Tumbled Logic

Children today are in the midst of a sea-change in broadcasting. They’re growing up with widespread...

Wed, 10 Mar 2010 22:50:00 +0000

Children today are in the midst of a sea-change in broadcasting. They’re growing up with widespread access to both live and on-demand output at the touch of a few buttons across a multitude of devices. Their parents are the generation who grew up with the BBC Microcomputer, the Domesday Project, Teletext, and some of the finest programming — still enjoyed today — that the British broadcasting industry has ever produced.

That generation, my generation — a generation which then grasped emerging convergent technologies with both hands — is at least in part responsible for the landscape of the broadcasting world as it exists today. As children, possibilities unfolded before us despite the crude state of the available technology. We saw beyond the low-resolution graphics, awkward interfaces and lack of computing power. We saw what these ideas could become.

As adults, we have striven to make those possibilities a reality, and the technologies required to do this are becoming widespread. Much of it is still in its infancy, but rich hypermedia, access to television and radio from a range of devices (from the television to the mobile phone and beyond), and instant, affordable, global telecommunications are together changing the way our children — and us — are informed, educated and entertained.

"My patching system, the EP5S/31, was given the name LEOPARD, notionally standing for Lighting..."

Wed, 10 Mar 2010 13:03:04 +0000

““My patching system, the EP5S/31, was given the name LEOPARD, notionally standing for Lighting Equipment Online Patching and Routing Device but also easy to remember because this leopard really did change its ‘spots’!””

- Richard Russell’s career at the BBC

User Agent/Referrer Verification

Mon, 08 Mar 2010 22:15:00 +0000

This is a snippet of code which verifies access to a given resource based upon a combination of access to a referring resource and a user-agent string. The client generates an sha256-hmac based on the contents of the referring resource (which the client must have access to) and its user-agent string. This HMAC is sent along with the request for a resource.

Thus, given a list of referring resources and valid user agents, the server can generate a list of valid keys by performing the same sha256-hmac process on each combination. If a client sends a request which does not appear in this list of keys, the request is denied.

I would be interested on an expert opinion as to whether this is considered an “effective” technological copyright-protection mechanism according to the Copyright, Designs and Patents Act 1988 (as amended by The Copyright and Related Rights Regulation 2003), and whether implementing a third-party client which implements this protocol (for the purposes of interoperability) constitutes “any device, product or component which is primarily designed, produced, or adapted for the purpose of enabling or facilitating the circumvention of effective technological measures” as specified by section 296ZB of the Act.

Canvas

Sun, 07 Mar 2010 20:25:06 +0000

It’s not often that the DTG, Sky and Virgin Media all agree on something.

Even rarer is that the dissenting body is the BBC.

Even rarer still is that much of the criticism levelled at the BBC and its partners is sentiment I share.

Either the world’s about to end, or we might collectively have a point.

Birtspeak 2.0

Tue, 02 Mar 2010 19:13:23 +0000

The BBC should also make a step-change towards simplicity in its operations and structure, dismantling the remaining elements of its traditional hierarchy and replacing them with a flatter, more dynamic and flexible structure that reflects the nature of the BBC’s new challenges: wholly focused on serving the public with fewer management layers; better team-working and pan-BBC collaboration; and stronger performance management.

— BBC Strategy Review, March 2010

Broadcast versus on-demand

Fri, 26 Feb 2010 19:29:36 +0000

Kate says:

I believe that on-demand will replace broadcast when >95% of the pop has broadband & there is a good “feed me TV” mode for on-demand

Now, I don’t technically disagree with this statement, but there are a few hidden conditions which means it’s a lot further off than availability of the raw technology belies.

First, there’s not just the general provision of broadband, but the means by which it’s architected. As Kate alluded to in an earlier tweet, we need smart “routers” which can cache content; effectively, CDN nodes within very very easy reach of everyone. Technically, this isn’t hugely difficult, and there are lots of ways by which content can be fed to them (which is where effective use of multicast can help, too), but in many current ISP’s networks, there actually isn’t somewhere that you can place such a node which won’t cost you just as much for the consumer to access as it would were they to stream the content directly from source. Of course, BT will be happy to sell you a solution which avoids this (which again, in part is built on multicast).

It’s not all doom and gloom, of course. Some ISPs could do this today, and it’s not hugely different from how cable TV works. But actually deploying this on a useful scale requires having enough demand from both on-demand providers and ISPs to make the cost of the nodes affordable, which relies on the ISP’s networks to be amenable to their placement, and so on, and so forth. This is not a “it won’t happen”, but it probably won’t happen within the next five years without some serious game-changer appearing in the domestic ISP market.

Next, in order to “feed” content in place of editorially-chosen programming, you need to have rich enough metadata — not just for new programmes, which only make up a comparatively small proportion of what is broadcast and people watch, but also for all the things we’re making and broadcasting today, all the way back to those episodes of Fawlty Towers and classic Star Trek.

This is a huge challenge, much bigger than trying to get intelligent lightweight content-delivery nodes into every ISP in the land. The technical aspects of matching preferences to metadata are fairly straightforward, but to deploy this as a replacement for, say, BBC One (with access to the same content that the controller of BBC One has) would require a monstrous amount of effort. But, on the plus side, it’s effort which is being undertaken.

We’ve already seen Joost try — and fail — to do precisely this, and they failed for a few reasons (chief amongst them being availability of content that people want to watch). Getting content that people want to watch and getting the metadata attached to it appropriately and getting enough of it that’s a serious contender and packaging all of this up into a device people can just plug into their TVs cost-effectively is a big challenge. A huge challenge, in fact.

Finally, there’s the matter of identity: even with the prevalence of iPlayer, people still differentiate between the BBC’s different channels (even without the BBC’s own brand identity efforts). It’s a safe bet that a documentary on the life and works of Tolstoy is probably BBC Four fare, while a new 18-35 comedy series is at home on BBC Three. Technology aside, there’s something to be said for the editorial choices of others. This is relatively easy to solve, though: rather than building a profile for a complete channel, you start with one of the existing ones and add/remove as desired (e.g., “BBC One without the property shows and more drama”).

All in all, I don’t think it’s something that’s pie-in-the-sky, but by the same token I think it’ll be a good ten years (a lifetime in technology, and a lifetime in some respects in the broadcast world) before we see anything which achieves it with a serious chance of success and survival.

Wow

Fri, 26 Feb 2010 13:32:49 +0000

A couple of days ago, I posted about a collaborative playlist I’d created on Spotify called “Discoveries”.

When I posted the link, the playlist contained just three tracks, and I haven’t added any since. I just took a look and it now contains 66 tracks — four and a half hours of music.

I’m actually quite blown away by this. I love the idea of a huge ever-growing playlist that, whoever you are, contains music that other people are just discovering. I do wonder how long before it’s indistinguishable from random selection or the “radio” feature, though.

I’ve seen syncing the playlist for offline playback on my iPod touch. I don’t know about anybody else, but I’ve been quite enjoying it. Keep adding stuff!

BBC signals an end to an era of expansion

Fri, 26 Feb 2010 00:27:54 +0000

This from an article in The Times (prop: R. Murdoch), which may potentially be seen as a means for one of the BBC’s fiercest critics (R. Murdoch) to exert pressure upon the corporation.

It’s also, to my mind, unusual for “Trust sources” to leak the conclusions from a consultation several weeks before the report is due.

Further, it’s not necessarily true that the BBC has seen an “era of expansion”.

Still, let us take the claims at face value.

There are some aspects of these cuts which aren’t necessarily a terrible thing. In fact, some I’d actually — on balance — agree with. I am biased. I don’t have the benefit of the big picture across all of the audience demographics. BBC Switch is something which makes me feel old (in that it garners a reaction of “what? are you talking that way for real?”), Blast! is something I have no idea of, but from my white middle-class observation point BBC Asian Network appears to have been a moderate success.

(I refuse to be drawn into the 6Music debate).

But, on the flip-side…

“The corporation’s web pages are to be halved, backed by a 25 per cent cut in staff numbers. Its £112 million budget will also be cut by 25 per cent.”

I don’t know what this means, and I build web sites for a living. People I know who build web sites for a living don’t know what it means. People who work for the BBC don’t know what it means. Nobody knows what it means because it makes no sense at all. How do you “halve” web pages? Is URI count the principal measure of a site’s size? Or is it the amount of content? How much of it is generated automatically from things which the BBC has internally anyway? How much of it is user-generated? Once you take away News, Weather, iPlayer, the blogs, the message-boards, H2G2 and /programmes, what do you have left? Maybe the educational stuff should go? Or the games on CBeebies (as much as I dislike Flash, my three year old shares no such derision)? What about the BBC Food content? Sport? Where must the axe fall?

“It is also pledging to include more links to newspaper articles to drive traffic to the websites of rival publishers.”

Didn’t those publishers get really quite uppity when Google did that? Confused. dot com.

“The BBC will also try to calm the nerves of local newspaper groups — who are suspicious of the corporation after its aborted plans to develop video-driven local websites — with a pledge not ever to produce services at a “more local” level than is currently the case.”

“Local newspaper groups” are increasingly the same as “national newspaper groups”, for those who haven’t been paying any attention. What does ”more local” mean anyway? I mean, the BBC goes really quite local for me (it once used one of my photos, for example), but I wouldn’t rely on it for anything important that was happening locally. Social media has killed the news in that respect for me (especially now that local authorities are getting in on the old social game).

On the numbers: I don’t honestly know if they add up. They could be plucked out of thin air just as easily as they could be dead-on for all I know.

preshit: aayush: Enigma Secrets Crush

Thu, 25 Feb 2010 15:16:43 +0000

preshit:

aayush:

Enigma

Secrets

Crush

The Trap

Thu, 25 Feb 2010 15:14:22 +0000

Do not make the mistake of confusing “works because of” and “works in spite of”.

Protecting your content, a handy guide

Wed, 24 Feb 2010 20:31:00 +0000

1. If you want to prevent people from accessing your content who aren’t supposed to, what can you employ?

Geo-blocking (only granting access to people whose IPs are associated with a given country or list of countries).
Authentication (users must log in, for example using a username and password).

2. What happens if your content is served from a different place to the front end, and the front end is protected but the content itself is not?

Employ some kind of shared session or single-sign on (perhaps, for example, passing a signed time-limited key whose signature is checked by the content server)
If using Flash Media Server (or compatible), enable SWF Verification (achieves goal imperfectly, essentially as a side-effect; it only actually verifies that the user has, or has had in the past, access the requesting SWF; penalises legitimate users using non-standard access mechanisms).

3. Once your content has been served to a user, who is a knowledgeable pirate willing to distribute it such that others can easily download it, how do you prevent them from doing so?

Serve your content only to devices which are under your complete and effective control (noting that PCs, mobile phones and games consoles rarely—if ever—satisfy this condition).

4. Once your content has been served to a user, who is not a knowledgeable pirate willing to distribute it such that others can easily download it, how do you prevent them from doing so if they for some reason attempt to despite the probability that somebody else (see (3)) will already have done for a given piece of content?

(a) and they are not likely to obtain it from aforementioned knowledgeable pirate who also has access to your content (see (3))

Employ some kind of digital rights management (noting that it is at this point moot, because they weren’t going to do anything with your content anyway; noting also that it runs the not insignificant risk of inconveniencing them at some point or another causing harm to your reputation and potentially to your turnover; noting further that it artificially restricts the platforms and devices upon which your content can be enjoyed by a legitimate consumer; finally also noting that it almost always significantly restricts the choice of technologies that your developers can employ in order to achieve realisation of your goals).

(b) and they are likely to obtain it from aforementioned knowledgeable pirate who also has access to your content (see (3))

As per (4)(a), noting however that any inconvenience they might suffer as a result significantly increases the risk of them obtaining your content from an illicit source.

5. Once your content has been served to a user, who is not a knowledgeable pirate willing to distribute it such that others can easily download it, how do you ensure that it can only be viewed on a narrow range of supported devices?

See (4)

6. Once your content has been served to a user, who is not a knowledgeable pirate willing to distribute it such that others can easily download it, how do you ensure that they cannot write a copy to transferrable media (such as a DVD-ROM, BD-ROM, USB stick, etc.) and pass a copy to a friend, irrespective of whether that friend has legitimate access to the content themselves?

See (2) and (4)(b), noting that the friend willing to be the recipient of an illicit transfer in this way can instead simply obtain the content from a knowledgeable pirate (see (3)).

7. Once your content has been served to a user, who is not a knowledgeable pirate willing to distribute it such that others can easily download it, how do you ensure that they cannot write a copy to transferrable media (such as a DVD-ROM, BD-ROM, USB stick, etc.) and retain that copy for a prolonged period?

See (2) and (4)(b).

8. Once your content has been served to a user, who is not a knowledgeable pirate willing to distribute it such that others can easily download it, how do you ensure that they cannot write a copy to transferrable media (such as a DVD-ROM, BD-ROM, USB stick, etc.) and transfer that copy to an unsupported device for playback (portable media player, phone, laptop computer, etc.)?

See (2) and (4)(b).

9. What else?

The more enhanced and flexible the legitimate distribution channel, the less demand is placed upon illicit channels.
Lack of, for example, Digital Rights Management does not negate the copyright status of a piece of content.

Discoveries

Wed, 24 Feb 2010 18:11:27 +0000

I’ve created a collaborative Spotify playlist called “Discoveries”.

There are only a couple of tracks in it, but I’m inviting anybody and everybody to listen, and to add tracks they’ve recently discovered and enjoyed.

Join in :)

Adobe SWF Verification

Mon, 22 Feb 2010 22:11:48 +0000

So Adobe has this thing, called “SWF Verification”, which is touted as some kind of content security scheme for streaming media.

Now, it’s fair to say that SWF Verification is marginally more useful than, say, checking a referrer, because it does rely on you having access to the SWF itself (at least for a short period) in order to perform the operations that the genuine Flash Player does.

Assuming you do (because it’s publicly accessible, and SWF Verification has been deployed as a mechanism to prevent downloading of streaming media in ways which Adobe Flash Player doesn’t permit), then it really is just a slightly more long-winded form of a referrer check.

SWF Verification is based upon a hash derived from the SWF file your server is expecting to be requesting the streaming media, and a fixed string. Well, currently it’s fixed, but in future it could vary: either way, if your client has access (as Adobe’s Flash Player does) to the actual SWF, then all this does is confirm that you know how to use sha256-hmac and speak the protocol.

Listen up, because this is a crucial part of how the Internet works: there is nothing you can implement on a server which can tell the difference between program “A” on a client and program “B” on a client, if both A and B have access to all of the same resources, talk the same protocols, and the latter goes to the trouble of emulating the former at a protocol level. None. A and B will be utterly and completely indistinguishable so long as one person is willing to put in the small amount of effort required to make it so.

Feel free to do us all a favour and stop trying. It will make the lives of both you and your customers a little easier.

Ones and zeroes and pixels

Sat, 20 Feb 2010 08:55:48 +0000

I’ve had lots of recent conversations (online and off) on this subject. Gruber puts it rather succinctly:

This sort of nonsense gets to the bottom of what’s wrong with these entertainment executives’ outlook on the world. They want to define everything by arbitrary device types — this is a “TV”, that is a “computer”, this other thing is a “mobile device” — and then sell/distribute the same content to different device types separately and with no spillage. But it’s all bullshit in the digital world. It’s all just ones and zeroes and pixels. To these TV executives it makes sense to block Boxee from supporting Hulu because Boxee is for “TVs” and Hulu is only intended for “computers”. Now they’re stuck trying to figure out which arbitrary slot the iPad fits into.

A conversation I have every month or so

Tue, 16 Feb 2010 12:17:25 +0000

dwineman:

Me: (tries to visit a local restaurant’s website via iPhone)
Restaurant website: I require Flash. Fuck off.
Me: I just want to know how late you’re open.
Website: Nope.
Me: But I’m on my phone. Don’t you have a little “HTML Version” link up in the corner or something?
Website: I’m ignoring you.
Me: What if I’m on my phone because I’m out, looking for a place to eat? Didn’t that ever occur to you?
Website: Fuck entirely off.
Me: (gives up, switches to computer)
Website: Oh! Hi! What can I help you with today?
Me: What are your —
Website: Hang on, I’m loading the music.
Me: Really.
Website: You’ll love it. It’s “Girl from Ipanema” arranged for steel drum and keytar.
Me: No, you don’t have to —
Website: Loading…
Me: All I want is —
Website: I SAID DOT DOT DOT.
Me: (drums fingers on desk)
Website: There we go. Isn’t that nice? It’s… what’s the word. Ethnicky.
Me: What are your hours?
Website: Take a look at our menu! It’s a PDF of a screenshot of a scan of a Word document printed on a dishtowel. With fonts!
Me: I don’t care. What are your hours?
Website: Don’t worry, the menu loads in a new window so the music won’t stop. Can I show you some broken images?
Me: What. Are. Your. Hou. Rs.
Website: I… I don’t know.
Me: (goes to Denny’s)

A short list of Chrome issues (beta 2)

Thu, 11 Feb 2010 21:59:11 +0000

blech:

An update on the issues listed in December:

[snip]

On the other hand, I am pleased to see that a request for the zoom button to instead maximise has been rejected as “Invalid”.

rejected as “Invalid”? I wholeheartedly approve.

nsurl: MagicPrefs I am investigating this immediately after I...

Thu, 11 Feb 2010 19:29:24 +0000

nsurl:

MagicPrefs

I am investigating this immediately after I press the “ReBlog post” button below.

These are the reasons why nevali.net does not have a comments box

Tue, 09 Feb 2010 23:00:39 +0000

(there are several, but people have asked)

Once upon a time, I had a comments box. In two years, I received two, perhaps three, legitimate comments. The number of spam comments (all detected as such and suppressed from view, mind), measured in the thousands. Because of this, I switched comments off—it just wasn’t worth anybody’s while.
I moved this blog to Tumblr a while ago. Tumblr doesn’t support comments natively; this I considered fine, because I’d already disabled comments on the old WordPress blog. I lost nothing in particular by way of this transition.
Third-party commenting systems are all terrible at what they do, in no small part because they’re drastically limited in how they can do it.
When I (occasionally) use somebody else’s comments box to reply to a post (if it’s there, I’ll use it—it’s only polite), I tend to find it an exercise in frustration. None of the niceties I have for posting are available when commenting on somebody else’s site. I’ve lost count of the number of comments which have inexplicably vanished into nothingness upon pressing the mysterious “Submit” button (which I am starting to believe in this context refers to what I’m doing myself, rather than what I’m doing to the HTML form).
On those sites I see which do have comments, and where they are actually used regularly, the signal:noise ratio is awful.
The Web has a built-in reply mechanism. It’s called the link. If I reply to something in a post, I’ll link to it. You do the same. Simples.
If you leave a comment on my blog (were I to, hypothetically, enable comments), I could delete it at will. The reverse also applies. I’ve seen those who are in favour of everything having the ability to retain attached comments mention that often the comments are more valuable than the posts themselves: if this is the case, do those comments not deserve to be posts in themselves?
The number of people reading this blog who would actually have something to say and don’t have some form of blog, journal, or other self-publishing system can be falls somewhere in the low zeroes. Whose blog system would you rather use to say something—the one you chose, or the one I did?
If I reply to you via my blog, the people who regularly read my blog (but not necessarily yours) will see it too. They may get curious, and have a look at what you’d posted originally. You might link to my comment, perhaps with a witty riposte of your own, and the same applies in reverse. Et cetera.
If you think you need comments on your blog because otherwise people wouldn’t know how popular you are, you’re doing it wrong.

Oh sweet lord, it’s WORSE

Fri, 05 Feb 2010 22:27:51 +0000

Regarding my last post, it turns out I was wrong. It was actually Mac OS X translating the extended attributes, not the NFS server.

Mac OS X turned the xattrs into resource forks, and promptly AppleDoubled them.

Gee, thanks, Apple.

Does it work like this yet?

Fri, 05 Feb 2010 22:24:32 +0000

I want a couple of things:

A (disk) filesystem which works on multiple platforms which supports extended attributes (the easy part)
Mac OS X never ever resorting to AppleDouble if the filesystem supports extended attributes (actually, I’d like it if Apple just ditched resource forks altogether in favour of extended attributes, but there’re probably a whole bunch of compatibility reasons why not, irrespective of capabilities).
A network filesystem supported by both Mac OS X and other platforms which supports extended attributes (provided the on-disk filesystem underneath does)

Can I do this with NFS, or will I get AppleDouble cruft all over the place?

The answer, apparently, is “no”.

Exporting a ZFS filesystem from an OpenSolaris host to Mac OS X (10.6.2, since you ask) via NFS works swimmingly.

I can set and read xattrs from within Mac OS X.

I haven’t quite figured out how read them in Solaris: I’m not sure if either Mac OS X or the NFS server are doing some kind of translation. I’m guessing the latter is.

Meanwhile, setting a custom icon on a folder still litters the folder with AppleDouble cruft.

I can live without being able to read xattrs from within OpenSolaris, but is there some voodoo global setting that I can apply in order to use xattrs in preference to AppleDouble? Pretty please?