Monday, May 11, 2015

Why would anyone use Windows on a Raspberry Pi?

For the last few weeks, I've been trying to come up with a reason why anyone would want to use Microsoft Windows for projects on the Raspberry Pi 2. I can't. In fact, the more I think about it, the more it seems like this is just another 'us too' move by Microsoft.

Think about it: you're not going to run the full desktop version of Windows 10 on the Pi. It's simply not powerful enough to do that and have any kind of usable system. That means you're likely going to have to run a command line version of Windows and, really, for the most part, Windows users are terrified of the command line. That alone is going to knock out a good segment of potential users.

Next, let's look at the tinkerers. Those people are generally not afraid to get their hands dirty and mess with the underlying OS, including using the command line. Those people are likely not using Windows for their current projects because it lacks the one thing they crave: control. They're using Linux.

Once upon a time, one could make the argument that the benefit of using Windows on these type projects might be having the ability to code in C#. With the open sourcing of the core .NET framework and the progress open source projects like Mono have made, that's not compelling. Plus, let's be honest, even if you couldn't use .NET, any programmer who's learned C# or any other major programming language could pick up enough Python in a weekend to do most or all of their Pi based project.

No, there just isn't a single reason I can think of to use Windows on the Pi instead of Linux. Microsoft would be better off giving up on Windows on the Pi and focus on making some really compelling add-ons for the device. Like, maybe, bring Kinect to it? Now that would be useful.

Tuesday, March 17, 2015

Defending PHP

Yesterday, the developers of the ownCloud project posted a great blog entry explaining why ownCloud chooses to use PHP instead of one of the 'sexier' languages like Ruby on Rails or Node. Overall, I agree with their defense. There's nothing particularly wrong with PHP, despite what we keep being told by the independent developer elite. Sure, PHP has its quirks and it's got it's fair share of 'gotcha' issues that can bite an unfamiliar developer in the ass, but so does every language including the darlings of Internet development.
language like Ruby on Rails or Node. Overall, I agree with their defense. There's nothing particularly

Bad code isn't produced by programming languages. Bad code is produced by bad programmers. I've seen some absolute monstrosities written in Java, C#, Python, and dozens of other languages by developers who never really took the time to learn their tool because they were too busy chasing the hot new language on the block. Likewise, I've seen some amazingly elegant code written in PHP, written by developers who'd taken the time to learn the language and stick with it instead of jumping around when the elite of the development world start saying their language isn't cool anymore. Those developers get a cursory glance (maybe work through a book in a weekend) and never cozy up to the language to learn its curves.

I'm not saying PHP is perfect - it's certainly not. But no language is perfect. If you talk to any serious developer they can likely name a dozen annoyances about whatever their language of choice is. They keep using that language because they've taken the time to learn it. They know what to expect from the language and have embraced it. PHP developers, the good ones anyway, have done the same.

Want to stop writing bad and kludgey PHP code? Stop being a bad programmer. Take time to learn the language, massage its warts, and embrace its differences. You'd be surprised how much more productive you'll be and how much more elegant your code will become.

Saturday, February 14, 2015

Dear Mr. President: Let's talk about data encryption and the right to privacy

Dear President Obama,

In a recent speech, you said you wanted an open, public, discussion about data encryption. Great! Open, public, discussions between the citizenry and our elected officials are always interesting and useful so let's start to have that discussion. Right now, right here, just you and me.

Mr. President, you're a fairly young man who, I assume, isn't particularly savvy with advanced technology. That's not meant to be a disparaging comment, not all of us are. Some people are good with tech, others fill different roles and don't need to be good with tech. You fall into the latter category. But I bring this fact up because, not being a tech-centric guy, you likely don't remember the 'crypto-wars' of the 1990's. They were a brutal time when the government, much like this government, thought that all manner of crime would run rampant if they didn't have access to secret, encrypted, communications.

The government at the time tried various ways to protect itself from 'the bad guys' having encryption. They tried to say it was a weapon and could not be exported outside of the United States, they tried to convince people to store a copy of their encryption keys with the government 'just in case', and none of that worked. Ultimately, the Clinton administration gave up and encryption became the widespread beast it is today.

You know the weird thing, Mr. President? Online crime didn't skyrocket like the FBI and NSA had predicted, the government didn't 'go dark' where it couldn't enforce laws and catch bad guys. Sure, some bad guys might have used encryption and gone uncaught because of it, but the vast majority of them just didn't care. Most criminals just aren't that smart.

Today, many in our government are making the same arguments that were made in the 1990's. The same claims about law enforcement 'going dark' are being bandied about and the same players are the ones saying it.  Except now they're using scarier words like 'terrorism' and 'protecting the homeland from attack' and 'ISIS'. But the fact of the matter, Mr. Obama, is that criminals still aren't that smart. The vast majority of bad guys still aren't using encryption - or at least aren't using it properly so, really, law enforcement isn't particularly that locked out.

You've recently started talking about how the creators of security and encryption software should build in secret back doors that "only the government" can access when there is a "compelling need". This was actually one of the arguments the government made in the 1990's and here is why that doesn't work (please read this next statement carefully):

There is no way to build a government back door that only the government can access. Once the backdoor is there, it's open to anyone who knows it exist and knows how to open it.

This will include Russia.
This will include China.
This will include run-of-the-mill hackers

Everything that is wrong with the 'let's install a government backdoor' argument can be summed up in the statements above and anyone who knows anything about security knows that the above statement is true.

Now, sir, I understand that you will have some of the best and brightest minds in the industry working to carefully design these theoretical back doors that only the government can access. But, I have to ask, where will you get these mental giants? Will you look to private industry who, by the governments own claims, have lost billions if not trillions of dollars in security breaches involving their systems in the last year alone? If they can't design systems that are secure to protect themselves, how will they protect our secrets when they work for you?

Unfortunately, as you know, government IT isn't the answer either as only a few short years ago the Anonymous collective laid many agencies secrets open to the public and a single contractor was, only two years ago, able to walk out of what is arguably one of the most secure places on earth with over 50,000 documents.

Mr. President, I think it's time you realize what your predecessors eventually did: certain communication will always and should always be locked away from government eyes. A 'pressing need' because of some spectre of fear doesn't justify giving an arguably already overreaching government the power to spy into all our lives, innocent or not.  Our right to privacy can and does extend to corners the government can't see. While this may place certain people in uncomfortable positions and cause some 'darkness', such is the price we pay for freedom.

Will bad guys slip through the cracks? Yes.
Will encryption sometimes bring an investigation to a halt? Yes.

But even with those things being true, our rights stand. Rights are not secured or laid aside by convenience.

So what is the answer then? I would put forth that there is nothing wrong with continued, good-old-fashioned police work. The FBI and NSA have proven that they have a remarkable ability to coordinate investigations into crime using all of the data - and that's still most of the data flowing over the Internet- that isn't encrypted. The FBI still has the ability to break tough cases and obtain convictions even with encryption in place and getting better.  Training is the answer. Better, more technologically focused training. It's as simple as that.   

Mr. President, you are being presented with two opportunities here - two different roads as it were. On one side, you have the ability to stand with the American people and reaffirm the rights that you swore an oath to uphold - without conditions or convenience. On the other, you have the siren call of convenience, increased power, and an ever data hungry intelligence community.

Stop for a moment, take a deep breath, and think about the world you want to live in for the next 50 years, the world you want your wife and daughters to live in. Do you believe they might have things they don't want someone in Washington to know about? Should all of their secrets be laid bare because someone deems it convenient or have a 'compelling reason'?  Do you believe you and your family would be spared from such intrusion? I'd argue that you would be a valid target in some people eyes for it because you were President and 'you know things'. Is that the life you want?

It's certainly not the life I want for you either. I want a world where you can have secrets and you can have privacy. Where everything you say and do isn't subject to the microscope of data analysis. Where your daughters can make inappropriate jokes to their friends and not have to worry that those jokes will come back to haunt them 20 years later.  Maybe even where you could write a saucy love note to your wife and not worry that someone might read it. Nothing to hide, but still private.

I want that for you, Mr. Obama because you as an American - as a human being - deserve that privacy. But so does everyone else. Stand with the American people sir and be the champion we believe you can be. Stand with us as we asset our rights to privacy without conditions, without back doors. You are an American.