Search Speak for Automaton

Alternate titles for this blog could be “Doodle Transition for Machina” perhaps! For at least a decade I have thought about just such an application and today I have Google Translate for Android. Load, aim, and it will process the text and translate on screen for you. Given the state of technology you would think it would be amazing by now, and it sometimes is.

The success largely depends on the language and that can also be seen in using translate.google.com, where some languages will translate fairly cleanly and others are very rough. One language I have to translate frequently is Chinese (simplified) and it is problematic for many things including company names and technical terms. With that in mind, I would expect it to translate with the same issues via the Google Translate app, and more specifically, do so consistently.

Since I am writing this, you know what’s coming…

This is the result of holding the phone up to a mail label from Japan. That’s all! Just moving the phone ever so slightly by tilting it or moving it half an inch closer / farther will make it change the translation. I think it finally got it a bit correct on that last one since the envelope didn’t contain anything living.

Hopefully the translation technology from Google will advance more quickly on Asian languages. Until then, I am just glad I didn’t get any “Sunrise Holy Poop” in that envelope.

It’s 2016, why is rotating a video such a pain?

How many times have you quickly shot a video on your phone and not rotated it for landscape? It happens too often and we see these videos all over social media. I sometimes forget to do it as well, or portrait is more in line with what I am shooting. So, I want to quickly rotate a video 90 degrees sometimes. Should be easy, right?

I’ve asked friends and social media before, but I asked again last night and got a lot of great input. My criteria were very simple, but I did not specify platform; I want to load an MP4 video, rotate it 90 degrees, and save it. I didn’t qualify it, but my expectations are that it would not lose quality, it would keep the original MP4 format, and that the process was “one-click” (or close). While I have plenty of history using Linux, going back to CLI graphics tools to do this is not ideal for me, but I considered those options.

  • @cl suggested Windows Movie Maker – It will rotate trivially, but saves your MP4 as WMV and the quality drops noticeably.
  • @TCMBC suggested mencoder – A command line utility, part of MPlayer. So it is not trivial (download, configure, compile, figure out CLI syntax), but it does rotate. Yet, the quality drops noticeably.
  • @viss suggested ffmpeg – A command line utility and graphics library, not so trivial. It did rotate, but the quality drops noticeably.
  • @viss suggested The ‘Rotate My Video‘ web site – It is a bit slow for file upload and conversion, but very easy to use. It played the video correctly in my browser, but when I saved the video the final copy was not rotated.
  • @DeviantOllam suggested (in DM) the Rotate Video FX app for Android – I thought the UX wasn’t intuitive for starters. It did rotate the video for immediate playback, but no apparently way to save the new video back to the device. Sharing it brings up the usual Android options, but uploading the video to google drive and the video was not rotated.
  • @elkentaro suggested Apple’s QuickTime Player – Even with his reference which is outdated, there is no apparent rotation function. Even the ability to save a file is now ‘Pro’ only.
  • MegaManSec suggested ImageMagick ‘convert’ utility – this didn’t work and gave me a nice reminder of the old ‘terminal flash attacks’ from the early 90s.
  • @DeviantOllum suggested Virtual Dub but warned me that some versions handle MP4 and some don’t. Thus, I didn’t try it.
  • @Grifter801 suggested VLC but qualified it “just for viewing”.
  • @mehebner suggested Open Shot Video Player but said it is Linux only, which isn’t convenient.
  • @cl suggested iMovie but it is Mac OS X only, which isn’t convenient.
  • @cl suggested Facebook but he isn’t sure you can save after. I am fairly sure you lose quality though.

The final recommendation, and the one that worked the best for me, is Handbrake suggested by @bmirvine. The upside is I had it installed (but an old version) and am familiar with it to a degree. The best part about conversion is that the video does not lose any quality. The downside is trying to figure out the ‘Extra Option’ argument to rotate is a raging mess, as seen on this thread. I found that using “, –rotate=4” as the extra option worked for version 0.10.5.0 64-bit (latest as of this blog). The only other annoyance is that Windows won’t show a thumbnail of the newly saved video for some reason. [Update: with a newer version of the K-Lite codec pack, the thumbnails render fine.]

There are my quick testing results. I hope it helps. I’d like to give a big round of thanks to all who contributed ideas late night. Reminds me that Twitter has some value and isn’t a cesspool of insipid political tripe. =)

Disclosure: Mr Number for Android Screenlock Bypass Concern

mrnumber

Mr. Number is an android app that allows you to do a variety of blocking for incoming communication. I’ve been using it for several months now and am quite happy. Crowd-sourced spam detection lets you know a new number is spam usually. When a call comes in that is suspected spam, a pop-up appears with the option to close it, block the call, etc.

mrnumber-01

If your screen is locked, it still pops up over the lock. Sometimes, but not always, if you block the number and tap ‘done’, it will drop you past the screenlock to the android desktop.

mrnumber-02

I haven’t been able to figure out what causes it to happen sometimes and not the other. I asked someone more familiar with Android and he couldn’t reproduce it reliably, but he did confirm the issue. The attack scenario is that if you spoof a call to a device using a known bad number, you could conceivably bypass the screen lock. Not very practical, especially since it isn’t reliable.

[Thanks to Zach @OSVDB for pointing out I failed by not including the affected version: 1.3.1]

Android & Granular Permissions

For Android-based phone owners, you are no doubt passingly familiar with the permission system that governs applications and what they can do. Every time you install an application, the device will ask you if you accept a list of permissions that it says are required for it to run. If you want the app, you must accept the permissions no matter what they are.

In theory, users can simply decline an app that requires excessive permissions and find an alternative. After all, there are over 1 million apps available right? Many won’t even read the permissions, while others may casually dismiss them because they are clearly stated, and any app in the Google Play store has to be legitimate!

The problem is that even the most simple and legitimate apps may request a variety of permissions that are not needed to make the program run:

Screenshot_2013-08-22-19-09-55   Screenshot_2013-08-23-19-12-04

A classic example of an application requesting permissions that aren’t required can be seen in the T-Mobile MyAccount app. The app is designed to give a user information about their T-Mobile cellular account, nothing else. This should take nothing more than permission to send and receive network data from their servers. Instead, the app has traditionally wanted extra permissions that are excessive. Worse, the latest version wants more, including “System tools” that give the app even more control over the phone. As T-Mobile is my provider and I don’t want to call them to find out account information, I have to accept their overly broad permissions. There is no alternative application in this case.

The second example is Avast Mobile Security & Antivirus that expects keys to the kingdome. There is a bit of irony that a security app wants enough permissions to completely own your phone, the same threat it claims to protect you from.

The Alternative

The obvious solution to this problem is setting it up so permissions are granular. This would allow a user to deny a specific permission while allowing others. If denying a specific permission causes the application to stop functioning, the user could enable it again if desired.

How hard is it to implement this for Google and Android? Trivial. This is readily apparent in that phones that have been jailbroken already allow it. Android users have requested this feature from Google via Ticket 3778. If you are an Android user and want to see this implemented, load the ticket and ‘star it’ (click the star on the upper left) to indicate you want it. If Google opts not to implement that one, there is a similar feature request (Ticket 6266) that would give a set of optional permissions an app wants, but are not required to function.

Until we get granular permissions, the concept of security in the context of applications will be a lost cause.

So far, yet so short…

two days into my smart phone experience, i am simultaneously amazed and disgusted by the state of technology surrounding these devices and ‘cloud’ applications.

back in the day, i had a ‘hacker’ mindset. i found flaws in systems that let me circumvent security or gain privileges not intended for users (or remote people not intended to have any access). over the years, that mindset shifted away from ‘hacking’ (penetration testing as a day job) and moved more toward usability (QA). these days, the idea of hacking and pen testing is boring and i avoid it as best i can. however, i am still a consumer and end user, so when a product doesn’t work, it bugs the hell out of me. more so if i believe any standard QA process should have caught it. my new phone is a world of new opportunity to find shortcomings in applications.

the other thing that bothers me about this process, is that when i find an annoyance and confirm it with a friend, i invariably get “that annoys me too!” so i am not the only one finding these bugs and shortcomings. is it complacency? do users no longer try to demand better from vendors? do they no longer report bugs and ask for simple features?

a great example of this is the Android Market (app store), the place to get applications for your Android based phone. i have a Samsung Vibrant through T-mobile, which uses Android apps, so this is now my go-to place to find neat utilities for the phone. go to that site, and search for applications that let you do $whatever. notice that? the distinct lack of a SEARCH MECHANISM? seriously, what brain dead dickholes run this operation, that didn’t think to put some kind of rudimentary search or at least embed a Google search link with “site:android.com”? unbelievable.

it’s ok, you can search the site via the smart phone! unfortunately, when you do it via your phone, you are given results straight from a 1995 search engine. the pattern matching is horrible. search for something with a space and results are hit or miss (e.g., “my app” will frequently not find “myapp”). further, applications that appear on the site you find via browsing, get no matches when you search for the exact name on the phone. there are some 100,000 applications out there. when you search for a common term, it isn’t surprising to receive 1000 results. but, instead of giving me primitive filtering (e.g., list only free apps, list only apps with 4+ star ratings), i get to scroll through all 1000 applications that do not appear to be listed in any discernible order.

my phone lets me connect via Wi-Fi in favor of 3G if i am in range. but, if i need to enter a password for the hotspot, i can’t enter the password. i am relegated to dealing with behavior of devices from 2000 that force you to enter the hex key.

the phone is advertised as being able to multi-task. i can run multiple applications at once! of course, very few let me cleanly exit the application. instead, they just keep running in the background, slowly helping drain the battery faster. everyone downloads a third-party application to help with this, a ‘Task Killer’ app. while this app is very helpful, it also makes me scream as i see countless apps start up that were never invoked by me. why does Amazon MP3 need to keep being invoked when i never did it, and i am not using any program that plays MP3s?

the built in ‘memo’ program is weak. so i got ‘Evernote’, a “cloud” based application that syncs my notes between phone and the web site. in theory, this is great. i sit at my computer and create a To-do list on the web site, and when i grab my phone and go, it syncs up the list from the web site. perfect! oh wait, the second list i created, i cannot edit. i can add text to it, but i can’t delete anything in it. i can’t use ‘DEL’, i can’t backspace over anything, i can’t even highlight and ‘cut’ the text via mouse/menu. seriously, what kind of drooling idiots write this application and don’t notice this? i can do it on the first list i created, but the invisible formatting crap i notice reminds me of MS Word from 1998. un-fucking-believable. so i deleted that list, and will re-create it by hand-typing the list instead of pasting it from a web page, which apparently caused the problems.

seriously people, hire a small QA team. if you are cheap and refuse to use the product yourself, then crowd-source the QA work. you do this by giving any users who want to help the ability to quickly and easily report bugs / annoyances or give feedback on features they would like to see. if you identify a person that seems to be knowledgeable and files accurate bug reports, flag their account/id and prioritize their submissions. example: a while back, i started giving feedback on a new version of Trillian, a program i use every day all day. within a few days, the lead developer was replying to my mails quickly. i believe he recognized a user that was familiar with the QA process (i marginally am), reported problems that were not one-off issues and would try to repeat the issue or provide debug output as requested.

in short, companies and developers need to use some of their time to use their own products, test them thoroughly and consider what features users may want. whipping up new code and flashy gadgets only goes so far before you have a product that is more annoying than it is helpful.