tag:blogger.com,1999:blog-53986590987589935422024-02-08T05:39:02.522-08:00No Marketing Bullshitnomarketingbshttp://www.blogger.com/profile/00321274087596013730noreply@blogger.comBlogger19125tag:blogger.com,1999:blog-5398659098758993542.post-48136601592559225252016-08-14T14:17:00.002-07:002016-08-14T14:17:49.223-07:00Nikon Coolpix S2900 - Twenty Megapixels of Disappointment<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: left;">
TL;DR - overmarketed piece of four letters, think before you buy.</div>
<div style="text-align: left;">
<br /></div>
<div style="text-align: left;">
</div>
<div style="text-align: left;">
</div>
<h2 style="text-align: left;">
The Megapixels</h2>
The camera can make up to 5152*3864 pixel shots which gets you about 19,9 megapixels so 20 megapixels claim is fair until you look at the image.<br />
<br />
You shoot, download the picture to a computer, open it and zoom to one hundred percent. The image is all covered in noise and JPEG compression artifacts (even in 5152*3864-STAR quality mode) and you will never use that one hundred percent zoomed image unless you're either an idiot or write a camera review because a one hundred percent zoomed image is really ugly and whoever has to see it in its entirety will hate you.<br />
<br />
So you downscale the image four times each dimension and get decent looking image but its size is now 1288*966 pixels which gets you 1,244 megapixels.<br />
<br />
The camera can make 20 megapixels shots which have to be downscaled to 1,244 megapixels before they look decent. Oookay, but that's not what I expect from a 20 megapixels camera, isn't that clear?<br />
<br />
<h2 style="text-align: left;">
</h2>
<h2 style="text-align: left;">
Performance - Series Shooting</h2>
<br />
This result is for a Class 10 speed memory card so noone claims the card is slow.<br />
<br />
You point, you zoom and you press The Button. The camera makes the shot and gets unresponsive for up to EIGHT SECONDS and for that time you cannot shoot, you cannot change camera settings and you cannot even zoom.<br />
<br />
The camera has "sport" mode for shooting moving stuff, you know. That moving stuff is snails - for anything that moves faster you will only make one shot and then the subject just goes away before the camera gets responsive again.<br />
<br />
Even when you shoot still stuff the camera is so slow that it's annoying. You shoot, you want to zoom in and shoot again but you have to WAIT, WAIT, WAIT, WAIT, WAIT and that's really annoying.<br />
<br />
<br />
<h2 style="text-align: left;">
Performance - Single Shots</h2>
<br />
It takes up to one second for the camera to focus. So when you shoot moving stuff there's good chance you miss the right moment. You have to press the button about one second in advance and then maybe you're lucky and the camera focuses and shoots at the right moment and then you WAIT, WAIT, WAIT and you never have a second chance.<br />
<br />
<h2 style="text-align: left;">
Performance - Warmup</h2>
<div style="text-align: left;">
It takes up to five seconds between you press the "turn on" button and the camera is ready to do anything. So if there's anything interesting suddenly happening near you there're good chance you don't have time to grab the camera and make any use of it.</div>
<div style="text-align: left;">
<br /></div>
<h2 style="text-align: left;">
Performance - NOT Intuitive</h2>
<div style="text-align: left;">
</div>
<div style="text-align: left;">
While you're WAITING you'd like to know when the camera is ready. The camera is ready once the two square brackets (the "crosshair") has appeared. So you shoot, "the crosshair" disappears, the camera DOES SOMETHING FOREVER, then "the crosshair" appears again and the camera gets responsive.</div>
<div style="text-align: left;">
<br /></div>
<div style="text-align: left;">
This is not explained in the manual. This ALL CAPS ANNOYING. You shoot, you rotate the zoom wheel but nothing happens because the camera is unresponsive and you have no idea why.</div>
<div style="text-align: left;">
<br /></div>
<div style="text-align: left;">
When you get the "wait for the crosshair" thing it gets a bit better - you move from hating the camera and trying to not smash the camera against a stone wall to just hating the camera.</div>
<br />
The current interface is a piece of CRAP. The camera should display a clear "I'm busy" indication while it's "busy", not misteryously hide "the crosshair". This should be explained in the manual.<br />
<br />
<h2 style="text-align: left;">
Modes</h2>
<br />
The camera has a ton of modes. That's it. With all the picture quality and performance problems those modes could be reduced to perhaps five - room, night outside, macro, landscape and "moving stuff". That would make the menu much simpler and the camera much more useful anyway.<br />
<br />
<h2 style="text-align: left;">
Panorama Assist</h2>
Even in 20 megapixels quality mode the panorama height is up to 928 pixels high. Panorama software sometimes fails and then either you get a "cannot craft a panorama" message or a distorted image. It kind of works.<br />
<br />
<h2 style="text-align: left;">
Video Recording</h2>
It kind of works. The video lenght is limited to 30 minutes for lower resolution and to 10 minutes for higher resolution. No matter how much space you have on your memory card - you cannot film a movie longer than 30 minutes at once. Filming ends, then you can start filming again - for up to 30 more minutes. This is big time annoying.<br />
<br />
<h2 style="text-align: left;">
Voice Recording</h2>
You use video recording to record voice. This is plain stupid. It can record video with sound but it cannot record sound alone.<br />
<br />
<h2 style="text-align: left;">
Charge Level Indication</h2>
<br />
This is just insane. The camera displays a "full battery" symbol until the battery is almost discharged and once it's almost discharged it displays "a nearly empty battery" symbol. No "three bars" or "five bars" indication - just "I don't know/I know I'm discharged" indication. It's like a cheap electric shaver. VERY ANNOYING.<br />
<br />
<h2 style="text-align: left;">
Charging/Interface Cable</h2>
A USB cable with some proprietary connector on camera side is used. It's usual USB-A on one side and some proprietary stuff on the other side. The is absolute evil. Lose or break the cable and you now have to look for replacement instead of buying a cheap cable at the nearest mall. It should be USB Micro or USB-B on camera side.<br />
<br />
<h2 style="text-align: left;">
Charging while Shooting or Filming</h2>
This doesn't exist. Once you connect the camera to a USB port or the charger it won't shoot or film. IT WILL NOT. This means you cannot connect an external battery and continue shooting. Either you charge or you shoot. There's no combination of those.<br />
<br />
<h2 style="text-align: left;">
Video Calls</h2>
<br />
Sure you cannot use the camera for video calls. You connect it to a USB port - and it retracts the lens and shuts down. Your video call is not going to happen.<br />
<br />
<h2 style="text-align: left;">
</h2>
<h2 style="text-align: left;">
WTF?</h2>
<h2 style="text-align: left;">
</h2>
<br />
NIKON, ARE YOUR DESIGNERS LOCKED IN FOUR WALL WITHOUT INTERNET ACCESS?<br />
<br />
<h2 style="text-align: left;">
The Charger and the Charger Uglifier</h2>
The charger is slim and compact and so neat ... if you plan to use the USA style flat prongs outlets. The charger dimensions are 53*53*22 millimeters AND the plug contacts rotate inwards and hide inside the casing until you need them. Very slim but that's only if you use the USA style flat prongs outlets.<br />
<br />
If you happen to be anywhere like Europe you gonna need an adapter which comes with the charger. To attach the adapter you rotate the contacts so that they extend out of the casing, then "plug" the charger into the adapter and the adapter firmly attaches to the charger. It's now 53*53*67 millimeters and plug contacts no longer fold into the charger and it's VERY UGLY and fragile and takes a lot of space and no longer fits anywhere small.<br />
<br />
Once you attached the adapter you gonna need a major effort to remove it before you go to a region with USA style outlets.<br />
<br />
So it's not really a charger adapter, it's a charger uglifier. With the aglifier attached the charger is really ugly so the uglifier does its job perfectly. Of all the stuff which you find in the box the charger uglifier is the clear winner.<br />
<br />
<br />
<h2 style="text-align: left;">
Bonus. The Manual</h2>
<br />
<br />
Absolutely do read the manual. It's full of excellent humour.<br />
<br />
Did you know you should not touch moving parts of the lens and otherwise you might get injured? A 911 call: "My camera lens attacked me!!!".<br />
<br />
Did you know that when you "delete" images from a memory card the data does not really disappear and can be recovered quite easily? Sure you did. Do you know how to address that? The manual says you should take shots of something like clear sky to fill the empty space of the card entirely. A 32 gigabytes card holds about three thousand shots with "the best quality" (the ugly noisy shots full of JPEG artifacts each taking up to eight megabytes but who cares). With about five seconds per shot you need about four hours of series shooting to fill a 32 gigabytes card. Btw you can make about three hundred shots on a single battery charge so you have to also charge the battery ten times. That'll be a nice weekend.<br />
<br />
The manual even confirms that removing the charger uglifier is a major challenge. Thank you.<br />
<br />
<h2 style="text-align: left;">
Conclusion or Something</h2>
<h2 style="text-align: left;">
</h2>
<h2 style="text-align: left;">
</h2>
<div style="text-align: left;">
WTF, NIKON?</div>
</div>
nomarketingbshttp://www.blogger.com/profile/00321274087596013730noreply@blogger.com0tag:blogger.com,1999:blog-5398659098758993542.post-81460361804285142952015-01-21T12:30:00.002-08:002015-01-21T12:34:59.921-08:00We Want to Call You and Discuss How We Call Customers and Waste Their Time<div dir="ltr" style="text-align: left;" trbidi="on">
Crappy support services... Everyone has dealt with them.<br />
<br />
They're always annoying and especially when you're a corporate client - one who has to contact them to resolve his company's problems. This post is about services for corporate clients which require customers to fill an online form and include an email and a phone number.<br />
<br />
You see, they REQUIRE to enter BOTH.<br />
<br />
Well, email is one thing. A message arrives in ur mailbox and you can open it whenever you want. Most such services also use email to send you notifications as you support ticket follows the meaningless support pipeline and also to confirm that your request was proper filed in the first place.<br />
<br />
Phone is another thing. It rings - and you have to FUKKEN answer. Otherwise it keeps ringing.<br />
<br />
If it's you personal phone it will ring at some random moment - in the middle of the night or when you were proper using a toilet or whenever else. So leaving a personal phone number when filing a support request is clearly a stupid idea. You will rather leave an office number.<br />
<br />
And it will ring in your office and annoy the hell out of everyone around. That's because not everyone's work includes using a phone more than once a year. Email and IM work just fine and there're millions of people who never use a phone at work except for private calls which they do somewhere where they don't annoy anyone. And these people have maybe one phone per ten people. And if it rings they first try to figure out what is ringing because they have already forgotten how it sounds - so rarely it rings.<br />
<br />
And once it rings your coworker Bill picks it up and hears Curvy Jane from reception saying "Hey, Bob, Joe from Crappy Support Company is calling, will you talk to him?"<br />
<br />
First you waste a minute figuring out that Joe from JSC is actually calling you, Bob. Mmmkay, you take the phone and go to some place where you won't disturb others and meanwhile Joe runs through the stupid polite script and asks what the problem is and you repeat all the details you've already listed when proper filing the request.<br />
<br />
Joe now wants a screenshot or a log or some very long identifier or anything else which will help him isolate the problem. A very reasonable request, but... you need your computer to get what Joe wants and it is on your workplace and did you forget that you left your workplace because you talking there would disturb others?<br />
<br />
Sure you do remember. And sure Joe has no idea because Joe calls lots of people every day to avoid being fired and your job is to do something really useful and the latter does not require using phone. And so you tell Joe that you sure will send all of that absolutely necessary crap just a bit later, mmkay?<br />
<br />
What would a reasonable support engineer do in the first place? He would email you and say "mmkay, you say X doesn't work and I want a screenshot of X". You would make a screenshot and send it back. No stupid phone involved and it is much, much faster.<br />
<br />
Joe is not like that. He calls you and says he needs a screenshot and he knows you will not dictate the screenshot over the phone. And btw once you send the screenshot he will call again and Curvy Jane will connect the two of you. And then Joe will say that yes, he's got the screenshot and now he wants another one with some other piece of non-working X.<br />
<br />
Yes, Joe thinks it makes sense. He's busy and employed. You're wasting time but who cares?<br />
<br />
And did I forget to say that the phone is FUKKEN QUIET and so you barely hear Joe (and noone cares because you use it once a year)? Did I forget that long distance calls go through a chain of codecs, filters, packet networks and whatever technological crap is there which makes the voice sound INCREDIBLY FUKKEN CRAPPY?<br />
<br />
Did I also forget that you're not Bob, your real name is Guido and English is not your native language and altough you can read and write English quite well your accent is terrible? Did I forget that Joe is not really a Joe but his real name is Aditya and English is not his native language either and his accent is terrible and differs from your terrible accent?<br />
<br />
You think it is impossible. It not only possible but it very likely now when everything is outsourced and every service is used by everyone.<br />
<br />
Now you, Bob-Guido with your horrible accent have to talk to Joe-Aditya with his horrible accent over a quiet phone which makes every voice sound crappy. And Joe-Aditya still thinks it is EFFICIENT. And his boss thinks the same.<br />
<br />
Yes, it VERY EFFICIENT AT WASTING TIME and keeping everyone employed.<br />
<br />
This is why unless you're completely brain dead you will never leave a phone number when filing a support request. You will leave an email address and try to avoid leaving a phone number. Most of the times the submission form will not allow you to leave "phone" field blank, so you will enter some crap there - a short string of ones for example.<br />
<br />
This won't help Joe at all. He will say "Oh, please provide a phone number so I can call you".<br />
<br />
Yes, he does this every time. Every Joe will ask for a phone number. You will have to answer him that you don't want to talk on the phone. Most of the time it helps but this stupid completely useless email transaction happens just about every time.<br />
<br />
An even more idiotic scenario is the following. You needed help with red routers and filed a request asking a specific question about red routers. Joe responds and provides a lot of details on blue keyboards.<br />
<br />
This doesn't help you at all, so you say you were not asking about blue keyboards and your problem was with red routers. Joe will want to call you. And if you give him your number he will repeat all that useless crap about blue keyboards and you won't understand anything because of accents and the damn phone.<br />
<br />
Think of it. You were using dark letters over the light background and proper explained you problem with red routers in writing and Joe had time to read all of it and still he didn't even understand that you're not interested in his blue keyboards explanation. Yet he truly believes that once he calls you your communication improves greatly because now you have two horrible accents, a crappy phone network and no time to think. <br />
<br />
THIS MAKES NO FUKKEN SENSE<br />
<br />
If someone wants to talk he will provide his number when proper filing the request. If he doesn't provide his number it means he doesn't want to talk.<br />
<br />
Doesn't want to talk, isn't that clear? <br />
<br />
Now a question for an interview. You're a support engineer and you are assigned a support request which only has email address provided and the phone number is 000111.<br />
<br />
What do you do?<br />
<br />
If you ever think that you need to ask the customer to provide a phone number you are not hired. Joe already does this - why would you be needed? Go find the nearest McDonald's and get yourself employed there. Joe will join you soon.<br />
<br />
The right answer is that YOU NEVER TRY TO CALL THIS CUSTOMER UNLESS HE EXPLICTLY ASKS TO CALL HIM<br />
<br />
IS THAT FUKKEN CLEAR?<br />
<br />
And btw NEVER means NOT IN YOU WHOLE LIFE.<br />
<br />
<br />
No phone number on the request - no calls, period. Use email. Your customer can type and so can you.</div>
nomarketingbshttp://www.blogger.com/profile/00321274087596013730noreply@blogger.com0tag:blogger.com,1999:blog-5398659098758993542.post-63676493018682616442015-01-13T12:26:00.000-08:002015-01-13T12:26:01.447-08:00Welcome Azure API Management Which Is Completely Unrelated to Azure Management API<div dir="ltr" style="text-align: left;" trbidi="on">
Woohooo!!! Meet new Microsoft Azure service - <a href="http://azure.microsoft.com/en-us/services/api-management/">API Management</a> which is something cool for exposing your service as API.<br />
<br />
Cool? Sure!!!<br />
<br />
The best thing is... There is <a href="http://msdn.microsoft.com/en-us/library/azure/ee460799.aspx">Service Management API</a> which was introduced years ago and is ...<br />
<br />
TOTALLY COMPLETELY FUKKEN UNRELATED<br />
<br />
... to API Management service. Yet since both of them are named using a completely random combination of buzzwords which have no meaning in real life a lot of people think these two services are the same.<br />
<br />
For example:<br />
<br />
- Jane, check this out, there's no SLA for Azure Management API, so if it fails to work on Sunday we're SCREWED!<br />
- Come on, John, don't be a dick, here I've got an SLA for Azure API Management and it looks good and btw I gonna file a complaint with HR about you sexually harassing me using the word SCREWED.<br />
<br />
Several meetings later Jane finds out Jonh was talking about a COMPLETELY FUKKEN UNRELATED thing, but it is too late - John has been terminated by that time. A week later the company were Jane works is SCREWED because there's no SLA for Azure Management API.<br />
<br />
Dear Microsoft...<br />
<br />
Thanks a lot for complicating life a tiny bit more!</div>
nomarketingbshttp://www.blogger.com/profile/00321274087596013730noreply@blogger.com0tag:blogger.com,1999:blog-5398659098758993542.post-89396103270240770472015-01-07T04:58:00.002-08:002015-01-07T10:55:29.994-08:00Milk With Crossed Barcodes Is Not Stupid, It's Marketing Genius<div dir="ltr" style="text-align: left;" trbidi="on">
This good old case of milk cartons with crossed out barcodes (<a href="http://kitchenette.jezebel.com/russian-milk-company-crossing-out-bar-codes-because-of-1584220353">one</a>, <a href="http://www.dairyreporter.com/Manufacturers/Russian-dairy-crosses-out-devilish-barcodes-in-battle-with-Satan">two</a> and google for "milk with crossed barcode" for more)... A dairy company located near Moscow, Russian Federation crosses barcodes on its products with two diagonal red lines to counter "number of the beast", hereinafter referred to as "bad number", which it claims is present in every barcode...<br />
<br />
People hear it and are immediately pissed off. They accuse Russia of leaving in Dark Ages and company owners being lunatics.<br />
<br />
First things first. Is there any "bad number" in the barcode?<br />
<br />
Milk cartons carry EAN-13 barcodes - plain boring barcodes used for labeling groceries. <a href="http://en.wikipedia.org/wiki/International_Article_Number_%28EAN%29">Evil Wikipedia (pun intended) to the resque!</a> Every such barcode consists of a number of vertical bars and there're three groups of bars that are slightly longer than the rest of the bars. Those groups are designed to serve as alignment markers to help barcode scanners proper identify where the barcode is and they don't carry any data in them.<br />
<br />
It just so happens that those alignment markers have bar width identical to how number 6 <b><u><i>can be encoded</i></u></b> (but this is not the only choice). The claim is therefore because each barcode contains three such markers those are three sixes and that's the "bad number".<br />
<br />
Well, not so fast. Read <a href="http://en.wikipedia.org/wiki/International_Article_Number_%28EAN%29">Evil Wikipedia</a> (pun intended). "Six" can be encoded various ways depending on where it is located in the barcode. There're three ways to encode each of the ten digits and they are called encoding schemes. Different barcodes will use different schemes depending on what the very first digit is.<br />
<br />
Since the dairy company in question is located in Russia the first digit will be "four" and so according to Untrustworthy Evil Wikipedia (pun intended) the barcode should use "<span style="font-family: inherit;">LGLLGG
RRRRRR"<span style="font-family: inherit;"> enc</span>oding scheme which means that some digits are encoded using scheme L, some are encoded scheme G and some are encoded using scheme R.</span><br />
<br />
<span style="font-family: inherit;">Now schemes G and R indeed encode "six" with two closely located narrow lines but scheme L doesn't do so - it uses a very wide line combined with a narrow line to encode "six" instead.<span style="font-family: inherit;"> </span></span><span style="font-family: inherit;"><span style="font-family: inherit;"><span style="font-family: inherit;"> If <span style="font-family: inherit;">a scanner finds those two<span style="font-family: inherit;"> narrow lines where a scheme L <span style="font-family: inherit;">must be used it will <span style="font-family: inherit;">produce a read error - those two lines will not be treated a<span style="font-family: inherit;">s "si<span style="font-family: inherit;">x" because a "si<span style="font-family: inherit;">x" <span style="font-family: inherit;">represented this way at these positions is impossible.</span></span></span></span></span></span></span></span></span></span></span><br />
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;">So just looking at the bar is not enough to say if it is a "six". Position also matters. How about the alignment markers? Which scheme is used to decode them?</span><br />
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;">None.</span><br />
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;">Just in case you're not good at reading, I'll repeat - NONE. The alignment markers are not to be decoded and so they don't have anything encoded in them. There're no digits in them and so there're no "sixes" in them and so there's no guaranteed "bad number" in every barcode.</span><br />
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;">Done with this. Let's proceed to the marketing side.</span><br />
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;">No matter what analysis you carry out many people are so stupid they will be unable to understand it. They will trust anything if it comes from a source they wish to trust. If that source claims there's a "bad number" in EAN-13 barcodes - they will trust it.</span><br />
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;">So, suppose you're a dairy company and for whatever reason you want to <u><i><b>show</b></i></u> that you're uncomfortable with EAN-13 barcodes because of "bad number" in them. What can you do?</span><br />
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;">Let me think... You don't like X and X is usually printed on milk cartons and you produce milk cartons...</span><br />
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;">How about not printing the barcodes? No barcode - no "bad number" and everyone is happy.<br /><br />No, then you're not happy because you cannot sell you milk anywhere - retailers won't accept goods that cannot be scanned fast on the counter.<br /><br />So what do you do? Ditch the idea?<br /><br />No, you'll cross the barcode and claim that the "bad number" is now neutralized. Just be careful - you need the lines to not interfere with the scanning process otherwise no retailer will buy the product.<br /><br />So you carefully design a crossed out barcode and print it. You claim the "bad number" is neutralized and everyone is happy. Pure marketing genius. Should have been nominated f<span style="font-family: inherit;">or Red Dot Communication<span style="font-family: inherit;"> Design Award.</span></span><br /><br />Is the "bad number" neutralized b<span style="font-family: inherit;">y such crossing</span>? It is likely not - the barcode was designed for scanners and scanners scan it in their evil scanner manner (pun intended). If they still can read the barcode it means they still see it reliably and can still read all the evil stuff presented in there.<br /><br />There's no "bad number" in there. If it was there then crossing the barcode would either have not neutralized it or it would have damaged the barcode and make it useless for retail.<br /><br />Is the world approaching its end? Yes. Is that because of barcodes? No, it's because so many people are really stupid.</span><tt><br /></tt></div>
nomarketingbshttp://www.blogger.com/profile/00321274087596013730noreply@blogger.com1tag:blogger.com,1999:blog-5398659098758993542.post-26787218509266588492015-01-01T11:59:00.000-08:002015-01-01T12:01:32.574-08:00Whoever Advocates CFL Bulbs Should Also Advocate Crack Cocaine<div dir="ltr" style="text-align: left;" trbidi="on">
What if I tell you crack cocaine is good, neat and beneficial to your health and environment? My guess is you'll think I'm nuts and rightfully so.<br />
<br />
Then why does anyone still buy CFL bulbs? They are as good, neat and beneficial to anything as crack cocaine. The only difference is that crack cocaine is banned and CFL bulbs are actively promoted.<br />
<br />
Let's look into details. How hard it is to accidentally break a CFL bulb? Not hard at all - the damn thing is brittle and breaks easier than a bottle of beer.<br />
<br />
What happens if you drop a bottle of beer and it breaks? Well, nothing horrible. You swipe the broken glass, optionally wipe the floor with a piece of cloth, go get another bottle and life goes on as if nothing happened. The worst thing that can possibly happen is you get a minor cut that heals within a week.<br />
<br />
What happens if you drop a CFL bulb and it breaks? You'd better died before letting it happen. You have to follow a <a href="http://www2.epa.gov/cfl/cleaning-broken-cfl#instructions">special thorough cleaning procedure described by EPA</a> - just search for "cleaning up a broken CFL".<br />
<br />
Yes, it is so beneficial for the environment. It contains fucking mercury which is fucking toxic and can damage your health unless you run a thorough cleaning procedure. And it breaks easier than a bottle of beer. And you cannot buy beer unless you're of certain age and you cannot drink beer in public in many jurisdictions but you can buy CFLs at any age and carry them around everywhere.<br />
<br />
The best thing is both of them are sold in the same supermarkets. You get into drinks section, get some beers there, then move a dozen feet and get into household stuff section where CFLs are being offered.<br />
<br />
They are both consumer products. CFLs are consumer products - same as beer, meat, dairy, vegetables and toilet paper. Yet meat and dairy are almost absolutely safe but if you dare break a CFL you have to yell everyone out of the room, vent it and then run a thorough cleanup procedure.<br />
<br />
Now tell me how crack cocaine is beneficial for the environment - I guess because it kills people and prevents them from using CFLs.</div>
nomarketingbshttp://www.blogger.com/profile/00321274087596013730noreply@blogger.com0tag:blogger.com,1999:blog-5398659098758993542.post-42603993214257314892014-12-31T16:50:00.001-08:002014-12-31T17:05:24.750-08:00Logitech K310 Keyboard - 100 Percent Washable, 98 Percent Amazing<div dir="ltr" style="text-align: left;" trbidi="on">
This is one hundred percent insane. Red Dot design award went to Samsonite for Inova suitcases which are... well, plain boring suitcases with plain boring zip locks and... WOW!!! hard and durable plastic body.<br />
<br />
Curious to see how they look like after several dozen trips and how using such suitcase changes its owner's life for the better and especially whether the change is worth the overwhelming sticker price of the suitcase. Seriously, does anyone have any case studies or success stories about that?<br />
<br />
Meanwhile on the bright side of the planet... Why didn't Logitech nominate its K310 keyboard which is just two steps from being absolutely amazing?<br />
<br />
K310 is neat, thin, lightweight, strong, durable (as any other Logitech keyboard for the record) and you can wash it under water tap.<br />
<br />
Dust between keys? Tiny food particles between keys? Fibers from office paper towels between keys? You don't have to clean this keyboard with compressed air or the like - you just unplug it and wash it under the water tap. Then you let it dry for several hours and your keyboard is almost new. <br />
<br />
It's "almost" because water leaves occasional light gray stains on the dark gray plastic when it dries - same as stains from raindrops on a dark car body. This is what happens when dark colored stuff gets wet and then dries. Too bad dark gray is the only choice of color with this keyboard.<br />
<br />
There's just one thing which is really uncool with this keyboard - the space between the groups of keys (between the letters and the up-down-left-right block and between the latter block and the numbers block) is just a bit narrower than it was on Deluxe 360 model. Why would this design change be necessary? Saving a gram of plastic at the expense of user frustration? Was the focus group formed of typists who never use a computer or what? The bright side is that a human can adapt to almost any piece of design crap and especially so when the piece is not very large.<br />
<br />
So after a week or so of frustration and hitting the wrong keys you have good chances to either violently break it into pieces or accept it and enjoy the fact that you can wash it as easily as you wash your jeans and cookware.<br />
<br />
It is a much larger improvement than it looks like. Totally should have been nominated for Red Dot Award. Perhaps Logitech will do this once it masters a more practical color for the keyboard body and stops saving plastic where a tiny saving notably worsens user experience.</div>
nomarketingbshttp://www.blogger.com/profile/00321274087596013730noreply@blogger.com0tag:blogger.com,1999:blog-5398659098758993542.post-31308748441124272232013-11-21T00:06:00.002-08:002013-11-21T00:06:45.526-08:00The Most Useless Microsoft Initiative EVER<div dir="ltr" style="text-align: left;" trbidi="on">
The following message appeared in <a href="http://sxp.microsoft.com/feeds/3.0/msdntn/WindowsAzureOSUpdates">Windows Azure OS Updates</a> RSS on November 13, 2013:<br />
<br />
<i>We are responding to customer feedback and now adding information to this page on the next upcoming Guest OS release. We hear that you want to know when your roles will reboot. Guest OS releases can move around by days or even a week. The announcements will give projected and approximate dates for the upcoming releases. Updates to the Guest OS Matrix are in process, but not completed yet.</i><br />
<br />
What? Microsoft suddenly cares about Azure Cloud Services users?<br />
<br />
Surely not. Not a chance. Here's why.<br />
<br />
Those users who have guest OS automatic updates switched on (that's the default osVersion="*" in the service configuration) will be updated withing a rather long timeframe - typically several days - and this will happen before that new guest OS version can be explicitly selected in the Management Portal.<br />
<br />
So those announcements will basically mean: <i>oh, dudes, we gonna roll out something which you can't try yourself yet and your service can break in an unexpected way withing the following several days</i>. WTF should the user do? Should he pray or should he pray harder? Should he go to his psychoanalyst and talk about the problem?<br />
<br />
WHAT ON EARTH SHOULD USERS DO WHEN THEY SEE THAT NOTICE?<br />
<br />
Anyone who cares about their service being broken by a guest OS update (you should too if you claim your service is a Serious Business) have switched guest OS automatic updates off long ago. They manually change the OS version in a testing environment first, ensure that it still works, then do they same in production. These users control their update process and don't care of those announcement just as well.<br />
<br />
These announcements are the most useless Microsoft initiative EVER. Just extra noise in the RSS.<br />
<br />
And once again - if you have a service hosted as Azure Cloud Service and you want your service to run in stable manner then you should have switched guest OS automatic updates off long ago.</div>
nomarketingbshttp://www.blogger.com/profile/00321274087596013730noreply@blogger.com0tag:blogger.com,1999:blog-5398659098758993542.post-54923366286276601372013-09-26T06:53:00.000-07:002013-09-26T06:53:06.254-07:00How Power Tools Manufacturers Could Get Their Logo Everywhere (Without Looking Dumb)<div dir="ltr" style="text-align: left;" trbidi="on">
This day most power tool brands have a wide range of really impressive cordless tools. Most tools have removable batteries. More and more tools get equipped with lithium-ion batteries that have very good energy density and very low self-discharge. What's more important, the battery is the heart of every cordless tool and so all top brands put a lot of effort into equipping their tools with the best batteries possible - with as many charge cycles as possible, with the highest cell capacity, with the best overheating protection so that the battery can output very high power without risk of overheating and exploding.<br />
<br />
So you're a cordless tools manufacturer and you've designed a very nice battery pack and you ship several drills, an impact driver, a saber saw, a pneumatic hammer, a flashlight, a disk saw, an oscillating tool, a radio and you can't imagine what else could run of the same battery for your benefits.<br />
<br />
Have you ever heard of so-called portable chargers for mobile devices? That's a box with a battery inside that you first charge from mains or from USB and then you can use it to charge or power you cell phone, smartphone or even laptop when far from an outlet. People buy such things from some companies they never heard before.<br />
<br />
Since you're a cordless tool manufacturer and you've crafted a very good battery pack for your tools. Why not let people use that battery pack for powering their electronics? All you need is a rather simple converter (yes, it will contain a fair share of electronic components, but this isn't that uncommon these days) that is snapped onto a power tool removable battery pack.<br />
<br />
This way you can have your logo just about everywhere and more people know that your cordless tools come with really nice battery packs. Most people only use power tools occasionally or on their workplace or in their backyard but they use electronics everywhere. Letting them use your batteries in everyday life greatly increases exposure to your logo.<br />
<br />
Last, but not least, using batteries more frequently will wear them out faster and you'll be able to sell more of them.<br />
<br />
<br /></div>
nomarketingbshttp://www.blogger.com/profile/00321274087596013730noreply@blogger.com0tag:blogger.com,1999:blog-5398659098758993542.post-44198099598446659012013-04-23T05:55:00.004-07:002013-04-23T06:07:12.504-07:00What Intel Corporation Really Does<div dir="ltr" style="text-align: left;" trbidi="on">
You thought Intel only produces processors and hardcore software like compilers and profilers? Think again.<br />
<br />
A small ISV recently made<a href="http://www.viva64.com/en/n/0095/"> a post about moving to their new office</a> with plenty of photos. Among others are <a href="http://www.viva64.com/media/images/content/n/0095-news/image10.png">this photo of a shaman's tambourine</a> with the repeating inscription "FIX THE BUG" and <a href="http://www.viva64.com/media/images/content/n/0095-news/image13.png">this photo of a horseshoe amulet</a> with the inscription "A horseshoe nailed to the computer protects code from bugs (the ancient programmers' popular belief)". Both items proudly bear Intel logo on them.<br />
<br />
Surely, Intel being a Serious Company™ has to provide a variety of tools for developing and maintaining software. Hence they can't go without shipping debugging aid tools like a shaman's tambourine and bug repelling items like a horseshoe amulet.<br />
<br />
Dear Intel, I'm sure you'll be reading this at some point. Could you please not use screws for attaching the horseshoe to the base? In this case screws look as weird as your Atom CPU would look in Ancient Rome. Thank you.</div>
nomarketingbshttp://www.blogger.com/profile/00321274087596013730noreply@blogger.com0tag:blogger.com,1999:blog-5398659098758993542.post-73678904761398744772013-02-26T05:20:00.002-08:002013-03-01T05:16:42.817-08:00In the Aftermath of Unexpected Worldwide Windows Azure Storage SSL Certificate Expiration<div dir="ltr" style="text-align: left;" trbidi="on">
Somewhere between Feb 22, 2013 and Feb 23, 2013 Windows Azure Storage service had its SSL certificate unexpectedly expired. Proofs: <a href="http://social.msdn.microsoft.com/Forums/en-US/windowsazuredata/thread/751c85c5-b3b5-43ba-9d5b-770472ad79e1">one</a> and <a href="http://stackoverflow.com/q/15033020">two</a>. A lot of software is configured in such way that once an SSL certificate expires the software no longer trusts the service and refuses to connect to it. That happened to all geographical regions, so no amount of data replication would help (except replicating to some other provider of course).<br />
<br />
A fair portion of chaos followed. Microsoft replaced the certificate in several hours and the life goes on.<br />
<br />
Now it's time to analyze this situation. Here we have a third party service a lot of other services depend upon and it turns out the service provider let the certificate expire.<br />
<br />
Suppose your service uses Windows Azure Storage for storing data and you find yourself in the situation described above. What lessons will you learn from it?<br />
<br />
The standard way to handle this situation is the following. It was Microsoft who was responsible for the certificate and so it's Microsoft's fault. Let's get some Jack Daniel's and have a good time.<br />
<br />
This approach no longer works. At least not with the cloud services responsibility model.<br />
<br />
If you read Windows Azure Storage SLA (highly recommended) you'll see that in no event you're eligible for a refund greater than the sum you paid for the service. This means that if you were affected by that incident you likely can get a refund of several USD, not much more. With that refund you then have to go to your service customers and explain why your service has got affected.<br />
<br />
Note that Microsoft is not scamming you – you've been showed that SLA upfront and your lawyers have likely read it.<br />
<br />
Now follow any of the two links above and look carefully at that picture with the certificate information. Where's that picture from? When you open any HTTPS-enabled site like <a href="https://twitter.com/">https://twitter.com</a> your browser shows a visual indication of an encrypted connection. If you click there you can read who owns the site and who issued the certificate and there's a kind of "more info" button that brings you to that certificate information dialog. Using this way you can see that <a href="https://twitter.com/">https://twitter.com</a> SSL certificate expires (as of the date of this writing) at May 11, 2014 which is quite far from now.<br />
<br />
So it turns out you can look at any HTTPS-enables site SSL certificate at any time and see its expiration date.<br />
<br />
Soooo… Unlike any other kind of unexpected event – like a lightning, a storm, an earthquake, an intern spilling coffee onto critical equipment – this time anyone could have seen the disaster was coming. The information was publicly available weeks in advance and noone noticed the upcoming problem.<br />
<br />
Soooo… If your service uses a third-party service via SSL you have only two options. Either you monitor that service certificate or you risk that certificate unexpectedly expiring and sending you into chaos.<br />
<br />
It doesn't matter that it's Microsoft (or Twitter) certificate. If your service depends on that certificate you have to monitor it. That's how clouds work. If you don't comply with this model all you have is a crowd of upset customers, a ton of upset blog posts and a refund worth no more than several USD.</div>
nomarketingbshttp://www.blogger.com/profile/00321274087596013730noreply@blogger.com0tag:blogger.com,1999:blog-5398659098758993542.post-41263967903204520682012-09-26T07:51:00.000-07:002012-09-26T07:51:51.128-07:00Don't Do Stupid Things When Trying to Help Protect the Environment<div dir="ltr" style="text-align: left;" trbidi="on">
Everyone is trying so hard to help the environment. Energy saving there, recycling here. Soooo green...<br />
<br />
...and sometimes so stupid. Look at Nokia chargers initiative. Newer chargers will consume less than 30 milliwatts in standby mode which is excellent. And each time a phone finishes charging there's a message saying that charging is complete and you'd better unplug the charger to help protect environment.<br />
<br />
This message is brought up as a very clever step that makes every Nokia phone user responsible for the green future....<br />
<br />
Well, no. The message about charging completion was always there, just the part about the environment was added at some point.<br />
<br />
There's something weird in here, isn't it? It's Nokia charger consuming power in standby but the user has to make extra effort. Why?<br />
<br />
The real reason is that those chargers are damn efficient already. Making them more efficient would require better electronic components that are more expensive and that would drive the chargers price up and guess who would have to pay for that? No, people don't like to pay more for greener chargers.<br />
<br />
So the pseudosolution is to change the "charging complete" message to contain the word "environment" in it. Does nothing, still puts extra burden on the user but now allows him feel better because of "doing something green". Plus Nokia can now run a PR company full of impressive numbers on energy saving and reducing the environmental effect.<br />
<br />
<br />
Yes, impressive numbers. To actually estimate anything you have to run the numbers.<br />
<br />
Numbers don't lie.<br />
<br />
Suppose we have a Nokia charger in standby plugged in for a full year and consuming 30 milliwatts. Just the worst case waste scenario.<br />
<br />
Every day the charger will consume 0,03 watts by 86400 seconds (number of seconds in a day) which totals 2592 joules.<br />
<br />
Now when you multiply that by the number of days in a year and then by the estimated number of chargers out there the result is very impressive.<br />
<br />
Except that the number alone is meaningless. You have to compare it with something and see if it makes any sense.<br />
<br />
Let's pretend that each day you will take the stairs instead of using an elevator. Let's assume your weight is 60 kilograms and you go three meters up. This makes you spend at least 3 meters by 60 kilograms by 9,8 meters per second <sup>2</sup> (gravitational acceleration) which totals 1764 joules.<br />
<br />
You see, the elevator will not need to use that energy because you took the stairs.<br />
<br />
Climb up two floors up and you totally offset the energy saving of the unplugged charger. Plus now you've got some physical exercise and you have better chances of not needing a heart surgery and a ton of drugs which are not that environmentally friendly.<br />
<br />
Which will you choose – to do something stupid and protect the environment or to do something useful and protect the environment?</div>
nomarketingbshttp://www.blogger.com/profile/00321274087596013730noreply@blogger.com0tag:blogger.com,1999:blog-5398659098758993542.post-89835777115098125842012-09-13T06:35:00.003-07:002012-09-13T06:39:53.197-07:00Safety Device Useless Because of Poorly Worded Manual<div dir="ltr" style="text-align: left;" trbidi="on">
<a href="http://nomarketingbs.blogspot.com/2012/08/how-trivial-technical-problem-turns.html">Teh battery terminal covers...</a> Tiny pieces of plastic that could prevent shorting the mobile device battery when the battery is being stored or transported much better than the stupid "don't store the battery in a pocket next to a paper clip" warning.<br />
<br />
Now turns out there is one company that ships mobile devices with battery terminal covers. Let's look at Nikon Coolpix AW 100 camera manual. <i>Confirming the Package Contents</i> section clearly shows that the camera battery is shipped with a terminal cover. <br />
<br />
One small step for a company, a giant leap for mankind. Sort of.<br />
<br />
The problem is that shipping the battery with the cover IS NOT FUKKEN ENOUGH because users are not familiar with what to do with that. Scary paperclip warnings have been there for ages, but users have never seen a terminal cover before. With such background they can only fear a paperclip, not do anything constructive with a terminal cover.<br />
<br />
Camera Reference Manual to the rescue? Okay... section <i>For Your Safety</i> says <i><b>observe the following precautions </b><b>when handling the battery for use in this product</b></i> and then there's a bullet list that among other stuff includes this:<br />
<br />
[B1] <i><b>Do not short or disassemble the battery or attempt to remove or break the battery insulation or casing.</b></i><br />
<br />
Okay, then <b>two bullets later</b> (both completely unrelated to shorting the battery) it says this:<br />
<br />
[B2] <i><b>Replace the terminal cover when transporting the battery. Do not transport or store with metal objects such as necklaces or hairpins.</b></i><br />
<br />
This is not how the manual should handle this. Here's what's wrong.<br />
<br />
First of all, look at [B1] wording. You see, shorting the battery and disassembling the battery are listed as if they are similar actions. They are only similar because they are both Bad Idea™. Other than that they are very different. Disassembling the battery is usually a deliberate action but shorting the battery can be either deliberate or accidental (like accidentally connecting the terminals with a paper clip in a pocket).<br />
<br />
These two things should be worded separately. Disassembling or otherwise hacking the battery with a pickaxe should be a separate bullet point.<br />
<br />
Next, [B1] that mentions that shorting the battery is Bad Idea™ and [B2] mentioning the terminal cover and the metal objects are separated with two completely unrelated bullets.<br />
<br />
This makes [B1] and [B2] unrelated in the reader's mind although they both talk about shorting the battery and how to avoid it.<br />
<br />
Finally look at [B2] wording. This on its own deserves careful analysis.<br />
<br />
It says the user should put the cover onto the battery while transporting it but doesn't mention battery storage although storing and transporting the battery are totally equivalent in terms of shorting and risks thereof.<br />
<br />
Next, [B2] says the user should not transport or store the battery with metal objects. Why the F should he not?<br />
<br />
Remember, there's a terminal cover that he should have put onto the battery and that cover should prevent shorting. When the cover is on it's okay to store the battery in a bag full of tiny metal objects – no shorting will happen.<br />
<br />
Do you see what's going on? According to the manual the terminal cover is <i><b>just needed</b></i> but it doesn't protect against shorting the battery. According to the manual it's just useless or maybe protects from dirt.<br />
<br />
So, Dear Nikon, you've implemented the terminal cover, you've produced and shipped it and then you wrote in your reference manual that the said cover is a useless piece of plastic that <i><b>just needs to be there</b></i>. Every box with Nikon Coolpix AW 100 now contains a terminal cover and a manual implicitly declaring that the cover is useless.<br />
<br />
EPIC FAIL<br />
<br />
Here's how you fix it.<br />
<br />
1. Remove <i>do not short</i> wording from [B1]. Only leave the wording about disassembling and otherwise <i><b>deliberately</b></i> (most of time) messing with the battery in [B1].<br />
<br />
2. Move <i>do not short </i>wording into [B2]. Shorting the battery (either deliberately or accidentally) is a separate problem and it should be addressed separately. The terminal cover is implemented to avoid accidentally shorting the battery when the battery is being stored or transported. Remove <i>do not transport or store with metal objects</i> wording<i>, </i>replace it<i> </i>with a phrase saying that a metal object (such as whatever examples you want) can accidentally make a connection between the uncovered terminals and short the battery and to avoid that the user should only store or transport the battery with the terminal cover on.<br />
<br />
This makes the terminal cover ACTUALLY USEFUL and saves a billion of cute kittens.</div>
nomarketingbshttp://www.blogger.com/profile/00321274087596013730noreply@blogger.com0tag:blogger.com,1999:blog-5398659098758993542.post-51356483857398323472012-08-23T06:37:00.001-07:002012-08-23T06:37:03.448-07:00How a Trivial Technical Problem Turns into a Major Hazard<div dir="ltr" style="text-align: left;" trbidi="on">
These days portable devices are EVERYWHERE. Phones, computers, power tools have decent mileage on batteries these days.<br />
<br />
EXCELLENT<br />
<br />
Now mileage is not always decent ENOUGH and so you'll often want a spare battery or two. This applies to all kinds of devices the number one being Android and number two being power tools.<br />
<br />
POWER TOOLS<br />
<br />
Unlike other devices most professional power tools come with two batteries. You charge both, then you use one of them until it goes empty. The empty one goes to the charger, the second one goes to the tool. If you have to use the tool where there's nowhere to plug the charger – you may want to have more batteries with you.<br />
<br />
Anyway at some moment there's a battery that is not connected to the tool and is likely not connected to the charger. It is on its own.<br />
<br />
Have you heard that a battery has TERMINALS? You know, the metal thingies which connect the battery to the tool. Do you have an idea of what happens if there's a direct electrical contact between the terminals?<br />
<br />
That's called a SHORT CIRCUIT. This is FUKKEN BAD for teh battery – it will spark, overheat, explode, hell will break loose. Search for "battery explosion" on YouTube for details.<br />
<br />
Do companies who produce phones, laptops and tools know about that?<br />
<br />
Sure they do. Let's open a manual for ... say... Bosch GDR 10,8 V-LI power impact wrench. Page 14 says this:<br />
<br />
<i><b>When battery pack is not in use, keep it away from other metal objects, like paper clips, coins, keys, nails, screws or other small metal objects, that can make a connection from one terminal to another. Shorting the battery terminals together may cause burns or a fire.</b></i><br />
<br />
This is how companies typically "solve" the problem. A warning in the manual.<br />
<br />
<strike>EXCELLENT</strike> ARE YOU KIDDING ME?<br />
<br />
Suppose I'm packing tools into a bag. I want several screwdrivers, wrenches, pliers, a hammer, some wire and maybe some screws. And finally I want a power tool and a second battery pack for that tool.<br />
<br />
You see, if I put the battery pack right into my bag there's risk that the wire or the screws or some combination thereof will get to the terminals of the battery pack and cause a short circuit.<br />
<br />
Looks like I'm screwed.<br />
<br />
Not really. There is a solution. It is wrapping the battery into plastic film. Most likely that will be a plastic bag.<br />
<br />
Yes, a plastic bag. The tool costs several hundred bucks but you have to put its battery into a plastic bag because otherwise it can short circuit and then hell breaks loose.<br />
<br />
<strike>EXCELLENT</strike> ARE YOU KIDDING ME?<br />
<br />
Let's looks at it in details. Suppose you want to design a phone, a computer or a power tool. You will have requirements – maximum weight, maximum size, minimum performance, maximum heat dissipation, duration of runtime off the battery and many many others.<br />
<br />
You see, these requirements are conflicting big time. If you want a bigger battery you get a bigger heavier device. If you want more power you'll have problems dissipating that power.<br />
<br />
Now you spend months and years putting all that together – you choose all the right components and pack them the right way so that your device is powerful enough and small enough and lightweight enough and lasts on one charge enough.<br />
<br />
You're so FUKKEN PROUD of yourself. You hire a ton of marketing specialists who market ur device everywhere talking about its sleek design and its amazing power and lots of irrelevant crap like number of screen colors of a phone and voltage of a power tool, but...<br />
<br />
... your user buys your device for several hundred dollars and has to pack the second battery into a plastic bag to avoid a short circuit ...<br />
<br />
... and all you can do is put a warning into the manual listing all kind of metal and other conductive crap that can cause the short circuit?<br />
<br />
<strike>EXCELLENT</strike> ARE YOU KIDDING ME?<br />
<br />
Here's what to do. Next time you design a battery design a protective cover for the terminals.<br />
<br />
If you design a power tool – that's very easy. The battery typically connects to the tool handle. Clone the part of the handle the battery connects to, then cut off all the extra plastic which forms the tool body, form the rest into a plastic cap. You've got a plastic cap that fits to the battery in the most secure way possible and protects the terminal against short circuit.<br />
<br />
If you design some other kind of device at least provide a tiny plastic box.<br />
<br />
Never ship second batteries without a protective cover. Make protective covers available through your service centers in case your users lose covers – sell them dirt cheap. <br />
<br />
<br />
Now go to your device manual and change the warning to say "dude, hell breaks loose if there's a direct contact between the terminals, to avoid this put the protective cover onto the battery when the battery is not connected to the device or the charger".<br />
<br />
THIS IS SO FUKKEN EASY and IT MAKES A REAL DIFFERENCE<br />
<br />
Bonus points – you have less lawsuits, easier public relations and maybe you can save a bit on marketing your device. Less risk of short circuit sounds FUKKEN GOOD...<br />
<br />
It's a SAFER DEVICE and everyone likes safer devices. </div>
nomarketingbshttp://www.blogger.com/profile/00321274087596013730noreply@blogger.com0tag:blogger.com,1999:blog-5398659098758993542.post-31692480880642576722012-08-13T06:32:00.001-07:002012-08-13T06:38:52.657-07:00Your Order is One Upselling, Do You Want Hatred With That?<div dir="ltr" style="text-align: left;" trbidi="on">
If you google for <i>upselling</i> you get more than 6 million hits. It's so popular. <br />
<br />
The whole idea is the following. Your business is selling some <i>premium crap</i> and to maximize ur revenues you want to sell tons of that <i>premium crap</i>. One of the techniques is upselling.<br />
<br />
You wait till ur customer decides to buy something and then offer him something extra... or a bigger version of what he want to buy... or both. Like the classic McDonalds "do you want fries with that?".<br />
<br />
Now the upselling proponents say it increases revenue <i>at almost no cost</i>. The proponents explain it this way...<br />
<br />
...some unfortunate dude at McDonalds has already made his mind to get this and that...<br />
<br />
...and they're already in front of the counter spelling their order out...<br />
<br />
...it takes almost no effort for a clerk to ask "do you want fries with that"?<br />
<br />
Like if the dude is an imbecile and kind of forgot to order fries he will spend extra but if he doesn't want fries there's nothing to lose here.<br />
<br />
Kind of a no-brainer. Just ask everyone "do you want X with that?" That's easy, isn't it?<br />
<br />
Now dear upselling proponents...<br />
<br />
STOP RIGHT HERE AND THINK<br />
<br />
This is just annoying. ANNOYING. Go find an online dictionary and look this word up.<br />
<br />
Ur customer wanted a coffee. "Do you want ice-cream with that?" No, F off!!!<br />
<br />
Ur customer has already ordered more than a person can eat per day. "Do you want fries with that?" No, F off!!!<br />
<br />
Ur customer orders a single cheeseburger. "Do you want cola with that?" No, F it, ur customer is not that stupid to not know better if he wanted cola when he came to the counter.<br />
<br />
Do you really think that a person will go to the counter to order a single cheeseburger and not order cola if he really wants one? Really? Is he that stupid?<br />
<br />
Yes, sometimes upselling may be a good idea, but don't just try to upsell anything to anyone.<br />
<br />
Otherwise it's ANNOYING and now that you've looked up this word there's one more for you -<br />
<br />
...that second word is HATRED. When you do something ANNOYING over and over again that triggers HATRED...<br />
<br />
...and that's not some generic untargeted HATRED, but HATRED towards ur business.<br />
<br />
Do you want customers to experience HATRED towards ur business? Do you want to spend a fortune on advertising and then trigger HATRED by clueless use of upselling?<br />
<br />
The proponents of upselling measure the revenues and then conclude that using "do you want X with that" upselling leads to some percents of revenues increase.<br />
<br />
Excellent.<br />
<br />
Now did they measure the extra time people have to wait in the line behind the dude who is being upsold to?<br />
<br />
It's that easy. You're the fourth in line at McDonalds. The dude at the counter orders a single cheeseburger and the clerk tries to upsell a cola to him, the dude refuses. You have to wait extra five seconds in the F***ng line. Now the next in line dude comes to the counter and the clerk tries to upsell to him. And then the next dude. And then it's ur turn to waste time on upselling.<br />
<br />
How do you feel about that? You've just wasted 20 seconds on upselling. Excellent investment. Come tomorrow for more.<br />
<br />
Did the upselling proponents measure this waste of time and HATRED it induces? <br />
<br />
Do you still think upselling has <i>almost no cost</i>? Do you want upselling with that?</div>
nomarketingbshttp://www.blogger.com/profile/00321274087596013730noreply@blogger.com0tag:blogger.com,1999:blog-5398659098758993542.post-37329065141519419552012-07-27T06:59:00.000-07:002012-07-27T06:59:03.948-07:00Raspberry Pi is NOT a credit card sized computer<div dir="ltr" style="text-align: left;" trbidi="on">
Raspberry Pi... A small rather cheap and rather powerful computer. No problems with that.<br />
<br />
What about marketing?<br />
<br />
You see, it is marketed as being a <i>credit card sized computer</i>. Well, let's see...<br />
<br />
A credit card size is 85.60 × 53.98 mm and Raspberry Pi size is... 85.60 × 53.98 mm<br /><br />EXCELLENT!!!<br />
<br />
Yet a credit card is 0.76 millimeters thick (there's an international standard for that) but Raspberry Pi is 17 millimeters thick.<br />
<br />
Now grab a calculator and ensure that 17 millimeters is something like 22,37 times more than credit card permitted thickness. This kind of means that you need at least 22 credit cards to occupy the volume Raspberry Pi occupies (and to make any credit counselor seriously worried).<br />
<br />
Don't believe that? Okay, follow this plan: get Raspberry Pi, get to the nearest ATM and try to insert Raspberry Pi into ATM card slot.<br />
<br />
IT WON'T FIT IN THERE<br />
<br />
It's not credit card sized, it's size of a cigarettes pack, but that's not so good for marketing.<br />
<br />
This also explains why "electric imp" module being packed into an SD card is so cool. Although you likely won't really need to use it in the form of an SD card you can be damn sure that it fits into SD card dimensions and you don't need 7,98 times more height than an SD card would occupy.</div>nomarketingbshttp://www.blogger.com/profile/00321274087596013730noreply@blogger.com0tag:blogger.com,1999:blog-5398659098758993542.post-25720574489999588422012-03-19T23:40:00.002-07:002012-03-20T11:24:23.929-07:00Static Analysis is Not to be Offered Through Fear<div dir="ltr" style="text-align: left;" trbidi="on"><div class="separator" style="clear: both; text-align: center;"></div><div class="separator" style="clear: both; text-align: center;"></div>Recently I was wasting time watching stuff on YouTube and at some moment I thought that static analysis tool vendors might have some marketing materials there.<br />
<br />
Turns out, they do. Here's a neat "BUY IT OR UR SCREWED" video from Coverity dudes:<br />
<div class="separator" style="clear: both; text-align: center;"><iframe allowfullscreen='allowfullscreen' webkitallowfullscreen='webkitallowfullscreen' mozallowfullscreen='mozallowfullscreen' width='320' height='266' src='https://www.youtube.com/embed/RTyux3AYu0o?feature=player_embedded' frameborder='0'></iframe></div><br />
WOW! SCARY!<br />
<br />
The irony is I'm rather old and I have very good memory. I watched the above video and I got sure I've seen something like that before.<br />
<br />
But where?<br />
<br />
Who might use these "use it or ur screwed" tactics so persistently that it got imprinted in my brain and I now remember it?<br />
<br />
Here they are: the toilet cleaning chemicals.<br />
<br />
<div class="separator" style="clear: both; text-align: center;"><object class="BLOGGER-youtube-video" classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0" data-thumbnail-src="http://2.gvt0.com/vi/7j_TKVz1oxY/0.jpg" height="266" width="320"><param name="movie" value="http://www.youtube.com/v/7j_TKVz1oxY&fs=1&source=uds" /><param name="bgcolor" value="#FFFFFF" /><embed width="320" height="266" src="http://www.youtube.com/v/7j_TKVz1oxY&fs=1&source=uds" type="application/x-shockwave-flash"></embed></object></div><br />
WOW UR TOILET IS FULL OF GERMS USE OUR CHEMICAL OR UR SCREWED<br />
<br />
What can I say?<br />
<br />
Dear Coverity dudes! It's gonna be okay, just don't lick ur toilet.</div>nomarketingbshttp://www.blogger.com/profile/00321274087596013730noreply@blogger.com0tag:blogger.com,1999:blog-5398659098758993542.post-30698733969644895592012-02-27T23:02:00.001-08:002012-03-01T02:02:23.833-08:00How to Not Present Static Analysis Results<div dir="ltr" style="text-align: left;" trbidi="on">Aside of sad fact that it's impossible to try Coverity without first getting the Seal Of Coverity Sales Force Approval the next big difference between Coverity and PVS-Studio anyone can see is...<br />
<br />
TEH MARKETING MATERIALS<br />
<br />
<span style="font-size: large;">How This Could be Done</span><br />
<br />
Let's look at a typical PVS-Studio scan report. <a href="http://www.viva64.com/en/b/0133/">This one</a> happened to get right in my way and so I link to it here.<br />
<br />
A misprint... Yes, I see. Risk of array overrun... I see. Several more subtle defects.. I see. No freaking idea how those defects affect the program functioning, but they are presented quite well and are easily assessible by anyone who is willing to pay attention to them.<br />
<br />
One might wonder <i>how the program could run with those horrible defects</i>.<br />
<br />
This is quite simple. Defects that actually manifest themselves have been identified earlier using other methods – plain old debugging, unit tests, peer review, whatever else. All the rest requires some effort to get exposed. That might be some unusual dataset. That might be some unusual sequence of user actions. That might be some unusual error indication. That can be upgrading a compiler or a C++ runtime.<br />
<br />
Defects are defects. <i>You can't lie to the compiler</i> they say, but <b><i>not all defects are created equal</i></b>. Those subtle things will sit in the codebase for years and then all of a sudden someone runs PVS-Studio on the codebase and <i>WOW WHAT A HANDFUL OF HORRIBBLE BUGS ZOMG ELEVENELEVEN!!!</i> they will think.<br />
<br />
So a scan report alone is worth nothing – it still takes a developer who is familiar with the codebase to assess and possibly address each reported defect. PVS-Studio scan report does exactly the right thing – it presents defects one by one together with <i>some</i> analysis, nothing more.<br />
<br />
<span style="font-size: large;">How This Should Not Be Done</span><br />
<br />
Now look at Coverity marketing materials. You will have a very hard time to find a scan report like the one linked to above with Coverity scan results. Yet once in a while Coverity dudes will issue an Integrity Report.<br />
<br />
An Integrity Report is a very enthusiastic document containing such words as <i>mission</i>, <i>seamlessly</i> and <i>focused on innovation</i>. Not bad as a starter – at least presence of those keywords identifies clearly that there's too much marketing in the first three pages.<br />
<br />
Moving on to Table A... Oh, this table shows a <i>distribution</i> of project sizes. Using the word <i>distribution</i> somehow implies that the data gathered has some statistical significance and so <i>deserves extra trust</i>. Well, with 45 projects total trying to build a chart and call it a <i>distribution</i> is very silly. You see, they had TWO projects with more that 7 million lines of code. That's unbelievable, I'm breathless.<br />
<br />
All the rest of the Report is also full of similar completely meaningless tables. Yes, it is cool you found 9,7654 defects per square foot of some project. But until you let me try your program – I don't care, those figures don't matter any more than a 132 percent efficiency claim (<a href="http://www.joelonsoftware.com/items/2006/11/10b.html">the post is five years old, yet still relevant</a>).<br />
<br />
Fast forward to Appendix A. Tables 2 and 3 summarize defects but assigning each a category and and impact. Let's see...<br />
<br />
<i>Control flow issues</i>. What's that? Is it when I forget to put a "break;" at the end of a "case" in a "switch" statement? So you say it has medium impact... Okay. What about "main()" returning immediately? That's a control flow issue as well and don't tell me it has medium impact. Not all control flow issues are created equal.<br />
<br />
<i>Null pointer dereferences</i> have medium impact, don't they? Sure, my code defererences null pointers here and there and each time that happens users get a candy. Perhaps the Report authors meant potential null pointer dereferences which is a situation where code dereferences a pointer without first checking that it is not null. Good news is checking a pointer each time before it is dereferenced clutters code big time. Again, not all null pointer dereferences are created equal.<br />
<br />
<i>Error handling issues</i> have medium impact. What is that? Is that checking for error codes of Win32 API functions? Sure, any time a program wants to open a file without validating whether the attempt to do so failed and just proceeds reading it's almost no big deal for the user. No access to the folder? We'll pretend we've saved the file. Whatever. Not all error handling issues are created equal.<br />
<br />
<i>Integer handling issues</i> have medium impact. Sure, overflowing an integer while computing a memory allocation size is no big deal. Just allocate whatever amount it happens to be and pretend it's the right size. Not all integer handling issues are created equal.<br />
<br />
<i>Insecure data handling</i> has medium impact. What's that? No freaking idea, but I something tells me not all cases of insecure data handling are created equal.<br />
<br />
<i>Incorrect expression</i> – medium impact. Sure, misplace braces wherever you want, no big deal.<br />
<br />
<i>Concurrent access violations</i> – medium impact. You just spend the rest of your life debugging them, no big deal.<br />
<br />
<i>API usage errors</i> – medium impact. Your code erroneously forgets to specify the path and that causes entire contents of Windows\System32 be deleted. No big deal.<br />
<br />
<i>Program hangs</i> – medium impact. The program hangs only when being run on a computer outside a Windows NT domain. You run it just fine inside your corporate network, then go to a trade show and it stops working, your laptop turns into a thousand dollar space heater with a screen. No big deal.<br />
<br />
Why is no category assigned low impact I wonder? Is it because authors didn't dare call a software defect having low impact just because of belonging to some category?<br />
<br />
This doesn't work. You can't throw several thousand defects into several categories and then assign each category an impact level. This is just <i>impossible</i>. If you're a software developer you must realise that beyond the shadow of a doubt, otherwise just quit your job immediately and go to the nearest McDonalds outlet – they have a "help needed" sign waiting for you.<br />
<br />
The whole Integrity Report is just a big mess of numbers and diagrams. It's usability is not even zero – it is negative. The report scares the hell out of anyone who is concerned about software quality and stops there.<br />
<br />
<span style="font-size: large;">The Outcome</span><br />
<br />
So what's the difference between PVS-Studio marketing materials and Coverity marketing materials? The former present <i>facts that one can </i><i>interpret and </i><i>verify</i>. The latter just try to scare by <i>summarizing and no chances for verification</i>.<br />
<br />
Because not everyone deserves a free Coverity trial.</div>nomarketingbshttp://www.blogger.com/profile/00321274087596013730noreply@blogger.com0tag:blogger.com,1999:blog-5398659098758993542.post-47074056382091224892012-01-04T09:05:00.000-08:002012-01-09T22:21:39.055-08:00PVS-Studio – the Greatest Trial of the 21st Century<div dir="ltr" style="text-align: left;" trbidi="on"><span style="font-size: large;">T</span><span style="font-size: large;">he Installation</span><br />
<br />
John Carmack says, <i>Visual C++ developers should try PVS-Studio – painless demo download</i>. Yes, the demo download is indeed painless and clicking through makes the program just install. Well, not exactly – first you have to close all instances of Visual Studio you have running, but then it's a simple click-through. And then you get the reduced functionality.<br />
<br />
<span style="font-size: large;">The Trial Limitations </span><br />
<br />
The functionality is not reduced as in “only the first episode of Quake until you pay, Sir”, it is done in much more clever way – instead the analyzer output is slightly garbled.<br />
<br />
While the analyzer scans through code it emits messages like “in file X.cpp on line Y there's this odd thing”. Some messages will look like that, but some will read “file X.cpp [AND I WON'T TELL YOU WHICH LINE – TRIAL RESTRICTION]” which looks kind of silly but is in fact a very good greediness-usability tradeoff.<br />
<br />
Later versions added a bonus layer of greediness – messages that do contain the line numbers ungarbled can be double-clicked and that will open the problematic file in the VS IDE editor and scroll right to problematic line. Now with an extra layer of greediness once you double-click you're presented a modal dialog with a progress bar that runs for about 15 seconds and until it finishes you're not allowed to the code.<br />
<br />
That's a very cleverly engineered greediness-usability tradeoff. You can't ask 3,5K euros for a piece of software without showing it first and you can't allow a full-blown version to be used right off the shelf without a proof of purchase. With these limitations the program is still mostly usable, but its commercial use is effectively prevented. Think how you run analysis during a daily build and it says you have “a problem in file X.cpp at [DON'T TELL YOU WHICH LINE]” and you need to hire Hercule Poirot just to deduce where the warning belongs to because the file is 3 thousand lines long and you even don't know whether the warning reports an actual problem.<br />
<br />
Now we get to actual (trial) use.<br />
<br />
<span style="font-size: large;">The Good</span><br />
<br />
First of all, the amount of really weird subtle stuff the program can find <i>in real code</i> is amazing.<br />
<br />
It will look through a mumbo-jumbo of some bitwise “or” of a dozen Win32 API flags and note that SHITTY_FLAG_PROHIBIT_DIRECTORIES is used twice in that bitwise “or”. That's not a kind of a problem a human can reliably find, but software does that just fine.<br />
<br />
It will look at some very old code and see that you try to “delete” a smart pointer. Who would “delete” a smart pointer in the first place? Well, your code will, because that was a raw pointer before refactoring and <b><i>all but one</i></b> occurrence were edited during refactoring and the problem wouldn't manifest itself because that code actually ran once a year when a runtime error occurred during a full moon and when that unlikely combination of event took place the program would crash nastily but an affected user wouldn't be able to reliably reproduce it and so wouldn't be able to file a useful report but remembered that <i>ur program crashed on him a couple of times</i>.<br />
<br />
It will note that you have two enumerations and a <i>switch</i> where the expression to switch on is using members of one enumeration but the values in <i>case</i> labels are from the other enumeration. That code would work for years until you altered one enumeration but failed to alter the other.<br />
<br />
It will find numerous other very weird pieces of code that are completely legal C++, but for whatever reason don't make sense and often constitute and error. Look into “General Analysis” section in the online manual – the list is pretty impressive and most of those problems will indeed reside and stay dormant in commercial software that has been shipped for years.<br />
<br />
Once analysis is complete it's not uncommon to think “How the F would this program be shipped with that many defects?” <br />
<br />
The authors will often present such examples and use them as proof of the tool being <i><b>essential</b></i> as they claim is <i><b>finds crap in code at very low cost</b></i>. This is a very bold claim and needs careful verification.<br />
<br />
Have you noted that this post has been very excited and optimistic so far? Well, let's go to the dark side.<br />
<br />
<span style="font-size: large;">And Then It Goes Wrong</span><br />
<br />
The key to any automated analysis tool is that it should fail as little as possible. This means exactly the following. Suppose the program can detect cases where you have a long bitwise “or” and two components of that “or” are the same.<br />
<br />
The program<br />
<br />
1. should emit a relevant warning for every occurrence of such case and<br />
2. it should not emit that warning anywhere else.<br />
<br />
The truth is <i><b>PVS-Studio </b><b>is a program</b></i> and like every usable program it contains its fare share of bugs. Yes, <i><b>the program for finding bugs can and often will contain bugs</b></i>.<br />
<br />
A short digression needed here. Compilers also contain bugs (an lost of and they are nasty) and that leads to compilation unexpectedly failing or the emitted program code behaving not conforming to the language Standard. If you don't realize that – get out of the industry and go to a local McDonalds outlet right now – they often have “help needed” signs on display. Digression ends here.<br />
<br />
So PVS-Studio contains bugs. Those bugs sometimes lead to warnings not being emitted. Like<br />
<br />
1. you debug or review your program for an hour and<br />
2. see that there's a bug caused by a situation PVS-Studio documentation lists a warning for but<br />
3. PVS-Studio will not emit a warning when presented that code.<br />
<br />
That's real world where all programs have bugs.<br />
<br />
This area (no warning where a warning should be) is quite problematic – to estimate how many warnings PVS-Studio fails to emit one would have to somehow analyze the code himself and that's incredibly time-consuming and sometimes just impossible for any large codebase.<br />
<br />
Again, the authors are not to be blamed here. They fix many bugs being reported right away and all users (trial users included) need to report those bugs promptly.<br />
<br />
Currently the weakest link is that templates are not fully supported, so warnings are not always emitted for suspicious pieces of code if those pieces are inside a template. This is not a minor problem.<br />
<br />
Non-templated code is final – you can gather a dozen senior dev wise owls and together read through the code and conclude that it is okay. Templated code is not final – it is not actual code until you fully parameterize it. And btw templates can be parameterized with other templates. So you can have a five-layer templated apple pie (like a vector (template class) storing some smart pointers (also template class) and using some custom allocator (also template class) with something else templated as well) and some really problematic joint between the layers that could lead to a singularity developing into a black hole – very hard to diagnose with wise owls, this is where an automated tool would be of great help. So not having full templates support is not a minor problem at all.<br />
<br />
Also bugs in PVS-Studio will sometimes lead to a warning being emitted where there's no problem even formally – the program will look at something and say “you have function parameter passed by copy” where the parameter is in fact passed by reference or something equally irrelevant. Such bugs are usually fixed by the authors very fast and users should of course report such bugs promptly. This happens quite rarely and is not that of a problem.<br />
<br />
<span style="font-size: large;">And Then No-one Knows Whether It Went Wrong</span><br />
<br />
And finally after “warning not emitted where they should be” and “warning emitted where it definitely shouldn't be” there's a giant grey area where code <i>looks suspicious</i> and it's impossible to say whether it contains a problem without further analysis. For example, 4 is number of bytes in a 32-bit “int” and 32 is number of bits in a 32-bit “int” type. So when you use either of the numbers it <i>might be</i> that you manipulate a 32-bit number byte-wise or bit-wise and then your code is unportable – technically it's impossible to know unless you analyze the surrounding code.<br />
<br />
Such grey area warnings are emitted very often for different portability cases (the “Viva64” warnings group). The program definitely can do much better.<br />
<br />
For example, there will be a <i>switch </i>with different numbers being returned from different <i>case</i> labels – that can be used for computing some weight coefficients for each element depending on the element's state. Like “for new elements return 1, for partially prepared return 2, for super prepared return 3, etc.” Now if there're numbers 4 and 32 in that sequence – a warning is emitted about “dangerous magic number used”.<br />
<br />
Wow, The Mighty Program, surely when numbers 1 through 32 are used<i><b> in a uniform way</b></i> only numbers 4 and 32 are dangerous and can be used by Chuck Norris only, but other numbers are not dangerous and can be used by anyone. People only get screwed by abusing 4 and 32 and never by abusing 13765 – Oprah tells that in every show.<br />
<br />
This can be improved – the program could identify this and other reasonable use-cases and not emit a warning for them. This is only one example, but there're many of those and they all can be improved. The program contains <i>a really impressive copy-paste detection technology</i> and this technology can be used to detect legitimate cases in the grey area.<br />
<br />
To be fair, PVS-Studio has a not that high rate of false warnings – try Visual C++ /analyze that emits a warning separately for each time a header is included into the translation unit – that's what's called “barely usable”. Of course, comparing well to a <i>nearly impossible to use tool</i> doesn't automatically make PVS-Studio brilliant – both have to improve.<br />
<br />
<span style="font-size: large;">And the Evil Warnings Suppression</span> <br />
<br />
You'd perhaps object that those grey area warnings are inevitable and that's what <i>warning suppression</i> is for. If you <i>really believe in that</i> – the nearest McDonalds outlet is preparing a “help needed” sign for you right now.<br />
<br />
I should have regressed to ALL CAPS here, because it's the single most important thing in the whole post.<br />
<br />
<i><b>Warning suppression is to be used as the last resort only, not as a casual thing. The reason is it damages your code.</b></i><br />
<br />
Suppose you have an imaginary warning V999 emitted on some line where there's actually no problem and you decide to suppress it. You have to add a “//-V999” comment on that line. Done.<br />
<br />
<i><b>Now you're screwed.</b></i><br />
<br />
Whenever you put a “//-V999” warning suppression comment onto a line of code that V999 warning is no longer emitted on that line <i><b>no matter what</b></i>. Sooo....<br />
<br />
Each time you edit that line of code you have to reevaluate whether the same warning is not emitted for some other reason. You have to drop the comment, re-verify the code, likely put the comment back. Good luck if you have more than one warning emitted on the same line. You won't die, but your life is no luxury anymore.<br />
<br />
This means that <i><b>you have to document precisely what the warning was about</b></i>. Otherwise with the next analyzer upgrade it may happen that the warning is no longer emitted for the original code subpiece (“warning where everything is okay” type fixed in the analyzer), but is now emitted for some other unrelated problem (remember, weird stuff hides in codebases for ages). If you just look and ensure that “okay, only V999 is emitted as before” and place the comment back you effectively suppress <i>another occurrence of the warning. </i>Good luck with that too. Again you won't die. Or maybe you will.<br />
<br />
And of course if there's a line that contain a problematic thing that should be diagnosed with V999 and also a thing that triggered V999 where the code was okay and you suppressed V999 for that line and now the analyzer improved and can detect V999 where it should there still be no warning.<br />
<br />
So effectively you have to <i><b>reevaluate all suppressed warnings after each analyzer upgrade</b></i> so that you don't miss that <i>billion dollars bug</i> being reported.<br />
<br />
That's all for the technical part. The program is indeed very technically advanced – it detects really stupid things in real code where you least expected them – both in junior developers crappy code and in senior developers well-tested and long-shipping code. As Carmack says, <i>you will find bugs</i>.<br />
<br />
<span style="font-size: large;">Finally Computers Do What They Are Good At</span><br />
<br />
<span style="font-size: small;">It's worth noting that a lot of </span>defects in almost every real codebase is due to copy-paste. The same operand used twice alongside and operation in a long expression. The same code in both “if” and “else”. Different functions implemented identically. This actually happens in actual code shipping for years.<br />
<br />
Detecting such stuff is what computers <i>can be</i> very good at. “Dumb” robots just browse code and find patterns very reliably (unless there's a bug – see above) – not something a human can do at reasonable speed and with reasonable reliability.<br />
<br />
This reminds of good old days if Windows 95.<br />
<br />
If you're old enough to actually have used floppy disks (rectangular things storing 1.44 decimal megabytes) you might have also heard of ancient people using modems for connecting their computers to the internet (btw back then it was considered right to start the word “internet” with capital “I”). So Windows 95 contained an API and a minimalistic interface for that – you had to enter the ISP modem pool phone number, the username, the password, click “Connect” and wait a bit.<br />
<br />
And then... If there was someone talking over the same line (typical if you share the place to live) or if the was no dial tone (typical on rather old phone lines) or if the ISP number was busy (typical on peak load hours) you would be display an error message and the connection would fail. And if a connection was established and then closed for whatever reason then again an error message would be displayed right in your face.<br />
<br />
And the minimalistic interface would not make a slightest move to do something. A human would just re-dial, but the program showed the error message and stopped.<br />
<br />
This could not last long. Numerous programs replacing that interface and reusing the built-in API emerged. They would (optionally) re-dial if the line was busy, they would (optionally) re-dial if the connection was lost, they would try several numbers in turn (the original UI would only have a place for one number). The world was saved.<br />
<br />
Why is this long story here? Just because PVS-Studio is not an example of software designed by a brain-dead person as the one described right above. It uses the computer power for searching and pinpointing crap in code, not for making people feel miserable by displaying endless modal error messages. The technology is finally applied right. That's the most important achievement of the authors. <br />
<br />
<span style="font-size: large;">TL;DR; Do I License It Yet?</span><br />
<br />
Now we go to the business applicability part. The truth is PVS-Studio will not find a gazillion of bugs and that might even disappoint you. Don't get in despair too fast.<br />
<br />
Also don't fall prey to the multiplication trick. People will say something like this.<br />
<br />
<i>“</i><i>Suppose one bug discovered by static analysis would cost you X money if it got to the customers, so it takes N such bugs for the duration of the license for it to pay off and after that it even makes you more efficient.”</i><i></i><br />
<br />
Number X is usually quite high and number N is usually quite low, so licensing a static analysis tool looks like a no-brainer.<br />
<br />
Hold on.<br />
<br />
<span style="font-size: large;">Brief Trial is a Failed Trial</span> <br />
<br />
Try the tool thoroughly (something like analyze a million lines of code over the course of a month at very slow pace – a small portion like 50K lines of code at a time). Estimate each warning to find whether that warning reports a bug and then <i><b>estimate what it takes to trigger that bug</b></i> – the amount of bugs that are indeed ever triggered is very low – something like no more than five bugs for a million lines of code <b><i>unless your code is really crappy</i></b>. Most of the bugs reported by the program will not manifest themselves in code that has been shipping for as long as three years to hundreds thousands of users and has been used to process millions of input datasets.<br />
Meahwhile the same codebase would contain a much higher ratio of other problems that automatic analysis will hardly diagnose in ten years from now but that would be triggerable and would cause real problems to real users.<br />
<br />
So do you have to license a tool that<br />
1. costs a fortune<br />
2. doesn't find each occurrence of a situation it claims to find<br />
3. reports a lot of warnings that need further analysis<br />
4. requires lots of discipline and very developed technical culture?<br />
<br />
You have to decide this for yourself. That's what the trial is for.<br />
<br />
There's no silver bullet. It's not like you license the program and now magically your code is free of bugs. No. The tool will sometimes spot some problematic code and <i>someone in your team will have to deal with that</i> – maybe fix the code, maybe suppress the warning, maybe write a bug report to the analyzer authors.<br />
<br />
<span style="font-size: large;">Brushing Teeth Twice a Day Sums up to a lot of Time</span> <br />
<br />
An inverse of the multiplication trick is the <i><b>continuous integration trick</b></i>. To make the most use of the tool you have to use it at all times, not just twice a year.<br />
<br />
The program even contains an “incremental analysis” option that runs analysis of modified files after each compilation so that defects are reported as early as possible. This is just great – the defects no longer slip even into the daily build. This also means they are not counted – how would one file a defect report for a piece of code that was fixed even before being committed to version control? This improvement is great by itself, but it's very hard to count how efficient it is and so it also prevents making a fact-based decision of whether the tool is worth the money.<br />
<br />
Of course, continuous integration also means that you have to address all the new warnings reported by the tool every build, not twice a year. That's the other side of continuous.<br />
<br />
The deeper the analysis goes the more easy it is to dismiss such an expensive tool. Yes, the tool finds crap really well. It is just <i><b>not enough data to reliably back the claim that the tool indeed finds crap at very low cost</b></i>.<br />
<br />
The best way to think of static code analysis is to compare it to version control. Version control won't work immediately after you install it – you have to teach people how to use is, when to commit and what to commit and how to describe commits and how to properly tag and branch and merge, and once all that is set up, your workflow improves, but <i><b>estimating how much more efficient you became is not that easy</b></i>.<br />
<br />
Granted there're high quality version control systems under free licenses – not so for static code analysis.<br />
<br />
<span style="font-size: large;">The Outcome</span><br />
<br />
So once again.<br />
<br />
The program is just great and will likely become even better as development progresses.<br />
<br />
The same program is not oxygen and neither it is water. You decide whether it is actually useful for your business workflow and whether it is worth time and money.</div>nomarketingbshttp://www.blogger.com/profile/00321274087596013730noreply@blogger.com0tag:blogger.com,1999:blog-5398659098758993542.post-80402988770344042092011-09-13T03:58:00.000-07:002011-09-14T06:07:03.629-07:00"Already listening" when calling RpcServerListen for the first time<div dir="ltr" style="text-align: left;" trbidi="on">This behavior was observed Windows Server 2003 SP2 32-bit and Windows Server 2003 R2 Standard x64 Edition SP2.<br />
<br />
A 32-bit Visual C++ program would start and then call RpcServerUseProtseqEp() which succeeded, then RpcServerRegisterIf() which also succeeded, then RpcServerListen(). The latter was called only once during the program runtime. Most of the times RpcServerListen() succeeded but once in a while RpcServerListen() returned RPC_S_ALREADY_LISTENING error code.<br />
<br />
Furthermore it was noted that the program would consistently work okay when run under an ordinary domain user account and would consistently fail as described above when run under "Local system" built-in account. That was in a corporate network where only domain users were granted access to the Internet.<br />
<br />
Microsoft Professional Support helped with this.<br />
<br />
Turned out that before calling RpcServerListen() the program would also load a bunch of third-party DLLs for image processing. One of those DLLs would depend on wmphoto.dll - an image codec shipped with Windows. When wmphoto.dll was loaded Windows would try to validate a certificate of wmphoto.dll. To do that it would attempt a network access to one of Microsoft sites via RPC.<br />
<br />
That RPC access would fail in the middle under "Local system" account (because the corporate firewall would not allow Internet access to a program not under a domain user account). That would leave RPC runtime in inconsistent state so that further calls to RpcServerListen() would fail with RPC_S_ALREADY_LISTENING.<br />
<br />
If validation was done under a domain user account it would pass and RPC runtime would be left in consistent state and further calls to RpcServerListen() would succeed.<br />
<br />
So basically<br />
1. Windows tried to call hookers<br />
2. calling hookers was not allowed without being this tall and married<br />
3. Windows failed to hang up properly and that left RPC runtime in inconsistent state.<br />
<br />
There're two ways of dealing with this.<br />
<br />
Way 1 - treat RPC_S_ALREADY_LISTENING as "success". That's kind of risky - it broke for a weird reason so counting on this exact behavior can backfire.<br />
<br />
Way 2 - use auto-listen interfaces by passing RPC_IF_AUTOLISTEN flag into RpcServerRegisterIfEx() and get rid of StartListening() and friends. That's the recommended way.<br />
<br />
<br />
</div>nomarketingbshttp://www.blogger.com/profile/00321274087596013730noreply@blogger.com0