Sep 13, 2004 | Software Development, Technology
Let’s start with the obvious. Almost nobody reads software licenses. You know why – they’re incomprehensible, too long, and in cases where you have to use the software anyway, you’re stuck with the license regardless. The only exceptions are the large corporations who have the lawyers, time and money to deal with them. Normal people don’t bother.
Unfortunately, this has some pretty serious side-effects. Aside from the obvious fact that millions of people are in effect agreeing to contracts they’ve never read, one of the common ways that spyware and adware are spread are by having users agree to them without realizing they are doing so.
I think it is time to completely revolutionize the way we deal with software licenses. To do so, I offer the following modest proposals.
-
A law should be passed that restricts the length of software licenses for consumer software to no more than 500 words. For comparison: the BSD Open Source license is 225 words, The Claria (formerly Gator) adware license agreement is over 6600 words (15 pages single spaced).
-
Software licenses must be written in plain language that can be clearly understood by the average 13 year old.
-
Security updates to software may not include any license terms that were not present in the original software.
-
No license for released (not beta) software may include any terms that restrict speech, review or benchmarking of the software. For a software publisher to restrict free speech and commentary on their products is shameful and unethical. I do think, however, it’s fair to require that any benchmarks include the source code of the benchmark so people can independently review the results.
My Challenge to Microsoft
As the software industry leader, I call on Microsoft to take the lead in coming up with creative and user friendly solutions to this problem. To start with, try taking the software licensing process out of the hands of your lawyers, and hand it to your user interface people. They’re good, and if they can’t figure out a way to revolutionize software licenses so they work, then we should all go to open source, because the situation will truly be hopeless.
My Challenge to the Government
Yes, I know – asking Congress (which is made up primarily of lawyers) to create laws that simplify license agreements seems like a long shot. But I can dream, right?
How else do you think software licenses need to be changed? Comments welcome.
Sep 5, 2004 | Society & Politics
Fool me once shame on you, fool me twice shame on me… well, so says the quote. But honestly, with so many conflicting claims and lies, I’ve become increasingly frustrated by my own inability to figure out what’s actually true. Whether it’s lying through omission, lying through misdirection, or outright lies, it’s awfully hard to extract nuggets of truth from the noise.
So, being a civic minded individual, I did some extensive research, and am pleased to offer this guide to detecting who is lying during this joyful campaign season:
- Anyone who explicitly claims to be telling the truth – is lying. Groups with “truth” in their name, lie. “Swift Boats for Truth” – dead giveaway. If they weren’t lying, they wouldn’t need to convince you otherwise.
- Every political advertisement lies (by omission- obviously).
- All issues ads lie (you know, the kind that aren’t sponsored by the candidate, but rather by their best friend, leading contributor, ex college roommate, etc.)
- All news broadcasts lie. The one exception: Jon Stewart’s Daily Show, which claims to lie, has a higher degree of truth than any news broadcast. This is not surprising because all comedy is ultimately based on truth.
- Anyone claiming the other side is lying, is lying (Michael Moore, Rush Limbaugh, you know the type).
- All the candidates and their spokespersons lie. You see, if they actually said anything truthful the media would squeeze it of any ounce of subtlety and portray it as a mistake or gaff. So the campaigns must stick with carefully polished and scripted sound bites – lies.
- Anyone who mentions 9/11 in a political context more than once in a speech or conversation is lying (it’s the ultimate misdirection). Oh, except for Rudolph Giuliani, who’s the only guy who’s earned the right to say it twice in a speech before it’s a lie.
- Anyone who talks extensively about how great America is, is lying. Real patriots know America is great – we don’t need politicians going on about it. We’d rather hear them explain HOW they’re going to keep America great. And how we’ll pay for it. Specifics please?
- There are probably more – comments are welcome.
Finding the truth is clearly a greater challenge than I ever imagined. And it poses some fundamental challenges when it comes to voting this November. But since it is clear that lies far outnumber the truth, the following axiom, stripped of spin and manipulation, must be fundamentally true:
Since all politicians and media are lying (either through omission, misdirection, or outright), you cannot predict their future actions based on what they say. This implies that you can only anticipate their future actions based on past actions of themselves and their supporters.
Ok, we’re making progress. Having written off the media, the candidates, the ads, the campaigns, and statistics (which are also subject to manipulation and later correction), it becomes remarkably easy to choose a candidate. Let’s consider the major topics:
-
Iraq & Terrorism:
Both sides now agree that the arguments for going into Iraq were either outright lies, or the results of gross incompetence. Frankly, I supported going into Iraq because I could not imagine our government either lying about WMD, or being so grossly incompetent as to go to war without an incredibly high degree of certainty on the issue. Spin aside, the buck stops there: It was either a lie or gross incompetence.
If you believe the current administration has learned from their mistakes, and has become highly competent at intelligence and foreign policy, you should stick with Bush. If you’re one of those people who, if you had an employee who lied or was grossly incompetent, would fire them, you should choose Kerry.
-
Taxes:
This one is simple. You either choose a Tax and Spend Democrat. Or a Borrow and Spend Republican. Sorry, you can’t have a true responsible economic conservative (control spending and balance the budget) – that was Clinton and he can’t run again.
-
Economy:
If you’re making more money, have better job security, and your friends and family are happily employed, the economy is good. If your economic status is uncertain, and you know people who are out of work, the economy is bad. Since the media and statistics lie, all you can base it on is what you see around you.
- Social Issues:
If aborting fetuses and gays getting married is more important to you than security, taxes or the economy, you know who to choose.
-
Health Insurance:
If you don’t have health insurance or can’t afford it, and want it, choose Kerry. It’s virtually certain the Democrats will do more than the Republicans on that score.
-
Civil Liberties:
If you’re willing to give up more privacy and civil rights in the hope of gaining more security, stick with Bush. If you’re willing to accept more risk in order to keep privacy and civil rights, choose Kerry.
Those are the big ones. There are lots of other issues, but it’s much harder to distill the truth out of lies on those, or to figure out which “experts” might be closer to the truth. But I’ll keep working on it.
Sep 3, 2004 | Security, Software Development
This week I was quoted in an SD Times story about 64 bit Windows. In it I say:
“Migration to 64 bits is likely to be slow, as is migration to any new technology. What’s more, delays of major products from Microsoft are common, so it’s hard to get excited about them.”
Now, for the record, I was not misquoted. Nor was this taken out of context. However, also for the record, I’d like to include the remainder of the quote that was not included in the article:”
Not only are delays on major products common, but as an industry we would much rather Microsoft take the time needed to “do it right”, and make sure the technology is secure and reliable, than to rush something out the door.
Kudos to Microsoft for having the discipline to wait until it’s truly ready to ship.
Now, on another note. I saw the most remarkable phishing email scam today. The misdirected link was subtle and hard to spot in the message source code, even when I knew what I was looking for. I wrote up a description of this IE specific attack at alwaysuseprotection.com. Visit the page using IE – it’s a trip.
Sep 1, 2004 | Society & Politics
The ongoing flap about Kerry’s service in Vietnam is an all too typical example of the media (and others) focusing on triviality and completely missing the bigger picture. Were there bullets flying? Did Kerry bleed on his Purple Heart?
Who cares?
The bottom line is that Kerry did serve in Vietnam. And if he didn’t get shot at in this particular instance, there’s no doubt he was shot at other times. Those boats sailed dangerous waters. Even if he exaggerated the danger on some report 35 years ago, the idea that this should influence today’s election is ludicrous.
But unfortunately our political system is all too often based on the big lie and distraction – shout a lie long and loud enough and people start to care and to believe it.
Or how about flip-flops?
“Flip-flop” is a common insult in this political season. I think it’s overtaken “liberal” as a dirty word (in part because more Democrats are willing to stand up and proudly claim the term, a common schoolyard technique for shutting up a bully). Could the same approach work for “flip-flop?” Absolutely. Why, I myself flip-flopped recently. Just a few months ago I explained why I had no interest in blogging. And here I am, blogging furiously. Flip-flop is a childish way of saying “changing your mind.” If someone learns something new, and has the courage to acknowledge that their previous opinion was wrong and to adopt a stance based on their new knowledge – that’s something to be admired, not condemned.
Is there hope?
They say that California leads the nation, and a recent flap with our Governor gives hope. You remember him, governor Schwarznegger. Just yesterday we were the laughing stock of the world with an open ended recall election that had 135 people running for the office. They laughed harder when we chose an ex-body builder movie star with a thick accent. But guess what – most Californians are absolutely thrilled with the job he’s been doing. But there’s one recent incident that gives true hope for the future.
The legislature was in the midst of their usual annual deadlock on passing a budget. In frustration, Governor Schwarznegger called those who refused to act “girlie men.” The media went into a frenzy: he was sexist, he was homophobic, he was….
Meanwhile, the reaction of most of the population seemed to be “yeah, he was funny. Now pass the d#*# budget!”
In other words, by and large the electorate did not buy into the media distraction, and stayed focused, maybe even appreciated the humor of the Governor using a phrase that was originally used on Saturday Night Live to parody him. And we got our budget.
Weapons of Mass Distraction is also the title of a wonderfully wicked movie. Though a bit hard to find, I highly recommend it. Might be available from Barnes & Noble
Aug 30, 2004 | Software Development
Like many developers, I’ve started the process of getting acquainted with beta 1 of Visual Studio .NET 2005, along with the new versions of both C# and Visual Basic .NET. One thing has become increasingly apparent – Microsoft is effectively abandoning the Common Language Specification (CLS).
If you think back a couple of years when .NET was first announced, the CLS was one of the lynchpins of the .NET message. The idea that every .NET compatible language would be able to work seamlessly with any other .NET language was one of the key innovations of .NET. This meant you could create components in any language, and easily use them from any other – a vast improvement over the previous generation where mixed language development required great care to match calling conventions, parameter count and type, and responsibility for reference counting and memory management.
There is no doubt that .NET is a huge improvement over previous approaches. As a component developer, and someone who strongly believes in software reuse and component based software development, the CLS was gospel. I believed that every assembly should always be CLS compliant (even private code, in the hope that one day it might be refactored into components). Visual Basic .NET 2002-3 produces CLS compliant code by default. C# does not, though it’s not hard to maintain CLS compliance, and the compiler can check for it if you wish.
With Visual Studio 2005 it seems clear that Microsoft has effectively abandoned the CLS in favor of a new standard: specifically – the set of language constructs supported by Visual Basic .NET and C#.
Want proof? Visual Basic .NET 2005 no longer creates CLS compliant code by default.
And you know what? Microsoft made the right decision in this case. Leaving these features out of VB .NET would have crippled the language (both in perception and in reality, though mostly the former – a subject I’ll return to later).
The three major non-CLS compliant features I’ve seen so far are generics, unsigned variables and different access levels for property procedures. All of these are extraordinarily useful features for VB .NET. All will make it easier for VB .NET and C# assemblies to work together.
What does this mean to other language vendors? Can they leave out these features with the argument that they are not necessary because they are not CLS compliant? Of course not – how can you be less than 100% compatible with the two major .NET languages? In effect, VB .NET and C# will define the new de facto standard.
The idea of a common language specification is a good one, and the truth is – they are so close that it’s hard to see this as a big deal. But language interoperability is important – especially if we are ever going to convince developers to truly adopt component-based development. Both VB .NET and C# should produce CLS compliant code by default and require an explicit developer choice to turn it off (just as systems should be secure by default – same concept). But I’m not suggesting they change the default attributes for VB .NET and C# projects. Rather, Microsoft should update the CLS to match the new de facto standard and make that the default setting for VB .NET and C#. This will help vendors of other components and the folks developing Mono to have a clear common guideline to work with, and in the long term ensure that the interoperability promised with .NET does not devolve into an illusion.
Related Articles:
How Microsoft Lost the API War by Joel Spolsky is essential reading to every Windows software developer. Check out his new book.
RSS feeds for sites referred to in this item:
Joel on Software
Aug 26, 2004 | Society & Politics, Technology
Ever since the movie “Revenge of the Nerds,” the word “nerd” hasn’t been so much an insult, as a promise; or at least a suggestion that those kids who spend their time in geeky pursuits will one day employ the cool kids (or at least cash in some nice stock options along the way).
Well, stock options aren’t what they were (unless you work for Google), and jobs of nerds and former cool kids alike are finding their way to India and Asia, but geeky pursuits continue among both kids and adults.
Today I’d like to tell you about two teenage nerds I met recently. Wait, I mean two teenage geeks. Nowadays, around here at least, geek is much more complimentary than nerd. But since it may vary where you are, I’m just going to alternate between them – you’ll know what I mean.
Anyway, I want to tell you about them, because their pursuits today may give us some insight into the future. More important, I think their stories may shatter some misconceptions adults often have about what it means to be a nerd today. Consider this a plank in bridging today’s digital generation gap (something I’ll be writing more about).
When I was a young nerd, my main hobby was Amateur Radio (or Ham Radio). I had my advanced class license by 14, and passed the technical requirement for first class by 15 (didn’t quite make it on the morse code). I could tear apart and repair a short wave radio, build Heathkits for fun, and spent weekends participating in contests and sometimes T-Hunts (first generation geo-caching, done the hard way).
We all know those kids have vanished. Heathkit is but a fond memory. Ham radio largely relegated to senior citizens. The computer took over, and everybody knows that it’s on computers that you’ll find today’s young nerds. But let’s take a closer look at what everybody knows.
In “Revenge of the Nerds,” the technology nerds played with computers and build robots. In fact, any kid who used a computer was by definition a “computer nerd.” That is no longer true.
Almost every kid and teen today uses computers routinely, most are on the Internet as well. And while it might feel nice to interpret this as a victory of sorts (yeah! all the kids are geeks now), it’s just not so. For most kids and teens the computer is a tool. They have little or no interest in the computer itself – just in what they can do with it. From using wordprocessors for reports, to presentation software for classroom presentations, to online gaming, etc., the computer is a means to an end.
So how did I recognize these two “computer nerds?”
I spotted the first one when we were having a casual conversation about computer monitors. This alone is not a mark of a nerd – monitors are a fact of life nowadays, but he used the term “frame rate,” which is not in the vocabularly of the average teen. Later we were discussing a dynamic state machine based AI he’s developing for a game he’s writing, and two things became apparent: First, that I’d forgotten more than he knows about state machines (with an emphasis on the “I’ve forgotten” part), and second, that he definitely qualifies as a nerd (oops, I mean a geek).
The second one I met at a LAN party. When not in school he runs his own part time business, charging friends and neighbors $25/hour to clean their computers of viruses, set up security, and install software. Yep, that definitely qualifies.
My nephew and his group of friends have quite a few geeks among them as well. In fact I had the pleasure of watching them participate in a STRUT contest last year in which their team field stripped a computer to its component parts, then reassembled it in a shockingly short time.
Ok, this isn’t enough to play “spot the nerd,” but the key thing to remember is this: just because a kid is using a computer doesn’t make him or her a nerd. You have to look further.
Oh, one more thing.
Both the two teens I mention here, and most of the others in this group have one other interesting thing in common: they spend much of their time using and playing with Linux. Today, that is definitely the mark of a geek. Tommorow? Who knows….
Aug 23, 2004 | Security
Most people in the technology field don’t realize how truly awful it is out there with regards to viruses and spyware. I’ve been traveling around the country promoting my book “Always Use Protection: A Teen’s Guide to Safe Computing,” and the stories I’ve heard are horrific. People are truly learning to hate their computers.
A recent blog in the Scobleizer is but a small example, but one of the comments that suggested Microsoft build in anti-virus capability to Windows is way off.
Having Microsoft build anti-virus protection into Windows would be a disaster.
Let’s ignore the antitrust issues. Let’s even ignore the question of whether Microsoft can be trusted to build a good antivirus product.
Right now there are a decent number of antivirus vendors. The competition among them is helping improve the overall protection of antivirus products. More important, the variety makes it very difficult for a virus/worm to target all of them (remember – viruses love to disable antivirus programs).
What would happen if Microsoft included antivirus protection in Windows?
It would immediately suck a huge amount of the revenue that antivirus companies use to survive and use to develop their products. Even if vendors had a better product, the vast majority of people would just stick with the built in antivirus program. The Microsoft antivirus program would quickly gain a dominant market share. We’ve seen that story before.
Not only would this reduce the competition that drives improvement in antivirus programs, it would create a huge juicy target for viruses. Just as most viruses now target Internet Explorer, most would target the built-in protection. Computer security is far too important to take a chance on this. Microsoft took the right approach with XP SP2, checking to see if an antivirus program is present. They should continue with this approach.
RSS feeds for sites referred to in this item:
Scobleizer