Archive for the ‘Tech’ Category

Kent’s Super-Simple, Excellent Password Advice

Thursday, September 22nd, 2016

This excellent advice is simple, in fact its excellence depends upon being simple. Complicated is the enemy of security. If you follow this advice you will be among a very rare elite in how secure your passwords will be.

Four parts:

1. Write down your passwords. On real paper, with a real pen or pencil, and keep the list safe. If you want to get fancy, maybe don’t quite tell the truth, at least not the whole truth, maybe leave something off each password (something you will remember), so if someone finds the list they won’t quite know any of the passwords on the list. And keep the list safe.

2. Now that you can keep track of what your passwords are, never recycle passwords between accounts. So, if someone breaks into one site, your other accounts aren’t at risk. (Today’s news, as I write this, is information on 500,000,000 accounts were stolen from Yahoo.) Don’t reuse passwords in different places.

3. When you make up a new password, dream up something you think no one will guess. (I know, you already do that.) Now, to be extra secure, add something even you couldn’t guess. Maybe look at the time, exactly how many minutes past the hour? Include that in the password. Or look around you, pick something else—but pick something you could not anticipate—and include it as part of the password.

4. Keep this entirely manual, the whole approach is low-tech for a reason. Computers are usually pretty insecure. (Ask Yahoo…) Don’t automate any of it, because that’s really hard to do safely (ask Yahoo), keep it manual. Don’t even photocopy your password list, because copiers are really computers these days. Don’t take a picture of the list, because cameras are also computers these days. Yes, backups are good, but sorry that has to be manual. The benefit is, as long as you keep all of this manual, you can trust your common sense, because you will understand every aspect, you have real expertise manual stuff because you can see it.

That’s it. Low-tech as hell, which means most techies will hate it, but who cares that it’s controversial as hell? It’s smart. Because it is simple.

-kb

P.S. And I really am so very sorry you can’t use a password manager program, but they are just too complicated, they will have security problems, admit it, you know it in your heart they will. Don’t trust them.

Snowden, the Movie

Friday, September 16th, 2016

I went to one of the first Boston matinees of the movie Snowden today.

It was all very familiar territory: it could have been boring or–as with any subject I know a lot about–it could have been excruciating in its errors. It was neither. It held my attention, it did not disappoint.

But was it a good movie? I usually have tons of opinions, I fret over whether a movie hits the ten-minute mark right, whether the script is “economical”, whether characters are compelling, whether the plot is interesting. In this case I can’t say, I am not unbiased: I am an American. And this is really important material–important to any American.

I do know it was at least a competent movie, because it had me wanting to cry. I knew Edward Snowden was a hero, but Oliver Stone tugs for tears. At least from me.

Is it a great movie? Probably not, just because great movies are rare. But I don’t know. Ask me in a few years, I’ll know better. But right now I am kinda choked up over a man whose illusions were shattered, followed by his world being shattered as he followed his conscience with selfless acts.

Another bit of praise: Usually it is painful to see a movie on a topic that I know something about, worse if the movie is technical, and far worse if it is about a technical topic I know something about. This movie did well by that measure.

-kb, the Kent who thinks the three branches of government should not be secret legislative measures, implemented by secret executive orders and agencies, overseen by secret courts.

©2016 Kent Borg

Touchscreen Password Idea

Monday, February 1st, 2016

Passwords are a problem, and lots of people say they are doomed, but I have seen no good alternatives, so I sometimes think about making them better.

Touchscreens are important yet really hard to enter good passwords.

Also, I would like to do more of a “key exchange” when entering my password. I use different computers and I don’t reuse passwords between these computers, which means I sometimes enter a password for the wrong computer. Oops! Some sort of richer interaction with the other end would prevent this.

So here is my (embrionic) idea.

Have the password be a location in a virtual 3D space. Use the 3D hardware capabilities of phones and tablets and have the user drag around the screen to drive to the location that is the password. By having different randomly chosen starting points in the 3D space for each login attempt a simple “key logger” is made more difficult as is reading screen smudges. By having more of the space revealed as the user navigates the computer has to reveal more information in response to the user’s input, making it more of a “key exchange” and making the space richer and so lengthing the password.

Put another way: a complex 3D space, uniquely generated for each user. The password is a “secret button” somewhere is the space. To authenticate the computer starts the user in some random location and the user flies through the space and touches the secret button but no other.

Shoulder surfing is a problem, but once the user gets good at it s/he might be swooping through so fast that a casual observer might have a hard time realizing what just happened. Particularly if there were a needle-threading aspect where some routes are good and other are not.

By using the full power of the GPU it also puts a limit on how far away a man-in-the-middle could be. (Which makes remote authentication tricky.)

By drawing on the user’s motor skills there might be a way to drop the password down in the brain so the user doesn’t know it in a way that can be told to others. Make the password more like a customized motor skill.

-kb

©2016 Kent Borg

An Idea for Doing Background Removal from a Sequence of Stationary Images, Manual-Style [Updated]

Monday, January 11th, 2016

Update: Finally looking at implementing this and I realize that thinking of that fully populated tree is probably good for understanding it, I don’t need to store anything but the left edge. When a new frame comes in, I will calculate a new left edge based on the new frame and the previous left edge.

My memory requirements for a size N triangle are then N-1 (I don’t need to save the result if no one will ask for it again) and while calculating I need to store N-frames plus whatever my image processing library uses, etc. The fact this scales linearly with the length of my background history is nice, I can go long for cheap. The time to calculate does scale with the length of the history, but still linear.

Another thought: natural vision systems pretty much only see change, make something stand still long enough and it will go away. It might make sense to spend the linear time and memory to compute a long history, but allow the caller to choose how quickly stationery objects disappear; compute the whole left edge to maintain the chain of history, but choose to look at a more recent step.

A final correction: This is not really parallelizible, the library doing the underlying image processing could well parallelize, but these steps need to be done in sequence.

Back to the original post…

[Warning, this completely techie, musing about computer vision by someone who doesn't really know much about computer vision. But heck, sometimes those who don't know the right way to do something occasionally come up with something cool.]

How about something like this. Maintain a triangular poly tree where at the base is a history of recent frames.

                              x
                             / \
                            x   x
                           / \ / \
                          x   x   x
                         / \ / \ / \
                        x   x   x   x
                       / \ / \ / \ / \
                      x   x   x   x   x
                     / \ / \ / \ / \ / \
                    x   x   x   x   x   x
Newer              / \ / \ / \ / \ / \ / \              Older
 <-               x   x   x   x   x   x   x               ->
                 / \ / \ / \ / \ / \ / \ / \
                x   x   x   x   x   x   x   x
               / \ / \ / \ / \ / \ / \ / \ / \
              x   x   x   x   x   x   x   x   x
             / \ / \ / \ / \ / \ / \ / \ / \ / \
            x   x   x   x   x   x   x   x   x   x
           / \ / \ / \ / \ / \ / \ / \ / \ / \ / \
          x   x   x   x   x   x   x   x   x   x   x
         / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \
        x   x   x   x   x   x   x   x   x   x   x   x
       / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \
      x   x   x   x   x   x   x   x   x   x   x   x   x
     / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \
    x   x   x   x   x   x   x   x   x   x   x   x   x   x
   / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \
  x   x   x   x   x   x   x   x   x   x   x   x   x   x   x
 / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \
x   x   x   x   x   x   x   x   x   x   x   x   x   x   x   x
A 16-base tree then has 120 vertices in it. The 16 Xs along the base are 16 historical frames. At 5fps, this covers a history of three seconds.

The first row of Xs above the base is made by taking the two images below it and doing:

  • an absdiff;
  • a threshold of the result to make contours of the areas in common; and
  • using those contours, a masking of one of the frames to make masked   image of what is in common between the two.

This is a reduction operation. We start with whole frames and we produce new frames that are at most whole frames, but quite likely reduced (masked) frame areas.

At this point every pixel that has made it up to the second row is in some sense a good pixel, it has matched some other pixel.

We create the rest of the tree by continuing to do pair-wise operations on the images below, but the operation for the rest of the tree is a bit different from the first of operations.

  • To begin with we do do the same operation, we do the matching and reduction (for any area in both masks, if the pixels match the they get added to the output mask sent up to the next level).
  • But then we do a supplementing operation: for any pixels in one input mask but not the other input mask, they get added to the output mask and included in the output sent up to the next level.This continues at each layer to yield one masked image at the top.

I won’t know what this looks like until I see it, but imagine something moving through time, casting a shadow from under the pyramid, maybe tampering with, say 6-frames. Looking up the tree, it can only influence the triangle above it for 5-layers up, then is gets out-voted by constant stuff from before or after it in time.

This poly tree scheme is expensive and so can only go back a short distance in time. The number of operations in that whole triangle, to compute the apex is great, too much of a cheap CPU to calculate per frame at any reasonable frame rates. So instead we trade memory for CPU. We keep most all the output data from each new frame’s computation, and just computer the change for each. What is that computation of change?

- Age out the oldest frame: remove the 16 Xs that go down the right edge;

- Add the newest frame: a new X on the left at the bottom row; and

- Do the 15 calculations necessary to put 15 new Xs up the left edge above that new frame.

Motivation: I have played with OpenCV and the cv2.BackgroundSubtractorMOG() and cv2.BackgroundSubtractorMOG2() background removal functions and I don’t like them.

First, they aren’t working for me: old background information never ages out, a big change in scene continues to be included in the foreground and never displaces the old background.

Second, they are too slow. Particularly MOG2. I can’t keep up with a reasonable frame rate on a Raspberry Pi 2.
Falling back on a simple absdiff for motion detection I discovered I can, in place of the MOG2 that was falling behind, do a stupid loop of 30 absdiff’s and not fall behind. With this scheme I estimate I will have to do about that much work. And, unlike MOG2, this can be parallelized to multiple threads which can run on the multiple CPUs of a Raspberry Pi 2.
There are probably better ways, but it was easier to think up this one than to go read a couple books on computer vision. And it looks pretty easy to build. I just need to find the time to try it. And how do I efficiently represent a polytree in Python without breaking my brain. Will it be easy or hard?Will a nice recursive model work…?

-kb

©2016 Kent Borg

Which Gadgets Do I Need, Again

Saturday, October 17th, 2015

Four-years ago I asked the question “What gadgets do I need?”, and it seemed time to revisit the question.

First, what gadgets do I have?

Pebble Watch

This is my most-present gadget these days. I like that it is limited, it is too small a screen to offer a rich experience, and it is too small a case to have a large battery. So it is limited in its ambition and achieves that goal beautifully. It is an accessory to my phone.

Smart Phone

My Android phone (Nexus 4, soon to be Nexus 5x) is my next most present gadget, it is pretty much always on me (I am not a “set it down”, user, I have it on my belt). I am paranoid about keeping it charged, so not only do I charge it at night, I charge it in the car, I charge it at my desk at work.

But I don’t use it as much as I used to. I do not obsessively check it a hundred times a day, I let my Pebble let me know if something notable has happened, the battery life has gone up since I got the Pebble. I also use it less because of my next gadget, my tablet.

Nexus 7 Tablet

I now have the “2013″ version of the Nexus 7, which was a nice improvement on the first one (that I broke), and it is a shame they don’t sell something like it anymore.

It took me a while to figure out what it is good for, but I finally realized it is good for everything. I have it in my “purse” which is always close at hand, or I have it in my hand. It is also small enough to fit in most of my back pockets, I don’t sit down with it there, but I can free up my hands. I don’t have cellular data service for it, but wifi is common, and I can turn my phone into a wifi hotspot when I need to.

Notebook Computer

I don’t use it as much as I once did. I don’t carry it around as much as I did. But if I need to do “computing” or writing or real web surfing, it is critical. A real keyboard, a lot of capacity and power, and–notably to me–a computer that I largely control. I run Linux on my notebook and I can do what I want with it. On my other devices someone else is pretty much in control and I am just a user.

It is also a nice way to read the replica version of the New York Times. A big enough screen to handle the current physical layout of the real paper.

The old Thinkpad X230 I bought shortly after my earlier gadget post is getting physically tattered, but it is still a nice machine. The addition of an SSD and more RAM have kept it very useful. And the “Displayport” jack that I didn’t appreciate at first (“What’s that?”) is useful now. And the two USB jacks that are the newer “super speed” flavor (“What’s that?”) are even more useful now. The PCMCIA slot has been useless and the missing modem I might have once wondered over has not been missed–it has been a very nice computer.

I carry it in a bag to and from work everyday, I always bring that bag with me if I travel, and even on a day trip I usually bring it, but I don’t just carry the computer alone with me anymore, I have other toys, the computer has been displaced somewhat.

E-Book Reader

I have a Kindle “Paperwhite”, the second version of that. And it fits nicely in my purse. I can use the Kindle software on my phone or tablet, but they have disadvantages:

  • Distractions, the Paperwhite is limited in a good way (see Pebble Watch);
  • Battery life, my Android gizmos can’t touch the battery life of the e-reader;
  • Better display, easier on the eyes, good in bright light;
  • Better user interface, the builtin dictionary works better.

One shortcoming: The Kindle is slow and has a more limited display. If I am reading something that is not just linear text, something that has layout and pictures and charts that don’t reflow well for the Kindle screen, it doesn’t work so well. So where a given recipe might work well on a Kindle, cookbooks do not. And anything much like a textbook that is more than just text also does not work well.

I do sometimes jump from device to device, and having my reading synchronized is nice. I will read the bulk of a book on the Kindle but read bits here and there while waiting for the washing machine to finish, maybe–because I have my phone on me when I don’t have the Kindle.

I wish I made more time to read.

Ipod

Poor Ipod, I still carry it around (in the same bag as my notebook computer) but I don’t use it so much anymore. Why? Two reasons: Streaming radio stations on my Android devices (not streaming services, I actually like real radio stations from around the world) are my more common choice for music.

The second reason is the rather limited user interface on the Ipod. It has a lot of capacity and battery life, but it is hard to find things. One of my pet peeves is it is nearly impossible to listen to anything that came on more than one CD, because the persons who did the data entry were not consistent, and it is really hard to find the other discs of the opera, say. Further frustrations come from Apple neglecting their Itunes program on the Mac, they have made a ton of stupid changes that make it really hard to use.

Camera, Little

I no longer carry a little camera. My Android devices have pretty good cameras in them.

Camera, Big

Still photographs aren’t going away, but “still photography” is. That is, a conventional exposure, with a specific shutter speed, lens opening, focal length, focus distance, “film” speed–these are going away. There is a lot of much richer data collection that can produce a still picture with much more power–but that is another post I might get to later. In the mean time, I do have a big, old fashioned-ish, DSLR that I  needed for a specific project (35-mm slide digitizing, but that’s another post, too), and I sometimes get exercise by also carrying this camera.

This is not well resolved territory. It weighs a ton, but it has marvelous resolution and can see in the dark better than I can.

Hiking GPS

My old Garmin is feeling lonely, who buys a hiking GPS anymore? For about a year there I couldn’t even find it and feared I had left it on an airplane (I hadn’t). The point is it is at risk of being pointless. But it is not obsolete yet.

It works offline, when I am without cell coverage, where Google Maps becomes worthless. But I also have on offline map program that works well on my Android devices. Recently on a hike I pulled out my Nexus 7 several times for a good map of where I was, and finding where the trail we wanted branched off. No cell coverage, but it worked anyway.

I still carried the Garmin on that hike, it is much tougher, much better battery life (replaceable batteries!), and has a screen that works in sunlight. And it is small enough to have out and recording where I have gone, willing to help me retrace my way back to civilization. I also still use it in the car, knowing I can leave the main road and explore and it will show me a dotted line of where I have been.

But I also lost it for about a year and got along quite well without it.

I haven’t quite resolved where I keep it, hence my ability to lose it. Interesting how this will turn out.

I do worry that Garmin will lose interest in this model and quit selling maps, I should update my current North America maps if I can, my current data is starting to get obsolete. But I think Garmin isn’t interested in this business model, I think they want to sell me an expiring subscription, they want me more online. At that point they will lose me, maybe a find some armored “phone” with long battery life and use it as my new hiking GPS.

Extra Ipod Nano

It is the larger model Nano, not the really tiny square one. I won it in a drawing at some seminar. It has a fair amount of capacity–many, many hours of music. And it has an FM radio. And it is tiny enough to keep in my purse. But I seldom use it.

It does not have great battery life, but it is a different battery from my phone, I can wear it down without worry. I just have to remember to recharge it occasionally. I forget I have it.

Smart phones should have FM radios in them. Some have the hardware but the software is missing. For me it is worth carrying, but I don’t know that this device really has a niche that will last, I suspect not.

Missing Item: Big Tablet?

There is one thing I fear I need to add to my load: a large tablet computer. I want a big and very detailed screen for looking at detailed information: Maps and pictures and other graphics. Google announced one for later this year that might be tempting. I think this would go in my heavy bag with my notebook computer. I seriously doubt I would carry it around as I do with my Nexus 7, but I think it would be nice for specific purposes.

Hey! New York Times: I want the replica edition for Android!

Radio

Something I didn’t really talk about in my previous gadget post is a radio. I listen to the radio a lot and I think 4-years ago I was still carrying around a portable radio, listening to NPR. Now I use my Androids for that. It worries me that I can’t easily listen to local radio if something goes wrong with larger technical infrastructure, and that is the real reason I try to keep that Ipod Nano charged.

Other

In the bag with my computer (a bag that is seldom far), I have a dual USB charger, and a reasonable collection of cables, including a short AC extension cord with three outlets on the end–very hand in airports when I would like to share a rare outlet. And an external USB battery pack so I can revive a phone, or run that Ipod Nano for hours on end if I need to. In my purse I have tiny car and AC to USB power adapters, and a couple USB cables. Oh, and don’t forget a little flashlight on my keyring, so much better than using my phone as a light.

Conclusions

Though my Android devices fill a lot of functions, they haven’t completely displaced that many gadgets: the Ipod, hiking GPS, and radio are endangered, but not yet banished. Good thing I am still young enough to haul around so much crap.

Something this technology has displaced: a lot of paper. We still buy travel books but we don’t carry them around much. We very seldom buy paper maps. (And when I do get a paper map I sometimes photograph it with my Nexus 7 and use it that way. I also photograph the big maps at the trail head instead of trying to just remember them.) Highway maps are long gone from our routine. And I miss them, spreading out a big map is still nice. That is why I want a big tablet, I think it will fill that desire.

There is still a lot happening in the gadget department. I wonder whether 4-years from now a followup posting would show more or less change? Will my load finally start to shrink?

-kb
©2015 Kent Borg

Pebble Battery Life

Tuesday, March 10th, 2015

I decided that, cool as the shake-to-light feature is on the Pebble watch, I turned it off. Saves battery life. And, frankly, it can be annoying if one sleeps with a watch or is in a movie theater.

But I don’t know how long my year-plus-old watch lasts in this setting because I have taken to setting it to charge when I get up in the morning, before I take a shower. I put it back on when I get dressed. Yes, I know the watch can go in the shower, but it still gets in the way of, say , washing my wrist.

-kb

©2015 Kent Borg

Net Neutrality: An Objective Definition (with Technical Gotchas)

Friday, February 27th, 2015

I saw someone on Twitter looking for a definition of net neutrality that was objective, and doubting it was possible.

Here is my attempt, and I am going to maybe cheat a little by trying to give two perspectives. Disclaimer: I am for net neutrality.

The Case For

Everything seems to run over the internet these days. Let me focus on one that captures most of it: Television. Hip young folks are “cord cutters” by not having cable TV, but that doesn’t mean they aren’t addicted to TV, they watch it over the internet instead. They aren’t stuck with what their local cable company offers, they can go to Net Flix or Hulu or Amazon or some new outfits I haven’t heard of. Cool, competition. Except we have a near monopoly in how we get internet access. We can get it from the local cable company or maybe the local telephone company, and both of them are also selling TV channels and don’t want to be their own competition, or at least they want to make more money for that; so Net Flix might have a great connection to the internet and you might have a great connection to the internet, but when the packets are nearly at your door, and they hit Comcast’s wires, Comcast might intentionally slow down Net Flix’ data packets unless Net Flix pays Comcast a little something extra. Maybe a future Timewarnercomcast is powerful enough they simply refuse any TV streaming over internet connections they sell, and you would have to buy their TV offerings.

Net neutrality wants to prevent that and say that if Comcast wants to charge you for your internet connection, fine, but they can’t then charge others for your connection and slow them down (or block them) if they don’t pay. In the past cable companies have been caught blocking and slowing various kinds of data, even though they had denied doing so. By making internet service providers “common carriers” (a bit like phone companies back when the telephone was new and important), the FCC can regulate this behavior.

The Case Against

Cable companies and telephone companies have spent a lot of money building their networks and they want a free hand in how they make money off that investment. They want the freedom to partner with this company or that for offer new products with this or that cool feature. This regulation means they can’t make those deals if they discriminate against other companies that aren’t part of the deal. This regulation puts them in a boring business of offering a commodity service. Also, this regulation is regulation. They have an ideological objection to regulation.

Technical Gotchas

Net neutrality is hard to precisely define. Really hard. The internet is a whole series of protocols that define how different computers talk to each other. How is an e-mail sent vs. how is an HD movie streamed vs. how is a video chat handled. Very different services and the documents that just define the technical details of how they work are plenty long and complicated. It is hard enough to craft these protocols so they will work in the first place, do they also have to be net neutral? And what does that mean, down in the nittygritty details of some protocol only a few people really understand?

The internet is quite open and if you want to define a new protocol for your new wizbang product, go ahead! It is possible it can be defined in terms of lower-level protocols and run on the internet as-is, or you might need to convince others to cooperate with your new protocol. Does the rest of the internet have to add support for your new protocol? What is neutral?

Here is a concrete example: e-mail. Spam is a big problem, and one of the ways to fight it is to limit which computers are allowed to send e-mail messages to other computers. The logic being that Joe Average isn’t sending e-mail directly from his computer to my computer, but rather he is sending the e-mail to, say, gmail and Google will send the message on to, say, Yahoo, and I will have my computer collect the message from Yahoo. A problem arises when some piece of malware infects Joe Average’s computer it is starts sending vast amounts of spam directly to thousands of accounts at gmail and Yahoo and Company XYZ and everyone gets annoyed and says that Something Must be Done. Okay, a common thing is to have Joe’s internet provider block that direct e-mail traffic. It will still let Joe talk to gmail, so legitimate e-mail will go through, just not the bulk spam. Except I run my own e-mail server. When I send an e-mail it doesn’t go first to Yahoo, instead it first goes to my basement and from there goes to the final destination at gmail or Yahoo or Company XYZ. If my internet provider blocks that I’ll be pissed! Should internet providers block this kind of traffic or not? It is a legitimate question with more than one answer. And it is not obvious what the “neutral” answer is. Probably it is to block those messages from Joe’s computer (he doesn’t mind) but not from mine (I do mind). That is how it mostly is at the moment. How complicated! And should it be allowed? Is it net neutral? Will the FCC continue to let me run my own e-mail server?

Another example: video streaming vs. video conferencing. These are different kinds of traffic and they should be handled differently–for important technical reasons. In the case of video streaming I am probably watching something recorded anyway, so it doesn’t really matter if I see a given frame of the movie at one moment or another–a three-second delay isn’t important, what is important is I want it to flow smoothly without breakup or stopping, and if three-seconds of buffering makes it work better, please buffer. If I am in a video conference, however, the circumstance is quite different: I want what I say to get to the other end quickly and I want whatever is said on the other end to get back to me quickly, I don’t want a three-second delay! If this means sometimes the picture deteriorates or the audio cuts out for a fraction of a second, then that’s the price I pay for wanting a live conversation. Should the routing protocols on the internet be allowed to differentiate between these different kinds of traffic? Can they try to schedule when different kinds of packets are sent down their wires to try to keep everyone happy?

No commercial considerations here, but solid technical issues complicating what “neutral” means.

So maybe net neutrality just kicks in when someone wants to pay for special treatment?

Okay, what about teleconferencing companies, they want their products to be better than the competition. Currently they send representatives to the standards committees that define the protocols, and they try to push the standard definition in a direction so their products will be better. Annoying, but it does get us some kind of standard that might work, and if the standard is too broken with company-specific garbage others won’t adopt it. Under net neutrality are they not allowed to participate in those standard committees? Are people free to not adopt a badly written standard? Does the FCC write all the standards? (Oh, that will put a stop to innovation.)

Another case might be CNN doing a remote feed, but wanting to do it over the internet–everything goes over the internet these days right? In this case they want it both ways: they want a good quality signal and they want a conversation without delays. Should they be able to pay for that priority treatment? Or are they forever cursed to use satellites and all the delays involved there? In oldendays television networks were allowed to buy from regulated phone companies special services that could handle their video, seems that something like that should still be allowed. But it is complicated.

Or what about Net Flix? When the new season of House of Cards comes out, millions of people might all be watching the same program at about the same time. Net Flix’ network needs to have capacity for all of that to flow at once, and the next network they connect to also has to have all the capacity. Were I designing such a distribution system I would think about caching popular content near the edges of the network. Send Season 3 once to a bunch of file servers scattered all around the country, and them let those file servers send it on to all those binge watchers. The total load on Net Flix’ hardware and the internet as a whole would be reduced. Should net neutrality permit that? Who is allowed to pay whom what to rent what space to place those file servers connected to what network?

Airplanes don’t allow people to make phone calls over their wifi services. At first it might have been to protect their expensive telephone service. Is that neutral? And now that airlines have mostly lost interest in these phone services because no one uses them, they still block voice calls over their wifi service because other passengers don’t want to have to listen to all that gabbing for hours at a time. (Thank goodness! It would drive me crazy.) Is that neutral? Airlines also don’t allow streaming video over their wifi because they don’t have enough bandwidth for more than a couple streams and they have a plane full of passengers who might want to stream and if more than a couple tried no one would get good airborne wifi for anything. Is that neutral? Airlines also sell movies, is that still neutral? And the airlines aren’t streaming those for-sale movies directly from the studios who made then, no they have cached them on file servers on the planes when they are on the ground and can just plug in a new disk. Is it neutral for the airlines to do that? (Was it neutral for Net Flix?)

I present a lot of questions here, and there are at least partial answers to many of these questions, and my point is that net neutrality is a technical mess and the technical details are not obvious to anyone. Still I am in favor of trying to sort it out anyway, because as bad as that result will be, letting the timewarnercomcastverizon monopoly decide will be worse.

-kb

©2015 Kent Borg

New “Pebble Time” Watch Announced

Tuesday, February 24th, 2015

It looks good.

They still seem to understand what a watch is, that it is not a smartphone. They added color, but a low-power version of color. The competition has set themselves up to compete with the brightness of the sun if we were ever to venture outside. Pebble is still avoiding that losing battle. Bravo!

I am worried by the microphone. I fear that is a distraction, that isn’t as useful as we might imagine. Yes, when commuting alone in our cars it might be nice to talk to our watches, maybe while washing dishes, but mostly watches should be seen and not heard and not talked to either. It also might be a battery drain. Be wary, Pebble.

They are claiming the same battery life as before, I would have liked better. Maybe the screen won’t have to be refreshed once-a-second to try to fix display problems, and that will save batteries, but the microphone needs to be listened to to be useful and that takes power.

They did not come up with a self-winding feature, alas.

Price went up, but still well under the competition and I don’t mind Pebble making money. But I won’t be “Oh, sure.” buying one on spec. I’ll have to wait and see. My old Pebble is still a nice watch.

It is not a beautiful watch. Better looking than the first model, but not much.

-kb

©2015 Kent Borg

Merkel’s Telephone: How Secure Does She WANT it to be?

Monday, October 28th, 2013

The news that the NSA has been listening in on German Chancellor Angela Merkel’s cellphone had me wondering, as a techie who has paid some attention to computer security, how would I recommend the Germans secure her phone?  It is an interesting puzzle to think through.  And part of my approach would involve other European countries, pick an open source cellphone encryption program, and work it over, audit all its security aspects, make improvements, and put a EU stamp of approval on it. Make sure it really is secure.

Then yesterday I read something about what is known about how her calls are secured and was disappointed that they apparently use proprietary encryption products. This is a mistake. You don’t know what is in a commercial product, with secret source code, mostly no one does, not even the commercial folks producing it.  Remember the Swiss company Crypto AG?  They had an NSA backdoor in their encryption products.  A lot of people worked on that product and a lot of people used it, and most of them didn’t know what they were using, they didn’t know that the NSA had a backdoor because it is easy to hide something in a commercial product.  With open source programs it is harder to hide something, because it has to be in plain sight. If Merkel wants security she should use open source. And if she isn’t sure an open source program is secure she should put some talent on going over it with a fine-tooth-comb to find and fix any holes.

And, there is the question of what the NSA heard: did they crack the encrypted calls or just the regular calls between her phone and regular phones?  If Merkel wants to make secure calls the other person on the call needs to be on a secure call.  If the NSA can listen to everyone then there is no one for Merkel to talk to.

How much does she care?  The German government has its own security services, do they listen in on phone calls, too?

Ah, there is the rub: If she wants her population to be easy to listen in on, she is easy to listen in on, at least if she wants to talk to anyone outside a small circle.

How much privacy does Merkel want for herself? How much privacy does Merkel want for others?

-kb, the Kent who feels like less of a crank in recent months.

© 2013 by Kent Borg

Associated Press and Passwords

Tuesday, April 23rd, 2013

Dear AP,

Today you tweeted that there were two explosions in the White House and Obama was injured. It seems you didn’t intend to do so. Someone else broke into your Twitter account. In other words, someone else had your password.

Jeeze, it isn’t that complicated:

  1. Make up a password, with some random stuff in it, so it can’t be guessed.
  2. Don’t tell your password to anyone…

Except:

  1. Tell Twitter.
  2. Tell those who will be tweeting on your behalf.

Not that complicated.

Do not reuse your password on other systems, don’t e-mail it, don’t let spyware run on your crappy Windows box and see you type it. (Tell those who tweet for you to also not tell anyone.)

It is a piece of information that needs to be managed. If it were a hundred dollar bill you could keep track of it, right? Okay, pretend it is worth at least that much. Use a little care.  (Dear CBS: Didn’t you lose your Twitter password recently, too? Same lecture. Shape up.)

-kb, the Kent who is getting tired of such sloppiness.

© 2013 by Kent Borg