Today I want to talk about two significant advantages that Ubuntu has over Windows 7 and Mac OS X. This came up last week because Apple displaced Oracle as the new world leader in security vulnerabilities, according to a report from Secunia. And Ars Technica astutely pointed out:

The report includes cumulative figures for the number of vulnerabilities found on a Windows PC with the 50 most widely-used programs. Five years ago, there were more first-party flaws (in Windows and Microsoft’s other software) than third-party. Since about 2007, the balance shifted towards third-party programs. This year, third-party flaws are predicted to outnumber first-party flaws by two-to-one. Secunia also makes a case that effectively updating this third-party software is much harder to do; whereas Microsoft’s Windows Update and Microsoft Update systems will provide protection for around 35% of reported vulnerabilities, patching the remainder requires the use of 13 or more updating systems. Some vendors-Apple, Mozilla, and Google, for example-do have decent automatic update systems, but others require manual intervention by the user.

That leads us to Ubuntu’s first big advantage.

1. Comprehensive software updates

In a world where most of the security vulnerabilities are coming from third-party applications, Windows and Mac machines are at significant risk because they run lots of these apps and those apps aren’t always updated automatically, which leaves the machines open to attacks.

Again, to be clear, both Microsoft and Apple have comprehensive updating systems for their software — both the OS as well as company apps that run on top of the OS. The problem is with the software (programs, extensions, and plug-ins) from other vendors and the inconsistent methods they use for updating their code to protect against known flaws.

With Ubuntu, there’s one comprehensive software updating system. This is possible because Ubuntu has a centralized repository of applications and the only third-party applications that make it into the main repository are the ones that have been tested by Canonical (the company that produces Ubuntu) and are proven to work with the OS. This means that the Ubuntu main repository doesn’t always have the very latest version of Firefox, for example, but you can be sure that the one it does have will typically install easy, work smoothly, and remain updated automatically.

There are also other repositories of applications that you can connect to with Ubuntu, but these are supported by the Ubuntu community or by commercial companies. Still, if you trust them and connect to them, then their updates are also automatically run through Ubuntu’s Update Manager (below). As a result, Ubuntu offers a much more centralized and effective way to keep computers up to date — especially if you stick mostly to the software in its main repository.

2. Integrated app store

While managing Ubuntu’s software repositories is handled with an administrator tool called Synaptic Package Manager, there’s also a much easier way to browse through the official Ubuntu-sanctioned applications. It’s called the Ubuntu Software Center and the people I know who have used both Ubuntu and the iPhone typically say, “It’s just like the App Store.”

From a user perspective, the Ubuntu Software Library has a very similar experience to the iPhone App Store or the Android Market. You simply open it up, browse or search through different categories of applications, and download the ones that you want to try. It’s basically an app store for the PC.

And, while iPhone and Android have a mix of free apps and paid apps, the apps in the Ubuntu Software Center are nearly all open source and free of charge. Like iPhone and Android, you have to sort through a fair amount of chaff in order to get to the wheat, but it’s still a terrific 21st century computing experience. Both Windows and Mac need to learn from the app experience that is driving the mobile device market. Ubuntu has already beaten them to the punch.

If you add that to the fact that Ubuntu does a better job with software updates (a big security boost), then Ubuntu becomes a much more viable alternative for modern PC users, especially those who access most of their services and enterprise apps via a Web browser.

All videos and slides are available below.

Fireside chat with the Google Wave team

Google Wave API design principles: Anatomy of a great extension

Waving across the web

Open source Google Wave: Building your own wave provider

Making smart & scalable Wave robots

Google Wave Media APIs: Attachments can surf too!

Google Wave and the enterprise environment

With the right commands, you can turn your favorite command-line text editor into a distraction-free Google Docs app, add new events to Google Calendar, upload images to Picasa or video to YouTube, backup your Google data, and more. Here’s how it works.

On Friday, Google released GoogleCL, a saucy command line program that interacts with Google services from any *nix-friendly command-line prompt (on Windows, Mac, or Linux). We spent the weekend playing around with it, and now we’re sharing a few of the coolest ways we’ve been putting it to use.

What You’ll Need

Before you can execute any of the cool commands below, you’ll need to have installed a few things to get GoogleCL up and running on your system.

• Windows users, you’ll want to install Cygwin. (If you’re not familiar with Cygwin and how it works, check out Gina’s introduction to Cygwin.) If you’d really prefer to stick with Windows’ Command Prompt, you can set up GoogleCL with these instructions instead.
• If you haven’t already, you’ll need to have installed Python 2.5 or higher on your system. To do so, simply type python -V at your command line prompt (see screenshot).
• Next, you’ll need to download and install two utilities from Google. The first is the gdata-python-client; the second is GoogleCL—the main tool that drives the tricks below. For more details on the installation process, check out Whitson’s instructions for installing GoogleCL. If you’re a Windows user and having some trouble figuring out the installation, take a look at PC World’s Cygwin-specific instructions.

Now that you’ve got everything up and running, let’s take a look at some of the coolest tricks you can accomplish.

Use Your Command Line as a Distraction-Free, Google-Docs-Backed-Up Text Editor

Distraction-free text editors are all the rage these days, but who needs a fancy new application to give you a plain text word processor when GoogleCL can do the same thing—and when you’re finished, upload your results to your Google Docs account every time you save. To fire up your own minimalist, distraction-free GoogleCL word processor from the command line, just try something like:

The command above will open and edit an existing document in your Google Docs account if one exists; if not, it’ll create one with the title you’ve provided. The last piece, --editor, determines which command line text editor you’ll be working in. If you’re a whiz with vim, then you’ll probably want to use that. If you’re not all that familiar or comfortable with vim, I’d recommend editing using nano, a command-line based text editor that’s a bit more like writing in a normal word processor, and will look like so:

When you’re finished writing and want to upload your results to Google Docs, in nano type Control+X to upload the results to Docs and quit your text editor. (You can fire it back up to edit the same document at any time by just repeating the command above).

Quickly Add Any Event to Google Calendar with Plain Language

You can quickly add any event to your Google calendar with GoogleCL with one command and plain language. For example, if I were to simply type:

…and hit Enter, GoogleCL will create the event in Calendar and figure out what I meant about the when and where. It’s the same Quick Add feature available on the Google Calendar site, but you don’t have to fire up your web browser and wait for Calendar to load to use it. You can enter the who, what, where, and when, and Google Calendar will figure out the rest.

Upload a Folder of Images to Picasa

Sure you could open up the Picasa desktop app, but if you’ve got a folder full of old pictures you want to upload to Picasa in a jiffy, the GoogleCL upload tool is a great option:

As you’ve probably figured out, —title denotes that “My Awesome Pool Party” is the name of your new album, and the folder directory after that is the folder it’s going to upload pictures from. You could upload an individual picture, but if you want to upload the whole folder, make sure you include the asterisk at the end of the path. When it’s done, you should see all those pics up and ready to share on your Picasa Web Albums account. Pool photo from lepiaf.geo.

Upload a Video to YouTube

I actually hate using YouTube’s web-based uploader, so I’m especially keen on this one. You can upload any video to YouTube like so:

Schedule Backups for Your Google Data

Possibly one of the most useful ways you could put GoogleCL to use off the bat—particularly if you’re paranoid with the idea of storing all your data online—is to back up the data from your Google services. In a single command for each service, GoogleCL can back up all of your Contacts, Docs, and Picasa photo albums, for example, and I’d guess the backup support will improve for most of the services. Here’s how it works for Contacts, Picasa, and Docs.

Google Contacts

This will pipe all of your contacts to a comma-separated list that can easily be imported to other contact management applications or simply saved to a backup folder, just in case.

Picasa Photos

Google Docs

Note: Docs backup isn’t perfect just yet (spreadsheets aren’t supported, and I had to enter the specific folder I wanted downloaded instead of it letting me grab everything at once, but GoogleCL was released on Friday and already updated once this weekend, so I’d expect some of these tools to get a lot better over time.

Expanding What GoogleCL Can Do with Other Tools

As you probably figured out after examining a few of the actions described above, GoogleCL’s syntax is pretty simple. To execute a command, you simply type google, followed by the service you want to access (e.g., calendar), followed by the kind of action you want to perform using that service (e.g., create, edit, delete, post, etc.). Finally, you’ll add some specifics after that action based on whatever it is you’re doing (e.g., the file you want to upload, the title you want to give to a new document, or the event you want to schedule).

With other tools and tricks, you can do all sorts of fun things stuff with your Google data. Over at Smarterware, Gina suggested using the Calendar tool to display your agenda for the day every time you open a new Terminal window by adding:

…to your ~/.bash_profile file. Whitson suggested piping the results to a plain text file to use with something like GeekTool (Mac) or Rainmeter (Windows)—both of which can display plain text files on your desktop. A command like:

…would do the trick nicely. (The greater-than sign pipes the output of any command to a file, so myagenda.txt would contain the same text returned in the command line.)

Cron It
Perhaps most useful, a lot of the tasks available—particularly related to downloading backups or uploading folders of pre-defined content—can get especially handy if you set them up to run as cron jobs. Cron schedules any command based on user-defined times, so you could set a cron job to, say, download backups of your Picasa photos on a weekly or nightly basis. If you’re new scheduling with cron, check out IBM’s introduction to cron.

Google’s video introduction to Google TV helps us understand a bit more about the nifty unreleased service, Android developers are focusing on user experience in the next update, and Microsoft starts testing the Windows 7 Service Pack 1 beta.

* What is Google TV?
If you haven’t figured out what Google TV is yet, this video will explain that it’s an all-encompassing multimedia system on your big screen. [YouTube]
* Android Team “Laser Focused” On The User Experience For Next Release
Google says that the next release for Android, Gingerbread, will focus more on the user experience than features. Google is reported to have said that, barring a few tweaks, they more or less have the features they want. [TechCrunch]
* Windows 7 Service Pack 1 beta invites dispatched; testing to begin shortly
Windows site Neowin says that Microsoft is already emailing beta testers to test the new Windows 7 Service Pack 1 beta. There is a possibility that Microsoft will add USB 3.0 support and a more stable Bluetooth/Wi-Fi connection for users. [Download Squad]
* Google Wi-Fi Snooping Could Result In 30-State Investigation
Google’s entanglement with the government over Wi-Fi data gathering is getting more complicated. Thirty states are considering an investigation over the Google Street View cars, which have been gathering local Wi-Fi information from business owners and residents. [Gizmodo]
* My Dad Hacks For A Higher Cause
Developer Dave Waldman’s father shows what hacking is all about, beyond the latest computer program: improving the lives of others, actually making a difference, and making it accessible to everyone. [Dave Waldman]
* More international iPhone 4 pricing plans released
The iPhone 4 is coming to the rest of the world, with and without contract options. Here’s the deets on what you’ll have to pay for your shiny new phone abroad. [The Unofficial Apple Weblog]
* How to send digital invites without annoying your friends
With so many ways to organize friends together for an event, what’s the best method? Maybe you shouldn’t mass email everyone on your contact list, and save that for Facebook instead. [CNN]

With speechapi.com’s javascript API, it is possible to build interesting speech-web mashups that include both speech-to-text as well as text-to-speech.

A combination of several technologies and open source tools make this possible. In the browser, Flash is used to access the microphone and stream the audio to an RTMP server. Red5 is used because its a versatile media server that has the benefit of being open source and free.

Once that audio is received on the server, it needs to be converted to text. There are many speech recognition engines to choose from. Many are proprietary and provide very good accuracy results but they are pricey and closed source. There are some state of the art opensource speech recognition engines too, such as julius and Sphinx to name a couple. The speechapi service uses sphinx because it is license friendly and has a strong community.

Now this is great, we can transmit audio and convert it to text but we need to control the process and use the results in the web page. That is where Javascript comes in. Speechapi.com provides a Javascript API. There is a setupRecognition method that sets up the grammar used in the speech-to-text process. There is a simple grammar mode, where you can just provide a comma seperated list of words. JSGF is also supported and is useful for more complex grammars. There are also methods that communicate with the flash control to indicate when to start transmitting audio and when to stop transmitting audio. You can also use the flash controls built in press to speak button to specify the speech endpoints.

Recognition results are returned to your web page in a callback that you specify in the speechapi constructor. The results are passed from the server to client as a JSON string. The result object contains the raw text results as well as other information that can be useful for you speech client, like pronunciation and “grammar tags” that can be useful for semantic interpretation of the results.

We think this technology is pretty cool and we encourage you to try it out. You can try it for free at speechapi.com where you just include a few lines of of javascript and html into your webpage to enable speech recognition. We are also open sourcing the package over the next few months, so sign up at our site if your interested.

A Basic Speech Page

If you were to copy and paste the below code in a webpage it would show a basic Flash control that detects a number between one and five. Since it interacts with a Flash app you can’t just load the file off your harddrive. You need to load it from a website, so copy it to your apache /var/www or equivalent. Lets take a closer look at the code. First you need to include our api javascript file. Then you need to constuct the SpeechapiObject. The constructor requires a username and password, the callback function for recognition complete event, the callback for text to speech complete event, the name of the swf object that you can use to place the flash UI in the web page and the url of the speech server.

Signup at speechapi.com to get a developer id.

Running the Basic Speech Page

To run this application, load the new web page with your favorite browser from a web location. You should see the Adobe Flash Player Setting popup at the location you placed the swfcontainer. It looks like this. You will need to click Allow if you want to be able to send audio to the server.

Then the speech widget will be displayed in its place. To trigger recognition, press and hold the green button, speak a word between one and five (we set that up the grammar earlier) and then release the button. The button will turn yellow while it is depressed, indicating you are sending audio to the recognizer.

If all goes well, the system will speak the text that was recognized. Once the result is spoken, an alert indicating that the word was finished being played will appear.

Conclusion

We have shown that using existing opensource technolgies you can add speech-to-text and text-to-speech to your web pages. The speechapi.com’s javascript API is designed to be easy yet powerful.

In the next installment we will talk about how you can build multi-modal UI’s using JSGF’s tags and rules (to help provide semantic interpretation of recognition results) and Jquery selectors. If you want a preview check some of the demos at http://speechapi.com/demos.

Google I/O offered 90+ sessions featuring highly technical, in-depth content covering a number of technologies and developer products. All videos and slides are available below.

OpenID-based single sign on and OAuth data access for Google Apps

Bringing Google to your site

Google Analytics APIs: End to end

How Google builds APIs

Google Charts Toolkit: Google’s new unified approach for creating dynamic charts on the web

Knowledge is (less) power: Exploring the Google PowerMeter API

YouTube API uploads: Tools, tips, and best practices

Analyzing and monetizing your Android & iPhone apps

Building real-time web apps with App Engine and the Feed API

Google I/O offered 90+ sessions featuring highly technical, in-depth content covering a number of technologies and developer products. All videos and slides are available below

Fireside chat with the Geo team

Mapping in 3D: Tips and tricks for Google Earth API and KML

Stepping up: Porting v2 JavaScript Maps API applications to v3

Map once, map anywhere: Developing geospatial applications for both desktop and mobile

Moving beyond markers: Advanced Maps API customization

Where you at? Connecting your users with the places around them

Unleash your map data: Cloud computing for geospatial applications

The SketchUp 3D API: Working with 3D geospatial data

How Maps API v3 came to be: Tips, tricks, and lessons learned in developing a cross platform desktop and mobile API

The links in the bulleted list above will take you to the YouTube playlist for that session track. You can also find the videos and slides for each session on the individual session pages listed below.

Beyond JavaScript: programming the web with native code

Chrome Extensions - how-to

HTML5 status update

Developing web apps for the Chrome Web Store

WebM Open Video Playback in HTML5

Google Chrome’s Developer Tools

Developing With HTML5

Using Google Chrome Frame

Fireside chat with the Google Chrome team

The links in the bulleted list above will take you to the YouTube playlist for that session track. You can also find the videos and slides for each session on the individual session pages listed below.

Appstats - RPC instrumentation and optimizations for App Engine

Next gen queries

Data migration in App Engine

What’s hot in Java for App Engine

Building high-throughput data pipelines with Google App Engine

Testing techniques for Google App Engine

Batch data processing with App Engine

BigQuery and Prediction APIs

Google Storage for Developers

Run corporate applications on Google App Engine? Yes we do.

Fireside chat with the App Engine team

Building real-time web apps with App Engine and the Feed API

The links in the bulleted list above will take you to the YouTube playlist for that session track. You can also find the videos and slides for each session on the individual session pages listed below.

A beginner’s guide to Android

Writing real-time games for Android redux

The world of ListView

Casting a wide net: how to target all Android devices

Android UI design patterns

Developing Android REST client applications

A JIT Compiler for Android’s Dalvik VM

Writing zippy Android apps

Advanced Android audio techniques

Building push applications for Android

Fireside chat with the Android team

Fireside chat with Android handset manufacturers

Analyzing and monetizing your Android & iPhone apps