Linked List: May 17, 2011

Tuesday, 17 May 2011

Guests Say Goodbye as Sahara Goes Dark ★

Nice bit of writing by John Katsilometes in Vegas to mark the closing of the Sahara.

Don’t miss the archive photo gallery.

Timoni West, on the shortcomings of Flickr’s UI for showing you new photos from your friends:

And remember, these are just the biggest problems. The page fails on a fundamental level—it’s supposed to be where you find out what’s happened on Flickr while you were away. The current design, unfortunately, encourages random clicking, not informed exploration.

I agree with Buzz Andersen: this is why I’m using Flickr less over time.

Finder Complaint No. 4,256 ★

Preston de Guise is annoyed, rightly, that the Finder calls his iDisk volume “iDisk” in the source list sidebar, but names the volume by his MobileMe account name on the desktop (and in the Finder’s top-level “Computer” view).

Audience Chip Responsible for iPhone 4’s Noise Cancellation ★

Nice detective work from iFixit and Chipworks.

Twitter Updates Mobile Web Interface ★

Looks a lot like the native Twitter iOS app, but in practice falls far short. Scrolling is not quite right, and many of the animations flicker. I know of at least seven native iPhone apps that offer a far superior experience (Tweetbot, Twitter, Twitterrific, Weet, Tweetlogix, Osfoora, and Echofon, roughly in order of my personal preference). But this might be better than any native Android Twitter client I’ve seen.

(Alas, this new interface doesn’t seem to be available on WebOS. Not sure why.)

Interactive Exploration of a Dynamical System ★

Speaking of data visualization, this video shows some amazing work by Bret Victor for exploring systems of differential equations. Much more along the same lines on Victor’s “Kill Math” website. (Via Mike Matas.)

HP Beats Estimates but Reports Weak Consumer PC Sales ★

VentureBeat:

HP beats estimates but reports weak consumer PC sales. Leo Apotheker, who took over as chief executive in October after former boss Mark Hurd was fired in an ethics scandal, said, “The steepness of our Q2 decline (in consumer PC sales) is greater than we anticipated.”

He said HP saw uneven consumer performance across its product categories during the quarter and continued softness in consumer PCs across all geographies. That makes you wonder if strong sales of iPads and other tablets are hurting HP. HP’s personal systems group sales fell 5 percent, while consumer PC sales fell 23 percent.

The stock took a beating on this news.

As for where HP is headed with PCs, PCWorld reports:

Hewlett-Packard considered using Intel’s Thunderbolt interconnect in new desktop PCs announced Monday, but is sticking with USB 3.0 because of wider support, a company official said.

“We did look at [Thunderbolt]. We’re still looking into it. Haven’t found a value proposition yet,” said Xavier Lauwaert, worldwide marketing manager for desktops at HP.

Which means they’re betting against Apple.

‘Above All Else, Always Show Comparisons’ ★

Joshua Yaffa profiles Edward Tufte for Washington Monthly:

Edward Tufte occupies a revered and solitary place in the world of graphic design. Over the last three decades, he has become a kind of oracle in the growing field of data visualization—the practice of taking the sprawling, messy universe of information that makes up the quantitative backbone of everyday life and turning it into an understandable story. His four books on the subject have sold almost two million copies, and in his crusade against euphemism and gloss, he casts a shadow over the world of graphs and charts similar to the specter of George Orwell over essay and argument.

Dropbox Changes Description of How Files Are Encrypted ★

Ryan Singel, reporting for Wired’s Threat Level on an FTC complaint against Dropbox by Christopher Soghoian (yes, him again):

Up until April 13, the site promised this:

Dropbox employees aren’t able to access user files, and when troubleshooting an account, they only have access to file metadata (filenames, file sizes, etc. not the file contents).

Now the site says:

Dropbox employees are prohibited from viewing the content of files you store in your Dropbox account, and are only permitted to view file metadata (e.g., file names and locations).

This won’t keep me from using Dropbox, but there’s a big difference between Dropbox’s original and current descriptions regarding how their encryption works.

Fantastical 1.0 ★

New $15 (introductory price through June 1) calendaring app for the Mac, from Flexibits. I’ve been beta-testing it for a few months, and I’m impressed. Fantastical’s primary innovation is its natural language parser for event creation — you type something like “Yanks-Rays tonight at 6:40” and Fantastical not only parses that into a new event, but, using some very clever animation and design work, shows you what it thinks you mean before you hit return to actually create the new event. Watch their screencast to see what I mean.

Four years ago I wrote a piece called “Deal With It”, about how some UIs feel like going uphill and some feel like going downhill. An uphill UI feels like you’re fighting against the app; a downhill UI makes it feel like the app is helping you along. The example I chose to illustrate my point was event creation in iCal (uphill, and steep) vs. 37signals’s Backpack (downhill). Fantastical is an even better downhill UI for event creation.

One more point: Fantastical also provides a terrific list of events coming soon on your schedule. It’s now my primary calendaring app.

FOSS Patents: What App Developers Need to Know About Lodsys and the In-App Upgrade Button Patent Problem ★

Outstanding analysis by Florian Mueller. Must-read if you’re at all interested in this Lodsys patent claim on in-app purchases.

The War on Drugs v. the Constitution ★

Ruth Bader Ginsburg, in a lonely 8-1 dissent:

How “secure” do our homes remain if police, armed with no warrant, can pound on doors at will and, on hearing sounds indicative of things moving, forcibly enter and search for evidence of unlawful activity?

As Scott Lemieux writes, “The War (On Some Classes of People Who Use Some) Drugs, however, is where the Bill of Rights goes to die.” (Via Kevin Drum.)

Android Leaking Authentication Tokens in Clear Text ★

Bastian Könings, Jens Nickels, and Florian Schaub, security researchers at the University of Ulm:

We tested this attack with Android versions 2.1 (Nexus One), 2.2 (HTC Desire, Nexus One), 2.2.1 (HTC Incredible S), 2.3.3 (Nexus One), 2.3.4 (HTC Desire, Nexus One), and 3.0 (Motorola XOOM) and with the native Google Calendar, Google Contacts, and Gallery apps (or respective synchronization services).

Until Android 2.3.3 the Calendar and Contacts apps transmit any request in the clear via http and are therefore vulnerable to the authToken attack. This affects 99.7% of all Android smartphones (stats from 2nd of May 2011). Since Android 2.3 the Gallery app provides Picasa Web Albums synchronization which is also not encrypted.

Since Android 2.3.4, the Calendar and Contacts apps are using a secure https connection. However, the Picasa synchronization is still using http and thus is still vulnerable.

Our sniffed authTokens were valid for several days (14 days for a sniffed Calendar authToken), which enables adversaries to comfortably capture and make use of tokens at different times and locations.

I’m sure most Android handsets will be updated to version 2.3.4 or later very soon, so no worries.

Shine 1.0 ★

Simple, fast, good-looking weather app for the iPhone by AppThat. I’m trying Shine out on my first home screen, replacing Apple’s built-in Weather app. 99 cents (cheap!) on the App Store.