Monthly Archives: February 2012

Sending photos to the Philippines

Posted on by

My great uncle lives in the Philippines and I decided to send him some photos of a recent family wedding. He doesn’t have email so I needed to send him prints. Rather than have them printed locally and mailing them or have them printed in by an America company and then shipped internationally, I decided to use a Filipino website Digiprint.com.ph. This seemed like the most efficient approach — the photos would be shipped from the United States to the Philippines as bits instead of atoms.The process of ordering prints on digiprint turned out to be more difficult than I expected though in fairness this may be because I run Linux. Their site has multi-file upload functionality which they implement using the Jquery uploadify plugin. They only allow you to upload files with the following extensions: jpg, jpeg, png, and gif. This may seem reasonable but these extensions are case sensitive. Since all of my files were copied directly from my camera, they had the following file name format SAM_XXXX.JPG. The extension .JPG was considered different than .jpg so these files couldn’t be uploaded. To get around this, I copied the files to a temporary directory and batch renamed them to have the .jpg extension instead of .JPG.   I used the Unix commands find and rename to do this:

dlarochelle@server:~/Pictures/$ cp `find -newer SAM_1555.JPG -not -newer  SAM_1679.JPG ` /tmp/wedding/

dlarochelle@server:~/Pictures/$ cd /tmp/jay_wedding/

dlarochelle@server:/tmp/jay_wedding$ rename ‘s/\.JPG/\.jpg/’ *

The next huddle was that Digiprint only allows 20 pictures to uploaded at a time. Since I had over 120 pictures, this meant that I had to upload multiple times. This was an added hassle but something I could do  while I was doing other things on my computer. The next step was selecting the print size. Since the Philippines — like pretty much every country but the United States uses the metric system rather than U.S. customary units — they didn’t have the sizes that I was familiar with. Instead there were sizes such as 3R, 4R, and 6R. However, a bit of Googling revealed that 4R was essentially 4”X6”, so that’s what I selected.

I was able to check out using Paypal which simplified the process since I didn’t have to worried about my credit card company getting suspicious about a charge from the Philippines. My total come to around $20 US which works out to around $.17 a print. This is about what CVS would charge for in store prices. However, that price includes shipping and having to pay for postage from the US would have substantially increased the total cost.

Screen Shot of http://digiprint.com.ph

Screen Shot of http://digiprint.com.ph

Screen shot of http://digiprint.com.ph

iPhones and the Limits of Curated Security

Posted on by

Abstract: The Apple App store uses a curated model in which all applications must be approved by Apple before they are published. In has been argued that this provides better security than Android where applications are published immediately and only removed if they are found to be problematic. We study the cases of Smurf’s Village and similar applications and argue that the protection offered by this form of security is limited. We conclude that the image of Apple as a benevolent dictator acting as a neutral arbitrator to promote the best user experience is dangerously naive. Apple’s economic interests will often be different than their users’ security interests.

In the Apple App store for iOS devices such as the iPhone and iPad, all applications must be approved by Apple before they are published. That is in contrast to Android in which submitted applications are immediately published and only removed if they are determined to be problematic. The Apple approval process has been criticized as being arbitrary and confusing. Many accuse Apple of exercising excessive control. The App Store Review Guidelines are 8 pages. The introduction contains statements like the following:

  • We view Apps different than books or songs, which we do not curate. If you want to criticize a religion, write a book. If you want to describe sex, write a book or a song, or create a medical app.
  • We have over 350,000 apps in the App Store. We don’t need any more Fart apps.
  • [If] you’re trying to get your first practice App into the store to impress your friends, please brace yourself for rejection. We have lots of serious developers who don’t want their quality Apps to be surrounded by amateur hour.
  • If your app is rejected, we have a Review Board that you can appeal to. If you run to the press and trash us, it never helps.
  • If it sounds like we’re control freaks, well, maybe it’s because we’re so committed to our users and making sure they have a quality experience with our products.

The rest of the Guidelines contains specific rules about what is and is not allowed. It is generally acknowledged that all submissions are not reviewed equally. For example, Apple includes a ban on offensive or mean-spirited commentary but specifically exempts professional political satirists and humorists. Additionally, well known companies and organizations are thought to have an easier time getting their apps approved than individual developers.

Though many have criticized those restrictions as excessive, it has been argument that they will provide protection against malware. Indeed, Jonathan Zittrain, among others, has worried that the iPhone will be adopted because it provides increased security even though this security comes the cost of the freedom and flexibility that has led to significant innovation in the computer industry. But just how effectively will the Apple review process protect users? Software auditing is time consuming and expensive. There are a variety of technical measures that would allow malicious developers to hide unapproved functionality from Apple’s reviewers. I may discuss these techniques in another, geekier, post.

In this post, I use the existence of Smurf’s Village and similar apps to argue that a curated app store is not a security panacea. These type of apps, many of which are targeted at children, are free to download but have very expensive in app purchases for items. For example, Smurfs’ Village, which is is based on the Smurfs tv show, sold a wheel barrow of Smurf Berries for $99. Many children amassed huge bills playing these applications on their parents phones. One 8 year old girl amassed a $1400 phone bill playing Smurf’s Village. (See http://www.digitaltrends.com/mobile/publisher-greed-little-girl-amasses-1400-iphone-bill-playing-smurfs-village/ ) There have been allegations of similar spending on other games such as a 5 year old girl spending $99.99 in Fishies, a 9 year old boy spending $670 on virtual weapons for X-Mas Resort and F.A.S.T, and a 9 year-old girl spending $200 on Zombie Toxins and other items in Zombie Cafe. (http://newsandinsight.thomsonreuters.com/New_York/News/2011/05_-_May/Class_action_firms_go_after__free__Apple_apps/ ) Whether these type of applications should count as malware or badware, is a question of semantics that we will not attempt to address. However, it is worth noting that the financial harm suffered by the parents of these children is likely to be greater than those whose PCs or Android phones are infected with traditional malware.

Why does Apple allow these applications in their app store? An app like Smurfs’ Village might be justifiable based laissez-faire arguments in an open market but that argument makes no sense in the context of Apple’s curated market. It is impossible to know Apple’s exact motivation but economic incentives may provide the answer. Apple requires that all game items be purchased using their In APP Purchase API payment system and takes a 30% cut of any transaction. Thus Apple has an incentive for users to spend as much money as possible. Indeed Apple’s guidelines contained no restriction on excessive pricing of in game items even though they contained restrictions on just about everything else. (Apple’s 30% commission is much greater than the amount taken by credit card companies and consequently they have a much greater incentive to allow expensive purchases.)

Apple has since taken some steps to mitigate the problem. They now require a password to be entered before every purchase (previously the password would be cached for 15 minutes) and allow in-app purchases to be disabled in device settings. Whether or not these mechanisms are sufficient to protect parents from these specific type of applications, in app purchases are a rich target for exploitation. In the future, there will likely be new and different attempts to exploit it that are both creative and disturbing. In the media, there is the popular stereo type that undesirable software originates from super hackers who are either anti-social western males or Russian gangs. The danger of this myth is that it causes us to be overly trusting of corporate software. The extent to which Apple uses developer reputation in the approval process may make them more likely to approve unsavory software if it has the veneer of corporate legitimacy.

It is clear that Apple’s review process does not prevent users from being harmed by unsavory applications. Indeed the image of Apple as a benevolent dictator acting as a neutral arbitrator to promote the best user experience is dangerously naive. Apple’s economic interests will often be different than their users’ security interests.

Why Don’t Theatres Sell CDs of the Performance?

Posted on by
Theaters sell a wide variety of souvenirs and memorabilia: studio cd recordings, clothing, books, even stuffed animals. But theatres sell the thing that would most easily enable theaters goers to relive the experience: a copy of the audio of the evening’s performance.

The quality of a recording of a live show wouldn’t match a studio recording but the two serve different purposes. The studio recording is great for experiencing a musical in a pure form. However, a live recording would let you relive the experience you had as a theatre goer. Most people go to the theatre at the most a few times a year. Outside of the super rich, people can’t afford to spend $50 to $200 on a ticket more frequently than that. Splurging on tickets is often associated with sentimental events that people would like to remember such as a birthday or anniversary or as part of a vacation to a New York. What better souvenir than the actual recording?

How might this work?

Many shows already use microphones. These microphones could simply be tried into a recording device. Other shows could be recorded using microphones placed unobtrusively throughout the theatre. Afterwards the staff would announce that CDs of the evening’s performance were available for purchase in the lobby. Depending on the venue, CDs would either be printed on demand or customers would fill out of order forms to have the CDs sent to them. Alternatively, customers might instead be able to purchase and download MP3s. Theaters might also decide to sell the recording on-line on itunes or similar sites. After all, the young couple going to New York on their honeymoon might not decide to buy a recording immediate after the show but might wish to purchase it when their celebrating their anniversary a few years later.

Would this Hurt Tickets Sales?

Why would people buy tickets when they could just buy the live recording? There are plenty of alternatives right now to going to a live show. There are often studio recordings, many times Hollywood movies, and occasionally even video recordings of live performances. As far a I know, there is no evidence that these things lower demand for actually being in the theatre. Indeed, movies probably increase the demand for a show by raising its visibility. Wouldn’t a live recording be different? Not really. A live audio recording of a show you went to is great for reliving it nostalgically but is no better of a substitute for the live show than a studio recording. Indeed the availability of the live recording might actually increase demand for tickets. By keeping the show fresh in people’s minds they would be more likely to want to see that show again as opposed to something else. Also providing the option of buying a live recording after the show increases the value of the theatrical experience to consumers which would increase the demand for tickets.

(A quick Google search, turned up some mentions of Broadway bootlegs but a commenting on their legality, availability, or quality let alone their effect on official audio recordings would be outside the scope of this post.)

Road blocks

Below I online a few potential road blocks, that may prevent theaters from selling the performance audio. For some theaters, there may be a risk aversion and an unwillingness to try new things. Old practices may be continued out of shere inertia. There may also to concern that the audio production costs will be too great. However, these are generally fixed costs. Many like microphone setup are fixed costs over the length of the show. Others, such as sound editing engineers would be fixed costs to produce a recording of a single show. So the economics should work out well for long running shows with large audiences. Finally, there may be legal restrictions. One would hope that theaters and rights owners could negotiate an agreement to allow the sale of live performance recordings at the same time that they negotiate an agreement for live performance rights. But there may be further legal complications that I’m not aware of.

Conclusion

Selling recordings after a show would be a boon to both theater goers and theaters. Theater goers would be able to relive their experience. Theaters would benefit from an extra revenue source as well increased demand for tickets.