Thursday, October 12, 2017

Student Learning in the 21st Century

A few years ago, I heard about some teachers who were "reversing the classroom" by posting their classroom lesson videos on YouTube. Students would watch the lessons at home and then do their "homework" in class. This gave the teacher a more effective opportunity to help students work through the lesson's problems, rather than the students' parents. It seems like a good idea for more affluent school districts. However, one teacher I know, with ties to the Kibera slums in Nairobi, quickly pointed out that it wouldn't work in all areas.


The Gouge

I went to a military college which had a tightly organized student body where we maintained file cabinets of past exams and quizzes. If a professor gave the same test as before then students would have a leg up. When I brought this up with a friend, he pointed out that a well know textbook rental company started getting into a similar business. When I hear of business ideas like that I ask myself, "Why didn't I think of that?"


Communal Note Taking

With apps like Google Docs, where multiple people can edit a document at the same time, students now use it for collaborative note taking during lectures. Brilliant.


Wikipedia

Students can't cite Wikipedia as a source. But any decently written Wikipedia article will cite sources – so students can cite the original source.

The worst of the privileged white men

The worst privileged white men are the ones who have no idea, or refuse to believe they're living in a different context than others.

And context matters. 

Otherwise we wouldn't celebrate the minor achievements of children or have age groups at 5Ks. Why do we celebrate them? Because they represent the best-of, and significant progress forward.

Context matters.

Let money be the absolute quantitative decider and let love be the qualitative one.

Wednesday, October 4, 2017

Medio Maraton y Ultramaraton 57K in Mexico

This was one dirty forest.
As I descended from the mountain top into the depths of the ashes that had once been a scenic forest it seemed that hell had been here and moved on. It wasn't possible to go up and down the mountains without grabbing onto the dead trees wrapped in a bark of soot. Wearing a white shirt was a poor choice of colors for me. I mean, seriously, who wears white after Labor Day?

The beautiful forest that the trail took us through had been torched by wildfire, last month, leaving dirt and dusty ash with charred bark on the trees. It took two showers for me to get clean. 

Don't let that smile fool you. It's a facade.
This was one of the most grueling races I've done in terms of the trail. The mountains were so steep that going down them at any pace was a challenge and walking up was at a slow crawl that was nearly unbearable. It became my own personal Vietnam.

If I stopped to take a breather, while feeling sorry for myself, the vultures would start circling (jk).

I don't know if I'll do this race again, but it was a memorable one, especially with people cheering me on in a domestic language that was foreign to me.

Dirt, dust, and ash.

Thursday, September 21, 2017

A Symbolic Look at Equifax

Here’s a video that symbolizes my interactions when enrolling in Equifax's credit monitoring service (audio is a must with this video). Nothing like a happy-go-lucky bear caught in a bear trap. 


video


Details


1. I checked to see if my data was compromised. (Some people reported yes, some reported “We believe that your personal information was not impacted by this incident.”) Fortunately, mine was the latter: https://www.equifaxsecurity2017.com/potential-impact/

2. I clicked “Enroll,” and I provided my information. Then, I waited several days for a confirmation e-mail for the next step. (http://trustedidpremier.com)

3. I clicked on the link in the confirmation e-mail. I provided a little more info and got redirected to a web page asking for me to login, but I never set up a password. (https://www.trustedid.com/premier/myaccount.php) 

4. I clicked “Forgot password” and received a reset-password e-mail to set up my first time password.

5. I set up a new password and clicked login after confirming my info.

6. I repeatedly received a “Server is down” error message.

7. I waited (hours/days) and kept trying while continuously receiving “The server unexpectedly dropped the connection” error messages.

To be fair to Equifax, it’s virtually impossible to standup a website in a matter of days/weeks that could handle a load of this magnitude. (Remember when Twitter used to go down – “Fail Whale” – in the early years? Facebook avoided this problem by managing their rollout over college campuses to control their growth and server load.)

In the Equifax case, server downtime works in their favor since less people will enroll. And it gets very confusing for consumers when dealing with so many different domain names (equifax.com, equifaxsecurity2017.com, trustedidpremier.com, trustedid.com, etc).

I’ll report back when I’m able to successfully enroll. I'm still getting a "server is busy" error message.

Anyone else have luck enrolling?



Wednesday, September 13, 2017

iPhone X Form Factor and Security [u]

Perhaps. One solution is to turn off
the phone at LEO encounters
Over the past two days, a surprising number of friends and colleagues have asked for my opinion on the iPhone X. This new smartphone seems to have received a lot of attention.

While I love the new features, I'm concerned about the form factor. Initially, it seemed to be as big as the iPhone 6/7 Plus models, which is too big for me. (I've been using the iPhone 6 & 7.) 

It turns out I was wrong about the size. Compared to the iPhone 7, the iPhone X is about about one tenth of an inch higher and about 0.15" wider. So, it's slightly bigger than the iPhone 7. And, compared to the iPhone 7 Plus, the iPhone X is about half an inch shorter and quarter of inch narrower, making the X significantly smaller than the 7+. The beauty of the iPhone X is that the screen is more than a quarter of an inch larger than the screen on the iPhone Plus models (6, 7, and 8). That's a bigger screen on a smaller phone due to the X's edge-to-edge design.

So, the bottom line is I'm considering getting the iPhone X. 


Face ID

Instead of using Touch ID's fingerprint recognition feature for authentication, the iPhone X uses Face ID, which recognizes a person the same way humans do, by their face. Apple claims that Face ID is 20x more accurate than Touch ID, which is great. But, some people have raised alarms that law enforcement officers (LEOs) could take you into custody and simply unlock your phone by pointing the screen at your face. Could that really happen? Perhaps. But, I've seen alarmist headlines before ("Apple Crosses The Line With New iPhone Feature"). One way to protect against this is to simply not enable this feature for people who are deeply concerned. Another option, if Face ID is turned on, would be to simply turn off your phone before a LEO encounter (i.e. crossing international borders, etc). 

Each time the iPhone is turned on, the secure enclave, which processes your Touch ID or Face ID credentials, remains inactive until a person manually enters their PIN to decrypt this information. It appears, during Craig Federighi's demonstration of Face ID, that his demo phone had been restarted but not unlocked with the PIN, prior to his demo. This prevented Face ID from working. While that's the correct technical behavior, it happened at the wrong time – but he seemed to recover well during the demo.

Update: Apple's Craig Federighi details Face ID and how to quickly disable it.

Monday, August 28, 2017

My Favorite Technical Hacks

Hacks are simple shortcuts that increase productivity. They can be inelegant, but they solve a problem quickly. Hacks may be brittle, solving a problem under specific conditions, or they can require a few extra steps to realize the effective solution. An ideal hack is an innovation or design pattern that works so well it becomes a feature. My favorite non-technical hack (life hack) is one I use after hunting for a parking spot when they're scarce. In the past, I've parked my car and rushed off to my destination without paying attention to where I parked. This has happened to me a couple time in La Jolla and Pacific Beach. So, one life hack I use to remember where I've parked is to open up the Maps app on my iPhone and take a screen shot as soon as I am parked.

I've come across a few computer hacks that stick out in my mind. Computer hacks are harder to explain than life hacks because one has to have an interest in software engineering. But, here goes...


1. Preventing JPG "Theft"

Java was the hot new language when I first started working at Apple. In order to get up to speed I coded as much Java as I could, especially applets since that seemed to be the future of the Web. (It turns out that Java became everything Ada wanted to be, and JavaScript became everything that Java applets wanted to be.)

One area that I focused on was coming up with a way to prevent JPG images from being "stolen" from a webpage. Once an image is displayed on a screen (computer, smartphone, etc), there's no simple way to keep someone from taking a screen shot. My Java applet solution got around this by taking the thumbnail of the image and blowing it up to the full size image so that it was pixelated (blurry). Then, as the user moused over the image in the applet, a small portion would come into focus. This allowed the user to see the entire image at full resolution, but only in parts (one-sixteenth, to be exact). While it was possible to take 16 screen shots and piece them together into a single, full resolution image, that was far from practical.

The full size image was encrypted on the web server to keep a user from downloading it directly from the server. The encrypted image was then sent to the user's web browser and decrypted in pieces, while in memory, inside the client's applet as they moused over the image. 


2. Facebook encrypted UDP

Awhile back, I heard about a brilliantly simple trick that Facebook uses to speed up their site. When a Facebook user logs into their account, their data is fetched from a database. While fetching the data, the user has to wait. The amount of wait time could be imperceptible to the user, or it could be a noticeably long time if the website is under a heavy load. "Heavy load" is a relative term, but Facebook serves more than two billion active users per month, so saving any amount of time makes a noticeable difference at that scale.

Wouldn't it be great if Facebook's servers knew what data a user needed before the user formally requested it? Well, that's effectively what Facebook's done with their little trick that simply involves sending an encrypted UDP (datagram) ahead of the formal TCP/IP request. UDP requests are fire-and-forget, meaning there's a small chance they might not arrive at their destination, but, if they do arrive (and they usually do) then they'll reach Facebook's servers sooner than a TCP/IP request. There's more overhead with TCP/IP since it guarantees delivery (or notice of a failed delivery). TCP/IP is the reason that webpages render perfectly compared to the BBS's of the 1980s that used unreliable dial-up modems where static and interference would be misinterpreted as data and displayed as garbled text.

So, the UDP datagram arrives ahead of the TCP/IP request which enables Facebook's servers to pre-fetch the data and load it in its cache before the formal TCP/IP request arrives. This hack is a simple, yet elegant, way to optimize a website for speed simply by "priming the pump."

3. Safari DNS and Pre-loading

DNS: Safari speeds up webpage load times by looking at all the host names on a webpage, once it's loaded, and then performing a DNS lookup. This saves time, later, when a user clicks on a link since the DNS lookup has already been completed. The time savings might go unnoticed or it can save a few seconds. (There's even an HTML tag to help DNS prefetching.)

Pre-loading: Although I haven't read about this hack, I noticed it when I was monitoring my web server's logs in real-time. As I started typing my own domain name in Safari it came up with an autocomplete suggestion before I finished typing. At the exact moment that the autocomplete suggestion came up in Safari, I noticed an http request for that autocomplete suggestion hitting my web server and showing up in my web server logs. In other words, Safari was loading a webpage before I hit enter. There's not much harm in doing this even if I never formally requested that URL. This is why some webpages load in a flash, especially when I'm on a fast Internet connection and the web server is using a content deliver network (CDN) like Akamai or CloudFront.


4. Keeping iOS Apps Running in the Background

For nearly four years I lead the San Diego Kickstarter Meetup where I mentored entrepreneurs on crowdfunding their products. (At one point, we had six live crowdfunding campaigns.) A couple of the entrepreneurs had iOS apps that accompanied their product which needed to continue running in the background; but iOS doesn't like to keep an app running in the background because it drains the battery. One of the most interesting hacks to keep an app running in the background was to simply play a silent MP3 file which kept the app "alive," even when it was in the background. The downside was that you couldn't play music from another app, but for some situations that was fine. 


5. Timestamping Race Photos

In the late 1990s, I started going to races (5Ks, 10Ks, marathons, etc), snapping race photos at the finish line, and then selling them either at the race or online. The challenge was finding a runner's photo among thousands – bib numbers had to be entered manually, which would take many hours. I came up with a solution that worked great which, to my surprise, no other race photography had implemented. (Nowadays, RFID chips attached to the racer's running shoes solves this problem.)

My solution was to simply synchronize the time on my digital camera to the race clock where midnight (00:00 on a 24 hour clock) was the start of the race. If a runner finished a race in 23 minutes and 30 seconds then they could simply start looking for their race photo around 00:23:15 (23 minutes and 15 seconds after midnight) since the photos were taken about ten seconds before the runner crossed the finish line.

Not all hacking is bad. 🖥

Thursday, August 17, 2017

A Perfect Total Eclipse

With all the news about next week's solar eclipse, I was thinking about why we always see the same side of the moon.

The answer is simply because the time it takes the moon to orbit the earth is the same amount of time it takes to rotate on its axis (about 27 days).

That got me thinking... 

Why does the moon nearly perfectly block out the sun during a solar eclipse?

My conclusion, after running some calculations, is that the sun is 400x wider than the moon but it's also nearly 400x farther away.

Feel free to peer review my calculations.

Friday, August 4, 2017

Air Traffic Control Center Tour

I took a tour of an air traffic control facility, this afternoon, and learned a few things from a controller's perspective. We couldn't take photos as we toured the actual floor of the air traffic control center, but we were allowed to snap pictures in the training center; they look almost identical.
1. There are three basic types of air traffic controllers, each of which is highly specialized: those who work in the towers at the airport, those who work in the "centers" that handle en route traffic, and approach/departure terminal controllers who handle traffic arriving and leaving the airspace outside of an airport. So, a center controller hands traffic over to a terminal controller who would then hand traffic off to a tower controller for landing at an airport. Simple concept, tricky execution, especially when there's a VFR pilot flying close to controlled airspace (like Class B) and not talking to any controllers, which is perfectly legal when flying VFR (i.e. not on a flight plan).
2. Air traffic controllers jokingly refer to jumpers (parachutists) as "meat rockets." (Parachutists don't show up on radar.)
3. For IFR pilots: It's rare that a controller will ask a private pilot to fly an "unpublished hold," especially on a VOR. In other words, it would be rare for a controller to tell a pilot, "Hold east of the Oceanside VORTAC on the 090 radial, left turns, maintain 5,000', expect further clearance 0+50." The controllers probably wouldn't know the exact phraseology, either, and VORs are going away in lieu of GPS. For private pilots in small (slow) planes, controllers would rather simply give a pilot vectors to fly a box rather than a racetrack (see last photo).
4. Everyone knows "Mayday. Mayday. Mayday," but no one seems to know or use "Pan-pan, pan-pan, pan-pan." Mayday: Emergency (from the French, "m'aider" meaning "help me"). Pan: Urgent problem (from the French, "panne" meaning "breakdown" – think of it as Mayday lite). 🛬

Today, I turn 0x32 Years Old

Today, I turn 0x32 years old (0b110010 for you binary nerds). That's half a century of life experiences for me.

Now, I am officially old. I have that old-man smell like mothballs and Aqua Velva. As a matter of fact, when I had a question earlier today, instead of looking up the answer on the Internet, I e-mailed a buddy asking him to explain it to me.

Some say that age is a state of mind, but there are absolute signs of “old age” and I clearly received one of those, this week: My membership offer for AARP. If I pay $16 to join in the next ten days then I’ll also receive a FREE Sport Tote. 

So, hit me up if any of you young whippersnappers need to know how to use Compuserve, Prodigy, MySpace, pogs, carbon paper, a fax, or 8-track. I'm your (old) man. (Sorry, I can’t help you with computer punchcards… I’m not that "experienced.")

You can e-mail me at my AOL e-mail address and I'll respond as soon as my secretary prints out your e-mail for me to read. (I jot down my response on the bottom of the page and then she types up my reply.)

More importantly, I’m currently looking for work as a Y2K consultant, so keep me in mind if you spot any job openings. 

Also, I have a bottle of witch hazel in the valise on my Davenport, in case you need any. #groovy #swell

Now please excuse me while I chase some kids off my front lawn and then head to the beach with my metal detector after going for a ride on my recumbent bike.

AOL Keyword: Birthday

Happy 25th anniversary of my 25th birthday. 

#generationX

Tuesday, August 1, 2017

How to Stop Google From Storing Your Voice to Text Recordings

Today, I ran across an article pointing out that Google is storing your searches and queries, including your voice to text dictation data.

I forgot that, many years ago, I had turned off all of these features, so Google doesn't report to me any history of my activity on any of their websites. But, I surprised some friends when I showed them how Google was storing their info. It is relatively easy to see what personal data they're recording. Simply visit the following webpage when you're logged into one of your Google accounts:
https://history.google.com

All clear - there's nothing to see here.


The following link will take you, step by step, through a Google privacy checkup where you can tell them what personal data you want them to record:
https://myaccount.google.com/privacycheckup




Friday, July 28, 2017

USMC Order of Battle: How it's Budgeted

Second Battalion, First Marines Supply Section
I joined the Marines when I was a naive teenager. I didn't know an officer from an enlisted person and I had no idea of how the military operated. Of course, I began learning all that on Parris Island. But, it wasn't until nearly ten years later, when I was a supply and fiscal officer for an infantry battalion (1/9 and 2/1) where I learned how military budgets worked. One supply chief I worked with used to tell me, "Sir, just take last year's budget and add 10%." While that was a great estimate, I still had to submit detailed calculations to support our budget requests.


Order of Battle

In our infantry battalion, we had close to 1,000 people, nearly all Marines except for about 70 U.S. Navy personnel for medical and religious support. Unlike the other services of the U.S. Armed Forces, every Marine is a combatant, so the Navy would support us with non-combat specialties. (There is one case that comes to mind of when a Marine would be considered a non-combatant and that's if they are captured and classified as prisoner of war.)

The Marine Corps likes to organize maneuver elements into groups of three:
Three Marines form a fireteam (plus a fireteam leader).
Three fireteams form a squad.
Three squads form a platoon.
Three platoons form a company.
Three companies form a battalion.
Three battalions form a regiment.
Three regiments form a division.

In practice, each unit requires leadership and support. A squad has a squad leader. A platoon has platoon commander, a platoon sergeant, and a guide (the guide marches at the front of the platoon carrying the guidon). The larger the unit, the more leadership and support is required.

Our infantry battalion had the typical five companies. Three were line companies used as maneuver elements, meaning that they'd engage in combat as a single unit on the front lines. The other two companies were support units. One was the weapons company, which is a maneuver support unit that provides organic fire support to the three line companies. The weapons company wouldn't see action as an entire company. Rather, they'd be split up into smaller elements (detachments) and attached to the line companies (as reinforcements) with their crew-served weapons (weapons requiring more than one person to operate such as a heavy machine gun or mortar).


Supply Support

H&S Company organizational chart (c. 2017)
As a supply officer, I was a part of the other support unit, Headquarters and Service Company (H&S). This company is where the commanding officer and his staff, which I was a part of, were organized. Supply officers are sometimes referred to as secondary staff officers since they usually report to the logistics officer who was considered primary staff. (For details on staff work see #Leading vs Staff Work.)

As a supply officer, I typically had one to two dozen Marines reporting up to me. On the battlefield, moving supplies around requires coordination via a trained logistics expert. Whereas, on a ship in the Navy the reverse is typically the case; a naval supply officer oversees logistics operations since it's not as challenging to move supplies from one part of a ship to another.

In addition to the commanding officer's staff and the supply section that I previously mentioned, an H&S company is also comprised of communications, motor transport, maintenance, armory, and cook sections that are administrative or technical. H&S does have one tactical unit, the scout sniper platoon, used for organic reconnaissance and engaging select targets.

The beauty of the Marine Corps is that every Marine's a rifleman. So, it's fairly common for cooks or communications Marines to go on patrol or be used to provide security around a base.

So, how is all of this budgeted and paid for?


Paying for War

As a second lieutenant, I learned, on the job, how budgets work but my knowledge was limited to the scope of my experiences.

There are two basic forms of military budgeting that I was involved with. Baseline budgeting, for training during peacetime, and contingency budgeting for wartime.


Contingency Budgeting

4th LAR Supply Section
Contingency budgeting is simple. Simply buy what you need, regardless of cost. It's like throwing out the checkbook register. Since it's war, money is not a big concern, especially at the battalion level. I experienced this when I served with 4th Light Armored Reconnaissance Battalion (4th LAR) after their return from the "March to Baghdad" in support of Operation Iraqi Freedom. We simply ordered all the repair parts we needed to refit our battalion. I don't recall how much that totaled, but the division headquarters was keen to let us know that we ran up the highest bill of any other unit in 4th Marine Division. But, that was expected since we were the only "heavy" (mechanized) battalion that was entirely mobilized from the Marine Corp Reserves.


Baseline Budgeting

Baseline budgeting is a bit more tedious than contingency budgeting since we had to figure out how much our training was going to cost, ahead of time. Luckily, we had the Redbook. The Redbook is a manual of cost factors used to "cost out" training events. There is a lot of paperwork involved when repairing anything in the military, and for a good reason. Maintenance Marines typically don't realize it when they're filling out the repair forms, but the paperwork they submit captures specific details of the maintenance costs for every item repaired, from an M-16 to a tank. All of these costs are captures and averaged across the First Marine Division. The Redbook would give me, as the supply and fiscal officer, a reference to know that, on average, for every day an M-16 is used, we should plan to spend 2¢ on maintenance (not counting the ammunition) or for each day an M-1 Abrams tank is used it would cost $185.

With the Redbook, I would simply layout our peacetime training plan and figure out which units and equipment would participate in each event. Unfortunately, I had create the spreadsheets from scratch and keypunch the data, myself; this would typically take about ten days to complete. Luckily, I didn't have to budget for payroll and food since that was a fixed cost managed by the Marine Corps, at the highest level (there's no overtime in the military). Ammunition was budgeted for in terms of numbers of rounds, but not dollars, so that, too, wasn't a concern of mine.

Although baseline budgeting was tedious, it was a rewarding document to send up the chain of command. If we were short funds, we had hard data to make our case for additional money. Since Marines change billets every two to four years, most everyone is new to their current job position, including the commanding officer. Presenting this level of detail to my commanding officers made them keenly aware, if they were asked to participate in an unscheduled exercise or task force, that their first question should always be, "Who's paying for this?" Even in the Marines, it was pay-to-play. Semper Fi.

Monday, July 24, 2017

How Not to Answer a Press Question

Erik Prince: Founder of Blackwater
This morning, I heard an NPR interview, "Blackwater Founder Backs Outsourcing Afghan War-Fighting to Contractors," with Erik Prince. Although Prince quit the Naval Academy, I completely respect his reason: He loved the Navy but disliked the Academy. I also had thoughts about quitting the Academy to return to the Fleet as a corporal. It's an oppressive place where we joked that all of your human rights were taken away and slowly returned to you over the course of four years, and called privileges. The fact that Prince went on to earn a commission, became a Navy SEAL, and is now a multi-billionaire earns my respect as a professional.

In this morning's interview he sounded like he had a well-thought-out solution to the U.S. presence in Afghanistan. He wasn't the most eloquent speaker, but that's OK since eloquence can sometimes be fluff that makes a bad idea sound good.

Prince's solution to the U.S. involvement in Afghanistan seemed viable until the last question, "Does your company... want any part of this business?" It was a simple yes or no question and he tried to be deceitful while speaking the truth in his convoluted answer (answered in a style that he probably would not accept from one of his operators). He wasn't deceitful on his facts or opinions, rather he was deceitful as to the motivation for his idea. There are times when it's OK to lie or be deceitful, but this wasn't one of them. His answer sounded more like a politician. Great politicians are some of the the smartest people, in the context in which they operate. A typical politician will take the question they are asked and not directly answer it – instead, they answer the question which they wished they had been asked. This is called spin, which, at it's most extreme, is the ability to highlight the truth in a lie, or the lie in a truth.

The problem with Prince's answer to the final NPR question was that he was caught off guard, without a prepared answer, and threw out some distractions; all of which were facts describing what kind of work his company, Frontier Resource Group, does and what he wants for his sons. His first response to the question was so off-topic that the NPR interviewer had to re-ask the question, specifically pinning him down and making him appear to lose credibility on this topic. The last word he spoke was, "Absolutely." That should have been the first word he spoke.

This is how the final question should have been answered...
NPR: "Does your company... want any part of this business [in Afghanistan]?"
Prince: Absolutely! I want our company, Frontier Resource Group, which excels at the logistical support needed in Afghanistan, to be a part of a better and cheaper solution to save money and lives. Especially as a taxpayer and as a father of sons, I don't want my sons going abroad into what has been a poorly conducted war, so far.

Sure, it's easy for me write this blog post after I've had time to think about it and tweak my words to say exactly what I want to convey. However, his answer might go deeper into the personality of a person, whom I've never met; it might be a tell that he'll dodge an unpleasant truth by burying it under facts and emotions. But, I could be wrong.

Monday, July 17, 2017

Me, Apple, and the Marines

Podcast interview: I’m always excited to talk about Apple, WebObjects, my time in the Marines, and working with Guy Kawasaki, Dave Winer, and It's Borrowed:

TMO Background Mode Interview with the CTO of It’s Borrowed Joe Moreno

Too Much Security at USAA

Click to enlarge the USAA mobile app security steps.
Typically, security is a tradeoff with convenience. But, it doesn't have to be. However, it's far too easy for lazy companies to fall back on poor user experience by citing security or some other limitation while pointing fingers. One thing I love about companies like Apple is that they're fantastic at handholding a customer through a support issue, even if it's beyond their area of responsibility.

I've been a USAA member for 25 years. USAA began in the early 1920s as the United States Automobile Association offering insurance to military officers. About 20 years ago, the company expanded their services to enlisted service members and also offers insurance to other federal special agents. In 2009, USAA was one of the first companies to allow consumers to deposit checks by taking a photo of a check via a mobile app. One of the problems I've encountered with their mobile app is authentication.

The USAA mobile app utilizes a Quick Logon and Touch ID as a means of authentication. Instead of entering my password, the app can scan my fingerprint much like my Schwab mobile app. But, unlike my Schwab mobile app, it seems that when my USAA app is updated, I must re-enter my username, password, PIN, and then answer a security question. After that's completed, I have to re-enable Touch ID.

Here are the steps to enable these features...

Quick Logon
1. Enter Logon and password.
2. Enter ATM PIN.
3. Answer security question.

Hurray, I'm logged in and I can deposit a check, view my balance, download insurance documents, etc. Next step is to re-enable Touch ID.

Touch ID
4. Tap your profile image to get to your profile.
5. Tap Settings and Profile.
6. Enter your mobile phone number to receive a temporary passcode via SMS text message.
7. Enter the temporary passcode.
8. Activate Touch ID by tapping the Activate button.
9. Check the box to confirm finger print consent.
10. Tap View Document (PDF) to read the USAA Fingerprint Consent form.
11. Click the final button to activate Touch ID.

Hurray, the "You've successfully enrolled in Touch ID" message confirms that you can logon using your fingerprint until the app is updated. Yes, that is a huge pain to do every couple months, or so.

But wait, there's more. I contacted USAA via Twitter about this issue. As you can see from their reply, they said, "Yes and thanks for the update. Please reach out to tech support at: 877-632-3002 They are able to troubleshoot and provide help."

Calling USAA Tech Support

I called USAA tech support. "We’re currently experiencing a high number of calls. You may have to wait longer than normal," was the recorded message that I heard. Whenever I hear that plain vanilla (sometimes default) message I know that less-than-stellar customer service awaits me. A few minutes later a CSR picked up and I explained the issue. She told me that she'd have to escalate the issue to their web support team. After a couple more minutes of "We’re currently experiencing a high number of calls. You may have to wait longer than normal," another CSR picked up. I told her that I was transferred to her and asked her if she had been briefed on my issue. Unlike Schwab customer service which does a warm handoff, she had not been briefed; so I quickly explained the issue. She told me that I should delete the app and reinstall it. She added, since I was on an iPhone, that I'd have to uninstall the app from iCloud, too. Uninstall the app from iCloud? Now this was something I never heard of, before.

"How do I uninstall the app from iCloud?" I asked.

"Unfortunately, we're not trained in how to uninstall an app from iCloud," she responded.

I suddenly felt like I was talking to Microsoft tech support hearing the typical uninstall and reinstall instructions and "Oh, that's not my problem" deflection.

So, I asked if I did that, then would I still need to reauthenticate Quick Logon and authorize Touch ID. She said, once I uninstalled the app, deleted it from iCloud, and reinstalled the app, that I'd need to re-setup my Quick Logon and biometrics (Touch ID). So, my unasked question, to myself, was, "What problem did we just solve by deleting the app from my iPhone, iCloud (I still don't know what that meant), and reinstalling it?" But I realized, at this point, that asking would be fruitless since USAA CSR training is not up to par, much like their mobile app UX.

Is this blog post complaining, on my part? Yes, it sure is. But I'm hoping that it's coming across as constructively suggesting what USAA can do to improve their customer service for their military members and veterans. With a little luck their UX will be similar to Schwab.

Tuesday, July 11, 2017

Benefits Before Features

Steve Jobs: And then they tried "Got Milk..."
On this day in 1804, the Vice President of United States mortally wounded Alexander Hamilton in a duel in New Jersey (on the same spot where Hamilton's son was also killed in a duel, three years earlier).

Fast forward to 1993 when the first "Got Milk" commercial aired about the duel.
https://www.youtube.com/watch?v=OLSsswr6z9Y

Four years later, Steve Jobs referred to this successful commercial when launching the "Think Different" ad campaign since it was about brand and benefits, not features. https://www.youtube.com/watch?v=3zyeSTEcNgk

Friday, June 30, 2017

Hail Cricket, Farewell AT&T

AT&T LTE Bandwidth
I've used AT&T Wireless service since the first iPhone was released, exactly ten years ago, yesterday. AT&T offered unlimited data and then, a couple years later, they instituted limited data plans. I stayed with AT&T since they grandfathered me in with their unlimited data plan. Even today, I still had an unlimited data plan with AT&T, but they'd throttle it at a certain point. The data would still come through, but at a much slower rate.

However, data was never a big selling point for me. The real issue for me was monthly cost. Phone companies utilize a price elasticity business model, which means they figure out how to charge the most they can to maximize their profits. If they charge too little, they leave money on the table. If they charge too much, then customers will switch to another company. 


Cricket LTE Bandwidth
Generally, cutting edge smart phones cost $500 – $1,000 or more. To defray these costs, the wireless carriers will subsidize the price of the phone by having their customers sign a two-year wireless service contract. This works well since many people do not frequently hop from wireless carrier to wireless carrier. But I like the idea of not being committed to a single carrier. So, I typically purchase an unlocked phone. Purchasing an unlocked phone means I had no service contract commitment, plus I can insert any companies' or countries' SIM card.

About two years ago, my AT&T bill was a very ridiculous $150/month. I never used up my minutes so I dropped my plan down to a moderately ridiculous $95/month which kept creeping up until it recently hit $111/month due to inflation. That's when a couple friends told me about Cricket Wireless which is now owned by AT&T. Cricket utilizes nearly all of AT&T's cell towers meaning that I'll have the same level of coverage. But they key selling point of Cricket is that it costs way less than AT&T.


Switching

So, today, I made the switch from AT&T to Cricket. It took less than an hour for me to go to the local Cricket store and return home with my phone number and service ported.

My monthly bill dropped from $111.42, with AT&T, to $35 with Cricket. But there are some slight differences.


Cricket Cons

1. AT&T LTE down stream bandwidth clocked in at 13.4 Mbps. Cricket advertises that their LTE tops out at 8 Mbps. In practice, I'm seeing about 7.8 Mbps download with Cricket which is very respectable.

2. No more unlimited data. I now pay Cricket a total of $35/month for 4 GB of data. I looked at my AT&T bills from the past year and I was topping out at less than 3 GB of data/month.


Cricket Pros

1. Unlimited voice minutes. (I was paying AT&T $40/month for 450 minutes, with unused minutes rolling over.) Most of my talking is over WiFi since I use either FaceTime or Facebook Messenger, so voice minutes was never a big selling point for me, but I do like that I now have unlimited talk minutes.

2. Unlimited texting. (I was paying AT&T $20/month for unlimited SMS/MMS text messaging; with Cricket, that's all rolled into the $35/month plan.)

3. Cricket utilizes nearly all of AT&T's cell towers, so I should see no connectivity differences.

Today, I ended up paying about $75 to Cricket, out the door, for the $35/month plan due to one-time activation charges. Let's see where it goes from here.



Thursday, June 29, 2017

Apple ID Two-step vs Two-factor Authentication

I recently had a slew of unauthorized attempted logins on my iCloud account which kept locking me out, requiring a password reset. I called AppleCare and the CSR asked me if had turned on two-factor authentication. I told him that I did and, after looking at my account details, he told me that I didn't have two-factor authentication turned on. Instead, he said that I had two-step authentication enabled. Hmm, I didn't know there was a difference.

The key difference is that Apple's two-factor authentication is more secure than two-step authentication. Two-factor authentication is built into iOS. However, if you have an Apple ID for, say, the iTunes Store, but you don't have any Apple devices then you can't take advantage of two-factor authentication; instead, you can use two-step authentication.

Throughout history, people have authenticated themselves in one of three ways (knows, has, is):
1. Something a person knows (a combination to a lock).
2. Something a person has (a key to a house).
3. Something a person is (I walk though the front door of my house and my family recognizes me).

With two-factor authentication, a person needs two things to prove who they are. We experience this when we withdraw money from an ATM since we need our ATM card (first factor) plus our PIN (second factor). With a two-factor Apple ID login, I need to know both my password and I need to have my iPhone handy so I can see a verification code sent to me when I log in.

Without realizing it, we might use three-factor authentication to get into our home by entering a code to drive into an apartment complex, followed by using a key to open our front door, and finally being recognized by another family member or roommate once we enter our home.

Once I switched over to two-factor authentication, which the CSR at AppleCare walked me through, the password resets immediately ended.

Wednesday, June 28, 2017

This is so Easy

Earlier this month, my octogenarian mother had to give up her defunct decade-old MacBook that she inherited from my father. Before 2007, she had never sent or received an e-mail – so high tech is still new to her. My sister and I were a little hesitant to move her from her laptop to an iPad due to the UX change, but it's working out better than expected.

Today, she called me asking about the Epley Maneuver on YouTube. She called on a POTS line and then I switched the call over to a FaceTime video call, which she enjoyed. After I told her how to watch the YouTube video that I sent her ("Simply click the link in the e-mail, mom.") I then told her how to hang up and she enthusiastically said, "This is soooo easy." There was almost a hit of "why didn't you switch me to an iPad sooner" in her voice.

Innovation is something that reduces the cost of a transaction in terms of time or money. And that's exactly what the iPad has done for my mother.

Friday, June 16, 2017

Future-proofing Naïveté

How naive we were, ten years ago, to think that URL shorteners needed to withstand the apocalypse. Even back then, we called it future-proofing. Today, clicking on a ten year old link typically yields a four-oh-four unless you're visiting the website of an Internet power-player with a keen interest in archival like the NYT or Wikipedia 

While shortened links may last a decade or longer, web pages have a much shorter shelf life. As technology quickly changes, so do server-side URL naming schemes that break links. Today's working links will eventually become tomorrow's orphaned links.


404 Solution

I saw a fix to this problem when working at a corporate conglomerate. Every morning, someone analyzed a list of all the 404s from the past day and then did their best to fix the "referrer." Usually that was easiest done by fixing the source, if it was an internal brand webpage. If the broken link was on an important, external website then we set up a web page, where the 404 was landing, to redirect the user to the correct destination. Fix the problem at the source, and when you can't then fix the symptoms rather than shifting the blame.


In The Future

Soon, it'll be common for digital anthropologists to piece together the Internet puzzle, from days long gone, to document the digital history of a culture. No different than a traditional anthropologist, except dealing with electrons instead of atoms.

The web is what it is, it is us who need to adapt our thinking to be inline with online. 

Monday, June 12, 2017

My Luck With Banking

Last month, I withdrew $200 from a San Diego ATM. Unlike New York, where ATMs dispense $20, $50, and $100 bills, San Diego's ATMs have always spit out $20 bills, in my experience. But, last month I got a pleasant surprise when, instead of receiving ten $20 bills, I received nine $20 bills and one $100 bill. Suspected jackpot! 

My first thought was that I had either received $280 in cash or, perhaps, I received $180, plus a counterfeit $100 bill. I immediately spent the "Benjamin" without any problem. On Friday, I looked at my bank statement and saw that I was debited $200, as expected. I spoke to a local corner market owner who refills his store's ATM and he told me that there would be no record of the extra $100 bill since the ATMs can't distinguish between bills – everything's a $20 bill to the ATM. Reaffirmed jackpot!

I figured that I would be free-and-clear of the extra $80, but it wouldn't surprise me if, at some point in the future, that money might be debited from my bank account without notice. So, I sent a message to my bank, describing what happened and this was their response:


Dear Mr. Moreno,
Thank you for your message.  I appreciate your honesty!
As it turns out, [we] can file a dispute when you are not paid enough, but we do not have a resolution process when you are overpaid [...] it sounds as though you may have had a lucky draw!  

Confirmed jackpot!


Bad Luck With Banking

In the mid-1980s, I withdrew some money from a Marine Corps West Federal Credit Union on Camp Pendleton. I heard some paper crunching inside the machine as the money was dispensed, jamming up the cash dispenser. When I walked into the bank to report the issue, the banker looked at me with suspicion and skepticism as I told her what happened.

"We'll look into it," she said, dismissively.

About a week later, I followed up with her and she made me whole. She seemed a little defensive when I asked what happened and how they confirmed it. She simply said the extra money was discovered jammed in the ATM cash dispenser feeder. A minor hassle for me before the age of e-mail, but it all worked out. 

One day, I'll write about how, in the mid-1990s, my landlord deposited my rent checks, but he wasn't credited for them. My bank, which was a different institution than his, was adamant that he was "almost positively" lying. He wasn't, but it took a couple months to reconcile. 

PS – Did you know that you can make actual size, hard copy reproductions of US bills in black and white? You can also make color reproductions of money as long as the one-sided reproduction is more than 25% smaller or 50% larger than genuine bills.

Friday, May 26, 2017

Advice to USNA Class of 2017

Today's USNA '17 Graduation: Those covers (hats) fly high.

Advice to USNA Class of 2015
Advice to USNA Class of 2016

Today, the US Naval Academy Class of 2017 graduated. What would I tell these eager second lieutenants and ensigns? So many things. I learned some key leadership tricks while at the Academy. Some were hard to do in real-life, like Damn XO. Others were simple like the advice that General Krulak told us: when checking into a new unit, get the record books of all of those in your charge and read through them. They'll be impressed when you talk to them, for the first time, about their past, civilian or military. This would simply be a gimmick, though, if you don't stay on top of what's going on in the lives of your Marines. Take the time to know your Marines, even if you need to take notes to remind yourself of their details.

Management vs Leadership

As a new 2nd Lt or ENS, you will be face new and unfamiliar leadership challenges as you move from being an individual contributor to a leader. As an officer, you're more than a manager. In some cases, there are similarities between managers and leaders and in other cases these roles are completely different. An example of where a manager, in a civilian corporation, isn't a leader is an account manager which might be the job title for a sales person with no direct reports.

So, what about the similarities? What's the difference between a leader and a manager of people? The key thing to remember is that leadership transcends levels of an organization. When I worked at Apple, my manager's name was Tony. Since Steve Jobs was four levels above me, he was not my manager, but he was most certainly my leader.

As a new leader, you'll have to learn to take recommendations from your Marines and then decide what to do. Sometimes your subordinates will give you great advice and sometimes they'll give you some not-so-great advice. You'll learn; many times, you'll learn from your mistakes. Just don't repeat them.

My last piece of advice is don't take yourself too seriously. One way to do this is by subordinating your ego which is harder than you think. Here's one way to do it: when telling others about your personnel, refer to the Marines under you by saying "us" or "we" instead of "my Marines." In other words, don't say, "My Marines inventoried the warehouse," rather, say, "We inventoried the warehouse." It's a minor issue, but unless you're the CO then you're part of a the team, not the commander, and your Marines will follow your example.

Monday, May 22, 2017

Prime Now, Amazon Flex (One way to spend money. One way to make money.)

Signed, sealed, and delivered.
A friend told me that she recently started driving for Amazon Flex which is like Uber for Amazon package delivery. As a contract driver, she simply drives to her local Amazon warehouse and loads up her car. She scans each package, using the Amazon Flex app, as she places it in her car and the app determines the optimal driving route. Drivers have three hours to finish their delivers and return with any undelivered items.

As I looked into Amazon Flex, I noticed that Amazon Prime Now delivers groceries, similar to Amazon Fresh. I gave it a try since Prime Now offered free delivery for orders over $20 (plus an additional $5 tip).

I started putting items into my shopping cart, yesterday afternoon. When I went to resume shopping, this afternoon, I noticed that a couple items were no longer available which was clearly displayed. After adding a few more items to my cart, I checked out at 1:30 PM with a 2 PM – 4 PM free delivery window. I had the option, for $7.99, for delivery within the hour.

Ding Dong

Cooler bag for dairy.
About 75 minutes after I placed my order, which was 15 minutes before arriving, I received a text message that Ryan was on his way, with a link to track him that updated in near real-time. I went out to meet him when I saw that he had arrived. As he walked toward me I said, "You're Ryan, from Amazon, right?"

"Yes... this was an easy delivery," said Ryan.

"Do you drive for Amazon Flex?" I asked, catching him off guard.

"Um, uh, yeah... do you know me, personally?"

He was a bit baffled as I explained that I did not know him but I understood how Amazon Flex worked. Best part is that my delivery was exactly what I ordered, plus the dairy was in a cooler bag with ice.