A number of people asked me if I’m in line for an iPad. The short answer is, I’m not. I lack a clear use case for it and that kind of money can buy my kids some nice holidays. But the iPad is a beautiful machine. It looks like something out of the future and while I haven’t held one yet I’m pretty sure it feels like that too. Somewhat like the guy who designed the first flipphone cause he wanted a Star Trek tricorder, but totally better.

I don’t have a use case for the iPad but then again I’m not the typical user. We already have a netbook on the couch the wife uses for Facebook games (which, for the time being, is about the only reason Flash is important on something) so that’s covered. I myself have been, as of late, living on my N900 and while sometimes annoying for lack of horsepower (and little Maemo5 snafus) it has been rendering my workstation more and more as the thing I use to do development and gaming on. The N900 is a proper computer and fits in my pocket which are two very important requirements for me. The 98% of the population who isn’t like me will use the iPad exactly as I use the N900 and for them it will slowly and steadily become their personal machine. So, to the people saying the iPad isn’t a real computer and won’t catch on cause it’s neither a PMP nor a notebook I say poo poo. That’s a weak argument if I ever heard one.

Meanwhile, iPhoneOS 4.0 has came out which will bring, among other things, proto-multitasking to the iPad enabling IM, music player and VoIP. Next year an iPad2 will surely come out with a front facing camera, iChat and Skype videocall. If everything goes according to Apple’s plan, Flash will be a memory like Java applets are now and the iPad will be the personal device.
Speaking of Apple’s plan, the iPhoneOS4.0 SDK basically kills the upcoming Adobe Flash iPhone cross development GUI app. That gotta sting, not only Adobe but also all the Flash developers who were planing to code the next iFart in Flash and become millionaires. They’ve become upset and trash talked Apple and I wouldn’t be surprised if a lost profit class-action suit cropped up (please oh please do, that would be so entertaining). My take on the whole thing is, iPod/iPhone/iPad is a closed system, Apple never made representations otherwise and if you want to make money off it you listen to Apple and play by Apple rules. Don’t like them ? Pack up, leave and develop for Android which is an open system or buckle down and learn Objective-C/Cocoa. Either way, shut up.

Microsoft is very excited about unified development for PC, XBOX and Mobile. They’re talking about the exact same game, with minor adjustments, on all 3 platforms. Most people can see some kind of fault with that reasoning. They can’t.

One size fits all tends to end up with whatever the worst platform can handle. This kind of works from XBOX and PC, with the XBOX being a crappy PC and PC developers being used to develop for crappy PCs. It doesn’t exactly work cause controls on a PC are much richer than on an XBOX. And console games are simpled down versions os PC games anyway.
But let’s face it, a Snapdragon mobile phone isn’t exactly a crappy PC. It’s not even a PC, it’s just a low power CPU with lowend 3D graphics. You’ll end up playing on your 2000USD PC a game your phone can render.

What works is having, not versions, but aspects of the game. You play some parts on the XBOX or the PC and some parts on the mobile. Example, on an adventure game you play some wicked 3D combats on XBOX and do your adventuring on the mobile taking advantage of all the nice things a mobile has, such as a touch screen and mobility. This isn’t rocket science, Nintendo did this with Zelda on Gamecube+GBA (expect the cable made it awkward), and in the end what you need for a compelling game is making the best experience possible all around, not go easy on the developers.

One of the reasons Microsoft is on the way down is they gave up on shipping products. The last few things that made a blip don’t actually exist. Let’s review. There’s Surface which never could make it as a product, there’s project Natal which was announced 18 months ago for 4 months ago, Windows Phone 7 Series which will exist in real hardware at best, next Christmas and now Courier which they promise will be really awesome if it ever exists.

I can imagine Ballmer standing before the Board going “We’re going to make a killing next Christmas, just you wait. We have this really really amazing stuff just about ready to come out”.

Recently researchers at Cambridge examined the protocol between EMV banking chip cards and point of sale terminals and demonstrated an attack against the system where they make a payment without inputing the correct pin. This attack is trivial. I’m not talking about the research which is not only interesting but complex in nature. What I’m saying is, the system is fundamentally flawed and so trivial attacks are possible. I’m not exaggerating, a computer science undergrad could have come up with a better system. He wouldn’t even have to think too hard. He’d just need to copy it from a textbook.

The press always makes this things more spectacular than they actually are so to back up my claims we’re going to design a point of sale payment system and see what we can come up with. We’ll start with the chip in the card. This is small processor that’s designed to do cryptographic operations and hold secret information. This chips have been in use for a few years and are effective. Effective here means unless you’ve stollen Bill Gates’ card chances are you’ll steal less money than it would cost you to attack the card itself. Also, given people notice cards are missing odds are the card will be revoked before you get results from an attack on the chip. So, for this purpose, we’ll consider the chip effective. Unfortunately, as far as I know, most cards issued to this date are issue with ineffective chips and are similar to the old magnetic strip cards. We’ll ignore those and design for effective chips.

The chip knows 2 things, one is your pin to authenticate you and the other is a secret to authenticate itself with the bank. When the chip is reasonably convinced the person using the card is who he claims to be, through providing the correct pin, it will use its own secret to create a command the point of sale can send to the bank. The bank in turn will look at the command it received, verify it was generated by the correct chip after seeing the correct pin (through the secret the chip shares with the bank) and if it’s convinced the operation is legitimate execute the payment command.
So to get this thing going we only need an operation between the point of sale and the chip. The point of sale provides the inputed pin and the transaction to the chip. If the pin checks out the chip encodes the transaction so that the point of sale can send it to the bank. It the pin is wrong the chip returns an error to the point of sale and it gets displayed to the user. This system is far from the perfect, the user must trust the point of sale won’t steal his pin (which can be used with the stolen card). The user must also trust the point of sale will ask the chip to encode the correct transaction and not some other debit. But the bank can trust the chip saw the right pin and making a better system would involve a slower system and a more complex and expensive chip. This of course is not the end of the story, the system needs to be properly engineered to ensure it’s trustworthy. The devil is usually in details like making sure the transactions are not repeatable (so that a malicious point of sale can’t just reissue the same transaction over and over) or that a stolen card will lock itself up after a number of attempts.

Now that we designed a working system lets look at how the actual system works. The Cambridge researchers found the system has not one but two separate operations, validate pin and encode the command (actually, there’s a lot more around this but the essence of the system can be described this way). The points of sale don’t have a validate pin operation so this doesn’t seem to make much sense, the separation comes from the huge amount of complexity existing in the EMV system. So lets try to design a system as secure as our original one but with this extra constraint (such is the life of an engineer). We’d have to relink the two operations making the command encoding depend on the pin verification. This is done by having the chip give a random number, called a token, to the point of sale when it validates the pin. The point of sale in turn passes this token back to the chip along with the transaction it needs encoded. The chip confirms the token is valid and encodes the command for the transaction, guaranteeing the pin was correctly entered. This is heavier on the chip but is nearly as secure as our method (some design flaws on the chip might make this method weaker). Now lets look at how the EMV system actually works. On their system the validate pin operation doesn’t return a token. It just says yes or no and then the point of sale decides how to proceed. As the observant reader probably realized we just placed a lot of trust on the point of sale, the trusted chip is no longer master of our pin but must instead rely on the point of sale doing the right thing (which might be go to signature authentication). An obvious attack is having a point of sale that doesn’t do the right thing. It might go ahead with the transaction when a wrong pin pin is entered or delay printing the receipt a bit and issue a few extra transactions. But there’s another weak link on the system, the point of sale to chip communication goes through an unsafe interface, the chip contacts and point of sale reader. That’s what the researchers attacked, they inserted a device between the card and the point of sale that always reported “pin ok” coming from the chip (I won’t go into details about how to do this, it’s not trivial but it’s not very hard either). This type of attack wouldn’t even exist in our initial system. On our modified two operation system the attack wouldn’t work cause the attacker can’t just inject a known reply into the stream. In fact, it would only be possible to attack the chip-point of sale interface if the chip had a design flaw on the verification of the tokens. In all truth the EVM system does include some safeguards designed not to prevent but to report this kind of inconsistency. However this safeguards are so poorly designed and implemented they are not effective.

So by employing advanced cryptographic chip technology EMV ended up with something worse than the decades old magnetic strip cards. The problem with magnetic strips is they are easily copiable so someone using a “skimmer” that reads the card and intercepts the pin (recently some skimmers where found attached to ATMs and physically tampering a point of sale terminal to skim card is fairly easy) can easily create a duplicate of the skimmed card and then use it together with the skimmed pin. As mentioned before most currently used chip cards employ simple chips and are as easy to duplicate as magnetic strips. That together with the attack above make them less secure than strip cards. Newer Pin and chip cards can’t be skimmed but on the other hand a robber can use just the card without bothering with the pin. There’s even deeper problems with this system caused by having the two separate operations. The ability to coax the card into generating encoded commands allows someone with access to a large stack of cards (stolen, old discarded or blank unissued) to run something called a plain text attack. The attacker generates large quantities of encoded text from known plain text and then analyses the encoded text to try to derive knowledge about the encoding system. A successful attack may, depending on how well the system is engineered, compromise the whole system an allow havoc like easy card cloning.

Congratulations. If you read through the article and were able to follow you are now better at designing payment card systems than EMV. This kind of absurd failures are usually the result of committee design and pressures from manufacturers to make the system cheaper to build or less interoperable so that it generates vendor lock-in. In this case there was also no effective independent review, a key element in successful design of security systems. Sadly, the specification seems to cover so many usage possibilities and provides such latitude to proprietary implementations of key features by individual banks it would would be impossible to review. More distressing even is the EMV was probably never meant to be secure. It was meant to be marketed as secure to stop credit card signature fraud claims from stores. And it’s arcane enough to thwart any attempt to prove pin fraud so the end user is stuck with the cost of the frauds. In fact, the researchers claim to have been contacted by a number of pin fraud victims where the banks and EMV just claimed misuse of the card and never even investigated on grounds of the system being secure. Considering the simplicity of the attack I’m sure a number of criminal rings, who actually put resources into cracking this kind of systems, have known about this for quite some time. I’m also sure the laws the media and make-believe-security industries are trying to push to the effect of banning security research would also prevent us, the public, to ever know about this gapping flaws.

Looking forward, the researchers list some ways the system could be improved but are hard to implement in practice cause it would mean changing a number of existing systems. There’s another way which sheds signature verification altogether, making cards only create a valid transaction within a reasonable time after a successful pin authentication is performed. This would make the chip a bit more complex and more expensive so I’m sure the banks would never switch to this type of cards. After all, they already managed to shift the liability to the end user so why bother with actually protecting their customers ? Easy, market the cards that actually work bundled with a fraud insurance and obviously, an extra monthly fee.

Adobe is obviously annoyed at the “no flash here” broken plugin icons on the iPad. And people are pointing out Flash is a huge, bloated, crashy pig on the desktop.

Guess what, Flash is a huge, bloated, crashy pig on mobile too! My N900 has flash 9.0. It can play YouTube. But most of the time, guess what, I avoid it. I know you’re trying Adobe but the experience is just pain, pain, pain and then more pain.
And to sum it up the single greatest improvement in Fennec 1.0RC3 over RC2 was disabling Flash by default. And guess what, it got snappier.

Yeah, my N900 has Flash but for some reason the first extension I installed was AdBlock …

Everybody’s calmer and most of the giddiness has passed so now it’s time for the evil review.

• The UI is lukewarm. Everybody was expecting something new and brilliant in terms of interface. Turns out it’s a huge iPod. Same homescreen and all. And the onscreen keyboard is a dream to type on ? Really ? Didn’t hear anything about haptic feedback so it looks a lot like drumming your fingers on a glass table. And it basically fails for one hand input. Decent enough to type a quick email ? Sure. Dream to type on ? I’m sure Jobs had to force this words out of his mouth.

• Did it have to be microsim ? Everybody else does really well with “regular” sims, even the people doing tiny phones. Were those extra couple of cubic mm really needed for something else ? The truth is obviously no, that tiny extra space could be sacrificed for compatibility. The real reason is appeasing the carriers. It’s unlocked, but they can control the deployment on their network by supplying (or not) the microsims. And since nothing else uses the microsims they’re also a price point tool, carriers can create special iPad packages, cheaper or premium. Yesterday I wrote I’d probably get the 3G version. That was obviously a mistake. Not with microsims and $130 premium, there’s a wonderful world of Joikuspots out there that manage to bridge that gap.

• No DisplayPort ? No USB. For something that’s supposed to be nearer a computer than an iPod the connectivity looks pretty ipodish. And most of all, no front facing camera ? Just imagine Steve doing iChat AV on stage with the Pad, that would’ve blown everybody away. I’m also told college kids really like videochating hotties. Forcing people to see my ugly mug isn’t high on my list but it will probably hurt on the college market next September.

• This thing has iPhone 3-year plan written all over it. It’s not like I can see into the future but I can see a 3rd gen iPad a couple of years from now with front facing camera and USB and regular sim slot. This isn’t exactly a cheap toy so people might just hold out for the next model, the one that’s really great.

• And the elephant in the room is, this isn’t 3 years ago. 3 years ago the iPad would reign supreme and the closest “competition” would be from an HTC or HP “slate” running Vista (Intel, 2h of battery) or WinMo5 (350MHz ARM, 4h of battery) and it would be utterly irrelevant. Now, however, I’d be holding out for the snapdragon powered Android “pad” someone (my money is on Asus) someone is going to release in the not so distant future. It won’t be aluminum, the screen won’t be as stunning and it probably won’t be glass. But it will have a front facing camera, it will have have USB and 3G people can actually use. And it will be in the same class as the iPad.

And Jobs came forth and gave us the Pad . The good names like Tablet and Slate were already taken and Pad fits in the iP theme so cutting a long story short, iPad it is. In the usual list style:

• It’s big. It’s carry in a bag big. The screen is nearly 10” and there’s a bit of border so it’s about the size of a big netbook. It’s clearly designed to be much closer to a macbook than an ipod despite the fact it’s an overgrown iPod. The screen is IPS which I never seen upclose but I’m told is brilliant and has excellent colour accuracy. That means it’s perfect for delivering digital versions of high quality, glossy magazines. And that’s obviously part of the plan as are books which might not work so well. The buying experience is itunes simple but the price point seems higher than amazon and the screen might not be easy on eyes for long reading periods. In the end it might just be down to Apple’s ability to negotiate price and DRM.

• This truly the best “handheld” Internet experience simply for sheer screen quality. And the builtin apps, from Mail to iPhoto seem great but if Apple wants to the iPad to muscle out netbooks it needs to be much less controlling about apps than it is on the iPhone. The first step is there, the 3G version is carrier unlocked and the fact Apple got a prepaid (and unsubsidized) data plan from AT&T (which by the way is not cheap, is just normal Europe rates) is a first great step towards a less restrictive approach to apps. Communication apps like Skype or Fring (or Google Voice) shouldn’t have any issue going into the iPad. Of course the lack of a front facing camera will always hurt on that side (it will never get a videocall button like my N900 has) and Apple’s bold (and strategic) stand against Flash will kill some of the market (no Farmville for you!) but in the end the overall experience will probably come out ahead.

• The iWork version actually looks useful which is much more than I expected. And each app is $10. And you have VGA out via the dock connector. That adds up to a clear and bullseye shot on Microsoft’s cash cow. If you’re a sales guy doing a pitch at a client you better show up with an iPad and a micro projector. Only losers use Toshibas and PowerPoint. And you better use the stunning Keynote transitions instead of the crappy PowerPoint animations too. All the cool kids are doing it!

• No business guy will use an iPad as primary computer. College students on the other hand will. Why should you carry around a bunch of huge books when you can have them all inside less than 1kg ? And the PadWork (that’s what I call iWork on the iPad) is probably GoodEnough. The case and keyboard dock look custom made for this market and the fact is good deal cheaper than a MacBook doesn’t hurt either. What might hurt on this market is the lack of Flash and videoconferencing. There seems to be USB host “connection kit” so there might be a webcam dock in the not so distant future.

Will I get one right away ? Definitely not. Will I get one when the netbook we use around the house kicks the bucket ? Depends if the wife kicked the Farmville habit or not. Will it be the 3G version ? Most certainly yes!

The desktop is going down. It happened before, it will happen again.

The few of us that actually used campus networks with thin clients know it beats the hell out of carrying a laptop around. You sit in a terminal anywhere in the campus and bam, that was your computer, with your environment and your files. Campus had 10Mbps local networks and LAN interconnects exceding 100Mbps. It was pretty wild.
Sadly the 1990s world at large didn’t have 100Mbps interconnects or anything remotly like that. In the world at large we were stuck in local computers, direly underconnected and not all that powerfull. For a number of reasons the 90s sucked.

By the end of the 90’s Oracle figured out the network would be the computer. A number of people got onboard but the technology wasn’t there yet, lets just say a lot of Java and dialup was involved, and it all failed. Then laptops started getting better and you could lug around an underpowered portable version of your unexciting, underconnected personal computer. It still sucked, only slighty less. Meanwhile, techies (as the journalism punditry likes to call us), tryed to pull together the tatters of connectivity, a open wifi here, a dsl there, into something ressembling the ubiquous campus network. IMAP servers, webviews of documents, IRC networks, all slow, all bleak, all cobbled together with ductape, spit and servers living beneath the raised floor of some datacenter or other.

And at some point the pundits (with the help of the industry of course) discovered The Cloud. It’s always on, it’s great, all your stuff is there. It’s great for individuals cause the cloud is gmail. It’s great for companies cause it’s outsourcing (ASP and SaaS never quite took did they) and virtualization (we already established virtualization is good). Everybody’s happy!
Everybody, except Microsoft of course. Microsoft spent a good deal of resources making sure email meant outlook and corporate “web interfaces” meant internet explorer. Now people are using linux powererd netbooks to access gmail using firefox. And there’s gmail for enterprises too. How the hell did that happen ? People were buying cheap computers just to check email, browse and play farmville around the house. The GoodEnough culture on which Microsoft had thrived and made billions had just turned against them. The netbook was good enough.

Meanwhile small, low powered devices were getting less low powered. Nowadays the Cortexs and Snapdragons are standing just at the other side of the bridge netbooks built and they’re good enough. Some are even really good. Today we’re at 840x480 beatifull OLED screens powered by 1GHz CPUs with hardware accelerated HD decoding and that’s not only better than what we had when Oracle tried but it’s also inside our pocket and always connected to the Internet at 10 to 100 times the speed we had then. Going forward the unicorn apple tablet and the new Android devices will probably make the experience even more seamless and use more obiquous. As capable devices trickle down the price points more and more people will transition to mobile from aging desktops, not to mention the billions who never seen used a desktop and will jump right into gmail and ovi.

And thus, the desktop will become irrelevant.

I am aware Microsoft Internet Explorer can’t render chbm.net. That shouldn’t affect you unless you either don’t know the Web can actually look good or want it to look donkey behind.

In case you didn’t know the Web can actually look and generally not suck here’s my gift to you: the choice of Firefox, Google Chrome or Apple Safari. Firefox is the most extensible, Chrome is the most googley and Safari is not very Windows native but if you have iTunes installed odds are you already have it.

If you chose your Web to look like it does in Internet Explorer then chbm.net caters to you brilliantly. There’s no concessions or work arounds. The fact IE8 basically has the same box model errors IE6 had is laid bare here. Positioning, paddings and margins are consistently wrong in IE and 8 still not knowing how to render a table cell or position a float (that’s why the warning label at the top shows only in IE - in correct browsers it’s rendered offscreen) should fill the Microsoft IE team with shame. It’s also the reason why you need to scroll down to get to the content. The only visible advance is position fixed finally working in IE8. I don’t use position fixed on chbm.net.
I won’t even discuss why you don’t like nice details like transparencies or rounded corners. You’re probably from 1999 or something.

Avatar (in 3D!) is phraking awesome. It’s so well rendered you forget you’re watching CG despite the fact it’s a whole different imagined planet. It also means we can now do whatever we want with images. We can commercially synthesize images that look real.

Then, of course, it’s a huge massive effort to remind us all we have advanced in 5 thousand years is in the way we’re able to kill far away people. That and the varnish called “democratic western society” about not killing and not stealing amongst ourselves.