A Geek With Guns

Chronicling the depravities of the State.

Archive for the ‘You’re Doing it Wrong’ tag

Artisan… Headphone Jacks?

without comments

Remember the good old days when you could plug the same pair of headphones into your phone, tablet, laptop, desktop, television, and stereo without the assistance of dongles? Then Apple decided to show the world its “courage” by removing the near universal headphone jack and many other device manufacturers started following suit. One of the companies that followed suit was Essential. Simply removing the headphone jack wouldn’t be enough for me to mention that company specifically but the solution it announced is worth mentioning:

So if you really, really want to use wired audio, you can fork over a $150 for this accessory. That price seems just a bit excessive considering the entire phone has had fire sales for $250 and $224.

The Essential Phone is compatible with the usual headphone jack dongles, so this add-on is being pitched as an artisanally crafted accessory for the discerning audiophile. The company says the “limited edition” accessory is “handcrafted” and made from “100% machined titanium.”

And you thought the title of this post was pure mockery. Nope. Essential actually is advertising its headphone adapter as being an artisan head crafted” headphone jack. Will this be the accessory that turns the failing company around? I wouldn’t be the farm on it.

While I understand the market for luxury goods in general, I don’t understand the market for luxury electronics. Electronics tend not to stick around too long. A cellphone is generally upgraded every few years. Unless Essential makes a guarantee that this headphone adapter is going to be compatible with all future phones (considering the company’s financial situation it’s optimistic to believe the company will release another phone) this accessory will likely be obsolete in the near future. Why spend $150 for an accessory for a $250 phone when the entire kit will be disposed of in the near future? Buying artisan cellphone accessories seems as stupid to me as buying artisan water. You’re just going to piss out the water later in the day so why spend extra for it?

Written by Christopher Burg

November 20th, 2018 at 10:30 am

Meet the Modern Military

with one comment

The United States military has a problem. OK, it has a lot of problems, but the problem I’m specifically referring to is the trend as of late of acquiring unfinished or flawed technology. From a $1 trillion jet that doesn’t seem capable of doing anything well to stealthy destroyers with flawed engines to fancy new aircraft carriers with nonfunctional munition elevators:

The $13 billion Gerald R. Ford aircraft carrier, the U.S. Navy’s costliest warship, was delivered last year without elevators needed to lift bombs from below deck magazines for loading on fighter jets.

Previously undisclosed problems with the 11 elevators for the ship built by Huntington Ingalls Industries Inc. add to long-standing reliability and technical problems with two other core systems — the electromagnetic system to launch planes and the arresting gear to catch them when they land.

The Advanced Weapons Elevators, which are moved by magnets rather than cables, were supposed to be installed by the vessel’s original delivery date in May 2017. Instead, final installation was delayed by problems including four instances of unsafe “uncommanded movements” since 2015, according to the Navy.

I guess when the deck is used to launch $1 trillion jets that don’t function reliably, getting munitions to the desk isn’t terribly important.

The modern United States military is addicted to high-tech bells and whistles. While those bells and whistles look great on paper, they are often plagued with problems in real world testing and on the battlefield.

At the rate things are going the United States’ military will win the war for its enemies.

Written by Christopher Burg

November 7th, 2018 at 10:00 am

Meet Voluntary Association

with 5 comments

The big social media sites have been clamping down on, well, pretty much any content that doesn’t advocate for something left of center. In response to this people whose personal ideology lies to the right of the center have been fleeing to other platforms. Those who fall towards the fascist side of the political spectrum have been fleeing to Gab, a social media site that advertises itself as a free speech platform. But hard times have befallen Gab because most of the services it relies on have decided to disassociate with it:

Gab, a “free speech” alternative to Twitter that’s popular with the far right, has been shut down after losing service from a number of mainstream technology platforms, including PayPal, Joyent, Medium, and GoDaddy.

“Gab is under attack,” the company’s home page now reads. “We have been systematically no-platformed by App Stores, multiple hosting providers, and several payment processors.” Gab is working to get back online using new service providers.

Of course the language that “Gab is under attack” is hyperbole. Nobody is attacking Gab. Service providers who disagree with much of the speech that Gab hosts have decided to stop doing business with the social media site. Since Gab’s administrators have made themselves dependent on these service providers, they have found themselves in a rather awkward position.

I can’t say that I blame these service providers. If I administered a social media site, I wouldn’t let fascists use it to post their nonsense (I also wouldn’t let communists, Republicans, Democrats, or any other politically focused individuals use it) nor would I want to associate it with any service that did. However, if I was planning to setup a site to host, to put it politely, controversial content, I would ensure that I owned the infrastructure from top to bottom. The servers would be mine. I’d accept payment in cryptocurrencies so I wouldn’t be dependent on third-party payment processors. If it wasn’t the primary way to access the site, I’d at least publish a Tor Hidden Service address to protect against censorship from Internet service providers and domain registrars.

What gets me most about sites like Gab is that they advertise themselves as being willing to host controversial content but still make themselves dependent on third-parties that don’t want to associate with anybody who hosts such content. Setting up a website that is resistant to third-party censorship isn’t terribly difficult (and doesn’t require anywhere near the same level of care as hosting outright illegal content) but none of these sites bother to do it. It’s as if they want to be censored just so they have something to bitch about and can feed some kind of persecution complex.

Written by Christopher Burg

October 30th, 2018 at 10:00 am

Crowdsourcing Healthcare

without comments

A lot of statists have been pointing out the prevalence of healthcare-related fundraisers on crowdsourcing sites like GoFundMe as an argument for implementing government monopolized healthcare (usually sold under the euphemism “universal healthcare”). On the one hand, there are quite a few healthcare-related fundraisers on crowdsourcing sites. One the other hand, a lot of them are for bullshit treatments that no government monopolized healthcare system would cover anyways:

They focused on five treatments that were showing up a lot in their results, searching the sites systematically for US- and Canada-based campaigns from the last three years that were specifically for those five. They found 1,059 campaigns that fit the bill, with the collective goal of raising more than $27 million, and hitting about a quarter of that target.

Just less than half of the campaigns were for an obvious culprit: homeopathic or naturopathic treatments for cancer, which raised $3.5 million across 474 campaigns. Around 200 campaigns were raising funds for hyberbaric oxygen therapy for brain injury, which supposedly “enhances the body’s natural healing process by inhalation of 100 percent oxygen in a total body chamber.” Much like homeopathy, it’s ineffective for anything other than efficiently emptying people’s pockets. While these treatments themselves might not do any direct harm, the harms of untreated cancer are glaring. (And we probably don’t want to be funneling funds towards the people offering these therapies.)

The other treatments on the list were less popular, but offer more direct dangers. Stem cell therapy for brain injury or spinal cord injury carries substantial risks, while unproven claims of benefits are oversold. And long-term antibiotic therapy for so-called “chronic Lyme disease” can damage the body’s microbial partners, as well as causing antibiotic resistance and heightened risk of life-threatening infections. Together, these made up around 400 campaigns, raising $2.5 million.

Isn’t it annoying when somebody performs more than a cursory glance of your shoddy argument?

Most crowdfunding sites have little oversight of fundraisers. Obviously illegal fundraisers, such as people trying to crowdsource money to buy illegal drugs, usually get pulled quickly but if somebody managed to write a solid sob story about how they’re going to lose their house or die of cancer, it seems very little investigative effort is put into verifying the claims. Does the person who setup the fundraiser even live in a house? Does the treatment being sought by the cancer patient who setup the fundraiser have any medical validity? Who knows!

If you’re going to point to the number of healthcare-related fundraisers on crowdsourcing sites, you should take the time to investigate how many of those fundraisers are legitimate.

Written by Christopher Burg

October 26th, 2018 at 10:00 am

The World’s Largest Text Editor

without comments

One of my Macs was screaming that it was running out of disk space so I pulled up a report of the largest files on the system. Since the system contains several virtual machines, those files were at the top as expected. However, as I scrolled through the list of files something jumped out at me. At some point I had installed the Atom text editor on the system. I don’t remember why I did that but it was probably because I wanted to test it for something. Regardless according to the report the Atom text editor was over 800MB in size. Just for fun I decided to download a copy of the latest version of Atom on another system. The downloaded file decompressed to 822.7MB.

I get that disk space is more or less plentiful and cheap but 822.7MB for a text editor is a bit excessive. I’m actually kind of impressed that a development team managed to bloat a text editor to such an enormous size (but not the good kind of impressed).

Written by Christopher Burg

October 11th, 2018 at 10:30 am

A Lot of Websites Don’t Fix Security Issues

without comments

Last year Google announced that it would be removing the Symantec root certificate from Chrome’s list of trusted certificates (this is because Symantec signed a lot of invalid certificates). This notification was meant to give web administrators time to acquire new certificates to replace their Symantec signed ones. The time of removal is fast approaching and many web administrators still haven’t updated their certificates:

Chrome 70 is expected to be released on or around October 16, when the browser will start blocking sites that run older Symantec certificates issued before June 2016, including legacy branded Thawte, VeriSign, Equifax, GeoTrust and RapidSSL certificates.

Yet despite more than a year to prepare, many popular sites are not ready.

Security researcher Scott Helme found 1,139 sites in the top one million sites ranked by Alexa, including Citrus, SSRN, the Federal Bank of India, Pantone, the Tel-Aviv city government, Squatty Potty and Penn State Federal to name just a few.

The headline of this article is, “With Chrome 70, hundreds of popular websites are about to break.” A more accurate headline would have been, “Administrators of hundreds of websites failed to fix major security issue.” Chrome isn’t the culprit in this story. Google is doing the right thing by removing the root certificate of an authority that failed to take proper precautions when issuing certificates. The administrators of these sites on the other hand have failed to do their job of providing a secure connection for their users.

Written by Christopher Burg

October 10th, 2018 at 10:30 am

I Want to Alter the Deal

without comments

The Witcher series of games have been phenomenally successful. In fact their success has overshadowed the books that they were based on. Unfortunately for the author, he made a bad deal and now wants to alter the deal:

“I was stupid enough to sell them rights to the whole bunch,” Sapkowski said at the time. “They offered me a percentage of their profits. I said, ‘No, there will be no profit at all — give me all my money right now! The whole amount.’ It was stupid. I was stupid enough to leave everything in their hands because I didn’t believe in their success. But who could foresee their success? I couldn’t.”

Sapkowski has now made a public demand for six percent of the profits obtained for the lifetime of the franchise, which adds up to more than $16 million for The Witcher 3: Wild Hunt alone.

I especially enjoy how he admits that he was initially offered a percentage of the profits and turned the offer down because he didn’t believe that the project would be successful. So even he’s admitting that his failure to capitalized on his novels was entirely his fault.

Higher risks generally come with greater rewards, which makes sense since there needs to be a justification for taking a risk. Sapkowski played it safe and took the low risk/low reward option. Generally speaking, if you can bear the brunt of losing out on a high risk/high reward situation, take it. Sapkowski had income from his books so he may have been able to bear the brunt of not receiving any money on the series if it flopped. If you ever find yourself in a similar position, give the high risk option some serious thought.

Written by Christopher Burg

October 5th, 2018 at 10:00 am

How Not to Handle Business Model Changes

without comments

GPGTools is a software suite that makes using OpenPGP on macOS easier. I’ve recommended this tool for quite some time to the three people who are interested in encrypting the contents of their e-mail. While the tool was freely available, the development team has been warning users for over a year that the suite would eventually move to a paid model. I completely understand their motivation. A man has to eat after all. However, there are proper ways to change business models and improper ways. The GPGTools team chose the improper way.

Here is the latest update notification for GPGTools:

It looks innocuous enough but if you install it, you’ll discover that your Mail.app plugin will be a one month trial. The initial screen of the update note doesn’t indicate that this update is the one that moves GPGTools from free to paid. You have to scroll down to learn that tidbit of information. Since most users probably don’t scroll through the entire update note, they will likely be rather surprised when their free app is now telling them that they have to pay.

Another issue with GPGTools’s transition is that there is no English version of the terms of distribution. Since GPGTools is based in Germany, this might not seem odd but everything else on the site is translated into English. If you’re going to toss a license agreement at somebody, you should provide it in every language that your application supports.

The final major problem with the transitions, which has fortunately been fixed now but you can read about it by digging through the announcement thread on Twitter, was that there was no information about the license being sold. When you went to buy a license, the site originally didn’t tell you if the license was per computer, per user, or something else. Now the site states that the purchase covers one person and activation on up to three computers (a limit that I find more restrictive than I prefer).

I’m not one to criticize somebody when they make an effort to profit from their endeavors but GPGTools’s transition from a free suite to a paid suite should be a valuable lesson on how not to perform such a transition.

If you’re ever in a situation where you want to begin charging users for something that you have been providing for free, here are a few rules.

First, don’t foist the change on users out of the blue. Announce your intentions early. Moreover, give your users a firm date as soon as possible. GPGTools’s development team kept saying that the change would come eventually but never provided a hard date.

Second, if you’re going to change the business model through an update, make sure that the update informs users in a very obvious manner. That information should be the first thing in the update note. It wouldn’t hurt to put that part of the note in big bold letters so it jumps out at the user. An even better solution would be to release another free version that told the user that the next version would be the one that transitioned over to a paid model. When the next update was released, have the app clearly tell the user that it will transition the software over to a paid model.

Third, make sure you tell the user what they’re purchasing. The link to buy the software should inform the user if the license is per user, per computer, a monthly subscription, or something else.

Fourth, make any license agreements available in every language that the software supports. If the application is translated into English, then the user should expect an English version of any license agreements to be available.

If anybody is wondering if I’m going to buy a license for GPGTools, the answer is maybe. I haven’t been enamored with the GPGTools development team. Its biggest problem has been a lack of timeliness. Mail.app doesn’t support plugins so the GPGTools plugin requires a fair bit of hackery and often breaks between major macOS releases. GPGTools has often been months behind of major macOS releases, which means that there has often been months where the tool simply doesn’t work if you’re running the current version of macOS. I’m willing to overlook such an issue for a free tool (you get what you pay for) but not a paid tool. So the GPGTools development team will have to demonstrate an ability to have working versions of its software available when new versions of macOS are released before I’ll purchase a license. I also find the three computer limitation too restrictive. I’d rather see it bumped up to at least five computers or better yet unlimited computers (merely make it a per user license agreement).

If the GPGTools development team does resolve these issues, I’ll likely buy a license. It’s only $23.90 (for the current major version, it is implied that a new license will be required for the next major release), which is reasonable. And while I don’t use encrypted e-mail very often (not for lack of want but for lack of people who also use it), I do like to throw money at teams that make quality products and GPGTools, minus the issue noted in the previous paragraph, has been a quality product.

Written by Christopher Burg

September 24th, 2018 at 10:30 am

Potentially Most Worthless Form of Protest Ever

with one comment

When a bunch of triggered snowflake conservatives started burning their Nike products to protest the company’s decision to make Colin Kaepernick its mascot, I foolishly asked if there a more useless way to protest a company than destroying your own property? The question was meant to be rhetorical but a trigger snowflake liberal stepped up to the plate to prove that there are more useless forms of protest through his act of protesting by shooting himself in the arm:

Mark J. Bird, 69, was charged last month with discharging a gun within a prohibited structure, carrying a concealed weapon without a permit and possessing a dangerous weapon on school property, court records show. He was found bleeding from a self-inflicted gunshot wound to his arm about 8:15 a.m. on Aug. 28 outside a bathroom in the Charleston campus K building.

[…]

One college employee told police that he held Bird’s hand to calm him down as others tried to stop the bleeding. While waiting for authorities to arrive, Bird said he had shot himself in protest of President Donald Trump, police noted in their report. The report did not elaborate.

I’m sure Trump is all broken up over the fact that some college professor, whom he would probably tear apart on Twitter if he was even vaguely aware of his existence, from Las Vegas decided to shoot himself in the arm with a .22 pistol. I expect Trump to announce his resignation this week due to the power of this professor’s protest.

The real icing on the cake though was this:

Inside the bathroom, campus police found a $100 bill taped to a mirror along with a note that said, “For the janitor,” according to Bird’s arrest report. On the floor of the restroom was a black-and-white, .22-caliber pistol and one spent shell casing.

$100 to clean up blood? Obviously this professor has no idea how expensive it is to cleanup a scene contaminated with blood. You don’t just run a mop across it and call it a day. The scene has to be sterilized because human blood can carry some really nasty shit.

I will probably regret this but I’ll ask anyways, is there a more useless way to protest than shooting one’s self in the arm with a small caliber handgun?

Written by Christopher Burg

September 13th, 2018 at 10:00 am

Don’t Trust Snoops

without comments

Software that allows family members to spy on one another is big business. But how far can you trust a company that specializes in enabling abusers to keep a constant eye on their victims? Not surprisingly, such companies can’t be trusted very much:

mSpy, the makers of a software-as-a-service product that claims to help more than a million paying customers spy on the mobile devices of their kids and partners, has leaked millions of sensitive records online, including passwords, call logs, text messages, contacts, notes and location data secretly collected from phones running the stealthy spyware.

Less than a week ago, security researcher Nitish Shah directed KrebsOnSecurity to an open database on the Web that allowed anyone to query up-to-the-minute mSpy records for both customer transactions at mSpy’s site and for mobile phone data collected by mSpy’s software. The database required no authentication.

Oops.

I can’t say that I’m terribly surprised by this. Companies that make software aimed at allowing family members to spy on one another already have, at least in my opinion, a pretty flexible moral framework. I wouldn’t be surprised if all of the data collected by mSpy was stored in plaintext in order to make it easily accessible to other buyers.

Written by Christopher Burg

September 11th, 2018 at 11:00 am