,

A hit-and-run accident — literally

It was our first-ever perp walk! My wife and I were on the way home from a quick grocery errand, and we were witnesses to and first responders to a nasty car crash. A car ran a red light and hit a turning vehicle head-on.

As we pulled over to see if there were injuries, the young driver and passenger in the red-light runner got out of their vehicle… grabbed their backpacks… and ran. I got out our car and shouted at the kids to come back, and also managed to snap some quick cell-phone pictures.

We stayed behind at the accident scene to check out the victim (a nice but shaken woman). We also waited with her until the fire and then police arrived.

Other witnesses followed the perps, who ran into a supermarket and hid in the bathroom, and they called 9-1-1 about it. A few minutes later we learned “They got them!” — and the police officer at the accident scene asked us to drive to the supermarket parking lot and see if we could identify the runners.

So: I sat in the back of a car, and my wife hid behind a tree. The perps were taken one-at-a-time out of a patrol car to see if we could recognize them. The police were very careful to make sure the kids didn’t see us. They were indeed the runners — we could easily confirm that, and they clearly matched the photos on my phone.

After the ID, the police sent us home, with thanks. We’d like to commend Phoenix police and fire for their professionalism.

What a day, and what an adventure. While we hope that the kids had insurance (the woman’s car was totaled), we are especially grateful that nobody was injured, and that justice will be done.

And, I guess, once a first responder, always a first responder.

, ,

Hello, Hibiscus! One of our favorite flowers

This plant in our garden keeps blooming and blooming. What’s funny is that sometimes the flowers are yellow, and sometimes they are orange, like this one.

, , ,

Goodbye, Pebble – It’s a real loss to smart watches

5d3_1277I was dismayed this morning to find an email from Pebble — the smart watch folks — essentially announcing their demise. The company is no longer a viable concern, says the message, and the assets of the company are being sold to Fitbit. Some of Pebble’s staff will go to Fitbit as well.

This is a real loss. The Pebble is an excellent watch. I purchased the original monochrome-screen model by signing onto their Kickstarter campaign, back in April 2012, for an investment of $125.

The Kickstarter watch’s screen became a little flakey after a few years. I purchased the Pebble Time – a much-improved color version – in May 2016, for the odd price of $121.94 through Amazon. You can see the original Pebble, with a dead battery, on the left, and the Pebble Time on the right. The watchface I’ve chosen isn’t colorful, so you can’t see that attribute.

I truly adore the Pebble Time. Why?

  • The battery life is a full week; I don’t travel with a charging cable unless it’s a long trip.
  • The watch does everything I want: The watch face I’ve chosen can be read quickly, and is always on.
  • The watch lets me know about incoming text messages. I can answer phone call in the car (using speakerphone) by pressing a button on the watch.
  • Also in the car I can control my phone’s music playback from the watch.
  • It was inexpensive enough that if it gets lost, damaged or stolen, no big deal.

While I love the concept of the Apple Watch, it’s too complicated. The battery life is far too short. And I don’t need the extra functions. The Pebble Time is (or rather was) far less expensive.

Fortunately, my Pebble Time should keep running for a long, long time. Don’t know what will replace it, when the time comes. Hopefully something with at least a week of battery life.

Here’s the statement from Pebble:

Pebble is joining Fitbit

Fitbit has agreed to acquire key Pebble assets. Due to various factors, Pebble can no longer operate as an independent entity, and we have made the tough decision to shut down the company. The deal finalized today preserves as much of Pebble as possible.

Pebble is ceasing all hardware operations. We are no longer manufacturing, promoting, or selling any new products. Active Pebble models in the wild will continue to work.

Making Awesome Happen will live on at Fitbit. Much of our team and resources will join Fitbit to deliver new “moments of awesome” in future Fitbit products, developer tools, and experiences. As our transition progresses, we’ll have exciting new stories to tell and milestones to celebrate.

It’s no doubt a bittersweet time. We’ll miss what we’re leaving behind, but are excited for what the future holds. It will be important for Pebblers to extend a warm welcome to Fitbit—as fans and customers—sharing what they love about Pebble and what they’d like to see next.

,

Bald Eagle at Canyon Lake, Arizona

What an amazing sight! We visited Canyon Lake, Arizona — a short drive from our home in Phoenix — and were rewarded with a close-up of this bald eagle. The bird seems to have caught prey; we believe it was a smaller bird, since we could see feathers flying.

These were shot using a Canon EOS 5D Mark III, with a Canon 70-200mm f/2.8 IS lens. This made me wish I’d brought the big Sigma 150-600mm. Next time!!


 

 

 

,

May you be blessed

1d4_7849Today’s beautiful cactus flowers will be gone tomorrow.

So much of our world’s wonders are ephemeral. Blink and you’ll miss the rainbow. A hug lasts mere seconds. A smile is fleeting. Shapes in the clouds constantly change.

Take a moment to enjoy life. Stop and smell the roses, watch the butterflies dance, take delight in the people around you, the shadows on the wall, the waves in the ocean. These precious moments, these everyday miracles, shall never come again.

G’mar chatima tova. May you be blessed with health, peace, joy, love, and delight.

, ,

Spammers really want to give me a BMW, but aren’t sure of the year or model

bmw-530iMrs. Rachael Adams is back, and still wants to give me a fine Bavarian automobile. But is it a 7-series or a 5-series? Is it a 2015 or 2016 model? Doesn’t matter – it’s a scam. Just like the one a few weeks ago, also from Mrs. Adams, but at least that one was clearer about the vehicle. Hey, it’s the same reg code pin as last time, too. See “A free BMW 7-Series car – and a check for $1.5 million!

All these “you are a winner” lottery emails are scams. Don’t reply to them, simply delete them.

From: Mrs. Rachael Adams

Subject: BMW LOTTERY PROMOTIONS.

BMW LOTTERY DEPARTMENT
5070 WILSHIRE BLVD
LOS ANGELES. CA 90036
UNITED STATES OF AMERICA.

NOTE: If you received this message in your SPAM/BULK folder, that is because of the restrictions implemented by your Internet Service Provider, we (BMW) urge you to treat it genuinely.

Dear Winner,

This is to inform you that you have been selected for a prize of a brand new 2015/2016 Model BMW 7 Series Car and a Check of $1,500,000.00 USD from the international balloting programs held on the 2nd section in the UNITED STATE OF AMERICA.

Description of prize vehicle;

Model: 530iA Color (exterior): Metallic Silver Mileage: 5 Transmission: Automatic 6 Speed

Options: Cold weather package, premium package, fold down rear seats w/ski bag, am fm stereo with single in dash compact disc player.

The selection process was carried out through random selection in our computerized email selection system (ESS) from a database of over 250,000 email addresses drawn from all the continents of the world which you were selected.

The BMW Lottery is approved by the British Gaming Board and also Licensed by the International Association of Gaming Regulators (IAGR). To begin the processing of your prize you are to contact our fiduciary claims department for more information as regards procedures to the claim of your prize.

Name: Mr. David Mark
Email: [redacted]
Direct 24hours Security Line: [redacted] (Text Message Only)

Contact him by providing him with your Reg. pin code Number

255125HGDY03/23.

You are also advised to provide him with the under listed information as soon as possible:

  1. Name In Full :
  2. Residential Address :
  3. Nationality :
  4. Age :
  5. Sex
  6. Occupation :
  7. Direct Phone :
  8. Present Country :
  9. Email address :
  10. Reg pin code Number: 255125HGDY03/23

Please you are to provide him with the above listed details as soon as possible so he can begin with the processing of your prize winnings.

Congratulations from all our staffs and thank you for being part of our promotional program.

Mrs. Rachael Adams.

FROM THE DESK OF RACHAEL ADAMS,
THE DIRECTOR PROMOTIONS
BMW LOTTERY DEPARTMENT
UNITED STATES OF AMERICA

,

Though this Medium: using of Internet has been greatly Abused, says scammer

ghanaSpam scam: Who needs stand-up comedians when laughs appears in my inbox each and every day? This is one of the most amusing in a while, mainly because I can’t parse most of it.

Don’t reply to messages like this. Delete them right away.

From: Mr. Henry Addo

Subject: I NEED YOUR URGENT RESPONSE

My Good Friend,

Mr. name is My Henry Addo, the AM I ares ares Newly Promoted Branch Manager of Bank here in Ghana, West Africa, not quite I and Feel Safe discussing this with you through this Internet Business method, why is The Very Important Important Because this Transaction and the Business Must Confidential treated be. Though this Medium: using of Internet has been greatly Abused, I Still the Choose to you through the REACH IT Because IT Still Remains The Fastest Medium of Communication, during the Information I obtained the Your My search through The Internet.

May the Interest to you that I Hear IT the AM ares man of PEACE and do not Want the Problems, I Hope we only Each Call Assist for the CAN OTHER. The If you do not Want this Offer Kindly forget the Business IT, the AS the Contact you I will not again.

I have packaged a financial transaction that will benefit both of us, as the Branch Manager of the Bank, it is my duty to send in a Financial Report to my head office in the capital city Accra at the end of each year.

In the course of the last year 2015 end of the year report, I discovered that my branch in which I am the Manager made excess profit of Seven Million five Hundred Thousand Dollars [US $ 7,500,000.00] which my head office are not aware of and will be aware of Never Registered. I have Placed Since this Fund in ares SUNDRY ACCOUNT.

As an officer of the bank I can not be directly linked to this money, so this informed my contacting you for us to work together so that you can assist me and receive this fund into your bank account in your country for us to SHARE.

I am offering you 40% of the total fund, while you keep 60% for me in your bank account till I join you in your country for the sharing / investment of my own share of the funds or better still we can go into a joint partnership venture, I will appreciate it very much.

The Request for Your Honesty and Optimum immensely I Cooperation and Let Me Know Your Mind on this, the AS and the Please do treat this the Information Top Secret the AS the CAN I not afford to My Ñlose the Job with The Bank. We Shall Go over a once The details I The Receive your urgent response.

Thanks for your understanding, i will be waiting for your response

Sincerely,

Mr. Henry Addo.

, , ,

With Big Data, Facebook knows you by the company you keep

liberalAs Aesop wrote in his short fable, “The Donkey and His Purchaser,” you can quite accurately judge people by the company they keep.

I am “very liberal,” believes Facebook. If you know me, you are probably not surprised by that. However, I was: I usually think of myself as a small-l libertarian who caucuses with the Democrats on social issues. But Facebook, by looking at what I write, who I follow, and which pages I like, probably has a more accurate assessment.

The spark for this particular revelation is “Liberal, Moderate or Conservative? See How Facebook Labels You.” The article, by Jeremy Merrill, in today’s New York Times, explains how to see how Facebook categorizes you (presumably this is most appropriate for U.S. residents):

Try this (it works best on your desktop computer):

Go to facebook.com/ads/preferences on your browser. (You may have to log in to Facebook first.)

That will bring you to a page featuring your ad preferences. Under the “Interests” header, click the “Lifestyle and Culture” tab.

Then look for a box titled “US Politics.” In parentheses, it will describe how Facebook has categorized you, such as liberal, moderate or conservative.

(If the “US Politics” box does not show up, click the “See more” button under the grid of boxes.)

Part of the power of Big Data is that it can draw correlations based on vague inferences. So, yes, if you like Donald Trump’s page, but don’t like Hillary Clinton’s, you are probably conservative. What if you don’t follow either candidate? Jeremy writes,

Even if you do not like any candidates’ pages, if most of the people who like the same pages that you do — such as Ben and Jerry’s ice cream — identify as liberal, then Facebook might classify you as one, too.

This is about more than Facebook or political preferences. It’s how Big Data works in lots of instances where there is not only information about a particular person’s preference and actions, but a web of connections to other people and their preferences and actions. It’s certainly true about any social network where it’s easy to determine who you follow, and who follows you.

If most of your friends are Jewish, or Atheist, or Catholic, or Hindu, perhaps you are too, or have interests similar to theirs. If most of your friends are African-American or Italian-American, or simply Italian, perhaps you are too, or have interests similar to theirs. If many of your friends are seriously into car racing, book clubs, gardening, Game of Thrones, cruise ship vacations, or Elvis Presley, perhaps you are too.

Here is that Aesop fable, by the way:

The Donkey and his Purchaser

A man who wanted to buy a donkey went to market, and, coming across a likely-looking beast, arranged with the owner that he should be allowed to take him home on trial to see what he was like.

When he reached home, he put him into his stable along with the other donkeys. The newcomer took a look round, and immediately went and chose a place next to the laziest and greediest beast in the stable. When the master saw this he put a halter on him at once, and led him off and handed him over to his owner again.

The latter was a good deal surprised to seem him back so soon, and said, “Why, do you mean to say you have tested him already?”

“I don’t want to put him through any more tests,” replied the other. “I could see what sort of beast he is from the companion he chose for himself.”

Moral: “A man is known by the company he keeps.”

,

When meeting to exchange goods bought online, be safe and careful

muggingNothing is scarier than getting together with a buyer (or a seller) to exchange dollars for a product advertised on Craig’s List, eBay or another online service… and then be mugged or robbed. There are certainly plenty of news stories on this subject, but the danger continues. Here are some recent reports:

Don’t be a victim! The Phoenix Police Department has released an advisory. It’s good advice. Follow it.

Phoenix Police Media Advisory:

Internet Exchange Related Crimes

The Phoenix Police Department has recently experienced reported crimes specific to the usage of internet exchange sites that allow sellers to advertise items for sale and then interact with buyers. Subsequent to the online interaction, the two parties usually meet and exchange money for goods in a private party transaction at an agreed-upon location. However, due to circumstances surrounding the nature of these interactions, many criminals are using them for their own purposes

 Specifically, the Phoenix Police Department has seen an increase in robberies of one of the involved parties by the other party during these exchanges. However, crimes as serious as homicide and kidnapping have been linked to these transactions. Although no strategy is 100% effective when trying to be safe, there are a number of steps one can take to ensure the transaction is done under the safest possible circumstances. The department is urging those involved in these private, internet-based sales transactions to consider the following while finalizing the deal and making safety their primary consideration:

  • If the deal seems too good to be true, it probably is.
  • The location of the exchange should be somewhere in public that has many people around like a mall, a well-traveled parking lot, or a public area. Do not agree to meet at someone’s house, a secluded place, a vacant house, or the like.
  • Try to schedule the transaction while it is still daylight, or at least in a place that is very well lit.
  • Ask why the person is selling the item and what type of payment they will accept. Be wary of agreeing to a cash payment and then travelling to the deal with a large sum of cash.
  • Bring a friend with you to the meet and let someone who isn’t going with you know where you are going and when you can be expected back.
  • Know the fair market value of the item you are purchasing.
  •  Trust your instinct! If something seems suspicious, or you get a bad feeling, pass on the deal!

Other good advice that I’ve seen:

  • Never agree to meet in a second place, when you show up at the agreed-upon place and receive a text message redirecting you somewhere else.
  • Never give the other party your home address. If you must do so (because they are picking up a large item from your house), bring the item outside; don’t let them into your house. Inform your neighbors what’s going on.
  • Call your local police department and ask if they can recommend an Internet Purchase Exchange Location, also known as a Safe Exchange Zone.

Be careful out there, my friends.

, , ,

Securely disposing of computers with spinning or solid state drives

big-shredderCan someone steal the data off your old computer? The short answer is yes. A determined criminal can grab the bits, including documents, images, spreadsheets, and even passwords.

If you donate, sell or recycle a computer, whoever gets hold of it can recover the information in its hard drive or solid-state storage (SSD). The platform doesn’t matter: Whether its Windows or Linux or Mac OS, you can’t 100% eliminate sensitive data by, say, eliminating user accounts or erasing files!

You can make the job harder by using the computer’s disk utilities to format the hard drive. Be aware, however, that formatting will thwart a casual thief, but not a determined hacker.

The only truly safe way to destroy the data is to physically destroy the storage media. For years, businesses have physically removed and destroyed the hard drives in desktops, servers and laptops. It used to be easy to remove the hard drive: take out a couple of screws, pop open a cover, unplug a cable, and lift the drive right out.

Once the hard drive is identified and removed, you can smash it with a hammer, drill holes in it, even take it apart (which is fun, albeit time-consuming). Some businesses will put the hard drive into an industrial shredder, which is a scaled-up version of an office paper shredder. Some also use magnetism to attempt to destroy the data. Not sure how effective that is, however, and magnets won’t work at all on SSDs.

It’s much harder to remove the storage from today’s ultra-thin, tightly sealed notebooks, such as a Microsoft Surface or Apple MacBook Air, or even from tablets. What if you want to destroy the storage in order to prevent hackers from gaining access? It’s a real challenge.

If you have access to an industrial shredder, an option is to shred the entire computer. It seems wasteful, and I can imagine that it’s not good to shred lithium-ion batteries – many of which are not easily removable, again, as in the Microsoft Surface or Apple MacBook Air. You don’t want those chemicals lying around. Still, that works, and works well.

Note that an industrial shredder is kinda big and expensive – you can see some from SSL World. However, if you live in any sort of medium-sized or larger urban area, you can probably find a shredding service that will destroy the computer right in front of you. I’ve found one such service here in Phoenix, Assured Document Destruction Inc., that claims to be compliant with industry regulations for privacy, such as HIPAA and Sarbanes-Oxley.

Don’t want to shred the whole computer? Let’s say the computer uses a standard hard drive, usually in a 3.5-inch form factor (desktops and servers) or 2.5-inch form factor (notebooks). If you have a set of small screwdrivers, you should be able to dismantle the computer, remove the storage device, and kill it – such as by smashing it with a maul, drilling holes in it, or taking it completely apart. Note that driving over it in your car, while satisfying, may not cause significant damage.

What about solid state storage? The same actually applies with SSDs, but it’s a bit trickier. Sometimes the drive still looks like a standard 2.5-inch hard drive. But sometimes the “solid state drive” is merely a few exposed chips on the motherboard or a smaller circuit board. You’ve got to smash that sucker. Remove it from the computer. Hulk Smash! Break up the circuit board, pulverize the chips. Only then will it be dead dead dead. (Though one could argue that government agencies like the NSA could still put Humpty Dumpty back together again.)

In short: Even if the computer itself seems totally worthless, its storage can be removed, connected to a working computer, and accessed by a skilled techie. If you want to ensure that your data remains private, you must destroy it.

Beetle Bars and Cricket Cookies: The Global Market for Edible Insects

edible-insects-marketAs a technology analyst, I read a lot of market reports. Most are not as crunchy (and unpalatable) as  the Global Market Study on Edible Insects, by Persistence Market Research.

Some takeaways from the report’s summary:

In terms of value, the global edible insects market is anticipated to expand at a CAGR of 6.1% during the forecast period and is expected to account for US$ 722.9 million by 2024 end. Orthoptera (cricket, grasshopper, and locusts) segment is projected to register a CAGR of 8.1% over the forecast period, driven by rising demand for cricket granola bars, cricket crackers, cricket cookies, and cricket chocolates. Of the various edible insect type products, the beetle’s segment is estimated to account for approximately 30.8% share of the global market share in 2016, and caterpillars segment is estimated to account for 17.9% share.

Also:

Demand for edible insects in countries in Europe is on the rise, primarily owing to factors such as low risk of disease – as transmission of zoonotic diseases (diseases transmitted from animals to humans) such as H1N1 (bird flu) and BSE (mad cow disease) is low with regard to insects – and higher protein and nutrients and micronutrients such as copper, iron, magnesium, manganese, phosphorus, selenium and zinc, and fatty acids in comparison to meat and fish products. Insects are particularly important as a food supplement for undernourished children owing to easier digestibility.

Yeah, I guess it makes sense…. but still. More info:

On the basis of insect type, the global edible insect market is segmented into beetles, caterpillars, hymenoptera (wasps, bees, and ants), orthoptera (cricket, grasshopper, and locusts), true bugs, and others (termites, dragonflies, flies, and etc.) segments.

The most commonly and commercially consumed product type of edible insect is as a whole. The as a whole segment accounted for 65.3% share of the global market in 2015. Insects are majorly consumed as a whole, which is usually raw. As an ingredient, edible insects are consumed majorly as snacks and baked products. A major trend in the global edible insects market is increasing applications of edible insects in protein bars and shakes, increasing the availability of flavored food products using edible insect proteins, availability of mixed insect pack and usage as a coloring agent in food products.

Why insects?

Insect rearing involves low capital investment as compared to that needed for another conventional livestock rearing such as cattle, swine, and chicken. Substantial increase in global population and decreasing resources are other factors expected to drive demand for alternative food sources. According to United Nations, global population in 2050 is expected to reach 9 billion, significantly outgrowing existing food resources. Insects contain high protein and amino acids and can be a sustainable food source in future.

The report costs $4,900. Zesty!

IOC Approves Amateur Radio for Tokyo 2020 Olympic Games

tokyo_2020_olympics_logo_detailCQ CQ CQ de IOC: The Organising Committee for the Tokyo 2020 Games have approved new competitions to celebrate Amateur Radio.

Tokyo 2020 President Yoshiro Mori said, “The inclusion of Amateur Radio will afford athletes the chance of a lifetime to realise their dreams of competing in the Olympic Games – the world’s greatest sporting stage – and inspire them to achieve their best, both in sport and in life.”

Throughout the history of amateur radio, amateur radio enthusiasts have made significant contributions to science, engineering, industry, and social services. Research by amateur radio operators has founded new industries, built economies, empowered nations, and saved lives in times of emergency.

Amateur radio is a hobby and, by law, completely non-commercial. Individual amateur “ham” radio operators pursue the avocation for personal pleasure through building their own radio stations and communicating with their fellows globally, and for self-improvement via study and practice of electronics, computers, and radio and TV wave behaviour.

Radio amateurs are, thus, “amateurs” in the true sense of the word: pursuit of an activity only for the love of it. Radio amateurs can not broadcast or transmit music and other general public entertainment programming. The amateur radio use of the air waves is for personal satisfaction and for forwarding the “state of the art” of electronics and communication techniques. Amateur radio operations can be detected in designated bands throughout the radio spectrum, using a variety of modulation methods including Morse code, voice and digital modes, and image modes such as television and facsimile.

The Amateur Radio competitions were inspired by the World Radiosport Team Championships (WRTC). WRTC2014, in Massachusetts, U.S.A., included 59 competing teams from 38 countries.

Described as the “ultimate International Field Day” by radio enthusiasts, new for the Tokyo 2020 Games are the following competitions within the Amateur Radio category in response to the new flexibility provided by Olympic Agenda 2020:

  • Men’s 20-, 40-, 80-and 160-Meter Antenna Tuning
  • Women’s 40-, 80-and 160-Meter Antenna Tuning
  • Men’s Synchronized 10-Meter Tower Dive
  • Men’s Freestyle Speed Keying
  • Women’s Freestyle Speed Keying
  • Women’s Uneven (Upper and Lower Sideband) Bars
  • Women’s 10-Meter Dash-and-Dot
  • Men’s 15-Meter Greco-Roman CW Sprint
  • Men’s Synchronized PSK31 (Phase Shift Keying, 31 Baud)
  • Women’s 15-Meter SSTV (Slow Scan Television)
  • Mixed Doubles Earth-Moon-Earth (Moon Bounce)
  • 10GHz-and-Up Team Dressage
  • Men’s 6-Meter J-Pole Vault
  • Women’s All-Around RTTY Roundup
  • Women’s UHF/VHF/HF Triathlon
  • Men’s UHF/VHF/HF Triathlon

IOC spokesman Sam Morse said, “The sky is the limit when it comes to Amateur Radio at the Olympic. Actually, with the Moon Bounce competition, even the heavens no longer hold our talented amateurs back. Tokyo 2020’s balanced proposal fulfils all of the goals of the Olympic Agenda 2020 recommendation that allowed it. These new competitions will add to the legacy of the Tokyo Games.”

Morse continued, “The inclusion of the package of new sports will afford young athletes the chance of a lifetime to realise their dreams of competing in the Olympic Games – the world’s greatest sporting stage – and inspire them to achieve their best, both in sport and in life. We thank the amateurs who shall soon begin qualifying for the Tokyo games by wishing them the IOC’s ’73.’ ”

###

The International Olympic Committee is a not-for-profit independent international organisation made up of volunteers, which is committed to building a better world through sport. It redistributes more than 90 per cent of its income to the wider sporting movement, which means that every day the equivalent of USD 3.25 million goes to help athletes and sports organisations at all levels around the world.

, , ,

Popular news websites can be malware delivery systems

jason-steerNews websites are an irresistible target for hackers because they are so popular. Why? because they are trusted brands, and because — by their very nature — they contain many external links and use lots of outside content providers and analytics/tracking services. It doesn’t take much to corrupt one of those websites, or one of the myriad partners sites they rely upon, like ad networks, content feeds or behavioral trackers.

Potentially, malware injected on any well-trafficked news website, could infect tremendous numbers of people with ransomware, keyloggers, zombie code, or worse. Alarmist? Perhaps, but with good reason. News websites, which can include both traditional media (like the Chicago Tribune and the BBC), or new-media platforms (such as BuzzFeed or Business Insider) attract a tremendous number of visitors, especially when there is a breaking news story of tremendous interest, like a natural disaster, political event or celebrity shenanigans.

Publishing companies are not technology companies. They are content providers who do their honest best to offer a secure experience, but can’t be responsible for external links. In fact, many say so right in their terms of use statements or privacy policies. What they can be responsible for are the third-party networks that provide content or services to their platforms, but in reality, the search for profits and/or a competitive advantage outweighs any other considerations. And of course, their platforms can be hacked as well.

According to a story in the BBC, news sites in Russia, including the Moscow Echo Radio Station, opposition newspaper New Times, and the Kommersant business newspaper were hacked back in March 2012. In November 2014, the Syrian Electronic Army claimed to have hacked news sites, including the Canada’s CBC News.

Also in November 2014, one of the U.K’s most popular sites, The Telegraph, tweeted, “A part of our website run by a third-party was compromised earlier today. We’ve removed the component. No Telegraph user data was affected.”

A year earlier, in January 2013, the New York Times self-reported, “Hackers in China Attacked The Times for Last 4 Months.” The story said that, “The attackers first installed malware — malicious software — that enabled them to gain entry to any computer on The Times’s network. The malware was identified by computer security experts as a specific strain associated with computer attacks originating in China.”

Regional news outlets can also be targets. On September 18, 2015, reported CBS Local in San Francisco, “Hackers took control of the five news websites of Palo Alto-based Embarcadero Media Group on Thursday night, according to the CBS. The websites of Palo Alto Weekly, The Almanac, Mountain View Voice and Pleasanton Weekly were all reportedly attacked at about 10:30 p.m. Thursday.

I talked recently with Jason Steer of Menlo Security, a security company based in Menlo Park, Calif. He put it very clearly:

You are taking active code from a source you didn’t request, and you are running it inside your PC and your network, without any inspection whatsoever. Because of the high volumes of users, it only takes a small number of successes to make the hacking worthwhile. Antivirus can’t really help here, either consumer or enterprise. Antivirus may not detect ransomware being installed from a site you visit, or malicious activity from a bad advertisement or bad JavaScript.

Jason pointed me to his blog post from November 12, 2015, “Top 50 UK Website Security Report.” His post says, in part,

Across the top 50 sites, a number of important findings were made:

• On average, when visiting a top 50 U.K. website, your browser will execute 19 scripts

• The top UK website executed 125 unique scripts when requested

His blog continued with a particularly scary observation:

15 of the top 50 sites (i.e. 30 percent) were running vulnerable versions of web-server code at time of testing. Microsoft IIS version 7.5 was the most prominent vulnerable version reported with known software vulnerabilities going back more than five years.

How many scripts are running on your browser from how many external servers? According to Jason’s research, if you visit the BBC website, your browser might be running 92 scripts pushed to it from 11 different servers. The Daily Mail? 127 scripts from 35 servers. The Financial Times? 199 scripts from 31 servers. The New Yorker? 113 scripts from 33 sites. The Economist? 185 scripts from 46 sites. The New York Times? 76 scripts from 29 servers. And Forbes, 100 scripts from 49 servers.

Most of those servers and scripts are benign. But if they’re not, they’re not. The headline on Ars Technica on March 15, 2016, says it all: “Big-name sites hit by rash of malicious ads spreading crypto ransomware.” The story begins,

Mainstream websites, including those published by The New York Times, the BBC, MSN, and AOL, are falling victim to a new rash of malicious ads that attempt to surreptitiously install crypto ransomware and other malware on the computers of unsuspecting visitors, security firms warned.

The tainted ads may have exposed tens of thousands of people over the past 24 hours alone, according to a blog post published Monday by Trend Micro. The new campaign started last week when “Angler,” a toolkit that sells exploits for Adobe Flash, Microsoft Silverlight, and other widely used Internet software, started pushing laced banner ads through a compromised ad network.

 According to a separate blog post from Trustwave’s SpiderLabs group, one JSON-based file being served in the ads has more than 12,000 lines of heavily obfuscated code. When researchers deciphered the code, they discovered it enumerated a long list of security products and tools it avoided in an attempt to remain undetected.

Let me share my favorite news website hack story, because of its sheer audacity. According to Jason’s blog, ad delivery systems can be turned into malware delivery systems, and nobody might every know:

If we take one such example in March 2016, one attacker waited patiently for the domain ‘brentsmedia[.]com’ to expire, registered in Utah, USA , a known ad network content provider. The domain in question had expired ownership for 66 days, was then taken over by an attacker in Russia (Pavel G Astahov) and 1 day later was serving up malicious ads to visitors of sites including the BBC, AOL & New York Times. No-one told any of these popular websites until the malicious ads had already appeared.

Jason recently published an article on this subject in SC Magazine, “Brexit leads to pageviews — pageviews lead to malware.” Check it out. And be aware that when you visit a trusted news website, you have no idea what code is being executed on your computer, what that code does, and who wrote that code.

,

A free BMW 7-Series car – and a check for $1.5 million!

2016_BMW_7-Series_(G11)_sedan,_front_viewLook what I fished out of my spam folder this morning. This is a variation on the usual lottery scam, and more enjoyable than most. But really, a BMW 760Li? While the 6.6-litre twin-turbo Rolls Royce engine would be zippy on Phoenix-area highways, we certainly don’t need the cold-weather package here. Anyway, the M4 two-door coupé is more my style.

To be serious: When you get spam like this, simply delete the message. Don’t reply, don’t click any links, including unsubscribe links.

From: “Mrs Rachael Adams”
Subject: BMW LOTTERY DEPARTMENT

Date: July 21, 2016 at 1:51:03 PM MST
BMW LOTTERY DEPARTMENT
5070 WILSHIRE BLVD
LOS ANGELES. CA 90036
UNITED STATES OF AMERICA.

NOTE: If you received this message in your SPAM/JUNK folder, that is because of the restrictions implemented by your Internet Service Provider, we (BMW) urge you to treat it genuinely.

Dear Winner,

This is to inform you that you have been selected for a prize of a brand new 2015/2016 Model BMW 7 Series Car and a Cheque of $1,500,000.00 USD from the international balloting programs held on the 2nd section in the UNITED STATE OF AMERICA.

Description of prize vehicle; Model: 760Li Color (exterior): Metallic Silver Mileage: 5 Transmission: Automatic 6 Speed

Options: Cold weather package, premium package, fold down rear seats w/ski bag, am fm stereo with single in dash compact disc player.

The selection process was carried out through random selection in our computerized email selection system (ESS) from a database of over 250,000 email addresses drawn from all the continents of the world which you were selected.

The BMW Lottery is approved by the British Gaming Board and also licensed by the International Association of Gaming Regulators (IAGR).

To begin the processing of your prize you are to contact our fiduciary claims department for more information as regards procedures to claim your prize.

Fiduciary Agent: Mr.David Johnson
Contact Email:[redacted]

Contact him by providing him with your secret pin code Number BMW:255175HGDY03/23.As the subject of your email for swift response

You are also advised to provide him with the under listed information as soon as possible:

1. Name In Full :
2. Residential Address :
3. Nationality :
4. Age :
5. Sex
6. Occupation :
7. Direct Phone :
8. Present Country :
9. Email address :
10. pin code Number BMW:255175HGDY03/23

Note that you have to send email to Mr.David johnson .You are to provide him with the above listed details as soon as possible so he can begin with the processing of your prize winnings.

Mrs.Rachael Adams.
———————
THE DIRECTOR PROMOTIONS
BMW LOTTERY DEPARTMENT
UNITED STATES OF AMERICA

, ,

Quick-draw: Six-shooter or smartphone?

5D3_0451

The modern gunslinger carries an iPhone on his belt, across from the six-shooter. If the phone rings, you hope he doesn’t grab the wrong device.

Prescott, Arizona, July 24, 2016.

,

Ramsey Canyon and Fort Huachuca – A bird photographer’s paradise

blue-grosbeakWe spent a long weekend in southern Arizona viewing wildlife, with time spent at birders’ paradises in Ramsey Canyon, as well as two canyons in Fort Huachuca: Huachuca Canyon and Garden Canyon. Wow. We saw and photographed so many incredible birds and butterflies, including (my favorite shot) the Blue Grosbeak.

The rarest sighting was that of the Elegant Trogon. Birders will make a special trip to this area simply to see that bird. There are only about 50 breeding pair in the United States. We were lucky and got excellent photos.

During our time there, we stayed at the Ramsey Canyon Inn. Incredible gourmet breakfasts by Chef Vince. Recommended!

We  saw and photographed Painted Redstarts, Arizona Woodpecker, Hepatic Tanager (called that because it’s the color of liver!), Buff-Breasted Flycatcher, Sulphur-Bellied Flycatcher, Greater Pewee, Cassin’s Kingbird, Verdin, Magnificent Hummingbird, Broad-Billed Hummingbird, Black-Chinned Hummingbird, Red-Shouldered Hawk, Black-Headed Grosbeak, and many, many others.

There were also quite a few species of butterfly everywhere. I only remember a few by name, the Arizona Sister and the Double-Tailed Swallowtail (the Arizona state butterfly), and impressive swarms of Bordered Patch. Plus various dragonflies, jackrabbits and Coues White-Tailed Deer.

What a beautiful part of the world. We’ll be back.

, ,

The Birth of the Internet Plaque at Stanford University

BirthInternetLIn the “you learn something every day” department: Discovered today that there’s a plaque at Stanford honoring the birth of the Internet. The plaque was dedicated on July 28, 2005, and is in the Gates Computer Science Building.

You can read all about the plaque, and see it more clearly, on J. Noel Chiappa’s website. His name is on the plaque.

Here’s what the plaque says. Must check it out during my next trip to Palo Alto.


BIRTH OF THE INTERNET

THE ARCHITECTURE OF THE INTERNET AND THE DESIGN OF THE CORE NETWORKING PROTOCOL TCP (WHICH LATER BECAME TCP/IP) WERE CONCEIVED BY VINTON G. CERF AND ROBERT E. KAHN DURING 1973 WHILE CERF WAS AT STANFORD’S DIGITAL SYSTEMS LABORATORY AND KAHN WAS AT ARPA (LATER DARPA). IN THE SUMMER OF 1976, CERF LEFT STANFORD TO MANAGE THE PROGRAM WITH KAHN AT ARPA.

THEIR WORK BECAME KNOWN IN SEPTEMBER 1973 AT A NETWORKING CONFERENCE IN ENGLAND. CERF AND KAHN’S SEMINAL PAPER WAS PUBLISHED IN MAY 1974.

CERF, YOGEN K. DALAL, AND CARL SUNSHINE WROTE THE FIRST FULL TCP SPECIFICATION IN DECEMBER 1974. WITH THE SUPPORT OF DARPA, EARLY IMPLEMENTATIONS OF TCP (AND IP LATER) WERE TESTED BY BOLT BERANEK AND NEWMAN (BBN), STANFORD, AND UNIVERSITY COLLEGE LONDON DURING 1975.

BBN BUILT THE FIRST INTERNET GATEWAY, NOW KNOWN AS A ROUTER, TO LINK NETWORKS TOGETHER. IN SUBSEQUENT YEARS, RESEARCHERS AT MIT AND USC-ISI, AMONG MANY OTHERS, PLAYED KEY ROLES IN THE DEVELOPMENT OF THE SET OF INTERNET PROTOCOLS.

KEY STANFORD RESEARCH ASSOCIATES AND FOREIGN VISITORS

  • VINTON CERF
  • DAG BELSNES
  • RONALD CRANE
  • BOB METCALFE
  • YOGEN DALAL
  • JUDITH ESTRIN
  • RICHARD KARP
  • GERARD LE LANN
  • JAMES MATHIS
  • DARRYL RUBIN
  • JOHN SHOCH
  • CARL SUNSHINE
  • KUNINOBU TANNO

DARPA

  • ROBERT KAHN

COLLABORATING GROUPS

BOLT BERANEK AND NEWMAN

  • WILLIAM PLUMMER
  • GINNY STRAZISAR
  • RAY TOMLINSON

MIT

  • NOEL CHIAPPA
  • DAVID CLARK
  • STEPHEN KENT
  • DAVID P. REED

NDRE

  • YNGVAR LUNDH
  • PAAL SPILLING

UNIVERSITY COLLEGE LONDON

  • FRANK DEIGNAN
  • MARTINE GALLAND
  • PETER HIGGINSON
  • ANDREW HINCHLEY
  • PETER KIRSTEIN
  • ADRIAN STOKES

USC-ISI

  • ROBERT BRADEN
  • DANNY COHEN
  • DANIEL LYNCH
  • JON POSTEL

ULTIMATELY, THOUSANDS IF NOT TENS TO HUNDREDS OF THOUSANDS HAVE CONTRIBUTED THEIR EXPERTISE TO THE EVOLUTION OF THE INTERNET.

DEDICATED JULY 28, 2005

, , , ,

Internet over Carrier Pigeon? There’s a standard for that

pidgeonThere are standards for everything, it seems. And those of us who work on Internet things are often amused (or bemused) by what comes out of the Internet Engineering Task Force (IETF). An oldie but a goodie is a document from 1999, RFC-2549, “IP over Avian Carriers with Quality of Service.”

An RFC, or Request for Comment, is what the IETF calls a standards document. (And yes, I’m browsing my favorite IETF pages during a break from doing “real” work. It’s that kind of day.)

RFC-2549 updates RFC-1149, “A Standard for the Transmission of IP Datagrams on Avian Carriers.” That older standard did not address Quality of Service. I’ll leave it for you to enjoy both those documents, but let me share this part of RFC-2549:

Overview and Rational

The following quality of service levels are available: Concorde, First, Business, and Coach. Concorde class offers expedited data delivery. One major benefit to using Avian Carriers is that this is the only networking technology that earns frequent flyer miles, plus the Concorde and First classes of service earn 50% bonus miles per packet. Ostriches are an alternate carrier that have much greater bulk transfer capability but provide slower delivery, and require the use of bridges between domains.

The service level is indicated on a per-carrier basis by bar-code markings on the wing. One implementation strategy is for a bar-code reader to scan each carrier as it enters the router and then enqueue it in the proper queue, gated to prevent exit until the proper time. The carriers may sleep while enqueued.

Most years, the IETF publishes so-called April Fool’s RFCs. The best list of them I’ve seen is on Wikipedia. If you’re looking to take a work break, give ’em a read. Many of them are quite clever! However, I still like RFC-2549 the best.

A prized part of my library is “The Complete April Fools’ Day RFCs” compiled by by Thomas Limoncelli and Peter Salus. Sadly this collection stops at 2007. Still, it’s a great coffee table book to leave lying around for when people like Bob MetcalfeTim Berners-Lee or Al Gore come by to visit.

, ,

It’s a fake award for SD Times – thank you, scammers!

faux-awardScammers give local businesses a faux award and then try to make money by selling certificates, trophies, and so-on.

Going through my spam filter today, I received FIVE of this exact same message praising SD Times for winning the “2016 Best of Huntington” award. The emails came from five different email addresses and domains, but the links all went to the same domain. (SD Times is published by BZ Media; I’m the “Z” of BZ Media.)

The messages read:

Sd Times has been selected for the 2016 Best of Huntington Awards for Media & Entertainment.

For details and more information please view our website: [link redacted]

If you click the link (which is not included above), you are given the choice to buy lots of things, including a plaque for $149.99 or a crystal award for $199.99. Such a deal: You can buy both for $229.99, a $349.98 value!! This is probably a lucrative scam, since the cost of sending emails is approximately $0; even a very low response rate could yield a lot of profits.

The site’s FAQ says,

Do I have to pay for an award to be a winner?

No, you do not have to pay for an award to be a winner. Award winners are not chosen based on purchases, however it is your option, to have us send you one of the 2016 Awards that have been designed for display at your place of business.

Shouldn’t my award be free?

No, most business organizations charge their members annual dues and with that money sponsor an annual award program. The Best of Huntington Award Program does not charge membership dues and as an award recipient, there is no membership requirement. We simply ask each award recipient to pay for the cost of their awards.

There is also a link to a free press release. Aren’t you excited on our behalf?

Press Release

FOR IMMEDIATE RELEASE

Sd Times Receives 2016 Best of Huntington Award

Huntington Award Program Honors the Achievement

HUNTINGTON July 2, 2016 — Sd Times has been selected for the 2016 Best of Huntington Award in the Media & Entertainment category by the Huntington Award Program.

Each year, the Huntington Award Program identifies companies that we believe have achieved exceptional marketing success in their local community and business category. These are local companies that enhance the positive image of small business through service to their customers and our community. These exceptional companies help make the Huntington area a great place to live, work and play.

Various sources of information were gathered and analyzed to choose the winners in each category. The 2016 Huntington Award Program focuses on quality, not quantity. Winners are determined based on the information gathered both internally by the Huntington Award Program and data provided by third parties.

About Huntington Award Program

The Huntington Award Program is an annual awards program honoring the achievements and accomplishments of local businesses throughout the Huntington area. Recognition is given to those companies that have shown the ability to use their best practices and implemented programs to generate competitive advantages and long-term value.

The Huntington Award Program was established to recognize the best of local businesses in our community. Our organization works exclusively with local business owners, trade groups, professional associations and other business advertising and marketing groups. Our mission is to recognize the small business community’s contributions to the U.S. economy.

SOURCE: Huntington Award Program

, , ,

Coding in the Fast Lane: The Multi-Threaded Multi-Core World of AMD64

ThrivingandSurvivinginaMulti-CoreWorld-1I wrote five contributions for an ebook from AMD Developer Central — and forgot entirely about it! The book, called “Surviving and Thriving in a Multi-Core World: Taking Advantage of Threads and Cores on AMD64,” popped up in this morning’s Google Alerts report. I have no idea why!

Here are the pieces that I wrote for the book, published in 2006. Darn, they still read well! Other contributors include my friends Anderson Bailey, Alexa Weber Morales and Larry O’Brien.

  • Driving in the Fast Lane: Multi-Core Computing for Programmers, Part 1 (page 5)
  • Driving in the Fast Lane: Multi-Core Computing for Programmers, Part 2 (page 8)
  • Coarse-Grained Vs. Fine-Grained Threading for Native Applications, Part 1 (p. 37)
  • Coarse-Grained Vs. Fine-Grained Threading for Native Applications, Part 2 (p. 40)
  • Device Driver & BIOS Development for AMD Systems (p. 87)

I am still obsessed with questionable automotive analogies. The first article begins with:

The main road near my house, called Skyline Drive, drives me nuts. For several miles, it’s a quasi-limited access highway. But for some inexplicable reason, it keeps alternating between one and two lanes in each direction. In the two-lane part, traffic moves along swiftly, even during rush hour. In the one-lane part, the traffic merges back together, and everything crawls to a standstill. When the next two-lane part appears, things speed up again.

Two lanes are better than one — and not just because they can accommodate twice as many cars. What makes the two-lane section better is that people can overtake. In the one-lane portion (which has a double-yellow line, so there’s no passing), traffic is limited to the slowest truck’s speed, or to little-old-man-peering-over-the-steering-wheel-of-his-Dodge-Dart speed. Wake me when we get there. But in the two-lane section, the traffic can sort itself out. Trucks move to the right, cars pass on the left. Police and other priority traffic weave in and out, using both lanes depending on which has more capacity at any particular moment. Delivery services with a convoy of trucks will exploit both lanes to improve throughput. The entire system becomes more efficient, and net flow of cars through those two-lane sections is considerably higher.

Okay, you’ve figured out that this is all about dual-core and multi-core computing, where cars are analogous to application threads, and the lanes are analogous to processor cores.

I’ll have to admit that my analogy is somewhat simplistic, and purists will say that it’s flawed, because an operating system has more flexibility to schedule tasks in a single-core environment under a preemptive multiprocessing environment. But that flexibility comes at a cost. Yes, if I were really modeling a microprocessor using Skyline Drive, cars would be able to pass each other in the single-lane section, but only if the car in front were to pull over and stop.

Okay, enough about cars. Let’s talk about dual-core and multi-core systems, why businesses are interested in buying them, and what implications all that should have for software developers like us.

Download and enjoy the book – it’s not gated and entirely free.

, ,

Ten-and-a-half years of my Steelcase Think office chair and I still love it

chairAfter more than a decade of near daily use, I still love my Steelcase Think chair.

Today is cleaning day at CAHQ (Camden Associates Headquarters). That means dusting/cleaning the furniture, as well as moving piles of papers from one part of the office to another. As part of the gyrations, we flipped my trusty Steelcase Think upside down, and saw that its date of manufacture was Feb. 15, 2005. Wow. The chair is in excellent condition. The only wear is that one of the rubber armrest pads cracked and was starting to peel apart. We superglued it back together; it’s super ugly but should last for another decade.

Looking at the Steelcase site, the Think chair has changed only a little bit since mine was purchased. My chair has a black mesh back (they call it “3D knit”), black cushion seat, black frame, and black wheel base. You can still buy that combination. However, there are now new options, like different types of wheels for carpet or hard floors, a tall bar-stool-height base and even an integrated coat hanger. There are also lots more colors and materials. Oh, and the price has gone up: My particular chair configuration would cost $829 now.

What I particularly like is that there are very few settings or switches. It’s so simple, and I don’t need to keep fiddling with it.

I blogged about my chair in 2007. I recommended it then, and I still recommend it today without hesitation. Here’s what I wrote back nine years ago:

I am consistently amazed at how comfortable my Steelcase Think office chair is.

For years, my back had been sore and stiff if I sat in front of my computer for more than an hour or so. In early 2005, I mentioned that to a friend, and he said, duh, buy a better chair. I guess it was time to replace the task chair picked up second-hand 15 years earlier.

My search was exhaustive: I was willing to spend serious money to get something good. After visiting several “real” office furniture stores – places like Office Depot, Staples and Office Max have a lousy selection, imho – I fell in love with the Think.

What I like is that it’s essentially a self-adjusting chair. The Think has extremely few adjustments, and the back is made of springy steel rods. Plus the mesh fabric means that my back doesn’t get all hot and sweaty on a warm day. (You can read about the ergonomics at the Steelcase site.)

Some even pricier chairs I tested, like the Steelcase Leap and the Herman Miller Aeron, were much more complicated, and much less comfortable. With an Aeron, I literally can’t find settings that work. With the Think, it only took a minute to find the right settings, and I haven’t changed them in the past 2 ½ years.

While I can’t claim that the Think is the best premium office chair, I believe that this is the best investment that I’ve ever made in my work environment. I paid about $700 for it in 2005 at an office furniture store in San Francisco.

There are a few different versions available. Mine is the original model with mesh back, cloth seat and adjustable arms. Today, Steelcase also offers leather or vinyl coverings, fixed arms or armless, and optional headrests and lumbar supports. That makes it complicated again! When I got mine, the only option was fabric color. I chose black.

So, if you sit at your desk/computer for hours at a time, and if you’re using a cheap task chair, consider an upgrade. Try the Think — maybe it’ll work for you, maybe it won’t. (My wife tried mine out, but didn’t care for it.) The important thing is that you get a good chair that fits you well, and is comfortable. If you’re sore and stiff, duh, buy a better chair.

Real food vs yucky food – don’t eat what you don’t understand

red-snapperEat real food. Avoid food laden with additives, or which are overly processed. My family has a few rules which we follow pretty closely when shopping:

  • Always look at the ingredients.
  • The fewer ingredients, the better. (Food expert Michael Pollan recommends no more than five ingredients.)
  • If one of the ingredients is High Fructose Corn Syrup (HFCS), we avoid.
  • If we don’t know what some of the ingredients are, we avoid.
  • A Kosher symbol is better than no Kosher symbol — but is no guarantee that the food is “real” or healthy or grown/sold in a sustainable way.

While we try to eat healthy, we don’t make a point of looking for so-called “organic” food. In our experience, organic produce is no healthier than regular fruits and veggies, is more expensive, and spoils much faster – we end up throwing a lot away.

In restaurants or when visiting friends, we prefer to eat food where we can visibly identify every ingredient. We don’t like surprises that would either violate religious prohibitions or trigger our few food allergies. For example, baked beans often contain pork, and sauces served with meat can contain cream or other dairy products – both of which are no-nos. So, we aren’t big on stews or casseroles, unless we make them ourselves.

This recent article, “5 Foods You Can Trust—And 5 To Avoid,” from the Diane Rehm show (we heard the original broadcast) is an eye-opener. We haven’t read Larry Olmsted’s book, “Real Food/Fake Food,” but plan to do so.

In the story, there are certainly some recommendations we won’t follow personally, such as to buy whole lobster — we don’t eat any shellfish. However, Olmsted’s point is well taken. Substitution of fish is rampant by suppliers, grocery stores and restaurants; if you order a whole fish, at least you can be reasonably sure that the lobster is really lobster. And that the red snapper is really red snapper, and not tilapia. (Read about this in “One In Three Fish Sold At Restaurants And Grocery Stores Is Mislabeled” from NPR.)

Red Snapper? Yes, as Olmsted’s story says,

Red snapper is a delicious and prized eating fish. It is also commercially rare. A major investigation found that more than 94 percent of the red snapper that appears on menus and at retail stores isn’t real. It’s the poster child for “fake food.” As one scientist well-versed in the subject put it, “just never order red snapper.”

Listen to the interview with Larry Olmsted. Follow Michael Pollan’s seven simple food rules. Look at this list of 20 ingredients to avoid. And eat and live healthier!

A scammer owned by the “Christian Church”? I don’t think so.

vatican-bankIsn’t it reassuring to know that this scammer’s loan agency is “owned by the Christian Church”? Yeah, right. Don’t be fooled by these sorts of emails. The scammer’s next step would be to request sensitive personal information (like bank account numbers), or ask you to wire over a “fee” for processing the not-to-appear loan. Or both.

Your best bet: Never respond, always hit delete. Even if “Mr. Johnson” is offering loans of up to $500 million.

Good day,

You are welcome barclaysonlineloan limited. This loan agency is owned by the Christian Church and is set to help the needy to poverty and suffering can be definitively eradicated from the world. We are registered and regulated by the Authority of borrowing money and all our financial transactions are overseen by the government.

Contact us via email: >redacted<

We offer both personal and business loans capital base between the amounts of $ 2,000.00 to $ 500,000,000.00 US dollars, European Euro or GB pounds for individuals, businesses and cooperate bodies irrespective of their marital status, sex, religion and the location, but you have a legal means to repay the loan in the stipulated time, and must be trustworthy with interest rates as low as 3%.

If this meets your expectations, then we can move on, I’d like you to tell the exact amount you are applying for such loan and the urgency of this transaction for additional procedures that you need to fill and submit the required information below:

DETAILS OF APPLICANT:

Name of applicant:
* Address of applicant:
* City:
* State:
* Country:
* Gender:
* Marital status:
* Age:
* Rate Monthly income:
* Occupation:
* Tel: / Mobile:
* Mobile:
* Amount Requested:
* Length of Loan:
* Purpose of loan:
* Do you speak English:
* Email:

Contact us via email: >redacted<

We await your response.
Yours sincerely,
mr. johnson
Secretary

, , , ,

Photo and artwork guidelines for people, products, logos and screen shots

old-cameraIf you are asked to submit a photograph, screen shot or a logo to a publication or website, there’s the right way and the less-right way. Here are some suggestions that I wrote several years ago for BZ Media for use in lots of situations — in SD Times, for conferences, and so-on.

While they were written for the days of print publications, these are still good guidelines for websites, blog and other digital publishing media.

General Suggestions

  • Photos need to be high resolution. Bitmaps that would look great on a Web page will look dreadful in print. The recommended minimum size for a bitmap file should be two inches across by three inches high, at a resolution of 300 dpi — that is, 600×900 pixels, at the least. A smaller photograph may be usable, but frankly, it will probably not be.
  • Photos need to be in a high-color format. The best formats are high-resolution JPEG files (.jpg) and TIFF (.tif) files. Or camera RAW if you can. Avoid GIF files (.gif) because they are only 256 colors. However, in case of doubt, send the file in and hope for the best.
  • Photos should be in color. A color photograph will look better than a black-and-white photograph — but if all you have is B&W, send it in. As far as electronic files go, a 256-color image doesn’t reproduce well in print, so please use 24-bit or higher color depth. If the website wants B&W, they can convert a color image easily.
  • Don’t edit or alter the photograph. Please don’t crop it, modify it using Photoshop or anything, unless otherwise requested to do so. Just send the original image, and let the art director or photo editor handle the cropping and other post-processing.
  • Do not paste the image into a Word or PowerPoint document. Send the image as a separate file.

Logos

  • Send logos as vector-based EPS files (such as an Adobe Illustrator file with fonts converted to outlines) if possible. If a vector-based EPS file is not available, send a 300 dpi TIFF, JPEG or Photoshop EPS files (i.e., one that’s at least two inches long). Web-resolution logos are hard to resize, and often aren’t usable.

Screen Shots

  • Screen shots should be the native bitmap file or a lossless format. A native bitmapped screen capture from Windows will be a huge .BMP file. This may be converted to a compressed TIFF file, or compressed to a .ZIP file for emailing. PNG is also a good lossless format and is quite acceptable.
  • Do not convert a screen capture to JPEG or GIF.  JPEGs in particular make terrible screen shots due to the compression algorithms; solid color areas may become splotchy, and text can become fuzzy. Screen captures on other platforms should also be lossless files, typically in TIFF or PNG.

Hints for better-looking portraits

  • Strive for a professional appearance. The biggest element is a clean, uncluttered background. You may also wish to have the subject wear business casual or formal clothing, such as a shirt with a collar instead of a T-shirt. If you don’t have a photo like that, send what you have.
  • Side or front natural light is the best and most flattering. Taking pictures outdoors with overcast skies is best; a picture outdoors on a sunny day is also good, but direct overhead sunlight (near noon) is too harsh. If possible, keep away from indoor lighting, especially ceiling or fluorescent lights. Avoid unpleasant backlighting by making sure the subject isn’t standing between the camera and a window or lamp.
  • If you must use electronic flash… Reduce red-eye by asking the subject to look at the photographer, not at the camera. (Off-camera flash is better than on-camera flash.) Eliminate harsh and unpleasant shadows by ensuring that the subject isn’t standing or sitting within three feet of a wall, bookcase or other background objects. Another problem is white-out: If the camera is too close to the subject, the picture will be too bright and have too much contrast.
  • Maintain at least six feet separation between the camera and the subject, and three feet (or more) from the background. If the subject is closer than six feet to the camera, his/her facial features will be distorted, and the results will be unattractive. For best results, hold the camera more than six feet from the subject. It’s better to be farther away and use the camera’s optical zoom, rather than to shoot a close-up from a few feet away.
  • Focus on his/her eyes. If the eyes are sharp, the photo is probably okay. If the eyes aren’t sharp (but let’s say the nose or ears are), the photo looks terrible. That’s because people look at the eyes first.
,

Need propane? Refill your five-gallon tank, don’t do the exchange thing

blue-rhino

What do you do when your 20-pound (5 gallon) propane tank is empty? If you are Alan, you go to a near-by filling station and refill the bottle. In our case, there’s a Shell station close by, and that’s where we go.

The cost is minimal, and you get a lot of fuel that way. In our case, filling a propane tank today (June 29, 2016) got us 4.7 gallons (20 pounds) at $2.99 per gallon, for the princely sum of $14.05. The whole process took about ten minutes.

At that same Shell station was one of the exchange tank systems, in this case, Blue Rhino. I have no objection to that company, but know that what Blue Rhino (and others) offer is convenience — not a great price on fuel.

The price to exchange a Blue Rhino bottle at the Shell station: $24.99. (Prices can vary wildly, both for the Blue Rhino exchange and the cost of bulk propane.) That’s a lot more — nearly $11. And for less fuel!

If you dig into the Blue Rhino FAQ, you learn that they don’t give you 4.7 gallons. They don’t put 20 pounds of propane into a 20-pound tank:

How much propane does Blue Rhino put in its tanks?

Inflationary pressures, including the volatile costs of steel, diesel fuel, and propane, have had a significant impact on the cylinder exchange industry. In 2008, to help control these rising costs, Blue Rhino followed the example of other consumer products companies with a product content change. We reduced the amount of propane in our tanks from 17 pounds to 15 pounds.

To ensure our consumers are properly notified, Blue Rhino clearly marks the amount of propane contained in our tanks, right on the package.

A gallon of propane weighs about 4.2 pounds, so Blue Rhino’s 15 pounds is 3.6 gallons of fuel. That’s a lot less than 4.7 gallons. Doing the math, Blue Rhino’s price per gallon is $6.94. And you have to get your bottle filled more often, of course, since there is less fuel in it.

Okay, it costs more and gives you less. What benefits do you get with a bottle exchange? Convenience and it’s probably slightly quicker to exchange a tank rather than have an attendant come out and fill your existing bottle.

Also, Blue Rhino says that the tank is leak-tested, cleaned, freshly painted as needed, and checked on a schedule:

Propane isn’t just propane with Blue Rhino, America’s leading brand of propane tank exchange. Every tank is cleaned, leak-tested, inspected, precision-filled, delivered to your favorite store, and more. So you can grill with confidence. So take a Rhino home!

Another major U.S. propane-exchange company is AmeriGas. Their website is more obtuse and doesn’t say how much propane goes into an exchange tank. (Or at least I can’t find it.) However according to Home Depot, which sells AmeriGas, their Propane Tank Exchange specs are:

With safety being our number one priority, the chemical properties of propane restrict us to only fill our tanks to 80% capacity.

I’ve got to give Blue Rhino kudos for honesty. At least they are up front for admitting that under-filling is a cost-saving measure. On the other hand, AmeriGas gives you 80% capacity, compared to Blue Rhino’s 75%.

Bottom line: Don’t exchange! Get your propane bottles filled at a local filling station. However, if a tank starts looking rusty, or if you’re not sure if it’s still good, bring it in for a Blue Rhino/AmeriGas exchange. Then, refill that tank for a while until it looks ratty. Remember, not only are you paying less for fuel, but you are also dealing with an empty tank less often!

Update 6/30: Found an AmeriGas service at a Circle-K convenience store, and the bottle exchange fee was $21.99. Price can vary tremendously!

, , ,

Special Mac option key symbols – your handy reference

I am often looking for these symbols and can’t find them. So here they are for English language Mac keyboards, in a handy blog format. They all use the Option key.

Note: The Option key is not the Command key, which is marked with ⌘ (looped square) symbol. Rather, the Option key is between Control and Command on many (most?) Mac keyboard. These key combinations won’t work a numerical keypad; you have to be using the main part of the keyboard.

The case of the letter/key pressed with the Option key matters. For example, Option+v is the root √ and Option+V (in other words, Option+Shift+v) is the diamond ◊. Another example: Option+7 is the paragraph ¶ and Option+& (that is, Option+Shift+7) is the double dagger ‡. You may simply copy/paste the symbols, if that’s more convenient.

These key combinations should work in most modern Mac applications, and be visible in most typefaces. No guarantees. Your mileage may vary.

SYMBOLS

¡ Option+1 (inverted exclamation)
¿ Option+? (inverted question)
« Option+\ (open double angle quote)
» Option+| (close double angle quote)
© Option+g (copyright)
® Option+r (registered copyright)
™ Option+2 (trademark)
¶ Option+7 (paragraph)
§ Option+6 (section)
• Option+8 (dot)
· Option+( (small dot)
◊ Option+V (diamond)
– Option+- (en-dash)
— Option+_ (em-dash)
† Option+t (dagger)
‡ Option+& (double dagger)
¢ Option+4 (cent)
£ Option+3 (pound)
¥ Option+y (yen)
€ Option+@ (euro)

ACCENTS AND SPECIAL LETTERS

ó Ó Option+e then letter (acute)
ô Ô Option+i then letter (circumflex)
ò Ò Option+` then letter (grave)
õ Õ Option+n then letter (tilde)
ö Ö Option+u then letter (umlaut)
å Å Option+a or Option+A (a-ring)
ø Ø Option+o or Option+O (o-slash)
æ Æ Option+’ or Option+” (ae ligature)
œ Œ Option+q or Option+Q (oe ligature)
fi Option+% (fi ligature)
fl Option+^ (fl ligature)
ç Ç Option+c or Option+C (circumflex)
ß Option+s (double-s)

MATH AND ENGINEERING

÷ Option+/ (division)
± Option++ (plus/minus)
° Option+* (degrees)
¬ Option+l (logical not)
≠ Option+= (not equal)
≥ Option+> (greater or equal)
≤ Option+< (less or equal)
√ Option+v (root)
∞ Option+5 (infinity)
≈ Option+x (tilde)
∆ Option+j (delta)
Σ Option+w (sigma)
Ω Option+z (ohm)
π Option+p (pi)
µ Option+m (micro)
∂ Option+d (derivative)
∫ Option+b (integral)

,

Bird meet bug, bug meet bird

IMG_8929

This is one of my all-time favorite photos, taken during a week-long vacation in Redmond, Oregon, summer 2012. We’ve been visiting the Eagle Crest resort every few years since the early 1990s — it’s a magical place.

Canon EOS 5D Mk II, EF 200mm f/2.8 L prime lens, shot at 1/1250 f/4.

, , , ,

Enterprise risks when an employee can’t find a BYOD phone

find-my-phoneThere are several types of dangers presented by a lost Bring Your Own Device (BYOD) smartphone or tablet. Many IT professionals and security specialists think only about some of them. They are all problematic. Does your company have policies about lost personal devices?

  • If you have those policies, what are they?
  • Does the employee know about those policies?
  • Does the employee know how to notify the correct people in case his or her device is lost?

Let’s say you have policies. Let’s say the employee calls the security office and says, “My personal phone is gone. I use it to access company resources, and I don’t think it was securely locked.” What happens?

Does the company have all the information necessary to take all the proper actions, including the telephone number, carrier, manufacturer and model, serial number, and other characteristics? Who gets notified? How long do you wait before taking an irreversible action? Can the security desk respond in an effective way? Can the security respond instantly, including nights, weekend and holidays?

If you don’t have those policies — with people and knowledge to make them effective — you’ve got a serious problem.

Read my latest story in NetworkWorld, “Dude, where’s my phone? BYOD means enterprise security exposure.” It discusses the four biggest obvious threats from a lost BYOD device, and what you can do to address those threats.

, , ,

KFC’s Watt-a-Box jolts the fast food industry in India

kfc-watt-a-box“Would you like amps with that?” Perhaps that’s the new side-dish question when ordering fast food. Yes, I’ll have three pieces of extra crispy chicken, potato wedges, cole slaw, unsweet iced tea and a cell-phone charging box.

New of out India is  KFC (which many of us grew up calling Kentucky Fried Chicken) has introduced the Watt-a-Box, which says on its side “Charge your phone while experiencing finger lickin’ good food.” (That last part may be debatable.)

According to the Times of India,

NEW DELHI: KFC garnered a lot of accolades for its recently launched 5-in-1 Meal Box. And the fast-food chain has now introduced an all new ‘gadgety’ variant of the same box.

The limited edition box comes with a built-in power bank. Dubbed as ‘Watt a Box,’ it lets you charge your smartphone as you go about enjoying your meal.

KFC has said that a few lucky customers at select KFC stores in Mumbai and Delhi will get a chance to have their 5-in-1 Meal served in ‘Watt a Box’. Along with this, users can also participate in an online contest on KFC India’s Facebook page and win more of these limited edition boxes.

We are lacking a number of details. Is the box’s charger removable and reusable, or is it a one-time-use thing? If so, what a waste of electronics and battery tech. What about disposal / recycling the battery? And — eww — will everything get finger-lickin’ greasy?

The Watt-a-Box. Watt an idea.

, ,

I’m rich from the Apple Kindle eBooks Antitrust Settlement

settlementThis just in — literally, at 8:58am on June 21 — an $8.50 credit from Amazon, paid for by Apple. I am trying to restrain my excitement, but in reality, it’s nice to get a few bucks back.

This payout has been pending for a few months. Well, a few years. This is Apple’s second payout from the antitrust settlement; the first was in 2014. Read “Apple’s $400M E-Book Payout: How Much You’ll Get and When” Jeff John Roberts in Forbes, which explains

The payments will mark the end of a long, strange antitrust story in which Apple and publishers tried to challenge the industry powerhouse, Amazon, with a new pricing system. Ironically, Amazon is still the dominant player in e-books today while Apple barely matters. Now Apple will pay $400 million to consumers—most of which will be spent at Amazon. Go figure.

I agree with that assessment: Apple lost both the battle (the antitrust pricing lawsuit) and the war (to be the big payer in digital books). Sure, $400 million is pocket change to Apple, which is reported to be hoarding more than $200 billion in cash. But still, it’s gotta hurt.

Here’s what Amazon said in its email:

Your Credit from the Apple eBooks Antitrust Settlement Is Ready to Use

Dear Alan Zeichick,

You now have a credit of $8.50 in your Amazon account. Apple, Inc. (Apple) funded this credit to settle antitrust lawsuits brought by State Attorneys General and Class Plaintiffs about the price of electronic books (eBooks). As a result of this Settlement, qualifying eBook purchases from any retailer are eligible for a credit. You previously received an email informing you that you were eligible for this credit. The Court in charge of these cases has now approved the Apple Settlement. If you did not receive that email or for more information about your credit, please visit www.amazon.com/applebooksettlement.

You don’t have to do anything to claim your credit, we have already added it to your Amazon account. We will automatically apply your available credit to your purchase of qualifying items through Amazon, an Amazon device or an Amazon app. The credit applied to your purchase will appear as a gift card in your order summary and in your account history. In order to spend your credit, please visit the Kindle bookstore or Amazon. If your account does not reflect this credit, please contact Amazon customer service.

Your credit is valid for one year and will expire after June 24, 2017, by order of the Court. If you have not used it, we will remind you of your credit before it expires.

Thank you for being a Kindle customer.

The Amazon Kindle Team