The worst cover version of a song ever

For about two weeks I’m going to work, listening to radio and a weird version of “Under Pressure” plays in the radio. This version completely makes me cringe in some parts because it completely ruins the mood of the song. Today I found this version on the internet.

But first, let me explain what it’s wrong with it: “Under Pressure”, in the way Queen sings it (and Keane too, if my memory doesn’t fail) sounds a lot like “society vs the individual”. All the song is permeated with references to people not being/doing what they want. “Why can’t we give ourselves one more chance?”, “Pressure […] puts people on the streets”. Really, not a happy song. The strong hits of Roger Taylor on the drums mark it as a very strong mood and strong feelings.

I can’t completely say “it’s utter crap”. At least the guys kept in their rhythm instead of just mimicking the original song. Unfortunately, they had the very sad idea of doing a cover version of “Under Pressure” when it’s tone have nothing to do with their type of song.

So, if you have a strong stomach or really doesn’t care about songs, press play:

The early possibilities for the TNG cast

SlashFilm psoted a very interested thing for Trekkies: The list of early actors considered for The Next Generation. When I was reading the list and wondering “Who is that guy?” a few names suddenly popped up like “Hey! I know this guy!”, so I decided to check Memory Alpha to see if any others joined any of the series later.

  • Picard
    • Patrick Stewart: Well, he got the job.
    • Mitch Ryan: Played Riker (Jonathan Frakes) father, apparently in 2 episodes.
    • Roy Thinnes: Didn’t join the cast.
    • Yaphet Kotto: Didn’t join the cast.
    • Patrick Bauchau: Didn’t join the cast.
  • Tasha
    • Lianne Langland: Didn’t join the cast
    • Julia Nickson: Did two different, minor, characters, in two different TNG episodes.
    • Rosalind Chao: Really joined the cast, and with a character the got into two series: first, 9 episides in TNG and then 18 in DS9, as Keiko O’Brien. The curious thing about this is that, in my humble opinion, Keiko and Tasha are completely opposites.
    • Leah Ayers: Didn’t join the cast.
    • Bunty Bailey: Didn’t join the cast.

    The actress that got the job was Denise Crosby, which was selected for another role.

  • Data
    • Mark Lindsay Chapman: Didn’t join the cast.
    • Eric Menyuk: Joined in 3 TNG episodes, as a center character for those episodes.
    • Kevin Peter Hall: Only for one TNG episode.
    • Kelvin Han Yee: Didn’t join the cast.

    (Weird fact: Brent Spinner, who got the job and was considered one the best impersonations of an android, is not in the list.)

  • Ryker
    • Michael O’Gorman: Didn’t join the cast.
    • Gregg Marx: Didn’t join the cast.
    • Jonathan Frakes: Got the job and shown the world what a manly beard looks like.
    • Ben Murphy: Didn’t join the cast.
  • Geordi
    • LeVar Burton: Got the job.
    • Reggie Jackson: Didn’t join the cast.
    • Tim Russ: Did a small appearance in TNG as a thief knocked out cold by Picard in the first half of the episode, made a Klingon in a single DS9 episode and joined Voyager in full time to play Tuvok.
    • Wesley Snipes: Didn’t join the cast.
    • Victor Love: Didn’t join the cast.
    • Chip McCallister: Didn’t join the cast.
    • Clarence Gilyard Jr.: Didn’t join the cast.
    • Kevin Peter Hall: Yes, see above.
  • Beverly
    • Anne Twomey: Didn’t join the cast.
    • Jenny Augutter: Didn’t join the cast.
    • Cheryl McFadden: Yes, she joined the cast as Beverly Crusher. Unsuspecting trekkies know her as Gates McFadden, though.
  • Troi
    • Denise Crosby: Joined the cast, but not as Troi. She got the part for Tasha Yar while Troi was played by Marina Sirtis. The history says that, in the episode Tasha dies and they have her funeral, Sirtis was really crying, as both became really good friends.
  • Wesley
    • J.D. Roth: Didn’t join the cast.

OAuth paranoia

One day after I posted the lack of respect for OSS apps in Twitter “ecosystem” (a word they seem to like a lot these days), they announced that the API request for trending topics will now return the promoted tweets.

As I was reading this announcement, the paranoid hat fell on my head.

As I explained before, OAuth allows Twitter to simply cut the access of an application at their own will because, as they say, it may “harm the ecosystem”. The problem is that since forever, the line of what is “harmful” to the “ecosystem” was never fully explained and seems to be a moving target: Every day, someone will post on Twitter-Developement-Talk about their applications getting rejected due some not explained reason and being pointed to the Terms of Use.

Now, since Twitter never really explained what the “ecosystem” is and can simply cut any application they want, what may stop them to cut the access of some application that removes promoted tweets in the basis that promoted tweets are good for the “ecosystem”?

Does this paranoid hat make me look crazy?

Twitter making it hard to use OSS apps with their API

Twitter, the biggest microblogging tool around, decided to change their policy to applications and it’s making it hard to OSS developers create applications that can be as good as the other applications.

First, let me explain what is the problem they are trying to solve, how they are trying to solve and how this will make the life of OSS developers harder.

How things work today?

Today, applications can use the Basic Auth, which send your username and password to Twitter, which checks and, on success, returns your messages, direct messages, post your update and so on. The flaw in this is that someone could be “listening” to your communication and easily guess your username and password. Or you computer could get hacked, attackers could just retrieve the file with your password. And then, one day, you wake up and see some of your updates saying, for example “Buy viagra” or “I liek cocks”; not good.

Solving the password stolen problem with OAuth

To solve the problem of someone stealing your password, Twitter decided to embrace OAuth for two reasons: First, you store an authorization token on your side and not your password, so if you your computer gets hacked, they still don’t have your password. Second, if one application misbehaves, you can remove its permission to post and you should be all good.

On top of that, for applications that are very very naughty, they can completely revoke your application access. Why? The logic behind it is that spammers don’t really care if their spammy applications are misbehaving, as long as they post spam all the day. It also makes the spammers life harder by forcing them to create accounts manually (which they do already) and applications manually, or a group of fake accounts could suddenly stop working ’cause one single application was revoked.

And where is the problem?

Basically, to avoid someone to listen to your communication and use your authorization token, the application must have an identification and a secret token, which is used to encrypt the authentication token and message signature. So, even if your computer is hacked and their stole your authorization token, they still can’t use it ’cause they don’t have the application secret and, that way, can’t sign the messages as being that application.

So Twitter said to all developers today: “Never share your keys! I”

And here lies the problem for open source developers: We were forced to chose amongst two options:

  • First, we could follow Twitters idea and not share the application keys with the application itself. For a user to be able to use the application, then, they would have to register they application themselves, with another name. For an experienced user, it may be ok, but for users that simply want to read new messages, going all the way of registering an application, knowing if it is a desktop or a browser app, provide some URL and so on it’s too damn complicated. Most users would simply forget about, and think that their friend’s application, which is closed source, is way better.
  • Second, we ignore Twitter’s recommendation and distribute our application with our keys. In this case, we can either suffer from someone taking those keys and spamming Twitter, thus revoking the application secret and letting our users without any access till we provide a new secret; greately reducing our users protection ’cause their authorization tokens can be easily exploited in case their computers get hacked; or, simply, Twitter decides that since we are providing our keys publicly, and that’s bad for the ecosystem (because of the two previous maybes) and revokes the application anyway.

In summary: Either we give applications with a terrible user experience or we have to bite the bullet and give our users an application with incredible reduced security for them (or that, one day, will simply stop working even if the community of users around it behaves nicely, just because someone took the keys and abused the system.)

Twitter came with a solution for open source applications that, basically, mimics the application registration thing: The application is marked by them as open source, so we would have access to another URL, which basically registers a new application with your application as template, gets a new application secret and identification, returns to you and then you keep using that from now on. So, in case the secret is hacked, only one application is compromised and only one application is blocked. But that won’t be available on the day they will kill the basic authorization. So there will be a gap where open source applications and their users will be completely vulnerable to attacks.

Personally, I hate this instance from them. With Mitter, I always aimed for a simple application that would be easy to use and secure, whenever possible. Their current position forces me to chose one in favour of the other.