Technology – Page 8 – A Geek With Guns

Unexpected Microsoft

Microsoft has been making all sorts of unexpected moves in the last few years. The company released Visual Studio Code, which is not only an excellent code editing environment but available under the open source MIT License. In addition to that, Microsoft also released an open source version of its .NET framework and Windows Subsystem for Linux. Needless to say, it’s becoming more difficult to hate the company lately.

Now to top it all off it sounds like Microsoft is going to abandon its customer HTML rendering engine and replace it with Chromium:

Because of this, I’m told that Microsoft is throwing in the towel with EdgeHTML and is instead building a new web browser powered by Chromium, which uses a similar rendering engine first popularized by Google’s Chrome browser. Codenamed “Anaheim,” this new browser for Windows 10 will replace Edge as the default browser on the platform, according to my sources, who wish to remain anonymous. It’s unknown at this time if Anaheim will use the Edge brand or a new brand, or if the user interface (UI) between Edge and Anaheim is different. One thing is for sure, however; EdgeHTML in Windows 10’s default browser is dead.

I have mixed feeling about this. On the one hand, it’s good to see Microsoft moving towards an open source rendering engine. On the other hand, I don’t enjoy seeing the rendering engine market turning into a duopoly (with the only major non-Chromium engine, Firefox’s, having a paltry percentage of market share).

Watching Microsoft do an about face from being the satanic figure to the open source community has been fun to watch. It probably is the greatest testament to the viability of open source software out there.

Designer Babies

A lot of people are up in arms after news broke that a Chinese scientist has claimed to have created the first genetically edited baby:

Speaking at a genome summit in Hong Kong, He Jiankui said he was “proud” of altering the genes of twin girls so they cannot contract HIV.

His work, which he announced earlier this week, has not been verified.

Many scientists have condemned his announcement. Such gene-editing work is banned in most countries, including China.

Assuming Jiankui’s announcement is true, which is an assumption that takes a great deal of liberty since his announcement hasn’t been verified, I can say that if I were a parent planning to conceive a child and a scientist came to me with a proven track record of genetically editing out susceptibility to diseases and genetic disorders, my checkbook coming out of my pocket would be the first thing in the universe to knowingly exceed the speed of light. But I’d also try to provide my child the best education possible because I’d be one of those asshole parents who care not one bit about what’s “fair.”

As a parent I would want to provide every advantage I could to my child so I understand why parents would allows Jiankui to perform an experiment that might remove susceptibility to HIV from their child.

That New Car Smell

I’m always interested in cultural differences. For example, here in the United States people generally love the smell of a new car. It’s easy to think that since people here love that smell that the love of that smell is universal but that isn’t the case. Chinese in general apparently hate that smell. In fact they hate it so much that Ford developed a method of getting that smell out of new cars:

In the US, “new car smell” is a beloved scent. People even try to make their cars smell new with after-market cleaning products. But in China, customers find the same odor repulsive. As the Chinese auto market grows, car makers are looking for a way to make the aroma of their new vehicles more amenable to Chinese taste

Early this month, Ford filed a patent to reduce the odor of some of the adhesive, leather, and other materials that produce Volatile Organic Compounds (VOCs) that contribute to new car smell. The patent appears to include software that senses the car’s location and the weather it’s experiencing, then it possibly detects whether the owner has “requested volatile organic compound removal from the vehicle.” Next, on a sunny day, the car will roll down a window and turn on the engine, the heater, and a fan in order to bake off the VOCs and their accompanying smell.

Often individuals make the mistake of believing that since they like something, it is universally liked. I learned at a young age that even smell, which is nothing more than a neurological response to stimuli and thus would seem to be a good candidate for being common amongst most humans, differs from person to person. My grandfather introduced me to sardines, which I enjoy to this day. I don’t find their smell repulsive but most people I know do. Likewise, I don’t find the smell of sauerkraut repulsive but most of the people I know do. Meanwhile, many of the body sprays and perfumes that people claim to like are repulsive to me.

Some Thoughts After Moving from macOS to Linux

It has been two weeks and change since I moved from my MacBook Pro to a ThinkPad P52s running Linux. Now that I have some real use time under my belt I thought it would be appropriate to give some of my thoughts.

The first thing I’d like to note is that I have no regrets moving to Linux. My normal routine is to use my laptop at work and whenever I’m away at home and use another computer at home (because I’m too lazy to pull my laptop out of my laptop bag every night). The computer I was using at home was a 2010 Mac Mini. I replaced it with my old MacBook Pro when I got my ThinkPad. I realized the other day that I haven’t once booted up my MacBook Pro since I got my ThinkPad. Instead I have been pulling my ThinkPad out of its bag and using it when I get home. At no point have I felt that I need macOS to get something done. That’s the best testament to the transition that I can give. That’s not to say Linux can do anything that macOS can. I’m merely fortune in that the tools I need are either available on Linux or have a viable alternative.

I’m still impressed with the ThinkPad’s keyboard. One of my biggest gripes about the new MacBooks is the ultra slim keyboards. I am admittedly a bit of a barbarian when it comes to typing. I don’t so much type as bombard my keyboard from orbit. Because of this I like keys with a decent amount of resistance and depth. The keyboard on my 2012 MacBook Pro was good but I’m finding the keyboard on this ThinkPad to be a step up. The keys offer enough resistance that I’m not accidentally pressing them (a problem I have with keyboards offering little resistance) and enough depth to feel comfortable.

With that said the trackpad is still garbage when compared to the trackpad on any MacBook. My external trackball has enough buttons where I can replicate the gestures I actually used on the MacBook though and I still like the TrackPoint enough to use it when I don’t have an external mouse connected.

Linux has proven to be a solid choice on this ThinkPad as well. I bought it with Linux in mind, which means I didn’t get features that weren’t supported in Linux such as the fingerprint reader or the infrared camera for facial recognition (which is technically supported in Linux but tends to show up as the first camera so apps default to it rather than the 720p webcam). My only gripe is the Nidia graphics card. The P52s includes both an integrated Intel graphics card and an Nvidia Quadro P500 discrete graphics card, which isn’t supported by the open source Nouveau driver. In order to make it work properly, you need to install Nvidia’s proprietary drivers. Once that’s installed, everything works… except secure boot. In order to make the P52s boot after installing the Nvidia driver, you need to go into the BIOS and disable secure boot. I really wish there was a laptop with an discrete AMD graphics card that fit my needs on the market.

One thing I’ve learned from my move from macOS to Linux is just how well macOS handled external monitors. My P52s has a 4k display but all of the external monitors I work with are 1080p. Having different resolution screens was never a problem with macOS. On Linux it can lead to some rather funky scaling issues. If I leave the built-in monitors resolution at 4k, any app that opens on that display looks friggin’ huge when moved to an external 1080p display. This is because Linux scales up apps on 4k displays by a factor of two by default. Unfortunately, scaling isn’t done per monitor by default so when the app is moved to the 1080p display, it’s still scaled by two. Fortunately, a 4k display is exactly twice the resolution as a 1080p display so changing the built-in monitor’s resolution to 1080p when using an external display is an easy fix that doesn’t necessitate everything on the built-in display looking blurry.

I’ve been using Gnome for my graphical environment. KDE seems to be the generally accepted “best” desktop environment amongst much of the Linux community these days. While I do like KDE in general, I find that application interfaces are inconsistent whereas Gnome applications tend to have fairly consistent interfaces. I like consistency. I also like that Gnome applications tend to avoid burying features in menus. The choice of desktop environment is entirely subjective but so far my experience using Gnome has been positive (although knowing that I have a ship to which I can jump if that changes is reassuring).

As far as applications go, I used Firefox and Visual Studio Code on macOS and they’re both available on Linux so I didn’t have to make a change in either case. I was using Mail.app on macOS so I had to find a replacement e-mail client. I settled on Geary. My experience with Geary has been mostly positive although I really hate that there is no way, at least that I’ve found, to quickly mark all e-mails as read. I used iCal on macOS for calendaring and Gnome’s Calendar application has been a viable replacement for it. My luck at finding a replacement for my macOS task manager, 2Do, on Linux hasn’t been a positive experience. I’m primarily using Gnome’s ToDo application but it lacks a feature that is very important to me, repeating tasks. I use my task manager to remind me to pay bills. When I mark a bill as paid, I want my task manager to automatically create as task for next month. 2Do does this beautifully. I haven’t found a Linux task manager that can do this though (and in all fairness, Apple’s Reminder.app doesn’t do this well either). I was using Reeder on macOS to read my RSS feeds. On Linux I’m using FeedReader. Both work with Feedbin and both crash at about the same rate. I probably shouldn’t qualify that as a win but at least it isn’t a loss.

The biggest change for me has probably been moving from VMWare Fusion to Virtual Machine Manager, which utilized libvirt (and thus KVM and QEMU). Virtualizing Linux with libvirt is straight forward. Virtualizing Windows 10 wasn’t straight forward until I found SPICE Windows guest tools. Once I installed that guest tool package, the niceties that I came to love about VMWare Fusion such as shared pasteboards and automatically changing the resolution of the guest machine when the virtual machine window is resized worked. libvirt also makes it dead simple to set a virtual machine to automatically start when the system boots.

One major win for Linux over macOS is software installation. Installing software from the Mac App Store is dead simple but installing software from other sources isn’t as nice of an experience. Applications installed from other sources have to include their own update mechanism. Most have have taken the road of including their own embedded update capabilities. While these work, they can usually only run when the application is running so if you haven’t used the application for some time, the first thing you end up having to do is update it. Lots of packages still don’t include automatic update capabilities so you have to manually check for new releases. Oftentimes these applications are available via MacPorts or Homebrew. On the Linux side of things almost every software package is available via a distro’s package manager, which means installation and updates are handled automatically. I prefer this over the hodgepodge of update mechanisms available on macOS.

So in closing I’m happy with this switch, especially since I didn’t have to drop over $3,000 on a laptop to get what I wanted.

Artisan… Headphone Jacks?

Remember the good old days when you could plug the same pair of headphones into your phone, tablet, laptop, desktop, television, and stereo without the assistance of dongles? Then Apple decided to show the world its “courage” by removing the near universal headphone jack and many other device manufacturers started following suit. One of the companies that followed suit was Essential. Simply removing the headphone jack wouldn’t be enough for me to mention that company specifically but the solution it announced is worth mentioning:

So if you really, really want to use wired audio, you can fork over a $150 for this accessory. That price seems just a bit excessive considering the entire phone has had fire sales for $250 and $224.

The Essential Phone is compatible with the usual headphone jack dongles, so this add-on is being pitched as an artisanally crafted accessory for the discerning audiophile. The company says the “limited edition” accessory is “handcrafted” and made from “100% machined titanium.”

And you thought the title of this post was pure mockery. Nope. Essential actually is advertising its headphone adapter as being an artisan head crafted” headphone jack. Will this be the accessory that turns the failing company around? I wouldn’t be the farm on it.

While I understand the market for luxury goods in general, I don’t understand the market for luxury electronics. Electronics tend not to stick around too long. A cellphone is generally upgraded every few years. Unless Essential makes a guarantee that this headphone adapter is going to be compatible with all future phones (considering the company’s financial situation it’s optimistic to believe the company will release another phone) this accessory will likely be obsolete in the near future. Why spend $150 for an accessory for a $250 phone when the entire kit will be disposed of in the near future? Buying artisan cellphone accessories seems as stupid to me as buying artisan water. You’re just going to piss out the water later in the day so why spend extra for it?

Chip-and-Fail

EMV cards, those cards with the chip on the front, were supposed to reduce fraud but credit card fraud is rising. What gives? It turns out that the security provided by Chip-and-PIN doesn’t work when you don’t use it:

The reasons seem to be twofold. One, the US uses chip-and-signature instead of chip-and-PIN, obviating the most critical security benefit of the chip. And two, US merchants still accept magnetic stripe cards, meaning that thieves can steal credentials from a chip card and create a working cloned mag stripe card.

A lot of stores still don’t have credit card readers that can handle cards with a chip so you’re stuck using the entirely insecure magnetic strip. And most credit cards equipped with chips don’t require entering a PIN because Americans are fucking lazy:

The reason banks say they don’t want to issue PINs is that they’re worried it will add too much friction to transactions and make life difficult for their customers. “The credit-card market is pretty brutally competitive, so the first issuer who goes with PINs has to worry about whether the consumers are going to say, ‘Oh, that’s the most inconvenient card in my wallet,’’ says Allen Weinberg, the co-founder of Glenbrook Partners. “There’s this perception that maybe it’s going to be less convenient, even though some merchants would argue that PINs take less time than signatures.”

Since card holders face little in the way of liability for fraudulent transactions, they have little motivation to enter a four to six digit PIN every time they purchase something. If card holders aren’t motivated to enter a PIN, card issuers aren’t likely to require holder to enter a PIN because it might convince them to get a different card. It’s tough to improve security when nobody gives a damn about security.

Eventually the level of fraud will rise to the point where card issuers will take the risk of alienating some holders and mandate the use of a PIN. When that day finally comes, card issuers will discover that Americans are absolutely able to overcome any barrier if doing so allows them to continue buying sneakers with lights in them.

Bitwarden Completes Security Audit

In my opinion one of the easiest things an individual can do to improve their overall computer security is use a password manager. I had been using 1Password for years and have nothing but good things to say about it. However, when I decided to move from macOS to Linux, I decide that I needed a different option. 1Password’s support on Linux is only available through 1Password X, which is strictly a browser plugin. Moreover, in order to use 1Password X, you need to pay a subscription (I was using a one-time paid license for 1Password 7 on macOS as well as the one-time paid version for iOS), which I generally prefer to avoid.

Bitwarden bubbled to the top of my list because it’s both open source and can be self-hosted (which is what I ended up doing). While Bitwarden lacks several nice features that 1Password has, using it has been an overall pleasant experience. Besides missing some features that I’ve come to enjoy, another downside to Bitwarden has been the lack of a security audit. Two days ago the Bitwarden team announced that a third-party vendor has completed a code audit and the results were good:

In the interest of providing full disclosure, below you will find the technical report that was compiled from the team at Cure53 along with an internal report containing a summary of each issue, impact analysis, and the actions taken/planned by Bitwarden regarding the identified issues and vulnerabilities. Some issues are informational and no action is currently planned or necessary. We are happy to report that no major issues were identified during this audit and that all issues that had an immediate impact have already been resolved in recent Bitwarden application updates.

The full report can be read here [PDF].

With this announcement I’m of the opinion that Bitwarden should be given serious consideration if you’re looking for a password manager. It’s an especially good option if you want to go the self-hosted route and/or want support for Linux, macOS, and Windows.

Jim Crow Never Went Away

If you ever need an illustration of just how stupid the average voter is, find a voter who is complaining about racist government policies and ask them how they plan to change it. 99 percent (a conservative estimate, it’s probably higher) of the time the voter will tell you that they’re planning to beg the government to change its policies. If you point out how stupid that idea is, they’ll point to the elimination of slavery and the striking down of Jim Crow laws as proof that their strategy works, which should prove to you that the person you’re conversing with is extremely gullible (on the upside you probably just found a buyer for that bridge that you’re trying to offload).

While the government has said that it eliminated slavery and Jim Crow laws, it really just changed some legal definitions. If you’re being held against your will and forced to provide labor, you’re not legally considered a slave, you’re legally considered a prison laborer. Likewise, there are no longer laws that overtly treat people differently based on the color of their skin, instead there are algorithms that do the same thing but provide plausible deniability:

But what’s taking the place of cash bail may prove even worse in the long run. In California, a presumption of detention will effectively replace eligibility for immediate release when the new law takes effect in October 2019. And increasingly, computer algorithms are helping to determine who should be caged and who should be set “free.” Freedom — even when it’s granted, it turns out — isn’t really free.

Under new policies in California, New Jersey, New York and beyond, “risk assessment” algorithms recommend to judges whether a person who’s been arrested should be released. These advanced mathematical models — or “weapons of math destruction” as data scientist Cathy O’Neil calls them — appear colorblind on the surface but they are based on factors that are not only highly correlated with race and class, but are also significantly influenced by pervasive bias in the criminal justice system.

As O’Neil explains, “It’s tempting to believe that computers will be neutral and objective, but algorithms are nothing more than opinions embedded in mathematics.”

For the record, when people were celebrating California’s decision to eliminate cash bail, I predicted that it would result in this outcome (although I didn’t predict the use of algorithms, I did predict that since the decision to let somebody out on bail would be the sole decision of some bureaucrats, nothing would actually change).

Plausible deniability is the staple of modern politics. A politician who wants to pass a racist policy just needs to make sure that race is never mentioned in their law and when the policy results in the politician’s desired outcome, they can claim that they had no way to predict such a result. Additional plausible deniability can be added by handing decisions over to algorithms. Most people think of algorithms as mysterious wizardry performed by the high priests of science and are therefore impartial and infallible (because, you know, scientists are always impartial and never wrong).

However, algorithms do exactly what they’re created to do. If you want a machine learning algorithm to perform in a certain way, you either write it to do exactly what you want or you provide it learning data that will skew it towards the results you want. When the masses wise up and realize that the algorithm is racially biases, you can just claim that the complexity of the algorithm prevented anybody from accurately predicting what it would do. Their ignorance will make your explanation believable to them and you can claim that you’ve now made improvements that should (i.e. won’t) lead to more impartial results.

Lockdown

I’ve always treated mobile devices differently than desktops and laptops. Part of this is because mobile devices tend to be restrictive. Most mobile devices are closed platforms that don’t allow you to load a different operation system. And while you can load custom firmware on a few mobile devices, it often requires some hackery. It appears as though I jumped ship at the proper time though because Apple is bringing the restrictive nature of iOS to its desktops and laptops:

Apple’s MacBook Pro laptops have become increasingly unfriendly with Linux in recent years while their Mac Mini computers have generally continued working out okay with most Linux distributions due to not having to worry about multiple GPUs, keyboards/touchpads, and other Apple hardware that often proves problematic with the Linux kernel. But now with the latest Mac Mini systems employing Apple’s T2 security chip, they took are likely to crush any Linux dreams.

[…]

Update 2: It looks like even if disabling the Secure Boot functionality, the T2 chip is reportedly still blocking operating systems aside from macOS and Windows 10.

I know a lot of people have expressed the feeling that buying an Apple computer and installing Linux on it is rather foolish. After all, you can buy a computer for far less that is fully supported by Linux (Linux support on Apple computers has always been a bit hit or miss). I mostly agree with that attitude. However, there comes a time in every Mac’s life where Apple drops support for it in macOS. While it’s possible to coax macOS onto a lot of unsupported Macs, there are also quite a few older Macs where installing a modern version of macOS is impossible. In such cases Linux offers an option to continue using the hardware with an operating system that has current security updates.

I prefer to repurpose old computers rather than throw them away. Having the option to install Linux on older Macs has always been a desirable option to me. For me losing that ability severely limits the functional lifetime of a Mac. Moreover, I worry that the limitations put into place by the T2 chip will make installing future versions of macOS on these machines impossible when they fall out of support.

Secure Boot functionality is a good security measure. However, Secure Boot on a vast majority of PCs can be disabled (in fact Microsoft requires that Secure Boot can be disabled for logo-certificate). Even if you don’t disable it, many Linux distributions have signed bootloaders that work with Secure Boot (unfortunately, even these signed bootloaders don’t work on Apple computers with a T2 chip). So it is possible to provide boot-time security while supporting third-party operating systems. Apple is simply choosing not to do so.

Meet the Modern Military

The United States military has a problem. OK, it has a lot of problems, but the problem I’m specifically referring to is the trend as of late of acquiring unfinished or flawed technology. From a $1 trillion jet that doesn’t seem capable of doing anything well to stealthy destroyers with flawed engines to fancy new aircraft carriers with nonfunctional munition elevators:

The $13 billion Gerald R. Ford aircraft carrier, the U.S. Navy’s costliest warship, was delivered last year without elevators needed to lift bombs from below deck magazines for loading on fighter jets.

Previously undisclosed problems with the 11 elevators for the ship built by Huntington Ingalls Industries Inc. add to long-standing reliability and technical problems with two other core systems — the electromagnetic system to launch planes and the arresting gear to catch them when they land.

The Advanced Weapons Elevators, which are moved by magnets rather than cables, were supposed to be installed by the vessel’s original delivery date in May 2017. Instead, final installation was delayed by problems including four instances of unsafe “uncommanded movements” since 2015, according to the Navy.

I guess when the deck is used to launch $1 trillion jets that don’t function reliably, getting munitions to the desk isn’t terribly important.

The modern United States military is addicted to high-tech bells and whistles. While those bells and whistles look great on paper, they are often plagued with problems in real world testing and on the battlefield.

At the rate things are going the United States’ military will win the war for its enemies.