February 6th, 2004

classic beard


The Udvar-Hazy Smithsonian Museum now has a quicktime VR page -- worth finding a Mac (or does windows quicktime do QTVR? find a mac anyway :-) to look at. Notable views are both SR-71 and Concord cockpits, several space capsules, and other fun "internal" views that you wouldn't get even if you went to the museum...
classic beard

Instant Messaging Is Sad

[This is a rant/first draft. I may turn this into a reasoned argument, once I figure out what point to actually argue, instead of just being grumpy :-) ]

Traditionally, when I work from home, I aggressively follow news and email at work so if things come up I notice them. I'm also on zephyr, so that people in that privileged class of "athena-plus-special-connections" users can reach me that way as well (this does include two coworkers, so it's not totally unrelated.) Today, I decided to break down and sign up for an AIM account, since that's the system of choice at work - six or seven of my coworkers have AIM accounts, though it looks like only three or four of them actually sign on during the day.

Of course, I got no messages; there just wasn't anything time critical, or email was being fast enough for people. No chatter, though, which one tends to find on zephyr, even corporate zephyr islands.

I've generally railed against AIM, for the obvious reasons - no end to end security, all of your traffic goes through their servers - so, no privacy at all, or even integrity protection (though getting caught at that kind of thing even once would probably destroy them) and so I've recommended against using it for anything more than contacting people.

Of course, nothing else is any better. Things like gaim seem to kludge it (unneccessarily, I expect - if AIM is a transport, why not just use it?) Zephyr only has integrity protection and no privacy, Jabber has user-to-server SSL sometimes (it has been poorly supported in the past) but nothing end to end either, and it doesn't have "users" anyway, so much as it has "named transport endpoints".

The core RFCs that Jabber is built upon got more solid recently, and aren't drafts anymore. This got me looking at it again, and some weblogs about advanced phones mentioned that there's now a J2ME Jabber client that runs on the Siemens S55 (though if it runs there, it probably runs on a lot of low end phones, the S55 is extraordinarily marginal when it comes to Java.) They seem to have done a good job with it, given the excruciating constraints of the platform; I was able to connect to an open jabber server, register, and send messages back and forth to another account created there.

It isn't what you'd mistake for integrated - you have to dig down in the file manager to even run it, and then it's all you're doing with the phone until you log out. No history, a message comes in and you read it and either reply then, or cancel and it's gone - don't even think about having someone message you with a useful phone number. The phone also appears to drop the connection sometimes - at least, the Mac "Fire!" client sometimes complains about the phone-user having gone offline and sending them a "stored" message, which ends up getting delivered promptly anyway.

This may end up being useful as a "text remote-control" app - where it talks to a custom jabber server that serves as a front end to various "real" services. Except, of course, that we don't have much for real services either...

Maybe it's time to look at irc-over-ssl again. The phone can stay out of it until the next generation or two of phones (like the nokia 6600 maybe) have actual development platforms...

I'm of course partly annoyed that it's only been 15 years, 5 of them after the crypto export regs were lifted - and security just isn't there.