Google’s reCaptcha cracked again

A couple of important points here. What was theoretically broken was the audio alternative option in reCaptcha. Bad but not as bad as it could be. What is probably worse, though, is that an exploit has been previously published of this same option, in fact using Google’s own voice processing API’s against it. Nothing about how Google can or will shore up this vulnerability.
Read More …

2016-01-03 The Command Line Podcast

This is an episode of The Command Line Podcast.

This time, I chat about some recent news stories that caught my attention, including:

You can subscribe to a feed of articles I am reading for more. You can follow my random podcast items on HuffDuffer too.

You can directly download the MP3 or Ogg Vorbis audio files. You can grab additional formats and audio source files from the Internet Archive.

Creative Commons License

This work is licensed under a Creative Commons Attribution-Share Alike 3.0 United States License.

Nexus 7 Obsession

It has been a while since I talked about my mobile devices, just a bit over a year. You could say that I have happily realized everything for which I bought my Nexus 7. To address my sole complaint at the time, I even upgraded to the 32GB model when that came out. When I bought the 2nd generation model when that came out, too, well then I may have been given in to a bit of an obsession. In my defense, I only bought the two successive upgrades after arranging to sell the old ones so that they’d avoid the landfill and I was only paying an incremental cost.

Having lived with just about every model of this device, except the fully mobile data enabled ones, I have a few thoughts I want to share, about the devices themselves, an emerging concern, and a bit of an obligatory review though not for the tablets themselves.

Having such a strong relapse of my old gadget obsession is a pretty solid endorsement of these devices, for starters. The Android OS has come a long way, in terms of fit and finish, so much so that while I have been tempted on non-Google experience devices to try an aftermarket firmware like CyanogenMod, I have not felt that same urge with the Nexus 7. Everything just works and the experience is seamless.

Unlike the popular, fruit themed alternative, that extends to my ability to run open source apps and services and have them integrate very well into the overall device. I have another long overdue post in mind discussing my reasons for moving away from some Google services to alternatives that I control, specifically for data where on principle I would be upset or concerned if Google received a demand for that data.

I actually wasn’t going to buy the third tablet in this compulsive series. On paper, it seemed like a truly marginal improvement over an already stellar device in the first generation incarnation. When I mentioned selling my old devices, what I ended up doing was using them as part of teaching my kids responsible technology ownership. I have been supporting both in cultivating good spending and saving habits. After depreciating even relatively new devices considerably, they proved to be approachable and attractive rewards for their efforts.

Well, I should say, I did this with the first tablet with my older son who had been working on his responsible personal finance skills longer. When the 2nd generation Nexus 7 came out, I was tempted but figured I could wait until I had gotten a much greater use out of my 2nd tablet. That was the plan, until I realized that my younger son still had the oldest hand me down tech in the house, was learning the same lessons about responsibility, and it would simply be more fair to offer him the same deal, which just would happen to offset the cost of a new tablet for me enough to make it more of an impulse decision.

That’s what I tell myself.

Now comes the reservation, in the form of a thought provoking piece by Ron Armadeo on Ars Technica. It is well worth the read, the whole thing. With Microsoft buying Nokia, rumors of a buyout of Blackberry, and at this point everything but iOS and Android pretty being an also ran, the thought of Google following Apple’s lead into a more tightly controlled roadmap is chilling. It bears watching as Google has frustrated me before with similar turns away from the more open origins of several of its projects. Unlike iOS, at least there are still a few viable alternatives for the truly dedicated who wish to take a stand on the extension of the principle of user control from data to full devices.

And not to close this post, the obligatory bit, in the form of a quick product review.

I generally am skeptical of cases for my gadgets. I’d much prefer that they be able to withstand ordinary use well enough on their own, if not accrue an attractive patina over time. Silly but I really like the idea and I think it has actually been key to my otherwise much more staid approach to gadgets in recent years.

Unfortunately, the original Nexus 7 really did need a case. The gray plastic on the bezel was prone to scratches and the soft, leather like back did manage to get a nick or two, even in the short time I had each model of the 1st generation.

I tried a keyboard case but gave up on that as its lesser build quality saw it discolor in a way that made it obviously no longer match the device. The way it fit onto the tablet, it also was starting to lightly scratch the merely resistant screen. I tried a slim-line leather or leather-like case, which worked well until the piece holding the cover started to fray. For the 1st generation, the best case I tried was the stock one offered by Google in their own store. It fit snugly, it didn’t add any stress on the tablet itself, and it held up well. The cover was not a smart cover, nor did it quite work to prop the tablet up, but just to keep the tablet in good shape floating around in my bag, it fit the bill.

There is a similar case for the 2nd generation but I didn’t get that, I wanted something a little smarter, to go back and try a few more options. The build quality of the 2nd generation seemed to be higher, anyway, with the nick prone gray bezel replaced with a tougher black plastic piece. Even the grippy back seemed more like a durable rubber rather than a patterned leather so far less prone to scuffing.

While considering my options, I received an email from a case maker, The Snugg. I am not sure their press person actually read very deeply on my site because they initially offered me an iPad or iPhone case for review. I asked if they’d send me their case for the 2nd generation Nexus 7. After looking it over, it fit my policy of only accepting items for review that I might buy anyway on my own.

Despite sending me a color other than the one I requested, I tried it out for a few weeks. The short takeaway is that I would have happily bought this on my own. Unlike the last case in this style that I tried that frayed after a few weeks, the construction quality on The Snugg is quite high. The cover is a smart cover, triggering the sensor that matches the devices wake and sleep functions to opening and closing the cover. There are also a couple of magnets that help secure the lid when it is closed but gently so that it is still easy to flip open when fumbling for the devices on a crowded train for my usual commute reading. There is even an elastic strap built into the back that sits away flush when not in use but can be used to help hang on when using the tablet one handed.

My sole complaint with the case isn’t a problem with The Snugg per se but this style in general. The construction and choice of material means it is a tad on the bulky side. That can be attractive, if you want something with an excellent executive style, like an old school leather folio. The combination of that, though, and the very thin bevel on the long sides of the Nexus 7 made using the full screen, such as with the vast array of indie games I have accrued via the Humble Bundles, a bit frustrating at times.

Ultimately, just because of my personal preference and past experience, I bought the new Google designed case. If like me you want something a bit more snug in the hand and in your bag, this is a good choice. The cover is not a smart cover though despite the marketing text in the ad description so bear that in mind. If you want something with a classic style and the smart cover is a must have, I can definitely recommend The Snugg.

Measurement Lab and Google Summer of Code 2012

I rarely post directly about my day job but wanted to reach out that firmly on my head for a second since I know there are a fair number of hackers in amongst my readers, several of whom I have heard from are also students.

The main project on which I work, Measurement Lab, has been accepted as a mentoring organization for this year’s Google Summer of Code. We are acting as an umbrella for one sub-project of our own and two other fantastic, network measurement related ones (DONAR and Paris Traceroute.)

Please take a moment to look over our ideas page and either consider submitting a proposal or sharing with any students you may know who might be interested.

Are We Really Stuck with Plus-ified Google Reader?

There has been much furor over the deprecation of Google Reader’s built-in social tools, especially the ability to share feed items with comments.

The first problem with forcing Reader users to shift over to Plus is that it brings many more people directly into conflict with the much debated real name policy for the search giant’s shiny new social network. Feed reading and curation is often closely associated with blogging, an activity that has a long and respected tradition (despite the occasional conspicuous failure) of anonymous and pseudonymous authorship. Many such users previously had an easier time following Google’s own advice to not use Plus if they are not in a position to use a real or common name.

This leads to the second problem with Google’s stance on not just this change, but now a couple of recent policies. Namely they have been espousing the view that if you don’t like how they run their services, you can export your data and use some other tool. Richard MacManus at ReadWriteWeb takes a pretty dim view of that recommendation, reasoning that the popularity of Reader has killed off the alternatives.

I agree only in so far as if you want a feed reader that is accessible from multiple machines, remembering the state of what you have or have not read and offers the ability to directly curate items from the reader, as opposed to using a blog or tumblr, then Google’s stance is indeed incredibly disingenuous.

The optimist in me, however, hopes that Google’s ham-fisting of Reader shakes enough free software and open source developers loose from their complacency to quickly spin up some compelling alternatives. I think there is some serious low hanging fruit here in the form of bridging between the feed reading capabilities in Mozilla’s Thunderbird and their Sync service, a secure and extensible means of sharing state between multiple instances.

Another Example of Why I Question Some of Google’s Technical Decisions

@gnat brought to my attention a Hacker News post by JavaScript creator, Brendan Eich, that tries to unpack the real motivations and possible outcomes of Google’s recently announced in browser programming language, Dart. I’ll admit the day job has been keeping me so busy that while I saw the announcement, I didn’t have time to read through even the high level details. Eich hits on the most salient points in his criticism of Google’s disingenuous move to “fix” what it deems as “unfixable” in JavaScript by claiming to be advancing an open replacement.

We’re in a multi-browser market. Competitors try (some harder than others, pace Alex Russell’s latest blog post) to work together in standards bodies. This does not necessarily mean everything takes too long (Dart didn’t take a month or a year — it has been going longer than that, in secret).

[…]

Dart goes the wrong way and is likely to bounce off other browsers. It is therefore anti-open-web in my book. “The end justifies the means” slaves will say “but but but it’ll eventually force things to get better”. Maybe it will, but at high cost. More likely, it won’t, and we’ll have two problems (Dart and JS).

Honestly, I am a little sick of the hubris that accompanies decisions like this. I’ve explained my admiration for Mozilla repeatedly before as an increasingly necessary counterbalance to Google’s now established pattern of eschewing community developed open standards in favor of its own efforts. Chrome instead of Firefox, Web-M instead of Theora, Plus instead of a federated social network approach using ActivityStreams, OStatus, etc.

In the interest of disclosure, and fairness, I collaborate daily with folks at Google. They do much that is needful and even admirable. In this one area, however, I think there needs to be more forcefully and clearly asked questions each succesive time Google charts its own way, often at the expense of the open web community.

Brendan Eich on Hacker News, via @gnat

YouTube Now Saves All Videos in WebM

Marshall Kirkpatrick at ReadWriteWeb has excellent news in the struggle for open standards based video on the web. Google will now save all videos uploaded to its YouTube sharing services in WebM, the format it released as open source and unencumbered by patent royalties last year.

YouTube is announcing this afternoon that all videos uploaded to the site are now saved in WebM format, as well as other supported formats including Adobe Flash. 30% of the YouTube archives, making up 99% of the views, is now available in WebM as well and the full archives are being put in the new format as we speak.

Kirkpatrick also explains how the format has been progressing to address some of the technical criticisms around its quality and performance. It should only be a matter of time before both Chrome and Firefox pick up these changes as both now support rolling release models rather than infequent, monolithic updates.

I am glad to see Google shift direction after its initial reluctance to use the open codec as the default for YouTube. Such deep support from one of, if not the most, popular video sites on the web may prove a watershed in the adoption of WebM as a de facto standard for online video. I don’t expect the MPEG-LA to take this lightly.

YouTube Now Saves All Videos in Open Format WebM, ReadWriteWeb

Google Reveals Plan to Only Support Open Video Formats in Chrome

Mike Melanson at ReadWriteWeb, among others, has this latest development with regard to video standards on the web. With the adoption of the video tag into HTML5 minus a default codec, the question has largely been left to browser makers to decide via their share of users. Apple has of course been backing H.264 in which it has considerable stakes invested. Mozilla has maintained a commitment to open and unencumbered standards, supporting Ogg Theora and then WebM, the format and codec that Google freed, but not H.264.

Up until now, Google had been playing Switzerland supporting both open and proprietary codecs in Chrome. Melanson quotes a Google blog post explaining their change of heart to focus exclusively on open formats and codecs.

We expect even more rapid innovation in the web media platform in the coming year and are focusing our investments in those technologies that are developed and licensed based on open web principles. To that end, we are changing Chrome’s HTML5 <video> support to make it consistent with the codecs already supported by the open Chromium project. Specifically, we are supporting the WebM (VP8) and Theora video codecs, and will consider adding support for other high-quality open codecs in the future. Though H.264 plays an important role in video, as our goal is to enable open innovation, support for the codec will be removed and our resources directed towards completely open codec technologies.

The blog post also credits the openness of WebM for its rapid improvement and adoption since its first availability. That may be a relatively fair assessment but Google’s backing no doubt had a lot to do with it, too. By comparison Ogg Theora has developed at a slower pace with much shallower adoption. I think the unencumbered nature of WebM makes it attractive to partners who otherwise might feel they are giving up too much control to Google while the backing of the search giant attracts those more interest in support and maybe a hope of indemnity if anyone ever makes good on submarine patent claims. It is nice they are crediting the open nature of the technology but it isn’t the whole picture.

More staunch critics of Google’s motives are already pointing to continuing support for Flash, asking why the commitment to open technologies doesn’t extend to dropping Adobe’s plugin. I am simply happy that Google is acting to shift the balance in one instance even if other questions are unanswered. It will be a few months before this change percolates from Chromium, the open source branch, into the more consumer facing Chrome anyway. We’ll need more time beyond that to see if the move to drop H.264 support has any noticeable effect on video producers and sites for distribution. *cough* YouTube *cough*

Google Says It’s Open or Not At All for Video on Chrome, ReadWriteWeb

feeds | grep links > Wikia 2.0, Google-Facebook Hissy Fit, and More

  • One next step in the wiki’s evolution merges in the social
    As Mike Melanson at ReadWriteWeb explains, this announcement for Wikipedia founder, Jimmy Wales, reveals what is coming for his commercial venture, Wikia. I am relieved that similar plans are not in the offing for Wikipedia itself. Given how Wikia has struggled to gain traction, with a rising tide of me-too services further diluting the field, embracing social features may yield a needed shot in the arm.
  • Google-Facebook hissy fit over data portability
    Mike Melanson at ReadWriteWeb has the latest turn in a largely tiresome spat between the two web giants. I think Google’s competitive zeal against Facebook is clouding their better judgment, though the messaging is pretty funny. Rather than enlisting users or sprinkling code-based caltraps, I really think Google should stick to the ideal that informs their internal Data Liberation Front. Sinking to Facebook’s level is just going to prolong the delay before data portability wins out.
  • Citizen Lab develops project to map out RIM’s concessions to government, Citizen Lab
  • European commissioner lambasts copyright middlemen, TorrentFreak