WQTS 11

Would you believe there’s a WQTS (Who QAed This Shit) story with a happy ending?

I’ll get there. But first, a tale that’s not so much WQTS as WTTWAGI (Who Thought This Was a Good Idea).

I’m calling out the Holiday Inn Express in Sedalia for gross violations of common sense in their handling of technology. And, just to be perfectly clear, I’m not talking about HIE hotels in general. As far as I know, these problems are unique to that particular location.

Let’s start with the hotel Wi-Fi. Finding good Wi-Fi in a hotel is a rare event, one that should be celebrated with parades and (hopefully brief) speeches by elected dignitaries. The Sedalia Holiday Inn Express’ Wi-Fi is not that sort. To be fair, once you get connected, it’s no worse than many other hotels’. It’s just that getting to that point is by far the worst experience I’ve had with, not just hotel wireless, but any public wireless.

Like most such, the SHIE uses a “captive portal” setup: once you connect, a web page launches, allowing you to enter whatever login credentials are needed. Many hotels either ask for your name and room number or a global password which changes periodically. The page is generally simple so it can display cleanly on anything from an old phone to a modern laptop.

SHIE has a huge page filled with text. That’s necessary because it offers three different ways to log in. Three.

There’s the traditional “last name and room number”.

There’s a numeric code. The web page calls it a PIN, but the envelope your room key comes in calls it an “Internet Access Code”. Calling the same thing by different names is just asking for trouble.

And there’s the third method, which requires half-again as much screen space as the other two combined. That’s because it’s only available to Holiday Inn Express Club members, and the portal login page has to explain all of the benefits of club membership, only one of which the ability connect to the Wi-Fi in any HIE hotel with your email address*.

* No password, at least not on the login page–I’m not a HIE Club Member, so I didn’t try to go any further–but the text strongly implied that all you need is your email address. Which means that if you know an HIE Club member’s email address, you can get all the free Wi-Fi you want in Sedalia. Assuming you want hotel-quality Wi-Fi. I wouldn’t want to download illegal images on something that slow, but if I wanted to launch a virus, how better than to do it through a hotel using someone else’s email address?

The login methods, all crammed onto the one login page. Any half-way competent user interface developer or QA engineer will tell you that having multiple methods of doing the same thing risks confusing your users. And indeed, while I was checking in, there was a couple at the front desk asking for help connecting their laptop to the wireless*.

* They were looking for where to enter that Internet Access Code. Remember, the page calls it a PIN. At least on a laptop they could see the whole page. Imagine how much zooming and scrolling they would have had to do on a phone before they even arrived at that level of confusion.

For the record, the desk clerk couldn’t help them. She had to call the “technical expert”. I left before I got to overhear that conversation. Must have been a doozy.

And don’t forget, by the way, that the portal was set up so you had to re-enter your login information every time you reconnected to the Wi-Fi. Go to dinner? Re-enter. Lose signal? Re-enter.

But enough about the wireless. Let’s move on to the computers in the so-called “Business Center” in the lobby. The hotel is very proud to have Microsoft Office on the computers. So proud, they put up a sign advertising it. And, to be fair, it’s a big step up from last year, when the only software on those machines was Windows itself. But let’s face it: Office is the least you can expect to find on the computers in anything that calls itself a Business Center.

I was impressed to see that the computers were running Windows 10. I was rather less impressed to see that they needed a password to use. Why bother? It’s not like the hotel was exercising any control over who uses the machines. I asked for the password at the desk–and note, by the way, that there were no signs telling would-be users how to get the password. Amazingly, the clerk knew it. It’s all lower-case, with no digits or punctuation, and it’s one of the first three words anyone of even moderate intelligence would try–and it’s not “password” or “guest”. I don’t know if they’re supposed to confirm that users are staying in the hotel, but if so, she didn’t.

So if you’re not limiting usage, why put passwords on them? If you want to exercise enough control to keep kids from tying the up all day playing games, just have the clerks glance in that direction occasionally. The computers sit in the lobby, no more than ten feet away from the front desk.

And it’s not like the password prevents people from mistreating the machines. I couldn’t use the first one I tried because some prankster had changed the password and locked everyone out of the machine. On the other machine, someone had created his own account, presumably so he wouldn’t have to remember the hotel’s password.

On many public computers, the USB ports are disabled to keep people from installing malware. Well-designed Business Centers have heavy-duty virus protection, but allow you to use the USB ports to transfer your work from your laptop to the computer. SHIE found a different security method: they put the computers under the desk, forcing users to crawl around on the floor to plug in a thumb drive. OK, so it’s not totally effective security, but it’s better than nothing.

The final blow? There’s no printer in the Business Center. Instead, there’s a networked printer hidden somewhere behind the front desk. Can you imagine what your corporate information security team is going to say about you using that printer to run off last-second changes to your presentation about buying the Holiday Inn chain?

sigh

OK, ready for that happy ending? This one really is a WQTS story.

This time last year, I wrote about Project Fi and how pleased I was with it.

I’m still happy with Project Fi, and when I heard about the Project Fi Travel Trolley shortly before my Sedalia trip I was totally charmed.

The Trolley, in case you haven’t already heard about it, is a glorified vending machine set up in several major airports around the US. It’s stocked with small items that might be of use to travelers: USB cables, luggage tags, sleep kits, playing cards, and–the real prize–fuzzy travel socks. Project Fi customers can get a free goody just by tapping their phone against the kiosk. The kiosk and your phone use NFC to validate your Fi account and generate a QR code. The kiosk then scans the code and dispenses the prize you wanted.

That’s the theory. In practice, somebody missed a bug.

Either there’s a hidden problem in the kiosk’s NFC reader, or nobody thought to test the scenario where a customer has more than one account on their phone.

Maggie and I both have two accounts on our phones. When we tried to use the Trolley, instead of getting QR codes, we got an endless series of browser windows opening, each of which informed us that we were logged into the wrong account. Logging into Google with the correct account did no good. Neither did any of several other methods we tried to convince the system we were Project Fi customers.

No fuzzy travel socks for us.

Our trip wasn’t ruined. Somehow we soldiered onward, cold toes notwithstanding. (For the record, temperatures in Sedalia were in the high eighties. Frostbite was not a significant concern.)

The happy ending?

I reported the problem to Project Fi support, who referred me to Swyft, the company that manufacturers and supports the Travel Trolley kiosks. Within minutes, I received an apology for the “bad experience,” an assurance that the issue will be investigated, and a promise to send us socks.

Now, it might just have been a bedbug letter. We’ll find out next time I fly through an airport with a Travel Trolley–I fully intend to see if they’ve come up with a fix. One can never have too many sleep masks and earplugs, after all.

But I’ll take a Happy Ending For Now–as long as I really do get my socks.

WWDC 2017

Did you realize it was time for Apple’s WWDC again? I confess that I didn’t–but then, I’ve been somewhat distracted lately. What’s your excuse?

Anyway, the conference was actually last week–the keynote was last Monday–so I was tempted to sweep it all under the rug and move on. But since WWDC is my big opportunity to give Apple their dose of the mockery I direct at Google I/O, I’d better not skip it this year.

So what joy and laughter did Apple promise us for the coming year? (Hint: Remember last year when I said “Maybe we’ll get something radically new in ’17”? We didn’t.)

The leadoff announcement was the impending arrival of Amazon Prime Video in Apple’s TV app and on Apple TVs. OK, that’s pretty big for TV watchers–most people, in other words–so there’s some legitimacy in making it the first announcement, but they sure didn’t spend any time talking about it.

“Here it is. On to Apple Watch.” The big news there is a new watch face powered by Siri. It’ll use machine learning to determine what information you need, depending on where you are, what time it is, what your daily routines are, and so forth, and update automatically to include that data.

That’s a heck of a lot of information I’d rather not have on my wrist, but maybe that’s just me.

Other new faces include “Kaleidoscope” for when you don’t want your life on your sleeve, and–in a followup to last year’s Mickey and Minnie Mouse faces–several Toy Story characters.

More usefully, the health-related watch apps are being updated to encourage users to get more exercise. More guided workouts. Data exchange with gym equipment. So now your watch will know when you’re cheating on the treadmill by lowering the incline.

Moving on.

Last year’s “Sierra” macOS will be succeeded by “High Sierra”. And yes, Apple did actually make all the pot jokes on stage. Not that that’s going to protect us from everyone else making them too.

The name itself is a clue to the revolutionary features built into the new OS. None, that is. High Sierra is all about refining Sierra. It’s full of minor tweaks; the keynote is full of words like “improved,” “better,” and “enhanced”.

OK, there’s some new stuff under the shiny cover. A new file system that should be faster and more stable than the ancient HFS when dealing with large drives and large files. The default video encoding will move from the HD-optimized H.264 to the 4K-ready H.265 (aka HEVC)*.

* Be aware that older computers, especially those that can’t offload video decompression to the video card, struggle mightily with H.265. Suggestions that the change is a move by Apple to sell new computers to grandparents who want to continue watching those iPhone-captured movies of the grandkids may have some truth behind them.

High Sierra will run on every computer that can handle Sierra–but I’m sure Apple would rather you bought a new machine. Or several. So they’ve got new iMacs which will include, along with the usual improvements in capacity and power, dedicated hardware decoders for that H.265 video. Ditto for new MacBooks. Oh, and an “iMac Pro” which Apple is billing as “the most powerful Mac we’ve ever made.” Or, as Tim Cook put it, “really badass”.

Moving on to iOS.

Messages will now apparently be stored in the cloud, so they’ll be available on all of your devices. With your phone, tablet, and desktop all binging at you, you can be sure you’ll never miss another message.

Apple Pay is integrated into Messages, allowing you to send money person-to-person. Handy, as long as you only share checks with other iOS users.

Siri will have a more “natural and expressive” voice–and an optional male voice as well. She (or he, I suppose) will also function as a translator. That should be very entertaining, given the well-known limitations of machine translation.

Lots of tweaks and improvements similar to macOS. I do like the addition of “Do Not Disturb While Driving” which will detect when you’re in a car and block most phone features. Yes, you can turn it off if you’re a passenger, which means you can also turn it off if you’re driving, but at least it requires you to take a few extra steps if you want to text behind the wheel.

And there’s new iOS hardware as well. An updated iPad Pro. This one has a 10.5 inch screen, right in between the sizes of the original iPad Pros. Apparently the old 9.7 inch model is going away, but the 13 inch model will stick around, albeit with some hardware updates to keep it at par with the 10.5 inch model.

More iOS changes, specifically for the iPads. A new dock for app switching, lots of drag and drop functionality, simplifications for the Slide Over and Split View multitasking modes. And–holy cow!–a new “Files” app that will apparently give direct access to the file system. It’s not clear how extensive Files is–whether apps will continue to have totally sandboxed storage, for example–but even a limited step in the direction of letting you control where files are stored is a big concession on Apple’s part.

Ooh, built-in machine learning-based handwriting recognition. I wonder if it’ll handle cursive as well as printing.

Most iOS devices that run iOS 10 will get 11. The exceptions seem to be the iPhone 5 and 5C and the iPad 4.

And, finally, there’s the HomePod.

As the name implies, it’s a iPod for the home, i.e. a smart speaker. Don’t think of it as a competitor to Amazon Echo and Google Home. It’s got some ability for home automation and the like, but it’s optimized to play music. Think Sonos on steroids (and with a pumped-up price to match).

As I said earlier, nothing revolutionary. But there are a lot of good tweaks coming, especially if you’re in the market for a new machine anyway.

Google I/O 2017

So, yeah, Google I/O again. Are you as thrilled as I am? You’re not? But they’ve announced such exciting things!

Well, OK, when you come right down to it, they really only announced one thing: Google’s focus is changing from “Mobile first to AI first”. And let’s be honest here: that’s pretty much what they said last year, too.

But what does AI first look like?

For starters, Gmail will start doing “Smart Reply”. This is the same idea as in last year’s Allo text messaging app: pre-written, context-sensitive messages. I haven’t used Allo–anyone want to comment on whether the smart replies are any more accurate than the word suggestions when you’re typing?

Potentially more exciting is their application of image recognition technology. Their example is being able to take a picture of a flower and have your phone tell you what kind it is and whether it’s going to trigger your hay fever. Since I’m sitting here sniffling despite massive doses of anti-histamines, I have to admit that actually sounds like a good use of technology. Presumably over time, the tech will learn about non-botanical parts of the world.

Yes, I’m kidding. It can also recognize restaurants and show Yelp reviews. That’s nice, but not nearly as useful. Ooh, and it can translate signs. (Their demo showed Japanese-to-English translation. I want to know if it can handle Corporate-to-English.) If there are dates on the sign–for example, an ad for a concert–it can add the event to your calendar. It can even ask if you want it to buy tickets.

Basically, it’s playing catchup with Alexa–including adding third-party programmable actions and voice calling–with a few little steps ahead of Amazon.

Case in point: Google Assistant, the brains behind “OK, Google” is getting more smarts and the ability to hold a typed conversation. So you’ll get a running record of your interaction, so when you realize you’ve been following one association after another, you can scroll back and check the answer to your original question. Could be handy, especially if you get stuck on TV Tropes.

Moving on.

AI first also means Google Photos is getting added smarts, starting with something Google calls “Suggested sharing”. Yup. It’ll nag you to share your photos with the people in them. 95% of the pictures I take seem to be of the cats. Is it going to create Google accounts for them so I can share the photos? Or do they already have accounts?

More seriously, if Google knows who the people are, but they’re not in my address book, will it still urge me to share the photos? Sounds like that’s an invasion of privacy just waiting to happen.

Moving on.

Android O (no name announced yet, naturally. They’ll undoubtedly wait until release time for that) is getting the usual slew of features and tweaks. Picture-in-picture, notifications on Home screen icons, improved copy/paste. That last will not only let you select an entire address with a single tap, but offer to show it in Maps. I’d rather it offered to add it to my contacts for future reference, but maybe that’s just me.

Google also made a point of stressing that all of these new “AI first” features happen on your device, without any communication back to Google. That’s actually reassuring. I’m sure the results are reported back–your phone will tell Google you were checking on the hay fever potential of that weird flower that appeared in your back yard, but at least the actual picture won’t wind up in Google’s archives waiting for a hacker to drop by.

There’s also going to be an Android O lite. Called Android Go, it’ll be stripped down to work on cheap phones with limited memory. I wonder if that means they’ll start offering it for popular but abandoned devices that can’t handle recent Android versions. Nexus 7, anyone? Nexus 9, for that matter?

Moving again.

Yes, the rumors are true: Google is working with third-parties to launch a VR headset that doesn’t need a separate phone. Hey, anyone remember how big 3D was a few years ago? How long before VR is as critical to the entertainment experience as 3D?

And one last move.

Ever used Google to find out what movies are playing nearby? Soon you’ll be able to use it to find out what jobs are available nearby. Searching by title, date, and commute time. Why do I think the popularity of that last filter is going to be very strongly geographically linked?

Honestly, I’m not seeing anything here that gives me a major “gosh-wow” feeling. Some interesting possibilities and appeals to niche markets, yes, but most of what they’ve announced are obvious extensions of last year’s announcements. We can give them points for consistency, I suppose.

Logistics

Amazon, we gotta talk.

No, not about your recent policy change regarding third-party book resellers. That is a problem, and we’ll have to hash it out over drinks one of these days.

But you’ve got a bigger problem on your hands right now, and it affects your entire site, not just your stranglehold on the publishing industry.

I’m talking about your delivery service, Amazon Logistics.

For the benefit of the people listening in to our little chat here, Amazon Logistics is Amazon’s effort to save money on shipping by cutting UPS, DHL, and the US Postal Service out of the loop. And let’s be clear here: Amazon doesn’t own fleets of airplanes and trucks, nor do they hire thousands of delivery personnel. The delivery magic is performed by commercial carriers under contract to Amazon, with much of the “last mile” delivery–actually bringing the packages to your door–done by contractors.

Yeah, Amazon’s delivery service is part of the same “gig economy” that’s working so well for Uber drivers and other non-employee workers.

As Amazon puts it, they’re looking for people who want to “deliver packages for Amazon using your car and smartphone.

And that’s where Amazon’s problem lies.

See, the way it works is that they cram those cars full of packages. The smartphone app provides routing instructions, and at each stop, the driver has to find the package, scan it with Amazon’s app, and then bring it to the door.

This isn’t hearsay, by the way. It’s personal observation. My office overlooks my front door, so I see all the delivery people who come by, not just to our house, but to a half-dozen of our neighbors’ houses as well.

UPS, FedEx, and the other delivery services who use actual employees as drivers have the bugs worked out of their systems. When we get a package carried by these folks, it goes like this:

  1. A truck displaying the company logo comes up the street on the side where parking is legal.
  2. The truck parks at the curb,
  3. the driver gets into the back, finds the package,
  4. brings it to the door–often ringing the bell–
  5. then returns to his truck and drives off down the street.

Here’s how it goes for one of Amazon’s gig economy workers:

  1. A car comes up the street on the side posted with “No Parking” signs.
  2. The driver stops in the middle of the street (halfway around a blind curve, by the way), turns on his emergency blinkers, and opens the driver’s door.
  3. He then opens the back door and leans into the car, to search through the pile of boxes that reaches from the floor to window level.
  4. Assuming he finds the package–and he doesn’t always–he stands in the middle of the street while he scans the barcode, then crosses to the sidewalk, leaving both car doors open,
  5. throws the package over the gate (yes, I’m speaking literally: a heave, a toss, a hurl–pick your favorite word meaning a semi-guided flight through the air),
  6. before returning to his car, closing the doors, and sitting (still in the middle of the blind curve) while checking the smartphone for directions to the next location.

See the difference?

I won’t even get into the issue of anonymous cars cruising slowly through residential neighborhoods, though I wonder how many Amazon drivers get reported to the police as suspicious individuals.

I’m not even really complaining about the cavalier treatment of the packages, though I’ll admit to being irked. I’m concerned about the safety of the delivery guys* and anyone else driving through the neighborhood.

* Lest anyone accuse me of sexism, let me note at this point that I have never seen a female Amazon delivery person. I’m sure they exist, and I’d bet they engage in the same unsafe behaviors as the male delivery people.

So, yeah, Amazon? You really ought to look into how your scheduling and routing practices encourage unsafe behavior by drivers trying to squeeze as many deliveries into a day as possible. Do it before someone gets killed. If nothing else, do it because lawsuits are expensive. But do it.

Off Track

Despite the snark and curmudgeonly grumblings I indulge in–to say nothing of the occasional grumpiness–I hate to write bad reviews.

But when I find a product that is so poorly designed and executed that it makes me want to buy an industrial wood chipper solely for the purpose of destroying the product, I feel I have a moral imperative to warn people away from it.

So let’s talk about TrackR. Yes, that’s really how they spell it: no “e” and a capital “R”. I’d be tempted to say that should have been the first warning sign, but it’s probably excessive to penalize a product for the excesses of the marketing department.

Anyway, TrackR sells a line of products which they say are intended to help you find lost items. In particular, the “TrackR bravo” (yes, lower-case “b”) is a “coin-sized” jobbie that you can attach to anything you’re afraid you might lose. According to their website, “It’s perfect for shared items like the remote, shared car keys or the family pet.”*

* I’ll skip the snark about the missing Oxford comma.

There are the obligatory apps–iOS and Android–that use Bluetooth to track the fobs. And not just your fobs. If your phone spots any fob, it uploads the GPS location data to TrackR’s cloud database. The idea is that if you lose your keys at the beach, someone else’s phone might find them, and you’ll get a notification on your device. You can also set geographic boundaries, so you’ll be alerted if a fob moves outside a particular area, and separation alerts to be warned if the fob gets too far away from your phone.

We got a set of four bravos, figuring to put them on the cats’ collars. Not so much to keep tabs on the cats, but to help find the collars when they inevitably pull them off and hide them under furniture.

Sounds good, doesn’t it? As usual, the problems are in the execution.

Let’s start with the bravo itself. “Coin-sized” is a bit of a misnomer. It’s about 25% larger in diameter than a quarter and twice as thick. That’s a pretty large coin–though to be fair, it is lighter than a quarter. It’s larger than I’d want on my keychain, but that’s a matter of personal preference. Certainly none of the cats, not even little Sachiko, had a problem with the fob on their collar.

The bravo uses a coin-style battery, CR1620. It’s an unusual size, but not impossible to locate. And you had better locate a source. The fobs come with a battery installed and no insulating plastic. Of our four, one had a dead battery when we bought it.

But there’s no way to tell how low the battery is! Nothing in the app gives you battery charge information. There’s a speaker on the bravo (so you can trigger a beep when you’re looking for it), but it didn’t occur to anyone at TrackR to have a low-battery beep. There’s a a small LED as well (used in pairing the fob with a phone), but no low battery blink. The light in my car alarm’s fob blinks when the battery is low, and it’s not much larger than the bravo. There should be room for whatever circuitry is needed here.

Pairing the fobs with a phone is simple and seems to work well. The Android app kept forgetting about one of the fobs, so it was just as well that re-pairing was easy. After the fourth time I did it, I switched to the iOS app, which didn’t have the same memory issues.

It had other problems. Remember what I said about cloud-sourced location alerts? One of the four fobs was permanently stuck in “lost” mode. Every 30 seconds, the iOS app gave me a notification that somebody had spotted it.

The location was accurate as far as it went. But telling me it was somewhere in my house wasn’t very useful. Amazing though it might sound, I already knew Kokoro was in the house. And the twice-a-minute reminders that I couldn’t turn off didn’t exactly endear me to the product. I had to shut off notifications for the app completely to get it to shut up.

So much for cloud-sourced locations. But the phone-based location wasn’t an improvement. It uses Bluetooth, which isn’t directional. So it uses signal strength to tell you “You’re getting closer.” and “You’re getting further away.”

Great. Actually, that might not be a bad approach, except that it’s so sensitive to variations in the signal that it can switch from “warmer” to “colder” multiple times within a minute, even if both the phone and the fob are sitting motionless on tables a few feet apart.

This is not going to help find the family pet. It’s not even going to be of much use in finding your keys.

TrackR is aware of the general uselessness of their product in performing its intended purpose. Their solution? Sell you a new product!

Their website has been touting preorders for “TrackR atlas” (yes another lower-cased name) for months. The idea behind atlas is to plug a thumb-drive-sized gadget into a wall socket “in each room of your home.” Then you build a map of the house in the TrackR app. The atlas units triangulate on the bravo fobs to locate them more precisely than a single phone can.

Or maybe not. According to the FAQ, “TrackR atlas is accurate in rooms that are at least 3 x 3 m (10 x 10 ft).” So if your room is large enough, atlas will be “accurate”–but they’re not saying how accurate, even though the actual question that purports to answer is “How accurate is TrackR atlas?”

Nor do they give any indication of when those preorders will be filled.

But if you’re willing to pay more for the functionality you already paid for, you can preorder at $39.99 per atlas. That’s pretty stiff for “each room of your house,” so they’re offering volume discounts. You can buy four for the price of three, eight for the price of five, or ten for the price of six.

That’s make it $200 to cover my house. I’d skip putting atlases in the bathrooms and save a few bucks, but these are cats we’re talking about. They spend more time in the bathrooms than we do.

One final note: In order to register the fobs and get them into the cloud database, you have to give TrackR an email address. Care to guess how many emails I’ve gotten asking me to review them? You’ll have to guess because I can’t count that high. To compound the insult, I did review these pieces of junk in the app store. They’re still sending me emails.

Maybe they’ll find this review, but I doubt it. The evidence is overwhelming that TrackR can’t find anything.

SAST 05

A few quickies for you today.

I’m betting that most of you have already seen the fuss over Juicero, but for those who missed it, the short version is that the company sells a variety of juices in bags–and a $400 machine (marked down from $700) to squeeze the juice out of the bags.

The controversy is not over “Why?” That’s quite clear: because there are enough people willing to shell out the money to buy the squeezer and the juice packets (at $5 to $8 a pop–though one hopes they don’t pop easily).

The controversy is over the fact that Juicero’s investors feel they’ve been defrauded because customers don’t need to use the squeezer to get the juice out of the bags. According to Bloomberg, hand-squeezing the bags produces almost as much juice as the squeezer, and does it faster.

Apparently, neither the investors nor Bloomberg have heard of a device called “the scissors,” which could be used to empty the bag even more quickly.

Let’s note, by the way, that the bagged juice is a perishable product, enough so that the bags can’t be shipped long distances.

My advice? Go to your local hardware store and buy a hammer. Stop at the local grocery store on the way home and pick up a box of zipper-seal baggies and a couple of pieces of your favorite fruit.

Place the fruit in a baggie and zip it closed. Pound the fruit with the hammer repeatedly. Unzip and pour.

When you finish your juice–which cost you considerably less than $400 unless you got the hammer on a military procurement contract–repeat the process, substituting Juicero’s executives and investors for the fruit.

Mmm, yummy!

Moving on.

There’s a letter to the editor in today’s SF Chronicle from one Lorraine Peters addressing the United Airlines fiasco. Ms. Peters suggests that United should have handled the matter differently. Instead of using force, she says, they should have made a loudspeaker announcement: “Attention all passengers, this flight cannot take off until the gentleman in seat (so and so) vacates it and disembarks with the other three passengers.”

I presume Ms. Peters is an investor in United Airlines.

Let’s not forget that the “gentleman in seat (so and so)” paid for that seat in the expectation that United would supply the service he paid for. Placing the blame on him when United failed to meet their obligation is disingenuous at best.

Allow me to propose an alternate loudspeaker announcement. “Attention all passengers. We fucked up and didn’t get a flight crew to the right place at the right time. The only way we can think of to fix our mistake is to kick four of you off this flight. So we’re going to sit right here at the terminal until four generous souls agree to disrupt their travel plans for the benefit of the rest of you. Complimentary drinks and meals will not be served while we wait.”

It wouldn’t have done any better by United’s reputation, but at least it has the virtue of being honest.

Moving on again.

The Bay Area Air Quality Management District (that’s the San Francisco Bay Area, for those of you in the outer provinces) has announced a regional plan to combat climate change.

Among the proposals included in the plan are such sure-to-be-popular items as “Explore vehicle tolls in high-congestion areas to discourage driving,” “Discourage installation of water-heating systems and appliances powered by fossil fuels,” “Encourage the removal of off-street parking in transit-oriented areas,” and (my personal favorite) “Start a public outreach campaign to promote climate-friendly diets.”

That first one’s interesting. I see some potential pitfalls in implementing it, of course. It’s taken months to get the local metering lights to work reliably; adding an automated payment system on top of that seems fraught with peril. Imagine the fuss the first time someone gets charged a four-figure fee to get on the freeway. More to the point, though, we had major congestion on the freeway yesterday outside of commute hours because of an accident. The metering lights at several on-ramps detected the slowdown and kicked in. If the payment plan had been in effect, would we have been charged to use the freeway while the police were examining the car that went off the road?

That last item, by the way, translates as “encourage people to eat less meat,” because meat production creates more pollution than growing and shipping plants. Maybe they should also tax “add-on” gadgets such as Juicero bag squeezers, since building and shipping them creates unnecessary pollutants. But I digress.

Needless to say, not everyone thinks the agency’s plan is a good one. According to the Chron story, the opposition–they quote a Chevron employee–is suggesting that local action is pointless because climate change is a global problem and needs a global solution.

Let’s not examine that logical fallacy too closely. Let’s just rejoice in the fact that a Chevron employee actually admitted that climate change is real and related to human activity.

Listen Up!

I love the Internet’s response to new forms of advertising.

Specifically, I’m talking about Burger King’s recent attempt to hijack TV viewers’ cell phones and Google Home devices.

In case you missed it, BK ran–and is still running–an ad that deliberately uses the “OK Google” activation phrase to trigger any gadget in earshot to start reading the Wikipedia page about their Whopper burger.

The response? The page in question was almost immediately edited to describe the burger as “cancer-causing” and to list cyanide in its ingredients.

Allegedly, a senior BK executive tried to change the page to something more complimentary, only to have his edits removed.

So, yeah, I think that’s the perfect response. Google, who apparently were not warned about the ad in advance, modified their software’s response to ignore the ad. While I’m sure many people appreciate that, it does raise a few questions.

Let’s not forget that most of Google’s billions of dollars come from advertising. Suppose BK had come to Google and said, “Hey, we want to tie a TV ad to your devices. Here’s a stack of money.” Does anyone think Google’s response would have been “Buzz off”? I’m guessing it would have been more along the lines of “How big is the stack?”

And then there’s the privacy aspect. This contretemps should serve as a reminder that “OK Google” does not use any kind of voice recognition to limit requests to the device’s owner. Nor can the phrase be changed. I’ve complained about that before: not only does it lead to multiple devices trying to respond to a single request, but it also makes it simple for outright malicious actions.

Amazon, Apple, and Microsoft are equally guilty here–Alexa, Siri, and Cortana have fixed, unchangeable triggers too.

And now, perhaps, we’re seeing why none of the manufacturers want to let users personalize their devices’ voice interaction. If we could change the trigger phrase, or limit the device to taking instructions from specific people, then the manufacturers wouldn’t be able to sell broadcast advertising like this.

If the only way you can prevent random strangers from using your phone is to turn off the voice feature, then you don’t own your phone.

Microsoft is making it harder and harder to turn Cortana off. Microsoft is also putting more and more ads in Windows. Do you sense a connection?

How long will it be before you can’t turn Siri and Google off?

And editing Wikipedia pages will only get us so far in defending ourselves.

Google was able to turn off the response to BK’s ad-spam. But they could just as easily have changed the response to read from an internally-hosted page or one housed on BK’s own servers. Either way, Internet users wouldn’t be able to touch it, at least not without opening themselves up to legal liability for hacking.

The most annoying part of this whole debacle is that now I’m craving a hamburger. I won’t be getting one at Burger King, though.

SAST 3

More short notes, not because I have a short attention span*, but because I’ve collected a few items that just don’t warrant a whole post to themselves.

* Well, no shorter than usual, anyway. Yes, the flu is mostly gone. Despite the ongoing coughs, my lungs are still inside my chest, rather than splattered across the keyboard, and my temperature has been normal for more than a week.

Last June, NASA announced the discovery of a small asteroid, 2016 HO3, which orbits the sun on a path that keeps it near the Earth. Near in astrophysical terms, that is: it never gets closer than about thirty-eight times as far away as the moon.

The animation at that link is a little deceptive. It seems to show the asteroid orbiting Earth, but if I’m reading the story correctly, that’s not really true. It’s on a separate orbit around the sun, but because it’s sometimes closer to the sun than we are and sometimes further, it appears to be circling us.

What I find most interesting about 2016 HO3, though, is that I’m starting to see tweets suggesting that it’s existence means that Earth should no longer be considered a planet.

You remember the fuss a few years ago when the IAU redefined the word “planet” and demoted Pluto to a “dwarf planet”? If you don’t, pick up a copy of How I Killed Pluto and Why It Had It Coming by Mike Brown–actually, pick up a copy even if you do remember; it’s an entertaining read–to refresh your memory.

Part of the new definition is that to be a planet, a celestial body has to “clear the neighborhood” around its orbit, meaning that in the late stages of planet formation, it should either sweep up the smaller bodies near its orbit, incorporating them into itself; capture them as satellites; or shove them into orbits away from its own.

However, such neighborhood clearance is never perfect. The presence of 2016 HO3 is not going to get Earth demoted to “dwarf planet”. Sorry, Pluto-lovers.

Moving on.

A story out of Maine has been popular with those who feel strongly about grammar and punctuation. There’s a good writeup at Quartz; briefly, a court based its ruling on the lack of an Oxford comma.

Long-time readers know I love me some Oxford comma. But, happy as I am to see the question get some judicial notice, I’m well aware that one court decision isn’t going to make any difference. The AP isn’t going to change its stance on the use of commas. Neither is Maine’s style guide for legislation. But I can–and will–dream.

And finally.

One of the proposals being considered for speeding up baseball games is to start extra innings with men on base. I was dubious when I first heard about the notion. After seeing it in “action” last night, I’m completely revolted.

Yeah, it shortened the game. In an aesthetically impoverished way that sucked all of the joy out of what should have been a thrilling conclusion to the Netherlands/Puerto Rico World Baseball Classic game.

Consider how both halves of the eleventh inning started. Runners were plopped down on first and second. The first batter laid down a sacrifice bunt. The second batter was intentionally walked–yes, that same intentional walk that MLB is killing off this year because it’s boring. That brings it down to one less-than-thrilling question: will the next batter hit into a double play, or manage a sacrifice fly.

Sure, there are other possible outcomes. Never assume the double play–the throw to first could go sailing into the seats. The batter could get a base hit, even a grand slam. He could strike out. But those are all low-probability events.

Where’s the fun in watching where the strategic choices are so constrained that neither manager could justify a different approach?

If Commissioner Manfred forces this rule change down our throats next year, as seems likely, I predict a major dropoff in attendance.

Another Failure Mode

Oh, goody! A whole ‘nother way the Internet of Things is getting security wrong.

Last month, security researcher Charles Henderson wrote about his experience trading in his car.

Briefly, both he and the dealer wiped all of his personal information out of the car–phone book, garage door opener, list of authorized devices. And yet, months later, the car still showed up in the app on his phone.

It’s not that the dealer and the manufacturer were unaware of security. Henderson makes it clear that they took the correct steps. But the focus of the team that designed and built the app and integrated it with the car’s systems was obviously on the “first owner” scenario, and not enough attention was paid to the possibility that someone might want to sell their car.

And it’s not just auto makers who have that problem. Henderson mentions another researcher who purchased a used home automation hub and found that doing a factory reset only wiped the configuration on the device itself; it didn’t touch the cloud-based configuration which included, among other things, the list of devices authorized to control the hub.

Right: even after wiping the device, the original owner would still have had access to every light bulb, every thermostat, and every door lock connected to the hub.

Still feeling cheerful about your Amazon Echo or Google Home giving you voice control over your house? After all, you’re not planning to sell that device, are you? No? Well, what if something goes wrong and you have to send it in for service? Are you certain you’re going to get the same device back? How confident are you that your original device won’t wind up being refurbished and resold?

Let’s face it: this isn’t a new problem, and we should have seen it coming. How many stories have you seen in the newspaper about someone buying a used computer and finding porn on the hard drive? Henderson notes that early smartphones lacked a way to wipe them for resale, and it was only after many well-publicized tales of people buying used phones for nefarious purposes that a wipe command was added.

Nor is there a good solution. Even if every new IoT device was designed with security as the first consideration, there are still millions of gadgets out there that have no security and no way to upgrade them to add it. In many cases, the company that made them isn’t even in business any more.

SAST 3

I seem to be fever-free, which is nice. My attention span has improved. I haven’t gotten lost in mid-sentence in almost two days!

The cough is still distracting, however. Writing is a race to get words on the page before I drape my lungs over the keyboard.

Sorry about that image. But it is the only way to accurately describe the sensation.

So, another day of short notes, as I write a bit, cough a bit, lather, rinse, repeat.

Daylight Savings Time, how I loathe thee.

It’s not the lost hour of sleep Saturday night. It’s not the next several days of disrupted sleep. It’s not even the need to reset the non-Internet-connected clocks*–or the confusion to the Backyard Bunch, who are suddenly getting their dinner an hour earlier according to their stomachs.

* The stove. The microwave. The thermostat. The answering machine. The car. Half-a-dozen wall and table clocks. Hey, I just gained two wall outlets by unplugging a clock radio instead of resetting it!

No, what really pisses me off is that I’m suddenly getting up before sunrise again. I like having daylight when I stagger upstairs to say good morning to Rufus and take my first look at e-mail. Why should I have to turn on a light for that?

Mr. Trump, if you want to boost your approval rating, do away with Daylight Savings Time. That’s something both parties and the independents can get behind.

I’ve been following “Jim’s Random Notes” for several years. It’s an interesting mix of computer, wood carving, and cycling geekery. A post last week, North Dakota Mexican Food, amused the heck out of me.

You’ve played the game where one person recreates a drawing based on somebody’s description of the original, right? An NDMF is the culinary equivalent: someone describes a dish, and someone else thinks “Hey, that sounds interesting. Let me see what I can do.”

Is there anyone out there who doesn’t have a NDMF experience? I can think of three right off the top of my head:

  • The Mexican restaurant that thought fajitas were a stew.
  • The diner whose barbeque sauce was red-eye gravy with a couple of chili flakes.
  • The Mexican restaurant that served Saltine crackers instead of chips.

Maybe the Internet will make the NDMF less common. But really, it’s never been particularly hard to find a cookbook…

Moving on.

Google and Apple have been in the news around here lately over their new campuses. Most of the press has been positive, but I’ve noticed they’re both taking a ding in the letter columns because neither company has included housing in their developments.

Excuse me? Yeah, OK, finding housing in the Bay Area can suck. You don’t have to tell me horror stories about extended commutes, thanks; I’ve got plenty of my own.

But do we really want to return to the days of the company town, where your boss owns the factory, the house you live in, the store you shop at, the air you breathe, the booze you drink, and everything else?

Aside from anything else, if the company owns your apartment, it’s a five minute walk from your office, and they own the phone you’re required to carry, are you ever going to get any down time? Or are you going to be unofficially (or officially!) on call twenty-four/seven/three-sixty-five?

I think it would have been wonderful if Apple and Google had included some subsidized affordable housing for non-employees in their construction. Didn’t happen, but would have been great. But captive housing for employees? Bad idea.

Moving on.

Let’s wrap this up with a positive note. I write a lot–a hell of a lot, actually–about useless gadgets full of security holes and loaded with disappointment.

So it’s a real pleasure to write about a gadget that looks like it does exactly what it’s designed to do without putting your money and privacy at risk.

Take a look at the Fidget Cube.

Pretty slick, huh? Everybody fidgets differently, and the Fidget Cube is designed to offer fidgeting options for anyone.

I’ve carried a fingering stone in my pocket for decades. I’ll turn it around in my hand or rub the smooth side with my thumb when I’m on a phone call. Much less distracting than fiddling with the phone cord and quieter than tapping my pen on the desk.

The Fidget Cube’s got me covered with a smooth curve for rubbing on one side. A trackball for spinning. A joystick for sliding.

And several other goodies that I might never use, but somebody else will find addictive. Click-wheels. Toggle switches. Push-buttons. Spinners.

And it looks to be solid enough to stand up to a pocket full of keys, nail clippers, and thumb drives.

Would it replace my rock? Maybe not; it’s hard to top the appeal of a natural object shaped by wind and water. But who says it needs to replace the rock? Why not try some two-handed fidgeting?