Friday, December 8, 2017

iPhone Backup Trick


What do you do when you run out of disk space on your Mac and can't backup your iPhone?


Create a symbolic link for your iTunes backup folder, linking it to an external hard drive.


There are two ways to backup your iPhone. You can back it up to either iCloud or iTunes. iCloud is convenient because it happens automatically (daily) when the phone is charging and on a WiFi network. But, the downside of an iCloud backup is that the restoring process can take days – many days – depending on your bandwidth. Even if you have a blazing fast Internet connection, the bottleneck will be with iCloud's servers since your personal data isn't cached on a CDN.

I typically keep my iPhone set to backup to iCloud until I buy a new iPhone. With a new iPhone, I'll connect it to iTunes and choose to make an encrypted backup to my hard drive and then I'll restore the backup to the new iPhone. (Choosing the encrypted iPhone backup option will save your passwords, and other sensitive data, thereby saving time when you restore from your backup.)

But, since my iPhone 7 has 256 GB of storage, I quickly discovered that I didn't have that much free space on my MacBook Air. What to do? I tried freeing up some space, but that wasn't enough.

Then I remembered that I had a 2 TB external hard drive with enough free space. So, I dropped to the command line and created a symbolic link to the external drive. To accomplish this, go to Terminal and cd to:
/Users/username/Library/Application Support/MobileSync

I temporarily renamed the Backup folder, under MobileSync, to Original Backup. Then I created the UNIX symbolic link, with the name Backup, to a Backup folder on the external drive:
ln -s /Volumes/MyExternalDrive/Backup 

Once I created the link to the external drive, I changed my backup option, in iTunes, to "This computer" and clicked the Back Up Now button. It took a few hours, but that was better than a few days. After the backup completed, I connected my new iPhone X to iTunes and restored the back up (which took about two more hours), then deleted the symbolic link, and changed the Original Backup folder name to Backup.

Initial Setup

Old iPhone 7 shaking hands with my new iPhone X
Finally, my favorite part of the iPhone X is, to initially set it up, I simply placed my old iPhone 7 next to my new iPhone X. The iPhone X sensed the older iPhone 7, asked for my PIN, and viola, it began transferring the initial setup information.


Need help learning the new iPhone X gestures?
This 5' 30" video will get you primed up.

Face ID

Face ID seems to be working as expected. Frequently, in the time it takes for me to pick up my iPhone X and adjust my grip, it's unlocked.

With Apple's Face ID on iPhone X, the odds of a false positive is down to 1 in a million. That loosely means there are 7,500 people in the world who can unlock my iPhone X – that's a huge improvement over Touch ID which theoretically gave 1.5 million people the ability to unlock my iPhone with their fingerprint.

Tuesday, November 28, 2017

Supreme Court May Overturn Third-party Doctrine

The U.S. Supreme Court will hear a closely watched case tomorrow that will determine whether authorities can search your cellphone location data without a warrant. This dispute could change decades of privacy precedent.

At issue, for SCOTUS to decide, is the third-party doctrine, which says, if you hand your data (e.g. your location) to a third-party then you shouldn't expect it to remain private.

Currently, law enforcement can access much of your information simply by asking for it from the phone company or your ISP. While they frequently can't hand over your content, they can easily discover your location and who you communicated with. We're talking about metadata, which is data about data and how to route it. The USPS currently takes a photo of every letter and package mailed in the US and these images can be used by law enforcement.

One of the most read pieces on this blog, with over 100,000 page views, is a post about Facebook privacy. Then, I discovered that Facebook was keeping track of me via breadcrumbs. Would you like to see if Google is also keeping tabs on you? Then visit

Litmus Test

For tomorrow's case, Orin Kerr submitted a brief on behalf of the government arguing that the Fourth Amendment doesn’t protect location data because it’s the equivalent of being observed in a public space. 

I think Kerr's argument falls short because this data allows us to be observed in private spaces, too.

My litmus test is: how would this apply to the POTUS? Most of us would agree that we shouldn't expect privacy, in the case of a video surveillance camera recording us, in public. If the President walks down a street in New York City, many cameras will record him. But, shouldn't the President's exact location be private, in private? Did the President tweet from the Oval Office, his bedroom, someone else's bedroom, or perhaps a bathroom? Cell phone location accuracy using GPS, WiFi, Bluetooth, etc can be accurate to within a few meters.

The current challenge is that technology is evolving so quickly that consumers don't know how they unknowingly yield their privacy, and laws have not caught up with citizens' expectations or understandings.

Monday, November 27, 2017

Unlocked GSM iPhone X Confusion

I'd like to upgrade to an iPhone X – as soon as one's in stock. Today, I stopped by my local Apple Store and spoke to an employee about which one I should get. For my last few versions, I've had unlocked, contract-free iPhones with AT&T until I switched to Cricket. The rep at the Apple store told me two key things. First, that all iPhones are now unlocked (and have been for a while). Second, I'd have to get one of the iPhone models that work with Verizon or Sprint. That didn't make sense since Verizon and Sprint are CDMA while AT&T, Cricket (which is owned by AT&T), and T-Mobile use GSM.

When I got home I called 1-800-My-Apple. The CSR referred me to Apple's LTE carrier support page (which only makes it clear which carries the phone may work with, not a particular model). While I looked that over, he explained to me that Apple's GSM iPhones only support GSM, whereas their CDMA iPhones support both. That now makes sense – I always wondered why the CDMA iPhones had a SIM tray (part of the reason is that the LTE standard also uses SIM cards).
I learn something new every day.

Further reading:,2817,2407896,00.asp

Sunday, November 26, 2017

The Future of AI

Things we enjoy in the real world, we don’t like online. I like it, when I walk into my local coffee shop, that they know my favorite food or drink. But, it seems creepy when I visit Facebook and see ads for products I searched for, days ago, on Amazon.

Like all technology, we’ll learn how these interactions work and we’ll get used to it, especially those who will grow up with it. But we sometimes forget too quickly; especially if we didn't live through it. Even our grandparents are too young to remember a time when people scoffed at teenagers, living a hundred years ago, because they learned to drive a car instead of ride a horse. 

AI of tomorrow, like the iPhone X, will know who you are from more than touch (PIN or Touch ID). Like another person, the iPhone X can now see literally see and recognize who you are. And it already knows exactly where you are. Perhaps, its camera and microphone will guess more about what you're doing before you ask, if we can trust it.

Living with AI will be like living with a new species. Almost human, but not quite, probably even after passing the Turing Test.

Friday, November 24, 2017

Yesterday's Mediocre Newspapers, Today's Ad Servers

It seems that yesterday's mediocre newspapers are today's most prolific ad servers, with clickbait (yellow journalism) websites jumping on the bandwagon. I get it... I understand that news sites need to make money, which they do with ads. But, print news ads were never intrusive or intertwined within articles as current news websites are, today.

Nowadays, I visit my local newspaper's website and I'm playing whack-a-mole as I x-out pop-up ads. Then, after reading about a dozen stories, I end up needing to either go into private browser mode or use Safari's Reader Mode (shift-command-R) to get around their paywall (the latter only works on unsophisticated news sites).

I understand why newspapers need to do this and it's a tough business they're in because nearly all the news on their website can be found elsewhere. Plus, consumers aren't used to paying for news, making it even harder to charge for online subscriptions. Paying for a newspaper subscription was a different story in the "old days" since the customer was buying atoms (a product, the physical newspaper), not electrons (a service, the online news).

The thing about newspapers is they, in particular, had an atypical revenue model before ten years ago.  Back then, their revenue came primarily from business display ads and consumer classifieds. Interestingly enough, while home subscriptions contributed to their revenue, it did so in an odd way. Specifically, newspaper companies realized that each time they raised the price of their newspaper, subscriptions would drop off. But, even though the newspaper was generating less revenue from subscriptions, in the short term, they kept their display ads and classified ads prices the same. Therefore, they'd generate the same revenue from their primary source (ads) while printing fewer newspapers. Then, their sales people would start calling up former subscribers and new customers to get them to subscribe.

What About 24 Hour TV News?

I get virtually all of my news online, almost all in print, because I don't have a TV. The nice thing about getting my news all in print is that, until an article is updated, there no new news to report. Whereas, on TV, the news stations will rebroadcast the same video footage, repeatedly, while having experts speculate on matters. Additionally, TV news programs frequently add video and sound effects (moving backgrounds, swooshing graphics, music, slow-motion video, etc); none of which is vital to the facts of the news story. Watching the same harrowing video, on TV, over and over again, does nothing to ease the public's angst. As a matter of fact, it makes it worse; to the point of addiction, especially in cases of terrorism.

Q: So, what's the best thing to do to deal with news, especially on terrorism?

A: Watch this Vox video...

Monday, November 20, 2017

TIL: Traveling with Airbnb and Alaska Airlines

Today I learned (TIL) two things while booking travel to Cupertino.

1. Airbnb hosts are allowed to decline guests based on gender (but only if the host shares living spaces with their guest). In other words, a host can choose to only rent to a guest of the same gender; i.e. women can choose to rent to only women and men can choose to rent to only men in cases of shared spaces. However, a host cannot choose to only rent to a guest of the opposite gender.

2. Alaska Airlines has dirt cheap flights between San Diego and San Jose (<$60 one-way, including fees and taxes). But they’ll charge you an extra $11.95 to pick your seat. Since the plane I’m flying on has no middle seat, it didn’t matter.
Update: I may have made a mistake about Alaska Air; the $11.95 pick-your-seat fee may have been a fee charged by the online travel agent ( I'll let you know if I find out more info.

Le Mobile Feast: An American Adventure

Facebook reminded me that, two years ago, I went shopping with Steve Le as he looked for a teardrop trailer to tow behind his car.

Steve was in the early stages of planning an adventure across America where he would cook a dinner party in every state while writing a book about it. He decided to pass on the trailer in lieu of sleeping in the homes of his dinner party hosts for a more intimate connection. He realized that, while people may keep up their guard at a large dinner party, they lower it in the morning when wearing pajamas, while drinking coffee, in their own kitchen. 

Le Mobile Feast: Dinner Party One
I first met Steve a few years ago at a local Naval Academy chapter happy hour in San Diego. We immediately clicked since we both had open minds and enjoyed writing (the name of his adventure, Le Mobile Feast, is a hat tip to Hemingway's book, A Movable Feast). I've been to about ten of his dinner parties in California and a couple in New Orleans. I clearly recount what's become known as "Dinner Party Zero," on the 2015 winter solstice, at my place in downtown San Diego. That was followed shortly thereafter by "Dinner Party One" at the home of my girlfriend. To add a little mystery... a year after Dinner Party One, we had a "special" dinner party.

Along his journey he's interviewed many people and he has been interviewed on NPR. Steve's still working on the details of his book. Initially, he was considering writing a story about every stop and sharing the recipe. But, since he's become an empirical authority on U.S. citizens, he'll probably focus more on contrasting American politics during the final year of Obama and the first year of Trump.

You can follow his adventures on his website.

By the Numbers
Elapsed time: 21 months
States visited: 42
Cities visited: 98
Dinners cooked: 168
Plates served: 1,353
Dogs: 82

Thursday, November 16, 2017

Target Charging Kiosk

Have you ever walked into Target with a low battery charge on your phone and say to yourself, "I wish Target had a secure way to recharge my phone while shopping."

Lo and behold, Target has a locker kiosk exactly for that. Of course, my shopping list was on my phone (along with Pay). But it's still an improvement from the old days when I'd get to the grocery store and have to guess what I wrote on my shopping list that I left back home. It worked exactly as expected. I entered my phone number, e-mail address, and picked a security image from a list (dog, picnic, fire pit, etc) and then I choose a locker. To retrieve my phone, I entered my phone number, tapped my security image, and the locker opened. Simple.

Tuesday, November 7, 2017

Fake News, the First Amendment, & Critical Thinking

The challenge with fake news is it is protected by the First Amendment. Even a lie is protected by the First Amendment, in most circumstances (and there are clearly times when lying is OK).

The problem with fake news is "the amount of energy necessary to refute bullshit is an order of magnitude bigger than to produce it." This is known as the bullshit asymmetry. And this is a rare case when it's easier to create something (the lie) than destroy it.

We commonly see spin and propaganda in business and politics; they're pretty much both the same thing, depending on the context. I like to think of spin as highlighting the lie in a truth or the truth in a lie. Or, to put it gently, spin is about highlighting the positive in a negative or, especially in politics, the negative in a positive.

The solution to fake news is critical thinking. I will not tell you what to think. But, I am willing to show you how to think. And I am willing to tell you what I think. The rest is up to you.

The most important part of critical thinking is to know the source, confirm the facts as best you can, and understand (prioritize) the importance and relevance of arguments and ideas. If it doesn't make sense, then double-check it and avoid confirmation bias because once we make up our minds about something, we tend to stop learning about it.

And, never forget: Snopes and Wikipedia are your weapons in the war on ignorance. Open your eyes, only justice should be blind.

Steal an iPhone, Then What?

My buddy recently spent a couple weeks in Europe, traveling with friends. He went there for Oktoberfest then visited Italy, the Netherlands, and France. While in Paris, someone stole his buddy's iPhone. They tracked it down to a street corner where they found a group of hooligans (there's a word I rarely use); when confronted, the kids ran off.

My buddy and I both used to work at Apple, so we discussed what someone could do with a stolen iPhone. We concluded that a stolen iPhone is useless without the login and password, even if you replace the SIM card. Around 2010, iPhones and iPads were becoming hot items, making them a key item to steal. A common problem on the NYC subway was that a thief would snatch it out of a victim's hand when exiting a subway car as the doors were closing.

In response to the rash of thefts, Apple began making it impossible for an iPhone (or iPad) to be used without the proper credentials. These devices can't be reset to factory settings; so, if you forget your PIN or Apple ID login and password then your device is bricked.

UPDATE 8 Nov 2017: I asked a question at this morning's Tech Coffee"What good is a stolen iPhone?" and an entrepreneur answered with "Spare parts."
Can iPhones be stripped like a stolen car? Perhaps the screen?

Sunday, November 5, 2017

Tips for Getting Back into the Cockpit

Flying to Catalina.
One key thing I learned from Dave Winer about blogging is that its purpose is to narrate one's work. Whenever I type up a long "how to" e-mail, I realize that other's can probably use the info so I post it to my blog.

A classmate from the Naval Academy wrote me, today, saying that she wanted to get back into flying and she asked for my opinion. 

Here's my response...

Hello Melissa,

Great to hear from you.

Head-set, what type do you use? 
I used headset. It uses foam hearing aid plugs which provides excellent passive noise reduction (plus it doesn’t press against your glasses/sunglasses like traditional headsets). When I was learning to fly, a couple of my instructors were using headsets with active noise reduction (i.e. like Bose), but their batteries kept dying making the noice cancellation useless until they replaced the batteries.
If a helicopter uses the same two prong headset connector as a fixed wing plane then it should work.

Ipad? What are you using? Wi-fi, or the wifi plus cellular?
I always fly with my iPad using the ForeFlight app. It is phenomenal. It graphically shows TFRs, weather, etc. I have cellular so I can file a flight plan via ForeFlight  But cellular isn’t required. When you subscribe to the app, you can use it on two devices like an iPad and iPhone, so you could file your flight plane (VFR or IFR) via your iPhone.
You don’t need data connectivity when flying because ForeFlight downloads any VFR and IFR charts that you need, plus it’ll download the approach plates so you can see your position on an approach as well as on a taxi diagram. 
I have a Stratus receiver that I place above my panel and it relays NexRad weather and traffic to my iPad, plus Stratus has WAAS to augment GPS with accuracy down to one meter.

Kneeboard? Type you use?
I have a generic kneeboard that I bought at my flight school. Nothing special about that other than it has a bunch of handy stuff written on it like light signal codes for loss of communications, special transponder frequencies for emergencies, etc. 

Any sectionals or maps you recommend?
The FAA allows private pilots to use ForeFlight as an EFB (electronic flight bag) in lieu of paper maps/charts, A/FD, etc. Keep in mind, though, that technology can fail. I had that happen once, after I landed at an airport, so I pulled out my iPhone and used the taxi diagram on my iPhone to taxi. I still print out my approach plates and taxi diagrams and have them clipped to my yoke.

Anything else you can recommend to help get me back in the air?
I don’t use anything from Jeppesen only because, when ForeFlight first came out, they used FAA approach plates and charts. Now, ForeFlight offers Jepp, but what I’ve been using is great.

Of everything I mentioned, ForeFlight is the most important to me. You can probably download it and try it for free for a month or so to check it out. It’s amazing. It’s revolutionized cockpit resource management for the single pilot.

One other piece of gear that I love is my Brightline flight bag. It’s modularized to be taken apart, but I always fly with the entire bag. It holds my iPad, Clarity Aloft headset, Stratus receiver, clipboard, charts, flashlight, emergency hand held radio etc.

How’s that sound?
Don’t hesitate to let me know if you have any more questions.


Saturday, November 4, 2017

Daylight Saving Time: A Coders Achilles' Heel

Good news – tomorrow's a 25 hour day! Most of us get an extra hour of sleep.

It's also a day when date/time bugs are discovered in code. It's an easy mistake for software engineers to make: thinking that there's always 24 hours in a day.

"When it tomorrow?" asks a coder. Well, I'll just add 24 hours to midnight – a common error that I've seen. Adding 24 hours only works if you add it to, say noon, but not midnight. 

When I worked at Wyndham, a business analyst (BA) reported a bug in our hotel booking website. He told us, in our morning meeting, that QA booked a weekend (three nights; arrive Friday and depart Monday). At checkout, the system was reporting only two nights even though the correct Friday – Monday days was displayed. As soon as the BA said it only happened on one weekend, I immediately knew the problem. I said, "See if that weekend coincides with daylight saving time." Sure enough, it did. It made me look smart, but, truth be told, I had not only made this same mistake myself, as a WebObjects developer at Apple, but I had seen this bug deep in the inner workings of WebObjects prior to version 4.5.

It easy to think that every day has 24 hours and it's hard to test for all the edge cases in software.

Friday, November 3, 2017

Do Not Call Registry

I think the phone company and our federal government's Do Not Call registry ( are letting us down.

The cell phone network is a closed system, with gives the phone companies complete control over who accesses it; so, I'm thinking that it wouldn't be too hard to block calls displaying a caller ID from a disconnected/out of service phone number in the same way that Gmail blocks or filters spam. 🤔

Tuesday, October 31, 2017

The Entrepreneur's Pitch: Keep it Tidy

Keep your pitch tidy.
I've mentored many entrepreneurs over the years – they usually come from a "maker" background in that they make things. Typically, they make physical products or they are software engineers. Most of them are in the midst of their careers as individual contributors. They usually work quietly at their desks without much interaction with others. While this is great for their productivity, it doesn't give them the soft people skills to communicate clearly when interacting with other people.

I've listened to some entrepreneurs take 15 or 30 minutes to explain to me what their product does. That's 60 times too long. For a conversation opener, it should take a couple sentences to tell someone what your company or product does. Longer than that and people lose interest and they're not going to want to work with you.

If you don't know how to do this then practice. Start off with telling the listener if your "thing" is a product or service. "We manufacture an LED light that's an alarm clock for your nightstand which is more effective at waking you up compared to an alarm clock."

That single sentence is how I'd describe TheUplight. Most importantly, it leads with the benefits, not the features. From that sentence, the listener can follow up with their own questions, i.e., "Why is it more effective?" which the entrepreneur behind The UpLights responds with, "The UpLight gently prepares your body for waking up to reduce morning stress and increase productivity throughout the day."

The problem with listing a litany of features is that customers then have to figure out how those features would be of benefit. I know this sounds simple, but it can be very difficult to focus on what's marketable. For example, "it's patented" isn't marketable. While that tidbit is marketable to venture capitalists, it's not a buying decision factor for consumers. I don't care if I buy a patented or patent pending product. Big whoop. So, knowing your audience is important, too. But, regardless of your audience, make your point succinctly. There's a lot of noise out there.

Here's one of the best example I know of about succinct marketing, "1,000 Songs in your Pocket."

Thursday, October 12, 2017

Student Learning in the 21st Century

A few years ago, I heard about some teachers who were "reversing the classroom" by posting their classroom lesson videos on YouTube. Students would watch the lessons at home and then do their "homework" in class. This gave the teacher a more effective opportunity to help students work through the lesson's problems, rather than the students' parents. It seems like a good idea for more affluent school districts. However, one teacher I know, with ties to the Kibera slums in Nairobi, quickly pointed out that it wouldn't work in all areas.

The Gouge

I went to a military college which had a tightly organized student body where we maintained file cabinets of past exams and quizzes. If a professor gave the same test as before then students would have a leg up. When I brought this up with a friend, he pointed out that a well know textbook rental company started getting into a similar business. When I hear of business ideas like that I ask myself, "Why didn't I think of that?"

Communal Note Taking

With apps like Google Docs, where multiple people can edit a document at the same time, students now use it for collaborative note taking during lectures. Brilliant.


Students can't cite Wikipedia as a source. But any decently written Wikipedia article will cite sources – so students can cite the original source.

The worst of the privileged white men

The worst privileged white men are the ones who have no idea, or refuse to believe they're living in a different context than others.

And context matters. 

Otherwise we wouldn't celebrate the minor achievements of children or have age groups at 5Ks. Why do we celebrate them? Because they represent the best-of, and significant progress forward.

Context matters.

Let money be the absolute quantitative decider and let love be the qualitative one.

Wednesday, October 4, 2017

Medio Maraton y Ultramaraton 57K in Mexico

This was one dirty forest.
As I descended from the mountain top into the depths of the ashes that had once been a scenic forest it seemed that hell had been here and moved on. It wasn't possible to go up and down the mountains without grabbing onto the dead trees wrapped in a bark of soot. Wearing a white shirt was a poor choice of colors for me. I mean, seriously, who wears white after Labor Day?

The beautiful forest that the trail took us through had been torched by wildfire, last month, leaving dirt and dusty ash with charred bark on the trees. It took two showers for me to get clean. 

Don't let that smile fool you. It's a facade.
This was one of the most grueling races I've done in terms of the trail. The mountains were so steep that going down them at any pace was a challenge and walking up was at a slow crawl that was nearly unbearable. It became my own personal Vietnam.

If I stopped to take a breather, while feeling sorry for myself, the vultures would start circling (jk).

I don't know if I'll do this race again, but it was a memorable one, especially with people cheering me on in a domestic language that was foreign to me.

Dirt, dust, and ash.

Thursday, September 21, 2017

A Symbolic Look at Equifax

Here’s a video that symbolizes my interactions when enrolling in Equifax's credit monitoring service (audio is a must with this video). Nothing like a happy-go-lucky bear caught in a bear trap. 


1. I checked to see if my data was compromised. (Some people reported yes, some reported “We believe that your personal information was not impacted by this incident.”) Fortunately, mine was the latter:

2. I clicked “Enroll,” and I provided my information. Then, I waited several days for a confirmation e-mail for the next step. (

3. I clicked on the link in the confirmation e-mail. I provided a little more info and got redirected to a web page asking for me to login, but I never set up a password. ( 

4. I clicked “Forgot password” and received a reset-password e-mail to set up my first time password.

5. I set up a new password and clicked login after confirming my info.

6. I repeatedly received a “Server is down” error message.

7. I waited (hours/days) and kept trying while continuously receiving “The server unexpectedly dropped the connection” error messages.

To be fair to Equifax, it’s virtually impossible to standup a website in a matter of days/weeks that could handle a load of this magnitude. (Remember when Twitter used to go down – “Fail Whale” – in the early years? Facebook avoided this problem by managing their rollout over college campuses to control their growth and server load.)

In the Equifax case, server downtime works in their favor since less people will enroll. And it gets very confusing for consumers when dealing with so many different domain names (,,,, etc).

I’ll report back when I’m able to successfully enroll. I'm still getting a "server is busy" error message.

Anyone else have luck enrolling?

Wednesday, September 13, 2017

iPhone X Form Factor and Security [u]

Perhaps. One solution is to turn off
the phone at LEO encounters
Over the past two days, a surprising number of friends and colleagues have asked for my opinion on the iPhone X. This new smartphone seems to have received a lot of attention.

While I love the new features, I'm concerned about the form factor. Initially, it seemed to be as big as the iPhone 6/7 Plus models, which is too big for me. (I've been using the iPhone 6 & 7.) 

It turns out I was wrong about the size. Compared to the iPhone 7, the iPhone X is about about one tenth of an inch higher and about 0.15" wider. So, it's slightly bigger than the iPhone 7. And, compared to the iPhone 7 Plus, the iPhone X is about half an inch shorter and quarter of inch narrower, making the X significantly smaller than the 7+. The beauty of the iPhone X is that the screen is more than a quarter of an inch larger than the screen on the iPhone Plus models (6, 7, and 8). That's a bigger screen on a smaller phone due to the X's edge-to-edge design.

So, the bottom line is I'm considering getting the iPhone X. 

Face ID

Instead of using Touch ID's fingerprint recognition feature for authentication, the iPhone X uses Face ID, which recognizes a person the same way humans do, by their face. Apple claims that Face ID is 20x more accurate than Touch ID, which is great. But, some people have raised alarms that law enforcement officers (LEOs) could take you into custody and simply unlock your phone by pointing the screen at your face. Could that really happen? Perhaps. But, I've seen alarmist headlines before ("Apple Crosses The Line With New iPhone Feature"). One way to protect against this is to simply not enable this feature for people who are deeply concerned. Another option, if Face ID is turned on, would be to simply turn off your phone before a LEO encounter (i.e. crossing international borders, etc). 

Each time the iPhone is turned on, the secure enclave, which processes your Touch ID or Face ID credentials, remains inactive until a person manually enters their PIN to decrypt this information. It appears, during Craig Federighi's demonstration of Face ID, that his demo phone had been restarted but not unlocked with the PIN, prior to his demo. This prevented Face ID from working. While that's the correct technical behavior, it happened at the wrong time – but he seemed to recover well during the demo.

Update: Apple's Craig Federighi details Face ID and how to quickly disable it.

Monday, August 28, 2017

My Favorite Technical Hacks

Hacks are simple shortcuts that increase productivity. They can be inelegant, but they solve a problem quickly. Hacks may be brittle, solving a problem under specific conditions, or they can require a few extra steps to realize the effective solution. An ideal hack is an innovation or design pattern that works so well it becomes a feature. My favorite non-technical hack (life hack) is one I use after hunting for a parking spot when they're scarce. In the past, I've parked my car and rushed off to my destination without paying attention to where I parked. This has happened to me a couple time in La Jolla and Pacific Beach. So, one life hack I use to remember where I've parked is to open up the Maps app on my iPhone and take a screen shot as soon as I am parked.

I've come across a few computer hacks that stick out in my mind. Computer hacks are harder to explain than life hacks because one has to have an interest in software engineering. But, here goes...

1. Preventing JPG "Theft"

Java was the hot new language when I first started working at Apple. In order to get up to speed I coded as much Java as I could, especially applets since that seemed to be the future of the Web. (It turns out that Java became everything Ada wanted to be, and JavaScript became everything that Java applets wanted to be.)

One area that I focused on was coming up with a way to prevent JPG images from being "stolen" from a webpage. Once an image is displayed on a screen (computer, smartphone, etc), there's no simple way to keep someone from taking a screen shot. My Java applet solution got around this by taking the thumbnail of the image and blowing it up to the full size image so that it was pixelated (blurry). Then, as the user moused over the image in the applet, a small portion would come into focus. This allowed the user to see the entire image at full resolution, but only in parts (one-sixteenth, to be exact). While it was possible to take 16 screen shots and piece them together into a single, full resolution image, that was far from practical.

The full size image was encrypted on the web server to keep a user from downloading it directly from the server. The encrypted image was then sent to the user's web browser and decrypted in pieces, while in memory, inside the client's applet as they moused over the image. 

2. Facebook encrypted UDP

Awhile back, I heard about a brilliantly simple trick that Facebook uses to speed up their site. When a Facebook user logs into their account, their data is fetched from a database. While fetching the data, the user has to wait. The amount of wait time could be imperceptible to the user, or it could be a noticeably long time if the website is under a heavy load. "Heavy load" is a relative term, but Facebook serves more than two billion active users per month, so saving any amount of time makes a noticeable difference at that scale.

Wouldn't it be great if Facebook's servers knew what data a user needed before the user formally requested it? Well, that's effectively what Facebook's done with their little trick that simply involves sending an encrypted UDP (datagram) ahead of the formal TCP/IP request. UDP requests are fire-and-forget, meaning there's a small chance they might not arrive at their destination, but, if they do arrive (and they usually do) then they'll reach Facebook's servers sooner than a TCP/IP request. There's more overhead with TCP/IP since it guarantees delivery (or notice of a failed delivery). TCP/IP is the reason that webpages render perfectly compared to the BBS's of the 1980s that used unreliable dial-up modems where static and interference would be misinterpreted as data and displayed as garbled text.

So, the UDP datagram arrives ahead of the TCP/IP request which enables Facebook's servers to pre-fetch the data and load it in its cache before the formal TCP/IP request arrives. This hack is a simple, yet elegant, way to optimize a website for speed simply by "priming the pump."

3. Safari DNS and Pre-loading

DNS: Safari speeds up webpage load times by looking at all the host names on a webpage, once it's loaded, and then performing a DNS lookup. This saves time, later, when a user clicks on a link since the DNS lookup has already been completed. The time savings might go unnoticed or it can save a few seconds. (There's even an HTML tag to help DNS prefetching.)

Pre-loading: Although I haven't read about this hack, I noticed it when I was monitoring my web server's logs in real-time. As I started typing my own domain name in Safari it came up with an autocomplete suggestion before I finished typing. At the exact moment that the autocomplete suggestion came up in Safari, I noticed an http request for that autocomplete suggestion hitting my web server and showing up in my web server logs. In other words, Safari was loading a webpage before I hit enter. There's not much harm in doing this even if I never formally requested that URL. This is why some webpages load in a flash, especially when I'm on a fast Internet connection and the web server is using a content deliver network (CDN) like Akamai or CloudFront.

4. Keeping iOS Apps Running in the Background

For nearly four years I lead the San Diego Kickstarter Meetup where I mentored entrepreneurs on crowdfunding their products. (At one point, we had six live crowdfunding campaigns.) A couple of the entrepreneurs had iOS apps that accompanied their product which needed to continue running in the background; but iOS doesn't like to keep an app running in the background because it drains the battery. One of the most interesting hacks to keep an app running in the background was to simply play a silent MP3 file which kept the app "alive," even when it was in the background. The downside was that you couldn't play music from another app, but for some situations that was fine. 

5. Timestamping Race Photos

In the late 1990s, I started going to races (5Ks, 10Ks, marathons, etc), snapping race photos at the finish line, and then selling them either at the race or online. The challenge was finding a runner's photo among thousands – bib numbers had to be entered manually, which would take many hours. I came up with a solution that worked great which, to my surprise, no other race photography had implemented. (Nowadays, RFID chips attached to the racer's running shoes solves this problem.)

My solution was to simply synchronize the time on my digital camera to the race clock where midnight (00:00 on a 24 hour clock) was the start of the race. If a runner finished a race in 23 minutes and 30 seconds then they could simply start looking for their race photo around 00:23:15 (23 minutes and 15 seconds after midnight) since the photos were taken about ten seconds before the runner crossed the finish line.

Not all hacking is bad. 🖥

Thursday, August 17, 2017

A Perfect Total Eclipse

With all the news about next week's solar eclipse, I was thinking about why we always see the same side of the moon.

The answer is simply because the time it takes the moon to orbit the earth is the same amount of time it takes to rotate on its axis (about 27 days).

That got me thinking... 

Why does the moon nearly perfectly block out the sun during a solar eclipse?

My conclusion, after running some calculations, is that the sun is 400x wider than the moon but it's also nearly 400x farther away.

Feel free to peer review my calculations.

Friday, August 4, 2017

Air Traffic Control Center Tour

I took a tour of an air traffic control facility, this afternoon, and learned a few things from a controller's perspective. We couldn't take photos as we toured the actual floor of the air traffic control center, but we were allowed to snap pictures in the training center; they look almost identical.
1. There are three basic types of air traffic controllers, each of which is highly specialized: those who work in the towers at the airport, those who work in the "centers" that handle en route traffic, and approach/departure terminal controllers who handle traffic arriving and leaving the airspace outside of an airport. So, a center controller hands traffic over to a terminal controller who would then hand traffic off to a tower controller for landing at an airport. Simple concept, tricky execution, especially when there's a VFR pilot flying close to controlled airspace (like Class B) and not talking to any controllers, which is perfectly legal when flying VFR (i.e. not on a flight plan).
2. Air traffic controllers jokingly refer to jumpers (parachutists) as "meat rockets." (Parachutists don't show up on radar.)
3. For IFR pilots: It's rare that a controller will ask a private pilot to fly an "unpublished hold," especially on a VOR. In other words, it would be rare for a controller to tell a pilot, "Hold east of the Oceanside VORTAC on the 090 radial, left turns, maintain 5,000', expect further clearance 0+50." The controllers probably wouldn't know the exact phraseology, either, and VORs are going away in lieu of GPS. For private pilots in small (slow) planes, controllers would rather simply give a pilot vectors to fly a box rather than a racetrack (see last photo).
4. Everyone knows "Mayday. Mayday. Mayday," but no one seems to know or use "Pan-pan, pan-pan, pan-pan." Mayday: Emergency (from the French, "m'aider" meaning "help me"). Pan: Urgent problem (from the French, "panne" meaning "breakdown" – think of it as Mayday lite). 🛬

Today, I turn 0x32 Years Old

Today, I turn 0x32 years old (0b110010 for you binary nerds). That's half a century of life experiences for me.

Now, I am officially old. I have that old-man smell like mothballs and Aqua Velva. As a matter of fact, when I had a question earlier today, instead of looking up the answer on the Internet, I e-mailed a buddy asking him to explain it to me.

Some say that age is a state of mind, but there are absolute signs of “old age” and I clearly received one of those, this week: My membership offer for AARP. If I pay $16 to join in the next ten days then I’ll also receive a FREE Sport Tote. 

So, hit me up if any of you young whippersnappers need to know how to use Compuserve, Prodigy, MySpace, pogs, carbon paper, a fax, or 8-track. I'm your (old) man. (Sorry, I can’t help you with computer punchcards… I’m not that "experienced.")

You can e-mail me at my AOL e-mail address and I'll respond as soon as my secretary prints out your e-mail for me to read. (I jot down my response on the bottom of the page and then she types up my reply.)

More importantly, I’m currently looking for work as a Y2K consultant, so keep me in mind if you spot any job openings. 

Also, I have a bottle of witch hazel in the valise on my Davenport, in case you need any. #groovy #swell

Now please excuse me while I chase some kids off my front lawn and then head to the beach with my metal detector after going for a ride on my recumbent bike.

AOL Keyword: Birthday

Happy 25th anniversary of my 25th birthday. 


Tuesday, August 1, 2017

How to Stop Google From Storing Your Voice to Text Recordings

Today, I ran across an article pointing out that Google is storing your searches and queries, including your voice to text dictation data.

I forgot that, many years ago, I had turned off all of these features, so Google doesn't report to me any history of my activity on any of their websites. But, I surprised some friends when I showed them how Google was storing their info. It is relatively easy to see what personal data they're recording. Simply visit the following webpage when you're logged into one of your Google accounts:

All clear - there's nothing to see here.

The following link will take you, step by step, through a Google privacy checkup where you can tell them what personal data you want them to record:

Friday, July 28, 2017

USMC Order of Battle: How it's Budgeted

Second Battalion, First Marines Supply Section
I joined the Marines when I was a naive teenager. I didn't know an officer from an enlisted person and I had no idea of how the military operated. Of course, I began learning all that on Parris Island. But, it wasn't until nearly ten years later, when I was a supply and fiscal officer for an infantry battalion (1/9 and 2/1) where I learned how military budgets worked. One supply chief I worked with used to tell me, "Sir, just take last year's budget and add 10%." While that was a great estimate, I still had to submit detailed calculations to support our budget requests.

Order of Battle

In our infantry battalion, we had close to 1,000 people, nearly all Marines except for about 70 U.S. Navy personnel for medical and religious support. Unlike the other services of the U.S. Armed Forces, every Marine is a combatant, so the Navy would support us with non-combat specialties. (There is one case that comes to mind of when a Marine would be considered a non-combatant and that's if they are captured and classified as prisoner of war.)

The Marine Corps likes to organize maneuver elements into groups of three:
Three Marines form a fireteam (plus a fireteam leader).
Three fireteams form a squad.
Three squads form a platoon.
Three platoons form a company.
Three companies form a battalion.
Three battalions form a regiment.
Three regiments form a division.

In practice, each unit requires leadership and support. A squad has a squad leader. A platoon has platoon commander, a platoon sergeant, and a guide (the guide marches at the front of the platoon carrying the guidon). The larger the unit, the more leadership and support is required.

Our infantry battalion had the typical five companies. Three were line companies used as maneuver elements, meaning that they'd engage in combat as a single unit on the front lines. The other two companies were support units. One was the weapons company, which is a maneuver support unit that provides organic fire support to the three line companies. The weapons company wouldn't see action as an entire company. Rather, they'd be split up into smaller elements (detachments) and attached to the line companies (as reinforcements) with their crew-served weapons (weapons requiring more than one person to operate such as a heavy machine gun or mortar).

Supply Support

H&S Company organizational chart (c. 2017)
As a supply officer, I was a part of the other support unit, Headquarters and Service Company (H&S). This company is where the commanding officer and his staff, which I was a part of, were organized. Supply officers are sometimes referred to as secondary staff officers since they usually report to the logistics officer who was considered primary staff. (For details on staff work see #Leading vs Staff Work.)

As a supply officer, I typically had one to two dozen Marines reporting up to me. On the battlefield, moving supplies around requires coordination via a trained logistics expert. Whereas, on a ship in the Navy the reverse is typically the case; a naval supply officer oversees logistics operations since it's not as challenging to move supplies from one part of a ship to another.

In addition to the commanding officer's staff and the supply section that I previously mentioned, an H&S company is also comprised of communications, motor transport, maintenance, armory, and cook sections that are administrative or technical. H&S does have one tactical unit, the scout sniper platoon, used for organic reconnaissance and engaging select targets.

The beauty of the Marine Corps is that every Marine's a rifleman. So, it's fairly common for cooks or communications Marines to go on patrol or be used to provide security around a base.

So, how is all of this budgeted and paid for?

Paying for War

As a second lieutenant, I learned, on the job, how budgets work but my knowledge was limited to the scope of my experiences.

There are two basic forms of military budgeting that I was involved with. Baseline budgeting, for training during peacetime, and contingency budgeting for wartime.

Contingency Budgeting

4th LAR Supply Section
Contingency budgeting is simple. Simply buy what you need, regardless of cost. It's like throwing out the checkbook register. Since it's war, money is not a big concern, especially at the battalion level. I experienced this when I served with 4th Light Armored Reconnaissance Battalion (4th LAR) after their return from the "March to Baghdad" in support of Operation Iraqi Freedom. We simply ordered all the repair parts we needed to refit our battalion. I don't recall how much that totaled, but the division headquarters was keen to let us know that we ran up the highest bill of any other unit in 4th Marine Division. But, that was expected since we were the only "heavy" (mechanized) battalion that was entirely mobilized from the Marine Corp Reserves.

Baseline Budgeting

Baseline budgeting is a bit more tedious than contingency budgeting since we had to figure out how much our training was going to cost, ahead of time. Luckily, we had the Redbook. The Redbook is a manual of cost factors used to "cost out" training events. There is a lot of paperwork involved when repairing anything in the military, and for a good reason. Maintenance Marines typically don't realize it when they're filling out the repair forms, but the paperwork they submit captures specific details of the maintenance costs for every item repaired, from an M-16 to a tank. All of these costs are captures and averaged across the First Marine Division. The Redbook would give me, as the supply and fiscal officer, a reference to know that, on average, for every day an M-16 is used, we should plan to spend 2¢ on maintenance (not counting the ammunition) or for each day an M-1 Abrams tank is used it would cost $185.

With the Redbook, I would simply layout our peacetime training plan and figure out which units and equipment would participate in each event. Unfortunately, I had create the spreadsheets from scratch and keypunch the data, myself; this would typically take about ten days to complete. Luckily, I didn't have to budget for payroll and food since that was a fixed cost managed by the Marine Corps, at the highest level (there's no overtime in the military). Ammunition was budgeted for in terms of numbers of rounds, but not dollars, so that, too, wasn't a concern of mine.

Although baseline budgeting was tedious, it was a rewarding document to send up the chain of command. If we were short funds, we had hard data to make our case for additional money. Since Marines change billets every two to four years, most everyone is new to their current job position, including the commanding officer. Presenting this level of detail to my commanding officers made them keenly aware, if they were asked to participate in an unscheduled exercise or task force, that their first question should always be, "Who's paying for this?" Even in the Marines, it was pay-to-play. Semper Fi.