Nearly all the code that comes out of CherSoft is digitally signed. You might reasonably ask ‘So what does that mean and why should I care?’. Well, the signature provides proof that the code came from CherSoft. It also proves that the code has not been tampered with. So, not only can you be sure that you are getting exactly what you think you are getting but also that nothing has been added (like a virus) or taken away or fiddled with. This is actually a pretty strong guarantee. It is also pretty important. In fact it is considered so important that most of the requirements for handling and checking digital signature are built right into the Operating System.

Here is some technical stuff. It is easy to copy and edit files – so how do digital signatures prevent tampering? The clever bit is the use of asymmetric cryptography. Now the math behind this is a bit evil and well beyond me, however the practical upshot is that it is possible to encrypt something with a private key that can only be decrypted with a public key (a key is a string of digits that is used in the encryption algorithms). You can’t use the public key to work out what the private key is (that’s the asymmetry bit). Signing the code involves creating a digest and then encrypting this with the private key. A digest is  a summary of the code which will always change if the code changes. Imagine taking every 100^th letter from a book. If the book changed then the sequence of letters would change. A digest works (very nearly) like this. It is much shorter than the whole book so it can be encrypted or decrypted quickly.

So if we give you our public key and sign the code using our private key then you can use the public key to be sure it came from us.

How do you get our public key? Easy – we put it into a certificate. This is a file which contains some information about us (CherSoft), an expiry date and our public key. When Windows checks the files before installing them it looks for a signature and checks it against the certificate. The certificate is appended to the code but you can, if you want, download a copy of it here.

Now if you are paying attention then you should be asking ‘ah ha, but how can we tell the certificate is genuine?’. Maybe you have landed with some virus ridden code and they supplied a certificate with it as well. This loophole is closed by digitally signing the certificate. We don’t do this. Verisign do it for us. In fact we pay them quite a lot of money to do it for us. Verisign sign our certificate and then the public key to  verify that signature is stored in a Verisign certificate. Verisign are known as a Certificate Authority. They sign a lot of certificates and their public key unlocks all of them. The certificate containing their public key is known as a root certificate. You can trust it because it comes from a well know source and it is ubiquitous. If someone attempted to forge our public key certificate they would not be able to use the Verisign certificate because the private key for that is kept very private. So the certificate chain leading to a trusted root certificate is your guarantee that the code is exactly what it is supposed to be.

The CherSoft certificate is signed by an intermediate certificate which in turn is signed by the root certificate.

This stuff is a bit technical and involved. Fortunately it is also quite effective and, for the most part, handled by the Operating System (Windows) in a way which makes downloading and installing stuff safer. If you ever see a message along the lines of ‘This code comes from an untrusted source’ then you should make sure that you are confident that you know exactly what it is before going any further.

The Verisign certificate needs to be installed on your computer. So how does it get there? Turns out that there are several mechanisms of which the easiest is that the Windows Update service will do it for you. Keep Windows up to date and there will not be any problems (not this sort of problem anyhow). If you do not update your PC then a problem can arise because the one of the root certificates becomes out of date. We do see this occasionally especially on shipboard computers which never get to see the Internet from one year to the next. If your root certificate is out of date you may get to see this:

The solution is to download the missing or out of date certificates. You can get the Verisign intermediate certificate here and the Verisign primary root certificate here.

Copy the information for the Certificates as explained on the web page. Then paste them into plain text files (use notepad) and save it to a file whose extension is .cer.  Follow the instructions to create a .cer file for each missing certificate. Copy the certificates to the PC. Right click and choose ‘install certificate’. This requires Admin privileges. Choose ‘Automatically select the certificate store…’ when asked and accept all other defaults.

If you want to check signature on our code manually then download the Nuno Navigator installer and right click on the file (called nunonavigator.exe). Click on the Digital Signatures tab.

Click on the CherSoft Ltd signature and choose details.

Lloyd’s List today has heralded a move towards cheaper ECDIS. Most ECDIS are a pretty bog standard PC bolted into a nice case along with some software. It is the software that makes the PC sing and dance. This is what turns an ordinary computer into an ECDIS. This is what the navigator works with and steers his ship by. This is what the training is all about.

How do you reduce the price of software? There is a simple equation in industry that says you cannot sell things for less than the cost of manufacture. Well you can, but not as a long term proposition. In general the idea of any manufacturing business is that you get some raw materials, make something from them and then sell the product so that you can cover your costs and maybe make some profit.

Making cheap software then, how can you cut the costs? There are three broad areas of cost in manufacturing:

• premises, infrastructure and plant
• sales and marketing
• raw materials

Nothing too special about the premises. Any half decent office will do. Infrastructure is the usual raft of management, accountants, office cleaners, human resource experts and other essentials. Plant pretty much comes down to computers and an Internet connections.

Marketing is essential. If nobody knows about you then it can be quite hard to sell.

So far there is nothing unusual, by which I mean that these considerations apply to pretty much any industry to a greater or lesser extent. The way you control costs on this stuff is conventional and well understood.

However when we get to sales things start to get a little more interesting. Cost of sales for software? Just about zero. There was a time when we would put a CD in a pretty box with a thick manual but we’ve just about grown out of this now. Nobody ever read the manual, the box would end up in the bin and having installed the CD you would often find out that the first thing you needed to do was to download an update. So most software is supplied directly these days and that costs nothing, approximately. The server sits there supplying copies of the software and whether is sends out to 10 or 10,000 users really makes little cost difference. In fact really all that business with the boxes and CDs still didn’t add any significant overhead. Low cost of sales means that there are some big bonuses in selling large volumes of licenses. When we talk about selling software we are really talking about selling licenses to use a copy of the software and this is really cheap to do.

The raw materials for software are people. More specifically people’s brains. The rest of the person is needed as support infrastructure. You need good people to write good software. It is not easy. You need good people and you need time. To build a brick wall faster you can put more builders on the job. Put more programmers on a project and it will often backfire. I have not just made this up, the principle was established over 25 years ago.  Employing clever software engineers is expensive. Very expensive. In fact this is where the bulk of your manufacturing costs are. For a typical software house as much as 90% of their total costs will be wages. People really are the raw material in this industry and in terms of quality, you get what you pay for.

So how can we cut costs? The only cost area that will make and significant difference is the programmers.

Option one. Make the programmers more productive. Shouting, threatening and beating is not very effective (I’ve tried). Providing good tools and using modern project management techniques is much better. Even so there is still a limit. These approaches should be part of a modern software company already so there is not much scope for cutting costs here.

Option two. You could try going for cheaper programmers. This does not work very well. Typically you end up with badly designed software which takes twice as long as you hoped to develop. It is difficult to use, looks rubbish, nobody likes it, there are bugs, it crashes and it is very difficult to maintain. None the less this approach is tried from time to time – you may have encountered some of this software.

Option three. Stop development. If the software does its job and there is no real requirement for further features then this is very effective. Your development costs will be massively reduced and with the minimal cost of sales you will be able to ship software at bargain basement prices.

In the ECDIS world option three has got to look very tempting. Making the software better is very expensive and don’t forget that each new release needs to go through a type approval phase. More expense. Is this a good idea? Well with some 50,000 vessels that will need to fit ECDIS only 5% or so actually have it (ECDIS Revolution Conference). At the same time a much larger proportion have some sort of ECS (not to be used for navigation). This suggests that although they like the electronic navigation bit they are not so keen on the actual ECDIS. Why not? Many possible reasons but my point is that the forthcoming legislation is going to force them to buy a piece of kit that they don’t want. So what would you do? Buy the cheapest solution that gets a tick in the box maybe.

It all comes down to price. A global market of 50,000 is not really all that big for a software product that takes many man-years of work to create. It is going to be hard to claw those costs back. The change in the regulations mean that ECDIS will compete on price and very little else. This will effectively freeze ECDIS development. Option three. You have a type approved solution, it ticks the box and the lower the price the more you will sell.

So, just maybe, we are going to arrive in 2018 with a modern vessel using software written in 2008 based on a display standard from 1998. Yep, it’s going to be 20 years out of date. Just think how good the sat nav in your car was 20 years ago.

In a previous blog I was encouraging people to pay attention to what the software license actually meant. I shall now attempt to take my own medicine by describing the Nuno license sufficiently succinctly that you won’t doze off or lose the will to live before you get to the end.

On the way I may even convince you that this is a really good deal with no subtle clauses that are going to disappoint you.

Here is the small print – in headlines.

Summary

For an initial outlay of $100 you can have a license for a state of the art navigation system and a one year subscription to full support and update services. After a year you can choose to renew your subscription for a further $50.

If you want to know more; keep reading.

How to buy Nuno

On the Nuno website you create an account and pay for Nuno with your credit card. This gets you a license to use Nuno and a subscription for a year.

How to get Nuno and Install it

You may have already downloaded Nuno to try it out before you bought it. If not you can download it now. This will be the very latest version. As soon as Nuno starts up on your computer it will ask you for your account logon credentials. This is the same email address and password you used to create your account. Nuno will use these to activate over the Internet. Once activated Nuno is fully functional.

You can have Nuno installed and activated on two computers at the same time. This is so that you can have one PC for route planning and another, maybe a laptop, for use at sea.

You are now up and running with the latest version of Nuno and a complete set of up to date charts from NOAA.

During the next year

The subscription is valid for a year and entitles you to the following:

· You will be able to use our chart updating service. This is basically just one click to update all your NOAA charts.

· You will be notified of any updates to Nuno.

· Occasionally we find bugs or problems in the code. More often we want to roll out a bunch of usability and implementation improvements. You will be able to download, install and use the new version of Nuno with these fixes and improvements.

· In the next year we are planning to add several new features including Active Captain Integration, AIS support, S63 (commercial, encrypted ENC), auto-helm and a rolling road (whatever that is). You will be able to download, install and use the new versions of Nuno with these new features.

· If you encounter any problems or have any issues you will be able to contact us directly and probably have your question answered by one of the programming team.

After a year

The subscription expires in a year.

At the end of the year we will invite you to renew your subscription. This will cost just $50. If you renew your subscription then you can carry on with all the good things I have just described for another year.

Expired subscription

You can still use Nuno. It is yours to keep and use whenever you want.

If you ever lose your copy of Nuno you will be able to log into your account and download a fresh copy.

You can still update your charts but not via the update service. You will need to download updates directly from NOAA and then install them manually.

You will not be able to upgrade Nuno. Activation will be frozen at the latest version on the date that your subscription expired.

You might think, quite reasonably, that since you’ve been to the store, handed over some hard earned money and come home with a nice new plastic wrapped box, that you had just bought some software. It says software on the outside. It contains a disc with the software on it. It is on my desk. It is mine. I bought it.

Nope you are wrong.

What you actually bought is a license. Even though you physically have the disc in your hand what you really have is a license and a copy of the software which you are only allowed to use according to the terms of the license. You did read the small print before parting with those bills I hope.

I guess the nearest thing to actually owning software might be owning the IPR in the source code but even that is often not clear cut. Several parties may have contributed. In fact this is quite commonly the case especially for any larger system. It can get very messy, very expensive and if all you want to do is use the software then it is probably very little use. You really don’t actually want to own the software – you just want to be able to use it whenever you want – kind of like owning it.

Let’s get back to the store. The crux of all of this is not legal ownership so much as allowing you to do what you want to do with the thing you have paid for. So you buy a license which lets you take it home and use it. Feels a bit like I bought it and there doesn’t seem to be much practical difference so is that the end of it?

Well no – I wouldn’t be blogging about it if it were that simple (ok - I might, but in this case I’m not).

Software is very different to most things you buy. By comparison to, say, a puppy dog, it makes less poo (usually), it does not age and it is easy to copy. In some ways it is a bit like music and shares some of the music problems:

If I buy this CD can I use it in all my CD players?

Yes, of course (^_^)

 

Can I rip it and copy it to all my MP3 devices?

Errr… not so sure (-_-)

 

Can I copy it to all my friends and use it for my vids?

Try that we’ll be round to shoot the puppy (>_<)

 

Actually software has even more problems. If your favorite singer hits a bum note then you might not expect to get an upgrade to the album with it fixed (although this can actually happen). However you would, quite righteously, expect buggy software to be fixed (although this often doesn’t happen). Then there is all the business about upgrades and new features. What about support when you can’t work out how to use it? Finally there is the service aspect. Most modern software comes with some sort of internet based functionality whereby information is provided as a service. So how do you make a license for this lot? Well there are many ways and this is where it starts to get difficult – not just for you but for the company making the software as well. I did really mean it earlier about the small print. You haven’t bought the software so what on earth have you bought?

What does a license cover?

Here are some commonly occurring elements in software licenses:

Use of the software.

This is a fairly simple consideration and also the most important so it is what is usually focused on. These conditions will usually apply to a specific version of the software.

· The software can be used for a limited time. Often called a subscription.

· The software can be used indefinitely.

Warranty

What is going to happen when (not ‘if’) bugs are found in the code? There are several common approaches including:

· Unlucky – learn to live with it.

· A fix will be released for this version. This may only be made available to people who bought it recently or who have paid extra.

· This will be fixed in the next version which also includes new cool features so we are going to charge for it.

Upgrades

It is not guaranteed but most software will continue to develop after the initial release. So what does the license say about upgrades?

· No such thing. Each new release is treated as a brand new software product.

· Ok, there is such a thing as an upgrade so we will charge a reduced price to existing customers.

· It is version specific. So the girlfriend 2.0 license might allow upgrades to girlfriend 2.1 but not to girlfriend 3.0 (with the impressive new features).

· Unlimited. The license allows all upgrades to the software as they become available.

Support

You cannot make the tachyon emitter operate at full power and you have no idea whether to reverse polarize the matter stream. How can you get some help? Just what is actually meant by support covers a wide range of notions. Here are a few:

· None. Just Google it if you have an issue.

· Some information on a website. Bit static but you may find something useful if you are lucky.

· A forum, chat room or notice board. Bit more interactive but can have a poor signal to noise ratio. Useful to chat in a more general sense but less good if you have a specific problem which is stopping you working.

· Support by phone or email for a limited period of time. This is another type of subscription but it is actual real support though – you can ask a direct question and get a response. Might not be a very good one but that’s not the point since we are looking at license models.

· Pay per use support. There are various ways to extract your money such as a premium rate line or a requiring a credit card. This type of support can lead to lovely scenarios where you end up paying a company to tell them that there is a bug in their software.

Service

This is often associated with some of the provisions above so for example software upgrades and support issues may be dealt with through a website that you need to log on to and this is part of the subscription.

Sometimes the service maybe for the provision of data, such as a global database of puppy names and what they mean.

· Always available. If you can run the software you can access the service.

· Part of the subscription. You can access the service while ever the subscription is up to date.

· Pay as you go. You pay for what you use when you use it.

Checklist

So here is the quick and easy checklist for a software license. Go on… have a look at the small print. This is what really defines what you are buying - not the picture on the box.

Use

How long can you use the software for?

How many computers can you install it on? 

Are there any other restrictions on use?

Warranty

What is the provision for patches?

How long are patches going to be available?

How do you report a bug?

Upgrades

What upgrades are likely to be available for this version?

Support and Service

How much can I get before I have to start paying?

Marine navigation software, written by sailors for sailors. Ah, that sounds good. Lots of hands on, practical, real life, genuine salt encrusted sea-going experience built in. Actually I could go for a bit more on this principle. How about legal software, written by lawyers for lawyers. Not bad but you might be tempted to ask a question as to why, if the lawyers are good lawyers, they are spending time writing software. Or what about educational software, written by children for children. Now this is starting to get a bit daft. Children can’t write software. Well I am sure there are some that can but professional, well crafted, reliable software? Seems a bit unlikely and before someone tells me that their munchkin has already come up with a successor to Windows 7 my point is that is this really not a good recommendation.

The notion doesn’t map to other areas very well either. Office blocks, built by accountants for accountants. Well good luck to them. Comfy chairs, built by lazy people for lazy people. Might cause a few delivery issues. Beds, built by sick people for sick people. Unlikely to get much investment for this enterprise. So why does it sound a good idea that navigation software should be created by sailors?

I think part of the issue might be that programmers, geeks, get quite a bad press. Pale skin, thick spectacles, a propensity for pizza and a quite astounding ability to misunderstand the real world. Worse than that they just don’t speak English. I don’t mean that they are aliens but that they live in an unreal, virtual, fantasy world. They have their own language, their own humor, their own sense of reality. Naturally the software that they create, while it may be very clever, is going to be incomprehensible to a down to earth and practical mariner who is mostly concerned with the business of getting from A to B while avoiding a particularly nasty rock at C.

Bit of a conundrum. You are going to need the geeks to write good software. Just like car repairs are best left to a mechanic, fixing teeth should be left to an orthodontist and flying a jumbo jet is best when done by a pilot (trust me on this one). Creating good software is difficult and you are going to need all those years of geeky experience and training to get a professional product. It’s not like writing a book. Being an author is not easy but it doesn’t require the same level of expertise and education. In fact, as you can see here, anybody can give it a go. So sailors can, and do, write some excellent books. But software, well, that’s just a whole load trickier.

Of course there are a few programmers that also sail. These are very useful guys and behind most good navigation software you will probably find one or two of examples of this rare breed. Even so there is a still a problem. There are many right ways to sail. There are also quite a few wrong ways of doing it. I know because I have tried a few. Creating navigation software, a tool, to suit one approach can be quite challenging. Making a tool that is more generally useful is altogether a much more ambitious objective. So how do we attempt this? Well I could write a book on it. Actually, if I am honest, I would probably lose the will to live if I tried such a thing but I might consider a few blogs on the subject. If you are interested?

In the meantime we have marine navigation software written by professional software engineers (some of whom sail) guided by professional and recreational mariners which frankly doesn’t have such a good ring to it and that is possibly why nobody bothers saying it.

When we started writing Nuno, we really wanted to make it simple and easy to use. That's easy to say — but not as easy to do.

Most of the software products we write at CherSoft are large systems. These products are used every day by trained professionals, who can afford to spend a week learning how to use the product, if it means they can do their job much more efficiently later. For Nuno, we've been trying hard to adjust our mindset. Our customers are mostly not trained professional navigators, they won't be using the software every day, and we hope they are more interested in enjoying a weekend away on their boat than they are in fiddling with navigation software.

For Nuno, we think “easy to use” means

• People should be able to put the software onto their computer easily to try it out.
• People should be able to see quickly whether Nuno suits their needs
• People should be able to learn how to use Nuno even if they are not confident with computers. They shouldn't need to read manuals or search online.
• People shouldn't be able to break anything or get confused about what they have done with it
• The Nuno experience should be all about sailing a boat or planning a trip, not about struggling with software

As we started out, we had a really clear idea of what we don't like in the software we use in our daily lives. We don't like menus. We don't like dialog boxes. We don't like having to remember where things are or what they do. We don't like enormous seas of confusing options and settings.

As we went along, we quickly discovered that it's not easy to write simple software. Now we've finished, I think we've done a reasonable job of it, and I've put together this list of the principles we leaned on to guide us.

Ubiquitous direct manipulation

If I don't like something, I want to be able to grab it and change it. I don't want to go hunting in a menu for an option.

In Nuno Navigator, to change the chart orientation you grab the North arrow and drag it round.

Minimal mouse mileage

Once I'm familiar with a particular program, hiking my mouse around just slows me down. If I have to refocus my attention constantly and move my mouse away from what I'm working on, I'm likely to keep forgetting what I was trying to do in the first place.

The “ubiquitous direct manipulation” I mentioned earlier is good for maintaining focus. If I decide I want to change the name of a point, my mouse is probably near the point name already, so it's easy to mouse to the point name and edit it there on the chart.

I'm also a big fan of “Context Menus”, where each item has its own mini menu. If I've drawn a point overlay on the chart, and I want to change the symbol shown on the chart, I click on the point with my right mouse button and select a new symbol from the list. I don't have to move my mouse far and I don't have to wade through lots of menus filled with irrelevant options. The only options in the menu are the ones that make sense for a point — that's why it's called a context menu!

Everything is reversible

Right from the beginning we knew we needed good support for Undoing things. We want everyone to be able to play about with Nuno in the confidence that whatever they do, if it doesn't work they can just hit Undo straight away.

Like newer versions of Microsoft Office, our Undo / Redo menus give you a drop down list showing what you've done, so it's easy to understand what you did and what you are undoing.

Be helpful

We use "hover tips" to show you how you can interact with something.

Don't make people feel stupid

Have you ever gone to make something special for dinner, and discovered you don't have the right ingredients? Or come back from the hardware store with a new drill, only to find out you don't have any drill bits? Have you ever typed your credit card number into a website, only to be told you are wrong, and credit card numbers can't have spaces in? Did you forget where you saved a document?

One of the reasons I like working in software is that we can often fix problems like these. Some of the time we can just fix the problem automatically and you'll never know about it. For example, if we need your credit card number without spaces in it, we can just make the software remove the spaces. When we want to talk to your GPS we auto-configure it by ourselves instead of asking you to tell us the settings. Some of the time we need some help from you, but usually we can just ask you a couple of questions and then let you get straight back to what you were doing. We try not to stop you and put up a big sign saying “No! Wrong!”.

The results

We're fairly pleased with how Nuno turned out, but we're sure we could make things better. What do you think? Do you find Nuno easy to use? Has Nuno ever left you feeling stupid or wondering what happened? Let us know about your experiences in the comments.

Choice is not necessarily a good thing although it can superficially seem positive. “Would you like a choice?”, “Oh yes please”. Without quality or real purpose behind the choice it can easily become just so much noise. There is a lot to be said for choosing a restaurant with a short menu. They will tend to concentrate on getting these few dishes just right. If you are lucky the food will even be freshly prepared. An extensive menu on the other hand might indicate a lot of freezer space and a bank of microwave ovens.

When we are designing software it is all too easy to implement too much choice. There is a constant stream of decisions ranging from the aesthetics of how to lay out a dialog to parameters that control data flow and the underlying program operation. Often it is tempting, easier, to defer these to the user. With layout decisions the programmer can completely duck issues such as creating a balanced look. What color should this line be? I don’t know so I’ll let the user decide. In one sense this is more work, certainly there is more code to written. But this is easy stuff for a programmer, it is what they do and this can be a more appealing path than stepping outside of the comfort zone and taking an external perspective. Adding more user choice may seem like empowering the user. Sometimes this is true but not always. It is always bad to clutter up the user interface because this will detract from the real purpose of the application. There is always the risk of a combinatorial explosion of optional parameters leading to many that simply don’t work. The control bar gets moved off the screen or the text becomes invisible or an unanticipated configuration simply causes the program to crash. In earlier versions of Windows it was perfectly possible to set the color scheme to something completely unusable, to make the task bar vanish, to stop the mouse dead in its tracks and to get the keyboard to generate gibberish. Actually some of this may still be possible but I have learnt to stop fiddling.

Some user options are essential – but which? One guideline is to think about what the application is trying to achieve. An accounts program would probably be equally useful if it had a grey border or a blue one. It doesn’t matter too much. On the other hand a fashion conscious teenager might consider the skin color of their iPhone application to be a fundamental expression of their personality. Often it seems to me one of the many by-products of age is a preference for things that ‘just work’ over trendier considerations, but that is not the point here. The point is ‘can the program work just as well without this option?’ because if it can then maybe the choice is just clutter.

To me the worst choices are those I don’t understand. ‘What allocation size to use for the secondary backup cache?’. I don’t know. I don’t even know what color the cache should be so now this software is starting to make me feel stupid. Configuring a network connection used to be a minefield of difficult questions like this. Fortunately, after possibly diverting some funds from the helpdesk to the development team, this has now become mostly automatic. It just works. That’s  much better. If the program can work it out for itself then it should. Even, and this can often seem the case, if it involves loads of code to do something that the programmer thinks should be ‘obvious’ to any half informed user.

Another good way to spot the better restaurant is by how crowded it is. Confident and keen to impress, I once led the way into a very promising and packed Parisian eatery only to find that the sole occupants were in fact a visiting rugby club and their supporters. We chose to leave shortly before the first course but just after the singing started.