Posterous
James is using Posterous to post everything online. Shouldn't you?
N3101777_33384447_8881__1__thumb
James Aguilar
owns this site
17
subscribers
 

Out of James Aguilar

Lucky Number Slevin, and what it's like to be able to rate it mediocre

Lucky Number Slevin didn't get very good reviews when it came out in 2006.  I wonder what other fantastic movies were coming out to where you could compare it with them and believe it was only mediocre.  Wish we had those kind of movies coming out today.

Loading mentions Retweet
Filed under  //   movies   reviews  
Posted August 6, 2009
// 0 Comments

Mac vs. PC "Apples" to Apples price comparison

You may think that just after getting a new computer from work, I might hold off on buying another one for a while.  Not so.  When I got my Macbook Pro from Google, I also lost my only remaining Windows computer, my trusty old Thinkpad T60p.  Since gaming is still very much a Windows dominated area, I decided to go shopping for a new computer.

The process of buying that computer got me to thinking about the differences between Macs and PCs.  I often hear that Macs are more expensive, but I wanted to know by how much and what that means to normal people.  So I went window shopping.

In the following comparisons, all Mac prices are pulled from the Apple Store's website, and PC prices are pulled from CyberPowerPC.com (from whom I also bought my new computer).  If you are in the market for a new PC and want to configure but not build it yourself, I've found CyberPower's markups to be very small over the prices you might find on a site like Newegg.com.

Also in the following analysis I will completely ignore the "niceness" factor.  There's no question that the Apple devices compared here are better designed than the PC devices, and reasonable people could argue that OS X is also much better.  The question is: how much better is it in dollars?  That's what you have to ask yourself as you read these comparisons.

First up is the Mac Mini.  This is the computer for a price sensitive individual who doesn't care too much about performance and mostly wants to edit documents, photos, and browse the web.  Needless to say, a computer of these specifications is not even going to be able to load modern games on any but the most basic settings.  It's also got only a smidgen of storage, but that can be remedied with an inexpensive external drive.

The Mac doesn't fare too badly here.  It's only $300 more than a roughly equivalent PC.  Its form factor is an unquestionable win (the PC comes in a midsize tower case).  The PC has a faster processor, but slightly slower RAM.  It's probably advantage PC on speed, but let's be generous and call it a wash.  The Mac Mini comes with support for 802.11n wireless, but on the downside it can't power a 30" monitor without a separate DisplayPort to Dual DVI converter, which costs $100.


Ah the iconic iMac.  The idea of a display that has the computer built in is not new to Apple, but it is one of the few computing machines available these days that follows that philosophy.

For this PC I wanted to get RAM equivalence, so you can see that we've upgraded the PC to DDR3 RAM.  Unfortunately, as far as I could tell it only comes in increments of 3 GB on the CyberPowerPC configuration pages.  Also, CyberPowerPC doesn't sell any Core 2 PCs with DDR3 RAM, so we had to step up to a Core i7.

In this matchup, the PC is substantially more powerful.  The Core i7-920 is an enthusiast processor and absolutely blows the 2.93 GHz Core 2 Duo out of the water.  The PC also has two additional GB of RAM, and all of the RAM is faster than the Mac's RAM.  On Apple's website, an additional 4GB of RAM would cost $1000, so you might say that we should increase the price of the Mac by $500 to get parity.  Again, let's not kick Apple while they are down.  The PC also has a slightly larger hard drive.

For graphics, the GT 120 is just a rebranding of the 9600 GT, so the PC and Mac have equivalence.  Likewise, the displays have the same specs, although I think most people will agree that Apple's Cinema displays are more attractive than a standard PC display.

Overall, we're looking at a much more powerful PC for about $500 less than what you would pay for the equivalent Apple computer.


Now we're getting into the realm of the enthusiast/professional.  This is a no holds barred battle, and the trend of price difference is beginning to make itself plain.  The more powerful the computer, the greater the price differential between a Mac and the equivalent PC will be.

Once again, because of differences in selection options, we've been forced to make some concessions for the PC.  CyberPowerPC doesn't have a Xeon option as far as I can tell.  The Core i7-975 is once again a much more powerful processor than the Xeon Quad, and it shows in the price tag (the Core i7 is 50% of the PC's total price).  Once again the PC has slightly faster RAM, but this time at least we've got the same amount.  The graphics are also equivalent.  Additionally, we've RAIDed the hard drives on these two computers.  Once again, the Mac comes in slightly smaller on disk capacity.

This CPU is complete overkill for any application (on both the Mac and the PC side, but more so on the PC side).  No one should be buying any Intel processor with Extreme Edition.  And Intel should rename the processor series the "here's my credit card do whatever you want with it" edition.  If we were willing to accept slightly worse CPU performance than the Mac, then the price of the PC would come down $500.  Once again, though, I don't want to kick Apple in the face while they are bleeding on the sidewalk, so I'll refrain.

Even this computer is not very good for playing games.  Unfortunately, no Apple computer comes equipped with the right kind of graphics to play modern games on any display larger than 22".  This was one of the biggest disappointments while browsing the Apple Store.

To conclude, I really like the Mac I have.  I am glad I traded in my Windows laptop for it.  I would probably not buy a Mac for my own computer, but Google is apparently not as price-sensitive as I am.  They are indeed nicer, but the differences in specifications at a given cost are far too high.  Unreasonably, insanely high.  For anyone who would like to experience OS X but not pay Apple prices, I suggest you look up the term "Hackintosh."

Loading mentions Retweet
Filed under  //   tech  
Posted August 1, 2009
// 1 Comment

Tired of long voice mail instruction messages?

"To page this person, press five now. At the tone, please record your message. When you are finished, you may hang up, or press one for more options."

I hate hearing this message, and I wish I had the option to turn it off.  I know how to use the darn voicemail.  If you feel the same way, check out this article and consider writing in a complaint at one of the addresses listed in the article.

Loading mentions Retweet
Posted July 31, 2009
// 0 Comments

Things I like and don't like about my new mac

Like:

* The font rendering is beautiful.

* The single menu bar at the top of the screen rather than the per-window bars.

* The way the dock encourages me to close windows rather than applications.

* The physical hardware is unlike any computer I've ever used.

* Multitouch touchpad.

Dislike:

* In finder, there is no way to set the default view to "list" for all folders at once.  Since list or column views have been shown in UI studies to be more efficient than icon views, I think I'm within my rights as a computer user to demand that my file browser always use them.  Apple seems to disagree.  What an embarrassment.

* I am having trouble (so far) getting used to the way home and end go to the start and end of the page rather than the line as they do on Windows and Linux.

That's all for now.  I'll be putting together a short list of things that any Linux or Windows user should do when they switch to a mac some time as well.

Loading mentions Retweet
Posted July 29, 2009
// 6 Comments

Old car at google

Saw this old car parked (illegally, in a fire zone) at google. I have no idea how old it is except that it looks and smells a good bit older than me.

   
Click here to download:
Old_car_at_google.zip (235 KB)

Loading mentions Retweet
Posted July 28, 2009
// 1 Comment

Declined - A Short Credit Card Story

Ever wonder what happens when an online retailer has its customers' credit card information stolen en masse, yours among them?  In my case, it means your Visa gets declined at Baskin Robbins with no prior notice.


I called BofA up and asked them about it.  Their representative said, "Oh, you won't have received the letter yet.  Well, your credit card number was stolen, so we invalidated your account."  On one level, OK, that's wonderful.  On another, it's not really that great when you don't get any notice and it turns up with my card being declined.  Where would I have been if I had had to pay for dinner and my Visa was the only card I had on me?  

At least send me a flipping email about it instead of leaving me vulnerable to this kind of embarrassment for five days without any warning.  You do have my email address -- I know this because I receive regular bill payment alerts from you.  Or pick up the phone and dial me.  I know it's old fashioned, but a little customer service really can go a long way.

We're done professionally, Bank of America.  You can have my deposits (for now) but I'll be shopping for another credit card carrier.

Loading mentions Retweet
Posted July 27, 2009
// 0 Comments

Time's Website Is Too Slow

I was trying to look at this photo essay about Detroit's decline on Time.com, but I ended up having to stop.  The website is too slow.  I couldn't find a feedback form, so I am just writing about it here.


Time, if you're reading this, your website is too slow.  There's no reason for the full page to reload every time I click next.  If you can't handle that, then put multiple pictures on the same page to amortize the latency cost to me.  A good metric is that if it takes significantly more than a second to load the page, and especially if you want me to load the page a lot of times in light of that delay, then you should not expect me to visit again.

Loading mentions Retweet
Posted July 18, 2009
// 0 Comments

The Anti-Sec Debate

Beware.  Opinions of limited authority follow.


----

Recently there's been a lot of talk about the "anti-sec" – anti-security -- movement.  They are a group that attacks security-minded websites, especially those that publish exploits for known vulnerabilities.  They justify themselves by claiming that the security industry, through its general policy of "full disclosure," is actually more guilty of compromising security than the hackers they supposedly protect against.  A lot of people think they are bad guys because "information should be free."

The policy of full disclosure is a means by which security experts convince software makers to fix security problems.  The way it typically works is that a security expert will discover a bug that compromises the security of an application.  They will disclose this bug to the software's manufacturer, then later to everyone.  During the window after learning of the bug, the software manufacturer must fix it or substantially risk the security of its users and long-term business.  The policy's origin is the bad old days, when software makers did not immediately fix security vulnerabilities upon being notified.  Full disclosure's proponents say this method enhances security by giving companies a concrete, probable timeframe for exploitation of a weakness, which demands a fix with more urgency than the possibility that a bad guy will find the vulnerability and exploit it.

Full disclosure is a morally shaky stance.  A real-world metaphor is a housing developer who builds a development in a war zone.  Throughout this warzone, mines have been placed that can be triggered from secret locations around the area.  Security experts look for the mines' triggers and contact the developer when they discover such a device.  They say, "Find and diffuse this mine within a week, or we will disclose the location of its trigger to parties who would benefit from your downfall."  Most of the time, the developer will fix the mines within the timeframe.  Rarely he cannot or does not and some of the homes he has built (and their owners) get blown up.  The security expert publishes the location of the trigger and says, "I'm pretty good at finding these things.  Look at this one!  You should contract with me so you can have me searching for the triggers to your mines full-time."

The morally questionable part is when you threaten to tell the location of a weapon to anyone who is interested in order to force some action.  No question it's legal.  Ethically, I would not want to be the one making such a threat.  Moreover, it may not lead to better outcomes for users.  Full disclosure might be less altruistic than the security industry in general has admitted.

For users, if a bug isn't fixed but also isn't disclosed by the security industry to the general public, the odds of it being widely exploited seem to be relatively low.  (The justification for full disclosure in the first place is to induce companies to fix bugs that they otherwise would not on private disclosure, presumably because they feel that rediscovery by malicious parties is unlikely.)  And because of implementation or deployment delays, vulnerabilities often still exist "in the wild" when disclosure occurs, increasing users' exposure to attack.  I am not sure of any exact numbers, but it seems likely that full disclosure is responsible for many of the exploits that currently exist, and such exploits mostly target unpatched software.

 

(A large part of the remaining exploits might come from the fixes themselves, since attackers frequently search for the vulnerabilities fixed by security patches and make exploits to attack unpatched systems.  Such exploits, when "disclosed," provide even less utility to the general public than the full-disclosure practiced by typical security researchers.  This is why Microsoft recommends that you install security updates immediately.  Even if an exploit for a patched vulnerability didn't exist before a patch's release, it won't be long until one does after update Monday.)

The argument for full disclosure defeats itself.  If software makers would not fix bugs without full disclosure, then the odds of bugs being found again must be relatively low.  But if this is the case, then the importance of getting those bugs fixed and transitively the moral justification for holding a gun to software makers' heads is absent.

Security researchers probably believe that they are being altruistic by fully disclosing bugs.  They are giving away their work "for free."  But I don't buy it.  When we look for the cause for human action, self-interest is always a good place to start.   What do security researchers get from full disclosure?  Recognition and advertisement mostly, and maybe personal satisfaction or pride.  I'm not familiar with the standard practices of engagement with security researchers, but if you engage one to work on your product he will only practice full disclosure if you allow it in the contract.  So employment, or to put it another way, hush money, is another benefit.

 Everyone has to eat.  The threat of full disclosure allows security researchers to do so while providing the valuable service of vetting software.  Without full disclosure, it would probably be much more difficult to work full time at security research.  If we believe that the practice of full disclosure is wrong, only two things can be done:

  • Make it against a bug-finder's interest to disclose a bug.  Make it illegal.  Then no one will release bugs under their own name, and the third party security industry will decline.  (This is not necessarily a good outcome.  Internal security can only do so much, and bugs will still be disclosed anonymously.)
  • Give the bug-finder an incentive to keep the bug hidden.  For example, provide significant bounties for undisclosed bugs.  For example, pay the researcher a cut of what it would have cost  the company to deal with the fallout had the bug been disclosed.

 

Loading mentions Retweet
Posted July 12, 2009
// 0 Comments

For the audiophile who would rather maximize than minimize

Why use a single hard drive when you can take up an entire house wall storing all the CDs you never listen to? Not surprising to see this in skymall, the magazine that's all about helping rich people waste their money in full view of all their friends.

Loading mentions Retweet
Posted July 12, 2009
// 0 Comments

Loading mentions Retweet
Posted July 11, 2009
// 0 Comments