Thursday, October 12, 2017
Student Learning in the 21st Century
A few years ago, I heard about some teachers who were "reversing the classroom" by posting their classroom lesson videos on YouTube. Students would watch the lessons at home and then do their "homework" in class. This gave the teacher a more effective opportunity to help students work through the lesson's problems, rather than the students' parents. It seems like a good idea for more affluent school districts. However, one teacher I know, with ties to the Kibera slums in Nairobi, quickly pointed out that it wouldn't work in all areas.
The worst of the privileged white men
The worst privileged white men are the ones who have no idea, or refuse to believe they're living in a different context than others.
And context matters.
Otherwise we wouldn't celebrate the minor achievements of children or have age groups at 5Ks. Why do we celebrate them? Because they represent the best-of, and significant progress forward.
Context matters.
Let money be the absolute quantitative decider and let love be the qualitative one.
Wednesday, October 4, 2017
Medio Maraton y Ultramaraton 57K in Mexico
 |
| This was one dirty forest. |
As I descended from the mountain top into the depths of the ashes that had once been a scenic forest it seemed that hell had been here and moved on. It wasn't possible to go up and down the mountains without grabbing onto the dead trees wrapped in a bark of soot. Wearing a white shirt was a poor choice of colors for me. I mean, seriously, who wears white after Labor Day?
The beautiful forest that the trail took us through had been torched by wildfire, last month, leaving dirt and dusty ash with charred bark on the trees. It took two showers for me to get clean.
 |
| Don't let that smile fool you. It's a facade. |
This was one of the most grueling races I've done in terms of the trail. The mountains were so steep that going down them at any pace was a challenge and walking up was at a slow crawl that was nearly unbearable. It became my own personal Vietnam.
If I stopped to take a breather, while feeling sorry for myself, the vultures would start circling (jk).
I don't know if I'll do this race again, but it was a memorable one, especially with people cheering me on in a domestic language that was foreign to me.
 |
| Dirt, dust, and ash. |
Thursday, September 21, 2017
A Symbolic Look at Equifax
Here’s a video that symbolizes my interactions when enrolling in Equifax's credit monitoring service (audio is a must with this video). Nothing like a happy-go-lucky bear caught in a bear trap.
1. I checked to see if my data was compromised. (Some people reported yes, some reported “We believe that your personal information was not impacted by this incident.”) Fortunately, mine was the latter: https://www.equifaxsecurity2017.com/potential-impact/
2. I clicked “Enroll,” and I provided my information. Then, I waited several days for a confirmation e-mail for the next step. (http://trustedidpremier.com)
3. I clicked on the link in the confirmation e-mail. I provided a little more info and got redirected to a web page asking for me to login, but I never set up a password. (https://www.trustedid.com/premier/myaccount.php)
4. I clicked “Forgot password” and received a reset-password e-mail to set up my first time password.
5. I set up a new password and clicked login after confirming my info.
6. I repeatedly received a “Server is down” error message.
7. I waited (hours/days) and kept trying while continuously receiving “The server unexpectedly dropped the connection” error messages.
To be fair to Equifax, it’s virtually impossible to standup a website in a matter of days/weeks that could handle a load of this magnitude. (Remember when Twitter used to go down – “Fail Whale” – in the early years? Facebook avoided this problem by managing their rollout over college campuses to control their growth and server load.)
In the Equifax case, server downtime works in their favor since less people will enroll. And it gets very confusing for consumers when dealing with so many different domain names (equifax.com, equifaxsecurity2017.com, trustedidpremier.com, trustedid.com, etc).
I’ll report back when I’m able to successfully enroll. I'm still getting a "server is busy" error message.
Anyone else have luck enrolling?
Details
1. I checked to see if my data was compromised. (Some people reported yes, some reported “We believe that your personal information was not impacted by this incident.”) Fortunately, mine was the latter: https://www.equifaxsecurity2017.com/potential-impact/
2. I clicked “Enroll,” and I provided my information. Then, I waited several days for a confirmation e-mail for the next step. (http://trustedidpremier.com)
3. I clicked on the link in the confirmation e-mail. I provided a little more info and got redirected to a web page asking for me to login, but I never set up a password. (https://www.trustedid.com/premier/myaccount.php)
4. I clicked “Forgot password” and received a reset-password e-mail to set up my first time password.
5. I set up a new password and clicked login after confirming my info.
6. I repeatedly received a “Server is down” error message.
7. I waited (hours/days) and kept trying while continuously receiving “The server unexpectedly dropped the connection” error messages.
To be fair to Equifax, it’s virtually impossible to standup a website in a matter of days/weeks that could handle a load of this magnitude. (Remember when Twitter used to go down – “Fail Whale” – in the early years? Facebook avoided this problem by managing their rollout over college campuses to control their growth and server load.)
In the Equifax case, server downtime works in their favor since less people will enroll. And it gets very confusing for consumers when dealing with so many different domain names (equifax.com, equifaxsecurity2017.com, trustedidpremier.com, trustedid.com, etc).
I’ll report back when I’m able to successfully enroll. I'm still getting a "server is busy" error message.
Anyone else have luck enrolling?
Wednesday, September 13, 2017
iPhone X Form Factor and Security [u]
 |
| Perhaps. One solution is to turn off the phone at LEO encounters |
While I love the new features, I'm concerned about the form factor. Initially, it seemed to be as big as the iPhone 6/7 Plus models, which is too big for me. (I've been using the iPhone 6 & 7.)
It turns out I was wrong about the size. Compared to the iPhone 7, the iPhone X is about about one tenth of an inch higher and about 0.15" wider. So, it's slightly bigger than the iPhone 7. And, compared to the iPhone 7 Plus, the iPhone X is about half an inch shorter and quarter of inch narrower, making the X significantly smaller than the 7+. The beauty of the iPhone X is that the screen is more than a quarter of an inch larger than the screen on the iPhone Plus models (6, 7, and 8). That's a bigger screen on a smaller phone due to the X's edge-to-edge design.
So, the bottom line is I'm considering getting the iPhone X.
Face ID
Instead of using Touch ID's fingerprint recognition feature for authentication, the iPhone X uses Face ID, which recognizes a person the same way humans do, by their face. Apple claims that Face ID is 20x more accurate than Touch ID, which is great. But, some people have raised alarms that law enforcement officers (LEOs) could take you into custody and simply unlock your phone by pointing the screen at your face. Could that really happen? Perhaps. But, I've seen alarmist headlines before ("Apple Crosses The Line With New iPhone Feature"). One way to protect against this is to simply not enable this feature for people who are deeply concerned. Another option, if Face ID is turned on, would be to simply turn off your phone before a LEO encounter (i.e. crossing international borders, etc).Each time the iPhone is turned on, the secure enclave, which processes your Touch ID or Face ID credentials, remains inactive until a person manually enters their PIN to decrypt this information. It appears, during Craig Federighi's demonstration of Face ID, that his demo phone had been restarted but not unlocked with the PIN, prior to his demo. This prevented Face ID from working. While that's the correct technical behavior, it happened at the wrong time – but he seemed to recover well during the demo.
Update: Apple's Craig Federighi details Face ID and how to quickly disable it.
Monday, August 28, 2017
My Favorite Technical Hacks
I've come across a few computer hacks that stick out in my mind. Computer hacks are harder to explain than life hacks because one has to have an interest in software engineering. But, here goes...
1. Preventing JPG "Theft"
Java was the hot new language when I first started working at Apple. In order to get up to speed I coded as much Java as I could, especially applets since that seemed to be the future of the Web. (It turns out that Java became everything Ada wanted to be, and JavaScript became everything that Java applets wanted to be.)One area that I focused on was coming up with a way to prevent JPG images from being "stolen" from a webpage. Once an image is displayed on a screen (computer, smartphone, etc), there's no simple way to keep someone from taking a screen shot. My Java applet solution got around this by taking the thumbnail of the image and blowing it up to the full size image so that it was pixelated (blurry). Then, as the user moused over the image in the applet, a small portion would come into focus. This allowed the user to see the entire image at full resolution, but only in parts (one-sixteenth, to be exact). While it was possible to take 16 screen shots and piece them together into a single, full resolution image, that was far from practical.
The full size image was encrypted on the web server to keep a user from downloading it directly from the server. The encrypted image was then sent to the user's web browser and decrypted in pieces, while in memory, inside the client's applet as they moused over the image.
2. Facebook encrypted UDP
Awhile back, I heard about a brilliantly simple trick that Facebook uses to speed up their site. When a Facebook user logs into their account, their data is fetched from a database. While fetching the data, the user has to wait. The amount of wait time could be imperceptible to the user, or it could be a noticeably long time if the website is under a heavy load. "Heavy load" is a relative term, but Facebook serves more than two billion active users per month, so saving any amount of time makes a noticeable difference at that scale.Wouldn't it be great if Facebook's servers knew what data a user needed before the user formally requested it? Well, that's effectively what Facebook's done with their little trick that simply involves sending an encrypted UDP (datagram) ahead of the formal TCP/IP request. UDP requests are fire-and-forget, meaning there's a small chance they might not arrive at their destination, but, if they do arrive (and they usually do) then they'll reach Facebook's servers sooner than a TCP/IP request. There's more overhead with TCP/IP since it guarantees delivery (or notice of a failed delivery). TCP/IP is the reason that webpages render perfectly compared to the BBS's of the 1980s that used unreliable dial-up modems where static and interference would be misinterpreted as data and displayed as garbled text.
So, the UDP datagram arrives ahead of the TCP/IP request which enables Facebook's servers to pre-fetch the data and load it in its cache before the formal TCP/IP request arrives. This hack is a simple, yet elegant, way to optimize a website for speed simply by "priming the pump."
3. Safari DNS and Pre-loading
DNS: Safari speeds up webpage load times by looking at all the host names on a webpage, once it's loaded, and then performing a DNS lookup. This saves time, later, when a user clicks on a link since the DNS lookup has already been completed. The time savings might go unnoticed or it can save a few seconds. (There's even an HTML tag to help DNS prefetching.)Pre-loading: Although I haven't read about this hack, I noticed it when I was monitoring my web server's logs in real-time. As I started typing my own domain name in Safari it came up with an autocomplete suggestion before I finished typing. At the exact moment that the autocomplete suggestion came up in Safari, I noticed an http request for that autocomplete suggestion hitting my web server and showing up in my web server logs. In other words, Safari was loading a webpage before I hit enter. There's not much harm in doing this even if I never formally requested that URL. This is why some webpages load in a flash, especially when I'm on a fast Internet connection and the web server is using a content deliver network (CDN) like Akamai or CloudFront.
4. Keeping iOS Apps Running in the Background
For nearly four years I lead the San Diego Kickstarter Meetup where I mentored entrepreneurs on crowdfunding their products. (At one point, we had six live crowdfunding campaigns.) A couple of the entrepreneurs had iOS apps that accompanied their product which needed to continue running in the background; but iOS doesn't like to keep an app running in the background because it drains the battery. One of the most interesting hacks to keep an app running in the background was to simply play a silent MP3 file which kept the app "alive," even when it was in the background. The downside was that you couldn't play music from another app, but for some situations that was fine.5. Timestamping Race Photos
In the late 1990s, I started going to races (5Ks, 10Ks, marathons, etc), snapping race photos at the finish line, and then selling them either at the race or online. The challenge was finding a runner's photo among thousands – bib numbers had to be entered manually, which would take many hours. I came up with a solution that worked great which, to my surprise, no other race photography had implemented. (Nowadays, RFID chips attached to the racer's running shoes solves this problem.)My solution was to simply synchronize the time on my digital camera to the race clock where midnight (00:00 on a 24 hour clock) was the start of the race. If a runner finished a race in 23 minutes and 30 seconds then they could simply start looking for their race photo around 00:23:15 (23 minutes and 15 seconds after midnight) since the photos were taken about ten seconds before the runner crossed the finish line.
Not all hacking is bad. 🖥
Thursday, August 17, 2017
A Perfect Total Eclipse
The answer is simply because the time it takes the moon to orbit the earth is the same amount of time it takes to rotate on its axis (about 27 days).
That got me thinking...
Why does the moon nearly perfectly block out the sun during a solar eclipse?
My conclusion, after running some calculations, is that the sun is 400x wider than the moon but it's also nearly 400x farther away.
Feel free to peer review my calculations.
Friday, August 4, 2017
Air Traffic Control Center Tour
I took a tour of an air traffic control facility, this afternoon, and learned a few things from a controller's perspective. We couldn't take photos as we toured the actual floor of the air traffic control center, but we were allowed to snap pictures in the training center; they look almost identical.
1. There are three basic types of air traffic controllers, each of which is highly specialized: those who work in the towers at the airport, those who work in the "centers" that handle en route traffic, and approach/departure terminal controllers who handle traffic arriving and leaving the airspace outside of an airport.
So, a center controller hands traffic over to a terminal controller who would then hand traffic off to a tower controller for landing at an airport. Simple concept, tricky execution, especially when there's a VFR pilot flying close to controlled airspace (like Class B) and not talking to any controllers, which is perfectly legal when flying VFR (i.e. not on a flight plan).
2. Air traffic controllers jokingly refer to jumpers (parachutists) as "meat rockets." (Parachutists don't show up on radar.)
3. For IFR pilots: It's rare that a controller will ask a private pilot to fly an "unpublished hold," especially on a VOR. In other words, it would be rare for a controller to tell a pilot, "Hold east of the Oceanside VORTAC on the 090 radial, left turns, maintain 5,000', expect further clearance 0+50." The controllers probably wouldn't know the exact phraseology, either, and VORs are going away in lieu of GPS. For private pilots in small (slow) planes, controllers would rather simply give a pilot vectors to fly a box rather than a racetrack (see last photo).
4. Everyone knows "Mayday. Mayday. Mayday," but no one seems to know or use "Pan-pan, pan-pan, pan-pan."
Mayday: Emergency (from the French, "m'aider" meaning "help me").
Pan: Urgent problem (from the French, "panne" meaning "breakdown" – think of it as Mayday lite). 🛬
Today, I turn 0x32 Years Old
Now, I am officially old. I have that old-man smell like mothballs and Aqua Velva. As a matter of fact, when I had a question earlier today, instead of looking up the answer on the Internet, I e-mailed a buddy asking him to explain it to me.
Some say that age is a state of mind, but there are absolute signs of “old age” and I clearly received one of those, this week: My membership offer for AARP. If I pay $16 to join in the next ten days then I’ll also receive a FREE Sport Tote.
So, hit me up if any of you young whippersnappers need to know how to use Compuserve, Prodigy, MySpace, pogs, carbon paper, a fax, or 8-track. I'm your (old) man. (Sorry, I can’t help you with computer punchcards… I’m not that "experienced.")
You can e-mail me at my AOL e-mail address and I'll respond as soon as my secretary prints out your e-mail for me to read. (I jot down my response on the bottom of the page and then she types up my reply.)
More importantly, I’m currently looking for work as a Y2K consultant, so keep me in mind if you spot any job openings.
Also, I have a bottle of witch hazel in the valise on my Davenport, in case you need any. #groovy #swell
Now please excuse me while I chase some kids off my front lawn and then head to the beach with my metal detector after going for a ride on my recumbent bike.
AOL Keyword: Birthday
Happy 25th anniversary of my 25th birthday.
#generationX
Tuesday, August 1, 2017
How to Stop Google From Storing Your Voice to Text Recordings
Today, I ran across an article pointing out that Google is storing your searches and queries, including your voice to text dictation data.
I forgot that, many years ago, I had turned off all of these features, so Google doesn't report to me any history of my activity on any of their websites. But, I surprised some friends when I showed them how Google was storing their info. It is relatively easy to see what personal data they're recording. Simply visit the following webpage when you're logged into one of your Google accounts:
https://history.google.com
The following link will take you, step by step, through a Google privacy checkup where you can tell them what personal data you want them to record:
https://myaccount.google.com/privacycheckup
I forgot that, many years ago, I had turned off all of these features, so Google doesn't report to me any history of my activity on any of their websites. But, I surprised some friends when I showed them how Google was storing their info. It is relatively easy to see what personal data they're recording. Simply visit the following webpage when you're logged into one of your Google accounts:
https://history.google.com
 |
| All clear - there's nothing to see here. |
The following link will take you, step by step, through a Google privacy checkup where you can tell them what personal data you want them to record:
https://myaccount.google.com/privacycheckup
Subscribe to:
Posts (Atom)