to swipe to archive or move on, right on the message which occupies most of the screen.

Think about it: the most frequent operations need to be the easiest to do.  Or, the classic GUI / UI / UX principle of direct manipulation: if I want to archive a message, I want to manipulate it directly, in the message reading panel, not indirectly, in the message list (which may be on a different screen)

In fact, I had completely given up on Outlook.app, and have been using only Zero.app, because I found that I could process my email much faster in Zero.app. Typically one swipe per message in Zero.  But, by my count, 4 taps or swipes in Outlook.app

The only reason I am trying out Outlook.app again are

1) my company no longer allows IMAP access to our Exchange server, so I can no longer use Zero.app for work email, only personal

2) I bought an iPad mini, where tapping to archive button is less error prone.





Along the way: even with the current inefficient interface, I want to be able to archive and move on to view the next message. The current interface in landscape mode often shows a blank message reading pane after I archive, requiring me to painfully select a new message to look at.

You really need to count the number of actions - pokes, clicks, taps, swipes - to get the job of processing email done.   Swipes are about 2x better, or half the cost, of poking or tapping an icon or widget.  Switching screens is about 2x worse than tapping an icon, 4x worse than a swipe. Simple swipes left / right / up / down are fastest; long vs short swipes are almost as good, maybe 10-20% worse than a simple swipe; multiple buttons, one of which must be tapped, is maybe 50% worse, but still better than having to tap an icon or widget that may be far away (the swipe equivalent of context menus)

Wednesday, March 09, 2016

Krazy Glew's Blog

Krazy Glew's Blog: "I like being able to see my personal and work calendars at the same time"



Interesting:



I really need to be able to see work and personal calendars at the same time. Or else I create schedule conflicts.   I am a shared resource.



But in email, while I would like to be able to read personal and work email in a single place, I have learned the hard way not to - by accidentally forwarding work email to personal.



Idea?: unified email browser that asks "Are you sure", when cross forwarding?



'via Blog this'

Calendar not syncing on replacement iPhone

This just a bug report, to report fix, fr my own memory, and perhaps to help anyone else with similar problem.



Today I had to replace my iPhone 6+.  15 months old, 3 months past the 1-year warranty - no extended warranty :-(.  329$ :-(.  Old phone started "flickering" at the top of the screen, and touchscreen went awry, not working, and/or phantom touches. Flexing sometimes made it go away, but it got worse overnight.  Apparently this is a common problem with iPhone 6+: the Apple Store person says that he sees 3 or more such problems a day.



After connecting the new phone to my Google account, gmail worked, but Google Calendar did not show up in the Apple Calendar app. (It did show up in the Google Calendar app - but, curiously, the Apple calendar app provides more control over Google Calendar features than does the Google Calendar app. Plus, I like being able to see my personal and work calendars at the same time.)



Fix was to go to Settings > Mail, Contacts, Calendars > Gmail, and toggle the Calendars button off (it was already on) / on / off / on multiple times.   Probably needed to delete info from the old instance.





Calendar and Contacts not syncing after iOS 9 u... | Apple Support Communities:



'via Blog this'

Monday, March 07, 2016

Sharing paalettes/UIX between different devices

I bought a refurbished iPad mini, and am currently using Quadro with both iPhone and iPad. This is good.

What is not good is that I cannot copy or move palettes friom iPhone to iPad.  I cannot even share, via the insecure sharing facility.  (If I try to share, I get told "incompatible device').

Now, I know that the GUI properties are different. The iPad has a bigger screen, etc.  But function code should be identical, and also colors.  Possibly icons would be different, but one can hope that that may npt be the case.

But I was hoping that I would be at least able to have the iPhone palettes on the iPad, as a starting point.

Unfortunately, it looks like I will have to recreate every function, every pad design and color, from scratch.   

This sucks, and is a very big reason why I have written my own UIX extender - or, rather, ported an old UIX that I wrote ears ago to Mac's GUI scripting.    Mine is not as pretty as Quadro, but it allows backup, reuse, and version control.

Quadro says:

DisclaimerAlthough we are already working on a better multi-device palette support, which will have different modes and automatic management for the pads layout, for the moment it's still up to you to create palettes that span across multiple devices.


I get this.  But I want to emphasize that Quadro should add the ability to copy pads, with functions, colors, labels, and possibly icons, between different devices as soon as possible.   Do not delay that for more complete automatic management, etc.

I say again:  not having the ability to reuse pads between different devices is a veery big reason not to use Quadro at all.

---

As for different GUI properties:

The iPhone app "Keypad" allows a keypad layout to be scrolled horizontally and vertically   This allows reuse between portrait and landscape rotations on the phone.


Security Implications of Sharing Palettes · Quadro

Quadro - UI extension software that allows an iPhone or iPad to be used as a touchscreen extension for a Mac or Windows PC, with common commands mapped to touchscreen "pads" - allows the "palettes" of macro-pad-definitions to be shared.



It looks like a shared pad is visible to the entire web.



I hope not writeable...



I, and Quadro, really need to think about the security implications of such promiscuous sharing.



Obviously should not share any palette definitions that contain passwords, e.g. passwords to log into ... wifi nets, apps, etc.



Perhaps slightly less obvious, but should be apparent to anyone who thinks in the slightest about security and privacy: palette/pads that automatically save to particular folders, e.g. in email or  web browser, may themselves be security/privacy exposures:  the very NAME of the folder corresponding to a company-secret project may be a secret.   Or, similarly, the fact that an engineer is doing web.research on a particular topic may disclose new product directions.



Similarly, many companies dislike having employee email addresses unnecessarily exposed.  So palette/pad shortcuts that forward to particular email addresses are an exposure.



If you don't like thinking about company security, think about personal privacy. Imagine that the user is researching some deeply private and/or embarrassing medical condition.



---



Is this a real risk?   Well, the unique part of the URL that is provided for sharing seems to be no more than 5 ascii letters - and possibly less.  E.g. 5*8=40 bits of (in)security.  Quite likely to be brute forceable,



Q: does Quadro have an intrusion detection system, looking for bad guys probing all combinations of 5 ascii letters?



---



What happens if you have accidentally shared a palette with a password or other sensitive information?  



I cannot see any way to delete a shared palette from the Quadro company servers once it has been shared.



---



Wishlist:  allow a user to tag particular pads as being sensitive, unshareable.  And prevent any palettes holding such a tainted pad from being shared.



But the main wishlist would be to use much longer URLs, long enough to discourage brute force attacks.   Possibly with length selectable - short URLs for sharing of non-sensitive palettes, long URLs for sharing of sensitive palettes (at the cost of being much harder to type).



With the wsih after that being to do proper challenge/response,





---



How to cope with the insecurity of this palette sharing?



The only thing that I can really imagine is to try to be ver strict about

Wednesday, March 02, 2016

Bug or (Mis)Feature: Move Pads on top of each other

I cannot tell if this is a bug or a feature.  If it is a feature, I cannot figire out what it is good for.



Usually when I drag a pad nearly on top of another pad, the pad being moved onto is moved away.



However, when I very carefully position the pad that I am dragging exactly on top of the other pad, then the new pad occupies the space, and the other pad is hidden. But I can later drag the "top" pad away, and the pad underneath is revealed.



Is this intended behavior?



I hope not - I must admit that I became a bit panicky when I first saw this happen, thinking that the hidden pad (a group) had just been deleted.  But fortunately it could be revealed.



Move Pads · Quadro: "Move Pads
To move a Pad inside the Palette enter Edit Mode and perform a long tap on the pad to drag it around. Leave the finger once is placed in the desired position."



'via Blog this'

Tuesday, March 01, 2016

Security and Dynamic Keypad / User Interface Elements (Quadro, Keypad)

I obviously like the idea of "dynamic user interface devices" in general, and Quadro in particular: use a tablet, iPad or iPhone, to provide a more pleasant user interface to legacy PC apps.