Kartik's Log - Details

Link Details

Blog Directory : Listing Details

Kartik's Log details

Listing ID: 1384

Title: Kartik's Log

Description: Thoughts on programming, languages, software and computing.

CategoryComputers : Programming

Owner:

listed on: July 20, 2008 07:35:41 AM

Number Hits: 0 times

Recent Posts:

Debit and Credit Card Security - Thu, 30 Oct 2008 14:33:00 +0000
Some random thoughts on how you might design more secure Debit or Credit cards, some of them obvious:
  1. Support alphanumeric passphrases rather than pathetic PINs. Force this on the banks by passing a law that does not hold the account owner liable for PIN misuse for a month when a card is stolen.
  2. Require a PIN for every transaction . Yes, a shopkeeper can have a malicious card reader that stores the password, but this at least guards against casual pick-pockets.
  3. Use one PIN for purchases made on the card, and another at the ATM. That way, a malicious card reader at a shop enables the shopkeeper to make purchases on my behalf, but not withdraw cash directly.
  4. Have an option for the bank to send me an SMS and email for every transaction so that in the event of a fraud, I'm notified in seconds.
  5. Allow me to use ATMs without physically carrying the card. Instead I can enter a password. If I don't carry my debit card all the time, that's less of a risk.
  6. Many people use a credit card in addition to a debit card because it's safer, in that you can dispute a fradulent transaction more easily and, even if it's resolved to your favor, you don't have to pay the money first and get it back later, like with a debit card. Because of this, people carry a debit and a credit card, which is less secure than carrying only one card. Eliminate this by saying that if the bank gives X days to report a fradulent credit card transaction, it should give at least the same time for the owner to report a fradulent debit card transaction. And, as soon as you dispute a transaction, the bank must immediately and automatically refund the money while it resolves the dispute, after which it might withdraw the money again. With this, many people won't have to carry their credit cards every day.

Function Argument Passing - Thu, 30 Oct 2008 14:24:00 +0000
Javascript's function argument passing is nice. Every function has an implicit variable named arguments that holds all the arguments, and the function declaration is only a shorthand. To look at it differently, with varargs and optional parameters, a function in effect takes a single argument which is a hashtable (or list, if keyword arguments are not supported). If every function takes the same single argument, why make the programmer declare it? Define an implicit variable named arguments. Then what do you put in the space traditionally used for function arguments? That can become a shortcut, so that you can access an argument by its name rather than as arguments.name.

iPhone: The Dream Ends - Mon, 22 Sep 2008 04:52:00 +0000
Apple rejectsanother app, this time a Gmail client for "duplicating functionality". Never mind that it offers a better Gmail experience than the bulitin mail client -- conversations, archiving, starring, etc. Previously, Apple rejected a podcast download app, and the tethering applicationNetSharethat lets you use your iPhone as a modem. As Harry McCrackenput it, "Way back when, if software distribution for the Mac had been handled via a Mac App Store with a don’t-duplicate-Apple-products policy, Photoshop might have been refused distribution on the grounds that it was too similar to MacPaint."

Looks like my open-source friends were right -- in a world where everybody is either incompetent or untrustworthy, having a single gatekeeper is crippling. The iPhone isn't a platform but Apple's playground where you play on Apple's terms. It's the perfect example ofTreacherous Computing, where your computing device is controlled not by you but by others for their own ends.

I no longer see any point in buying an iPhone, let alone programming it. Android's openness should provide a refreshing alternative to the iPoliceState.

Disclaimer: I work for Google.