Payment Request API | W3C

Payment Request API; W3C; 2017-09-21.

  • Adrian Bateman, Microsoft Corporation
  • Zach Koch, Google
  • Roy McElmurry, Facebook
  • Domenic Denicola, Google
  • Marcos Cáceres, Mozilla

Promotions

Opera is acquired by a Chinese consortium (Kunlun, Qihoo 360, Golden Brick, Yonglian)

In archaeological order


Opera gets $1.2 billion buyout offer from mix of Chinese firms, board recommends deal; ; In ZDNet; 2016-02-10.
Teaser: There is “strong strategic and industrial logic to the acquisition,” according to the software maker’s CEO.

Original Sources

Mentions

  • Price
    • $1.2B USD
    • 53% above Oslo close 2016-02-04.
  • Consortium
    • media
      • Kunlun
      • Qihoo 360
    • pure-play investment
      • Golden Brick
      • Yonglian
  • Who
    • Lars Boilesen, CEO, Opera
    • Sverre Munck, chairman of the board, Opera
    • Yahui Zhou, CEO, Kunlun,
  • Process
    • For sale since 2015-08.
    • Representors
      • Morgan Stanley International
      • ABG Sundal Collier

Qihoo 360-Led Chinese Consortium Makes $1.2 Billion Offer for Opera; Rick Carew (Hong Kong), Kjetil Malkenes Hovland (Oslo); In The Wall Street Journal (WSJ); 2016-02-10.
Teaser: Bid for Norwegian company adds to a busy start to 2016 for outbound Chinese acquisitions

Mentions

  • Opera Software ASA, Norway
  • A consortium of Chinese companies
    • Operators
      • Qihoo 360 Technology Co.
      • Beijing Kunlun Tech Co.
    • Investors
      • Golden Brick
      • Silk Road Fund Management (Shenzhen) LLP
      • Yonglian (Yinchuan) Investment Co.
  • Bid (proposal)
    • Equivalently
      • $1.2B USD in cash
      • 71 Norwegian kroner ($8.27)/share
    • Factoid
      • a 46% premium over trading 2016-02-05
      • <quote>When trading resumed on Wednesday, the stock soared more than 40%, and closed up 33% at 65.10 kroner.</quote>
    • Support
      • Board of Directors, Opera Software ASA
      • 33% of the shares
  • Valuation
    • 2016: $690 million → $740 million (range)
    • 2015: $616 million.
  • Consortium
  • Competition
    sources via StatCounter

    • Android of Googleof Alphabet
      • Chrome → 36.8% market share
    • Microsoft
      • unstated products & market share.
    • Alibaba Group Holding Ltd.
      • UCWeb → ~20% market share
  • Market Share
    sources via StatCounter

    1. Something
    2. Something
    3. Safari
    4. Opera (Phone)→ 10.8%
    5. something
    6. Opera (All; Phone, Tablet, Laptop) → 5.7%
  • Background
    • Qihoo is
      • <quote><snip/>in the process of delisting from the New York Stock Exchange after agreeing in December to a buyout by a consortium including its chairman for $9 billion.</quote>
      • makes mobile and PC antivirus software,
      • operates a search engine
        • No. 2 search engine in China
        • Search engine behind Baidu Inc.
      • has a “secure” Web browser.
    • Kunlun
      • a 60% stake in gay-dating app Grindr LLC for $93 million 2016-01.
    • Other acquisitions by Chinese companies.
  • Who
    • Yu Ling, press relations, Qihoo
    • Havard Nilsson, staff, Carnegie ASA.

Previously

In The Wall Street Journal (WSJ):

The App-ocalypse: Can Web standards make mobile apps obsolete? | Ars Technica

The App-ocalypse: Can Web standards make mobile apps obsolete?; Larry Seltzer; In Ars Technica; 2015-12-28.
Teaser: Many big tech companies—absent Apple—are throwing weight behind a browser-based world.

tl;dr → Betteridge’s Law; i.e. No.

  • WebApps are a Google-culture thing.
  • And good luck with Apple; they are intransigent in their non-interest.

Mentions

In (the arbitrary) order of appearance in the piece:

Projects

Standards

Via: backfill.

SOLVED[fail]: Android WebView does not support Client Certificates at all

Problem Statement

Context

Outcome

Partial success…

  • Webware => just works
    • desktop officework browser
      i.e. Firefox 29+
    • mobile browser => “just works”
      i.e. Chrome 40, Blink 537.36, Android 4.4.4 (what is that, Jelly Bean, Key Lime Pie?, Lollipop?)
  • Appware => FAIL
    • Android does not work, cannot be made to work.
    • WordPress Android is unuseable in this mode.

Environment: Webby Officework Desktop

Outcome: just works

Cases

  • Firefox (Fedora) “just works”
  • Chrome (Android) “just works”

Configuration

  • User receives the certificate as a PKCS #12 (a .p12 file)
  • Install fhe certificate
    • … in the browser (Firefox, Linux)
    • … in the operating system (Android)

Environment: WordPress Android

Outcome: FAIL

  • Do not use Android WordPress on these blogs
  • Use the webby interface with Chrome.
  • WordPress Android uses an embedded WebView which does not implement client certificates at all.

Referenced

Others have tried … but Android does not yet support this concept

Block Phone Calls on Android

tl;dr => it’s not quite a feature, but doable

  1. proprietary add-ons to Android in the crapware (e.g. Samsung)
  2. the baseline method via Contacts->Send to Voicemail & Disable Ringtone

References

Android Is Huge. But Here’s Why Developers Keep Favoring Apple | Business Insider

Android Is Huge. But Here’s Why Developers Keep Favoring Apple; ; reporter; In Business Insider; 2014-04-03.

tl;dr => only poor people have Android; rich people have Apple gear.

Mentions

  • Share of visits to e-commerce sites from tablets
    • iPad: 87%
    • Android: 11%
  • Average order value from tablets
    • iPad: $155
    • Android: $110
  • Share of visits to e-commerce sites from phones
    • iPhone: 60%
    • Android: 39%
  • Average order value from phones
    • iPhone: $126
    • Android: $136
  • Only on phones do Android users spend more.
  • Colorful
    • iPad users spend — $155 on 87% of visits
      colorful: Apple users do their shopping on iPad; only use their phones for the loose-change stuff.
    • An Android user is worth 1/4 of an iOS user

Actualities

chart of the day ios android monetization gap

Android Apple

Android iphonesan francisco iphone android appleAndroid Apple

Via: backfill

Intel Merrifield SoC will have “Hooks” to truncate OS functionality for aftermarket OS installs

Hooks im Kernel sollen Android sicherer machen; at Cebit, in golem.de; 2014; In German.

Mentions

Translation

Via Google Translate

Intel : hooks in the kernel to make Android more secure

Cebit 2014

Starting with the next SoC design , Merrifield, Intel plans to incorporate new security features in its x86 Android kernel . You should ensure , among other things , not slow virus scanner that tablets and smartphones unnecessary.
display

” We shall come originally from the corporate sector,” explains Frank Kuypers Intel talking to Golem.de at Cebit . And for professional clients Kuypers is known as ” Technology Specialist ” also responsible . The moan of his observation after the moment especially on the proliferation of Android devices that are to be brought safely to the corporate network .

To this end, Intel wants that develops for years the x86 version of Android along with Google , in the next versions of its Kitkat kernel – install new features – ie for Android 4.4. Especially Hooks play a role , they are simple interfaces with which code can be inserted from one program to another. This may seem risky for certain tasks but very efficient.

In the case of x86 Android , Intel plans , among other things , file operations virus scanners allow by hooks. To ensure that only new files can then be scanned , for example, in real time , without the anti-malware and the operating system must be the usual way through the file system go . This relieves the CPU, RAM and storage medium and is so little overall slow down the system . With the still expected in 2014 SoC Merrifield Intel wants to use the hooks for the first time .

These hooks will use even with its McAfee software Intel initially , but the company already works with other providers of products for the management of mobile devices together . Whether the hooks are also publicly documented or even an SDK is created but is not yet decided. Frank Kuypers wanted this possibility but also not mutually exclusive.

Why such deeply into the operating system anchored safety features are important for Android devices , the Intel manager said on own example. In the Intel – only network mobile devices with certain versions of Android may not use all the features. Would he be provided with Cyanogenmod smartphone , there would still the Fi – then would no longer get , among other things on the phone all the e- mails to face, because the device would be classified as a potential security risk.

Via: backfill

Beginning NFC: Near Field Communication with Arduino, Android, and PhoneGap | Igoe, Coleman, Jepson


Tom Igoe, Don Coleman, Brian Jepson; Beginning NFC: Near Field Communication with Arduino, Android, and PhoneGap; O’Reilly Media; 2014-01-14; 246 pages; kindle: $10.

Investigating User Privacy in Android Ad Libraries | Stevens, Gibler, Crussell, Erickson, Chen

Ryan Stevens, Clint Gibler, Jon Crussell, Jeremy Erickson, Hao Chen; Investigating User Privacy in Android Ad Libraries; In Proceedings of MOST (MOST); 2012; 10 pages.

Abstract

Recent years have witnessed incredible growth in the popularity and prevalence of smart phones. A flourishing mobile application market has evolved to provide users with additional functionality such as interacting with social networks, games, and more. Mobile applications may have a direct purchasing cost or be free but ad-supported. Unlike in-browser ads, the privacy implications of ads in Android applications has not been thoroughly explored. We start by comparing the similarities and differences of in-browser ads and in-app ads. We examine the effect on user privacy of thirteen popular Android ad providers by reviewing their use of permissions. Worryingly, several ad libraries checked for permissions beyond the required and optional ones listed in their documentation, including dangerous permissions like CAMERA , WRITE CALENDAR and WRITE CONTACTS . Further, we discover the insecure use of Android’s JavaScript extension mechanism in several ad libraries. We identify fields in ad requests for private user information and confirm their presence in network data obtained from a tier-1 network provider. We also show that users can be tracked by a network sniffer across ad providers and by an ad provider across applications. Finally, we discuss several possible solutions to the privacy issues identified above.

Referenced

Claims

  • Mobclix: exfiltrate and/or modify the user’s calendar and contacts, exfiltrate user’s audio and image files, and turn on/off the camera LED.
  • Greystripe: get and/or set user’s cookies.
  • mOcean: send SMS and email messages, start phone calls, add calendar entries, get location, make arbitrary network requests.
  • Inmobi: send SMS and email messages, start phone calls, and modify the users calendar.

How Mobile Is Eating The World | Benedict Evans, Enders Analysis at Business Insider

Benedict Evans (Enders Analysis); How Mobile Is Eating The World; In Business Insider; 2013-11-17.

Mentions

  • Lots of up-and-to-the-right.
  • Irrelevance of Microsoft
  • Scale at Samsung
  • Scale at Apple
  • Tablets
  • Post-PC Vision
  • Four Horsemen
    • Google
    • Apple
    • Facebook
    • Amazon
  • Chinese Android is not Android
  • WebKit Everywhere
  • Smartphones are inherently social
    • address book
    • photo library
    • push notifications
    • home screen, task switcher
    • switching apps is easy
  • Unbundling Functions vs Unbundling Friends
  • Cards as Content Packets
  • Social as Discovery
  • Tablet Trends
  • Open Questions
    • What is the identity platform
    • Watch: protocols-and-services

Outline

  • The state of PCs
  • Smartphones are exploding
  • More mobile growth coming
  • The future is mobile
  • The world is 2017
  • Growth in emerging markets
  • Fundamental change
  • Fundamental change in scale
  • Fundamental change in use
  • What does mass mobile internet use really mean? From this…
  • … to this
  • Industry scale
  • Polarisation of manufacturers
  • The irrelevance of Microsoft
  • Scale at Samsung…
  • and scale at Apple
  • Very different products
  • Apple sticking to the high end?
  • Glass is eating the world
  • Tablets overtaking PCs
  • Tablet market splitting
  • iPad dominates use everywhere
  • Two distinct ‘tablet’ markets
  • Tablet [is] dynamic quite different to smartphones
  • Tablet [is] dynamic quite different to smartphones, continued
  • Blurring definitions
  • Tablets in 2013
  • Still lots of unknowns
  • ‘Four horsemen’ driving the agenda
  • Ecosystem sizes
  • Reach != value
  • (Chinese Android isn’t Google)
  • Geographic variation
  • Ecosystem is the key leverage point
  • People like apps
  • Mobile platform wars over?
  • Speed of innovation?
  • Different focus for innovation
  • App engagement
  • Self-selection
  • Ecosystem cohorts
  • Ecosystem cohorts?
  • Future of Android
  • Mobile social scale
  • Mobile social scale, continued
  • Children’s use of messaging
  • Smartphones are inherently social, unlike the desktop web
  • People happily abandon history, 3x slides
  • Facebook is one of many
  • Facebook is doing well on mobile
  • Half of DAUs are mobile-only
  • Is the mobile opportunity so big that it doesn’ matter to Facebook if it isn’t dominant?
  • Unbundling
  • The Aggregation Cycle
  • Unbundling Facebook
  • Unbundling functions or unbundling friends?
  • Mobile social is still in flux
  • There’s money in stickers
  • The next opportunity is creating the next platform
  • Cards as content packets – social as discovery
  • Two trends for mobile content
  • Again, all this is in flux
  • Broader uncertainty and opportunity
  • Blurring boundaries

Via: backfill

Pico: No More Passwords! | Hsing Ping Fu

Hsing Ping Fu; Pico: No More Passwords!; Masters Thesis; K. U. Leuven; 2013; 66 pages.

Abstract

Managing passwords for online application accounts is a heavy responsibility for users. Using easily remembered passwords or repeatedly using the same password makes the account susceptible to brute force guessing. Furthermore, the password-protected accounts are vulnerable to attacks like phishing, keylogging, eavesdropping, and man-in-the-middle attacks, no matter how strong the passwords are. Hence the urgent need for an alternative to password system.

Stajano proposed a candidate known as Pico [37]. This is an authentication hardware token utilizing mutual authentication with the application server to obtain access to users’ accounts. The credentials for the authentication are created and managed by Pico and are guaranteed to be secure and unique for each application. The Pico device is portable and easy to use, allowing users to login everywhere. Compared to other existing password alternatives, Pico has the advantage of providing protection against the attacks mentioned above and effortless access control device.

Although Stajano presents desirable functionalities in for the Pico, its practicality remains to be demonstrated. Toward this goal, this thesis proposes a set of specifications for the Pico device, and a prototype device to demonstrate the Pico functionalities. The specification defines authentication protocols, the underlying cryptographic algorithms, and the credentials. The protocols mutually authenticate Pico and the server, over an encrypted channel protected by mutual secret from key exchange algorithms. The servers are verified by credentials registered in Pico database, to prevent internet phishing. Moreover, out-of-band communication schemes and message structures for all the communication between Pico and servers are specified as well.

The technical specifications are implemented on a smartphone based Pico prototype. The algorithms are programmed in Java and executed on Android platform, using several Android libraries. This prototype is capable of performing cryptographic calculations, wireless communication, and providing a proper user interface. A demonstration server is also implemented to test the entire Pico system. As a result, users can log on to this server by pointing the Pico prototype to the QR code displayed on the web page, and the account can be accessed within few seconds.

Intel Cloud Services Platform

Intel Cloud Services Platform, version 6.0, 2013-11-21

Release Notes

  • Intel Identity Services => FedID
  • Cultures
    • Android (2.2, Froyo onward)
    • iOS
    • JavaScript, HTML5
    • Windows
  • Baseline RESTful API
    • XML
    • JSON
  • Services
    • Analytics
    • Catalog,
    • Commerce
    • Curation,
    • Recommendation

Identity Services

  • Social Integration
    • Facebook API tokens
    • Yahoo! Social Login
  • Regulatory: COPPA
  • REST Developer’s Guide
  • Intel Identity Services REST API Reference
  • OAuth 2.0
    • ClientID + Client Secret
    • Access Token
    • https://api.intel.com/identityui/v2/auth
  • Concepts
    • Scopes
    • Redirect
    • Sync vs Async (urn:intel:identity:oauth:oob:async)
      • Web App Synchronous => http://localhost/callback.html
      • Mobile App Synchronous => (deep link) myapp://action
      • Web App Asynchronous => urn:intel:identity:
        oauth:oob:async
  • URN Support (i.e. deep links)
  • Badging




Analytics Services

  • Opt-Out
  • Session Tracking API
  • Custom Events API
  • Dashboards
  • Real-Time Analytics
  • User, device, session, and demographic Analysis

Commerce Services & API

  • Client ID
  • PayPal
  • Taxation computations
  • Subscription API
  • Cart & Order Management

Catalog Services

  • Datasets
  • Bulk Upload
  • POI Data
  • Schema Management

Context SDK

  • States
    • Location-based states:
      • Country,
      • City,
      • Semantic Place (Home/Work),
      • Nearby restaurants.
    • Time and date-based states:
      • Time zone,
      • Local time,
      • Weekday,
      • Part of day,
      • Holiday information in your location.
    • Device-based states:
      • Applications running,
      • Missed calls,
      • Battery level,
      • Music played.
  • Context states sensing
    • Environment weather.
    • Device terminal context.
    • Location semantic/geographic place.
    • Network connection.
    • Device contacts.
    • Device calendar.
    • Physical activity.
    • Audio classification.
    • Message (SMS).
    • Device information.
    • Installed applications.

Location-Based Services

  • Removed 2013-11-11

Miscellaneous

See Also

Genevieve Bell, Keynote Address; Intel IDF; 2013-09-12; 43 pages.

Via: backfill, backfill

User, device, session, and demographic Analysis

AFrame: Isolating Advertisements From Mobile Applications in Android | Zhang, Ahlawat, Du

Xiao Zhang, Amit Ahlawat, Wenliang Du; AFrame: Isolating Advertisements From Mobile Applications in Android; In Proceedings of Annual Computer Security Applications Conference (ACSAC); 2013-12-09; 10 pages.

Abstract

Android uses a permission-based security model to restrict applications from accessing private data and privileged resources. However, the permissions are assigned at the application level, so even untrusted third-party libraries, such as advertisement, once incorporated, can share the same privileges as the entire application, leading to over-privileged problems.

We present AFrame, a developer friendly method to isolate untrusted third-party code from the host applications. The isolation achieved by AFrame covers not only the process/permission isolation, but also the display and input isolation. Our AFrame framework is implemented through a minimal change to the existing Android code base; our evaluation results demonstrate that it is effective in isolating the privileges of untrusted third-party code from applications with reasonable performance overhead.

Via: backfill

TunnelBear

TunnelBear

Concept

  • a VPN
    • for pay based on bandwidth/month
  • Support
    • Android
    • iOS
    • Windows
    • OS/X
  • Benefits Alleged
    • “Simple”
      • on or off
      • Country masquerade
    • Prophylaxis against “social sharing”
      • Facebook
      • Twitter
      • Linkedin’s Intro ref
      • Something vague about maybe blocking ad tracking
    • Consumer-grade privacy

Background

  • Toronto CA
  • private funding

Who

  • Ryan Dochuk, co-founder, CEO

Promotion

Earned

Owned

Mentioned Within

Via: backfill

Precision Moments Targeting | Kiip

Precision Moments Targeting (PMT), Kiip

Kiip Picture

Mentions

  • Who
  • San Francisco
  • CrunchBase
  • Products/Services/Platforms
  • Availability
    • Android
    • iOS
  • Engines
  • Localizations
    • Japan (language)
  • Features & Functions
    • Demographics
      • age
      • gender
    • Verticals, Categories, Channels
    • Neural Net <buzzz>machine learning</buzzz>
      Something about

      • propensity profiling
      • lookalike modeling
      • first party data (survey data)
    • Location
    • Mindset & Sentiment
    • Historical Redemption (patterns)
    • Dayparting
      Hinted at from the “day circle” motif
  • Partners (recent)
    • Yahoo! Japan
    • comScore

Promotions

Self

Trade

Via: backfill

PlaceRaider: Virtual Theft in Physical Spaces with Smartphones | Templeman, Rahman, Crandall, Kapadia

Robert Templeman, Zahid Rahman, David Crandall, Apu Kapadia; PlaceRaider: Virtual Theft in Physical Spaces with Smartphones; In arXiv pdf; 2012-09-26; landing

Abstract

As smartphones become more pervasive, they are increasingly targeted by malware. At the same time, each new generation of smartphone features increasingly powerful onboard sensor suites. A new strain of sensor malware has been developing that leverages these sensors to steal information from the physical environment (e.g., researchers have recently demonstrated how malware can listen for spoken credit card numbers through the microphone, or feel keystroke vibrations using the accelerometer). Yet the possibilities of what malware can see through a camera have been understudied. This paper introduces a novel visual malware called PlaceRaider, which allows remote attackers to engage in remote reconnaissance and what we call virtual theft. Through completely opportunistic use of the camera on the phone and other sensors, PlaceRaider constructs rich, three dimensional models of indoor environments. Remote burglars can thus download the physical space, study the environment carefully, and steal virtual objects from the environment (such as financial documents, information on computer monitors, and personally identifiable information). Through two human subject studies we demonstrate the effectiveness of using mobile devices as powerful surveillance and virtual theft platforms, and we suggest several possible defenses against visual malware.

Via: backfill

Fedora 19 for Allwinner ARM SOCs | Hans de Goede

Hans de Goede; Announcing Fedora 19 ARM remix for Allwinner SOCs release 1, now with A20 support; devel@lists.fedoraproject.org; 2013-07-18.

Mentions

Via: backfill

Replicant is a FOSS Android clone


Replicant

Rick Lehrbaum; Replicant fully-free Android distro project solicits funds; In Linux Gizmos; 2013-07-26.

Products

Devices

Founded

  • 2010
  • <quote>to unify the efforts of various individuals attempting to produce a fully free Android distribution</quote>

Who

  • Founders
    • Aaron Williamson
    • Graziano Sorbaioli
    • Denis “GNUtoo” Carikli
    • Bradley M. Kuhn
  • Recent
    • Carikli Kocialkowski
    • Paul Kocialkowski

Via backfill

Why Mobile Web Apps are Slow | Drew Crawford

Sources

Summary

He puts the abstract-summary at the end.

<quote>

  • Javascript is too slow for mobile app use in 2013 (e.g., for photo editing etc.).  
    • It’s slower than native code by about 5
    • It’s comparable to IE8
    • It’s slower than x86 C/C++ by about 50
    • It’s slower than server-side Java/Ruby/Python/C# by a factor of about 10 if your program fits in 35MB, and it degrades exponentially from there
  • The most viable path for it to get faster is by pushing the hardware to desktop-level performance.  This might be viable long-term, but it’s looking like a pretty long wait.
  • The language itself doesn’t seem to be getting faster these days, and people who are working on it are saying that with the current language and APIs, it will never be as fast as native code
  • Garbage collection is exponentially bad in a memory-constrained environment.  It is way, way worse than it is in desktop-class or server-class environments.
  • Every competent mobile developer, whether they use a GCed environment or not, spends a great deal of time thinking about the memory performance of the target device
  • JavaScript, as it currently exists, is fundamentally opposed to even allowing developers to think about the memory performance of the target device
  • If they did change their minds and allowed developers to think about memory, experience suggests this is a technically hard problem.
  • asm.js show some promise, but even if they win you will be using C/C++ or similar “backwards” language as a frontend, rather than something dynamic like JavaScript

</quote>

Fanout

By section

The genre of “Which is better: native or HTML5″ “Who will win?”

Three criticisms about benchmarks

  1. Whether JIT is appreciably slower where it matters (benchmarks do not matter).
  2. JIT gets better every day, native does not; oOne day soon, JIT will be “faster than native.”
  3. Python, PHP, Ruby (fully-interpreted code) is already fast enough for ultra-high scale, this is single-user, so what’s the point?

Performance Baseline & Benchmarks

Performance Evolution and Possibilities

Language Tradeoffs: Native vs Managed

Managed languages optimize for developer productivity with JIT thrown in to recover some of the drain.  Native languages don’t have that overhead.  Even the proponents admit this. In archaeological order, not article order:

On Garbage Collection contra Explicit Memory Management

Screen Shot 2013-05-14 at 10.15.29 PM

Hertz, Berger; Quantifying the Performance of Garbage Collection vs Explicit Memory Management

Claim: Garbage Collectors need 6x (4x) more memory than “is necessary” in order to be efficient enough for real-time UX-type applications.  See the chart where the relative memory footprint approaches 1x; consider that 1.5x to 2x is “acceptable performance degadation.”

How Much Memory is Available on iOS?

  • iOSMemoryBudgetTest by Jan Ilavsky
  • Observed limits in the field, on his gear
    • iPhone 4S
      • warn => 40MB (around)
      • killed => 213MB (around)
    • iPad 3
      • warned => 400MB (around)
      • killed => 550MB (around)
  • Walk the scenarios against the limits
  • Multiple copies of the same photo in memory
    Citing also the slide from Session 242, iOS App Performance – Memory, 2012
    <quote>

    1. The camera screen that shows you what the camera sees,
    2. the photo that the camera actually took,
    3. the buffer that you’re trying to fill with compressed JPEG data to write to disk,
    4. the version of the photo that you’re preparing for display in the next screen
    5. the version of the photo that you’re uploading to some server,
    6. the buffer that is going to hold a smaller photo suitable for display in the next screen,
    7. the buffer that resizes the photo in the background because it is too slow to do it in the foreground.</quote>
  • Multiple copies of the same video frame in memory
    Citing also Technical Q&A QA1708 Improving Image Drawing Performance on iOS

    • Q: What can I do to improve my image drawing performance (CGContextDrawImage, UIImage/-drawInRect:, etc)?
    • “Every UIView is backed with a CALayer and images as layer contents remain in memory as long as the CALayer stays in the hierarchy.”
  • Compare the iPad 3 display with a pure display
    (though these are larger, brighter, faster, etc.)

Packaging of ARM Technology

Addressing the need/ability to add more memory to ARM PoP in order to make garbage collection performant; i.e. can one get 6x more memory on some future hypothetical ARM PoP in order to make GC be performant enough to use?

In archaeological order

On JavaScript and Garbage Collection

Mentions

  • Benchmarks
  • Hardware
    • Intel x86
    • ARM
  • Native (C, Objective-C, C++)
    • GCC
    • LLVM
    • ICC (Intel-closed-secret-proprietary)
  • Java
    • There is only One. True. Compiler. here, right?
  • JavaScript
    • V8 of Google
    • Nitro JS
    • Nitro/SFX
    • TraceMonkey/IonMonkey
    • Chakra,
    • ASM.js
  • Lua
    • A simpler language with a simpler interpreter, via Brendan Eich
  • Period Pieces
    • Internet Explorer 8 (veeerrrryyyy sllllooowwwww)
    • Firefox 3.0.3, when Firefox becomes “fast”
      • Firefox 19 (Firefox 22), current
    • Chome 8, when Chrome became “fast”
      • Chrome 26, current

Who

Referenced

LLVM CLANG

Apple Developer Documentation

Incidentally

  • Andreas Gal’s dissertation

Generic

Quotes

Pithy, trenchant, money (quote), etc.
Unless otherwise stated, from: Why mobile web apps are slow; In His Blog; 2013-07-09.

  • <quote>The thing is, JITing JavaScript was a 60-year old idea with 60 years of research, and literally thousands of implementations for every conceivable programming language demonstrating that it was a good idea.  But now that we’ve done it, we’ve run out of 60-year-old ideas.  That’s all, folks.  Show’s over.  Maybe we can grow another good idea in the next 60 years.</quote>

Ahem …

JavaScript-the-good-parts

  • <quote>The ground truth is that in a memory constrained environment garbage collection performance degrades exponentially.  If you write Python or Ruby or JS that runs on desktop computers, it’s possible that your entire experience is in the right hand of the chart, and you can go your whole life without ever experiencing a slow garbage collector.  Spend some time on the left side of the chart and see what the rest of us deal with.</quote>
  • <quote>With garbage collection, the winning move is not to play.  A weaker form of this “the winning move is not to play” philosophy is embedded in the official Android documentation:

    Object creation is never free. A generational garbage collector with per-thread allocation pools for temporary objects can make allocation cheaper, but allocating memory is always more expensive than not allocating memory. As you allocate more objects in your app, you will force a periodic garbage collection, creating little “hiccups” in the user experience. The concurrent garbage collector introduced in Android 2.3 helps, but unnecessary work should always be avoided. Thus, you should avoid creating object instances you don’t need to… Generally speaking, avoid creating short-term temporary objects if you can. Fewer objects created mean less-frequent garbage collection, which has a direct impact on user experience.

    </quote>

  • <quote>I can give you three frames of reference that are both useful and approximately correct.
    • If you are a web developer, think about the iPhone 4S Nitro as IE8, as it benchmarks in the same class.  That gets you in the correct frame of mind to write code for it.  JS should be used very sparingly, or you will face numerous platform-specific hacks to make it perform.  Some apps will just not be cost-effective to write for it, even though it’s a popular browser.
    • If you are an x86 C/C++ developer, think about the iPhone 4S web development as a C environment that runs at 1/50th the speed of its desktop counterpart.  Per the benchmarks, you incur a 10x performance penalty for being ARM, and another 5x performance penalty for being JavaScript. Now weigh the pros and cons of working in a non-JavaScript environment that is merely 10x slower than the desktop.
    • If you are a Java, Ruby, Python, C# developer, think about iPhone 4S web development in the following way.  It’s a computer that runs 10x slower than you expect (since ARM) and performance degrades exponentially if your memory usage goes above 35MB at any point, because that is how garbage collectors behave on the platform.  Also, you get killed if at any point you allocate 213MB.  And nobody will give you any information about this at runtime “by design”.  Oh, and people keep asking you to write high-memory photo-processing and video applications in this environment.

    </quote>

  • <quote>The desktop market is shrinking year-on-year.    Computers are going to be what the hardcore professionals use–Photoshop  and Visual Studio will always stick around–but mere mortals who spend all day in Excel or Outlook or Powerpoint are going to migrate to ARM tablets.  (Maybe even ARM notebooks.)  Some of us like desktop computers for ideological reasons, or like x86 on the technical merits, or whatever.  But the truth on the ground is that ARM is rising and x86 is falling, like it or not.  Even if we throw out all the smartphones and tablets, you have reasonable research firms projecting things like a 60-40 ARM-Intel netbook split for 2013. And once you throw the tablets and smartphones back in, well, let’s just say that more ARM chips were fabbed last yearthan all the x86 chips ever made.  The sky is falling.  The building is on fire.Whenever you make a platform decision, you’re making a bet.  If you’re writing a web app, you’re essentially betting either 1) that ARM doesn’t matter, 2) that ARM customers will just suck it up and use your slow product,  3) that the web browser guys will wave a wand and make it faster, or 4) that the WiFi guys will fix the speed of light so that everybody has a zero-latency always-on connection to an x86 chip.  Unless you’re writing Photoshop, or writing an app with two buttons, I think you’re nuts.</quote>
    From: Mobile web apps are slow; In His Blog; 2013-05-06.

Irrelevant

Humorous, ironic or off-the-cuff

Via: backfill

Motorola Atrix HD to Jelly Bean 4.2.2 with CyanogenMod 10.1

Marius Maria; Update Motorola Atrix HD to Jelly Bean 4.2.2 with CM10.1 Custom ROM; In Some Blog entitled Android Geeks; 2013-04-29.

Mentioned

Via backfill