Monday, November 28, 2011

How to say "I don't care" this Christmas

Christmas is less than a month away and, no doubt, many folk are now considering what gifts to buy friends and family.

If you were hoping to post a gift to Aunt Agatha in the UK or your old friend Eustace in the USA then chances are you've already left it a bit late -- but fear not, the Internet will save you!

Online shopping is a great way to save money and ensure that last-minute gift is delivered on time to those people in far-away lands - what's more, it's almost certainly cheaper than buying locally and then spending a small fortune on postage.

Unfortunately there are often a few hiccups in the process.

Some online retailers won't ship to a country other than that in which your credit card is registered. That makes a lot of sense -- since the trade in stolen/cloned cards is rife and the savvy fraudster will always try to use a card from a foreign country when buying online.

However, if you can find an online store in the UK that will accept payment from NZ for delivery to a UK address then you'll save a bomb (on the postage at least) when buying for Aunt Agatha and the time from clicking "buy now" to actually having the item in her wrinkly little hands will be greatly reduced.

So cyber-savvy makes good sense when buying gifts -- but there are instances when you really ought to give the Net a very wide berth at Christmas.

Please, please please -- do not send e-cards to people you care about.

It reeks of "I'm so cheap I couldn't afford a stamp" or "you're so unimportant I just figured I'd spend 2 seconds sending you an e-card instead of a real one".

Not only do these e-cards make you look like a cheap, insensitive clod, they also make it much easier for malware producers to sneak nasty payloads onto the PCs of unsuspecting victims.

For every genuine e-card that arrives there are goodness knows how many unsolicited malware-versions that are sent out by those seeking to build or grow their botnets -- and collect credit card details from the unsuspecting, in order to fund their own fraudulent online purchases.

So there you have it -- my Christmas tip -- don't send *anyone* an e-card and be very, very wary of opening any that might arrive in your own inbox.

In fact, why not send an email to all your "friends" and family right now, advising them that you won't be accepting e-cards this year for security reasons. That'll mean that those cards which do arrive in your inbox will almost certainly be bogus and it'll also remind those cheapskates who were planning to save themselves a stamp that they really need to think again.

Monday, November 21, 2011

Interesting times in the world of science

A couple of interesting reports caught my eye on the science wires today.

The first was the result of further experiments designed to try and prove or disprove recent observations which hinted that neutrinos may have been observed traveling faster than the speed of light.

Back in September, scientists working in Italy as part of the OPERA collaboration announced the results of an experiment that shook the very foundations of modern physics. They produced data that was at odds with the predictions of Einstein's theory of general relativity.

Numerous peer reviews of the experiments failed to turn up any explanations for the data which suggested that neutrinos had been observed traveling at faster-than-light speed -- but the underlying belief was that it was the experiment at fault, not Einstein's theories.

In an attempt to solve the mystery, another experiment was performed last week -- yet the results are consistent with the first and still indicate that a stream of neutrinos released from CERN arrived in Italy faster than it would take a beam of light to traverse the same distance.

The importance of these findings is so great that the scientists involved are still focused on searching for any possible alternative explanation for what they've observed. Stay tuned, this will be a very interesting outcome -- either way.

Another exciting report was practical proof of theoretical predictions relating to the Casimir Effect.

In theory, the Casimir Effect would allow energy to be extracted from a vacuum, simply by positioning two plates a microscopically close distance apart.

Quantum physics predicts that if the plates were close enough, a force would appear that tried to push them together. This is because, subatomic particles are supposedly constantly popping in and out of existence and if the plates are close enough, there is insufficient room for many to "pop into existence" between the plates but plenty of room for them to do so on the other side of those plates.

The net result would be a pressure that worked to push the plates together -- at least that is the theory.

As part of this theory, the Casimer Dynamical Effect says that a mirror traveling at near light-speed through a vacuum will itself produce light, as it encounters the transient photons that "pop in" ahead of it.

Scientists have been unable to test this theory due to the difficulty in accelerating object with the mass of a mirror to a sufficiently high speed. However, by using a piece of quantum equipment called a SQUID (a superconducting quantum interference device), they have produced the same effect using microwave signals.

What does this mean?

Well it proves that even the most absolute vacuum does contain energy and perhaps one day we will be able to extract that energy.

If ground-breaking scientific discoveries in the field of physics are like most other things, big news will probably come in threes.

I wonder what's next?

Monday, November 14, 2011

Stop messing with my user-interface

In the beginning -- there was a row of switches and lights.

That was the interface between man and computer - and it sucked.

Over time, and as technology became more powerful, this interface evolved and became a whole lot more efficient and friendly.

For a while, teletype printers and keyboards ruled. They allowed programs, commands and data to be input in English-like languages and phrases. They also allowed the computers of the day to output information in an easily read and archived form.

Then came the CRT and the electronic keyboard. Suddenly the need to kill a forest simply to initiate a few batch commands or debug a problem was gone.

After a while, the plain, monochrome, character-based CRT display evolved into a pixel-addressable screen capable of displaying tends, hundreds, thousands or even millions of different colours.

Gone was the need to laboriously type in every command using a keyboard -- point and click became the norm once the WIMP (Windows, Icons, Mouse and Pointer) interface took ahold.

Of course it's probably best not to talk about the oft promised but never delivered natural language speech interface but who knows, maybe that too will become practical one day.

So now, in the second decade of the 21st century, we're focusing on the feature-set and ergonomics of our software but still using the WIMP paradigm.

Unfortunately, those who design and implement software seem to be running out of good ideas and I get the feeling that some applications are actually slipping backwards when it comes to the effectiveness and efficiency of their user interfaces.

Strangely enough, I am not alone in this observation and others in the industry have voiced similar concerns over recent updates to popular software.

Just last night I upgraded from Mozilla 3 and 4 to Mozilla 8 (did I miss four versions already?) and I'm not at all happy with the changes I now have to adapt to.

For instance... where's the reload button? As a developer, I use the reload function a lot -- but that important click is now two clicks (right button, point to "Refresh", click). Why?

And why did they move bits around for no apparent reason? Simply so that it looked like a new version rather than a minor revision perhaps?

When I upgrade my software, I don't want to have to relearn a whole bunch of stuff for no real gain in efficiency or ease of use -- that's a false economy.

Are we now reaching a point with user-interface design where our interfaces are so good that any change (especially for the sake of change) is simply a retrograde step?

If so - then I would ask the programmers to please "put down the mouse and step away from the keyboard"

Monday, November 7, 2011

Malware makers opt to target mobiles for the big money

For many years now malware authors have discovered that there are rich pickings to be made by infecting people's PCs with trojans and back-door code that offers to harvest key bits of data such as account logins, credit card numbers and online banking data.

Interestingly enough, as PC operating systems become more hardened to such attacks, mobile phones are seemingly becoming more vulnerable and far more attractive targets.

Thanks to the widespread use of two main operating systems (iOS and Android) and a growing appetite amongst users to have the latest and greatest applications, the job of the malware writers has been made somewhat easier than was the case when every phone had its own proprietary environment.

What's more, the increasing power of smartphones has greatly increased the number of people who now use them for activities such as online banking, online purchasing with their credit cards and even mobile payments.

However, if the latest reports are to be believed, the biggest money-spinner for the malware makers is the creation of applications that masquerade as bona fide code while covertly sending of SMS messages to expensive online services. Those services operate very much like an 0900 number and a charge, sometimes quite significant, is levied each time a message is sent to them.

Mobile users who have downloaded malevolent apps can soon find that, with out their knowledge or permission, their phone has racked up huge bills against their account -- or completely depleted the credit on their pre-pay account.

More often than not, the numbers to which the collect SMS calls are made are offshore, therefore the chances of recovering money stolen in this way is remote.

Then of course there are the other trojan apps which simply report on other data passing through the phone, potentially allowing the harvesting of credit card numbers and account logins.

One thing is for sure -- mobile users will have to be come increasingly vigilant when using their phones and, in particular, when downloading applications -- even if they're from approved sources. Already some vendors have had to pull a number of apps from their app stores after it was discovered that they were carrying an unauthorised payload that spied on the user or racked up unexpected bills.

It will be very interesting to see how the industry addresses this increasing problem. We'll just have to wait and see what happens.

In the meantime, my $50 "dumb" phone will be the safest option.