getwired.com

1. Preferred URL handling (monikers) – Specific URLs or shortcuts should be able to launch a designated program that is able to deal with them. In particular, you should be able to set a preferred application to intercept http(s)://twitter.com, @username, and http://facebook.com. Similar examples exist. This isn’t terribly different from the way iTunes and YouTube are handled in the iPhone today. In Windows with files you would have historically assigned an application to a file extension. In this case, I get lots of email from Twitter with users that have followed me – in order to decide whether I want to follow, block, or do nothing, I need to look at their profile. However Twitter’s web UI on the iPhone leaves a lot to be desired – I’d much rather have http://twitter.com/getwired open my preferred Twitter client (Tweetie 2) instead of Safari. This is an easy fix and would be easily added by apps for web services that matter.
2. Soft “silent” switch/meeting mode – I can’t believe nobody at Apple has a spouse that hasn’t ragged on them about this. The hard switch for silencing the iPhone is indeed handy – but it sucks. You’re in a meeting, you silence your phone. Two hours later you miss a call because it’s on silent and you don’t feel it shimmy in your pocket. Conversely (I JUST heard my iPhone ding for new mail – timely), most people want to hear their phone during the day, but not at night. Let me set times that I don’t want to be disturbed, or better yet, be smart enough to look at iCal and say, “he’s in a meeting now, I’ll shake instead of ring.” If my spouse calls me after the meeting then, ring instead of shake. It’s after 8, don’t ring. Get it? Good. I don’t care if you kill the hard switch, frankly.
3. A flash for night photography – It’s really a shame that the most popular smartphone can’t take photos at night. This can’t be a huge hurdle for Apple to overcome – Droid has one and it works quite well.
4. True multitasking – It’s not critical – but man it would be handy to have certain applications that could stay running in the background. Not every app needs to – perhaps it could be a classification of an applications where the app needs to pass a more stringent power management and CPU utilization test. Twitter, Facebook, IM applications, clock applications, security apps (see my point below about a security framework too) – there aren’t a ton, but there are several categories that would be immensely useful.
5. Better battery – with or without multitasking, the battery needs to be improved. Consensus said the 3GS was supposed to be better here, but isn’t. Network connected and display hungry apps eat power – that’s life. We need more juice – and I DON’T want a replaceable battery, thanks Motorola. Just one more thing to break.
6. Background pubsub for REST-based or SOAP-based services – Barring true multitasking, it would be awesome if there was a background daemon that apps could pass queries through and have the daemon process and launch the app if results change or match. It’s a primitive idea – but a web service API abstraction daemon could be a cool trick at enabling web services but allowing Apple to keep CPU/battery utilization down to their own terms.
7. Stay awake – I love using my iPhone in the kitchen – but I hate the fact that if I leave it open with a recipe on Safari, it eventually dims and locks. Sure, you can disable that by diving in to settings, but then it’s disabled across the board. See below about gestures – perhaps allowing me to swipe that initially re-locked screen lock back to the left as you would to unlock it, and holding it there for a couple of seconds would make a stronger “click” that would let me keep the screen locked on (to “pin” it) – until I use the iPhone’s top button to finally put it back to sleep when I’m done. This also applies when listening to music in the car.
8. Gestures/chording – Things I wish I could do even on a locked iPhone: 1) track forward, 2) track back, and 3) pause. I propose that even when locked, an iPhone that is playing music should let you 1) swipe two fingers to the right, 2) swipe two fingers to the left, and 3) swipe two fingers straight down the screen in order to perform those tasks, respectively.
9. RFID reader - perhaps I’m ahead of the curve here – but I believe that RFID will become more and more commonplace – and (see authentication, below) it would be great if I could use RFID as an identification tool for products, but also as a mechanism to secure the phone. Regardless, given the number of apps today that do bar-code scanning, if Apple added the RFID functionality I believe it would be rapidly adopted by app developers.
10. Better “authentication” – Security PINs suck. Sorry, they do. RFID (as suggested above), fingerprint or other immediately available physical factor security is faster, more convenient, and usually more secure, than just a PIN. The beauty of RFID is also if I walk away from my iPhone, it locks itself again. Here again gestures could also do a better job – a series of finger or multi-finger swipes in one or more directions could, like a signature, be my auth mechanism, and be done without looking at the iPhone.
11. Consumer-compatible IR transceiver – a phenomenal way to both have an “in-box” remote for Apple TV or Macs, but also to allow app developers to create universal remote applications.
12. Print from iPhone – when looking at recipes or documents on my iPhone, I often wish I could print them directly to my Mac in the other room. Perhaps this could be a MobileMe feature?
13. Mac <-> iPhone Safari tab sharing – like Print from my iPhone, I often find myself looking at a webpage on my iMac, but then “I’ve got to run”, or vice versa I’m out and about and see a great page but won’t have time to read it – it would be awesome if I could tell Safari on my iMac “Move this tab to iPhone” or “Open on iPhone”, and on the iPhone if I could similarly hold a link and select “Open on Mac”. Again – cool feature I would use regularly, and could be a MobileMe feature. I have broader wishes about the iPhone acting more like an extension of my computer, but I’ll save that for later.
14. Barcode optimized camera – there are several good apps for reading barcodes today. These use pretty advanced techniques (pre 3GS) to compensate for the awful farsightedness of the iPhone camera. Meaning they’re rather unreliable unless you’re patient. This is a useful, and growing, scenario – the iPhone should be able to focus better at close distance to snag a picture of a barcode.
15. MuSync/AppSync – this is a pet peeve of mine. I buy most of my music on my iPhone, and most of my iPhone apps on my iMac. I have a MobileMe subscription – any music or movies I buy while on the iPhone should also (optionally) be downloaded to my Mac as well. Meaning I buy them at the office, they’re automagically on my iMac when I get home. Similarly, when I buy an app on my Mac, I should be able to (say, if it can be reached via WiFi) say, “Install on iPhone” as well.
16. Application access improvements – I don’t know why Apple has such hesitance at improving access to applications. They killed off Applications in the Apple Menu, and now it’s either in your Dock, you use Spotlight, or you dive into a stuffed Applications directory. The iPhone isn’t much better. The Spotlight on the iPhone is an admission, in my opinion, that everyone at Apple’s iPhones became unwieldy too. It may mean folders, it may mean some other kind of hierarchy – but someone in usability at Apple needs to spend some serious time thinking about how to make apps easier to navigate on an overloaded iPhone.
17. Management and security framework – If there was any question about this, read my earlier post. Apple needs to build in a framework that lets enterprises control what an iPhone can access, and have the ability to ensure that that role remains intact. I’m happy to describe my request here in more detail if anyone would like.
18. Different vibration for different people/tasks – Seriously – I can’t be the only one miffed that the shimmy for “you’ve got a spam email” is the same as “your spouse just emailed you”. Duration of shake, number of shakes, etc – all can be used to create patterns that could be assigned to different individuals. As mentioned earlier, this would be very helpful when I get a call from my spouse during a meeting when it’s set to silent.
19. Different reminder and SMS customizability – See 17. At 15 minutes before the hour, my company chirps. It doesn’t matter what day or what hour, someone’s got a meeting. And the reminder tone is the same. It would be really great if you could set more than just ringtones to be customizable – so you could know it’s YOUR SMS message or YOUR meeting reminder. Not someone else’s.
20. MobileMe integration for photos – photo interaction on the iPhone is not really impressive – I have a lot of my photos up on MobileMe Galleries – it would be ideal if the photo app on the iPhone was a first-class MobileMe consumer and offered me the option to view my MobileMe galleries.
21. Turn by turn directions – My parents visited the other day – and they came bearing Droids. It’s really a shame that the 3GS, which could technologically do this, cannot. I really think that Apple needs to add this.
22. Attachments at the top of the email – Somehow, Apple needs to figure out how to have email attachments appear at the top of messages instead of at the bottom. It’s a minor thing – but on long emails, it’s a nuisance.
23. Ability to set Bing as the default search engine - Yes, really.
24. Adopt the “refresh” paradigm designed by AteBits for Tweetie 2 as a standard across the iPhone – This works by pulling “down” on the list of items currently displayed. It’s a great design.

There. That’s it. That’s all I want from my 2010 Apple iPhone. Is that so much to ask?

I like opening with that subject – because it’s two words that Apple seems to never want to see next to each other.

On Slashdot today, an article covered my friends from F-Secure discussing the barriers that are precluding the antivirus industry from making inroads in protecting iPhones from malware.

Indeed, they are correct, you cannot build A/V into the iPhone platform – the API is explicitly designed to forbid that. However, I have to counterpoint. I mentioned in a tweet several days ago:

“The constraints keeping security s/w from diving deeper into the iPhone platform are the same ones precluding any need for them.”

Yes, you read that right. I’m saying that the iPhone doesn’t need antivirus. Instead, Apple’s bigger problem is the lack of a mature platform management solution for the iPhone. Let me show you why.

When I went to Winternals, we rapidly discovered a giant chasm in security as Mark and I discussed how UAC (LUA at the time) would fall far short of creating a security boundary for Windows Vista (and continues to do so for Windows 7). The chasm is the latency between these steps:

1. Exploit is identified
2. Malware is authored and released
3. Malware spreads
4. Malware is identified
5. Malware can be contained

You see, the flaw is that step 4 has to exist at all.

The fundamental flaw is blacklisting. Instead of fighting the good (but intractable) fight trying to identify all of the bad code, whitelisting relies on the premise that only known good, known trusted, code can start at all.

At Winternals, we created Protection Manager to respond to this hole in the security market. The key goals of the product were to only let known trusted code run, and to optionally run it with least privilege. In 2006, Microsoft acquired Winternals and, regrettably, discontinued the Protection Manager product. While Windows 7 features AppLocker, which theoretically applies whitelisting to Software Restriction Policies, I believe AppLocker has some fundamental shortcomings that I’ll discuss in a future post. Some aspects of Protection Manager, most notably the premise that a Digital Signature (code signing) is the best way of authenticating that code is:

1. From a trusted source and
2. Not been tampered with since publication

After Winternals, I worked on whitelisting again at CoreTrace, where the Bouncer product evolved to also recognize the importance of Digital Signatures, as one of the sources of Trusted Change. Only known trusted code is allowed to execute first off, and only code with specific properties is allowed to enable new code to be added to the whitelist.

Today, you hear mention all over the Internet of the rickrolling iPhone worm. Many have mimicked the code created on a whim by Ashley Towns, the worm’s creator. But the fundamental issue here isn’t the iPhone’s susceptibility to malware. Nope. Not at all.

You see, all existing worms that have compromised the iPhone rely on the fact that the iPhone must be both jailbroken and it must then have SSH installed, with an unmodified root password. Both qualify as best of breed “worst practices” from a security perspective.

In fact, those of us who haven’t jailbroken our iPhones (not arguing the ethics of that – that’s a separate conversation for another time) were not, and are not, susceptible at all. Why? Because the iPhone infrastructure as defined by Apple utilizes whitelisting. Only applications signed by software vendors that Apple has authorized (and that have signed the code) are ever countersigned by Apple and pushed through the App Store to be downloaded for purchase. Similar, but not as restrictive, constraints exist for Apple’s Enterprise program for application publishing.

To date, I have not seen any published malware that runs on an iPhone that has not been jailbroken or otherwise forced to run unsigned code (see Law #1 in the 10 Immutable Laws of Security. Any hack that does ever do so will rely on somehow compromising the signature infrastructure used for application publishing on the iPhone by Apple.

You may recall my original point – that the problem was the lack of enterprise management software of the iPhone itself. At CoreTrace, we were approached by an organization we were already working with that was realizing the growing number of Macs – and of even more concerning, the number of “rogue” iPhones (phones brought in by employees, and connected to the local wireless network and/or Exchange Server without IT ownership at any level).

The more we dug into it and researched, including the limited analysis necessary of the iPhone API and two fun, but largely circular conversations with Apple in Cupertino, the more we realized that they weren’t asking for, nor could we deliver (at least on non-jailbroken hardware) any form of “Bouncer for iPhone”.

Instead of security, the problem posed to an enterprise admin by the iPhone is that as an organization, you don’t need to control what is running on your iPhones from a “bad code” perspective, rather that the iPhone needs hardcore, Apple provided (and secured) management in order to control how “renegade” the devices themselves are. That means the ability to:

1. Prevent connectivity of jailbroken hardware to an organization (Exchange, wireless, Bluetooth, or other)
2. Prevent jailbreaking of connected hardware (or sever connectivity at a hardware level when it occurs)
3. Explicitly control which Apple or Enterprise published applications can be downloaded or run on connected iPhones (don’t allow games, allow only these 10 applications, etc)
4. Explicitly control the iPhone’s software image, configuration, and settings (much as Group Policy can do with Microsoft Windows systems) – NOT trying to reverse engineer how images get pushed out in a decentralized way via iTunes itself
5. Explicitly control how applications can access any PII on the device or in documents (GPS location, email addresses, address book or call history info, etc)
6. Explicitly control document DRM on the platform as IRM/RMS can do for Microsoft Office and Windows

Today (even following those conversations with Apple), KACE is the only vendor I’m aware of that performs any aspect of this kind of work, besides Apple’s weak Configuration Utility. KACE’s is very comprehensive – but both approaches suffer from the fact that they are after the fact management solutions, not built into the hardware and software of the iPhone itself.

From the time that I was at Microsoft, I kept hearing more and more “security experts” talk about how the impending doomsday was coming for handhelds. It still hasn’t really come. I believe that through their native use of whitelisting, Apple has fended this threat off for the foreseeable future for the iPhone platform. Instead, I believe that the biggest problem facing the iPhone isn’t “potential attackers” – there will be plenty of those – but their chance of success is very low.

Instead, it is the iPhone’s impending success eating into the enterprise market from the bottom up that is the problem. The lack of an enterprise management solution that is built into the deepest aspects of the system will not preclude the iPhone’s success at building up a rogue enterprise following. But it will both leave a bad taste in the mouth of the IT admins fighting the good fight to try and keep their organizations secure, and potentially introduce some bad compliance-related headaches in organizations already struggling to keep/retain compliance, due to the lack of DRM and platform control over the device itself and any information on it.

Apple itself needs to come to terms that the iPhone (and the Mac platform itself, frankly) need proper security and policy management at the lowest levels, or de-emphasize their viability as an enterprise platform on both counts.

Sorry for the length of this post – but this topic has been burning in me for a bit – I needed to get it all down for the record.

As I sit here writing up my final post on media metadata, it hits me… one of my least favorite tasks of writing a new blog post. Tagging.

Why does search have to be such an afterthought? Why is it that the operating system has to have such deep insight into binary file types? Because nobody ever had the foresight to say that people would want to index everything – and that only odd content would be unindexed.

I had lunch at Terra Burger a few months ago not long before I started writing this series of posts. I bumped in to a parent who, like I, was trying to get used to using his new Mac to edit video and photos. He had been using the Faces component of iPhoto, and was disappointed at how it confused photos of his 1 year old son with photos of his 4 year old son that were 3 years old. Funny, isn’t it – how “search” indexes can be thrown off by just failing to take one metric (the age of the photo) into account? The other glitch was, as I have recently found, that iPhoto is handy, but that Faces – like all other postscript indexing (indexing after content generation has been completed) is a pain in the butt and consumes time that I sure as heck don’t have.

I think that the future lies in devices that are more indexing aware – GPS-savvy cameras, camera phones (the iPhone did a great job of schooling the industry here), video cameras, and more. Content itself will grow to be more natively indexable. MIT Technology Review had an interesting – but fundamentally flawed – article a few months ago discussing “open video”. While I will be discussing video technology more in the future (given my new job), it’s important to bring up this article because I believe that while the technology just doesn’t work the way the author defined here, that it does highlight something that does need to happen. That is, that video content needs to become innately searchable. Not just by Google, but on your local computer, on Facebook, everywhere. The fact that content is in a binary compressed streamed form (making it inherently hard to decompile) the content itself should instead provide for a first-tier indexing experience by instead promoting it’s own manifest of what the content is. Inherent content indexes (name, date, generator) explicitly defined indexes (creator, location, participants) and content (objects, places, definitions, categories and tagging, a storyline/scene flow, and of course a good transcript of any spoken word – often relatively easily done via speech recognition – albeit with the potential for flaws). Just as interesting is the relationship of this snippet of content with any other pieces of content created in the same medium, at the same time, etc. The genetics of content are just as important. Knowing that the tiny 250KB JPG came named f34af3.jpg came from the original image D642242.jpeg offloaded from your camera on 12/4/2005 – all of that is useful information. Just as crucial? Finding duplicates in a useful way and sharing that data across content consumers (spouses, grandparents, aunts and uncles, etc).

Think about it – today, search indexers must go out of their way to juice those pieces of data out of a chunk of content. If all content exposed its metadata in a uniform, easily consumed way, anyone could index it – Google, Spotlight, Microsoft Desktop Search… anyone.

Indeed the future of content search and metadata success lies not upon better search – but rather in better metadata exposure, and more of that being populated and published as automatically as possible.

People want to find things. People don’t want to make them searchable.

In last week’s posts, I began describing how metadata has failed us – or we, as lazy humans, have failed to use it.

Dr Hayes (David) opined here and here that “indexing isn’t the same as categorizing, but finding belongs to both…”. As always, I have to agree with David – but I also have to say that this is one of the problems with metadata as a descriptor. If we rely on “people” (those lazy things that will sit at a SBUX drive-through for 20 minutes instead of getting out of their car, walking up, and getting a cup of coffee in 8 minutes) to put in metadata, then it doesn’t work.

Indeed David has pointed out the “goof” in my last post. That is, that intrinsic data is that which can be actively indexed anyway. Extrinsic data is innately categorization – because to date it has required “people” (see above) to populate it. And that’s where it falls apart.

The difference between indexing and categorization, at the end of the day, is nerdspeak. My mom doesn’t care how the photos get organized – just that they do, and that (let’s be honest here) there is a minimal amount of “processing” necessary to take the 30 pictures she took today, and make them easily available to the family (this isn’t taking into account the step that should be there, helping her realize that sending 4 5MB pictures via email is a bad idea – love you anyway, mom!).

So what’s my overarching point here? That consumers just want their photos and movies to be available to themselves, and family and friends, as quickly and easily as possible, and not in some way that requires watching 90 minutes of digital goo just to see little Timmy’s first words. Indeed, software should continue to evolve to help consumers apply important metadata to their photos automatically. Hey – you changed locations, you’re not in Dallas anymore – you’re in Orlando – let me offer that. Apple has made many of these steps via their “Faces” feature, and by applying geotagging intrinsics to the iPhone 3G and beyond. Can’t remember where you were? Let me apply a lat/long to it! Only problem is, most non-Apple cameras (digital and video) still don’t support geotagging yet (I expect that to change, but only over the next 3-5 years). And then, they still only apply lat/long, they don’t yet take that data and turn it into information (this lat/long = New York City). Lat/long to the typical consumer are simply nerd porn. They’re useless metadata.

iPhoto (not iMovie, alas) also offers to cut up imported photos into “Events”. By default, events are just photos, correlated by their intrinsic categorization of “date they were taken”. Since cameras today (probably good, since the UI would suck) offer no way to apply any sort of extrinsic “event” data such as a birthday, holiday, vacation, etc, this is probably as good as it will get in the short term.

Faces, on the other hand, attempts to at least help you tag your photos based upon who is in them. But as I found out when discussing this with a person I met up at Terra Burger, it’s only so good. He has two boys, 2 and 5 – and the software cannot yet tell them apart most of the time. So it’s a start – but still leaves a lot to be desired. It also doesn’t work on video yet (and of course Apple still has yet to truly tie video, photo, and archival together in one function – which I think they need to do for Mobile Me to ever be worthwhile).

Long ago, I had ideas about how to help create software for Windows Media Center that would help squish commercials out of the DVR-MS files automatically. It’s actually not terribly hard. Similar logic can be applied to automatically “categorizing” (to use David’s words) video automatically, and then assisting you in processing it. Similarly, pre-processing it in such a way that long “overtakes” of video can be constructively edited down quickly into shareable snippets on Mobile Me or YouTube should become commonplace. But we’re a ways away from that.

My next post will focus on how I work diligently to avoid the overflow of photos and videos (trust me – it’s new to me – even last year’s family trip to Chicago wound up on the editing booth floor for over a year). It’s a struggle, since the software still doesn’t help you much. But I’ll give some advice, and discuss more about how software can help us move past this over the next… decade or so.

On Twitter, I was reminded of course that metadata (the lack of it) isn’t just a home media problem. It’s pervasive in our lives – especially the more you let technology into your life. I’ll expound upon that later.

In my first post I mentioned WinFS, and why it was symptomatic of the “metadata problem” that we all live with today. I’ve chosen to hone in on home media just because it’s something that we all live with – specifically the problem I mentioned earlier, where we all have media goo that we’ll never share again. Those memories that you took the time to photograph or record – may as well be buried in a cave somewhere never to be seen again.

The key problem here is two-fold. 1) You’ve recorded onto “analog” media. Hey – even if it’s a DVD, you have no way to truly “search” it. Photos are a “hand index” media only unless you begin with digital photos (check out the upcoming post on iPhoto and iMovie as they relate to that). 2) Any references that you may have had to the content of the images/video become lossier the longer you go from the time of capture to the time you try to “catalog” them. You can’t remember which day was which, which cousin was who, or where that boat tour was, and what the name of the lake was that you went across.

Truth be told, we’re all innately horrible at capturing these kinds of details about events and memories. Only the lucky person gets to recall exactly how to get back to where they were driven once without needing a map or directions. Most of us need notes, maps, or other tools to recall the small details – the kinds of things you want to recall when viewing the photos or videos with the kids a year later.

When was the last time you set the metadata properties for a Microsoft Office document you were working on? Wait – you didn’t KNOW you could add metadata properties to Office documents? Well – even if you did, you haven’t set one more times than the number of thumbs you have. I know. Don’t lie to me.

For this reason, I am electing to define two types of metadata. Intrinsic – that which can be innately, directly gathered from the media itself, and extrinsic. My example in my first blog entry in this series, the above example of Office documents, and to a large degree WinFS’ design (as most of us would have experienced it) are all extrinsic. Much like taking the time to catalog a series of 35mm photos or slides, or edit a bunch of VHS-captured memories into any form of tolerable viewing (perhaps even with captions or cataloging), nobody does this. We don’t have the time to do this – at least more than a few times and then we tire of it. Thus, “memory to media goo”. The cool new device or media type becomes frustrating because our initial intention – to share memories with others or preserve them in a useful way for ourselves, is just too damned hard.

Simply put, using extrinsic metadata to organize anything sucks. Even if it works in theory, it doesn’t work at scale, in real life. We all give up and stop trying to use it for all but special cases.

Instead, intrinsic metadata is the future. In my next post, I’ll be discussing intrinsic metadata, what it is and how it works (when it does) and where we’re all going from here.

Five years ago this week, I left Microsoft. After more than 7 years there, it wasn’t an easy decision to make – but I did. This was after almost 5 years working on the Windows team. During the spring of 2004, when things weren’t honestly the rosiest for Windows Longhorn (what would, after a code reset in summer 2004 followed by much cutting and pasting, become Windows Vista), a co-worker in Windows Marketing and I were having a conversation. It went something like this:

Him: “Have I shown you the beautiful pictures I took on my trip to Egypt with my wife?”
Me: “No – show me. WOW, those are amazing.”
Him: “Thanks – was a great trip. See…” (clicks a button to winnow down the visible set of photos) “these are the ones at Giza…”
Me: “Wait – how did it know that?”
Him: “Oh, I entered the information on each one as a keyword”
Me: “So… you entered keyword info on each of the photos you took?”
Him: “Yup. All of them.”
Me: “How many were there”
Him: “Several hundred”
Me: “You don’t have kids, do you?”
Him: (grins)

This was especially amusing because he actually was the Product Manager (read: the guy who owns the “marketing story”) for WinFS. For those not familiar, WinFS was the abandoned strategy within Microsoft (Windows Longhorn in particular) that we had first announced at PDC 2001. WinFS was an attempt to inject “metadata into the filesystem” – or so the world was told. I won’t go into my entire WinFS tirade here… Grab me sometime and I’ll tell you a story over a beer.

WinFS’ technical foibles aside, it suffered from a classic software problem – solution naivete. Think about it. The story above… How many of you have dust-gathering stacks of:

1. Decades of un-annotated, uncategorized 3×5 photo prints
2. Negatives (or CD originals, now) of said un-annotated, uncategorized photos
3. DVD/CD-R/8mm/Betamax/VHS (or other) video content of barbecues, family reunions, birthdays, bar-mitzvahs, etc
4. Reels of even older audio or video content
5. Slides (yes, I said it, SLIDES!) – my dad fell for this one

Ready? We all do. Yes. Admitting it is the first step. We all suffer from what I like to refer to as “memory to media goo”. It’s where you transact your memories to media, instead of your brain. Never to be seen again until… you finally clean out the closet (as we did several months ago).

The only problem? By the time you find this media again, you can’t remember if that’s uncle Phil, or uncle Bill. You can’t remember if it was your brother’s wedding, or your sister-in-law’s. No, instead, you’ve now forced yourself and your kids to go through ALL the photos again. Even the ones with red-eye, since those came back from the K-Mart photo processing lab too, and the entire 5 hours of VHS from little Timmy’s first  month of life. Not because they’re interesting, heavens no. But because those memories are glued on that media. For good. And there is no way you can pry off the “interesting bits” off and throw out the other 95%.

In my next several posts I’ll discuss exactly why we’re in this rut, how things are getting better (how you can make them better for yourself), and what this means for consumer media and software (hint: it means we’re all headed for a few compromises, where the best format may not win, just like the old Beta vs. VHS war).

I’ve been spending a bit of time looking into something that has bothered me for awhile. I refer to it as “Predatory Utility Software”, or “PUS”.

On Christmas day, I received two pieces of spam. These were admirable because they were able to defeat SpamSieve (my favorite software purchase of 2008). They were frustrating because they offered a piece of… software called “Error Nuker”.

For years, I’ve been telling people that so-called “registry cleaners” don’t do anything, and in fact can be the single most destructive tool you can run in Windows. One bad edit, and you can kill Windows.

I’m not even going to delve into the method that many tools like this use to spread themselves. While not “malware” in the truest sense of the word, spamming novice users, and confusing them to the point that they download tools like this should be illegal.

Windows gets “cruft” in the registry and occasionally in the filesystem over time with the installation, uninstallation, and updating of applications and Windows itself. The thing is, though this cruft in the registry causes your registry hive files to grow in size, it is benign. Tools such as this that lie to users and tell them that “errors” will occur are frankly more malignant than the actual problem they feign to solve.

I ran “Error Nuker” on a test Windows VM. It took quite a bit of time to “scan” my system, telling me each of the locations it was scanning. But you know what? In the end, all it did was point out locations in the registry that referenced files on the disk that were no longer there.

Now, it’s important to note that dead links from the registry are usually the result of uninstalling the application that put them there*. Meaning that, the only thing that cares that the link is dead is the application or application(s) that are no longer there! Meaning it does nothing!

*This tool also calls out files in Most Recently Used (MRU) menu locations in Windows – which if you are like me, you edit, send, and delete documents like crazy. But these MRU links being dead is hardly what I’d call an error condition.

“Error Nuker” is something like $20-$49 (depends on which spammer you get solicited by, I guess). Frankly, it isn’t worth free. It literally does nothing, and although it has a safe delete option, the fact that it is just a glorified registry cleaner means it’s effectively useless. An analogy? Do you think washing your car will make it go faster? Me either.

I’ve seen worse “PUS” – specifically the kind that is truly malware. But it’s really a shame that we’ve gotten to this point, where Windows users will fall prey to junk software pimping itself as fixing Windows’ problems.

SiriusXM’s stock is officially on the floor. And it’s had me thinking why – as I’ve been pondering canceling my own subscription.

Since Howard Stern went to Sirius in 2006, he has been talking big about the death of “terrestrial radio”. But I think it’s bigger than that. With iTunes, a growing selection of on-demand media (think of all of the places you can on-demand movies from), and to a smaller extent, the growing reliability of Internet-based music and media channels, the threat posed to both traditional radio and SiriusXM is real. Add to that the shrinking volume of disposable consumer dollars, and SiriusXM is as hosed as “terrestrial media”.

Honestly, the music selection of SiriusXM isn’t that spectacular – the playlists repeat more often than they should, and the variety means that personally, I have about maybe 15 channels, tops, that I ever listen to. The sole breadwinner that they have is truly unique broadcasters – such as Howard, Oprah, and Martha… I listen to Howard for the whole rubbernecking factor – just to see what happens next (and frankly I’m ashamed of myself ).

But it’s getting harder and harder for me to validate paying for SIriusXM – when Howard and a few other channels are all I would miss – and I have to think, post-acquisition, that many Sirius, and LOTS of XM subscribers, feel the same.

Saw this hit the wire yesterday(Starbucks laptop theft) . It is indefensible. In 2006, Starbucks could not find 4 out of use laptops, each containing between 10,000 and 50,000 employee’s personal identifying information.

The time has come for the federal government to enact laws. Not compliance laws, but identity theft protection laws that make the rampant careless storage of employee, patient, or customer personally identifying data a felony. There are at least three things wrong with this latest Starbucks identity theft issue:

1. Employee, customer, and patient data should NEVER be stored on a mobile system unencrypted, and frankly shouldn’t be there to begin with.
2. Employee, customer, and patient data should NEVER be stored on any system unencrypted, whether the system is secured or not.
3. Starbucks didn’t to diddly to protect this data after losing it several times before, and in fact lost nearly twice as many employee’s personal data this time as last time (97K vs. 50K).

Frankly, compliance initiatives to jack to secure employee, patient, and customer data. The insane number of laptop and desktop thefts that are occurring every year (my wife’s data from IBM over 13 years ago was lost last year!) that are 100% completely preventable through the simple use of volume encryption software can be stopped immediately. But senior executives are not being held accountable for the inaction of their company, regardless of who “makes the mistake”.

The federal government needs to act on preventable identity theft. Now. This is a pattern of bad behavior that senior executives in organizations everywhere need to be made clearly aware of, and given severe, personal financial penalties for not stepping forward and preventing.

Sigh… I really had hoped we were past this era of “pay the OEM to pimp your wares”, at least with web browsers.

I don’t know where I would be without Google. It’s an invaluable tool for search. But their browser? Snooze… Like too many tools from Google, it’s a developer toy designed by developers for developers. Even if you foist it onto consumer-grade systems, most users won’t select it unless OEM’s make it the default browser (yech).

Frankly, I’m not elated with IE8 just yet either, though I like it better than I liked IE7 during it’s beta phase (taking the menu away… BAD idea!). But at their heart, I still believe that the IE team has the diverse scenarios much more understood to deliver a web browser that is suitable for consumers, enterprises, and provides some new dev-candy – without being all out nerd porn as Chrome currently is.