If you aren’t aware of a recent bid by Microsoft to buy Yahoo, this article certainly wasn’t meant for you. However, if you have, you may also know that Microsoft pulled its offer last weekend.

Some speculate that Microsoft will try to install a more take-over friendly board in June. Some speculate that Microsoft is letting Yahoo’ stock fall so they can retry later at a better price.

Both of these are incomplete speculations; after all, if the offer is off the table, how does microsoft install a new board? And how does a dip in yahoo’s stock price help microsoft? After all, if they put the offer back on the table, the stock prices will immediately rise again.

The answer to both of those questions might be the following idea, which so far I haven’t seen on any blogs:

In the movies, the CIA sometimes has ‘front companies’ - companies secretly owned by the CIA through a long line of other front companies and individuals, for business. The idea is not totally unheard of; plenty of corporations are actually conglomerates of hundreds, sometimes even thousands, of smaller (but very real) companies. if you were to map out the ownership of all those subcompanies it would make quite a picture.

Microsoft can have many front companies if it wants. And those front companies can buy yahoo stock. At its current lowered price. Microsoft is also rumoured to be behind SCO’s attack on Linux; its far less of a leap to consider microsoft leaning on friendly companies to buy some yahoo stock as well.

Because at the end of the day, buying yahoo is all about controlling some stock. The more stock microsoft controls (either through front companies or through friends), the less of a percentage of the rest of the yahoo-stock-owning world needs to be convinced that microsoft is the future for Yahoo. The stock holders decide the board. For hostile takeovers, Microsoft needs to control more than 50% of the stock. That’s a lot easier to get to if 25% of all yahoo stock is already under your control.

I’m not streetwise enough in the finance sector to actually figure out if microsoft has front companies and if those are buying yahoo stock right now. However, if you have a vested interest in the Microhoo future, that’s where I’d look to see if Microsoft threw in the towel or if its just switching tactics.

While none of the four starters have iPhones just yet (except for Cristiano apparanty), we do have apple notebooks and we are certainly considering them. Thus, I’ll continue the thread that Cristiano started about the new iPhone SDK, announced recently.

I’m a little bit disappointed that the iPhone SDK does not allow you to write software that runs in the background. Only apple’s own software (such as iTunes, which obviously continues to run even when you are not browsing iTunes on your iPhone) has that privilege. Many words have been written about this limitation. That last link in particular sparked my imagination.

Instead of reflecting on the fairness of the background thing, I thought I’d dive into the kind of application you could write if you could run your iPhone software in the background. A bunch of app ideas after the fold!

(more…)

Just a little something I noticed on apple’s wireless keyboard: The command and option keys, which are duplicated on both sides of the space bar, are symmetrical. There’s actually such a thing as a ‘left command key’ and a ‘right command key’ if you need replacement keys, in other words.

Design is in the details!

Just a quick headsup for those mac users who are not particularly excited about upgrading their OS:

Boatloads of Leopard-only developer environment improvements will likely result in many applications releasing new versions that will no longer work in Tiger (10.4). If you’d like to keep your apps up to date, you’ll have to upgrade to Leopard.

Specifically:

• Objective C 2.0 has been released and it looks like a number of important improvements, such as automatic garbage collection, won’t work under Tiger.

• Core Animation makes it easy to add any number of shiny gimmicks to your app. Core Animation only works on Leopard though.

EDIT: Also check out Matt Gemmell’s partial list of 43 leopard-only development features - use any of those and your application becomes Leopard only.

Personally I wasn’t planning on switching until a suitable version of java 6 is released for OS X Leopard, but possibly I’ll be forced into switching sooner than I planned.

(Of course, Cristiano already switched - that’s his personal copy of Leopard above. He’ll write about his experiences installing Leopard soon.)

If you’ve ever had Economics 101, and even if you haven’t, you’ve probably heard about this ‘puzzle’ of sorts:

You and a stranger are offered 10 dollars. In order to receive it, you must propose a way to divide up this 10 dollars between you and the stranger. If the stranger rejects your division proposal, neither of you gets anything, otherwise it is divided as you directed. You won’t meet this stranger again and this game is only played once. What division do you propose?

Economists use this to explain the concept of economic rationality. Rationally speaking, the economically correct division is 9.99 for you, and 0.01 for the stranger. The stranger, if economically rational, will accept, because 1 cent is more than 0 cents. And thus, as you are also economically rational, you want to maximize your gains, so that’s what you propose.

These same economists will call Radiohead’s offering of their new album, In Rainbows, for ‘free’ (pay whatever you think it’s worth, including nothing), a sucker’s proposal. Clearly everyone would pay nothing — you get the same album regardless of how much you pay. And yet Radiohead is reported to have made to the tune of 10 million USD inside of a month. This wasn’t even expected; Radiohead’s bold move to release the album in this way was designed primarily to sell out concerts (which it has, all 21 of them). One might claim listeners are paying to ensure Radiohead will continue to make music, but Radiohead is not the kind of group that is pressed for cash, and I think they’ll keep making music even if they had to pay to do so. Thus, a rational economic human being truly has absolutely no reason to pay for this album.

So, how’s it work then? Are there are 10 million USD’s worth of idiots on this planet?

No. Human decency is simply an effective motivator. These album sales aren’t the first time the economists were wrong about humanity’s willingness to pay money just to be fair, instead of to optimize personal gain.

Reports that record labels are reconsidering this model abound, but I don’t think the record industry can afford it: This distribution model doesn’t NEED a record label. You can just record your complete song someplace, and pay some serious hosting provider to take care of distribution, and that’s all you need to do. Costs of renting studio time and bandwidth bills don’t amount to enough to require the vast pockets of a record label. The record industry’s clout with the radio can still help launch a successful music career. However, I don’t know about you, but I never listen to radio anymore. I might have a look at the iTunes top 100 from time to time, and I check Last.fm for song suggestions.

And thus we’ve come full circle, because in a world where music is distributed on a ‘pay what you think is fair’ model, with distributed recommendation engines, is economically far more efficient. It cuts out large swathes of middle men. Giving radiohead 10 million dollars was a smart move after all!

(EDIT: Added a sixth point!)

I very often see ’sheep mentality’ - the masses following the masses. The thing is, masses are only intelligent when they make independent decisions. By and large the sheep mentality leads to a single random occurrence being repeated over and over again with the exact same justification:

The other guy did the same thing.

For example, my parents tend to look for busy restaurants as an indicator for quality. I’m fairly sure lots of people do that. I leave the conclusion of why this leads to incorrect quality assessments as an exercise to the reader.

While people on vacation may be excused for not putting too much thought into their dining decisions, (big) businesses doing the same thing is a real headscratcher to me.

One industry that has elevated repeating stupid decisions to an art form is the movie theater industry¹. The vast majority have cramped seats, huge queues, even when there’s no major premiere, an even larger queue at the concession stand, and they are all paranoid about piracy, blaming it for all their woes.

If you’re a movie theater guy, here are 5 6 free tips. You should make millions inside of a month, if people are anything like me and like watching movies in style.

1. Comfy seats

Convert all but the 2 biggest theater rooms (you need those for premieres) into comfy places with separate, somewhat adjustable seats for every viewer and place them only in positions where you can actually, you know, see the screen. Given the speed of DVD releases, HDTV, home cinema sets, bittorrent, and the iTunes Music Store, you’re the most expensive option on the market and unless it’s opening night you better damn well be worth the cost.

Getting stuffed into a corner, skeeved at a piracy ad insulting your intelligence, slowly getting a hernia is hardly worth 8 bucks. Ostensibly people show up for a relaxing night out with a screen bigger than even the best HD tv has to offer. You should probably deliver on that expectation. Given that the vast majority of your customers are repeat visitors, you’d think this was obvious, but for some reason common sense seems to be a precious commodity in your industry. At any rate, personal experience tells me that the vast majority of showings don’t sell out, which effectively means you have lots of seats taking up space anyway. All this will cost you is the price for some new seats. Big deal.

This doesn’t just make sense in general, it really makes sense: It is my understanding that the share of the movie ticket sales for the movie theater goes up the longer it’s been out. In other words, those packed seats, which are useful mostly for premieres, aren’t getting those movie theaters much income. Actually trying to cater to people who want a good experience for a movie that’s been out for a while just plain makes sense. Instead, those get stuffed in the smallest crappiest rooms in a small chair while the whole theater is empty.

The only explanation that makes any sense to me is that they’re all sheep, incapable of a single original thought.

2. Fix the queues

I know the tech savvy crowd isn’t exactly beating a path to your door, but the number of hoops you have to jump through to reserve a ticket is ludicrous, and usually you still have to stand in a long queue instead of being able to scan a card or a printed barcode or some such, or just enter a reservation code on a terminal. With 30 minute queues, people will learn to use the computers. The local megatheater in Rotterdam actually has 1 machine, and 4 out of the 5 times I’ve been there, it was broken. You could try to treat movie downloaders as murderers… Or you just make it a little easier for them to, you know, give you money. The fact that reservation systems usually expect you to show up a full hour early just to get your tickets is another interesting point. It’s a movie, not a ticket for an overseas flight!²

Concessions are another mystery. A long line for concessions automatically means people just plain skip them. Concessions are easy profit for movie theaters - the markup is large and they don’t have to share any of it with hollywood. More importantly, watching a 3 hour movie while thirsty is not a good experience at all. Unlike DVDs, you can’t pause the theater so you can’t just get up and get a drink without missing anything. This leads to…

3. Breaks are good

Only a few theaters add a break to movies. I get that a break is a logistical nightmare, but almost everyone gets more drinks which is excellent profit, and, frankly, I have deep respect for someone who doesn’t need to take a pee break for the recent rash of 3 hour movies that hollywood has been pumping out. Not every movie is 3 hours, so just break those. Or, don’t break premieres, just break showings that are unlikely to be fully booked. There should be absolutely no problem for your concession stand to handle that sort of thing. If it is, have a second stand inside and open it up just for a break. You get both profit AND create a better movie experience for your clients.

4. Some courtesy would help

In the olden days, friendly movie hosts with a lightwand would escort people from the top of the stairs to their seats if they wanted it. Now they stand at the doors doing idiotic³ ticket checks to make sure everyone that walks in has a ticket, eventhough that’s been checked multiple times already. The elderly, the injured, and the generally impaired now get to narrowly avoid tumbling down the stairs or stepping on a bunch of toes as they try to make their way to the seats in the dark. After all, with over 20 minutes of ads and trailers, hardly anyone arrives ‘on time’ when all the lights are still on.

5. Learn Human Psychology

Your average piracy ad tries to equate piracy with theft. This is just plain stupid. If there is a pirate in the crowd, apparently he likes your theater more than his computer screen. Makes sense. So why alienate the pirates in the audience? Calling someone a criminal is a bit, you know, awkard. I saw an intelligent piracy ad, exactly once, which was a recording behind the scenes of a dutch movie production, where the various cast members thanked the camera (=audience) for supporting them by visiting the cinema. More of those please, because positive messages work better - that’s psychology 101. I actually know that the budget of dutch movies is mostly tax money, but the point remains: That little piracy ad actually made me feel better for watching that movie in a theater.

NB: Half of the points in this article were actually raised by Cristiano when we discussed this in the apple store two days ago.

6. Re-run old movies

This bonus point is inspired by danw’s comment on news.ycombinator.com.

Take one of your new comfy seat theaters, find some old movie with a serious cult following (I recommend Blade Runner especially now that the real director’s cut has been released this year), set up a viewing or two, and make sure you set up a little meet and greet with fellow movie watchers either before, or during a break, and leave it there (with a bar, of course!) after the movie’s over. That way, cult fans from all over the place will go watch their favourite movie on your large screen in your comfy seats, paying you handsomely for drinks, to meet new people with similar interests. Play your cards right and you could kick off the new dating fad. And more people dating has got to be good news for the movie theaters. It’s win, win, win, and some more win.

I have been known to claim that aside from the Cryptography and Artificial Intelligence fields, the net effect on the state of Computer Science as contributed by the academic world is effectively zero. For example, there are hundreds of User Interface Design faculties all around the world (such as My Alma Mater!) and yet the frontrunner in modern Computer-related design doesn’t get any of their UI knowhow from any sort of academic influence. They do not participate in research programs. That’s very odd.

An example has come along to test this observation. If you so happen to be a technogeek or a programmer, you must have been hiding under a very large rock if you haven’t seen this amazing “Content aware image resizing” demo: (If you’re impatient, jump to the middle and end of the video. The shiny stuff really starts when there’s 3:25 left on the clock).

Clearly this reeks of academic involvement. It’s actually mostly an in-house development from MERL, The United States R&D branch of Mitsubishi. However, for arguments sake, let’s say this WAS in fact developed entirely in the research department of some university or other.

Normally this would be PhD material, if you’re lucky enough to find an open minded professor. However, no amount of forward-thinking in a professor is going to allow you to present that one 5 minute demo along with a software program as a thesis for a PhD, eventhough clearly they speak entirely for themselves and is vastly more worthy of PhD status than most actual PhD theses. In other words, in order to turn this brilliant piece of software engineering into an actual CS PhD, the unfortunate authors would have to bunker down for 6 months to write an enormous paper. In CS terms, 6 months is a virtual eternity.

Instead, they released a youtube video. Effects:

• over 300,000 views, presumably focused primarily around programmers and tech people. I have yet to see a research paper other than the one about the RSA asymmetric encryption algorithm that has generated this much attention in CS. That’s crypto which I already excluded from this observation.
• One of the two authors got instantly hired by Adobe because they want this stuff in their next photoshop release.

From photoshop this technology will see exposure far exceeding the 300k viewers it’s already received. I wouldn’t be surprised if content-aware image resizing shows up in FireFox next year. Give it another year or so to trickle down to the rest of the population, which gives us the sum total of 2 years for a completely new piece of technology to become as standard as bread and butter in the CS world.

All by writing some software, crafting a shiny demo, and posting it on youtube.

Even if this was a university effort and there had been a large thesis to go with this video, the thesis part would be unneccessary and wouldn’t have added anything. The authors would have been better off going their own way.

I can’t prove it, by my instincts, and vast amounts of recent Computer Science history, tell me that this pattern repeats for virtually every CS improvement (outside of Crypto and AI) ever. So, for those of you still making the mistake of getting a CS degree:

If you have balls, quit the moment you have a good idea. Universities are not capable of nurturing it anyway.

We’ll be having a little fourstarters/tipit.to get-together in Delft tomorrow (Thursday). If you’re around the area, feel free to drop in. We’ll be on the beestenmarkt around 15:00.

Also see the upcoming event: http://upcoming.yahoo.com/event/239405/.

Update: Now with pictures:

A week ago I noticed zapreader.com, a site that makes it relatively easy to teach yourself speedreading. At least 1000 people also bookmarked it and from personal experience I can say: It really works quite well. In a nutshell, it takes a bunch of text and splits it into words. It then displays each word (or a block of two, which works a bit better in my opinion) in a huge font in the middle of your screen, for a fraction of a second, before moving on to the next word.

However, the ZAP reader itself has some annoyances so I decided to fix them.

Thus, I present: the (mac only!) desktop app version of zap reader. Download here: http://files.fourstarters.com/ZAPMac/ZAPMac.dmg.

It works very simply: select text in any application, then hit CMD+SHIFT+V and ZAPMac automatically starts and zapreads the selected text for you. Once the text is done, it quits automatically. Use Z and X to rewind/fast forward 16 words at a time, and use A and Q to speed up or slow down. space starts and stops, and there are preferences to change a number of things, though the defaults worked the best for me. It intentionally goes fullscreen - to make sure there is no distraction for your eyes.

Apparently it works so well because of two things:

• It saves you from having to ‘track’ - you no longer expend effort to keep your eyes in the right place. Your eyes no longer need to move at all, just keep staring at the same place.
• It makes use of ‘brain replay’. Ever said ‘What did you say?” to someone, only to realize that you DID hear them after all? Your brain has a limited ‘pipeline’ of sorts, but you usually incorrectly think you misheard or misread forcing you to take action. When reading, this means you often reread sentences that you don’t need to reread. With ZAP Reader you force yourself into going forward.

This is my first foray into Mac Os X Cocoa development, incidentally. I spent maybe 12 hours on getting this thing together, including learning a new programming language from scratch (well, enough to write this, anyhow), and including learning how to distribute it, set it up with a nice preference pane that stores its settings in the right places, and all that jazz. Basically cocoa development is really nice and very simple, which may explain why Mac software looks so good.

If you’re interesting in the source, here you go: http://files.fourstarters.com/ZAPMac/ZAPMacSource.zip.

This is a -very- technical post, so if you aren’t a programmer you may not be able to follow along.

Regular Expressions are used in virtually all webservices. mod_rewrite, a very popular apache plugin, uses them. Django, a popular Python web framework, uses regexps to map URLs onto the code that can handle the requests. Perl is virtually built on regular expressions. Virtually all languages popular for web development support regexp parsing.

Unfortunately, certain regular expressions have what I call ‘runaway nature’. A regexp with ‘runaway nature’ has the following property:

There exists at least 1 input string which will cause the act of matching this input string against the regexp to take a very long time.

Simple example: Given the regexp (x+x+)+y and the input string xxxxxxxxxxxxxxxxxxxx, most regexp parsers just hang. Smart ones realize this can’t work (as all matching strings must end in a y, but the input string does not. Unfortunately most aren’t that intelligent). Turns out on e.g. the C# regexp parser, an average powerful machine needs 25 SECONDS to realize that the input does not match the output. See This codinghorror article on the details of this particular case. Clearly the regexp (x+x+)+y has runaway nature, at least on the C# regexp parser.

There are many regexps which have ‘runaway nature’ on only certain platforms. However, no implementation of a regexp parser that I know of is completely immune to ‘runaway nature’ - some regexp strings just implicitly have it, regardless of implementation.

This is a security leak; causing one of the CPU cores of a webserver to hang for 25 seconds makes it totally trivial to crash the server; this is known as a Denial of Service attack. No data is compromised, but the server just stops working.

There are 2 ways this issue can be fixed, that I can see.

1. Determine if it is possible for a machine to determine in constant time if a certain regexp pattern has ‘runaway nature’, and generate a warning if this is true. This allows web programmers to be warned in advance that they have a security risk.
2. When running a string against a pattern, allow the programmer to specify a ‘limit’. Once the regexp parser backtracks that many times, it just quits and throws an error instead of getting bogged down. By choosing a careful limit, a web programmer can trade off ‘correctness’ against server security. I get the feeling that any input string that causes runaway performance troubles is very likely to be an invalid usecase anyway.

   Unfortunately, neither fix is available as standard solution in any mainstream programming language that I know of.

   I’m not sure how large this problem really is but I can imagine there are lots and lots of webservices out there which can be brought to a grinding halt by feeding it the right (wrong) input.

   ---

   NB: This issue crossed my mind when I crafted the following regexp to check if an input string appears to be a URL. I’m not sure if this regexp has ‘runaway nature’. If you’re a real regexp guru and can figure this out, or if you spot any errors, help me out and let me know in the comments! Thanks a lot!

   • ^([hH][tT][tT][pP][sS]?://)?

   • ((?:[a-zA-Z0-9][a-zA-Z0-9-]*?[a-zA-Z0-9]?)(?:\.[a-zA-Z0-9][a-zA-Z0-9-]*?[a-zA-Z0-9]?)+)
   • (:\d+)?
   • (/[\w/\.;\?:\&=+\$,#]*)?$”

   (1,2,3,4 stands for: protocol, server, port, path string).