Last month I was very happy to see J.K. Rowling go DRM-free for her Harry Potter e- and audio-books, and was wondering (hoping?) if that was the beginning of the end for locked-down digital books.

This week, major science-fiction and fantasy publisher Tom Doherty Associates (they own Tor Books) announced that by early July, their entire list of e-books will be available DRM-free.

Our authors and readers have been asking for this for a long time, they’re a technically sophisticated bunch, and DRM is a constant annoyance to them. It prevents them from using legitimately-purchased e-books in perfectly legal ways, like moving them from one kind of e-reader to another.

Tom Doherty

I guess when the final installment of The Wheel of Time comes out, I won't have to buy it from Amazon (whose increasingly tempting book recommendations are starting to freak me out a little). I am hoping for a bundle of the whole series, actually, so that I can start from the beginning again: it has been twenty years since I read The Eye of the World, and five since Knife of Dreams, and I am not sure that I have not forgotten too much by now.

A long, long time ago, I made a list of what my web browser (Camino at the time, now pretty evenly split between Firefox, Chromium and Safari) would suggest when I type just a single letter. Here is what Alfred serves up today:

• Audacity
• VirtualBox
• Calculator
• Dropbox
• Eclipse
• YoruFukurou
• GitX
• HDRtist
• iPhoto
• Java_ME_SDK_3_0
• Kindle
• MarkdownLive
• MarkdownLive
• MP Navigator EX 2.0
• LibreOffice
• System Preferences
• QuickTime Player
• BIT.TRIP.RUNNER
• Safari
• Tunnelblick
• WhichWayIsUp
• VirtualBox
• TextWrangler
• Xcode
• YoruFukurou
• Affe..Zebra

I spent some time yesterday trying to determine the compatibility of popular Creative Commons and Open Source licenses with the iOS App Store. One would think that there should be some authoritative guide about this, but the groups that own these licenses seem to refuse to take a firm stand on the issue, and everyone else disclaims their opinion with IANAL. So my position is that material using the following licenses cannot be used in works distributed on the iOS App Store (but, of course, IANAL):

GNU General Public License

To use GPL code in your product, you have to place the complete work under the GPL. This means making the source code available so that end users can inspect and modify it (not a problem, even on the app store), and providing a reasonable way for end users to install the modified work onto their devices (impossible, because Apple does not allow side-loading).

GNU Lesser General Public License

You can use LGPL code in your product without having to place the rest of the work under any particular license. But you still have to make the source code for that LGPL components available and provide for a reasonable way for end users to replace the LGPL components in your product with their own modified versions. That second provision cannot be met.

Creative Commons Share Alike licenses

If you build upon a CC-SA work, you may distribute the resulting work only under a license that allows the end-user to share (copy and distribute) and remix the resulting work. You cannot copy and distribute apps downloaded from the iOS App Store.

Other Creative Commons licenses are fine: for CC-BY you need to provide attribution, and for CC-NC you must make the app free of charge and free of ads.

The situation is a bit unclear for the GNU Free Documentation License. It seems to be okay for photos (and by extension I guess all other non-textual media), as long as attribution is provided. There is a section on Wikimedia that says when using a photo placed under the GFDL license as part of a larger work, the larger work does not have to be released under GFDL for usage to be within the license terms. The Free Software Foundation, creators of the GFDL license, has been asked for clarification of how much of e.g. a book counts as the "larger work" in these terms; they responded that no synopsis can substitute for what the text of the license says, and if in doubt the reuser should seek a proper legal opinion. Now, the GFDL says "When the Document is included in an aggregate, this License does not apply to the other works in the aggregate which are not themselves derivative works of the Document." So, the larger work doesn't (always) have to be released under GFDL.

I was at the electronics mall shopping for hard disk enclosures when I came across a Kindle 4 also on sale there. The first thing that surprised me was how small it has gotten: Having removed the keyboard, basically all that is left is the screen (which is exactly the same size as before). The second surprise came in the form of Leo Tolstoy's portrait on said screen. When powered down, Kindle displays a randomly rotating collection of drawings, and I know the cast of characters on my Kindle 3 by now. Tolstoy is not one of them. At first I assumed that they changed or expanded the selection for the new model, but then I saw the small copyright notice in the corner, reading duokan.com. Switching the device on, I was greeted with a completely different user interface, and all of it in Chinese. The shop explained that they replaced Amazon's software with a Chinese operating system, and that you can choose between the two.

Amazon themselves are not selling Kindle in China, and the device is lacking in two aspects for this market: The user interface is only available in English (that was until recently the case in Germany as well), and more importantly, the Kindle store where you are supposed to buy your ebooks is not open for business here, either.

DuoKan takes care of the first part by providing an alternative operating system that supports both English and Chinese. It is distribute free-as-in-beer and works on Kindle 3 and Kindle 4, with an Android version (for Kindle Fire) in the works. It can apparently co-exist with Amazon's software in a kind of dual-boot setup, and it handles a variety of ebook formats, including EPUB, which the Kindle OS does not, making it an interesting product even for non-Chinese users. With this kind of software you have to be awfully careful about not getting infested with spyware and malware, but from the looks of it, DuoKan seems perfectly legitimate. Would be even better if it was open-source, though.

Traditional publishers are having a hard time dealing with digital content distribution, which removes two essential limitations present in physical media: There is no cost in creating and shipping an additional copy, and there are no other prerequisites or investments necessary to start creating and distributing copies other than having had access to a single copy. As a result, there is no longer any legitimation to make money by creating and distributing additional copies of content, and market forces are rapidly working towards eliminating this inefficiency.

What publishers should be doing in this situation is massively reduce their financial dependence on the obsolete parts of their business, and instead focus on the other parts of the publishing business, leveraging their established and privileged position as intermediary between content creators and consumers in physical media to take the same position in the digital media. If not, someone else will.

Institutions will try to preserve the problem to which they are the solution.

Clay Shirky

What many publishers do instead is to try to foist the limitations that they currently benefit from in the physical marketplace unto digital distribution, i.e. make it artificially expensive and difficult to copy. And this is how we got Digital Restrictions Management (DRM).

Unfortunately for the content industry, DRM is doing them more harm than good. First of all, it does not stop commercial piracy. A criminal enterprise that is serious about profiting from selling pirated copies has the resources to remove DRM. What is does do is inconvenience the people who are supposed to buy the media. It also creates the interesting situation that the pirated version of a product is now of better quality than the original , because it does not have the artificial restrictions on how it can be used and sometimes even the material quality itself (such as picture resolution or encoding bitrate). Even a casual user will encounter the fact that his DRM-ridden product does not let him do something that he could have done easily and would have been well within his rights with the physical equivalent.

Even more dangerous than consumers looking for alternatives is content creators finding out that there may be better ways for them to disseminate their output. The insistence on DRM has put the publishing industry at the mercy of the tech industry. Because all popular devices have their own incompatible DRM schemes, technology companies are now running the major digital storefronts as well, and there is massive vendor lock-in that makes it very hard to establish additional outlets. With these new powerful intermediaries, the publishing houses are losing their valuable position as mediators. Not much is stopping the tech industry from taking over here. Youtube and Netflix have started producing original video content, Amazon and Apple allow anyone to sell ebooks. At the moment these are still relatively small ventures, mostly of the sort that a big publisher would not have picked up anyway. That more voices can be heard is very good for society, but the real commercial impact will hit when the Steven Kings and Madonnas of the world decide what they can do by themselves or with more agile partners.

J.K. Rowling, probably the best-selling author in the world, is offering her Harry Potter books for download on her own website now. DRM-free, in EPUB, Kindle, and audiobook formats. She is selling them exclusively through her site, and has partnered with Sony, Amazon, Barnes&Noble, and Google to make sure it works on as many devices as possible.

Today was finally a full day in Metro (and Snow Leopard, as I gave up on Notepad and wrote this and my notes with my usual TextWrangler setup).

• Metro is clearly intended to be used on a touchscreen: Everything is big enough to be fingered, there are no complex menu bars, status bars or tool bars, often just one big screen filled with content. There is a lot of swiping, dragging and horizontal scrolling, none of which is very comfortable to do with a mouse pointer.
• I was looking for a video tutorial on Metro basics for the end user, but did not find anything. Let me know if there is anything. Microsoft should probably include one in the final version.
• I am very grateful for PCWorld's list of keyboard shortcuts, which improved my day a lot. Old favourites that I still remember from XP like Alt-Tab, Ctrl-Tab, Alt-F4, Ctrl-F4 have also proven functional (and yes, three days in I finally reconfigured Virtual Box to relinquish control of the Windows key, which was used as the "Host Key" by default).
• For some reason, scrolling with the touchpad worked in most, but not all, apps.
• Alt-Tab still switches between apps, and it already toggles the whole screen (not just the application icon) while you are still holding the key, which is cool. Ctrl-Tab does the same for application windows (such as IE tabs).
• Speaking of "windows", there aren't any. Everything takes up the whole screen, and when it does not you have non-overlapping tiles that can only be arranged or resized according to a coarse grid. It might be good idea for Microsoft to rebrand their OS lineup. It is still justifiable since Windows 8 still has Desktop, but why is Windows Phone called "Windows"? It has certainly left its Windows CE origins far behind, something like Metro Phone or XPhone 360 seem to make more sense.
• Speaking of "tiles", that is a pretty and refreshingly different (from both the desktop and the iOS experiences) design. They come as a big clutter-free grid and in vivid colours. The old Start menu is gone, replaced by a Start screen (that actually extends over two screens for me, but that might be a resolution issue), which display application tiles, both for running apps as well as for "pinned" apps that stay there even when not active. Every tile can also become "live" and display some application-specific information, such as the current song title or weather report. They come in two sizes, and can also be placed on the lock screen (which is beautiful to look at, probably the work of the same folks that designed Bing). Unlike an Android widget however, live tiles are not interactive (they just launch the app).
• Application menu bars have been replaced by Charms, which appear in the form of a toolbar that slides in from the right side of the screen. It contains several settings and search functions, both application-specific and system-wide. You can also check the application's permissions (like Location or Internet Access, similar to what you have on mobile systems), and review it on the Store.
• Just like Apple with iCloud, Microsoft is nudging you towards getting a Microsoft account (which I think is the same as a Windows Live account), that you can then use for a number of applications (such as the various media stores) and services (such as syncing between devices), and even to replace local user accounts.
• The limited selection in the Windows Store might be because of me being in China. Maybe there is more to be had if not for that. The thought occurred to me while looking at the "Social" section, which had just three apps, Wordpress and the Chinese services QQ and RenRen. I did install the featured eight apps that won the Metro developer contest:
  • Air Soccer is a turn-based (but still real-time) air-hockey-like game. You want a touch screen here.
  • Cook Book is an online cook book that for some reason (China?) did not load any pictures (except for the gorgeous title photo, those seem to be a strong point for Microsoft).
  • Elements Weather Forecast immediately replaced the built-in Weather app. Looks better and has data for Shanghai (the stock one told me it was not available in my market and just showed Seattle).
  • Flip Saw is a puzzle app I did not get to try out.
  • Pew Pew is a nice retro/line-drawing style arcade-type shooter owing its name to a funny sound effect.
  • Physamajig looks interesting (probably along the lines of Crayon Physics), but I also had no time to look at it.
  • Puzzle Touch is a jigsaw puzzle game where you also have to rotate the pieces. Another case of beautiful photography and in need of a touch screen.
  • SigFig Portfolio lets you track a brokerage account, but you need to have one.
  All of them were free, but some of them still said "Buy" or "Try" instead of "Download", which confused me, but seems to indicate that there will be a try-before-you-buy feature that is missing from the Mac and iOS App Stores.

Today a play-by-play of what I did, without much commentary.

Install the VirtualBox guest additions

For a better integration between the virtual Windows 8 and the physical hardware and host operating system (OS X Lion), VirtualBox comes with so-called "guest additions". They mount as a virtual CD, which I could open with Explorer. The installer required command-line parameters, though, and I had no idea how to open a command line. I tried finding cmd.exe or something like that, but failed. I am now also confused why there are two folders with applications (Program Files and Program Files x86, whose contents appear to be identical). So I asked the Superusers, bending my rule of using only Windows 8 itself, because I could not install my password generator into IE 10 and thus could not log in to post the question (I say bending instead of breaking, because I could have posted anoymously). After finding out that I can go back to Metro to do a search (which would then take me back again to a command line in Desktop), I also found that all that messing around with the command line was unneccessary after all, because there was another installer with a GUI wizard. Rebooted, now sound works, and I have a "USB tablet device", which can successfully scroll left and right.

No luck in the Windows Store

The interesting thing about Windows 8 is the Metro interface, but so far I have spent all my time in Desktop mode. To leave that behind, I need a text editor and an SCP client that work in Metro. I first turned to the Windows Store. That is still under development, and only had a grand total of five productivity apps. One of them was Evernote, which I could install for free after creating a Windows Live ID (which involved another trip back to my Mac for the password tool, and to turn the VPN on to be able to log in to GMail to get the verification email). Unfortunately, the app asked me for yet another user name and password, presumably for the Evernote service, but without making that clear, or offering me a way to create one, and I was not in the mood for two new cloud service accounts in a single afternoon just to edit a local text file, so I gave up on that (and gave it a two star review using the nice integration of the Store into the application's settings sidebar, where you can also manage permissions and notifications). I did get updates for four of the pre-installed Microsoft apps from the Store, though (even before I signed up for a Windows account).

No luck on the Internet

I then tried to find Metro apps outside of the Store, and a quick search for "Windows 8 Metro text editor" (on Bing with IE10) turned up the very promising, apparently (as I had never heard of it before) highly acclaimed open-source text editor Bend. The download threw me back into Desktop, where a warning dialog asked me if I wanted to go ahead with installing software from an unknown publisher (I suppose this is what Apple is going for with Gatekeeper as well), and when I said okay and launched it I was back in Metro for a moment, where another (much slicker) dialog called Windows Smart Screen asked me pretty much the same question again. Unfortunately, that was it, as no application launched, and no error message appeared either. I assume that it just crashed. I went to the trouble of finding the Task Manager (which seems to have gained a lot of features) but could find no evidence of any process still alive. I continued to look for other Metro apps, but could not find any. Hopefully the Store will have more to offer later during the week.

As you can see, today's plan to switch over to Metro did not come together. But time for preparations is running out, so I will give up on that and make do with Notepad and WinSCP and spend tomorrow finding out what Metro can do for me.

Last week, Microsoft released a preview version of their upcoming Windows 8 operating system (interestingly enough at the Mobile World Congress in Barcelona, which is an event not for the PC industry, but for mobile phones), and since it is a free download (I assume it expires after a few months) I am thinking to spend a week playing with it, documenting my impressions in daily blog posts. And to make things interesting the blogging itself, and the research around it, is going to happen exclusively under Windows 8.

First order of business was to get the thing installed. The original plan was to partition the hard disk in my decommissioned Mac mini, and directly boot into it using Boot Camp. That failed however, because Disk Utility was unable to shrink the Leopard partition, even though there should have been plenty of free space. I hate HFS+, it is an embarrassment for Apple, and I was actually getting ready to spend a week playing with the new ZFS software Zevo, had not Windows 8 come along. Only one frivolous timesink at once. I then tried to check if my almost ten year old 80 GB external Firewire disks were still functional. I had dismissed them as defective, and (after finding out that I had to connect them with USB because the connectors have changed from Firewire 400 to Firewire 800, which unlike USB and USB 2 are not compatible) unfortunately that turned out to be the case: nothing except clicking noises and horrible read timeouts.

So instead of that, I installed it on my current Mac mini, but as Boot Camp and partitioning are too scary to do with a computer that needs to actually work every day, not directly on the machine, but as a VirtualBox. Installation into VirtualBox went smoothly, although I am still running with a bare minimum of integration, full screen mode has black borders, there is no sound, and the keyboard layout is off. Most of these things can probably be fixed if I dig deeper into VirtualBox, but that seems too much of a rat hole. What I would like, though, is to have proper drivers for the Magic Touchpad, as I can already see that Windows 8 would be so much more fun with gestures (or even a touchscreen tablet, but that is beyond my means).

I am reserving first impressions and further exploration of the new Metro interface for tomorrow, but what still needed to get done today was this post, and for that I need an SCP client, and a text editor. I will try to get Metro apps, probably from the Windows Store, tomorrow, but for now sticking with what little I remember from the XP days, I switched to the Desktop mode, downloaded WinSCP, and launched Notepad (by creating a New Text Document, not by opening the application, which frankly I don't even know how to do, because the Start menu is gone).

Just yesterday, I wrote about how Chinese users might benefit from a special version of iOS, and now today's announcement of Mountain Lion has this passage:

It’s a new Mac experience in China. OS X Mountain Lion brings all-new support for many popular Chinese services. And they’re easy to set up. Mail, Contacts, and Calendar work with QQ, 163, and 126. Baidu, the leading Chinese search provider, is a built-in option in Safari. The video-sharing websites Youku and Tudou are included in the new Share Sheets, so users in China can easily post videos to the web. They can also blog with Sina weibo, the popular microblogging service. And with improved text input, typing in Chinese is easier, faster, and more accurate.

Apple have just announced (in a rather unusual fashion) that they plan to speed up the release cycle of OS X, aiming for a major update every year, starting with Mountain Lion, scheduled for summer. The main focus for them is to align OS X with iOS, in terms of user experience, but also in the amount of control they assert over the platform.

The biggest difference between traditional computers and post-PC devices is how you install applications, respectively from files you could have gotten anywhere versus an official (and tightly controlled) market place. When the Mac App Store launched, it was obvious that this would be the model Apple prefers, but that they would be using carrots and sticks to make everyone accept that. It already carried a couple of carrots: For consumers, it is easy to find and install apps, it takes care of updates and installing it on all you computers, you do not have to be afraid of malware, and payments are done with your existing Apple ID. For smaller developers it provides exposure to a much bigger audience, and takes care of the hassle of having to handle payment processing (on the other hand, bigger developers probably don't need that and would rather not pay the 30% cut, you do not get to build your own customer database anymore, and there is no mechanism for paid updates or free demos).

Mountain Lion now introduces a small stick and another set of carrots. In the carrot department, there are some additional features that are only available to App Store apps, most notably iCloud storage integration. The "Open File" dialog in Mountain Lion now has two modes, opening local files and opening cloud files. The latter is reserved for properly sandboxed and approved third-party software only.

As for sticks there is Gatekeeper, which is a setting that prevents installation of non-App-Store apps. That is not (yet?) the default, but the setting is available now. The current behaviour (of allowing everything) is not the default either, though. The new default is to only allow installs from "identified developers", which means either from the App Store or from cryptographically signed packages. An "identified developer" is anyone with an Apple developer account, and he can self-sign his software. There is no approval process, but in case malware is found, Apple will blacklist the developer account, and Macs will refuse to install his software. This mechanism is built on top of the existing facility that prompts for confirmation to run a downloaded program for the first time, there are several ways it can be circumvented, it does not disable software already installed, and developer accounts are probably very easy to get anyway, so this is not a fool-proof security measure, but still a nice idea.

thilo+ is slowly growing (in functionality, if not in membership).

It started out as just a twitter stream that I would manually send my ratings to. First order of business was to write a Java application to manage a database (was looking for an embedded document database, settled for OrientDB, even though I am still not completely clear what a graph database is and how to use it) , so that I could manually enter my ratings into a database and have it send tweets automatically when that happens.

As it turns out, while Twitter does offer a publicly accessible RSS feeds, those are not as useful as they could be. First and foremost, they use URL shorteners for everything, which is terrible. The tweets fit into 140 characters with the complete URL (not that this should be a concern for RSS anyway), so this completely unnecessary and makes it impossible to see where the link is going without using special client software (or clicking on it). But now that I have a database I can produce other kinds of feeds as well, so let me present

thiloplus.atom

An Atom feed is basically the same thing as an RSS feed, don't ask me what the differences are, I am using Atom just because that is what the feed generation library I use does. The contents are still a work in progress, but the idea is that it provides as much useful information as possible to as many reader applications as possible. The source data is just what you see in the tweet, a category, a title, a URL and my rating. I then use embed.ly to pull in some more context. I am also including audio enclosures for the podcasts, so that you can use the Atom feed itself as a podcast in iTunes (in addition to the other two that you hopefully already listen to). Let me know if it does not work properly in your reader, and (if you know that) how I can improve the markup.

The next steps will be to make it unnecessary for me to manually enter my ratings into the database, but instead pull them from the various places on the Internet where I already make them public. So far, this works for Spokenword (podcasts) and Flickr (photos).

Now that I have three Twitter accounts, I have to say I am very grateful that the 140 character limit is indeed a 140 character limit, and not a 140 byte limit. While that makes no difference for ASCII people, and only a tiny difference in the German language (umlauts), this is great for Chinese or Japanese tweets. For those, every character takes three bytes, but still counts as just a single character. In languages with such a rich "alphabet", you can say so much more in the short space of a tweet.

If you are looking for a last-minute Christmas gift for yourself or others, or just some computer game entertainment for the holidays, consider the Humble Indie Bundle, the fourth installment of which is currently available, but only for two more days.

A collection of twelve games created by independent developers, offered in an innovative pay-what-you-want model that also supports charity (Child's Play and the American Red Cross). Includes full and non-DRM downloads of all titles for all three major PC operating systems, plus soundtracks and Steam keys.

• Gratuitious Space Battles
• Cave Story+
• Jamestown
• Bit.Trip Runner
• Super Meat Boy
• Shank
• NightSky HD
• Crayon Physics Deluxe
• Cogs
• VVVVVV
• Hammerfight
• And Yet It Moves

I was quite surprised to find the new iTunes Match icon which must have appeared sometimes last week. Given the fight that the various groups representing rightsholders in Germany continue to put up against all kinds of Internet content services, I had not expected that to materialise for a long while (if ever). But it seems that for 25 Euro per year you can now officially put your library of non-iTunes-purchased music into Apple's digital locker, allowing you to stream it to all your fruity devices or just upconvert low-quality CD rips to 256kb DRM-free tracks.

Being not much of a music listener, iTunes Match itself is not a service I am interested in, but along with it comes iTunes in the Cloud, the ability to re-download songs previously purchased from Apple. Remember the broken track I got in October? Probably not, but I do. I was now able to click on a nice little cloud symbol and that got me a new version of the file, and this time it was complete. Happy. Plus I still have the voucher for another free song that I got from customer support. Double happiness.

I like cloud computing. It makes computing hardware and network resources a commodity much like electricity, available to anyone, anytime, anywhere, freeing you, your programs, and your data from depending on particular physical devices. The network is the computer. That was Sun Microsystems' vision, and we can see it becoming a reality now.

Unfortunately, the more popular consumer-grade cloud services are all proprietary offerings, which undermines the commodity aspect quite a bit. You end up with vendor lock-in and loss of control over your processes and data. Depending on the kind of service and how well it integrates with others, this can become a real problem. Something like Dropbox is still relatively easy to replace, because you can at any time take your files elsewhere. But even with Dropbox you have the problem that all those programs that you have been using with it probably support only Dropbox and no other service. And trying to leave Facebook for another network while still being able to continue to chat with your friends and bringing all your posts and photos along seems downright impossible. You may not ever want to feel the need to migrate away from Dropbox or Facebook, but what if your cloud company goes out of business? Happened to me when drop.io was acquired.

In addition to lock-in, there is also the problem of centralisation, which also seems contrary to what cloud computing and the Internet itself stand for. If everyone has all their personal data stored at Amazon, Apple, Facebook and Google, the consequences of those services going down, losing data, leaking data, or being forced to disclose data could be disastrous. And with companies who let you use their services for free, you have to wonder in how many ways they monetize your information behind your back. Remember, if you are not paying for the product, you are the product.

So what I would like to see instead is open standards for interoperability between these cloud services. It should be like email: Every email application in the world is expected to be able to talk to every email service provider, and all email service providers are expected to deliver messages to customers of other email service providers. As a result, there a lot of email service providers, no single provider has everyone's email, you can choose the one you trust, you can have multiple email accounts for different purposes, you can even run your own email service (which most companies actually do).

When Apple's iCloud service was still in the rumor-mill, there was speculation if it would take the form of an updated Time Capsule device, something that people would buy and put into their home network and that would serve as a hub for synchronisation and backup between their devices. Especially since iCloud is more geared towards keeping all your devices in sync with each-other (as opposed to sharing content with other people), that seemed like a good idea. Taking this a little further, I'd love to have all my devices form an ad-hoc private network over whatever connection is available to them, with a dedicated hub being optional and not really central, and the ability to just use a Mac mini or something hosted in the cloud (but completely under my control) to run this hub. Instead, they built a massive data center, and when it goes down, Siri won't talk to you anymore.

I brought back my third Mac mini from our recent trip to Japan (it is cheaper there than here in Shanghai). Unlike its predecessors, it is not going to be a replacement machine, but an addition: I am going to continue using my MacBook Pro as my main computer (especially for work) for the foreseeable future, but its hard disk has been filling up, and the new mini's first main purpose is to offload our media libraries.

Hardware

Nice things come in small packages. The mini was quite compact to begin with, so that the new one is only half the size of the other two is not a big deal for me, but I do appreciate that they have done away with the external power adapter, which used to be almost the same size as the computer itself, and thus rather inconvenient. Probably as part of the shrinking process, but maybe just because Apple just wanted to kill it, there is no optical drive anymore. I cannot remember when I have last used the drive on my MacBook Pro, so that is probably not a problem. The three use-cases that come to mind are installing the operating system, watching DVDs and ripping audio CDs. The first does not apply anymore, since Apple no longer ships disks and has replaced the process with a combination of recovery partitions, memory sticks, Time Machine backups and downloads. For everything else, one should be fine as long as there is at least one other computer with a drive in the household. A welcome addition is the SD card slot on the back.

Magic Trackpad

The first thing I noticed after turning on the machine was that it did not detect my USB mouse. That is a pretty bad situation, because you cannot do anything with a Mac without being able to move the pointer. It is also a complete mystery to me, since at least the basic functionality of USB mice is very standardized, and the same mouse works just fine on the MacBook Pro. Fortunately, I also bought a Magic Trackpad, which seems to be getting a prerequisite with the ongoing move towards gestures. There was another unexpected hurdle connecting it, though, as I was prompted for a Bluetooth peering code. A Google search (which I would not have been able to do without another computer at hand) had the solution (just type 0000), but why this dialogue is necessary is unclear to me. It must have been a bug, because it is not mentioned at all in the Trackpad's manual. Not quite the unboxing experience you want from Apple products.

Time Machine migration

There is a Migration Assistant that you can use to get your data from your old Mac to your new one. It has a number of options, including restoring everything or individual users' data from a Time Machine backup. I used this to migrate Cissy's user account and it worked like a charm: The new user account was created, all data was copied and everything looked just like on the old machine, from account icon to desktop background to open tabs in Firefox. From my own account I manually copied just the iTunes library off the backup disk. That also worked without problems. I want to do the same thing with the iPhoto library (another seventy gigs that the MacBook Pro could do without), but before that I will have to set up Time Machine backups on the new mini. I cannot quite decide if I want to enable backup encryption. While that is of course something that I have been wanting for a long time, the feature is new in Lion, and I would not be able to share the encrypted disk with Snow Leopard.

Lion

I cannot say much about the new operating system version yet, because my main Mac is still on Snow Leopard (and will probably stay that way), and I have only really used the new computer while I was setting it up (my day-to-day interaction with it at the moment is limited to updating my iPod every morning). Cissy does use the computer a lot, and has offered no complaints, but she practically lives in Firefox and hardly sees the OS at all. From what I have seen so far I like the new approach of showing applications full screen and using a three finger swipe to switch between them. Of course, this will probably not work for all kinds of applications, and there is currently no good way to integrate this in a multi-monitor setup. As for "natural scrolling", the reversed scroll direction is less confusing than I feared. If you are switching to Lion exclusively, this should not be a problem at all. Even if you are using going back and forth between Lion and older Macs or non-Macs, you'll pretty soon figure things out. It definitely helps to use a trackpad only on Lion, and a scroll-wheel mouse otherwise.

Standing desk

Our standing desk construction unfortunately does not accomodate a monitor, so we had to revert back to a more traditional arrangement for now. We replaced the chair with a yoga ball to make amends.

This week, Amazon introduced their new Kindle lineup, and as part of that also showcased the browser that they have developed for the Kindle Fire. It is called Silk, and has the remarkable property of being the combination between a client-side component (which runs on the tablet) and a server-side component (which runs on Amazon's cloud infrastructure). If this idea takes off, it will be another disruptive technology innovation coming from a company that no one is probably mistaking for a book seller anymore. Unfortunately, Silk is a very dangerous development.

Silk works by offloading a lot of work that a browser has to do from the tablet in your hand to Amazon's servers in the cloud. Instead of your machine making all these network requests to the various websites you are visiting, it will be maintaining just a single connection (like a thin, but strong thread of silk) to Amazon. A server there will download the pages for you, caching them, resizing videos and images to fit your screen and bandwidth, parsing the HTML, executing the JavaScript. While not technically correct, a good analogy would be that the browser actually lives with Amazon, and it just sends you screenshots, similar to working via a Remote Desktop connection.

Amazon claims (and there is no reason to doubt them) that this will increase your browsing speed, providing you with a better experience. The problem, of course, is that using Silk, Amazon will be a middle man between you and all your websites. They will know what you are looking at, and they will be reading everything you type. Silk even breaks the end-to-end encryption of SSL: When you connect to a secure site, Amazon will do that on your behalf. If you do online banking using Silk, everything will go through Amazon. In addition to just watching, they could theoretically also change what you are seeing, block certain sites, throw in some extra banner ads (none of which they are going to do of course).

Amazon openly admits that they will collect and analyse all this data. They say it will be done only in an aggregated fashion that will not allow data to be traced back to individuals. Even if that is their honest intention the very existence of this system and its effect on the formerly very decentralised Internet is extremely scary. But nothing about it is illegal, big corporations and governments must love the possibilities offered by this centralisation, and most people will either be indifferent or actually prefer this to regular Internet access if it delivers on the promised improved experience, so it is quite likely that other companies will follow suit and this mode of operation could become prevalent.

I suppose Amazon has now officially joined Facebook and Google in the League of Creepy Companies. Everyone is pointing fingers at China, where the state monitors all Internet traffic, but it seems to me that free markets in free democracies are on the way to producing very similar structures.

I have been shunning the Mac App Store so far. When it was new, I launched it once and then immediately removed it from my Dock. I did not like that Apple and their 30% cut gets between me and the developer, that there are no free trials, that you need both an iTunes account (even though the application may be free) to download applications and a local System Administrator account to install them (even though they could be installed into your home directory rather than system-wide, which is the way I prefer to install things), and that a single company gets to keep track of all my applications (that part is even more disturbing with the Kindle store, by the way, because they can track what I read, and judging from the recommendation mails Amazon sends out they are making good use of that information).

But of course, this system is gaining popularity rapidly, and it has a lot of advantages, too. Installing applications from the App Store is much safer than a random download from the Internet, both because Apple vets the applications, and because they (will very soon) enforce sandboxing, which prevents applications from doing bad things. You do not need to care about making backups of the install media or keeping track of license keys: Everything is tied to your iTunes account and can be re-downloaded at any time. Prices have come down a lot (probably mostly because of increased sales volume, maybe also because of increased competitive pressure), both for the applications per se, but also if you have multiple computers, because per-seat licensing is gone: you can install the applications on as many computers you want (with some exceptions in the Pro area).

And of course, there is no real alternative anymore when it comes to Apple's own software.

I just bought Keynote, Apple's answer to Powerpoint, because I need to prepare a presentation for next week. I have been doing these things with OpenOffice so far, but was getting increasingly annoyed by that program's sluggishness and ugliness. I had not bought any office productivity software since Claris Works back in the day, iWork (Keynote, Pages, Numbers) seemed a bit pricey at $79 considering how rarely I really need it, not to mention Microsoft Office. Keynote goes for a reasonable 16 Euro in the App Store, and I happen to have enough in iTunes credit that I cannot spend on iOS apps anyway until I replace my lost iPod, or apparently on music.

CoffeeScript is a nice little programming language that compiles into Javascript. It exists to make life easier for Javascript programmers, and it achieves this by removing a lot of clutter and adding some nice syntactic sugar. At the same time, it stays close enough to Javascript to avoid the "impedance mismatch" other systems like GWT often suffer from: It does not change how anything works, there is no need for a special runtime library, you can call into (and be called from) any "regular" Javascript code, and the resulting Javascript is still readable and corresponds very closely to the CoffeeScript it was compiled from (which is good when you need to debug it). In fact, you are supposed to understand the transformations it does, and why. The Principle of Least Surprises is in effect, and the programmer stays in control.

Less clutter: CoffeeScript does away with most of Javascript's braces, parentheses, and semicolons. Especially when defining functions (which you will do a lot for example when working with callback-driven frameworks like node.js) and object literals, this really reduces the amount you have to type a lot. At the same time, this also reduces the amount you have to read, so once you get used to it, it should be easier to understand as well. The one thing that I am a bit uncomfortable here is that whitespace (in the form of indentation and line breaks) becomes significant, just like it does in Python. I found that it does actually align nicely with how I want to layout my code anyway, but I am a little worried about some hard-to-understand errors this might cause.

Syntactic sugar: CoffeeScript claims to have taken inspiration for these constructs from Python and Ruby, but I'd like to point out that those in turn have inherited them from Perl. In any case, it is very nice to have multi-line strings, string interpolation, array slicing, trailing if statements, and keywords like not or unless. There are also constructs to work with Javascript's prototype-based object system, with the frequent issue of context changes (this not being what you want it do be), and for looping over lists:

shortNames = (name for name in list when name.length < 5)

alert message for message in ['foo', 'bar', 'baz']

I did not want to write about Bitcoin again so soon, but there has been some feedback to my previous posts, and quite a storm of bad news about it recently, so here we go. I almost promise to shut up about it after that.

When I wrote last week about Bitcoin's greatest threat being part of its user base, I was talking about anti-social tendencies and religious frenzy. Allow me to add incompetence to the list.

One would assume Bitcoin mostly appeals to cryptography and computer nerds, and that as a result its early adopters would be "security literate" and understand the implications of a system that stores money in a file on a computer, and that builds upon completely unregulated transactions among completely unregulated and largely anonymous parties. One would further assume that this is even more the case for individuals who hold significant amounts in their digital wallets. The events last week suggest otherwise.

First there was the case of the man who had 500.000 $ worth of bitcoins stolen. He had been storing his wallet file containing 25.000 bitcoins (traded at around 20 $ each at the time) in an unprotected hard disk on a Windows computer that was connected to the Internet and that he extensively used for other purposes as well, including (one has to presume) chatting, browsing, and gaming. The computer was subsequently hacked and the coins transferred away. While the Bitcoin client allows this usage (in fact, it is the default) and no measures are taken in software or otherways (such as by means of warning messages) to protect the wallet, the blame really has to lie with the stupidity of the user. Any significant amount of bitcoins should not be lying around in an unencrypted file on a regular computer. It should be sitting on an encrypted memory stick in a safe, with multiple backups, and only ever be connected to anything for the short time it takes to initiate a transaction. What this user was doing was equivalent to placing a pile of cash on the table in an unlocked room with the windows (pun intended) open.

And then there was the MtGox meltdown. MtGox (which used to stand for Magic: The Gathering Online Exchange) is (or maybe was) the largest (practically the only significant) service for exchanging bitcoins to US dollars. It accepts (completely unregulated, unlicensed, unaudited and uninsured) deposits from traders in bitcoin and dollars, and allows them to trade among each-other between the two currencies. Over the last weeks there have been complaints from users about their accounts having been hacked, the blame for which MtGox put on the users.

Last week, it has been revealed that MtGox was vulnerable to CSRF attacks, which made it possible to initiate MtGox transactions by having the account owner click on a seemingly unrelated link. This is of course a terrible security hole for any website, and unforgivable for a financial site, but on the other hand, it only works if you stay logged in to MtGox while browsing other websites. You should have learned in Internet Banking 101 that you always log out immediately after you have done your banking business. Using a dedicated browser for online banking is not unheard of, either.

And then on Sunday, the bomb struck: The whole user database of MtGox had been stolen and leaked on the Internet as a file containing all user names, email addresses and password hashes. Most likely using this file, someone accessed an account on MtGox containing 500.000 bitcoins, sold all of them, thereby driving the exchange rate down from 17 dollars to one cent within ten minutes. After that MtGox shut down, and will only resume trading after the security problems have been fixed, all users re-authenticated, all passwords changed, and all trades after the fraudulent one rolled back.

The effect this massive trade had on the exchange rate is a topic all in itself. I do not have a problem with it, and I do not think it is strictly necessary to prevent massive fluctuations by shutting down the market (which is what would happen in a stock exchange for example). The rate recovered soon afterwards. A trade of such huge proportions will of course move the market quite a bit. In fact, I would really like to see a legitimate sell-off from the couple of people that hoard the thousands of bitcoins back from the early days. Otherwise all the talk about Bitcoin being one big Ponzi scheme is not without base. If Bitcoin is supposed to grow, there needs to be more liquidity and the coins need to be in the hands of people who want to transact with them (as opposed to speculators). The "founding miners" should cash out now (and if that brings the price down to 10 cents again, so be it).

To get back to the security topic: In no way can the incompetence of MtGox be excused here. But how can there be an account with 500.000 bitcoins? That is almost eight percent of all coins in existence! Unless you really wanted to trade all of them very soon (and that does not make sense, because MtGox only allows withdrawals of up to 1000$ a day), they should be sitting on the encrypted memory stick in your safe. And why would you trust MtGox enough to deposit such a huge amount of money with them? Again, they are a non-audited, non-insured, non-regulated very small shop unlicensed as a depository institution, running their trading system on software put together for swapping fantasy trading cards. What if one of their employees (if they even have one...) decides to run with it?

And looking at the leaked password file, what is up with all those people that use their username as their password, or even just the word "password"? It takes mere seconds to expose those passwords, and they are known all over the Internet now (or at least with people that collect other people's passwords). My name is on that list too (I checked), but my password can probably not be decrypted easily, because I use a password generator program that makes passwords very hard to guess. And even if my password gets disclosed, that would only have affected my MtGox account (where I do not keep more than I am comfortable with losing), because the password generator also makes sure I have a different password for every site. A lot of people with weak passwords probably use the same password for their email account (conveniently listed in the same file) and other online services. We only learned about this because of the big brouhaha at MtGox. There are many more such password lists being passed around in criminal circles that the account owners (and service providers) never hear about. Think about that next time you set up a password for some forum site or greeting card service.