Promise UltraTrak woes

Posted on November 7, 2008 by Miguel Arroz

So, we have in your department a Promise UltraTrak SX8000 RAID system that we use for backups. This mother can drive 8 PATA hard drives in several RAID modes, and expose them through a SCSI interface. We currently have a RAID 5 array using 4 500 GB Hitachi hard drives and a fifth hard drive, similar to the other 4, to be used as hot swap if one of the other drives commits suicide during the night. This is plugged to a PowerMac G4 that has the boring task of carrying up all our backups while we are all sleeping like babies.

This is a pretty old product, and it was never tested with drives this big, but the fact is that it has been working flawlessly for months now (since we upgraded the original 120 GB drives). Until last week. As I had some empty bays and unused small drives, I thought about doing a second array to store some archive stuff, as the RAID 5 array is getting pretty full.

I remembered that the case controller reboots itself when the user creates a new array, so I opted for turning off the Mac and the Promise itself, and install the disks with everything shut down. You know, this thing has hot swap, but it’s getting old, and we don’t want to push it too far. So let’s play it safe. Big mistake. Big big mistake.

I pop in the drives, press the power switch. Controller boots itself up and, as Steve Jobs would say, boom! The first two drives had the red led of death glowing. I spent a quite dramatic few minutes looking at the damn thing, and thinking that it happened. The least likely, the most feared of all things that could happen on a RAID 5 system had just happened. Two drives failed. At the same time. All the backups, some of them more than one year old, lost. Forever.

I got rational again and thought, no, this can’t happen, this thing did not boot correctly, there is something with the drives I’ve just inserted that is screwing this up. I powered down the case, removed the drives I had just inserted, and powered on again, this time carefully watching all the lights and bells. The Promise RAID, when booting, scans all the bays to see what’s going on there. You can see that happening by watching the drive lights, all of them blink quickly in a slow sequence. Well, the first two weren’t blinking.

I thought, hum, bigger drives then expected, too much time to spin up, the controller is testing them too soon. I powered off the damn thing, removed the first two drives, and reinserted them on lower bays. Another big mistake. The array disappeared. It was lost forever. Looks like the drive position is crucial for the arrays to be recognized. I had just killed what was left of it.

After some moments of desolation, I went to recreate the array again, assuming that the backups were lost I had to start from the ground up. I started the process of creating the array, and then I saw the light. On the little LCD display, the controller had the best of the words I could see on it’s first line: INITIALIZE. It allowed me to choose Yes and No. I stopped for a while, and though, if the hard drives are OK, and if I can create an array without any kind of initialization… all my data will be there! Right?

Power off, insert the drives on the original positions, power on, create array, RAID 5, default block size, initialization OFF, gigabyte boundary on, and GO. The array was created. No activity on the drives whatsoever. Perfect. Reboot. I fired up the G4 and run to the KVM console. OS took ages to boot (actually it took as long as every other time, but the adrenaline was all around). The desktop appeared and… YES! There was the RAID volume, as if nothing had ever happened. I did some quick tests, but that was it. The RAID was back in all it’s glory. Months of backups, saved.

Knowing this, I decided to push my luck a little further and turn the RAID off again. After powering up, the history repeated, first two drives were “dead”. I simply destroyed the array, created a new one without initialization, and I was back in business. Then I turned it off and quickly on again, not allowing the drives to spin down to a full stop. That time, the controller booted up correctly and the array was online.

I went to Promise site to check on this issue, and I see they had released a new firmware that announced to support some newer drives. I installed it (and it was a terrible experience, it started by having to download an older firmware to get the updater software, as Promise forgot to pack the software together with the new firmware on the ZIP archive, and ended up with an old PC with a serial cable plugged to the RAID, two floppy disks – yes, two floppy disks, and yes, we are in late 2008 -, one with DOS, another with the software, and about 30 tries – power cycles on the Promise RAID and software reloads on the PC – to get the serial communication working). After that, I powered off the RAID, waited for complete spin down, powered up again, and everything worked fine. Although I’m not trusting it fully, it looks like the problem might be solved.

So, lessons to learn: if this happens to you, 1) Do not panic (yet); 2) Do not change the order of the drives; 3) Use the LCD display and the buttons to obtain all the settings of the array (block size, gigabyte boundary status, etc); 4) Delete the array; 5) Create a new array with the same settings and initialization off. You should be off the hook by now, unless the problem WAS in fact two drives dying at the same time. Which, you know, doesn’t happen. It just can’t. Really.

Posted in Generic | Tagged , , , , , | 6 Comments

Making an invisible overlay layer work on IE

Posted on October 24, 2008 by Miguel Arroz

It’s becoming more and more common on the web to create pages that, on some situations, display some object over the page content. This could be a photo (using LightBox), a movie (like Apple does on their trailers site for non-HD trailers), a dialog, a color-picker, etc. In that situation, you often want to make the object go away when the user clicks anywhere on the page but the object.

One technique I use often is to create a DIV with no content or background that covers the entire page, place it on the page with z-index above the page content and below the displayed object, and bind it’s onClick event handler to a method that hides the object and the DIV itself. Something like this:

Overlay layer with an object above

As you can see, the transparent layer (represented here in blue) gets between the object to float above the page content (here, in red) and the page itself.

So, how hard can it be, right? Just do some quick Javascript code or use CSS to set the DIV properly, handle onClick, and you are done… or not. Yes, IE. IE will screw this all up.

When I implemented this recently, I noticed that, on IE, the mouse click would go through the overlay to the page itself, clicking on links or buttons, or simply not hiding the floating object because the layer onClick was never triggered. Even weird, on some areas of the page it worked, and on other areas it didn’t. It depended on what was below it.

After gooling and trial-and-error for a while, I found the solution. The problem is that IE doesn’t like handling clicks on transparent objects, like DIVs with no content or background. So, the solution is… add a background. But wait, if you add a background, it won’t be transparent any more, right? Wrong. There’s a neat trick you can use: create a transparent GIF file with about 200*200 and use it as the background of the DIV (the size is irrelevant for this, but if it’s too small, it will make browsers on old computers slow when reproducing it to fill all the background). IE will work, because from it’s point of view, there is SOMETHING there belonging to the DIV (even if it’s a transparent GIF) and the onClick will be triggered as expected.

Posted in AJAX and Javascript | Tagged , , , , | 2 Comments

Granular updates, please!

Posted on September 26, 2008 by Miguel Arroz

Today was update day for our Mac OS X Server machine. The story is quick: installed Mac OS X Server 10.5.5 update, fixed WebObjects to go back to 5.3.3, rebooted. Surprise: my customized version of PHP was replaced by a new version! Why was it a surprise? Because neither the Mac OS X Server 10.5.5 Update notes, nor the Mac OS X (Client) 10.5.5 Update notes, nor even the security notes about the 10.5.5 updates mention PHP anywhere.

Apple, please, can we have granular updates for Mac OS X Server, like we do on basically any other decent server OS? Can we, system administrators, have the privilege to make decisions on what and when we want to update? Why don’t you finally understand that the needs of the IT people are a little bit different than the average consumer? Because, you know, the feeling I get is that you are completely clueless about the IT needs and the way things work. Really.

I like FreeBSD more and more…

Posted in Mac OS X Server | 2 Comments

PGP Desktop 9.9 mini-review

Posted on September 13, 2008 by Miguel Arroz

Introduction

As I previously wrote in my blog, I was waiting for a whole disk encryption solution to be made available for Mac OS X. Some months ago, Checkpoint released what I believe was the first solution ever to support full disk encryption on the Mac, including the boot disk. Recently, as I noted before, PGP Corporation release PGP Desktop 9.9 for Mac OS X, supporting full boot-disk encryption for the first time on this platform. I opted for trying PGP, as they made a demo version available (that will work for 30 days) and it’s possible to buy a license online. Checkpoint, on the other hand, doesn’t seem to have a downloadable demo, and doesn’t sell the product online. This was enough for me to forget Checkpoint solution at all, specially having the PGP demo ready to be downloaded from their site and installed. So, PGP it is.

Why should you care?

Today, you easily buy a laptop with a large hard drive. That drive will quickly be full of important data. Many people consider “important data” to be private emails, trip photos, holiday movies, and such. But that’s just the tip of the iceberg. Letting anyone read your email or pick at your photos can be a problem, but it’s nothing compared to really important data. I’m talking about company reports. Source code. Data about your customers. Intelectual property. Financial data. Anything that keeps your business going, and that can put it in a very delicate position if it gets to the wrong hands.

Also, there’s an even more important fact you should take into account: some data you are carrying on your laptop is not yours, but other people’s data. Confidential emails with clients or business partners. Marketing and product information that should not be disclosed before a certain date. Governmental and military information, including private data from citizens (as an example, recently some events like this one happened in UK, where laptops with sensitive official information were stolen or lost). This means that you are no longer responsible just for your data security, but also for other people’s.

On top of this, you must think about the consequences of letting this information be revealed to the wrong persons. Important information about your clients may leak. Intelectual property that keeps your company ahead of the concurrency may become public, destroying your company advantage or, in the worst case, destroying the company itself. Governmental agencies may be placed in the hot seat for letting private information about the citizens be stolen and accessed.

All this together should be more than enough to make you worry about your computer’s data security and convincing you to do something about it.

Whole disk encryption

Computer security is a very wide subject, and there are a lot of things to consider. Network security, host security, etc. In this article, I’m covering whole disk encryption. So, what is whole disk encryption?

Whole disk encryption is a technique where all the drive contents are encrypted using a secret key (which can be a password, a key stored in a USB dongle, etc). When I say “all the drive contents”, I mean it. Even the operating system is encrypted. This means that you will only be able to access that drive’s contents if you have the key to access them, and this includes booting the computer from that drive. If you don’t have the key, you won’t be able to read the data whatever you try. Mounting it on other computers of physically installing it on a different computer won’t work. For anyone who doesn’t have the key, the drive will be as good as an empty one. All the contents will appear to be random garbage.

For those who have the right key, the main advantage of whole disk encryption is that it won’t affect the computer usage at all. The only thing you have to do is to type in the password right after powering up your machine. After you type the password, the OS will boot normally and the machine will work as if nothing special was happening. The secret is that PGP runs between the hardware and the OS itself, intercepting all the data input and output from and to the hard drive. All the applications, and even the OS itself won’t even realize that the hard drive is encrypted because the PGP layer will decrypt data requested by the applications on the fly. This is great, because it makes very unlikely that some application won’t work because of the disk encryption process. All the magic happens below the OS itself, as close to the hardware as it can be.

This will protect your data against one of the attack vectors that is most hard to defend yourself against: someone having physical access to (and some time alone with) your machine. This included the machine being stolen (which is very likely to happen at some point to laptop computers), someone entering your home or office and remove a hard drive from a computer, and even accessing data centers and stealing hard drives or entire servers (and if you think that doesn’t happen… think again, it’s more frequently that what most people believe).

I want to make clear that this will not protect your mac against other types of attacks. As I stated before, the OS and the applications will run in the same way they did before. So, if you have a virus or a trojan horse on your system, the virus or trojan will work. If you have a compromised network service, hackers will be able to get in using it. If you download an application that erases all your files, all the files will be erased. The whole disk encryption system has the only purpose to keep all the data on your hard drive protected when the system is not running. As long as you type in the password and boot the OS, all the OS-level security weaknesses that were there before will be there again. PGP Desktop has some more security features but I won’t cover them here.

What about Apple’s File Vault?

Apple provides you with some “transparent” data encryption features on Mac OS X, namely File Vault. File Vault will encrypt all the files in your home directory and store them on an encrypted disk image. You will always be able to turn the Mac on, but you must provide your account password on the login for that disk image to be accessed. As with PGP, data will be encrypted and decrypted on the fly. So, why not use it? There are many reasons why using File Vault is impractical:

  1. It’s not whole disk encryption, only home directory encryption. One may argue that all the important files are in the home directory, but that’s not entirely true. Many applications write temporary files to directories outside of your home directory, like /tmp. This files may contain sensitive information, and that information will be recorded unencrypted on your drive. Also, software like databases of other kind of servers store their data outside of user’s home directories, and that data will also be stored in clear.
  2. It conflicts with some applications, specially backup solutions. For any application executed by another user, including the OS itself, a user home directory will be a single, huge file, the encrypted disk image. The backup software will not be able to peek inside your home and only backup the files you changed since the last backup operation, so it will try to copy the entire file. Worse yet, if you change the file during the backup, you can corrupt the backup, making it hard or impossible to restore it if needed.
  3. For the same reason, remote services will not work because they won’t be able to decrypt your home directory. This is the case of a remote shell, for instance. If you ssh to a Mac with your home directory under the domain of File Vault, you won’t be able to access your files.
  4. It’s slow an unreliable. File Vault works by creating an encrypted virtual file system inside a file that grows and shrinks as needed that is itself stored in the real file system on your drive. There’s a huge load of things that can go wrong with this. This is corroborated by the fact that every time I tried to create disk images with many (hundreds of thousands) of files, the disk image inevitably corrupted and I could not access it’s content any more. Don’t forget that your entire home directory will be really a single huge file with some complex data and mechanisms that make it work. Now compare this with the simplicity of the PGP solution: just insert a layer between the OS and the drive, and don’t ever think about it again. It just works, it doesn’t need to care about files, folders, file systems, or anything else. It’s just raw data. OS asks it to write a sector on the drive, PGP layer encrypts the sector, and the sector goes to the drive. No complex processing, no complex data modeling, no complex code to fail. The PGP layer doesn’t even need to know what’s doing, it blindly encrypts and decrypts data on the fly. The OS will know what to do with that data.

For these reasons, I believe whole disk encryption is a much better solution than File Vault. I strongly believe Apple should provide this with their Macs right out of the box, but judging by the way the company handles security issues, I don’t believe that will happen any time soon.

PGP

What can you say when a product that is supposed to do what it does in the background and be totally transparent to the user actually works fine? Well, nothing. That’s precisely the point – providing security without being a pain to the user. So far, that’s my experience with PGP. I really have nothing much to say, except that it works.

I installed PGP, rebooted and typed in my demonstration registration key, valid for 30 days. Then, I read the manual, skipped all the “please verify your file system consistency before proceeding” warnings (what could go wrong?), set a password for my MacBook Pro drive, and fired up the encryption. You can use your mac normally while the initial encryption is done, as PGP is smart enough to know what disk sectors are already encrypted and which ones are not, allowing the system to work normally during the whole process. You will probably notice a very high loss of performance during the initial encryption process because the hard drive will be in really heavy usage (after all, PGP has to read and rewrite the entire disk surface).

After that, you won’t notice a thing. The only signs your mac will show you related to PGP are the small PGP icon on the menu bar, and, of course, the password window before the system boot. You won’t notice any performance degradation due to the real time encryption, at least I didn’t. Based on the UNIX “top” tool, it appears that PGP doesn’t use more than 2 or 3 percent of the CPU, which is negligible (remember that we are talking about 100% per CPU, which means that in a modern laptop with a Core 2 Duo processor, PGP is using 3%… of 200%).

You can create several “users” for your hard drive, with different passwords for each one. Please keep in mind this is only a way to avoid sharing the passwords. This is NOT a real accounting feature like in a normal UNIX system, where each user has different permissions and credentials to (supposedly) access only what he should. Here, any password will provide access to the entire drive contents. The normal access permissions will be granted by Mac OS X, of course, but PGP offers no data protection as soon as someone – whoever it is – types in a valid password.

Side notes

There are some important things to keep in mind when using PGP to encrypt your drive:

  • PGP asks for the password on system boot, but not on system awake. So, make sure to turn on the system awake password in the System Preferences, or you can allow a burglar to access your data if he stoles your Mac while it’s sleeping (and at least I always carry my laptop in sleep mode). If you want absolute security, turn off your mac before taking it with you.
  • Target mode (using your mac as a firewire drive) will work, but the drive contents will not be decrypted on the fly by the machine in target mode itself. You have to install PGP on the host machine so that it’s able to decrypt the contents of the target disk.
  • You have to be careful if you need to clone an encrypted drive. The most reliable way to do it is to decrypt it before cloning. If you want to clone an encrypted drive, check this thread in the PGP Forum for more details.
  • I haven’t tested this, but from what I recall from the manual, you may install PGP on a machine and use it unlicensed to read the contents of an encrypted drive (assuming you know the password, of course).
  • BootCamp won’t work. If you need Windows, you have to run Parallels, VMWare or any other virtual machine software. Those will work fine, providing that the Windows disk image is a file on the OS X file system, and not a dedicated Windows-formatted partition.
Posted in Mac OS X | Leave a comment

PGP Desktop 9.9 released

Posted on August 25, 2008 by Miguel Arroz

PGP finally released the 9.9 version of it’s PGP Desktop product I had mentioned before, featuring full boot-disk encryption for OS X (Intel only). The demo version is not yet available, but I can hardly wait to try it. I hope they handle correctly booting in target mode and verbose or single user mode.

Posted in Mac OS X | 2 Comments

Firefox 3 javascript evaluating order problems

Posted on July 31, 2008 by Miguel Arroz

I found out the hard way the recently released third main version of Firefox has a serious issue related to the order in which the Javascript code is executed in a page. The bug is somehow related to the files being, or not, cached on the browser.

Wonder Ajax framework adds a lot of Ajax goodies to a standard WebObjects applications. The way a page is built is by placing on the page header all the calls to load Javascript files. There’s a special case, which is when you need a JSON proxy. That is useful if you need to write more powerful Ajax behaviour than all the component trickery Wonder offers you. The JSON proxy will not only load the necessary Javascript file, but run one code line to create the actual proxy and establish the communication with the server. So the page header will have something that looks more or less like this:

<script src="/some/path/prototype.js"></script>
<script src="/some/path/effects.js"></script>
<script src="/some/path/wonder.js"></script>
<script src="/some/path/english.js"></script>
<script src="/some/path/combo.js"></script>
<script src="/some/path/feedback.js"></script>
<script src="/some/path/jsonrpc.js"></script>
<script type="text/javascript">
var jason = new JSONRpcClient("proxyUrl");
</script>
<script src="/some/path/comboboxes.js"></script>
...

When the page loads, all those scripts will be loaded and the new JSONRpcClient() method will be executed during the page load, as expected.

The problem starts when you have a javascript method associated with the onLoad window event. This is done by using the onload attribute in the body element:

<body onLoad="initPage();">

The onLoad function should be triggered when the page finishes loading. This, implicitly, means that the onLoad will be run only after all the inline javascript code (in the page header or body) be run, because that is still considered to be part of the page loading process. So, in our case, first, load all the JS and create the JSON proxy, and then run the onLoad method.

This works on every browser, and also on Firefox 3 on the first page load. The problem is that most of the subsequent page loads on Firefox 3 won’t work, at least if your onLoad method depends on the existence of the JSON proxy. For some reason, when Firefox 3 has all the Javascript files already in the local cache, the onLoad event is triggered too soon, namely before the header scripts are executed and the proxy has been created. This will break all your code executed by the onLoad method that assumes the proxy is already ready to work.

I have tried several solutions for this. The only one I had success with is the following. It’s kind of dirty, but it works. The idea is simple: if the onLoad method is to be executed before the proxy exists, than we wait some miliseconds and try again later until the proxy is ready to be used. So, if your method is like this:

function myOnloadMethod() {
  runInitStuff();
}

Change it to:

function myOnloadMethod() {
  if( window.jason ) {
    runInitStuff();
  } else {
    setTimeout( 'myOnloadMethod();', 10 );
  }
}

This will check every 10 milliseconds if the proxy is already there. If it is, your method will be run. If not, it will keep trying.

Posted in AJAX and Javascript, WebObjects | 3 Comments

MacBook Pro 17 vertical blue line

Posted on July 24, 2008 by Miguel Arroz

I’m really pissed off. Short story: MacBook Pro 17, HD display, bought this February. Blue line appeared today. I still remember when Apple hardware would work for more than six months.

Posted in Apple | 15 Comments

iPhone: why I don’t care

Posted on July 13, 2008 by Miguel Arroz

So, this has been the iPhone week. It started right on monday, with Vodafone and Optimus, the two portuguese carriers that sell the iPhone, announcing their pretty ridiculous price plans. Then, the iPhone was launched, together with the App Store and a barely functional activation site. And I couldn’t care less. Why? Many reasons, some of them are Apple’s fault, some of them are consequences of the wildly spread stupidity that exists in my country. If you are one the 4 regular readers of my blog, you know that most of my articles are techie-focused, and not opinion-based. This one is an exception.

The iPhone itself

So, what’s wrong with the iPhone? What should have been made much better in the most popular gadget of the week? A lot.

First, the phone itself. I never had a smartphone. I don’t know how does the phone part operate in a smartphone. But I know how it works on a regular phone, say, a Nokia phone. And, pick up any Nokia and it will tear the iPhone apart in what relates to be a phone, you know, something to make calls with. My first complain is something really obvious: it’s hard or impossible to use the iPhone with just one hand. Of course it depends on how large your hand is, and how much are you willing to risk dropping the iPhone on a hard ground in the middle of a street (that glass keeps shouting “break me!”). But personally, I find it a challenge, specially if I’m walking in a hurry in the middle of the street carrying stuff in one hand, which seems to be the preferred time for people to call me. I never tried to operate one while driving but it should be a real pain (I know it’s illegal to make calls while driving without a loudspeaker, I just receive or start the call and turn on my Nokia’s built-in loudspeaker, so it’s not that bad). On top of this, you have to do all that scrolling-trough-the-alfabet, and then scrolling-trough-the-names-on-the-selected-letter, and finally call the person. That sucks, because not only it’s slow, but it also requires you to actually look to what you are doing and wait for the visual feedback. On a normal phone, with a numeric keypad, if I want to call John, I press the 5 key (jkl) once and I’m already on the J. If I want to call Fred, I press the 3 key (def) three times. No feedback needed, I know where I’ll end up. I just then need to scroll (with a key, thank god!) and push the green button. You are free to disagree, but I think Nokia is so much better.

Second, the keyboard. Yuck. It’s true that I never set it to portuguese, but even when I try to write in english, it SUCKS. Man, it sucks big time. I rarely can get the word I actually want. The phone suggest wrong things. It’s hard to understand how to NOT accept the suggestion. I actually think that removing all the “intelligent” guess-what-the-user-is-trying-to-write stuff would actually improve the usage a lot, because most of the times I screwed up writing on an iPhone keyboard was actually not because I placed my finger on the wrong “key”, but because iPhone decided that I pressed a key that I actually didn’t. And of course, not having the physical feedback of a real keyboard is also bad, but I can understand that as a compromise between size and functionality.

Third, Safari. I do believe iPhone’s Safari is the best web browsing experience in the mobile market, I really do. But it sucks. It’s painfully slow. And I don’t mean the network. I mean the CPU of that thing. Even with a high-speed WiFi network, it’s slow. Rendering is slow. Panning is slow (hate that checkerboard pattern). Zooming is slow. Argh. I don’t know exactly how to make this better, but having a faster CPU would be a nice start. Yes yes, I know that faster CPU = less battery time, but as a client, I can demand! :)

Fourth, the GPS. Are you kidding?! What’s the use of a GPS if it doesn’t support turn-by-turn mode? I usually know where I am, thank you. My problem is knowing how to get to where I want while driving. If the iPhone GPS can’t do it, it’s useless. It’s worth zero for me. Now is the part you say, hey, but iPhone is an open platform, so someone will develop a better GPS software, right? Who cares. First, it won’t be free. I don’t understand why I’m buying a device with a GPS receiver and then I have to pay more for something that will actually make it work as expected. And second, and worse, it probably will not happen. Why? Because on the iPhone development SDK agreement, there’s a clause that explicitly forbiddens you from doing it: “Applications may not be designed or marketed for real time route guidance”. Period. (Waiting to be processed by Apple for copying that sentence from the SDK)

Fifth, it doesn’t work as a modem/router for a laptop. I need mobile internet access in my laptop. That comes with a monthly payment. But hey, if I have an iPhone, that means TWO monthly payments for the same service. Now wait a minute. I said “same service”! So why can’t I share it? Well… because the iPhone won’t do it. Any other phone can be used as a modem, via bluetooth, so that you can access the Internet from your laptop using the phone connection. Nokia. Sony. You name it. But hey, not Apple. So, as I don’t like to give away my money to the phone carriers for a stupid reason, iPhone is a no-go.

Sixth, the bluetooth implementation is totally crippled. It will only power your headset, and nothing else. No vCard sharing via bluetooth with nearby phones. And worse, no synching with your mac via any wireless means. Yes, that’s right. Remember using iSync with your Nokia or Sony or whatever phone? Forget it with the iphone. You have to carry the USB cable with you all the time. Which is actually a good thing, because battery life time seems to be not that great, so you’ll often need to pump in some juice to keep it going.

So, the iPhone, as a device, sucks. But it’s a good mobile platform, and platform means really great third party software to use. Or doesn’t it?

The app store

It’s 1984. Apple will introduce Macintosh. And what better way to do it than with the famous 1984 commercial, where IBM is pictured as the evil Big Brother and Apple as the liberating force that will provide everyone with their deserved freedom from the evil empire?

It’s 2008. Reality check. Apple is the Big Brother.

The app store seems to be a great ideia. An organized, controlled, easy to use place for users to go and buy the apps they want to use. But what does it mean for the developers?

Big Brother is what it means. Apple reserves the right to accept, or not, your application to be on selling on the App Store. Also, it imposes some very strict guidelines on what you can actually do, like the GPS example I stated above, and also VoIP and other stuff. Even worse, the App Store is the only way to publicly distribute applications for the iPhone, assuming you didn’t jailbreak it, and most people didn’t. So, Apple has the power to decide that you are out of business if they decide so. The only way to reach your customers is trough Apple.

In my opinion, this is not only ridiculous, but also a very dangerous precedent. If I buy an iPhone, it’s mine. I should be able to do whatever I want with it. And if I’m a developer, I should be able to reach my clients directly. It’s very dangerous to have someone saying what is OK to run on your phone and what’s not. Some claim it’s a security issue. After all, you don’t want your software to call people on foreign countries without your knowledge, because those calls will be billed on you. Bah. What about computers? Don’t we have really important information on them? Information that can compromise much more than just your phone bill? Why don’t we create a desktop App Store, to control everything you have on your Mac? It’s simply ridiculous. And what pisses me off about this is watching developers and users accepting this without a single complaint. What’s next? All the books you buy must be approved? All the movies you see must be “decent”? All the music you hear must be controlled? It’s ridiculous. And dangerous. It’s Apple totally forgetting about 1984, totally forgetting about it’s roots, and going totally Big Brother, totally enterprise-who-wants-to-make-money-no-matter-what. As someone who entered the Apple world in 1987, with the Mac PLUS, it’s really, really sad to see this.

The plans and the hype

This next subject depends, of course, where you are. I live in Portugal, and as I said, we have ridiculous data plans for the iPhone. Vodafone’s plans were all limited to 250 MB per month, and of course, they will charge the hell out of you for every extra bit. After some complaints, they bumped the limit on the most (and ridiculously) expensive plan to… 500 MB. Optimus’ plans are not better. It’s sad to compare this to other countries like Netherlands, where all the plans include unlimited data, and, depending on the plans, you can get your phone for 1 euro. The problem is that the carriers didn’t really understand what this product is about (or they pretend to not understand while they happily rip you off). The iPhone is a mobile platform. It depends on the Internet for most of it’s features. The fact that the iPhone is a phone, and allows you to make calls, is a minor detail. The iPhone depends on the Internet, so it’s ridiculous to sell data plans as if it would be just another phone with internet access. It’s a completely different product, and should be looked to by the carriers as what it is. Unfortunately, portuguese carriers didn’t go along with this vision, and are happily raping their clients.

To conclude, something that makes me really pissed off and sad is all the hype, and the way the iPhone was promoted here. In San Francisco, lines were formed near the stores, and you could see geeks, with their eyes shinning about the new stuff they would be able to do with this new platform. Here, lines and launch parties were constituted mostly by VIPs. Most didn’t even know what the iPhone was, they just wanted one because they have money and it’s cool to have the latest Apple gadget. Carriers wanted those people to be there because they are famous. Because, even being incredibly stupid and ignorant, they have big (sometimes artificial) half-naked boobs they show to the TV cameras resulting in more attention in the news reports. Because they think they are funny comedians, making jokes about knowing nothing about technology, being proud of their ignorance. It’s sad to see a new piece of technology being used as a glamour toy, a coolness factor, and not as a new device that will allow new and incredible stuff to be made. Oh well. It’s Portugal.

Posted in Apple, Generic | 3 Comments