A few days after we rang in 2022, most everyone in the US heard about the massive traffic jam that happened in the northern part of Virginia as a result of some severe snow that hit that region of the country. There were horror stories of people being stuck in sub-zero weather for over 24 hours and cars running out of gas. There were also pundits arguing that if all the cars in this traffic jam were electric, the situation would have been far worse. The reality of that ‘hot take’ is far from the truth, as evidenced by Tesla owner Dan Kanninen, who was unfortunately stuck in that huge backup but came out of it with a really positive story of how his Model 3 Tesla managed the situation:
I watched countless vehicles slide across the road, but my EV expertly navigated the ice. While fellow drivers burned gasoline running their engines to stay warm, my EV intelligently directed power solely to temperature regulation—I did not have to inefficiently burn fuel to power my entire engine in order to keep us safe. As other drivers then fretted about their dwindling gas reserves, my EV intuitively monitored my power supply, giving me the peace of mind that other drivers did not have. Throughout my entire experience in the I-95 quagmire, I knew exactly how much power my EV was using, how much power remained in its battery, and how far I could drive. Additionally, because EV drivers regularly charge our batteries at home, at work, and in our communities, we are less likely to have just a partial charge, so I was well prepared—unlike most gas-powered vehicle drivers, who rarely drive on a full tank of gas.
When the backup finally subsided, all the gas-powered cars had to scramble to find a gas station to fill up, while his Tesla was able to tell him exactly how much of a charge he had left and how far he would be able to go, and most importantly, the car informed him of where the closest charging station was located.
What I find most impressive about this story is the way that the Tesla had the ‘intelligence’ to understand that the car was not moving and thus, it redistributed its power source towards the things that were needed there – keeping the cabin warm, and ensuring that the driver had entertainment in the way of Netflix on the big console. :)
Nearly every day in our digital lives, we see a multitude of apps on our phones or laptops get updated – innocuous maintenance updates that invariably include words to the effect of “This release addresses maintenance updates, stability improvements, and bug fixes.” It was during one of these routine releases late last year that triggered one of the more immensely damaging and wide ranging hacks the US has ever seen, commonly known as the Solar Winds hack. It is named after the company of the same name, and was triggered by an update of their widely used Orion software that helps companies and major technology operations in the US Government monitor network activity. Like a tiger laying in wait, the seemingly boring update triggered what many believe is one of the largest and most damaging hacks the US has ever seen. For many who analyze this sort of thing, the true impact of this will not be able to be calculated for months if not years.
Network monitoring software is a key part of the backroom operations we never see. Programs like Orion allow information technology departments to look on one screen and check their whole network: servers or firewalls, or that printer on the fifth floor that keeps going offline. By its very nature, it touches everything — which is why hacking it was genius…
The SolarWinds attackers ran a master class in novel hacking techniques. They modified sealed software code, created a system that used domain names to select targets and mimicked the Orion software communication protocols so they could hide in plain sight. And then, they did what any good operative would do: They cleaned the crime scene so thoroughly investigators can’t prove definitively who was behind it. The White House has said unequivocally that Russian intelligence was behind the hack. Russia, for its part, has denied any involvement.
“The tradecraft was phenomenal,” said Adam Meyers, who led the cyber forensics team that pawed through that tainted update on behalf of SolarWinds, providing details for the first time about what they found. The code was elegant and innovative, he said, and then added, “This was the craziest f***ing thing I’d ever seen.”
Dina Temple-Raston, NPR
The first foundation blocks of the hack started in late 2019 when the hackers inserted a seemingly simple line of code into the software that would indicate to them if the server used a 32-bit or 64-bit processor. Once the hackers were able to see a response to that simple query, they knew they could wreak some havoc. And five months later, they set down further foundational blocks by inserting code that would inform them whenever there was an impending software update.
Under normal circumstances, developers take the code out of the repository, make changes and then check it back in. Once they finish tinkering, they initiate something called the build process, which essentially translates the code a human can read to the code a computer does. At that point, the code is clean and tested. What the hackers did after that was the trick.
They would create a temporary update file with the malicious code inside while the SolarWinds code was compiling. The hackers’ malicious code told the machine to swap in their temporary file instead of the SolarWinds version. “I think a lot of people probably assume that it is the source code that’s been modified,” Meyers said, but instead the hackers used a kind of bait-and-switch.
But this, Meyers said, was interesting, too. The hackers understood that companies such as SolarWinds typically audit code before they start building an update, just to make sure everything is as it should be. So they made sure that the switch to the temporary file happened at the last possible second, when the updates went from source code (readable by people) to executable code (which the computer reads) to the software that goes out to customers.
Dina Temple-Raston, NPR
Similar to the situation that happened in the days and weeks leading up to the 9|11 attacks, there were small signals and flags that were picked up by random people in random places, however none of those pieces were put together to demonstrate that something nefarious was going on. It was only after a network administrator at FireEye discovered that there was a listing for two phones for a single employee that they realized that there was a hacker within their network.
Another reason why this hack was such a ‘work of art’ was that all the normal trackers look for ‘normal techniques’ which usually account for 90 to 95% of all attacks. This one was so unique and so stealth that it completely bypassed all normal checks.
Like other catastrophic failures of all shapes and sizes, this hack had its warning signs. There was just no one there looking at the big picture that could have put these pieces together to see what may be happening just beneath the surface. The NPR article is a really great read, and probably worth a second read, just to really grasp the level of sophistication some of these nefarious hacking organizations have.
An untouched window into early 2000’s computing. In a lonely strip mall in Norman, OK (home of the University of Oklahoma) is a long shuttered computer store called Computer Factory Outlet. The beauty of this situation is that the store is still completely filled with untouched merchandise from the day the store closed. A beautiful time capsule of computing from the early 2000s, although I have to say that the photos sure make it feel like the store and it’s merch is from the late 1980s or 1990s. It reminds me of my trip to San Francisco in 2017 when we stopped by the Weird Stuff warehouse in Mountain View, which sadly shut down soon after we visited to make way for a new addition to the Googleplex.
There are some more great photos via the Tweet below.
So this was a big week for the Apple ecosystem with their new macOS Catalina being released to the masses. Along with the desktop update, it appears that the Apple TV and its tvOS was also updated. With the macOS Desktop update came the long awaited death of iTunes in favor of three separate apps to manage all of your digital media – Music, TV and Podcasts – while moving the “iDevice” sync and device management to the Finder sidebar. All great moves and long overdue.
I would like to hone in on one irritating item that I have observed with the new changes to the TV app – the desktop app where you manage all your digital movies, TV shows and other video related assets – and Apple TV device and interface.
With the new TV desktop app, Apple has made a change to the media ‘poster art’/image art (for this post, I’m going to describe them in the context of “Movies”) used to show what movie you have in your collection. Like many other folks that are out there, I have a decent amount of movies that I have “ripped” or converted to digital from my DVD collection. As such, they are actual movie files on my computer. In the old iTunes Movies interface, these images were vertically oriented and, generally speaking, displayed the traditional movie poster image as you can see below.
In new macOS Catalina TV desktop app, the orientation of these images have been changed to a 16:9 horizontal orientation as you can see below. So now, the vertically oriented images from the previous iteration of iTunes are still there representing each movie, but they look woefully out of place and Apple is using this blurring feature that is drawing from the colors in the actual image. Nice touch…it kinda works, but lets be honest. It looks pretty shitty. In the example below, I went ahead and changed the “Before Sunrise” image to the 16:9 ratio just to illustrate how it should look with the new image layout (Please…no judgements on the movies).
So, you would think that this new 16:9 treatment in the macOS TV app would then carry over to the actual Apple TV “Home sharing” interface where you can access and watch the movies on your computer via Apple TV. So let’s take a look at the exact same “Romance” category, but this time on my TV using my Apple TV. In the Apple TV interface, the movie images are still using the old vertically oriented ‘movie poster’ art, while the one movie I changed the image on – Before Sunrise – now has the complete opposite – actually worse – effect in Apple TV compared to the macOS TV app – it shoves the horizontally oriented image used in the macOS TV app into the vertically oriented slot on the Apple TV interface.
So then I thought, maybe it has to do with the fact that the remaining movies in that category had not been switched out to the 16:9 orientation and that was ‘forcing’ the movies WITH the 16:9 image to be in the vertical image slot. So I went into the “Documentaries” section and switched out the vertical images for the 16:9 horizontals to test this theory out. And lo and behold, that made no difference.
So, after all of that, my ask to the teams over at Apple TV, macOS TV App and anyone else would be to fix this so that each interface is designed for the same sized and oriented image, or that there is some interface or selection button that gives me the option to choose which interface uses which type of image. Yeah, stuff like this irritates me.
I commute into NYC for work and as part of that commute, I have to drive to my local transit station, which is at most a 5-8 minute drive from my house. And like many people in this situation, I use a “commuter car” that we have had for a long time – in my case a 2004 Honda Pilot (which is a great car as evidenced by the fact that you still see a *ton* of these models on the road today). It gets me to the station and back. This is a model that – gasp – has a tape deck in the dashboard and does not have Bluetooth!
So to bring the car into the modern era, several months ago I purchased a handy Bluetooth adapter that can flow my favorite Podcasts through the car’s audio system. When I get in the car, most times my iPhone 8 will connect automatically to the adapter’s Bluetooth signal. But there are times when that does not happen – not a big deal. Now here is where things get frustrating. So in these circumstances, you would *think* I could just say “Hey Siri, connect my iPhone to Bluetooth signal ‘ABCD'” and the phone would connect. I mean, it seems like a pretty basic function to enable. But no! Instead, Siri says “Sorry, can’t do that” and gives me a link to the Bluetooth section of my iPhone settings. I then need to go into that interface, select the correct Bluetooth signal and wait for it to pair.
It is little things like this that you would think Siri would be able to handle, especially using the new Siri Shortcuts feature, however from the research I’ve done, this is in fact not possible (yet).
Just a miss on an interaction that Apple should have considered.
Starting with some 2018 and 2019 models, Samsung will integrate the Apple TV and iTunes capabilities directly into the TV interface, similar to how they currently do the same with Netflix, Amazon Video, HBOGO, Hulu and others. From the Verge:
The iTunes Movies and TV Shows app, which will be available in 100 countries on both Samsung’s 2019 TVs as well as its 2018 models (after a firmware update), marks the first time Apple has allowed third-party devices to access its video library outside of Windows PCs. It could also be a prelude to a video streaming service that Apple is currently rumored to be working on which is tellingly also reported to be coming to 100 countries.
Jon Porter, The Verge
I got a new Samsung Smart TV for my birthday last year and it’s integration with Netflix, Amazon, etc. is fantastic. Strangely, I am now rarely if ever using my Apple TV device other than to watch movies in my digital video library.
With the current Hurricane Irma situation in Florida, the fine folks at Tesla thought it would be a good idea to ‘flip a switch’ on the software of those who own Teslas down there, so they have a little more range on a battery charge to get outta dodge:
Up until a few months ago, Tesla sold a 60kWh version of its Model S and Model X vehicles but the battery in those cars was actually rated at 75kWh. The thinking: Tesla could offer a more affordable 60kWh version to those who didn’t need the full range of the 75kWh battery, but to keep things simple, they’d just use the same 75kWh battery and lock it on the software side. If 60kWh buyers found they needed more range and wanted to upgrade later, they could, or if Tesla wanted to suddenly bestow owners with some extra range in case of an emergency, they could.
A variety of new details about what Apple is going to announce this week have become available as a result of some surprisingly sloppy work coming out of Cupertino.
Face ID is referenced in Apple’s firmware, and it appears to be the official name for the new way to unlock the iPhone 8 with just your face.
I feel like I’m just getting into the swing of using Touch ID and now they are going to switch it up on us (granted, it appears to only be for the higher end phone)
Apple is also reportedly introducing ‘Animoji’ which are animated versions of the popular emoji found in iOS 11. Animoji will supposedly use the hardware face scanning features of the iPhone 8 to create custom 3D versions based on your own facial expressions. Apple describes Animoji as custom animated messages that use your voice and reflect your facial expressions, and they’ll be featured in the messaging app.
The final leak from the new iOS 11 firmware also shows a new revision of Apple’s wireless AirPods. 9to5Mac reports that it’s not a major upgrade, and it appears that the charging indicator has been relocated to the outside of the case to make it easier to check on battery status without opening the case. An animation shows the refreshed AirPods, and the design looks almost identical to the existing version.
It took them forever to get the ‘original’ AirPods out to market and now they are turning around and changing them. Lends credence to the strategy of waiting for the second version of an Apple product/feature/software update before upgrading.
Apple used to be “Fort Knox” in terms of controlling rumors, leaks and the like leading up to their marketing events (and yes, they are marketing events) but over the past few years these leaks are becoming more prevalent…probably because the folks doing the research are becoming more and more sophisticated. I wonder how Steve Jobs would have handled this?
The annual tech pilgrimage to Vegas for CES has come and gone. As usual, Apple was not present – they never have a booth – but they have been known to have a big presence in terms of buzz, apps, and other items within the Mac ecosystem. Apparently, according to ReCode, this year there was one big area of “innovation” within the Mac ecosystem:
The large iProducts section of the convention hall boasted the usual array of cases and chargers, but not a lot that was really new or exciting. Perhaps the biggest area of innovation was around trying to replace all the ports Apple took away on its latest MacBook Pro.
Watching the Apple MacBookPro (MBP) announcement the other day, I could not help but get the feeling of a struggling, quiet desperation coming from the Apple leadership team making the presentation. I wasn’t in the room but the vibe of the room and the presentation felt desperate and flat to me. The details and advancements that were discussed during the presentation seemed like natural, next-level evolutions of the Apple product lines – the only thing that was really interesting was the TouchBar on the MBP – everything else…meh. Maybe the industry is so used to Apple’s high standards that it is taken for granted. Maybe we need to look past the giddy Apple fanboys vigorously defending Apple’s decisions and take a really critical look at the shit show that is all the different dongles and cables that are needed across the product lines and how they are expecting Apple customers to adjust and adapt to the confusion. Here is a quick hot take on different items that were announced.
They integrated Minecraft. Sure, Minecraft is still a thing, but is it really? Wasn’t that relevant like 3 years ago?
Steve Jobs said before he died that he had ‘solved’ TV. Granted that’s a bold statement – that is now 4 years old – and all they could deliver is an app called TV that enables universal search. And don’t get me started on Siri – Google Assistant anyone? 5 year head start and they’ve been lapped by Amazon and Google? You could tell that the woman doing the demo was speaking in a deliberate tone, praying that Siri understood what she said. Having the TV app on other iOS devices is definitely a good addition and that is an interesting addition and opportunity for TV viewers.
For context, the day before this event, Microsoft announced the stunningly cool looking Surface Studio desktop computer. The human interaction of the Surface Dial on the ultra thin and gorgeous screen looks fantastic. Apple countered that with “the thinnest MBP EVER” – gee what a surprise. And it has an all metal design! It has the “best and biggest track pad that [Apple] has ever made.” None of this is a big deal. It is bordering on technology and change for change’s sake.
The TouchBar at the top of the keyboard is a really interesting feature however to me, it seems to be something that will take people a long time to adapt to. I think it’s potential is high – especially in terms of security and it’s ability to read fingerprints. But hey, at least it organizes my Emoji.
The MBP looks like a gorgeous machine and I am taking absolutely nothing away from the brilliant Engineering and design that went into it. Yet, as Apple was explaining the capabilities of the TouchBar, speaking with quiet reverence of how you can use both hands when using the MBP, all I thought about was how quaint the Apple demo was compared to the amazing interaction of Microsoft’s Surface Dial.
Dongles & Wires
So let me get this straight – Apple gets rid of the headphone jack in the iPhone for an accelerometer, so the customer has to buy and use unique headphones that ONLY work with the iPhone (because of the Lightning connector). Then Apple doesn’t include the Lightning port on the MBP, but DOES include a headphone jack. So the customer has to use a different set of headphones or the dreaded ‘dongle’ to listen to music on the MBP. In fact, it looks like the customer will need to purchase several dongles to adapt to the different connectors you could be using.
It is unrealistic to expect a company – yes, even Apple – to develop a groundbreaking product, on the scale of the iPhone, every year (or even every two years for that matter). There are only so many opportunities that present themselves like what was in front of Apple in 2005-7 when they developed iPhone. It is, however, realistic to expect the same level of innovation that they believe they are delivering, and I’m starting to feel that the gulf is widening between the innovation Apple believes it is delivering compared to that of their competition.
I was on the NYC Subway last night heading home from work (Downtown E Train) and was listening to a tech oriented podcast that was discussing the recent decision by Apple to remove the headphone jack from the iPhone 7. The discussion made me think about what sort of impact Apple’s decision may have on customer behavior relative to their headphones, and what headphones people use. How many people really go out and purchase different headphones? How many people say ‘screw it’ and just use the free ‘in the box’ Apple earbuds?
So I started to look around at the folks in the train car – a pretty solidly random collection of people. I’m going to say there were somewhere around 150 people in the car and of that total, maybe 30-40 people were wearing headphones (roughly 20%). And of those 30-40 people, at least 15 (~10% of the total and ~50% of the people wearing headphones) were rocking out using the white Apple issued headphones.
So this says to me that in this random sample of people, a solid 50% of people using headphones in this train car were not picky enough with the quality of the audio produced by their headphones to go with anything other than the less-than-elete free, hard plastic, non-maliable, non-noise reducing/cancelling Apple EarBuds that come with every iPhone.
And when you then extend that out to the new iPhone 7, you could make a stretch assumption that in a similarly random sample of people, probably more people would use the free Apple EarPods with the Lightning connector because they came in the iPhone box and they are locked into using the Lighting headphones due to the iPhone 7’s lack of a headphone jack. These people would not be that up in arms about the lack of a headphone jack because of similar behavior when there WAS a traditional headphone jack. A good chunk of them would simply say “Fuck it, why bother with better quality audio and great noise cancelling technology from someone like Bose when I can listen to the rumbling of a NYC subway and the noise of the guy chomping on a burrito, drone out the sound of ‘Arcade Fire’.” Let’s just use these Apple issued Lightning EarPods (that are basically the old, free headphones with a Lightning connector) that sound like tin cans in your ear.
An observation. Hardly scientific, but an observation none the less.
Scientific researchers have discovered a new planet that is orbiting a star – called Proxima Centauri – which are both very close to “our” Sun (in relative astrology measurements). Proxima Centauri is a star that coexists with another star located in the heavily studied Alpha Centauri star system. And this new planet – Proxima b – is orbiting Proxima Centauri.
What makes the discovery so cool is it appears that Proxima b has the type of climate that could support life. It has a climate that is extremely similar to the climate here on Earth, mainly because Proxima b is located within the ‘habitable zone’ that surrounds it’s star (Proxima Centauri). This is very similar to how Earth is in the ‘habitable zone’ that surrounds our star – the Sun.
Given the fact that Proxima b is within the habitable zone of its star, meaning liquid water could exist on the surface, it may also be the closest possible home for life outside of our solar system, the researchers said. Because of its location, the researchers hope that it provides an opportunity to “attempt further characterization via ongoing searches by direct imaging and high-resolution spectroscopy in the next decades, and possibly robotic exploration in the coming centuries.”
This next paragraph reads like something out of the movie “Real Genius“, where it’s minimizing in an uber-scientific way the “short” distance between Earth and Proxima b
Proxima b is a mere 4.2 light-years away from our solar system, or 266,000 times the distance between the Earth and the sun, which are 92.96 million miles apart. Previous rocky exoplanet discoveries, like those orbiting ultracool red dwarf star TRAPPIST-1, were described as close at 40 light-years away.
Being that it is only a mere 4.2 light years away, it’s only fitting that Elon Musk get moving on a Space X roadtrip to this planet.
I happened upon an article on The Verge recently that spoke to the broken process hassle of adding a ringtone to the iPhone and how in 2016, experiences like this make the iPhone feel like it’s stuck in 2008.
I am going to document the process that, in 2016, I went through to get my preferred ringtone on an iPhone. It is a story of complaints and gripes, yes, but it is also a story about why Apple’s philosophy about how it thinks the “future of computing” should work keeps making the mistakes of the past. It’s not just process, it’s layers and layers of politics.
This article could not be more accurate, however I don’t think it goes far enough. Just as big an issue as what Dieter Bohn outlines on The Verge is how other UX elements like customizing ‘audio alerts’ for iOS Apps and Notifications is just as broken.
Let’s look at the Alert experience for communication apps – E-mail, Messaging, Notifications and Alerts, etc. Depending on the app, the experience falls into one of two experiences: You are beholden to what the app has chosen as it’s default Alert sound (with rarely any option to change it) or, iOS ‘assigns’ the “Text Tone” alert to all similar communications apps by default. So if you have different communications apps such as two email apps (Gmail and Apple Mail for example), or several chat apps (What’s App, Google Hangouts, Telegram, iMessage, etc.), things become problematic pretty quickly, as you are not able to audibly discern which type of message you are receiving when you phone is in your pocket, bag or wherever.
Yes, you can choose which alert sound you want to assign to email (or text alerts) in iOS’s ‘Sound Settings’, but it is a global setting. And you can assign I prefer to use the Gmail and the Google Inbox apps for my email and have buried Apple Mail in the proverbial “Other” iOS folder on my phone (that’s a whole other issue but thankfully Apple is addressing that). Unfortunately, in this very common scenario, you are not able to customize the Alert sounds assigned to each of these apps. I have to live with whatever the app publisher has defined.
This becomes an issue because I’m not able to audibly differentiate between a Notification from someone I follow on Twitter vs an Email via the Gmail app. Within the Twitter app, you have the ability to receive alerts when certain people/handles you follow send out a Tweet. Since this is set up as an ‘Alert’ in iOS’s Sound settings, whenever I receive one of these ‘Tweet alerts’, it too has the same audible Alert tone as Text messages or many other ‘Alerts’ from other apps, so there is no way to know from the sound which alert just came through. You have to look at the phone to see if the alert is from Twitter, IFTTT, or whatever service you use. Thankfully, Google Inbox has updated their alert sound to a very nice but subtle tone so I am able to use that to know that an email has arrived (In turn, I shut down the Gmail app’s alerts all together).
In many ways, the ‘Alert’ experience and the ringtone experience documented in The Verge are metaphors for Apple’s legacy of controlling the full end-to-end experience. This approach has obviously proven successful for them but at the same time, they need to really think through where they can strike a balance in their approach. Android goes to the complete other extreme, where you can customize too much of it’s experience, and I think that becomes too overwhelming to even the most advanced users. That also brings in too many opportunities for errors and big issues and from that perspective, Apple’s hard line controls are a huge benefit to them and the customer.
Apple has an interesting opportunity to relax subtle but important elements of iOS, and re-work some of their legacy User Interaction experiences to give it’s users/customers enough control to customize the phone to their lifestyle while still providing the controls needed to ensure the essence of the iOS experience is not compromised.
For all of Elon Musk’s ambition to re-invent the automobile through his bleeding edge electric car company Tesla, the knock has always been that the pricing for his existing models have been way too high for the average consumer – and yes, at $100K+ a pop, that is not a price tag that is going to go over well anywhere save San Francisco, NYC, LA and several international cities. That all changed today with Tesla’s launch of it’s $35K Model 3, which has generated around 200,000 orders in roughly 24 hours and has produced lines outside of Tesla stores that rival Apple launches (as Re/Code put it – h/t).
As has been well documeted, there is ample environmental change happening around us and the introduction of accessible, affordable electronic cars is a small but important step in the right direction. To be clear, it’s not the end of the ‘warming’ problems facing us (and I’m not nearly smart enough to take that on). All I’m saying is that what Tesla is doing, and how they are introducing a relatively affordable all electric vehicle, is an important milestone. Let’s hope that the principals of “Moore’s Law” applies to electric vehicles and the pricing and innovation can continue to improve and lead to longer driving times (past the ~200 mile distance capabilities of the Model 3) and lower prices all around.
I’m not sure about you, but the user name for my email address is pretty run of the mill – a pseudo-advantage of claiming my “handle” early. Add to this the fact that my name is far from unique, and you can imagine that more frequently than not, some wayward emails will find their way into my inbox. And I’m not talking about Spam (which most reputable email services effectively control these days) but legitimate emails intended for a person who is not me, but shares the same surname, and initials of their first and middle names.
Over the past week, I have received several of these types of emails – one from a mail order wine company (I would have enjoyed receiving that package!), another from Office Depot and a third from Hewlett Packard – all for orders or actions taken by someone who has mistakenly used my email address to sign in to these online services. There is clearly a worrisome hacking component here – is my identity being compromised? Is someone charging things to my credit cards? However, it quickly occurs to me that what is happening is a case of mistaken emails – someone is inadvertently using my email address because for some reason they think it is their email address. We will put aside the fact that this person may not be the sharpest tool in the shed and did not pick up on the fact that no confirmation emails hit their Inbox or that they appear to have done this same mistake repeatedly across multiple accounts.
And it is not the only time this has happened – in the past, I’ve received emails about book clubs, school events, church events and other mildly entertaining topics. Whenever I receive these, my first and only thought is to connect with the person who shares my last name, to ask, beg, and implore them to update their email address in their account or with the friends. And I’ll get creative too – if there is a mobile number noted in the email, I’ll use my Google Voice phone number to text them and let them know I got their email by mistake. If it is clearly a personal email from an individual trying to reach the other person named “Clark”, I’ll respond with a quippy response and ask them to tell their friend to fix their email. All I want is to stop receiving email that is not mine. I don’t want to get any of this info – I don’t want to know about the bake sales, I don’t care about your orders from a Winery or Office Depot, and I dread the day I get an email with visuals that are, er, a little too revealing. :P
Of the emails I received this week, the one from Office Depot was the most concerning from a security and PII (Personally Identifiable Information) perspective. The email itself was highly informative, telling me all the items that this person had just ordered (which came to just under $500) but also revealing a lot of sensitive information that I could have used to socially engineer the account, including the intended recipient’s phone number, order number, customer number and a link to check the status of the order. Interesting, I thought.
Curious, I clicked through the “Check Order Status” link, which brought me to a page asking for the order number and the phone number, both of which I had for this account via the wayward email. After providing this info, I was taken to a page that proudly displayed the same order detailed in the email, but this page also included the person’s mailing address!! So now, with little to no effort, I had the phone number AND mailing address of this person. Wait, it gets better. There was a link on this page to “Re-Order” the initial order that was so nicely detailed on the page. So I went ahead and clicked through this link and was presented with a page itemizing a “Re-Order” of this $500 shipment. I could not have gotten too much further as I would have needed to be fully logged in to place the order, but for someone with ill intent, that could easily have been achieved.
You see, also on this page was a link to “Chat With Office Depot” customer service. Clicking through there, I was prompted for the customer number and email address in order to initiate a conversation with the Office Depot CSR. And whatta ya know, I had this information. A few seconds later, I’m chatting with the Office Depot CSR and I told them what the situation was – that I received this email in error, that I WAS NOT the account owner, and that they should check with the account owner to make sure they update their account email address. But I easily could have posed as the account owner in order to do things such as acquire or change a password (since my email address was mistakenly attached to the account) or check other sensitive information related to the account. The OD CSR couldn’t seem to wrap their heads around the situation that I WASN’T the account owner but was trying to fix this situation. After a few more minutes with the OD CSR, they realized the situation and in turn escalated it, and informed me that they would reach out to the account owner to update their information.
I did two things to reach out to the account owner – First, I texted the phone number via the Google Voice approach noted earlier
UPDATE: They finally responded via Google Voice Text saying they would update the info), and secondly, I printed out all of these emails and wrote a “snail mail” letter to this person (since I had their mailing address), telling them that they should really check their email credentials across all of their accounts to make sure that this sort of thing does not happen with anything more sensitive than an Office Depot account. So on the one hand, I feel good that I was able to get a hold of someone to inform them of this fairly significant error. Sure, I could have called the person directly but honestly, I didn’t want to do that…that is too freaky.
On the other hand, you have to be pretty worried that with a very simple error like an incorrect email address, I was able to find out so much information about this individual WITHOUT EVEN TRYING. Imagine what can happen when people who are intending to compromise your information try to get into your accounts! Take some time to really think through your approach to securing your accounts – no matter whether they are a bank, a credit card or an office supply store.
As a customer, the moral of the story is this:
Check all your information to make sure it is correct when you log into a site
Take the extra effort to use password services like LastPass or OnePassword to ensure you are using random, difficult passwords that are securely protected
If a site or online service offers Two Factor Authentication, take advantage of it! It’s a little bit of a pain to get initially set up but after that, it is fairly transparent to you and it provides an extra level of security that goes a long long way towards preventing breaches
As a online product manager or marketer, the moral of the story is:
Double and triple check the communication details of your customers to make sure their email address is correct.
Make sure that the information you are revealing within an email communication does not provide an opportunity to breach an account.
The email received from Office Depot should not have included anything more than the order number and a link to log in to get more details.
The page that offered the ability to track the order should have been behind the log in or it should have prompted for a piece of information (like the account password) that was only known by the account holder before exposing any sensitive information.
In case anyone is questioning Pixar’s position as the undisputed leader in digital animation, they have gone ahead and released for free another digital animation application, this one called the Universal Scene Description tool. It is basically a method for pulling together different assets from different animation applications in a seamless manner.
What makes this interesting to me is that back in July during a trip to Boston, I went to see the amazing “The Science Behind Pixar” exhibit at Boston’s Museum of Science. It was a very hands on demonstration of how Pixar develops it’s amazing digital animation movies. What was exceedingly clear from the exhibit was the painstakingly detailed production process that Pixar applies to each and every one of it’s movies – from the tiniest short to the most epic long form movie. The rigor and attention to detail that was demonstrated in the exhibit was stunning – I can only imagine how it works within the overall Pixar operation – but what was more impressive was the way they made the exhibit so easy to understand and consume, whether you were 14 or 41 years old. They easily demonstrated all the steps that Pixar goes through to produce their movies – from Modeling, Creating Realistic Surfaces, Animation, Simulation, Lighting and Rendering the Imagery. To say that they have the animation production process down to a science is a gross understatement.
By releasing this as ‘open source’, they are doing their best to bring some standardization and rigor to the industry they work in, a subtle dig on the fact that there are so many apps, processes and standards that don’t fit into how they produce their products.
So many folks in the media and around the world talk about Steve Jobs’ influence on the technology industry from his time at Apple (which I am not at all questioning), but after seeing the Pixar exhibit at the Museum of Science, and watching the multitude of movies that Pixar has produced, you can’t help but wonder if what he created at Pixar has been more transformative in the movie and entertainment industry.
For close to six years now, I have been using Android phones. Because the iPhone was late to join Verizon, my current wireless carrier (VZW has the best coverage where I live although I am very tempted to try T-Mobile…but I digress), I went with Android early on and then stuck with it through some of the lean early years of that platform. So when my wireless contract ended in March and I became a wireless phone/carrier free agent, I started to debate what phone I should get?
During the past 3 years or so, I have also been migrating a lot of my house to the Apple iOS/OSX ecosystem – iPads, Apple TV, iMacs, MacBook Airs, AirPorts – but during that time I was sticking with Android for my mobile phone. Yet I was starting to waver with my mobile device – do I stick with Android and go for a Samsung Galaxy 4 or do I make the move that seemed inevitable with the migration of the rest of my digital life – and go over to Apple’s iPhone.
And so a few weeks ago, I took the plunge and picked up the new Apple iPhone 5S. There was no specific attribute or feature that drove me into Apple’s hands, but more of a growing frustration with the Motorola/Android devices that I have used the past few years. With my Android phones, it always seemed that they slowed to a miserable computer processing crawl after about 10-12 months. Whenever I tried to do the most basic of mobile computing tasks – opening apps, sending messages, making a phone call (novel concept), etc. – it became an ordeal. And the real kicker was when I tried to take a photo with my Android phones – oh, the countless photos that have been missed waiting for the photo app to load. To sum it up with my Android devices, whenever I *really* needed it to work – to capture a photo, to make a phone call quickly, to find an address/location – it failed me. When I didn’t need it in a crunch, oh, it worked fine.
My initial impression of iOS on an iPhone is much different (in a good way) compared to what I have been exposed to on the iPad. The processor and the apps are really snappy. The software and iOS experience is so solid and tightly integrated. So far, my experience with my first iPhone has been great and for now, I’m not looking back.
An facinating video from Wired Magazine showing how Tesla’s production line works. The most amazing part is at around the 3:30 mark where one of their robots actually installs the seats and the windshield (including applying the glue to the glass) with absolutely no human intervention.
A couple of observations coming out of the Apple announcement the other day.
Apple really missed on the pricing for the new iPad Mini. The $329 price point for the 16GB flavor of the new “must have” iPad Mini feels too expensive especially when compared to the tablets of competitors Amazon and Google that each start at ~$200. You could even see Apple trying to justify that price point by having Phil Schiller make a very rare but overt “point, counter point” (Jane, you ignorant slut) comparison of the iPad Mini to the Google Nexus. As soon as he started in with that comparison, I had a feeling that the pricing was going to be expensive relative to the competition. His comparison was basically trying justify the benefits of the iPad Mini ahead of revealing the price, so to ease the pain. I never thought the iPad mini was going to come in at $200, but I was thinking somewhere in the $249-$299 range. If they came in at that range, I think that would have sealed the deal for the Tablet marketplace. Now, I think there is still a window for others to play in.
Secondly, I think Apple did some damage to their brand with how they have handled the “new” iPad (i.e iPad 3 and iPad 4). Releasing an updated version of their iPad on Tuesday, just six months after they released the “new” iPad (3rd Gen) is not going over well. Beyond a Twitter storm, a site called CouponCodes4U.comran a flash poll on their site (granted, not exactly scientific but still…) that conlcuded:
Forty-one percent of the respondents, who all stated that they owned at least one Apple product, said they had bought the third generation iPad. Of these, 83% said they felt “cheated” by the announcement of the fourth gen tablet.
Not the kind of feedback I’d want around a product release.
And personally, I purchased a “new” iPad in late August, just about 2 months before the Tuesday’s announcement, because my iPad 1st Gen died but also because I didn’t think an another upgrade would be happening until early 2013. I have called Apple and even went to my local store to plead my case and to no avail.
For a company that takes such efforts to make sure things are done pixel perfect, you would think they would manage things like this a bit more effectively.