Categorized: Technology

Senate Eliminated Broadband Consumer Privacy Protections Today

Earlier today, the Senate voted 50-48 to repeal rules meant to protect broadband consumers’ privacy from being collected and sold by requires Internet Service Providers (ISPs). The rules, passed last October in the final months of the Obama administration, required ISPs to do two simple things:

  • allow users to opt-out of collecting consumer data
  • require ISPs to opt-in to the collecting of more sensitive data, such as financial information and browsing history

This still has to pass the House and get signed by the President, but if you’re expecting either to block passage of this repeal, I have a bridge to sell you.

With the Senate passing the repeal, those rules protecting your privacy are now history. Your ISP can collect and market any information they have about you or can gather through sniffing your broadband connection. Of course, in an ideal world, you could switch to another ISP, which might not do this collecting. But because of the great expense required to enter the broadband market, there is no true ISP competition. Hell, even a well-heeled company like Google couldn’t penetrate this market. Online privacy is basically toast.

As an armchair political observer, two things stick out:

  1. Is this against the Senate’s own rules? Repealing these rules was because Congress passed and the President ratified the “Congressional Review Act.” The Act’s aim is to allow Congress to repeal any rules that had passed in the last months of the Obama administration with a simple majority, which the Republicans currently have in both chambers. Accordingly, repealing broadband privacy protection rules needed just a simple majority, rather than the filibuster-proof sixty-plus votes required to pass new legislation. I wonder if someone could argue that repealing old laws requires the passage of a new law. Isn’t that how it worked with Prohibition: repealing the 18th Amendment required passing the 21st Amendment?

  2. Since when is privacy a partisan issue? Except for the legislators who are in the pockets of the telecom industry, I don’t see how this is a partisan issue, where fifty Republicans supported it and forty-eight democrats opposed it. I can’t imagine how even the most right-wing fascist would be in favor of this, much less entertain the idea of a left-wing extremist consenting to corporations harvesting selling our consumer data. Like globalization, free trade, and income inequality, these are issues that bind the left and the right together more than it divides them. I thought only corporate fat cats and their lap dogs favor this kind of stuff.

Perhaps it’s time to consider tunneling all your traffic through a VPN to protect your privacy, although that is not a very practical solution.

When Clouds Go Dark

During my frequent flying days, I was a fan of Mobiata’s FlightTrack mobile app. As the name suggests, the app tracked your flights, including delays and cancellations, as well as more routine information such as departure gate information and updated arrival times. I liked it over the other apps, even the free ones, for two reasons:

  1. It used to synchronize with TripIt, which meant that as soon as you booked your flight and forwarded your email confirmation to TripIt, FlightTrack would begin tracking your flights.
  2. Each notification would be accompanied by the familiar airplane cabin chime.

Last week, Mobiata announced that FlightTrack and their FlightBoard apps would stop working after February 28. They are “sunsetting” both apps and are apparently joining the mobile development team at Expedia to work on all-in-one travel app that could include FlightTrack’s functionality. While Mobiata can’t reach out and delete the apps from my phone, the apps will stop working because, on March 1, they will shut down the servers that FlightTrack and FlightBoard use to get flight data.

Mobiata’s shutdown made think about how many of my mobile apps I use that rely on a developer’s cloud server to work. As I suspected, it’s a lot. Here are the just apps on my iPhone’s home screen that communicate with a server and why.

iPhone Home Screen Feb 2017

  1. iCloud, including my calendar, contacts, email, messages, web browser bookmarks and tabs, photos, music, and activity to share with my friends. I also need a server to use Maps.
  2. Dark Sky to get its hyperlocal weather data.
  3. Paprika to synchronize my recipes across devices and the web browser bookmarket to quickly add recipes.
  4. Bankitivity to synchronize transactions between my desktop and iPhone applications.
  5. OmniFocus to synchronize tasks, projects, and contexts across desktop, iPhone and iPad applications.
  6. Deliveries to synchronize package tracking across devices and get delivery tracking data.
  7. Day One to synchronize journal entries across devices.
  8. Drafts to synchronize text clippings across devices.
  9. Dropbox to access files on my Dropbox.
  10. Downcast to fetch podcast episodes and synchronize across devices.
  11. Untappd to fetch beer data and post my check-ins and notes.
  12. At Bat to stream baseball games and fetch news.
  13. Bus NYC to fetch realtime bus and subway data.
  14. Transit to fetch nearby bus and subway data and to plan routes.
  15. Citi Bike to fetch data on bike and dock availability, posting my trips, and fetching account information.
  16. 1Password to synchronize my 1Password keychain across devices.

For each app listed above, my phone is communicating with a different server to post and fetch data. No wonder I need an unlimited data plan.

But what’s even more alarming is the prospect of a server going dark. It’s not so much that the server will fail. Any cloud computing platform is designed to mitigate collapse, such as an extended outage or a hardware failure. But no server is designed to keep running after the developer has ceased to do business: because the developer couldn’t pay their server bills (e.g., Everpix), because the developer couldn’t raise funding (e.g., Avocado) to keep operating, or because the developer died.

At the risk of sounding apocalyptic, it’s not a matter of if these cloud services will go dark, it’s a matter of when. And when it does happen, each app and the data contained within it will go dark, just as the lights in the developer’s office and their Amazon AWS account.

Why I Switched to New AT&T Wireless Unlimited Plan

Last week, was a whirlwind week in the US wireless industry. Before then, only T-Mobile and Sprint offered unlimited data plans to all customers, but by the end of the week all four major carriers offered them. On Monday, Verizon announced that it was resurrecting its unlimited wireless plan, and a few days later, AT&T announced that it was also offering an unlimited wireless plan to all customers, whereas it was only available to DirecTV subscribers.

Although all four carriers offer 4G LTE data, there’s an implicit hierarchy among the wireless carriers in the United States. At the top, AT&T and Verizon have the most mature networks that cover the most terrain and carry the most expensive pricing. Below them is a second tier of carriers, namely T-Mobile and Sprint. Their networks cover less terrain and are perceived as being less robust in terms of network connectivity. Because of this perception, they have been the most aggressive about pricing. That is why they were, before last week, the only carriers to offer unlimited plans.

To be sure, the only reason Verizon’s and AT&T’s unlimited plans emerged last week was because of the competitive pressure that T-Mobile and Sprint have put on Verizon and AT&T. Verizon likely felt the squeeze was too much to bear and capitulated with its new unlimited plan. AT&T likely saw this and quickly reacted by expanding its unlimited plan to everyone. It’s safe to say that none of this would have happened had AT&T been allowed to acquire T-Mobile.

For readers who are carrier-agnostic and are considering switching to an unlimited plan, Mac Rumors has produced a nifty comparison between the four unlimited plans offered by the majors. But as the kids today say, YMMV.

Unlimited vs. Unlimited

I was immediately intrigued by these new offerings. I have been on the grandfathered unlimited data plan that AT&T once offered with iPhones. I have held on to it despite the introduction of less-expensive metered data plans and a $5-per-month rate increase instituted last year that was due to increase by another $5 next month. Another factor in my intrigue was that I have two other lines on my plan: one is on a metered 3 GB data plan (labelled below as “Line 2”) and the other (labelled “Line 3”) is on a grandfathered unlimited data plan. I also receive a 20% employee discount through my employer.

Here’s a comparison between my current talk, text, and data plan; my current talk, text, and data plan after the impending rate hike in March; and AT&T’s new unlimited plan. (All prices are rounded to the nearest dollar, and they do not include taxes and fees, which I am considering as a wash between all these plans.)

Description Talk, Text, Data Plan Effective March 2017 New Unlimited Plan
Base Plan $60 $60 $60
Text Messaging $30 $30
Line 1 $35 $40 $40
Line 2 $45 $50 $40
Line 3 $40 $40 $40
Discount -$32 -$34 -$12
TOTAL $178 $186 $168

As you can see, the new unlimited plan for all three lines is about $10 less than the current talk, text, and data plan that I share with two other lines.

The savings are greater after factoring in the impending $5 per-month rate increase, effective March 2017, for each grandfathered unlimited data plan (Lines 1 and 3 in the table above). I guess AT&T’s strategy to bully us off the unlimited data plan finally worked!

Another factor to consider is that Line 2, the metered plan, often exceeds the 3 GB data allotment. AT&T bills the data overage at $10 per GB. I considered switching to a plan with more data, but the next higher offering is $50 for 5 GB. There is no “discount” for more data at this next plan; it’s similarly priced at $10 per GB, as is the base 3 GB and any associated overages. With Line 2 on an unlimited plan, there will be no more overage charges.

If I add a fourth line, it will, in effect, be free because AT&T reimburses you $40 each month for that fourth line, after a two–billing-cycle “waiting” period. That would significantly reduce the price per line.

But Why Stick with AT&T?

Although AT&T’s new unlimited plan is the most expensive of the four major wireless carriers and is the only one that doesn’t offer tethering, I prefer to stay with AT&T for three reasons:

  1. I am receiving $650 in bill credits from AT&T for my iPhone 7. When Apple introduced the iPhone 7 last September, AT&T allowed you to trade-in your iPhone 6 for up to $650 in credit towards an iPhone 7. You could get effectively get a base model iPhone 7 for free. Since I opted for the 128 GB instead of the base 32 GB model, I am paying the extra $100 over 30 months, which works out to about $3.30 per month. Should I leave AT&T, I will have to pay the remaining balance, which is significant.
  2. The AT&T wireless network is superior to the others where I live and work. Although it was hardly true a few years ago, AT&T has a very reliable wireless network in New York, particularly the neighborhoods I frequent. I considered switching to the more affordable plans on T-Mobile or Sprint, but after speaking to friends and colleagues, I resisted switching because those networks are not as reliable as AT&T’s. Moreover, Verizon had a potent 3G network that put AT&T’s to shame. In the 4G LTE era, the opposite is true. AT&T operates a robust network in New York that seems to outperform Verizon’s network, according to the testimony of my friends and colleagues.
  3. Tethering is not a factor. The unlimited plan never allowed tethering so I am not going to miss what I don’t have.

What Should You Do?

An unlimited plan isn’t for everyone. Most mortals use a surprisingly small amount of data, less than 3GB per month, so an unlimited plan would be excessive for them. Personally, I wonder if that’s because most wireless users have conditioned themselves to restrict their data usage for fear of overages. For the majority of those users, I say stick with your metered plan.

But I use a lot of data, regularly between 3 GB and 6 GB, per month, as sometimes as high as 12 GB. I like not having to worry about overages. Also, Line 2 on my plan, the one with the 3 GB plan, would regularly exceed those allotments. I doubt he would be happy turning on “safe mode” to slow down the data transfers to 2G speeds. The unlimited plan works for us, but it might not be the best for you. As I literally said before, YMMV.


In the end, the small but measurable savings between the talk, text, and data plan of yore and the new unlimited plan made a lot of sense. But also, my wanting to stay loyal to AT&T played a significant factor. As much as we all hate the cable company, the airline, and the wireless carrier, AT&T has been just fine for me. I certainly suffered when the iPhone was exclusive to AT&T, as making a phone call or transmitting data seemingly never worked, but in the 4G LTE era, things are different. Of course, this might change when 5G emerges as a standard, but that is still a couple of years away. And if AT&T falters, I’ll be off-contract. I can always switch to another plan or provider.

Update: AT&T announced on Monday, February 27, that it is introducing two new unlimited plans. I’m mulling it over and will repost here about what I think to do.

Late to the OCR Party

I’m embarrassed to admit that I don’t use OCR for converting documents into plain text as much as I probably should. It is a very handy utility, and it is one that computers have been doing for a long time. Indeed, I remember using OCR in college, at the computer lab where I worked, scanning a single page of print and watching the software read it and turn it into plain text with astonishing accuracy. It seemed like magic.

And what did I do with that magical text? I took that text, put it in a Word document, and printed it out.

Today, there’s many more useful things to do with OCR, particularly for scholars and academics. One example is to share the text of historical primary documents instead of an image files of the documents.1 For years, I have been sharing with my students readings as PDF files, but in the mobile-first era of the web, it makes much more sense to share a webpage that someone can easily read on a mobile device, instead of a PDF that they have to pinch-and-zoom—or even print out—to read.

Earlier this week, I began sharing with my students plain text files, instead of PDF scans, of readings not available in their textbooks. Doing this yields some benefits:

  • They can read the text on mobile devices.
  • Visually impaired students can use a screen reading device to “read” the document.
  • They can search the text.
  • They can resize the text, either bigger or smaller.
  • They can parse the text to read with a browser utility like Apple’s Safari Reader or a read-later application like Instapaper.
  • They will appreciate the much smaller file size, like 100 times smaller, especially for students using a mobile device.

If sharing readings as plain text instead of PDF files makes so much sense, what took me so long?

Honestly, I didn’t know what tool I should use. I can’t remember the software I first used in 1997, but it’s safe to assume it doesn’t exist anymore. Acrobat offers OCR, but I haven’t had a Creative Cloud license since the days of Creative Suite 3. Although I have a lot of apps that can scan and convert to text, such as the one for a Doxie scanner or PDFPen+Scan for iOS, most of these readings are in PDF already. I don’t want to print and scan them just to do OCR.

Lo and behold, Google Drive converts PDF to text. I just learned about this yesterday, and I like the results. To use Google Drive for OCR, follow these three steps:

  1. Upload your PDF file to Google Drive, if it’s not there already.
  2. Right-click on the file
  3. Select Open With > Google Docs

After a few minutes, depending on the size of your document, you can see the converted text. The results are pretty good. Obviously, the clearer and better your text, the more accurate the OCR will be. One cool feature is that it “respects” the pagination and hyphenation of your original document. If your document has page headers or page footers, those will appear. Since I’m interested in capturing only the text—not the pagination or hyphenation—of the document, I have to remove those from my final text document.

The nice thing about having a plain text document is that you can lightly format it as needed. Since I use Markdown, I recommend using a Markdown-capable text editor to parse the text. You’ll have a relatively unadulterated text file and can export it to any format you want from there. You can export to PDF, unstyled HTML, or RTF. And as I did with my first try at OCR in 1997, you can even print it.

  1. One of my big complaints about #kidstoday is that are keen to share screenshots of a website—or worse, a photos of computer display with the browser window—instead of sharing the URL of the site. 

The Gig Economy, or Can’t Someone Else Do It?

In “Trash of the Titans,” the 200th episode of The Simpsons from 1998, Homer runs for sanitation commissioner of Springfield as an outsider on a populist platform. Tired of having to take out his trash to the curb and paying for its collection, one of his first actions in office is to have his sanitation workers do household chores for everyone in Springfield. His platform was simple: “Can’t someone else do it?”

Homer Simpson in Trash of the Titans

Last summer, I heard about a new app that seemed to reflect everything was wrong with the Silicon Valley, the tech industry, and the so-called gig economy: Pooper.

Pooper is an app that allows dog owners to take their dog for outdoor walks and let the dog defecate. Once your dog has dropped its deuce, you…

  • open the app
  • photograph the spot where your dog pooped
  • someone arrives to scoop your dog’s shit

To put it in high-concept terms for Silicon Valley: It’s Uber for poop. Pooper!

If this sounds too good—or too awful—to be true, don’t worry, it is most certainly fake. And don’t confuse it with the other Pooper for when you need to poop.

Pooper is less an app or a work of comedy than it is a piece of conceptual art.

Pooper’s website contains all the hallmarks of a tech company. There’s a sandwich video, a familiar-looking mobile app that looks a lot like Uber, and a feature list illustrated with icons.

Pooper Feature List

The Pooper service even mocks other tech services by offering three price points: a basic, a premium, and an unlimited tier.

Pooper has three pricing tiers

The project creators intended to criticize the gig economy built into the service sector companies masquerading as revolutionary apps. They see these as contributing “to the downfall of society.”

A few years ago, when I polled students about driving for Uber or running errands on Task Rabbit, they responded favorably to these services and echoed the mantra of gig economy: it’s cool because it lets people make extra money on the side. However, as these students were attending a private university in New York City, I think they were only imagining themselves using these services—to get a cheap ride or have someone wait in line for a Cronut—and not actually working for these companies as independent contractors.

It’s early, but I have started to see a backlash of the gig economy. Pooper was one example that highlighted the other side of the tech-drive gig economy by including a link to “Become a Scooper.”

How it Works to be a Scooper

The Scooper page drew attention to the labor that the tech economy eliminates from view. The page is preposterously bright and sunny, promising that it’s good for everyone in terms of cleaner cities with less dog waste, extra income for scoopers, and a better environment with compostable scooping materials.

Scooping is good for everyone: cleaner cities, extra income, our environment

It sounds great, right? Sure, until you realize you’re picking up dog shit.

These mom-tech apps deliberately hide the humans doing the actual work. Seamless is perhaps the most deliberate about it: promising zero human contact. That’s a bold promise because a human has to prepare your food, another human has to package it, and one more has to deliver it. I suppose you could ask the delivery guy to leave it on the step outside to ensure you make truly have no face-to-face contact… or perhaps you don’t consider the delivery guy to be a human.

The same is true for similar apps. There’s always a human—probably a poorly paid one—doing the work you tapped on your app to avoid doing. It’s time to recognize that.

2006 vs. 2016, Flash Memory Edition

Just before the end of the year, people in my social network—and likely yours—were posting pictures of themselves from 2006 and 2016, ostensibly to compare their contemporary selves to their appearance ten years ago.

Rather than gaze at myself ten years ago, I thought it would be fun to compare a recent purchase of removable flash memory to another similar purchase from 10 years ago.

2006 USB Memory Stick

In 2006, I bought a removable USB memory stick, which was all the rage at the time in the days before Dropbox and other cloud storage solutions. The capacity was one (1) gigabyte and I paid $51.29 on Amazon. It might have seemed like a good deal at the time.

2016 SD Card

A few weeks ago, at the end of 2016, I ordered an SD card for my SLR camera. The capacity is thirty-two (32) gigabytes and I paid $14.99 on Amazon. In some ways, even this purchase seems a bit dated. SD cards seem like a niche product these days since the days of the compact digital camera, which drove those sales, seem to be over. Also, 32 GB is not a lot of capacity. Consider that I could buy 64 GB, 128 GB, and even 256 GB for about $25, $60, and $120, respectively.

To really summarize the difference between the two over the last ten years, consider that I bought something thirty-two times bigger, that is orders-of-magnitude faster, for less than a third of the price.

I may have changed over the last ten years, but I don’t think I can say I changed as much as flash memory.

It’s Time to Get Rid of “Security” Questions

Since 2009 or so, I’ve been using and preaching about using a password manager to generate and track all of your usernames and passwords. Until some other system comes along, the only way to safeguard your user accounts is to use a complex and unique password for every one of your accounts. If hackers steals a site’s user database and can decipher your credentials for that site, they can use those credentials to log in to other sites where you use the same password. But with a password manager, it’s easy to create strong and unique passwords for each site. And should hackers ever breach a site you use, you only need to change the password for that site because all your other accounts use a different password.

Yahoo Hacked… Again

Yesterday, Yahoo revealed that in 2013 hackers stole user information for about one-billion Yahoo accounts. By the way, this is a separate theft from the one the company disclosed earlier this year where thieves stole information from 500 million users in 2014.

The stolen user information includes (emphases are mine):

  • name
  • email addresses
  • telephone number
  • date of birth
  • hashed passwords
  • security questions and answers

Ordinarily, I would just change my password for any Yahoo account I have. The password manager would generate and store a new unique and complex password, and it would alert me if I had other accounts on Yahoo that needed the same treatment. It turns out I have two Yahoo accounts, although I haven’t used one of them since the 2008 or so.

Because so many people use the same password for multiple sites, it’s fairly common for sites that store usernames and passwords to hash (or encode) the passwords so that thieves can’t read them and use them to log in to your accounts. Apparently, Yahoo has done this but used a hashing technique that is cryptographically broken.

“Security” Questions Aren’t Secure

However, what seems even more troubling to me is that Yahoo might not have hashed the security questions and answers that act as workarounds to access your account when you forget your password. These “security questions” are a very primitive way of verifying a user. Twenty or so years ago, when you phoned your bank, they would verify your identity using your mother’s maiden name or your date of birth. But today that seems quaint because it’s not really secure: a close friend or relative easily knows that information.

Nonetheless, many websites have used similar security questions to “safeguard” your account:

  • where were you born?
  • what is the name of your favorite teacher?
  • what is the make of your first car?
  • what is your high school’s mascot?
  • what was the name of first street you lived on?
  • what was your first job?

With a little detective work, someone can learn all these bits of “secure” information about you.1 As a way to strengthen this system, I use fake answers for these security questions: some are random bits of text or some are just random names. I record these in a password manager.

However, since Yahoo didn’t appear to hash those security questions and answers, instead storing them as plain text, these could be used to reset your passwords on your accounts.

Time for Two-Factor Security

If I learned something from this breach, it’s that the time has come to get rid of security questions and instead force users to use two-factor authentication.2 This requires you to enter your password and a temporary code that is either generated by an app on your mobile device or sent to you by text message.3 This provides a small safeguard because if hackers learn your credentials, they still need a code to access your account.

It’s certainly more secure than the name of your childhood pet.

  1. Some sites force you to choose from a list of answers. For example, United Mileage Plus asks “What is Your Favorite Sea Animal?” and offers about forty choices. United chose this method because it would prevent a hacker from logging your keystrokes and users from revealing their password in a security question. Some users need to be saved from themselves. 
  2. Last year, Google found that security questions weren’t actually secure and encouraged users to use a second factor to authenticate. They are phasing them out. 
  3. Once you activate two-factor on your Apple account, you no longer authenticate with security questions. Good riddance! 

Apple Pay Offers a Free Suburban New York Train Ride

Despite using Apple Pay since getting an iPhone 6 in 2014, I didn’t know until today that Apple maintained an offers page, or at least that they posted one for the holidays.

There’s some very compelling offers, such as…

That last one comes about a week too late for me. I did take an MTA Metro North train after Thanksgiving, returning from an short bike ride to Tarrytown, but this offer didn’t take effect until December 1.
Also, the offer expires on January 1, which is a shame. I would have appreciated a discount on the $36 round-trip fare to Greenport or Montauk when cycling season begins anew next year.

When Saving Time and Money Costs a Lot of Time and Money

Earlier this week, I had one of those moments when I realized that the system I was using to save time and money was costing me a lot of time and my employer a lot of money.

Then I remembered something that happened back in college.

As an undergraduate student at UCSB in the 1990s, I worked at the on-campus computer labs. At the time, our IT people were trying to figure out how to charge students to print at the labs.

What sounded like a simple process of procuring and installing a payment system, turned into an endless series of trials for one system after another…and a lot failures. Exasperated, the lab manager suggested that we abandon our efforts and take the paper out of the printers. “Can’t we just give students 50 sheets of paper each term and show them how ‘manual feed’ works?”

I don’t exactly remember what the final solution, but I wasn’t the “manual feed” solution. Regardless, I’m sure it doesn’t exist today.

Font Awesome, or How to Make “Free” Pay Off

Font Awesome is a font and icon toolkit based on CSS and LESS. Since I redesigned my sites in 2014, I have been using it to display the icons that you see pepper throughout the sites.

The Font Awesome icon pack has been free, but perhaps sensing that free was not a sustainable revenue model, the creators offered a series of subscription tiers for the upcoming version 5.

To raise some initial money, the creators turned to Kickstarter and offered early backers a discounted Pro membership. Their goal was to raise $30,000 to fund development of Font Awesome 5. The crowdfunding campaign ended early this morning, obliterating that goal. They raised over a million dollars. After reaching their initial goal, they set up several stretch goals after reaching certain fundraising milestones. Many of them are a little too technical for me to understand, but the last one in particular is that they pledged to open-source some of their frameworks. That’s pretty cool.

This however didn’t happen by accident. Raising funds of Kickstarter is now a cottage industry, and the guys at Font Awesome were very methodical in launching their campaign, even hiring a professional video production firm for their video.

The result is certainly impressive, and initially I thought they had produced it themselves: “What? These guys can make videos, too!?!” Knowing that they outsourced the video work—and that it cost them like $15,000—makes the Font Awesome guys seem a lot more human.

At the same time, though, their success shatters the myth that crowdfunding is a revolutionary way to raise funds. The Font Awesome campaign is extraordinary, being the most successful Kickstarter campaign to date. But it shows that to successfully raise funds, it helps that you already have funds.

As risky as it may sound to spend $15,000 on a three-minute video, it clearly helped Font Awesome raise a lot of funds. That’s not bad for something that started out as a free product.