Talk To The Moose Parody

This video requires a little explanation for overseas readers. GAP ran a commercial titled “Talk To The Moose” in the US during the 2009 holiday season that was notable for featuring several young girls dancing and singing what became an Earworm for some people thanks to a fair amount of air time.

I’m not sure if the cute factor or the Earworm was the marketing approach.

The side effect of a commercial being memorable for any reason is that these days we get parodies thanks to the Internet! I’m pretty sure this one was filmed with alcohol nearby, but perhaps that’s what makes it so great. The painful looking flip is what puts it over the top. I’ve got a few side-by-sides because despite being so poor (in a funny way), it’s actually a surprisingly pretty good parody.

Tech (General)

Luxury Markup

Audioholics has a must read review of the $3,500 Lexicon BD-30 Blu-Ray player.

What did they find? It’s actually the $500 OPPO BDP-83 inside a new case. Literally. They put the entire chassis inside, not just the components. Then they did some audio measurements and found they also matched. Not just close but identical.

The Lexicon BD-30 is THX certified while the OPPO BDP-83 is not, however THX certification requires paying licensing which OPPO Digital declined to do. People who bought an OPPO BDP-83 apparently got a THX worthy system for a fraction of the price though Audioholics deputes if the device is totally up to par.

This reminds me of the $500 ethernet cable. Or Gizmodo’s case against Monster Cable.

Lots of people assume a higher price tag equals better quality. That’s often not the case.

[Hat tip: The Consumerist]


Microsoft Entourage Calendar Cache Problem

I’ve noticed that Microsoft Entourage 2008 sometimes falls out of sync with the Exchange server. This results in missing or outdated events on a calendar. When you use multiple computers and webmail this can become annoying. I’ve traced the problem to the cache in Entourage 2008 becoming either corrupt or stale for some unknown reason. Clearing the cache can be done manually (right click on the calendar and go into “Folder Properties” then press “empty cache”) or can be automated.

Obviously I prefer the automated route. Here’s the AppleScript I wrote:

set accountIterator to 1
tell application "Microsoft Entourage"
        if (exists Exchange account accountIterator) then
            empty cache of every calendar of Exchange account accountIterator
            set accountIterator to accountIterator + 1
            exit repeat
        end if
    end repeat
end tell

Save it as a script, I’ll call mine clearCal.scpt. Now place it somewhere. I’ll use /Users/me/clearCal.scpt.

Now in terminal open crontab via crontab -e and enter the following obviously adjusting the path to point to the script:

0 8 * * * osascript /Users/me/clearCal.scpt

Save (ctrl-o) and exit (ctrl-x).

This will run the script at 8:00 AM every morning and clear the cache. I’m pretty sure this will only worked if your logged in, which is fine for me.

Warning: Clearing the cache means that if an event wasn’t sync’d to the exchange server it will be lost. In my case I find this to be the lesser evil. Obviously if you use this, it’s at your own risk.

Google Security Web Development

The Future Of SSL

Google announced the other day that it will now enable HTTPS by default on Gmail. Previously a user had to either manually type in HTTPS or change a setting to default to it, something most people likely never bothered to do. Google says it’s not related but it seems oddly coincidental that this chance coincides with its China announcement.

However Gmail using HTTPS is not the big story here.

The big story is that HTTPS is now being used in places where it before was considered excessive. Once upon only financial information was generally sent over HTTPS. As time went on, so did most website login pages, though the rest of the sites often were unencrypted. The reason for being so selective is that it’s more costly to scale HTTPS due to it’s CPU usage on the server-side, and it’s performance on the client side. These days CPU is becoming very cheap.

In the next few years I think we’ll see more and more of the web switch to using HTTPS. If things like network neutrality don’t work this trend could accelerate at an even quicker rate just like it did for P2P using MSE/PE to mask traffic.

Like I said, these days the CPU impact is pretty affordable, however the performance impact due to HTTP handshaking can be pretty substantial. Minimizing HTTP requests obviously helps. HTTP Keepalive is a good solution however that generally results in more child processes on the server as they aren’t freed as quickly (read: more memory needed).

Mobile is a whole different ballgame since CPU is still more limited. I’m not aware of any mobile devices that have hardware to specifically handle SSL, which does exist for servers. Add in the extra latency and mobile really suffers. Perhaps it’s time to re-examine how various Crypto libraries are optimized for running on ARM hardware? I think the day will come where performance over SSL will matter as it becomes more ubiquitous.

Security Software

Two Security Updates

This patch Tuesday I have 3 updates for this XP box. Two of them seem rather similar yet one is given a title that’s much more obvious than the other. Why is one a “security update” and the other merely an “update”. I’m guessing severity, but I don’t think this is very clear. For the “update” it should still be clear that it’s security related regardless of severity.

Security Update for Windows XP (KB972270)

Size: 555 KB

A security issue has been identified that could allow an unauthenticated remote attacker to compromise your system and gain control over it. You can help protect your system by installing this update from Microsoft. After you install this update, you may have to restart your system.

More information for this update can be found at

Update For Windows XP (KB955759)

Size: 1.1 MB

An issue has been identified that could allow an authenticated remote attacker to compromise your system and gain control over it. You can help protect your system by installing this update from Microsoft. After you install this update, you may have to restart your system.

More information for this update can be found at

Google Politics

Google vs. China

Google’s announcement about China is rather stunning in many respects from its candidness to the rather bold decision to potentially leave China over “[t]hese attacks and the surveillance they have uncovered–combined with the attempts over the past year to further limit free speech on the web…”.

Some may remember a few years ago that Yahoo! controversially provided information to the Chinese government that resulted in the arrest of Shi Tao and Li Zhi. There’s no evidence this impacted the decision but I would be shocked if it didn’t play any role.

It sounds like within the next few weeks we’ll know if Google and the Chinese government have come to an agreement regarding the censorship of search results. I suspect this is only a tiny part of the full story regarding

Mozilla Programming

The Jetpack Debate

I’ve generally found Jetpack to be pretty cool. It’s easier to develop and I’m fairly familiar with both “traditional” extension development and jQuery so it seems natural to me. However I generally agree with Daniel Glazman’s blog post on Jetpack. I’ll even agree that closures can make code more difficult to read, though I think I’ve mostly adapted to it at this point.

Jetpack reminds me more of building JS “widgets” than extensions. I’m not sure I see the advantage of moving away from XUL which really isn’t “hard” for 98% of things (though XUL <wizard/> has admittedly made me say WTF a few times) to HTML unless some sort of portability were gained, but that doesn’t seem very likely at least right now. I haven’t seen any indication of intent either. XUL has the advantage of making good UI seemingly easy while HTML really doesn’t, though I’ll admit HTML5 is changing that.

The biggest problem I see with Jetpack is that too much of it is designed around existing needs. The problem with this process is that it’s always playing catch-up. The best extensions are disruptive and do things nobody ever thought of, or even thought possible. Looking at the Jetpack JEP list I see pagemods and toolbar. The kicker is these are “implementing” and “planning” respectively right now.

Things like jetpack.slideBar, and especially jetpack.lib.twitter make me feel a bit concerned. Why? Because they encourage too much conformity, and too many twitter client Jetpacks.

When developers are given such a sterile environment that’s intended to promote experience and stability it ends up inadvertently creating monotony and stalling innovation. If you want proof look at the iPhone. There are indeed some great apps and I say that as an iPhone user myself, but for each great application there are 1,000 that aren’t worth the price (which is often free). Many are just cookie cutter apps with a companies logo on them. Google used one undocumented API for a feature Apple didn’t think of providing a documented API for, and it was news worthy. While Jetpack distribution isn’t limited in the same way that iPhone apps are with the App Store the design questions still remain.

To quote Adblock Plus author Wladimir Palant:

…Jetpack has to support Adblock Plus, not the other way around. As it is now, Jetpack isn’t suitable for complicated extensions.

That’s the wrong order.

Around The Web Audio/Video

View From The Top Of Burj Khalifa

View From Top Of Burj Khalifa

Here’s an impressive video showing the view from the Burj Khalifa (aka Khalifa Tower aka Burj Dubai) in Dubai. Amazing.


Google Nexus One Shaking Things Up?

Google’s Nexus One is now out. Given that they distributed a phone to employees a few weeks ago, this isn’t surprising and we all pretty much knew what was coming for a long time now. Mike Pinkerton (Google Employee, Apple fanboy) has a great and rather candid review of his experience with the device.

Based on everyone’s reviews and looking at the specs it’s pretty obvious. It’s evolutionary rather than revolutionary. The big advantages the Nexus One has on the hardware side are CPU and a camera with flash. Apple is almost at the end of an upgrade cycle so it’s expected to be beat at this time. Apple’s next revision should catch up or beat in most respects. On the software side Apple could even things out quickly if it were to loosen its tight grip on the App Store and allow things like duplicate functionality. Generally speaking Apple already wins thanks to a more consistent and polished UI.

It’s pretty well-known Google isn’t looking to make money off of hardware, they want to make it easier for people to use Google services anywhere/everywhere. That roughly translates to: “we want you to view more ads”. Google is the King Gillette of the web. I’m pretty sure Google wouldn’t mind putting more apps on the iPhone and getting more eyeballs on ads. Google tried via the Google Voice App but was met with resistance.

The most revolutionary thing about it is how it’s sold directly from Google and will be pretty much feature equal across providers. You can either get it subsidized by a mobile provider (T-Mobile for now, Verizon later) or unlocked at a higher price. I’m surprised they aren’t providing their own subsidy on an unlocked phone to try to rattle the mobile market. Right now the vast majority of Americans buy phones subsidized by a provider essentially locking them into an expensive plan. People go for this because the thought of spending several hundred dollars on a phone is scary. If Google were to make an affordable phone that competed with subsidized phones but was unlocked, providers would need to start offering data plans to compete for those customers and essentially break out of the cycle that the iPhone helped strengthen. The main thing keeping people locked into plans is the phone subsidies these days. If the perceived value of that contract diminished the long-term plans would no longer be attractive and competition of hardware and service would be separate.

Of course the downside to this is Google would be throwing a ton of money to create chaos in the mobile market and likely upset mobile providers enough to march to the FCC and demand action (I doubt that would go anywhere though). Google however did make a mult-billion dollar spectrum bid in the past with the goal of keeping it open. Something they succeeded on despite losing the bid, which is possibly another win since this may have been a bluff to get policy. I’m not entirely sure they really wanted the actual spectrum.

If hardware and service competition were separate the mobile market would accelerate quicker since neither could rely on the other to make up for its shortcomings and keep selling. Each would sell or die based on its own merits.

Google’s said to have more phones in the works. I suspect at least one of those is a cheaper more affordable model that will at least partially attempt to open up the market and untie the cell phone from the provider.

Mozilla Web Development

Microsoft Joins W3C SVG Working Group

Microsoft is joining the W3C SVG Working Group. Presumably that means there’s some interest in SVG for IE or Silverlight or both. I wonder what led to the change of heart.

I pretty much wrote off any chance of SVG being mainstream in 2005 when Adobe bought Macromedia. Adobe was previously somewhat of a SVG pusher, but Macromedia obviously is the home of Flash. As expected the SVG love dried up. The gap that Adobe filled was adding support for SVG to IE. If IE supports it natively that’s a game changer.

Gecko already has decent support for SVG. WebKit has support for a while. Opera has support as well. Without analyzing in too much detail there should be a subset that’s usable across current browsers and hopefully IE by the time IE 9.0 ships.

I must admit given the choice I’m still more interested in Microsoft supporting <canvas/>, but no word on that as of yet. I’m still hopeful.

Hooray for web standards!