My take on Android

On this blue moon night, I’ll talk about the Android OS, it’s ecosystem and anything that crosses my mind. Now, before I start, I would like to mention that I love android and have only ever owned Android phones. I also develop for Android and have been for the past couple of years. Anything and everything I’m about to write is my opinion based on my own experience as a user and a developer and you don’t need to agree or disagree with it.

Android

Android is a marvel of engineering of the modern world. Almost everywhere you look, you can find an android powered device be it a smartphone or tablet or watch or TV. The android platform and technology is integrated into our lives. The immense success of android is attributed to it’s open source nature. The entire android OS is open source and runs on Linux, which is also open source. Any random guy can develop a phone and adapt android to run on it. It’s been a few years since it’s conception and has since captured the market and hearts of it’s users. Android has replaced most, if not all, of the legacy OS that were available in the past. Most notably, Symbian by Nokia and the BlackBerry OS. Android has gained it’s popularity by allowing a wide variety of phone manufacturers to modify the OS to their requirements.

In the present market, we can find android phones from dozens of manufactures, featuring a variety of features and specifications. Phones range from budget phones to high end devices with tons of memory and computing power. And, I expect android to only increase in popularity in the foreseeable future.

Android Devices

In the past, when android first started appearing in the market, devices were pretty simple. My very first phone had 512 MB of RAM and a single core processor from Qualcomm. Now, I own a phone with 2 GB of RAM and a quad core processor. Over the years, manufacturers have added tons of RAM and computing capacity to their devices to appeal to their customers. But, in my opinion, a phone does not need 8 GB of RAM and an octa core processor. My laptop has 16 GB of RAM and a quad core processor. The tools I need to get my job done requires tons of RAM and computing power to run. A phone simply does not need to, or rather, can not run anything that would be able to utilize the resources that manufacturers are putting in their phones these days.

Most phones only need to run a few applications and even those don’t need tons of resources to get the job done. Say for instance, on my laptop, I run high resource utilization tools like Eclipse, VirtualBox and other stuff. Other people at my office run photo and video editing suites on their laptop with barely 4 GB of RAM and a dual or quad core processor. And, here’s the thing, a phone cannot possibly run a virtualization stack or a photo editing suite like Photoshop; so, packing 8 GB of RAM and an octa core processor into a phone makes no sense whatsoever. A phone can barely use 2 GB of RAM during normal operations. Putting more resources than can be used is simply a waste of resources that could have been used elsewhere.

Android Technicalities

The android OS is open source and runs on the Linux kernel. The linux kernel made it possible to run android on a wide range of hardware. Most android phones run on some variant of the ARM processor. A small portion of android phones run on the x86 processor. Some phones even contain MIPS processor. Android is able to run on all these varying platform because linux is available for all of these platforms. Since android is designed to run on varying hardware, the creators of android needed a way to make sure that applications can run regardless of the processor. Thus, android programming is done using JAVA. A compiled android application contains JAVA Byte Code that is interpreted by the Dalvik VM or the ART when run.

Using Java to program android enabled developers to forget about the processor their application is going to run on and concentrate on actually developing the application. It’s also a necessity since android is designed to be run on as many devices as possible and all. Making android use java and be cross platform means that the job of worrying about processors and stuff have been moved from the application developer to the hardware manufacturer.

But, there’s a problem with this design choice of the android OS. Using Java means that there is a layer between the application and the hardware. This layer is a source of performance degradation. If I write a piece of code in a native language such as C or C++ or anything, it runs directly on the processor. However, java requires a JVM to run. Thus, the processor runs the JVM which in turn runs the Java code. And no matter how much the JVM tries, it can never match the processor in terms of performance. This is the entire reason that android seems slower and uses more resources to get the same thing done than, say, iOS.

iOS uses the Swift programming language at present. The code is compiled into machine code that executes directly on the processor. This is the entire reason that an iPhone can do the same thing an android can with less resources. JVM brings with it not only a layer of indirection over the processor, it must also perform critical bookkeeping operations that takes up memory and computing resources. If android applications were built and compiled to native code, it would have taken away this layer that serves as a performance reducer. But, this would also bring with it one of the two:

  1. Lock the android system into using a single type of processor. Thereby reducing it’s uptake by manufacturers.
  2. Force the application developer to release multiple copies of the same application for different hardware platforms.

The 2nd option is favored by developers at present. Some applications include a bit of native code to get the job done. Applications like Whatsapp contain a bit of code written in C to get that extra performance when doing computing intensive operations. One way to include native code into applications is by including copies of the code compiled for every possible processor into the application. But, in this case, the application would become extremely large.

Say I have a code that’s 1 MB in size. I compile it for 8 different processors, this makes my application 8 MB larger than if I only compile for a single processor. But if I compile for only one processor, I cannot run it on any other processor. One way to overcome this problem is by using app marketplace that can detect and provide the correct version of the application. I can produce 8 different versions of my application, each containing code compiled for one of the 8 different processors and upload it to a platform that can detect the processor and provide the correct version.

The Google Play Store is capable of detecting and providing the proper version to the user. The user would never notice the difference in the application from one platform to the next. As a developer, I would be more than happy to compile and upload different versions for different platforms if the app store is capable of providing the correct version to it’s users.

Deciding to use Java in the name of cross platform compatibility was a bad design choice in my opinion. A choice that’s extremely difficult to change at this stage. So, we will continue to have phones that cannot compete with iOS in terms of performance and resources used.

My Conclusion

Although android has it’s fair share of bad design choices, it’s the best thing we have at the moment. Until another OS is developed that can overcome the shortcomings of android, it’s very likely that we’ll continue to have android around. And, as it is, getting a new OS to become popular enough to compete with android is going to be extremely difficult given how big the android ecosystem has become. Another option is to gradually deploy a subsystem that would enable developing native application while keeping the java based subsystem in place for legacy applications. Either way, as users, and developers, we just have to wait and watch the path android takes.

Nothing important

It’s been a while since my last post. I’ve been extremely busy with work and too lazy to write about anything; mostly lazy. It has come to my attention that, while I do have stuff to write about, I don’t have enough time or passion to actually write about anything.

I’ve been busy with a few projects at work. Additionally, I’m in charge of managing the entire technical infrastructure at the company I work for, so that takes up a lot of time outside of work as well. Not to mention the fact that more often than not, my work is delayed by other responsibilities and problems that pop up to make my life difficult.

Anyway, expect to see some posts in the near future, probably. I do have a list of things I want to write about. Maybe one fine day, I’ll decide to write about something here. Keep an eye on this blog just in case.

Copyright Laws

The subject of “Copyright Laws” are a topic of heated discussion in governments and communities since the dawn of time. While I honestly think that copyright laws have good intentions, I believe that they are being abused to make more money for the publishers without any concern for the consumers or a bit of common sense.

The age when copyright laws were conceived was before the digital age. Back in those days, it made sense that I would not like my hard work being copied and me not making some amount of profit from it. But fast forward to today’s digital age and things are a bit different. I’m focusing solely on the copyright of digital things like video games, movies and the like.

While it is true that illegally copying a digital work hurts the developers of said work. I think that they more than make up for it in a few weeks of release of the work. Say that I make a movie by spending 1 million US dollars. When I release it in theaters, I make about 5 million dollars. After a while, I release the DVD edition and make some more money, say about 1 million dollars from the DVD. I think I can afford to have people copying my work after I’ve made 6 times of what I put into it.

Publishers tend to look at copying as someone stealing money from them. But if I copy something, how am I stealing from you when I never gave you the money in the first place. And also, if I copy something, it means that I like it and maybe I’ll be willing to pay for it in the near future. It’s like free advertising just in this case, you’re giving the whole thing for free in order to attract them towards the future works you do.

Take me for example, when I was little, I used to buy games from local shops. At the time I had no idea that they were pirated and the such. But that piracy helped me build an interest in games over the years and now I have a steam account worth a fortune. I even bought old games I liked back in the day just because I think the developers deserve some form of payment for making my life full of fun.

It works in much the same way many people. They may not be willing to pay a large sum up front for something they are unsure of, so they pirate it. Sometimes it’s more of a financial problem, sometimes an availability problem. For instance, Fallout 3 wasn’t released where I live so I had to obtain a pirated copy in order to play. I really liked it so I ordered the DVD when I got the chance to do so even though I completed it long before that.

In the case of any digital work of art, piracy is like free advertising. It brings people closer to the particular series of work and they may be more willing to pay for it in the future. Publishers should not look down upon piracy like they do now. They should be more open to the idea. It’s not like they can completely eradicate it from existence. Piracy will continue whether publishers like it or not. And the amount of money, time and energy put into fighting digital piracy is better put in actual productive work in my opinion.

There’s also the fact that by the time a pirated copy of any digital work is available, the publishers and developers have made more than enough money. Most piracy communities are considerate enough to wait for some time before releasing a pirated version. Even the ones that use pirated copies understand that the developers worked very hard to create something that people like and they should get payment for making people’s lives a little better.

Of course, what I said till now is not completely valid when it comes to productivity and office software. In the case of software, it’s a constant development effort that needs funding to keep going. There’s also the fact that if you’re using such software to make money then you should pay for the software. Using a pirated copy of software, like 3DS Max or Photoshop, is may be acceptable for learning purposes but it’s not acceptable when you’re using it to make money. The developers put a lot of effort into making it and you should pay them back for it. How would you take it if you make something, a useful tool for example, and everyone is using it to make money but you, the author of said tool, is not making a single dollar. If you’re using a piece of software to make money, the developer of that software is entitled to receive compensation for the hard work they put into it. It also allows them to improve the piece of software so you can do more stuff with it.

However, the model that companies use in the case of productivity software also needs a little bit of modification. It’s not a big deal to charge someone for a software if they’re making money by using it. But the same cannot be said for someone learning the software. While some companies like Autodesk and Microsoft have special programs for students, I think the same programs should be applied to anyone willing to learn about the software. In other words, companies should not charge from people not earning money with their software, or, those that are just learning it. Of course, when it comes to non-commercial use, the things do tend to get a lot more complicated but it should be sorted out and software should be made more generally available for use.

So in short, publishers of works like video games and movies should lay off the copyright war and think of piracy as helpful advertising. And, publishers of productivity software should try to be more considerate of people just starting to learn the software. I’m curious to see how long this copyright war continues and who wins, if any side will.

An analysis of MongoDB ransomware

All the recent reports of ransomware targeting MongoDB installations has every system admin worked up over the past couple of weeks. Sure, it’s a disastrous to have someone break into your database server and steal all your data. But maybe, if someone can break into your database server and steal all your data and leave you a note about it, you’re a pretty shitty administrator. You take all the necessary security steps when it comes to securing your box, you disabled password and use a key to login to your server (if you don’t do this, you should consider it, otherwise, you’re an extremely shitty administrator) and all the stuff like that; but the one think you forgot to do was enforce a password on your database server. And to put a cherry on top, you left your server all exposed to the public internet with no IP based access control in place. At this point I must ask, how dumb can you get. If you’re dumb enough to leave a database server on the public internet with no password, then maybe you don’t have what it takes to be an administrator.

One of the first rules of administering a system, one that we learn when starting out on the field, is that you put a password on everything as a first level of defense against attacks. The password is meant to be only a first level because it’s the easiest to crack. If you need to have a database server facing the public internet (which, as a matter of fact, you should not be having), you at least implement an IP based filter to only allow your legitimate servers to connect to your all critical data. That way, one has to first go through the trouble of breaking into your front facing server before they can get to your data. I should point out that, if someone manages to break into your application, there’s not much you can do; and, it’s not your fault if someone compromises the application. It’s the developer’s fault for not fixing a bug like that. And, as a third level of security, you should implement SSL connections between your remote application server and your database server. In an ideal case, an administrator should configure a VPN between the two servers and connect to the database over that so the database is not open to the internet at all.

I should lay out a standard guideline at this point for properly configuring a MongoDB instance (or for that matter, any database server):

  1. Always configure a password
  2. Implement a firewall rule to filter connections based on their origin IP address
  3. Configure SSL connections between your servers
  4. Try to setup a VPN connection between your application and database server. This option may not always be possible, but the above 3 points should be enough to secure a server.

Last but not least, setup an automated backup mechanism. In it’s simplest form, an automated backup can be set up by using mongodump, tar, a simple bash script and cron.

And if you ever find yourself in a situation where your server have been compromised and you don’t have a workable backup, may God have mercy on your soul. Actually, you should burn in hell for what you’ve done.

こんにちわみんな

So I started learning Japanese a while back. I’ve always been into anime and I thought, it’s time I learned some Japanese to enjoy things in their original language and meaning. One thing that I found out immediately was how vast the character set was. I mean, learning just hiragana and katakana isn’t all that difficult. What gets my mind boggled is the amount of characters in the Kanji character set. You seriously want me to remember over 1000 characters when all my life, I’ve been used to expressing myself using just 26 letters. This will be a hell to learn. Not to mention the constant practice required to keep all of them in memory.

Another thing that’s hard to get ones head around is the concept of subject and topic. In English, you only have to deal with a subject and an object. Just placing proper words in the proper positions is enough to explain almost everything, and if you mess up the position of the words, you get a meaningless sentence that you know is wrong. In Japanese however, you have to deal with the concept of subject and topic. The two words seem to mean the same thing from the perspective of an English speaker but actually mean very different things from the perspective of a Japanese speaker. A subject explicitly mentions, well, a subject. When using the subject marker, が, we express something about the subject itself. But when using the topic marker, は(わ), we express that the sentence is somehow related to the topic (noun) but not express something about the topic (noun) itself.

Let’s take an example of the name of the anime “Your lie in April”. In Japanese, it’s written as “4月は君の嘘” (Shigatsu wa Kimi no Uso). Now, we can break the sentence into “4月は” (Shigatsu wa) and “君の嘘” (Kimi no Uso). The second part is pretty easy to understand, “君の嘘” translates to “Your Lie”. But the first part is a little vague if you ask me. “4月は” simply indicates the topic is “April” without providing any explanation of the relation to what comes after it. The “April” bit just hangs there without any apparent reason or meaning to it. Now you may interpret the sentence as “Your lie in April” but nothing is stopping you from interpreting it in a different way either. There’s no relation specified whatsoever between “4月は” and “君の嘘”. If you ask me, this is an extremely large shortcoming of a language.

Another thing that got me worked up is the fact that the same word can sometimes mean different things depending on the content you write it in. For example, the word “かぜ” means both “wind” and “cold”, differentiated only by their Kanji writing. “風” meaning “wind” and “風邪” meaning “cold”. So if I’m to put the word in hiragana in a sentence, there’s no proper way to know if one means “wind” or “cold”. So, in order to differentiate between the meanings, I’m forced to learn the Kanji writings of the two words. English is far easier in this aspect in that there’s two different words have two different spelling and pronunciation.

For a language that’s been around for thousands of years, I expect it to be a little more clear with it’s words and grammar. I do not mean to say that Japanese, as a language, is all bad. I’m just pointing out some of the problems an English speaker may experience while learning the language from the ground up. There are also some good points about Japanese that are lacking in English. The fact that the syllables do not change their pronunciation depending on their placement is a huge blessing. It means that one can pronounce any word if they know the pronunciation of the syllables in the word. English is notorious in this aspect for having different pronunciations of syllables depending on whats at either side of it. Sometimes, the pronunciation you expect is not the correct one and you have to hear it’s pronunciation to know about it.

So in short, no language is perfect and each have it’s own problems when you look at them. But, Japanese is a bit complicated because of it’s heavy use of Kanji character set with its vast number of characters. For an English speaker to be able to get his head around the complex grammar and character set requires a lot of study and practice.

First Post

This is my first blog post. Well, that’s not entirely true, I did have a blog in the past, but let’s leave that in the past. I’ve installed WordPress and looking into how it works. If you’re lucky enough, you might catch a new post from me every once in a while.

I’ll forget that I made this blog in a few days and that will be the end of it. Until I decide to start a blog again some day and find that I already have one.

Hope you have a good day. Not that I really care or anything.