Santa Trackers – Another Christmas Tradition Ruined

Bing Santa TrackerAdvances in technology by and large improve our lives. These advances also have a habit of ruining long running traditions. Take the Santa tracker for instance. Way back when there was a phone number you would call and a recording would tell you Santa’s location. There was a mystique and kitschiness to the entire idea. It was quaint. No more.

The history of how this began is similar to another great Christmas tradition (the story of Rudolph the Red Nosed Reindeer) in that one of Americas great retailers, in this case Sears, decided to create a promotion to drive sales. Wikipedia has a good synopsis of how it all started:

The program began on December 24, 1955, when a Sears department store placed an advertisement in a Colorado Springs newspaper which told children that they could telephone Santa Claus and included a number for them to call. However, the telephone number printed was incorrect and calls instead came through to Colorado Springs’ Continental Air Defense Command (CONAD) Center. Colonel Harry Shoup, who was on duty that night, told his staff to give all children who called in a “current location” for Santa Claus. A tradition began which continued when the North American Aerospace Defense Command (NORAD) replaced CONAD in 1958.

NORAD Santa TrackerGoogle Santa TrackerNow NORAD has partnered with Microsoft’s Bing search engine and Google has set up a rival site all to track the location of Santa. Somehow looking at a map or faux satellite image of Santa’s location complete with last location, presents delivered, and estimated time to his next stop takes the fun out of the entire affair. It makes Santa boring. I guess the real tradition here is that great American businesses continue the promotional effort.

Bah humbug!

Euphemistically Speaking – Micro-Apartment

SROI ran across this article in the Wall Street Journal today with the headline, “Cities Try to Lure Young Professionals With Cheap ‘Micro’ Units”. Aside from the base prostitution type jokes that ran through my head my second thought was, “Aren’t those SROs?” In case you haven’t heard of it SRO stands for Single Room Occupancy and these were/are buildings that were much like hotels except people rented them for the month rather than the day. Anyone who remembers the term knows that an SRO connotes kind of a “lower class”. That’s why the term “Micro Units” in the headline interested me.

In recent years, officials in many of the nation’s most expensive housing markets have embraced “micro apartments” as a way to provide less-expensive housing for young renters.

They are betting that the tiny apartments—generally the size of a hotel room for about half the rent of a full-size apartment—will attract young professionals and recent college graduates, helping to revitalize city centers.

Micro apartments are about 300 square feet or smaller, though some developers and cities define them as large as 500 square feet. They sometimes lack a separate kitchen or bedroom.

Doesn’t that sound like an SRO? I must admit that “micro-apartment” sounds much nicer than a “single room occupancy apartment” but it is the exact same thing. I guess we need to make people feel better that wages are low and rents are high and people can’t afford a “normal” style apartment.

Source: Wall Street Journal

I Guess I Have Intermittent Explosive Disorder (IED)

image

Who knew that all it would take is an aspirin to keep me calm.

http://www.telegraph.co.uk/science/science-news/10527035/Aspirin-may-help-in-fight-against-anger-syndrome.html

Kevin Marks on the Last 10 Years and the Next 10 Years of the Web

Kevin Marks, author of the weblog Epeus Epigone, software engineer and principal engineer for Technorati. 11 February 2006 SourceDavid Sifry http://www.flickr.com/photos/dsifry/101236723/
Kevin Marks, author of the weblog Epeus Epigone, software engineer and principal engineer for Technorati.
11 February 2006
Source David Sifry

Kevin Marks compares and contrasts the Web as it was a decade ago, where it is right now, and where it possibly should be headed. He has some great observations about how cyclical the open and closed nature of the Web was and still is. He believes that we are in an era of silos, when it comes to the social web, and that with things like the indieweb movement the Web can once again be more open and distributed.

Here is his talk at LeWeb:

Here is an interview after his talk:

If you don’t know who Kevin Marks is here is a link to his wiki page. He’s worked at Apple, Google, Salesforce, and more. I sometimes hear him chime in on This Week in Google with Leo LaPorte, Gina Tripani, and Jeff Jarvis. This podcast is one of the best in terms of discussion about the Web and the cloud.

All Hail the Christmas Stick

Christmas StickThe Christmas Stick looks like we murdered a bunch of villagers and hanged them from  a tree to frighten off our enemies.

I know it’s getting cold when I can freeze dry my hair

image

I know it’s getting cold when I can freeze dry my hair

Learning to Code is not a Panacea

I’m all for people learning to write computer code and I’ve promoted it to my friends (with the severely limited reach I have) as well. However, the marketing push for kids and people to learn to write code are over simplifying and glamorizing something that, like anything else in life, takes talent and drive to be truly successful. I’m not negative on people learning to code but just want people to have the proper perspective on what learning to code means in a general sense.

Many people can write. I’m writing this blog post for instance. Many people can fix cars, play guitar, ice skate, observe celestial objects, and on and on and on. But, how many of us are paid to do any of the above? That’s the key here. The people that are really good at what they do most often get paid for that skill. Not everyone will be a Stephen King, Stevie Ray Vaughan, Michelle Kwan, or Neil deGrasse Tyson.

I learned to write code about 30 years ago using an Atari computer hooked up to my 13″ color television set. I learned MS BASIC and I created all kinds of rudimentary games and utilities. I was never great at it and I abhorred debugging the programs. I found the act of writing code to create software boring. But, this is not to say that I didn’t learn anything valuable from it. I learned a great deal about how computers work and a computer turned into a tool for me to use rather than a magic box that just did things. I reached an understanding.

Growing up in Chicago at that time there were no computer courses or clubs that I knew of and while I didn’t lose my interest in computers or technology I didn’t know of any way to expand on what I had already learned. So, I moved on. I kept up with what was happening in the world of computers by reading PC World and PC Magazine but never pursued more formal education in technology (a serious number of years wasted to youthful indiscretions didn’t help me either).

Jump forward to 1993 and I decided to go back to school and get my computer science degree. I took courses in algorithms, C++, logic gates, compression and error correction, and I passed them all with decent grades. But while taking them I realized that I still didn’t have real interest in writing computer code for a living. I loved understanding how everything worked but I found the actual work of coding to be drudgery. I obtained my computer science degree but never pursued a career in a technology field. I knew I just wasn’t good enough at writing code to create software for a living.

People like Bill Gates, Mark Zuckerberg, Larry Paige, Sergey Brin, and all the rest of the software engineers at Google, Facebook, Microsoft, Apple et al, are extremely talented at what they do and they have the drive and determination to push their ideas forward.

I guess the point I’m driving at is that, yes, everyone should learn to write computer code, but it is not enough to just learn to code and learning to code will not make you a computer genius. I view learning to code like I view learning to read, write, and simple mathematics. You need these basic tools to understand how the world works and computers are more a part of our lives than at any point in time in our history. Like with any profession or art form you must have talent and drive to be truly great.

Get started understanding computers at code.org

Tech Giants Press Governments on Surveillance

reformgovernmentsurveillanceLet’s here it for the tech giants. AOL, Apple, Facebook, Google, LinkedIn (not really a giant but what the heck), Microsoft, Twitter, and Yahoo! sent an open letter to President Obama and Congress pushing for reform of policies with regards to surveillance of individuals and access to private communications and information.

All good public initiatives would be incomplete without the launch of a web site. ReformGovernmentSurveillance.com has been given life and this is where you’ll find the 5 principles the tech giants believe are necessary to ensure individual rights are protected while government retains the tools it needs to keep citizens secure (I think we already have a document called the Constitution of the United States that covers these issues).

Below is the text of their open letter.

Dear Mr. President and Members of Congress,

We understand that governments have a duty to protect their citizens. But this summer’s revelations highlighted the urgent need to reform government surveillance practices worldwide. The balance in many countries has tipped too far in favor of the state and away from the rights of the individual — rights that are enshrined in our Constitution. This undermines the freedoms we all cherish. It’s time for a change.

For our part, we are focused on keeping users’ data secure — deploying the latest encryption technology to prevent unauthorized surveillance on our networks and by pushing back on government requests to ensure that they are legal and reasonable in scope.

We urge the US to take the lead and make reforms that ensure that government surveillance efforts are clearly restricted by law, proportionate to the risks, transparent and subject to independent oversight. To see the full set of principles we support, visit ReformGovernmentSurveillance.com

Sincerely,

AOL, Apple, Facebook, Google, LinkedIn, Microsoft, Twitter, Yahoo

Source: Ars Technica

Lincoln and his Gettysburg Address

Haycopy-1Today is the anniversary of one of the greatest speeches ever given by a United States President. President Abraham Lincoln’s Gettysburg Address is uniquely American in its sentiment and brevity. Few speeches before or since hold the true nature of what it means to be an American.

Four score and seven years ago our fathers brought forth on this continent a new nation, conceived in liberty, and dedicated to the proposition that all men are created equal.

Now we are engaged in a great civil war, testing whether that nation, or any nation so conceived and so dedicated, can long endure. We are met on a great battlefield of that war. We have come to dedicate a portion of that field, as a final resting place for those who here gave their lives that this nation might live. It is altogether fitting and proper that we should do this.

But, in a larger sense, we can not dedicate, we can not consecrate, we can not hallow this ground. The brave men, living and dead, who struggled here, have consecrated it, far above our poor power to add or detract. The world will little note, nor long remember what we say here, but it can never forget what they did here. It is for us the living, rather, to be dedicated here to the unfinished work which they who fought here have thus far so nobly advanced. It is rather for us to be here dedicated to the great task remaining before us—that from these honored dead we take increased devotion to that cause for which they gave the last full measure of devotion—that we here highly resolve that these dead shall not have died in vain—that this nation, under God, shall have a new birth of freedom—and that government of the people, by the people, for the people, shall not perish from the earth.

What was President Lincoln saying here? In more modern terms I believe he was saying that yes, people died here fighting to keep the United States united. But, even though so many died what we cannot do is treat this battlefield as a holy place. We cannot fall into the trap of dwelling upon the dead at the sacrifice of the living and the future of the nation. Instead we should honor those that died by renewing our commitment to liberty and keep this nation alive.

At the Battle of Gettysburg over 150,000 people fought for three days. This resulted in almost 8,000 dead and more than 38,000 wounded, captured, or missing. For a single event it was one of the greatest losses of American life in history.

I think it’s important to look at where we were, compare and contrast that with where we are, and ask the American question of are we more free? Are we still attempting to form a more perfect union? Are we still protecting our liberties for our posterity? Is this still a nation with a government that is of the people, by the people, and for the people?

Online Exhibit for President Lincoln’s Gettysburg Address

Wrapping My Head Around a SQRL

Welcom to SQRLSQRL, if adopted and implemented can change our entire relationship with web sites and how we use them. SQRL is simple, elegant, and uses current technology which should create a low barrier to entry for web sites to employ. This just might be the perfect solution to the problem of usernames and passwords.

Usernames and passwords came along before the Internet and long before they became necessary to access almost anything on the Web. In a perfect world we should all have different usernames and passwords (and long ones that contain numbers and special characters for that matter) for each and every thing that requires them because if we don’t and some nefarious person gained access to that information they would then have access to all the places where you use them.  But who has the memory capable of keeping unique usernames and passwords for everything? Just about no one. I was introduced to a solution that purports to get rid of usernames and passwords as we know them. It’s called SQRL (pronounced squirrel) and it stands for Secure Quick Reliable Login. I’ve read through the proposal of how this works. And, while I don’t have expertise in cryptography, I think I understand the basics and I’ll do my best to explain it as I understand it.

Unique Usernames and Passwords for Every Web Site

The SQRL system creates a unique username and password for each and every web site that employs this technology. To make it even more secure the user never needs to know their own username or password for the sites they visit. This means no longer would a person have to worry about their Facebook or Twitter account being compromised and then have to worry about all the other sites where they used the same username and password combination. It sounds like magic.

Creating a Master Key

In order for SQRL to work a person has to download an app to their phone or computer (SQRL app) and choose a master password. This password is the only one you’ll ever need and it should be a good strong unique password for this system to be effective. This password will be run through what’s called a hash function which produces what seems to be a bunch of random characters. This bunch of seemingly random characters will be called your Master Key.

Logging into a Web Site

When a person goes to a web site that uses SQRL the site will present a QR code and/or link to a web site address. Here’s an example of what you might see on a web page:

Example SQRL QR CodeClick Here

You scan this QR code with your smartphone using the SQRL app and the app will communicate with the web site separately and you would be logged in. No usernames or passwords are ever typed into any form fields. The same login method can be accomplished, if you’re at home or using a trusted computer, by installing an app or browser extension that performs the same task by clicking on the link.

How is this Done?

This QR code is just a graphical representation of the text of a link. Here’s the actual link that created the QR code above, https://www.example.com/sqrl?7b514d3f1d60e848d0b9cc024b9af0c98a92c60c04849771282a322e765f665a. If you scan the QR code with a bar code scanner app on your smart phone this is what you’ll see.

The random set of characters you see after the question mark in the link is a random number that the web site will create and this number would be unique each time anyone visits that login page.

The SQRL app will take the web site address (www.example.com), combine it with your Master Key, and run them both through a hash function to create two new keys. One that is public and one that is private. The public key ends up being your user ID and the private key temporarily stays in your SQRL app.  The string of characters below is an example of what might pass as username.

a61dc96734eff25c01b332d3c0e3354270d2829533a2607321112bee5922d8ee

The great thing about hashing is that no one can take the number above and go backwards to find your Master Key. But, you can take the web site address, combine it with your Master Key, run them through a hash the same way and produce the same string of characters every time. So it’s a one way street.

In the SQRL app the string of random characters that was provided at the end of the web site’s address gets encrypted by the private key (digitally signed). This digitally signed string of data is essentially your password and it gets passed to the web site where the only thing that can decrypt it is the public key (user ID). The web site decrypts the “password” and if it returns the same exact string of random numbers then the site knows you are who you say you are.

In essence you will create a different password every time you log in to any web site because the random string of characters that the web site generates is different every time the page is refreshed. So even if someone gets a hold of your new super long user ID they cannot compromise your account unless they have the private key. The private key is not stored in your SQRL app because it can be generated every time you visit a site.

I’m sure there are many things that I don’t have exactly correct because, as I said, I’m not an expert by any means in cryptography or Internet security. But I’m pretty sure I have the basics down. SQRL is incredibly secure because users won’t know their own user IDs and passwords to any web site. User IDs are long and seemingly random. Passwords are generated on the fly and can only be created with the use of the SQRL app and the Master Key. The SQRL app can only be accessed by the user’s master password.

If there are weaknesses it’s in the user’s master password and getting web sites to implement SQRL. A person can use anything they want for their master password so their identity can be as secure or insecure as that single master password. Web sites may not want to implement SQRL because it gives the user ultimate control over their information. With SQRL a user can be as anonymous as they want because the web site doesn’t need to know anything about them personally in order to authenticate. Web sites can still require a user to set up an account that is associated with their new superlong user ID and that’s fine for sites like Amazon or other e-commerce sites. But for sites like Google, Facebook, or any social networking site SQRL can allow a user to have an account but still remain totally anonymous.

There are way more details to this than I’m able to describe and if you’re interested you can follow the links below.

This link is to the creator of SQRL: https://www.grc.com/sqrl/sqrl.htm

Here’s a simplified explanation: http://www.sqrl.pl/

A good write up by TechRepublic: http://www.techrepublic.com/blog/it-security/sqrl-a-new-method-of-authentication-with-qr-codes/

An explanation of digital signatures: http://www.youdzone.com/signature.html