# Bloviate

I wondered what it would look like if you took a body of text and then used it to generate new text, using Markov chains of different lengths. So I knocked up  quick program to try it.  ‘Bloviate’.

Bloviate analyses your source text to find every sequence of N characters and then works out the frequency of characters that come next.

For example, if you set N=3 and your source text contains the following character sequences staring with ‘the’:

‘the ‘, ‘then’, ‘they’, ‘the ‘

Then ‘the’ should be followed 50% of the time by a space, 25% of the time by an ‘n’ and 25% of the time by a ‘y’.

Bloviate then creates output text, starting with the first N characters of the source text and filling in the rest randomly using the same sequence frequencies as the source text.

Note that a character is a character to Bloviate. It treats upper and lower case as different characters, makes no attempt to differentiate between letters, punctuation and white space and does not attempt to clean up the source text. Which also means it works on any language.

Bloviate also tells you the average number of different characters following each unique sequence of N, which I will call F here. As F approaches 1.0 the output text becomes closer and closer to the input text.

Using ‘Goldilocks and the 3 bears’ as input:

If N=1 (F=7.05) the output is garbage. Albeit garbage with the same character pair frequency as the original.

On cre She sl s ramy raked cheais Bus ore than s sherd up m. ged. bend staireomest p!”Sof ckstirigrorr a ry ps.

” f waine tind s aso Sowa t antthee aime bupis stht stooomed pie k is beche p!

At N=3 (F=1.44) it looks close to English, but jibberish:

Once up and been sight,” she this timed. Pretty so soon, she second soft. She screame up and she screame hot!” cried the Mama bed the Papa been sleeping in the Papa bear

“Someone’s bear growl.

At N=5 (F=1.14) it starts to look like proper English, but semantically weird:

Once upon a time, so she went for a walked right,” she lay down into the kitchen, Goldilocks sat in the porridge from the three chair,” growled, “Someone’s been sitting my porridge and she tasted the door, and ran down the bedroom. Goldilocks woke up and she second bowl.

And it comes out with occasional gems such as:

“Someone’s been sitting my porridge,” said the bedroom.

At N=10 (F=1.03) it starts to become reasonably coherent:

Once upon a time, there was a little tired. So, she walked into the forest. Pretty soon, she came upon a house. She knocked and, when no one answered, she walked right in.

At the table in the kitchen, there were three bowls of porridge.

At N=15 (F=1.01) it starts to get pretty close to the original text, but doesn’t follow quite the same order:

Once upon a time, there was a little girl named Goldilocks. She went for a walk in the forest. Pretty soon, she came upon a house. She knocked and, when no one answered, she walked right in.

At the table in the kitchen, there were three bowls of porridge. Goldilocks was very tired by this time, so she went upstairs to the bedroom. She lay down in the first bed, but it was too hard. Then she lay down in the third bed and it was just right. Goldilocks fell asleep.

At N=12 (F=1.07) the whole 680k characters of ‘Pride and prejudice’ produces:

It is a truth universally contradict it. Besides, there was a motive within her of goodwill which could not help saying:

“Oh, that my dear mother had more command over herself! She can have her own way.”

As she spoke she observed him looking at her earnest desire for their folly or their vice. He was fond of them.”

Obviously the source text is important. The Bohemian Rhapsody lyrics make nearly as much (or as little sense) at N=5 (F=1.08) as the original:

Is this to me, for me, to me

Mama, just a poor boy from this to me

Any way the truth

Mama, life? Is this time tomorrow

Carry on as if nothing all behind and face the truth

Mama, ooh, didn’t mean to me, baby!

Just gotta leave me and lightning, very fright out, just killed a man

Put a gun against his head

Pulled my time to die?

At N=12 (F=1.05) 160k characters of Trump election speeches produces:

Hillary brought death and disaster to Iraq, Syria and Libya, she empowered Iran, and she unleashed ISIS. Now she wants to raise your taxes very substantially. Highest taxed nation in the world is a tenant of mine in Manhattan, so many great people. These are people that have been stolen, stolen by either very stupid politicians ask me the question, how are you going to get rid of all the emails?” “Yes, ma’am, they’re gonna stay in this country blind. My contract with the American voter begins with a plan to end government that will not protect its people is a government corruption at the State Department of Justice is trying as hard as they can to protect religious liberty;

I knocked together Bloviate in C++/Qt in a couple of hours, so it is far from commercial quality. But it is fairly robust, runs on Windows and Mac and can rewrite the whole of ‘Pride and prejudice’ in a few seconds. The core of Bloviate is just a map of the frequency of characters mapped to the character sequence they follow:

QMap< QString, QMap< QChar, int > >

You can get the Windows binaries here (~8MB, should work from Windows 7 onwards).

You can get the Mac binaries here (~11MB, should work from macOS 10.12 onwards).

Note that the Bloviate executable is tiny compared to the Qt library files. I could have tried to reduce the size of the downloads, but I didn’t.

To use Bloviate just:

1. paste your source text in the left pane
2. set the sequence length
3. press the ‘Go >’ button

You can get the source for Bloviate here (~1MB).

It should build on Qt 4 or 5 and is licensed as creative commons. If you modify it, just give me an attribution and send me a link to anything interesting you come up with.

# Getting Qt 5.9 working on Windows (eventually)

I have had Qt 5.5 and 5.6 installed on my development machines for some time. Now that I have purchased a new Mac development box (an iMac with a lickably beautiful 27″ screen) I thought it was a good time to update to a more recent version of Qt. I went for Qt 5.9, rather than Qt 5.10, as 5.9 has been designated as an LTS (long term support) release. Upgrading turned into a real chore. I am quickly writing it up here in the hope that it helps someone else, and as a reminder to myself a few years down the line.

I like to build Qt from source. Because then I know it was built using the same compiler, headers, SDK etc as I am using to build my product. And I have more control over how Qt is configured. Also I can patch the source and rebuild it, if I need to. But I have had problems building Qt on Mac before. So I decided to install the pre-built binaries on my new Mac. I installed the latest version of XCode and then the Q5.9.4 binaries. This was a couple of big downloads, but it all went pretty smoothly.

I successfully built Qt 5.5 from source on my Windows machine previously, so I decided to try that for Qt 5.9. I have Visual Studio 2010 installed. This isn’t supported for Qt 5.9.4, so I downloaded Visual Studio 2017. I unzipped the Qt source into C:\Qt\5.9.4, ran ‘x86 native tools command prompt for VS 2017’, made sure Python and Perl were in the path and then:

cd C:\Qt\5.9.4

set QTDIR=C:\Qt\5.9.4\qtbase

set PATH=%QTDIR%\bin;%PATH%

configure -opensource -confirm-license -opengl desktop -nomake tests -nomake examples -no-plugin-manifests -debug-and-release -platform win32-msvc -verbose

nmake

Note that you are told by the nmake script to do nmake install at the end of this. But it tells you somewhere in the Qt Windows documentation not to do this, unless you have set the prefix argument (confusing, I know)

The build failed part way through making qtwebengine. Something to do with a path being too long for Perl or Python (I forget). It seems to be a known problem. Odd as the root path was just C:\Qt\5.9.4. I don’t need qtwebengine at present, so I deleted everything and tried again with -skip qtwebengine:

configure -opensource -confirm-license -opengl desktop -skip qtwebengine -nomake tests -nomake examples -no-plugin-manifests -debug-and-release -platform win32-msvc -verbose

nmake

It seemed to complete ok this time. But using this version of Qt to build Hyper Plan I got an error:

Unknown module(s) in QT:svg

On further examination the SVG DLL  had been built, but hadn’t been copied to the C:\Qt\5.9.4\qtbase\bin folder. Similarly for a lot of the other Qt DLLs. I couldn’t find any obvious reason for this looking through logs, Stackoverflow and Googling. I could possibly do without the SVG functionality, but I wasn’t sure what else was broken. So I decided to give up on bulding from source on Windows as well.

I download the Qt 5.9.4 binaries for Visual Studio 2017. This seemed to go ok, but then I discovered that I could only build a 64-bit application from these. No 32-bit version was available for Visual Studio 2017. Many of my customers are still on 32 bit versions of Windows. So I need to be able to ship my product as a 32 bit executable + DLLs[1].

So I uninstalled Visual Studio 2017 and installed Visual Studio 2015. I then got an error message about Visual Studio 2017 redistributables that I hadn’t uninstalled. So I had to uninstall those and run a repair install on Visual Studio 2015. That seemed to work ok. So then I download the 32-bit Qt 5.9.4 binaries for Visual Studio 2015. I had to download these into a different top level folder (C:\Qtb), so as not to risk wiping existing Qt installs that I had previously managed to build from source.

Eventually I managed to build Hyper Plan and PerfectTablePlan on Mac and Windows. What a palaver though! Qt is an amazing framework and I am very grateful for everyone who works on it. But I wish they would make it a bit easier to install and upgrade! Has anyone actually managed to get Qt 5.9 built from source on Windows?

[1] I don’t bother shipping a 64-bit executable on Windows as the 32-bit executable works fine on 64-bit versions of Windows (my software doesn’t require excessive amounts of memory). I only ship a 64-bit executable on macOS as almost no-one uses 32-bit versions of macOS now.

# What every software vendor needs to know about SHA1/SHA2 and digital certificates

TL;DR : If you digitally sign your software you need to make sure you have an SHA2 certificate and use it to dual sign your software with both SHA1 and SHA2 digests.

Digital certificates are used to prove who authored a piece of software and that it hasn’t subsequently been tampered with. Starting with Windows XP SP2 you get a warning message if you download software that that isn’t signed with an appropriate digital certificate. So most commercial software vendors digitally sign their software. We grumble about price gouging by the certificate vendors and the hoops we have to jump through to get a certificate. But, apart from that, the system seems to work tolerably well. However Microsoft have thrown a spanner into the works by deprecating digital certificates using the SHA1 algorithm. I only found out about this a few weeks ago from a fellow vendor’s blog. Thanks for nothing Microsoft. If you are using a digital certificate you purchased more than a year ago, it is probably SHA1. This post explains what this means for software vendors, based on my research so far. I am not an expert on this topic and things seem to be changing fast, so please let me know if there are any mistakes or omissions.

I don’t digitally sign Windows software, does this affect me?

No. But perhaps treat Windows unsigned software warning with some skepticism until Windows software vendors sort this mess out. If you only develop for Mac OS X you can feel a bit smug (at least until the next time Apple nukes your development ecosystem from orbit).

What is SHA1?

SHA1 (Secure Hash Algorithm 1) is a cryptographic hash function that was used in digital certificates issued until recently. SHA1 was known to have weaknesses as far back as 2005. Microsoft (and Google) have finally decided that SHA1 is too vulnerable and SHA2 digital certificates should be used instead.

What happens if my certificate is SHA1?

If you signed your software with a timestamp before 01-Jan-2016:

• It will be treated by Windows XP SP2/XP SP3/Vista as signed.
• It will be treated by Windows 7/8/10 as signed only until 01-Jan-2017.

If you signed your software with a timestamp on or after 01-Jan-2016:

• It will be treated by Windows XP SP2/XP SP3/Vista as signed.
• On Windows 7/8/10 and you will get an ugly “The signature of <file> is corrupt or invalid” or “The signature of this program is corrupt or invalid” error when downloading. If you don’t see this, it might be because you haven’t done a Windows Update recently (shame on you).

Windows seems to treat software that has been downloaded from the web (with ‘mark of the web’) differently. So make sure you test a version of your software you have downloaded from the web. I carried out some tests on 01-Mar-2016 using an SHA1 certificate to sign an executable and then dowload it. It worked ok when downloaded using Firefox or Chrome, but was shown as corrupt when downloaded using IE.

How do I know if my current certificate is SHA1?

1. Right click on your most recently signed installer and select Properties.
2. Click on the Digital Signatures tab.
3. Select the signature and click on the Details button.
4. Click the View Certificate button.
5. Click the Details tab.
6. Look at the Signature hash algorithm.

What should I do if my certificate is SHA1?

If you certificate hasn’t expired you should ask the company you purchased it from to issue you a new SHA2 certificate. They should do this free of charge. In the process they will revoke your SHA1 certificate, so you can no longer use it for signing. You should then use your new SHA2 certificate to double sign new releases (see below).

I have an SHA2 certificate, now what?

If you want a new release to be treated as signed on both Windows XP SP3/Vista and Windows 7/8/10 then you need to double sign the file for SHA1 and SHA2:

`signtool.exe sign /f <pfx file> /p <pfx password> /t <sha1 timestamp server> /v <installer>`

`signtool.exe sign /f <pfx file> /p <pfx password> /tr <sha2 timestamp server> /fd sha256 /td sha256 /as /v <installer> `

Note the the order of the above is important (SHA1 first).

The Comodo SHA1 and SHA2 timestamp server is:
`http://timestamp.comodoca.com`

You can add a `/debug` flag for verbose output.

If you only want to support Windows 7/8/10, then you can omit the first line (but why would you?).

You can use `chktrust.exe` to check the signature:

`chktrust.exe <installer>`

Note that only version 6.3 and later of `signtool.exe` (which comes with Windows 8.1 SDK and is also available here) supports the `/as` flag.

I always sign the program, as well as the installer.

Can I double sign .msi files?

I have seen reports that .msi installers don’t support double signing. But I don’t use .msi installers, so I haven’t investigated further.

What happens to software I signed with my SHA1 certificate after the certificate is revoked?

Software you signed previously will not be affected, e.g. it will be treated as signed by Windows 7/8/10 until 01-Jan-2017

How do I sign Windows XP SP1/XP SP2 software?

Windows XP SP1 doesn’t warn you if there is no signature, so you can ignore XP SP1. SHA2 signatures are not supported in Windows XP SP2. So you will need to have both valid SHA1 and SHA2 certificates to support XP SP2 and all the later versions of Windows. Its not clear that certificate vendors will allow this. Also, how many people with Windows XP SP2 (an unsupported OS) are out there buying software? I won’t be bothering to support signing for XP SP2.

Does this affect SSL certificates as well as code signing (Authenticode) certificates?

I believe so. But I don’t have any SSL certificates, so I haven’t investigated further.

How does this affect signing of device drivers?

I understand there are some differences for device drivers. But I don’t create device drivers, so I haven’t investigated further.

What is the difference between SHA2 and SHA256?

SHA2 is a family of two similar hash functions known as SHA256 and SHA512. SHA256 uses 32-bit words where SHA512 uses 64-bit words.

How secure is SHA2?

Er, it was designed by the NSA. Supply your own joke.

I don’t have a digital certificate, where can I get one?

I got my Comodo code signing certificate from reseller ksoftware.net. They have a good reputation, and are significantly cheaper than Comodo. I don’t have any business relationship with them beyond being a happy customer.

Update: See renewing my authenticode digital certificate .

Anything else I should know?

Microsoft has reserved the right to move the SHA1 deprecation date forward from 01-Jan-2017.

Acknowledgements

Thanks to Nikos Bozinis for first alerting me to this issue and to Mitchell Vincent of ksoftware.net for fact checking this article.

http://zabkat.com/blog/code-signing-sha1-armageddon.htm

http://social.technet.microsoft.com/wiki/contents/articles/32288.windows-enforcement-of-authenticode-code-signing-and-timestamping.aspx

03-Mar-2016: Minor update.

# First impressions of the Retina 13″ Macbook Pro

My table planner software runs on Windows and Mac. Previously I took a Windows laptop with me when I was out of the office or on holiday, so that I could provide technical support to my customers. But it isn’t (legally) possible to run Mac OS X on Windows, so this made it hard to give Mac customers the best possible technical support. For example I couldn’t send them Mac screenshots or replicate Mac-only bugs from a Windows laptop. However it is legally possible to run both Mac OS X and Windows on a Mac. So I decided to buy a 13″ Retina Macbook Pro for my new laptop, so that I could have access to both OSs when out of the office. I was also attracted by the screen and design of the new Retina Macbook Pro. I choose the 13″ model, rather than than the 15″ model, simply because it is more portable (e.g. more likely to fit in a hotel safe). I also paid to upgrade the SSD from 128GB to 256GB to have room for both Mac OS X and Windows setups. I have now had my Macbook Pro for a few weeks, so I thought I would share my initial impressions.

The good points:

• The 2560 x 1600 Retina screen is gorgeous, both in terms of sharpness and colour. It makes the display on my old Toshiba Windows laptop look very tired.
• With a 2.5 GHz Core i5 processor, 8 GB of RAM and an SSD it is very responsive.
• The aluminium chassis is beautifully designed. Despite being only 19mm thick and 1.6Kgs, it feels very sturdy. The power brick is quite small and light as well.
• The keyboard is nice. Automatically backlighting the keys in low light is a nice touch.
• The power cable attaches magnetically. This means it is easy to attach. But, more importantly, accidentally kicking the cable just pops the cable out, rather than the whole machine crashing onto the floor.
• Gestures work very nicely on the touch pad. For example you can drag two fingers up and down to scroll or tap with 2 fingers to simulate right click.
• I have Windows and Mac OS X  stored on separate partitions. I can access Window either by booting into Windows or from inside Mac OS X using Parallels (cost approx \$80). Being able to access Windows from Mac OS X without a reboot is very useful.
• The speakers are surprisingly good.

The not so good points:

• The Macbook Pro is expensive compared to Windows ultrabooks with similar specs.
• There are a limited number of ports:  2 USB, 2 Thunderbolt, 1 headphone, 1 HDMI and 1 unidentified (SD memory card?).
• There is no Ethernet port. So if there is no Wifi, you are out of luck.
• There is no Kensington slot, so you can’t physically lock it down. This is especially annoying given the price.
• As someone who mainly uses Windows I’m still struggling to get used to the Mac keyboard. For example there is a Backspace key, but no Delete key. Also there is no Home or End key. Worst of all the cursor sometimes  jumps to a different line while I am typing. I have no idea why.
• Parallels and Windows don’t do a brilliant job of handling the very high resolution of the Retina display. Fonts are sometimes shown very small or very large in Windows. Some applications, such as Keepass v1, looks very fuzzy. Hopefully this will improve with new versions of Parallels and Windows as Retina-like displays become  more common.
• Not all applications support gestures. For example Firefox on Mac OS X doesn’t support pinch zoom. But I expect this will improve as new versions of applications are released.
• Not having a built-in DVD drive is a pain. I was able to install Windows 7 by ripping a DVD to a USB stick using Infrarecorder (free). But this didn’t work for Photoshop Elements 11, so I had to download it from the app store, despite having it on DVD.
• I couldn’t get Windows 8 to work. I installed it into a Bootcamp partition, but when I booted into Windows I just got a mouse pointer and  blue bar down the side of the screen. Apparently Windows 8 is not yet supported by Bootcamp.
• I am told the graphics performance isn’t great. But I’m not intending to use it for games, so that doesn’t bother me much.

Overall it is an impressive machine and I’m pretty happy with it so far. In particular it is great to able to support Windows and Mac OS X on a single machine. But it does have some annoyances and I wouldn’t have purchased it to just to run Windows. No doubt PC ultrabook manufacturers will have copied its more innovative features fairly soon.

A couple of tips:

• If you are  in the UK, consider purchasing from John Lewis. They will price match other ‘bricks and mortar’ vendors that have stock. But (at the time I purchased) they were offering 2 years additional warranty. I got them to price match PC World’s £100 off deal. I got £100 refunded and 2 years extra warranty. The service at John Lewis is usually also very good.
• You probably want to get some form of case or sleeve to protect your lovely and expensive new Macbook. Beware that many of the existing cases are designed for the old Macbook Pros. Consequently they might not be a good fit for the thinner Retina models. I bought this Cool Bananas case. It is a good fit and quite well made. I just wish it had a bit more padding. No doubt more cases and sleeves will become available to fit the new models.

# Buying a lean, mean, compiling machine

Nearly two years ago I wrote an article about speccing my ultimate development PC. Somehow there was always something more pressing to do. But I finally took delivery of my shiny new PC this week, partly spurred on by the fact that I wanted tried and trusted Windows 7 for the OS. Also my current development PC is getting increasingly crufty after 5 years of continual use.

I emailed my requirements to the top 3 custom PC companies in the UK as rated by PC Pro magazine : Chillblast, Cyberpower and CCL:

Hi,

I’m looking for a PC for developing software. Prime requirements in order of decreasing importance:

1. reliability
2. cpu + disk speed
3. quiet
4. value for money

Here is my wishlist of components:

-i5-3570K CPU
-an SSD (at least 128 GB) + 2 fast and reliable HDDs (7200 rpm, at least 1 TB each)
-ASUS, Gigabyte or EVGA motherboard supporting USB 3.0 and SATA/600.
-16 GB of fast RAM
-Windows 7 64 bit professional
-quiet is good, open to suggestions on sound insulation, fans and/or passive cooling
-AMD Radeon HD 6850 graphics card
-at least 2 USB ports on the front and 2 USB ports on the back (ideally more, ideally including USB 3.0)
-DVD drive
-Gigabit ethernet
-full size case
-kensington security slot, so I can lock it to the ground
-I don’t need a monitor, keyboard, mouse etc
-I don’t need WiFi
-It has to be *super reliable* – I want reliable SSD + HDDs, good quality motherboard, good quality branded power supply etc.
-target price, not more than 1,500 inc VAT, less is better obviously

Can you build something to meet this spec or get close? Please send me the spec and your price (including UK delivery).

Both Chillblast and Cyberpower sent me quotes for a system fairly close to what I wanted within 1 working day. I then spoke to their sales people and went online to tweak their suggested systems using their web based system ‘configurators’. In the end I chose Chillblast over Cyberpower due to:

• higher rating from PC Pro readers
• cheaper for a comparable system
• better warranty
• better online configurator (I found the number of choices on the Cyberpower online configurator a bit overwhelming)

However there really wasn’t a lot in it. CCL took nearly 2 whole working days to respond to my initial email,  so I discounted them as insufficiently responsive.

Following some suggestions made by the sales people I spoke to, this is the spec I ended up with:

• Chillblast Fusion Longbow
• Windows 7 Professional 64 bit
• Onboard High Definition Audio
• Corsair CX 750W 80 PLUS Bronze Certified PSU
• Sony 24x DVD-RW Drive
• Seagate Barrcuda 2TB 7200RPM Hard Disk
• AMD Radeon HD 6850 1024MB Graphics Card
• Intel 120GB 520 Series Solid State Drive
• 16GB Corsair PC3-12800 1600MHz DDR3 Memory
• Asus P8Z77-V LX Motherboard
• Akasa Venom Voodoo Ultra Quiet CPU Cooler
• Intel Core i5 3570K Processor 3.40 GHz (No Overclocking)
• Fractal Design Define R3 Low Noise Case – Black Pearl – USB 3.0 Edition
• Total price: £1089.80 + VAT (inc MSOffice Home Edition)

I take security fairly seriously. I have a motorbike style ground anchor in my office and I want my shiny new box physically locked to it. But I was told that almost no PC tower cases have a Kensington lock slot. This seems crazy to me. My current Dell tower has one and the cost of one tiny little extra slot in the chassis must be pennies. So I had to buy a lock adaptor kit. It’s not the most elegant solution, but it works fine.

I ordered the system on 02-Oct and it arrived on 22-Oct. Here are a couple of photos of the new system with the side panels off.

The PC took a few days longer than the originally advertised time to arrive. This wasn’t a big issue in my case. But I only found out it was going to be late when I emailed them after the expected completion date. It would have been a lot better if they had been more pro-active and emailed me first. Other than that I am fairly satisified with the service from Chillblast so far.

There are a few issues with the case, which aren’t really Chillblast’s fault. It looks rather lovely in its big, black, minimalist sort of way, a bit like an obelisk from ‘2001 a space Odyssey’. But the case scratches rather easily if you lay it down to change a component on my laminate floor. The side panels are also a bit fiddly to get on and off (my old Dell PC is better in this regard). Worst of all, it has rubber grommets (is that the right word?) that fall out into the case (and potentially into the fan or heat sink) if you even look at them funny. This means lying the case down to retrieve them, struggling with the side panels and more scratches. I have had to do this at least 4 times so far. It seems that they have made them of rubber that is far too soft for the job. Grrr.

How fast is the new PC? It certainly feels very snappy. I benchmarked it against my old Dell development PC (Dual Core 2.13 Ghz, 4GB RAM) building my event table planner software from scratch. This is 83k executable lines of C++ according to SourceMonitor:

 Build time Old PC New PC Debug build 6 minutes 56 seconds 1 minute 32 seconds Release build 6 minutes 23 seconds 1 minute 28 seconds

So it is more than 4 times faster than the old PC at its key task – building software. Admittedly it isn’t a ‘fair’ comparison of the hardware. The older machine has a different version of Visual Studio, a different OS and probably some unnecessary services running in the background. But it is the best I can do in the circumstances and I doubt a ‘fair’ test would be much different. Despite the fact that I only went for a mid-range graphics card, the new PC can also handle playing Half-Life 2 on full 1920 x 1200 resolution without any noticeable issues. Hopefully the faster build times will give a significant boost to my productivity (as long as I don’t play too much Half-Life 2).

The new PC is also eerily quiet. I would guess more than 4 times quieter than my old PC. Even when it is doing a build, all you can hear is the faint whir of a fan.

Only time will tell how reliable it is.

# Eventcountdown.com

I have just launched at new website at eventcountdown.com.  This website contains free countdown clocks,  for both Windows and web, to allow you to count down the days, hours, minutes and seconds to any event. It can be a wedding, a birthday or a major cultural or sporting event. Are your children wondering how many days, hours, minutes and seconds it is to Christmas ? Wonder no more! You can also use it to count up from an event e.g. giving up smoking or Perl.

web countdown clock for Mac, iPad, iPhone and Android

The hope is that a significant number of people interested in planning events will go to evencountdown.com for a free clock and a small percentage will click through to PerfectTablePlan.com and buy my software. I have no idea how successful this will be. I certainly don’t expect a quick payback on the investment. But hopefully it will pay for itself in a few years, and then anything after that is pure profit.

This project has also been a small scale experiment in outsourcing that might lead on to greater things.

• The web design and CSS/HTML coding was done by Sergey Pozhilov of μISVStyle.
• The Windows countdown clock was done by Milan Marusinec of VectorGraphica.
• The Javascript for the web countdown clock was done by Paul Kossowski of Dolphin Futures.

They all did a great job and the total cost was less than I would have paid for a couple of ads in event industry newsletters (which I tried recently, with fairly miserable results).

I have quite a few ideas about how I can improve eventcountdown.com, but I wanted to get something out there ASAP. After all if you aren’t embarassed by v1.0 you didn’t release it early enough. I would be interested to hear any feedback. Backlinks to eventcountdown.com would also be very welcome. ;0)

milan@crossgl.com

# Speccing my dream development PC

My main development machine is a 4 year old Dell desktop, PC running 32 bit Windows Vista. Time for a new PC. I have been doing a bit of research, mostly by looking through back copies of PC Pro magazine (which I recommend,  by the way). I am speccing it out here on my blog in the hope that I, and anyone else thinking about a new PC, can benefit from my research and (more importantly, given my limited knowledge of hardware) the assembled wisdom and experience of readers of this blog.

A system failure could lose me several days work and a lot of mental energy to sort out, so reliability is my number one requirement. After that I am interested in performance, particularly speeding up compilation and linking, as this has a significant effect on my productivity (my table planner software is now well over 100k lines of C++ code). Getting a fast machine also means it will last longer before it becomes obselete.

## Form factor

Tower desktop. I don’t like using laptops for extended periods and there is plenty of space under the desk for a tower case. Having a bigger chassis means more options for upgrading and hopefully less chance of overheating. I like to have my PC physically locked to a ground anchor to reduce the possibility of theft. So the case needs to have a Kensington-compatible security slot I can attach a security cable to. Some LED bling wouldn’t hurt.

## OS

Windows 7 64 bit Professional (or Ultimate is if I decide to use bitlocker drive encryption). Windows 7 is increasingly what my customers are using. 64 bit will allow me to address >4GB RAM.

As I develop for both Windows and Mac, I could use a Mac for my main development machine. But I am more familiar with Windows and its associated apps, you get more bang for your buck with a PC and I’m not keen on Apple’s authoritarian attitude to developers. So I prefer to use Windows for my main development machine and use a Mac Mini for porting.

## RAM

8GB of DDR3 RAM. Maybe more, depending on cost. But I am not sure whether having more than 8GB of RAM will make much of a difference to real world performance. DDR3 memory seems to be fairly standard on high end PCs. I can’t imagine the clock speed of the memory (e.g. 1,333 MHz vs 1,600 MHz) affects development related performance much. I haven’t seen any data on this.

## Storage

Possibly a 128GB Crucial RealSSD C300 SSD for storing \Windows and \Program files and a 600 GB 10,000 RPM WD Velociraptor HDD for storing everything else. SSDs seem to be increasingly the way to go for storage that is predominantly read-only and the prices are coming down. 128 GB should be ample for Windows and lots of applications. But there have been issues over the reliability and performance of some SSDs, notably those with Indilinx controllers. anandtech.com, Jeff Atwood and PC Pro all rate Crucial SSDs well. The WD Velociraptor is one of the fastest HDDs around and 600 GB is currently the biggest one you can buy. It is pricey though at around £0.30 per GB, with 7,200 RPM drives around £0.05 per GB. Especially if I buy an extra one to keep as a hot spare.

I am still making up my mind on this though. Having two separate drives means an extra possible point of failure. Also some people say that, while benchmark results are impressive, the difference in performance between SSD and fast HDDs isn’t that great in real world scenarios. I also wonder whether a 10,000 RPM HDD is going to be as reliable as a 7,200 RPM HDD, such as the Samsung Spinpoint F3. I don’t know of any independent data on HDD reliability between different makes and models. In the absense of such data I guess the next best bet is to look at how long the manufacturer warranties are. You need to be fairly confident on reliability to give a 5 year warrantly.

I am also considering encrypting the drives for extra security. This will keep my data secure in case of theft and it also means I can return a defective drive under warranty without worrying about the security of the data on it. The main alternatives are Truecrypt and Windows 7 Bitlocker. Tests show Truecrypt AES encryption adding a 5-12% performance penalty. Anecdotal reports seem to show that the difference is hardly noticeable in real world use, especially with a fast CPU. A comparison of Truecrypt and Bitlocker from April gives Bitlocker a small advantage for speed, but favours Truecrypt for its flexibility. Also Truecrypt is free, whereas Bitlocker is only available if you buy Windows 7 Ultimate.

My current PC has 2 disk HDDs in RAID1 (mirrored) configuration. This was intended to decrease the chance of data loss, but it has been a huge headache. I have had to replace one or other of the RAID1 HDDs 4 or 5 times while I have had this PC. I can only assume that RAID was responsible for this catastrophic failure rate, so I certainly won’t be going for RAID again.

## Media

Any reputable make of DVD drive that can write dual layer DVDs should be fine. The 8.5 GB capacity of dual layer DVDs is useful for backups. I don’t see any need to pay a premium to get Bluray.

## Motherboard

A Gigabyte or Asus motherboard with support for USB 3.0 and SATA/600. I have just bought a USB 3.0 external HDD for backup so I would like to make the most of the additional USB 3.0 performance and a fast SATA connection is necessary to get the most from a fast HDD. Gigabtye and Asus motherboards seem to do well in the PC Pro magazine tests.

## Power supply

Any respectable make should be fine. If a power supply fails the power surge can wreck the whole machine, so it definitely isn’t worth risking a cheap and nasty power supply to save a few pounds.

## USB ports

Lots, including some USB 3.0 ports.

## Graphics card

AMD Radeon 6850. I don’t play a lot of computer games, but I want a graphics card fast enough to give me the option. I would also like to have the option of multiple monitors, so it needs to have at least 2 DVI outputs. PC Pro magazine are recommending the AMD Radeon 6850 as exellent value if you don’t need the fastest possible card.

## CPU

Intel Core i5-750 (4 cores). Raw processor speed is obviously important, but you pay quite a premium to get the very fastest chip. The i5-750 seems like a good balance between price and performance. Multiple cores are useful for running VMs and compiling (apparently Visual Studio 2005 requires a tweak to use multiple cores for compilation). Quiet fans would be nice. I’m not interested in overclocking as I worry about the effect this could have on reliability.

## Networking

Gigabit Ethernet.

## VDU, keyboard and mouse

I will re-use my existing monitor, keyboard and mouse.

## Software

The less crapware pre-installed with the OS the better.

## Warranty

The longer and more comprehensive the better.

## Manufacturer

I have neither the time, the inclination nor the aptitude to build a PC myself. So I will be looking for a UK company that can build a PC close to the above spec. I had a terrible experience trying to buy a media PC from gamingpc-guys.co.uk earlier this year (I had to do a chargeback to get my money back when neither PC or refund had appeared after a month), so I certainly won’t be approaching them. Thankfully they seem to have gone out of business anyway. Given the problems I have had with the current Dell and the ludicrous cost of Dell replacement parts, I won’t be going for Dell again either. UK PC manufacturers that regularly do well in PC Pro tests include:

So I will be investigating how close a system they can provide me to the above spec and for what price. Interestingly all these custom PC companies seem to have products aimed very much at gamers, not developers. Given that there are a lot of developers in the UK that seems surprising. I guess most developers get their PC bought for them by IT departments and don’t have the luxury of a custom built PC. I think these companies are missing a trick by not having a PC aimed at developers amongst their base specs.

If you had roughly £1000/\$1700 to spend on a development machine, what would you choose differently from the above and why?

# App stores set to dominate future software sales?

Following the success of the iPhone app store (over 6 billion downloads to date), app stores are becoming more and more of a feature of the software landscape. In case you missed it, Apple announced yesterday that there will be an App Store for Macs  ‘within 90 days’. In summary:

• The Mac app store will be tightly integrated with Mac OS X, including automatic install and update.
• There will be restrictions on technology, for example Java apps will not be allowed.
• Apple will keep 30% of any revenue from sales.
• \$99/year subscription for developers.
• Developers will still be able to sell their software outside the App store.

It is easy to see why Apple would want to do this:

• A potentially huge new revenue stream from third party Mac software sales.
• They get even more control over the customer experience.

And this could have advantages for Mac users:

• Simpler payment and installation.
• Screening out of low quality apps and malware.

And potential advantages for Mac developers:

• Mac users might buy more software if it is easier to do so.
• One main channel to concentrate your marketing efforts on.
• Some of the boring infrastructure of selling software (licensing, shopping cart etc) can be taken care of by Apple.

But the disadvantages are all too obvious:

• Your app could be rejected outright. And you won’t know until you submit it for approval. Apple are judge, jury and executioner. The iPhone app store has been infamous its capricious and opaque approval process.
• 30% is a huge chunk of revenue. Typical payment processors take 5-10% of revenue. Where the new app store cannibalises existing sales (and it is hard to see that it won’t) vendors will lose 20-25% of existing sales revenues.
• New apps and updates will be delayed by days or weeks as they go through the app store approval process.
• A single centralised app store is likely to make it harder for niche/long-tail apps to make any sort of living. Certainly this is what seems to be happening in the iPhone App store.
• Apple are control freaks and have traditionally taken a rather heavy handed approach with developers, including the liberal use of NDAs. The app store will give them even more control.

And worse might follow:

• Apple makes a lot of their money from selling over-priced hardware. It may be in their interest to drive software prices down so they can sell more hardware. \$5 is considered expensive in the iPhone App Store.
• This could be the first step to making Mac OS X a closed system, like iPhone, where only Apple approved apps can be installed.

I guess they can’t piss off developers too much – a computer without third party applications isn’t going to be very attractive to customers. But I am finding it hard to work up any enthusiasm for a Mac app store. If it is successful I can either be in the store and give up a lot of freedom and cannibalize exisiting sales at a much lower margin, or stay out and be shut out of a large chunk of the market. It isn’t an attractive choice. As my app is written in C++/Qt, rather than Objective-C/Cocoa, I am not even sure that it will be eligible for inclusion in the store. I could just abandon Mac OS X, but Microsoft is also rumoured to be working on their own app store (despite the failure of DigitalLocker). That is a truly terrifying prospect given the awfulness of their ‘Works with Vista’ approval process (I speak from personal experience).

Suddenly web apps are looking more interesting.

# Why I won’t be bothering with the Windows 7 logo program

Am I the only one being totally bombarded with ‘Give your application the green light’ and related emails from Microsoft and its minions? I must have had at least 30 so far. I took a few minutes to list my product in the Windows 7 compatibility guide (beware, cheesy audio). But that is all I intend to do.

I went to the trouble of getting the ‘works with Vista’ logo in 2007. The process was very broken:

• The winqual and Partner websites give me “certified by unknown authority” warnings.
• The Winqual website didn’t work at all in FireFox.
• There was a complete lack of clear guidance about what you needed to do next at each stage.
• The documentation was very poor, with broken links and much of it completely out of date (i.e. “more information will be available in 2006”, this was 2007).
• It took me about an hour of rummaging around on the winqual site and an email to tech support to work out that you can ‘sign’ the legal documents online (you have to tick a permissions checkbox on a separate page and do a few refreshes).

It was easily the most frustrating thing I have done in my career as a microISV. For that I ended up with an ugly ‘works with Vista’ logo (that probably just made customers think my software didn’t work on Windows XP), an entry in Windows marketplace (I already had one) and a Verisign authenticode certificate that I wasn’t allowed to use to sign my software.

Hopefully Microsoft have cleaned up their broken logo process since the Vista launch. But the benefits of the Windows 7 logo program seem slim:

• a “Compatible with Windows 7” logo (prettier than the ghastly “works with Vista” logo admittedly)
• 30 Partner Points for use in the Microsoft Partner Program (I have no idea what I would want those for)
• some PR templates (when did having a near identical press release to thousands of other companies become a benefit?)
• priority Listing in the “Windows 7 Compatibility Center” (I doubt any of my customers know or care about this)
• Windows built-in error reporting (I rolled my own, thanks)

Worst of all I would have to buy another overpriced Verisign certificate to authenticate myself to Microsoft winqual, even though I already have a perfectly valid authenticode certificate from Comodo.

I think I’ll pass.