Technorama

An omnibus of tech posts by s Futurologist on software development primarily.

Tuesday, 14 April 2015

 

Natalie Bennett only one outfit?

Natalie Bennett only owns one outfit?


Saturday, 4 April 2015

 

CloudScan Ubuntu compatible

Getting a scanner to work with Ubuntu is always a challenge. My latest Epson WF-2630 is no different. I'm amazed that manufacturers still do not develop industry standards for scanning.

I found that the printer supports Google's CloudPrint, so what we need is CloudScan.. it should of course be an open standard, with security and encryption.

Maybe when we start having GNU+Linux desktops in businesses, manufacturers will have to take their product support seriously.



Thursday, 26 March 2015

 

Bolted airline cockpit doors considered harmful

I've been thinking about this since MH370, and its happened again today. A real trajedy that the airline industry does not have a robust crew safety and security policy.
Cockpit crew protocol for airliners and other craft.

After 11 Sept, 2001, bolts were introduced on inside of airline cockpit doors. These bolts can only be engaged by crew inside the cockpit. This prevents unauthorised entry to the cockpit by persons from the passenger areas of aircraft.

During flight, when each pilot is on a meal or toilet break the cabin crew are radioed, and the put on the SEATED light. Only when everyone is seated, and cabin crew are observing vestibule and gangways does the cockpit crew unlock the bolts. As soon as is possible, the door is shut and bolted again.

The gap in this procedure is that crew are implicitly completely trusted and considered 100% healthy. As was the case with the Egypt Air crash (pilot suicide) and potentially MH370, either the main or co-pilot bolted the door while the other pilot was outside the cockpit. In this eventuality there is no way for any of the cabin crew or locked-out pilot to intervene.
Any illness (eg heart attack) would leave pilot alone in need of medical care inside bolted cockpit.

Likewise any disagreement between pilots or other problem would be a risk.

Proposal for updated protocol
During any time where both pilots are not together in the cockpit, before either leave the cockpit, they must be joined by another member of male crew (if remaining person is male), or female crew (if remaining person is female). This would leave an even balance of power within the cockpit while the other pilot is outside the cockpit.
This change, would eliminate some opportunity for problems should a pilot become unwell while alone in the cockpit.
Additional communications
There must be an independent, battery backed up radio communication set, that the crew have complete control of (in the galley, in rear of the plane).

GPS beacon and transponder must not be possible to switch off.
GPS backup emergency beacon located in galley for emergency crew to use.
Emergency satellite phone for use by crew in the galley.
Oxygen tanks containing 12 hours of oxygen for use by the crew.
Oxygen tanks in the cockpit containing 12 hours of oxygen for use by the crew.
Diagnostics about the plane from black-boxes must be streamed and uploaded to satellites constantly.
Every part of the plane interior, cockpit and exterior covered by HD cameras, that are recorded on the black box

Regarding the bolts
Could consider changing to a combination lock, with emergency override after communication with ground control using a backup emergency radio set.
Regarding ground control
Consider if it would be appropriate to have a way for ground control to override the pilot controls, and direct the auto-pilot to nearest airport to land.  This is somewhat risky, as could be subverted by internet crackers if the control channel was acquired.
I wonder if this pilot was fascinated by MH370's disappearance.
http://www.bbc.com/news/world-europe-32063587

Finally, crew and pilots on vulnerable transport such as planes should, like the military, have their medical records shared with the airline, with instantaneous updates on any prescriptions or treatments etc

Wednesday, 25 March 2015

 

National Rail app full of defects

Time is displayed word wrapped over two lines.

Replacement bus services are displayed for journeys that you are not on.

There's no way to check arrival time of a train I am travelling on.


Monday, 23 March 2015

 

Software retry

I've noticed that most developers dont put in a retry function in software. What do I mean by this? Well, we use mobile devices and WiFi where connectivity is not constant. For a user experience, what should app do to compensate for?

* first attempt at sending email fails
* meetup RSVP fails first attempt
* app download fails first time.
* WiFi connection is lost while router restarts

Most software just gives up with strange error messages. Gmail app is good in that it retries for a few min.

Its easy to do retry... So developers, please take more care, implement retry mechanism.


Sunday, 22 March 2015

 

Risky internet of things

Internet of things

We're not ready, everything is often insecure, full of defects, and doesn't automatically update when fixes for new flaws are rolled out.

How many devices still have old BASH? Or use SSL3.0 ? Or old openssl? My LG TV now crashes while changing channel (I did the firmware update it suggested). LG TVs want to do firmware update and re-tune around twice a month.

Products need 30 year software updates.

Software is usually only ever ran under good conditions:  1) known, expected inputs. 2) Expected available memory, files and connections. Software is not tested with 3) Bad inputs, 4) missing files, memory or network connections.

Commercial companies take open-source products like openssl that are maintained by hobbyists, and put in enterprise commercial grade products. Actually they are simply not ready. Most probably have not had static code analysis, a code audit, a security audit. test cases (including exploit vulnerability test cases) developed to confirm is safe. Without these reports there isn't confidence!

Open source presents a huge opportunity for a company to step up, audit, and offer patches to introduce hardened features from the results of static analysis, CERT compliance etc.


 

UTF8 Considered Harmful

UTF8 is a cute way of storing compact international language files. If they are Latin based, they will be small. It utilises a variable length byte encoding for each real uncompressed character, 1, 2, 3, 4 bytes large

The problem is that software which needs to use the uncompressed character, if you say, want to insert an 'A' character, must decode them all, and must read the memory of every byte to know how much memory to allocate. Either you read the whole string once to determine the number of characters (and bytes) or you have some kind of buffered interface container abstracted behind it. Alternatively, you do UTF8 -> UTF32 and then process in that way.

How to handle the problem where there is not space to copy all 4 bytes? Software needs to carefully work back and NUL terminate before that last 2, 3 or 4 byte encoded character.

For simplicity, I would favour UTF32LE, and then just compress the stream using gzip etc if network bandwidth is an issue. This would allow software to always operate on UTF32

UTF16 is slightly simpler than UTF8, but of course, UTF16 is also a variable length format, also requiring surrogate pairs (e.g. Musical symbol G-clef). Of cause, UTF16 and UTF32 are then either Little Endian, or Big Endian, that should be

Are the memory savings worth the complexity and CPU performance needed to manage them?

However, life is simpler now we have one encoding. http://utf8everywhere.org/
Although a lot of Windows webservers still serve UTF8 files incorrectly as Windows 1251 encoding.

Microsoft APIs are botched, they have UTF16 versions and Latin versions. Writing unicode apps on windows is a frustration.


Archives

February 2003   March 2003   April 2003   August 2004   September 2004   December 2004   May 2005   June 2005   December 2006   January 2007   February 2007   March 2007   April 2007   July 2007   August 2007   September 2007   October 2007   November 2007   December 2007   January 2008   February 2008   March 2008   April 2008   May 2008   June 2008   July 2008   August 2008   September 2008   October 2008   November 2008   December 2008   January 2009   February 2009   March 2009   April 2009   September 2009   November 2009   December 2009   January 2010   April 2010   September 2010   October 2010   November 2010   December 2010   January 2011   February 2011   March 2011   April 2011   May 2011   June 2011   July 2011   August 2011   September 2011   October 2011   November 2011   December 2011   January 2012   February 2012   March 2012   April 2012   May 2012   June 2012   July 2012   October 2012   December 2012   March 2013   May 2013   August 2013   September 2013   October 2013   November 2013   March 2014   May 2014   June 2014   July 2014   September 2014   October 2014   December 2014   January 2015   February 2015   March 2015   April 2015  

This page is powered by Blogger. Isn't yours?

Subscribe to Posts [Atom]