Buhjillions

The “most emailed” story in the NY Times today is about the prices and costs of sending text messages from a mobile phone.  Mobile phone companies charge an arm and a leg for these–in terms of markup on costs it has to be the single most lucrative service they offer.  US carriers charge 20 cents per text, and UK carriers charge 10p for pay-as-you-go text messaging, which doesn’t seem like much until you consider how little data they’re actually carrying.

Text messages are limited to just 160 characters, which can be encoded into just 140 bytes.  To give you an idea of just how little that is, I compared it to the size of the web-version of the NY Times story linked above.  Just the basic HTML (i.e. no images) is 89,986 bytes (or about 88 KB).  That’s about 642 text messages, which is more than my monthly allowance.  Including images, this figure jumps to 858,333 bytes, or 5,360 text messages, more than I send in several years.  On my iPhone, my monthly plan includes unlimited Internet data, and I can download the NY Times article (over the relatively poky GPRS connection) in about 20 seconds.  Yet my plan only includes 500 text messages: an amount of data that could be transmitted in a second over standard connections.

A space scientist at the University of Leicester calculated that sending text messages cost more per byte than data from the Hubble Space Telescope.  It’s all to create the illusion of scarcity so the carriers can keep charging their exorbitant fees.  I remember seeing signs in India for text messaging at 0.08 Rupees per text, about 2 tenths of a cent.  This means US carriers charge 100 times more for their text messages.

The NY Times article goes into a little more technical detail to explain that text messages are actually packed into what’s called the control channel, used to send instructions back and forth from handset to cell towers.  These channels get used whether there are text messages or not, so an increase in volume adds little to operating costs.  The messages don’t appear on the high-bandwidth channels used to transmit voice, further supporting the conclusion that text message pricing has nothing to do with the actual costs of carrying the data.

Fortunately, as the NY Times article explains, Herb Kohl, the chairman of the Senate antitrust subcommittee has taken the first steps in attempting to get the carriers to account for their behavior, and several lawsuits have been filed accusing the companies of price fixing.  All I have to say is, “about time.”

The Oxford Bodeian Library’s collection is one of the main tangible things that makes Oxford a world-class research institution.  The troves of primary sources, obscure titles, and first editions make it a mecca for historical and literary research.

This is a promise which I don’t think the Oxford Libraries live up to in practice, because the University has not invested enough in updating the tools people use to find what they’re looking for.  The ability to quickly and efficiently find information in Oxford’s catalogs is hampered by outdated and poorly designed interfaces, and incomplete records.  The experience is not worthy of the excellent collection and international reputation the Libraries have.

We live in a world of speedy full-text search of almost the entirety of the Web, accessible instantly from any computer and many mobile phones.  As a result, libraries have a tough act to follow to make finding printed materials as quick and cognitively intuitive.  The databases libraries maintained about their collections seemed monstrous in a time before Google, but they are now very limiting: title, author, some keywords, and a bewildering string of letters and numbers aren’t much data for smart search to chew on.  Web search engines also exploit links between different pages to form their results, but collections databases are relatively flat.  Full text search might be coming, but there’s truckloads of books to scan between now and then.

So no, I don’t expect the library website to be as good as Google, but I don’t think that complete and humane are unreasonable expectations.

By complete,  I mean that I expect all records from all collections in the Oxford University Library Services to be accessible by web-based search.  As it stands, for example, Oriel College Library’s catalog is only available via telnet.  Unless you were a nerd before 1995, (or use the libraries at Oxford) you might never have even heard of telnet.  Telnet is a text-only interface designed in 1969 as one of the very first internet standards.  It’s slow, clunky, unintuitive, and there’s no way to save anything you’re doing and come back to it.

I could go on for pages about what makes websites humane, but the redesigned SOLO (Search Oxford Libraries Online) interface is a big leap forward from the previous system.  Standard web-browser behaviors, like using the forward and back buttons or saving results as bookmarks don’t break it.  It has advanced search features like boolean operators and the ability to search particular libraries.  Unfortunately, if the material is not on the shelf (which it isn’t always clear about) it simply plunks you back into the old, ugly, inhumane system to request it from the stacks.

As a scientist, I don’t often research using books. I’m much more likely to look up journal articles, which unless they are old or obscure, are very likely to be online.  Every once in a while, though, I’ll want a paper which isn’t online, and it’s good to know that the library has my back (old and obscure is Oxford’s specialty).  I’ve noticed that when using search tools by Ex Libris, a little button appears beneath many results that says “Find It Oxford.”  Ex Libris know what stuff Oxford has in its catalog and clicking it takes me to an Oxford page.  Unfortunately, this is in the old, ugly interface, and it dead-ends: giving me information about the holding but not allowing me to do anything with the information, like request it from the stacks.  If I want to do any of that, it’s back to top level interface (but at least this time, title in hand).

So, things are looking up, but Oxford’s Library access is still sub-par.  Its number one priority, at this point, should be getting all books and all the libraries available to be searched via SOLO.  The first thing researchers care about is completeness.  They can’t trust a tool that they know won’t give them all the results.  Then, it should cut the last vestige of the old system away and build a humane system for stack requests.

The icing on the cake, for me, would be seeing the full text of every title they have whose copyrights have expired accessible via the internet.  They’re partnering with Google, starting in 2005 for book scanning, but, as far as I can tell, library users have yet to see any of the benefits.  The Oxford website claims this will take three years, but my opinion of “official” Oxford timelines sinks the longer I am here.

It always impresses me the number of machines that can be made to work again just by banging on them.

The gasman was at my house today looking into why the radiators on the top floor don’t heat.  The first thing he did was take the plastic knobs off the valves and then proceed to pound on them with a wrench.  He explained that the valves have wax in them which expands when heated.  This pushes a pin into place to close them, but occasionally they get stuck in the closed position.  Banging on them frees up this pin and allows the valve to open.  Several minutes later, they were heating again!

Our washing machine also responds favourably to a good thrashing.  It occasionally develops a error with the (electronic) front panel which stops the washing cycle and causes the machine to beep incessantly.  A quick slam near the front panel and it picks up where it left off as if nothing had happened.

Some machines need to be explicitly designed to be resistant to shock and vibration—aviation comes to mind immediatly.  But many ordinary machines seem to get “stuck” for lack of a more precise word.  Corrosion, disuse, or foreign matter clogging up the works.  A quick shock to the system is sometimes all it needs to get moving again.  Maybe in the future, before calling the repairman, I’ll be less hesitant to take matters in my own hands and start by swinging something heavy.

They used to call them 3D accelerators, and eventually “graphics processing units” or GPUs, but these days graphics chips are so programmable that we might as well start calling them “general processing units.”  (DVDs play the same game with “digital video disc” taking on the wider “digital versatile disc” moniker .)  Graphics chips are becomming more powerful and more programmable—they’re becomming a lot like having just an extra processor in your system.

This has two main consequences:

Graphics programmers will start to explore alternate rendering paradigms like ray-tracing or voxel rendering.  Ars Technica has a great interview with Tim Sweeney of Epic Games on this subject.  Sweeney’s point is that with really programmable and really powerful GPUs, the rendering APIs like Direct3D and OpenGL become a crutch and limit innovation and creativity in creating graphics.  Developers will just write their own renderers using other established or hybrid paradigms.  GPUs become little more than extra processing power.

Secondly, GPU hardware gets general enough to get repurposed for other processor-intensive tasks.  I remember my computer architecture teacher telling me in 2005 about biology researchers using GPUs to accelerate floating-point intensive simulations.  Now I’ve just read, in another Ars Technica piece, about a commercial software package that uses GPUs to accelerate password cracking.

We’ve known since Alan Turing’s time that all information processing hardware is equivalent up to some small overhead.  Building specialized hardware for specialized tasks can yield performance gains, but only for large tasks where this overhead is non-trivial.  The so called “physics accelerators” which are starting to appear on high end gaming machines seem to be doomed to failure for this reason.  Hardware accelerated audio was just a blip on most gamers’ radar 8 years ago.  Why create a dedicated processor for physics/audio/graphics when you could instead just upgrade to a CPU with more cores…

My iPhone was gimped, but not yet dead.  The problem was with the “home” button, and being the only button on the front face, you can imagine it gets used frequently.  It had lost the crisp, original clickyness and trying to press it was like using a sausage to play a snare drum.  Sometimes I’d press and get no response, sometimes a double click, whisking me away to the favorites list instead of the home screen.

After dealing with the pain that is Vodafone (my previous carrier)’s repair service, I was reluctant to go down that dark path, and just dealt with my limp iPhone for a couple weeks.  Remembering that my 1 year warranty would expire in November, I finally got around to making the call to get some reparations.

Fortunately, as I discovered, Apple’s customer service and repair arm is a class act, even in a country where the bar has been set pretty low.  The first phone call to Apple went well: short wait to talk to a rep with fluent language skills, and a competent sounding manner.  He issued me a repair ID and ordered a returns kit sent to my house.

Now, the story hits a few bumps in getting the returns kit delivered.  Of this I hold no malice against the rep I spoke to; it was a simple misunderstanding.  When he read the address they had on file, I assumed he left out the house number for brevity, but as it turns out, it just wasn’t there.  So UPS received an address with the correct street, but no house number.  As helpful as I have found the order tracking website in the past, once there was a problem the cryptic “delivery exception” messages were of little use in deciphering what the problem was.  Fast forward about a week, several phone calls to UPS, and several mornings wasted waiting up for the deliveryman who seemed to need a signature to deliver me what is essentially an empty box; I called Apple to have them deliver to my lab instead.  I had my kit the next day.  This time didn’t bother me too much, since the iPhone still worked OK, but if I had a dead phone, I’d have been pissed at UPS (and probably Apple for hiring them).

Opening up the returns box was almost like unboxing a new gadget from Apple.  Carefully laid out were all the things I’d need to ship my iPhone to Apple, right down to an included paper clip to open the SIM card tray on the iPhone.  Also included was a pre-paid envelope and address label to ship the iPhone to Apple.

Once it shipped, I could use my repair ID to track the status, but it turns out I needn’t have worried. Apple sent me an email once my iPhone arrived, and, 3 hours later, after they shipped a replacement.  That impressed me—3 hours after my gimped iPhone arrived at their repair center a replacement left destined for me. Unfortunately, this was on Friday afternoon, and the replacement didn’t arrive until Monday.  Since they picked up the entire tab including shipping both ways, I couldn’t begrudge them for not splurging on Saturday delivery.

The difference between this and Vodafone’s service, which they charge £7 per month for, is like night and day.  I knew where my iPhone was at any time via the web, even during transit using UPS tracking.  When Vodafone repaired my phone I gave it to a man in the store and just waited until the predetermined pickup day.  Several times (yes, I had several repairs) I returned on the appointed day to be simply told that it hadn’t returned yet and that I should come back tomorrow.  Apple took 3 business days (5 including the weekend) to return my iPhone, while Vodafone typically took a week.  Apple proactively informed me about the progress, while Vodafone didn’t even let me know when there was a delay.

Good customer service includes the tenet that a customer’s problem is your problem until it’s resolved, and it includes keeping the customer in the loop.  Good customer service is something Apple UK has, and Vodafone doesn’t.

“Unboxing” Photos of the Return Kit below:

There’s another problem with passwords which deserves its own post: what do you do when you forget one?  It’s bound to happen, right?  With so many passwords floating around in our heads, we inevitably forget one entirely or forget which password goes with which account.

Sites can’t just tell you to get lost when you can’t remember, so they need a Plan B to authenticate that it’s really you, and not some attacker.  Now, if you have an existing relationship with the entity you’re trying to reset your password, it makes it much easier.  If I forget my login password at work, I walk down to IT and either talk to someone in there that knows me, or show somebody my ID card.  They reset my password, and I’m off to the races.

But most sites on the internet don’t know me and haven’t issued me any kind of physical token I can use to prove that I’m me.  So, they punt.  They fall back on one of two methods: security questions, which are the slow-pitch softballs of the security world, or they simply pass the buck to somebody else to authenticate you, namely, your email provider.

Security questions are basically another form of password; information which is nominally secret, but much easier for you to remember.  The age-old bank security question of your mother’s maiden name, or the name of your first pet, or your elementary school.  Because these are usually questions about your past, they’re easy to remember, but also very easy for an attacker to guess or find out the answers.  The well publicised break-in on VP candidate Sarah Palin’s Yahoo Email account provides a good example of why security questions aren’t really secure at all, if the alleged first person account of the break-in is to be believed:

The intrusion, according to this account, was carried out via Yahoo’s password reset feature. Though the original post has been deleted, it was copied and reposted to several other blogs.
In the post’s telling, the exploit took no more than 45 minutes and simply required searching the Internet for basic personal information, such as Palin’s zip code, birth date, and where she had met her husband.

Of course, being a VP candidate is sure to have made it easier to find the biographical information required for this attack, but the point is that the answers to security questions aren’t usually well kept secrets, and enough digging by a determined attacker can punch right through them.

Many sites forgo questions and use the strength of your email authentication.  They send you an email with a temporary password, or a code to enter to be able to create a new password.  This means that your email account should be the most sacred of all your passwords—strong, unique, and changed often—because if it is compromised an attacker will have “the keys to the kingdom” of many of your other accounts.  Of course, this style of authentication doesn’t help email providers like Yahoo!, Gmail, or MSN/Hotmail.

And, in this respect, Information Cards are no better.  They can be lost in a computer crash, accidentally deleted, or not transferred to a new computer.  This means that sites that use them still need to punt on security in exactly the same way.  There are such things a “managed information cards,” which are issued and secured by a trusted third party.  If the user has an existing relationship with the third party (their employer, for example), they can be reissued access in a more secure way.  But this is really no different than resetting a site password via your work email account (on which you can gain access securely).  In both cases you and the site agree that if you lose your credentials, then you both should trust your employer to securely deliver you new ones.

Photo is Eric Tipton from the Duke University Archives.  Licensed under Creative Commons.

Every new site that provides a personal service needs to authenticate you the next time you return.  They need to make sure you are able to access your account and others are denied.  The standard way to do this is to have you create a secret password to identify yourself when you return.  And there begin your troubles, noble websurfer.

Most people don’t just have one web-based service they use, they have between a few and a few dozen.  The safe thing to do, of course, is to create a unique password for every site you sign up for.  One for Gmail, one for Amazon, one for PayPal, one for your internet banking, one for… you get the idea.  Strong passwords are very random, with plenty of crazy symbols and odd capitalization.  Of course, the way the human brain works, the longer and more random the password, and therefore the stronger, the harder it is to remember!  If your mind is anything like mine (which is to say, human), you’ll know the futility in trying to create and remember unique, secure passwords for each site that requires one.

So, we cheat.  We create relatively weak passwords.  Or, we reuse them.  Or both (in college, every private multiplayer game we created was always secured by the password “spandex”).  Reusing passwords is particularly Bad News Bears because you can’t know what the site you’re sending it to will do with it.  Will they store it securely?  Will they sell it to criminals in Russia?  Are they criminals in Russia?  So if you currently use the same password for http://somerandomforum.tk as your bank or email account, you might want to reconsider.  As you might imagine, the extent to which I follow my own advice depends on the perceived risk of getting a password stolen, and the potential damage an attacker could do with that particular password.

And, there are other problems with passwords.  Even if we could all remember hundreds of complex passwords and the sites they belong to, they’re still vulnerable.  They can be captured by eavesdroppers if used over an unencrypted channel, or users can be fooled into giving them away in a phishing attack.

A recent (well, August. I’ve been busy) NY Times piece introduced me to an alternative to passwords.  It’s called an Information Card, and is in essence the digital equivalent to an ID card.  Under this system, the computer does the heavy lifting of creating a unique token for each site you visit, so a malicious site can’t use the information it gains to break into your other accounts.  It also will only transmit the information over a secured channel, so there’s essentially no way eavesdroppers can intercept your credentials.

However, there are still ways to attack this system, even if the author, Randall Stross, doesn’t seem to think so.  In one breath, he quotes Scott Kveton (of the OpenID foundation) as saying, “there is no silver bullet, and there never will be.”  Then, in the next, he goes on to talk about information cards as if they’re some kind of panacea.  They aren’t.

MS Windows Cardspace, an implementation of information cards

Essentially, you are trading keeping a secured secret in your head (a password) for a secured secret on your computer (an information card).  This means that if an attacker gains access to your computer, they can steal your cards.  And, since the cards are simply bits of data, they can be copied, meaning they can be stolen without you ever noticing they’re gone—that is until you notice accounts being compromised.  A PIN is no defense; attackers might design viruses or worms to steal them after you’ve entered your pin, then silently delete themselves, removing any evidence you’ve been compromised.

Still, relying on keeping your computer secure does seem like a safer bet than passwords, at least for the time being.  If the movement gains momentum, it might do some good.  Also, smart-card readers of various sorts are becoming relatively standard on business laptops.  In the future, an information card could be embedded on one of these smart-cards, this would make them hard to steal and very hard to duplicate.

I’d be tempted to try it out on spikecurtis.com, but its designed to work only with SSL-encrypted connections, which I don’t have the credentials for.  The only site I know of that uses them now is Microsoft’s Live ID, only in beta, and only with IE 7 (there is a Firefox plug-in, but it doesn’t work with Firefox 3).

Maybe Microsoft should move its headquarters to 1 Infinite Loop.

This morning, while trying to send out some mail in Microsoft’s Outlook 2007, I noticed that after nearly 10 minutes, the message I tried to send was still sitting in my Outbox.  When I clicked “Send/Receive,” like ya do, Outlook decided to get stuck in an infinite loop of trying to send, failing, and then trying again without any kind of warning, I racked up dozens of sendmail tasks in the “Send/Recieve Details” dialog in a few seconds.  I had to kill Outlook from the taskbar.  This was no ordinary glitch: I tried restarting Outlook, switching back and forth from Offline Mode, and sending from a different account, to no avail.

Creating a new message, readdressing, and copying and pasting my email contents into the new message seemed to work.  Although, I can’t help but wonder if several of my friends got multiple (hopefully not dozens!) of copies of the email.

Then later, it happened again!

Long story short, after some furious google searching, I found some hints of explanation.  It seems that sometimes (perhaps due to ActiveSync tomfoolery) the Address Book in Outlook gets corrupted, and some display names are orphaned, no longer associated with an email address.  When you address an email to one of these orphaned names and click send, it sets Outlook into this infinite loop.

This is a pretty huge failwhale on Microsoft’s part on several levels.

Firstly, the Address Book, “what about it?” you ask.  “Isn’t that just your Contacts folder?”  As far as I can tell, no.  The Address Book is some vestigal part of Outlook code which is what is actually invoked to translate names into email addresses, rather than just using the Contacts database directly.  No one ever opens their Address Book, so far as I can tell (although there is a shortcut for it: Ctrl+Shift+B).  Everyone manages their contacts and email addresses in the contacts folder, and behind the scenes Outlook relies on some software scorcery to keep the two in synch.  Obviously, this breaks from time-to-time.  From a humane computing perspective, this is particularly cruel—creating two places to keep email addresses when one would do. Then, allowing the synchronization break without any warning until it causes a problem like:

The Infinite Loop: Seriously, Microsoft, when a display name pulls up a null from the Address Book, the best you can think to do is just try the whole send-mail process over again?  No error message, no looking to the Contacts folder for the address, no prompting the user for how to handle this, just keep banging your head into the wall.

And not only that, but the most information I can find about it on Microsoft’s site is from a post in October 2007 to Microsoft’s forums.  This means that this bug has been burning people for nearly a year with no visible action on Microsoft.  No Knowledge Base article explaining a work around, just some forum posts to wade through to try and pick the most appropriate solution.

For those who came via google or elsewhere looking for a solution, I’ll explain what I did to (hopefully) clear it up.  Basically, we’re going to manually clean up the Address Book.  This will be fine if there are only a few entries that need cleaning; I had about 2 dozen, If there are lots that are b0rked on yours, you might want to try some ideas listed in this thread.

1. Go to Offline mode (File -> Work Offline), and delete any offending messages from the Outbox.  Save the text first, so you can resend, by copying and pasting into Notepad or similar.
2. Open the Address Book (note: this is not the same as the Contacts folder).  Tools -> Address Book, or Ctrl+Shift+B.
3. You should see a list of names, display names, and email addresses.  Corrupt entries will be any that have the email field left blank.  Note that any Contacts you have which don’t have email addresses saved should not appear on this list at all, so anything with a blank email address is a corrupted entry.
4. Find a corrupted name, and then close the Address Book, go to your Contacts and open the entry for the name you found.  You’re going to copy the email address to the clipboard (Ctrl+C), clear the email field, then save the contact without an email address.  Then reopen the contact and paste the email address back in place (Ctrl+V), and save again.  This should recreate the entry in the Address Book with the correct email address.
5. Rinse, repeat until all corrupt entries are fixed.  (You can ignore Distribution Lists, they won’t have an email address listed.)

Shame on you, Microsoft, for wasting over an hour of my time diagnosing and repairing Outlook from a bug that should have been fixed months ago.

Quantum computing has had the attention of the US Government for over a decade, ever since the discovery that quantum computers could be used to break a widely used cypher.  The cypher, called RSA, forms the cryptographic backbone of secure communication on the web.  If you’ve ever typed a URL that started with https:// (the ’s’ standing for secure), or seen that little padlock symbol in the corner of your browser, then you’ve almost certainly used this cypher.  But RSA is used for more then just securing your credit card details when you buy a DVD on Amazon; it’s used by governments, financial institutions, corporations, activists, freedom fighters, and terrorist groups.  And, for an intelligence gathering service like the NSA or CIA, it is presumably a huge thorn in their side.

Quantum computing is my area of research, and I have a little known organization in US Government to thank for the grant money that pays for my work in Oxford.  (Well, both them and my supervisors here in Oxford who won the grant and recruited me.)

Amusingly, this organization has managed to shift through three different names since our grant started 3 years ago.  It was originally called the Advanced Research Development Activity (ARDA).

Then, sometime between Oxford winning the grant and my arrival, the organization was renamed to the Disruptive Technology Office (DTO).  This was easily my favorite of the three.  By disruptive technology they presumably mean technologies which fundamentally change the way we do important things: in our case, the way people communicate on the internet.  However, when ever I heard Disruptive Technology Office, all I could imagine is a nondescript brick building in DC somewhere.  It’s nice and peaceful, unobtrusive on the outside, and there’s a pleasant receptionist in the atrium.  Then you descend down an elevator, doors slide open and there is absolute bedlam: sirens blaring, flashing spinning lights, klaxon horns, and people throwing papers in the air, running around with their arms overhead screaming, “shiiit! shiiiiiit!”

I’m sure it’s nothing like that.

There was yet another restructuring, with the DTO being folded into a new organization called the Intelligence Advanced Research Projects Activity (IARPA).  To my continuing amusement, they pronounce it like pirates: yarpa! The name is meant to conjure up ARPA, the Advanced Research Projects Agency, who brought you fun projects like the Internet.  ARPA today is called DARPA, the Defense Advanced Research Projects Agency, and is funded by the Dept. of Defence.  IARPA is funded by, you guessed it, the Director of National Intelligence.  Wired Magazine describes IARPA as “like DARPA, but for spies.”

I got a chance to go to an IARPA meeting, but sadly, “James Bond shit” (as it’s so marvelously put by Willem Dafoe in The Boondock Saints) was notably absent from the proceedings.  It was a program review of their funding efforts in quantum computing, and the most respected scientists in our field being there gave me a good idea of how influential they are in pushing the development of quantum computing technology.  But, as I said, there was no cloak and dagger—this was a meeting of scientists.  All this funding is happening in the open, with no restrictions on publishing.

There’s no doubt that the US intelligence community would love to be able to develop quantum computing technology for its code-breaking abilities.  Once it’s developed, whether or not they think they can keep it out of the hands of America’s adversaries is anyone’s guess.  Assuming the NSA doesn’t already have a quantum computer, the state of cryptography appears to be heavily favoring the cypher-makers, rather than the cypher-breakers.  Perhaps they think that quantum computers, even if we’re not the only ones to have them, might tilt the scales back in favor of intelligence gatherers.

I couldn’t help but put together a nice “synth” of Oriel College’s First Quad in Photosynth. My main camera is down at the moment, so it was the trusty iPhone to the challenge. Since they’re mostly viewed onscreen, it turns out that the iPhone does make pretty decent fodder for the “synther.” However, I did want some nicer pics, so I hopped in Flickr and dug out some Creative Commons licensed photos.

Don’t be shy about photos for this task, I took well over 100 for what amounts to little more than a big box. In contrast, I took over 150 of our experimental apparatus, which is considerably more complex, and ’synth only managed to stitch together a quarter or so. I’ll post a link to that synth when I’m happy with it; but it will probably require considerably more photos, more planning, or both.

Once the photos are on your hard-drive, it’s actually stupidly easy to turn them into a synth like the one you see before you.  You just fire up Photosynth (a free, but Windows-only, downloadable program), select your photos, give your synth a name, and click go.  You don’t have to do any work with lining up the photos or setting up the space you’re trying to create.  Synth just munches on them for a while (a long while: 10 minutes or so at nearly full CPU utilization and 100’s of MB of memory on a Core 2 Duo system), and then uploads the results to their site to view.

It’s rare that a piece of web tech lets you put together something so impressive so quickly and easily.  Just wow.  My biggest complaint about the service so far is just the lack of support for operating systems other than WIndows.