Duck and Cover

Hopefully by now you’ve heard that Hawaii was not attacked with ballistic missiles Saturday. It was, however, attacked by poor software design or, quite possibly, poor QA.

Let’s recap here.

The Hawaii Emergency Management Agency erroneously sent a cell phone warning message to damn near every phone in the state. The message warned of an incoming missile attack. Naturally, this caused a certain amount of chaos, confusion, fear, and panic.

Fortunately, it did not, as far as I can tell, cause any injuries or deaths, nor was there widespread looting.

The backlash has been immense. Any misuse of the cell phone emergency warning message system is going to trigger outrage–does anyone else remember the commotion back in 2013 when the California Highway Patrol used the same functionality to send an AMBER alert to phones across the entire state of California?

Many people turned off the alert function on their phones in the wake of that and similar events elsewhere–although, let’s not forget that one level of warnings can not legally be turned off. I don’t know if HEMA used the “Presidential” alert level–certainly a nuclear attack would seem to qualify for that level of urgency–but it may be that only the White House can send those messages.

For the record, my current phone doesn’t allow me to disable Presidential or Test messages; the latter seems like an odd exclusion to me. In any case, I’ve turned off AMBER alerts, but have left the “Severe” and “Extreme” messages on. I suspect many who have gotten spurious or questionable alerts have turned those off.

Which puts those charged with public safety in an awkward position. The more often they use the capability, the more people are going to turn off alerts. I hope the people looking into a California wildfire alert system are keeping these lessons in mind.

But I digress. I had intended to talk about the Hawaii contretemps from a software perspective.

The cause of the problem, according to a HEMA spokesperson, was that “Someone clicked the wrong thing on the computer.” Later reports “clarify” that “someone doing a routine test hit the live alert button.” I put “clarify” in quotes, because the explanation actually raises more questions than it answers.

See, for a test to be meaningful, it has to replicate the real scenario as closely as possible. It’s would be unusual to have one button labeled “Click Here When Testing” and a second one that says “This Is the Real Button.” The more typical situation is for the system to be set to a test mode that disables the connection to the outside world or (better yet) routes it to a test connection that only sends its signal to a special device on the tester’s desk.

Or heck, maybe they do have a test mode switch, and the poor schlub who sent the alert didn’t notice the system wasn’t in test mode. If so, that points to poor system design. The difference between modes should be dramatic, so you can tell at a glance, before clicking that button, how the system is set.

If it’s not poor design, the reports suggest some seriously poor test planning. Though I should emphasize that it probably wasn’t a failure on QA’s fault. They probably wanted a test mode, but were overruled on cost or time-to-launch concerns.

Wait, it gets better: now we’re hearing the problem has been solved. According to the news stories, “the agency has changed protocols to require that two people send an alert.” In other words, the problem hasn’t been fixed at all. The possibility of a mistaken alert may have been reduced, but as long as people can click on a live “Send an alert” button while testing, they will.

Better still, by requiring two people to coordinate to send an alert, they’ve made it harder to send a real message. Let’s not forget that emergency messages are time critical. If the message is warning of, say, a nuclear attack or a volcanic eruption, seconds could be critical.

But have no fear: the Homeland Security Service assures us that we can “trust government systems. We test them every day.”

How nice. In the immortal words of Douglas Adams, “Please do not push this button again.”

Nanny Speaks

A final thought on Spectre and Meltdown: while you’re updating your systems, don’t forget about your video cards. Modern cards have powerful processors. Even if the card itself isn’t vulnerable, there could be interactions between the video card and the main CPU that could be exploited. Nvidia is currently releasing new drivers that eliminate at least one such vulnerability.

Moving on.

In the latest sign of the impending Collapse of Civilization, a couple of Apple’s shareholders, the California State Teachers Retirement System and Jana Partners, are demanding that Apple modify their products to avoid hurting children.

Let that sink in for a moment.

Okay, ready to continue. Yes, there is evidence that overuse of smartphones (or, I suspect more accurately, apps) can result in feelings of isolation, anxiety, and depression. But the key word there is “overuse”.

The groups say that because the iPhone is so successful, Apple has a responsibility to ensure they’re not abused.

Apparently, less-successful companies don’t have a similar responsibility to their users, but leave that aside.

Apple certainly doesn’t have an unfulfilled legal responsibility here. So I’m assuming the groups believe Apple’s responsibility is moral. The same moral responsibility that forces companies that make alcoholic beverages to make them less attractive to teenagers and to promote them in ways that don’t make them seem cool. Ditto for the companies that make smoking and smokeless tobacco products, automobiles, and guns.

There are bigger, more important targets for Jana Partners and CSTRS to go after, in other words. But leave that aside too.

What their argument seems to boil down to is that Apple isn’t doing enough to protect the children who use their devices.

Keep in mind that currently parents to can set restrictions in iOS to limit which apps kids can use (including locking them into one specific app) and to require parental approval to buy apps or make in-app purchases.

The groups’ letter asks that Apple implement even finer degrees of control, so that parents can lock out specific parts of apps while allowing access to others.

Technically, that could be done, but it would be a programming and testing nightmare–and make customer support even more hellish than it already is. Every app would have to be modularized far more completely than they are now. That often results in apps getting larger and more complicated as critical functionality gets duplicated across the app, because developers can’t count on being able to invoke it from another module.

And just how fine-grained would it have to be? Could a parent prevent their kids from, say, messaging anyone with certain words in their user name? Or only prevent them from messaging anyone? Would Apple have to implement time-based or location-based restrictions so certain parent- or teacher-selected functions couldn’t be used at school?

How about a camera restriction that prevents teenagers from taking pictures of anyone the age of eighteen? That’ll stop sexting dead in its tracks, right?

The groups’ other suggestion is that Apple implement notifications to remind parents to talk about device usage with their kids.

Sorry, but if the parents aren’t already paying attention to what their offspring are doing on their phones, popups aren’t going to suddenly make them behave responsibly.

And that’s really where the responsibility lies: with parents. Responsible parents don’t buy their underage children booze and smokes, they don’t let their kids get behind the wheel on I-5 before they have a driver’s license, and they don’t leave their guns where their rugrats can get to them.

It’s a good goal, guys, but the wrong approach.

The Spectre of Meltdown

I’m seeing so much “OMG, the Earth is doomed!” noise about Meltdown and Spectre, the recently-revealed Intel bugs, I just couldn’t resist adding my own.

I know some of you have managed to miss the fuss so far, so here’s a quick rundown of the problem: All Intel CPUs and some other manufacturers’ chips are vulnerable to one or both of a pair of issues that were just discovered recently. That includes the Apple-designed chips in iPhones and iPads; many of the CPUs in Android phones; some, if not all, AMD CPUs; and every Intel processor from the Pentium* on.

* I find it ironic that the bug dates back to the Pentium. Turns out that chip’s early inability to do division was the least of its problems.

Both bugs are related to something called “speculative execution”. The brief explanation is that in order to give faster results, CPUs are designed to guess what work they’ll have to do next and work on it when they would otherwise be idle. If they guess right–and a huge number of engineering hours have gone into establishing how to guess and how far ahead to work–the results are already there when they’re needed. If not, the wrong guesses are thrown away.

The details are way too deep for this blog, but the upshot is that because the bugs are in the hardware, there isn’t any perfect fix possible. Meltdown can be patched around, but Spectre is so closely tied into the design of the chips, that it can’t realistically be patched at all. It’s going to require complete hardware redesigns, and that’s not going to come soon. I’ve seen articles speculating that it could be five years before we see Intel CPUs completely immune to Spectre.

Personally, I suspect that’s insanely pessimistic. Yes, it’s a major architecture change, but Intel’s motivation is huge.

More worrisome is how many other hardware bugs are going to turn up, now that researchers are looking for them. Even if we get Spectre-free Intel chips this year–which is as optimistic as five years is pessimistic–the odds are overwhelmingly good we’ll see more such bugs discovered before the Spectre fix rolls out.

It’s also worth noting that the patches for Meltdown aren’t cost-free. According to Intel, depending on what kinds of things you do, you could see your computer running anywhere from five to thirty percent slower. Let’s be blunt here: if you mostly use your computer for email, looking at pictures, and web surfing, you’re not going to notice a five percent drop. You might not even notice thirty percent–but your workload isn’t going to be the kind that has a thirty percent slowdown*. The people who will get the bigger hits are the ones doing work that already stress their CPUs: video processing, crunching big databases, serving millions of web pages, and so on.

* Unless some website hijacks your computer to mine cryptocurrency. But if that happens, you’d notice your computer slow down anyway.

So the bottom line here: Eventually, replacing your computer will be a good idea, but we’re not there yet. (And yes, given the speed and power increases we’re going to see between now and then, even if it’s possible to just upgrade the CPU, it’ll probably make more sense to replace the whole computer.) And in the meantime, unless you’re running a big server, do what you’ve been doing all along: keep your OS up to date with all the vendor patches, don’t run programs from untrusted sources, and if your search engine tells you a web site is dangerous, don’t go there!

All the News

Kind of a strange news day yesterday.

It started with the Amtrak train derailment in the Seattle area. Nothing inherently weird about the story itself–sad, depressing, and dispiriting, yes, but not weird. What was odd was that the first mention of it I saw was a tweet linking to a news report on an Irish newspaper’s website.

I have mixed feelings about what Robert Heinlein described as “the unhealthy habit of wallowing in the troubles of five billion strangers.” “Think globally, act locally” is appropriate in many cases–climate change springs immediately to mind–but are we really better off as a species when we can find out about every disaster, no matter how small, anywhere in the world? Maybe if the small triumphs were as widely reported as the failures.

But I digress. My original point was that I find it fascinating that not only does news travel so quickly, but so does news about the news. Taken by itself, I find that cause for a certain amount of optimism: it shows that transparency has never been a more attainable goal.

A couple of thoughts about the accident, as long as we’re on the subject. It’s laudable that Amtrak took steps to move their passenger service onto tracks not used by freight service. In theory, sharing tracks shouldn’t be a problem. In practice, the revenue generated by hauling freight has resulted in those trains being given absolute priority. The result has been ever-increasing unreliability in the passenger service, which results in lower ridership, which widens the income gap, and around we go in a spiral that makes it harder and harder to sustain the passenger side of the business.

So there’s that. But the fact that the accident occurred on the very first run over those new tracks suggests strongly that driver training was inadequate. Combine that with American railroads’ persistent unwillingness or inability to adopt train control safety technology that’s been in use everywhere else in the world for decades, and an accident of this severity seems inevitable.

It’s almost enough to make one start thinking in terms of conspiracy theories. Emphasis on “almost”.

Anyway, back to the news.

We also had an unusual example of synchronicity here in the Bay Area. Sunday night, a Richmond police officer began walking around a San Francisco hotel. He was allegedly talking about spirits for some time before he fired half a dozen shots, apparently into the walls. Eventually, he surrendered to the San Francisco police.

Then, apparently to balance the scales in some kind of karmic sense, on Monday a San Francisco police officer pulled into a parking lot in Richmond and shot himself. According to the Chron, he was under investigation, and he was being pursued by a Richmond police officer.

The timing of the two incidents is, of course, coincidental, but they did add a bit of surreality to the day.

Patreonizing

Well, hell. Patreon is currently in the midst of shooting itself in the foot.

Brief background for those of you who need it: Patreon is a crowdfunding site optimized for creators. Unlike Kickstarter, which focuses on specific projects, Patreon focuses on the creators themselves. Backers commit to funding individuals on an ongoing basis (either a set amount per month or a set amount per work of art*). In exchange, they receive benefits defined by the creator: early access to comics, patron-only poems, commissioned art, online meet-and-greets, etc., etc., etc., limited only by the creators’ imagination and the supporters’ pockets.

* “Art” being loosely defined here. It could be a drawing, a song, a mechanical object, or anything else the creator produces.

Patreon itself takes a 5% cut of the donations, and up until now, the creators have absorbed the cost of the contribution–the credit card processing fees, money transfer fees, and so forth. To grossly oversimplify, creators received about 75 cents of every dollar donated. More if they had a few large contributions, less if they had a lot of small ones, but somewhere around 75%, if the comments I’ve been seeing are representative. And, of course, the amount the artist receives varies from month to month, as the proportion of small to large contributions changes.

Effective December 18–unless Patreon changes its mind–supporters are going to be charged a fee for each contribution to offset the credit card and other processing charges. Patreon is promoting this as wonderful for the creators, who will now receive 95 of every dollar.

Well, yeah, except that a large portion of the contributions are currently at the $1 level. Those will now cost the supporters $1.38. Supporting somebody at the $5 level? That’ll now be $5.50.

Mind you, Patreon hasn’t officially notified supporters of this change yet, despite the fact that it’ll take effect in a little more than a week.

But they have notified creators and many of them are unhappy.

Seanan McGuire explains why in a Twitter thread.

In brief, she expects many smaller contributions to disappear, leaving her with a small number of larger ones. That’ll turn a reasonably solid support into a classic “rickety stool”: if even one of those larger supporters drops out somewhere down the road, the support is gone and Seanan falls on her ass.

And she’s right.

I’m not one of her supporters, much to my chagrin, because she’s one of my favorite writers, whether I’m reading for pleasure or professional development. But I have a limited amount of money I can afford to spend through Patreon, and so I’ve had to leave out many authors and artists I’d love to support.

With this change, I’m going to have to cut back. Most of my contributions are $1 a month. If that becomes $1.38 a month, it means I’ll have to stop my contributions to a third of the creators. That doesn’t only hurt the artists and writers I’m no longer supporting, but it hurts me as well, because I’m not getting the benefits of supporting all of them anymore.

And I’m sure I’m not the only one.

Patreon needs to rethink this plan and quickly. Granted, complaints are always louder than compliments–but I’m not hearing any compliments about Patreon’s plan. Not from patrons, not from artists.

If the only people who approve are Patreon’s staff, that doesn’t bode well.

Let’s be blunt here. In most businesses, credit card processing fees are part of the cost of doing business. You factor that in when you’re setting your prices. That’s why some businesses don’t take credit cards or offer a discount for cash purchases.

So here’s a thought: Patreon could smooth out the monthly variation–which they’re touting as a major benefit of their planned change–by taking a slightly larger cut from artists and using the money to cover the processing fees. And on the other end, treat patron contributions in bulk to minimize the fees*.

* Again speaking bluntly, they’re already doing this. If I make ten $1 contributions, they charge my credit card for $10, which would make the processing fee 64 cents (2.9% + $0.35). They’re not making ten separate charges with an aggregate $3.80 fee, and claiming they are is damn insulting when I can look at my credit card bill and see otherwise.

I can’t speak for all the creators, of course, but I’d be willing to bet that the majority of them would rather get 90 cents of every dollar from their current supporters than either 95 cents from a much smaller group, or the current 65 to 85 cents.

I’m sure there are other ways to solve whatever funding crisis Patreon has. But pissing off your customers is a less-than-optimal approach in any business.

Feeling Lucky?

It’s raining here. I say this, not to evoke sympathy–after all, I’m inside, warm and dry–but to set the stage.

Rain is coming down, and Casey is under-caffeinated. A messy combination that usually leaves me staring out of the window at the rain instead of doing what I should, i.e. writing a blog post.

There’s a soggy crow on the nearest street light, an even soggier deer halfway up the hill across the road, and what looks like the paper wrapper from a fast food burger disappearing around the corner.

This is all fascinating when I need to make another mug of tea.

Suddenly, my idyll is interrupted. An unmarked white van pulls up across the street. No more than three seconds pass before the driver, who’s wearing a dark-colored hoodie with the hood up, leaps out and takes a single step toward the house.

He hurls something over the front fence, frisbee-style. Before the object touches down, the driver is back in his van and halfway down the street, chasing the hamburger wrapper.

Folks, earlier this week four people were shot less than a block away from here. The police believe they were targeted, but say they have no suspects and no motive.

So I did what any sensible person would do: I got the hell away from the window.

I waited a couple of minutes, and when nothing had gone boom, I figured it wasn’t a bomb and went to investigate.

Turned out to be small padded envelope decorated with the Amazon logo. Considerately, it had been wrapped in a large plastic bag to protect it from the rain. I’m fairly sure it isn’t explosive.

I’m not about to open it. Not because I think I might be wrong about its explosive properties, but because it’s addressed to Maggie. But it’s sitting on the dining room table. Who knows what it might do half an hour from now?

I hadn’t realized I was this nervous.

But, sleepy paranoia aside, the situation is ridiculous, and not in a humorous way. In today’s restive–I might even say “hair-triggered”–environment, how many people would have taken a shot at the driver? “I was scared! It could have been a bomb!”

How long will it be before someone does disguise an explosive device in an Amazon box?

Gig economy drivers are even less visible than salaried, uniformed drivers in trucks bearing corporate logos.

It’s a hell of a murder method. You don’t need to shell out for anything but a box: no uniform, no rented truck. And, unlike a mail bomb, you’ve got complete control over when it gets delivered.

Like Herding Cats is going out to the beta readers nowish. Maybe I should take advantage of my time away from it to write something cheerful. (Which is not to say LHC is a depressing book, but it’s not all rainbows and unicorns either.)

But I can’t believe this hasn’t happened yet.

Feeling lucky?

SAST 09

With just a tiny bit of luck, this will be the last Short Attention Span Theater for a while. Barring unexpected events, Like Herding Cats will go out to the beta readers this week and I’ll be able to stop stripping my mental transmission by jumping back and forth among writing, re-writing, and copy-editing.

Which brings me to the first production on today’s program. I could use another beta reader. Now, before you immediately deluge me in requests, let me remind you what beta reading is and is not.

It is not an opportunity to read a book before anyone else. Well, okay, it is, but it’s also a requirement that you read the book critically. I’m not looking for “Hey, great book. I love it!” I want to know what doesn’t work. To that end, along with the book, beta readers get a laundry list of questions like, “Were all of the plot twists properly supported, or was there a point where somebody acted out of character in order to change the story’s direction?” and “Were there any jokes that just didn’t work for you?”

I don’t expect every reader to answer every question, but these are the things I need to know to make the book better, so the more you can answer–and especially, the more faults you find–the happier I’ll be. I want beta readers to find the problems, not agents and editors!

Still interested? There’s one more qualification: you must be familiar with modern urban fantasy, by which I mean you’ve read several works in the field which were published within the past five years. “Several” means “more than one, and by more than one author”.

If you’re still interested, drop me an email. Do NOT apply via a comment on the post, by Facebook Messenger, or by Twitter reply. Thank you.

Moving on.

And, speaking of jobs, I got a weird offer in email recently.

We bought our car from a dealership, and we take it in for maintenance every six months. They’ve got my email address because I like getting a reminder that it’s time for the next visit and because they send out occasional special offers. Yeah, imagine that, advertising done right: opt-in.

So then I got this latest note from them. “Join our team!” says the subject line. Uh-huh. Job listings. And not just sales positions. They’re looking for a mechanic and for a person to check cars in and out of the service department.

Apparently they consider recruiting to be a type of advertising. The email has their boilerplate at the bottom reminding me that I opted-in to receive occasional ads.

I find it slightly amusing, but also more than a trifle creepy. Imagine if the idea catches on. “Hey, I hope you liked the espresso you bought last week. How would you like to be a barista?” “Thanks for making your last credit card payment on time. Wanna join our team? We’ve got openings in the boiler room calling the deadbeats whose payments haven’t come in.”

There’s a place for everything–and that’s not the place for job postings.

Next time I take the car for maintenance, I’ll ask how many job applicants the email generated–and firmly request they remove my name from that list.

Moving on.

It appears our cats know there’s a place for everything. And once in a while, they take a vacation from playing “Gravity’s Little Helper” to put things in the right place.
14-cmf
We’ve taught them that fish comes in cans. So yes, that’s the current incarnation of Mr. Mousiefish, carefully place in a gooshy fud can–presumably so he can be eaten later.

Moving on.

14-psps
I can’t decide if this is so meta it’s hilarious or so cliché it’s painful. Though I lean toward the latter.

Joe, ya shouldn’ta oughta done it.

Not Just No

Not just no, but hell no. I’d use an even stronger word, but I try to keep this blog within shouting distance of being safe for work.

As anyone who reads this blog regularly has probably guessed, I’m talking about the just-announced Amazon Key service.

For those of you who haven’t heard about Amazon Key, it’s the Big A’s take on an idea Walmart introduced recently: a way for delivery people to put your packages inside the house, so they can’t be stolen.

Walmart’s version, by the way, is a little creepier: they’re offering the service for groceries, and it includes putting them in your fridge. For now, Amazon Key seems to be limited to setting your packages inside the door and leaving it at that. I say “for now” because it’s apparently their way of getting a foot in the door (sorry) and will be expanded later to offer services such as dog walking and housekeeping.

The way the service will work is relatively straightforward: you (well, not you, because I hope everyone reading this blog is smart enough to give Amazon Key a pass) buy a particular Wi-Fi camera and smart lock. Once they’re installed, if you don’t answer the door, your friendly package delivery peon can contact somebody at Amazon HQ, who will remotely unlock the door. You get an alert on your phone and can use your phone and the camera to watch the peon put your packages inside. Presumably the door will lock again when it’s closed.

Amazon claims they’ll be vetting the delivery people. That’s nice. They also claim to vet the current delivery people. You know, the ones who park in the middle of the street and hurl packages over the fence. (A side note: since I wrote that post, I’ve seen several female Amazon delivery peons. Most of them were accompanied by males who were, unlike the women, not wearing any Amazon logo-bearing clothing. Does Amazon also vet those security ride-along people?)

Amazon also says they’ll be carrying insurance to cover you against delivery issues, property damage, or theft. That’s nice. They also explicitly warn against using the Amazon Key service if you have pets who might come to the door. So, clearly they don’t think the insurance will cover lost pets–nor do they want to deal with lawsuits from their gig economy, vetted delivery peons seeking to make the Big A responsible for their dog bites and/or allergic reactions.

But leave that aside.

Remember last year, when a researcher found that “twelve of sixteen locks he bought at random had either no security or absolutely horrible security“? I’ve seen nothing to make me think matters have improved in the last fourteen months. Granted, Amazon is better than many companies about issuing software updates to products they sell under their own name. But it’s not entirely clear to me whether the lock will be Amazon-branded, let alone Amazon-built.

Then there’s that camera. Look back another year, when reports were going around about baby monitors. At that time, nine out of nine popular baby monitors were found to have serious security flaws. Don’t think camera manufacturers have improved their security in the past two years: cameras have been prominent contributors to the waves of zombified Internet of Things attacks we’ve seen in the past year, beginning with last October’s Mirai malware-controlled mess.

But leave that aside, too.

Suppose everything works perfectly according to Amazon’s plan. Amazon is already a huge target for hackers. Do you think giving them the ability to remotely unlock doors will make them less of a target? Do you believe their security is that much better than, say, Target? Experian? Hell, a quick Google search should remind you that the National Security Agency can’t keep their own data secure.

As far as I’m concerned, a massive security breach at Amazon exposing the personal information of millions of customers is only a matter of time.

I’ll pass on Amazon Key, thanks. I hope you will too.

Falling Into an Update

I decided to try something different this time around.

Microsoft released the Fall Creators Update, the latest and greatest version of Windows 10, a few days ago. You probably haven’t gotten it yet, because they roll it out in batches.

The first batch goes to computers they’re absolutely sure it’ll install cleanly on. After that, they start pushing it out to machines they’re progressively less confident about. It’s a reasonable approach. When problems arise, as they inevitably will, they can include the fixes with the next batch.

But it means some users may have to wait a long time for the update, as I found out with the previous update. Counting the little Windows tablet, I’ve got three computers running Windows 10. I upgraded the tablet manually in April when the “Creators Update” was released–I had to do it by hand because it doesn’t have enough disk space to install it automatically. One of the desktops got the update in July. The other didn’t get it until September.

It’s not that having two different versions of Windows 10 running caused me any technical problems. Frankly, the two versions behaved a heck of a lot alike. But it tweaked that part of my brain that gets compulsive about numbers.

So I decided that for the Fall Creators Update, I’d do all three machines manually. Not simultaneously. I’m not that compulsive. But in sequence.

I don’t actually need any of the features in this update. I’m curious about Microsoft’s Augmented Reality implementation, but I don’t think any of my machines have enough muscle to actually run AR software. Goddess knows I haven’t been looking forward to the ability to pin a contact to the task bar. So really, I could have waited until one got the update and then done the other two, but I got impatient.

As I write this, Computer One is running the upgrade. It’s been going for about half an hour and it says it’s 80% complete. Of course, this is a Microsoft progress indicator, and they’re well-known for making optimistic estimates. But in any case, I’ll wait until Computer One finishes the update before I start Computer Two. And I’ll make sure that one is done and functional before I start the tablet.

Barring the unexpected–and with an OS upgrade, one should always expect the Spanish Inquisitionunexpected–I should be running the Fall Creators Update on all three computers before bedtime tonight.

And come February, when the rest of you are finally getting the update, I’ll just laugh, because I’ll have been not using the ability to pin contacts to the task bar for months.

Seriously, though, if you can’t wait to dip a toe into the Fall Creators Update, the Windows 10 Download page is here. Click “Update Now” and follow the prompts. Eventually–I’m now up to 86% on Computer One–you can experience the thrill of being on the cutting edge of Microsoft technology.

(You do realize I wrote this whole post as an excuse to watch that Monty Python clip, right?)

Good Job

Bad commercials take a lot of flack here–all, IMNSHO, completely justified. But let me take a step to the other side for a change and direct your attention to a commercial that actually works.

You’ve probably seen it–if you’ve been watching the MLB playoffs, I know you’ve seen it.

It’s the Amazon Prime commercial with the dog and the lion costume. If you’ve managed to miss it for the last year, you can see it here:

Actually, that’s the Japanese version, but don’t sweat it; the US version is the same except for the language of the Amazon App seen briefly.

Whoever came up with the concept for this absolutely nailed it. It’s got a cute dog, a cute baby, and a sappy song. How could it miss?

Actually, it could easily have missed. But the ad doesn’t insult any of the actors–nobody’s egregiously stupid–or the audience. And it doesn’t try to do too much. If it had tried to push both the main point (same day delivery) and stress the incredible variety of things Amazon sells, it would have turned into a hyperjettic, crowded mess. Instead, it makes the point almost casually: “A lion costume for a dog? If they’ve got that, they must have the weird thing I want, right?”

The contrast is all the greater when you see the ad on TV, surrounded by ads for the Amazon Echo. Including the man who’s too stupid to put the lid on the blender and the woman who interrupts her busy day to gaze longingly at her motorcycle. Even the ad with the cat misfires: if your cat was staring into your fish tank, would your first reaction be to buy cat food? Well, maybe it would, but mine would be to put the cat on the floor, probably in a different room, before it tried to climb into the tank.

Interestingly, the ad started as a long-form piece, one minute and fifteen seconds, which you can see here. And the extra forty-five seconds absolutely ruin it. It loses focus and buries the message under a pair of not-at-all funny jokes. Cutting down to a thirty second spot saved it. More proof, as if we need it, that writing good fiction often requires you to cut the bits you love–William Faulkner called it killing your darlings.

Kudos to the Amazon Prime ad writer for that one perfect moment buried in all the dreck.