Verity's secret shame revealed
Password techniques and retrospective Daleks
Stob I defrosted my ideas box, and found several morsels which wouldn't make a whole meal in themselves, but nonetheless needed eating.
Here you are: a free chance get to laugh at-not-with me.
I am a Palm Pre owner, pretty much the last one in the box. I hold this status in a work environment of iPeople. I feel my position deeply.
I was an enthusiast. In the bright early days of Pre ownership, I joined the developer programme, and actually wasted some time creating a noddy app or two, in anticipation of the fortune this skill would bring me once it all took off. I was excited when HP bought the company. I thought they would likely take a belt-and-braces approach to progressing WebOS.
So they did: carefully tying the braces around their middle, and knotting the belt around their metaphorical neck. When they dramatically and abruptly scrapped all their WebOS hardware, 1) I was not best pleased and 2) I received a circular email from one Richard Kerris, VP WebOS Developer Relations.
Dear webOS developer:
We have opened the next chapter for webOS, and we understand that you must have many questions. Yesterday we announced that we will focus on the future of webOS as a software platform but we will no longer be producing webOS devices. While this was a difficult decision, it's one that will strengthen our ability to focus on further innovating with webOS as we forge our path forward. [...] We will continue to support, innovate and develop the webOS App Catalog. Our intent is to enhance our merchandising and presentation of your great products and to continue to build our webOS app ecosystem.
But without any hardware to run it on. Right.
The tone of this ridiculous email seemed familiar, but it took me a while to place it. At the end of the splendid video game Portal, after the player's character has defeated and apparently destroyed the deliciously malicious computer GlaDOS, she – GlaDOS – is restored from backup and returns in the credits sequence to sing:
This was a triumph.
I'm making a note here: HUGE SUCCESS.
It's hard to overstate my satisfaction.
Same logic, no?
Once this mapping was achieved, everything else fell into place. HP is of course channelling Aperture Science, the game's lunatic corporation ('we do what we must because we can') whose inventions – Aperture's, not HP's – include Douglas Adamsesque robot machine guns that apologise as they shoot you to bits. HP's boss Leo Apotheker is modelled on Aperture's Cave Johnson, whose robust approach to life's lemony gifts is justly famous.
Mr Apotheker certainly found the HP Touchpad had a citrus flavour. I have so far seen no evidence that he has implemented Cave's threat regarding their inflammatory engineering; on the other hand, you can't be too careful. Those "lucky few", who managed to catch one of the rare, cheap models might consider investing in a fire safe to keep it in.
Perhaps HP also makes fire safes. Which talk. And run WebOS. Perhaps you will soon be able to nab a cheap one in an HP fire safe fire sale.
OK, OK, I'll stop bitching. Just a word of calm and rational advice to Mr Apotheker, you Palm-killing monster. Don't surround yourself with sycophants: sooner or later you will inevitably slip up in their syc. This is Cave Johnson; we're done here.
Tone up, tone up your passwords
His worship xkcd recently filed a piece on password strength, which has been much commented on and admired. Our Toony Laureate's contention is that it would work much better if, instead of using 12-letter passwords rich in both cases, punctuation and numeric digits, we all selected four random common words and just used them.
That's all very well, but even allowing that I can accurately recall a short phrase – say "Remember the fifth of November" – the chances of me typing something that long and getting it right are not good. (Please do sit down again. This is not a real password. All passwords in this item are fakes, impersonated – badly – by actors.)
When I type
what do you think is going to come out?
Rembeer th efifth of nOvember
That's what, and there isn't a computer in the world that will accept the substitution.
The trouble is, xkcd's 40-character phrases do not fit in the 14 byte cache of finger memory which is where I must store passwords if I am to type them accurately.
And if I can't type them accurately then I am in big difficulties, because I will be deposited in Password Reminder Personalised Question Hell ("What was the name of your second-favourite Auntie's third cat?" "What was the motto of your stepmother's primary school?") without passing Go and collecting £200 to pay the gas bill.
Ever since – what, MS-DOS 2? – Microsoft OSes have used backslashes in their file paths. When writing in a C-ish programming language, this is a pain, as the backslash is the escape character and has to be doubled up in any string constants:
If you are rash enough to use UNC path names, which begin with a double backslash, you need to put four of them in a row:
Now regex's have finally arrived in C++, and we have the exciting prospect of using them to process and verify paths, just as Perl users have done for the past 150 years. Naturally enough, a regex needs an escape character. No marks for guessing which character was chosen, causing a further redoubling.
string("(\\\\\\\\(\\w+)\\\\(\\w+(\\W\\w+)*\\\\)?)") + ...
This is getting silly. And I haven't even considered the extended-length path prefix
\\?\, which itself looks like a broken-off piece of regex even before you start escaping it.
So here is my proposal. To fix things, or at least make them slightly less frightful, Windows 8 paths should use forward slash throughout, and so fall in line with Unix and internet URLs. (Yes, I know they can already sometimes; but this should be the full production.) In all the excitement about Metro this and touchscreen that, I have seen no coverage of this important issue, but I notice the developers' conference was called //build/ (sic), so I live in hope.
First person to break the \ key wins.
Sponsored: Benefits from the lessons learned in HPC