Intel AMT on new Thinkpads

I got the huge (but pretty) Thinkpad T510, with a big screen. It is good enough that I don't use my Macbook Pro all the time now. I've been doing some work on Windows 7 (mostly unrelated to Windows.) It has a gorgeous screen with high contrast, and great battery life. Quite a departure from the other PC laptops, even if it's moderately huge.

However, I wanted to grump about one thing. There's a whole lot of "remote management" software installed by default on this machine.

One technology is Intel's AMT. It runs a webserver on port 16992 underneath your operating system. It's not entirely obvious how to login or change settings for it. I never figured out how to change the settings, but I was able to disable it through the BIOS.

AMT allows remote reboots, remote web access, and some access to the filesystem.
Intel's RPAT allows remote KVM, also below the OS layer.
Intel's AT is an anti-theft technology that can keep the computer from booting.

All this stuff is shipping on new laptops, some of it vaguely "on". In theory your IT administrator is supposed to configure it and use it to do stuff to your computer, and it's all magically secure for the enterprise.

But this sort of interface massively increases the attack surface to a regular machine. And any worms that manage to also infect this layer could have some serious impact.

And just to be a little bit offensive: my computer shipped direct from China with all this stuff turned on. Given Google's experience earlier this year, configuration like this should probably be turned off by default. Even if it's just to make me feel better.

Consumers shouldn't feel paranoid when they inspect your default settings.

But it is a fine machine otherwise.
Posted by on Saturday, December 18, 2010 2 comments

eBook typography + User Experience

I've been a Kindle user for a little over a year, and I was looking at Google's books effort just now. I've not seen the mobile clients, just the web version.

I have a half-dozen small complaints about Kindle, and mostly I'm a happy user. But Google does very little to improve on Kindle, which is disappointing.

For instance, I haven't seen what Google does when you buy 100 books, which is overwhelming and hard to understand on a Kindle device.

But I have two other complaints that don't seem to be addressed in what appears to be a Kindle clone:
  1. Typography. Books have a personality, and a lot is due to the uniqueness of their layout and typographic choices. Much is lost in the eBook of today.

    Real-life books use unique fonts, and they have a variety of typographic settings. Instead, by making every book conform to the same exact point size, to the same leading, to the same font (Georgia, but, look, I can switch to Times!), is boring and makes switching between books feel less engaging.

    The world would be better if eBooks used Typekit, or even if they had random defaults to adjust their typography, to give a little more personality. Within a certain kind of variation (small color, spacing changes, etc.), readability wouldn't be impacted, but switching between the 5 books you're currently reading would be very much improved. Recognition at a glance is important, whether that's a book cover or a page. Today's eBooks badly need a typographic personality.

  2. Search. Another major limitation with a Kindle, especially the hardware version, is that "flipping through" is very slow. Google does a decent job "flipping" online with the arrow keys, but Google's search solution on the Web is no better than Acrobat's...it's off to the side, and dissociated from the paging interface. It's a 1998 interface.

    Why not make accessing reference books much better than Kindle? For instance, why isn't search somewhere near the paging interface, and why aren't the results shown in the same spot instead of in a sidebar? Similarly, moving the slider bar doesn't flip through pages (or better, zoom out!)...instead it just does nothing at all until you mouse-up.
Openness is only a theoretical benefit. User experience is a real one. I don't see a real competitor to Amazon (on any front) right now.
Posted by on Monday, December 06, 2010 0 comments
Subscribe to: Posts (Atom)