random($foo)

I run a lot of browsers – I’ll usually have 3-4 running, a mix of Chrome, Canary, Safari, and Firefox Nightly. With Mavericks, I switched to Safari as my default browser on my MBA due to its power efficiency.  Unfortunately, Yosemite breaks the SIMBL plugin I was dependent on, so it was time to move on.

Chrome has been getting sluggish and I’ve really been liking what Firefox has been up to, but the latest Nightly builds have been not so dependable (I blame e10s but maybe that’s unfair) and since I’m traveling again, daily 90MB downloads isn’t ideal, so I decided to give Firefox Developer Edition a shot.

Turns out, it’s pretty great! It has a dark simple, theme, by default. Is pretty snappy, and the developer tools look great (although at this point I’m so used to Chrome’s keybindings that it’s been a bit awkward switching).

The one fly in the ointment was that 1Password wasn’t playing nice. Luckily, there is a solution. Just upgrade to the latest beta extension and the latest beta version of the app and it’ll work.

If you use Evernote, you’ll also want the beta Clipper that brings it to parity w/ Chrome and Safari.

Lastly, one of the things that I really got spoiled by was Chrome’s particularly elegant “hold CMD-Q to quit” option. While, ever so slightly less elegant, meta-q-override/warn-before-quit does the trick.

I’m currently using Firefox Developer Edition as my new default browser.

This is going to be a work in progress for the next few days, so feel free to check back (or just ask questions in the comments)… I’ll be making notes my experience with the new Microsoft Band an activity/fitness/slightly-smart-watchish wearable device. I will be making comparisons to the Basis B1 I’ve been wearing for the past year and a half, and maybe some other activity devices as well.

The Basis B1 hasn’t been the worst thing ever, but my band has been falling apart, and in general, everything from the syncing, to the heart rate monitoring, to basic things like telling time is janky/less-than-great. Still, even a couple years on, the Basis is practically the only game in town for a general activity tracker that’s actually more than a glorified pedometer (I previously had a BodyMedia FIT but their form factor and service model was a turn-off).

Earlier this year, I finally received my long delayed, Amiigo wristband, which, while making big promises, ended up being a pretty half-baked disappointment. I kept using my B1.

Last month, Basis (acquired by Intel earlier this year) announced their new tracker, the Peak. It promised a much improved heart rate sensor that would be useful for fitness tracking, Bluetooth Smart connectivity, 4 day battery life, and 5ATM water resistance (good enough for swimming laps). It also promised a host of software improvements, including sleep-cycle detection, better alerts/habit forming reminders, and some smartwatch style notifications and alerts in the unspecified future.

While the BodyIQ automatic activity tracking (walking, running, biking, and sleep) they introduced a while back actually works pretty well, the Basis has had many long-standing unsolved problems. The support forums are filled with requests begging for features that are always “not ruled out as a future feature”, but over the past couple years, these new features have never been implemented. My personal bugbear is that the Basis doesn’t actually update time/time-zone except after completing the interminably slow full-sync. This means that you can’t update the time on the watch if you’re on a plane, or in an international airport or anywhere without several minutes and solid data.

A few weeks ago, the Fitbit Surge leaked and was finally announced. It doesn’t include GSR, skin, or ambient temperature, but has optical heart rate and also GPS tracking, a digital compass, and altimeter. It claims a 5-day battery life and 5ATM of water resistance. Of course, Fitbit has its detractors as well. Some people popped up in the HN thread complaining about the broken app. For me, the biggest drawback is that while Fitbit stores your second-by-second raw biometric data, you need to pay $50/yr to export your information.  While there’s an API, you can only retrieve daily information unless you have “Partner API” access. That’s total bullshit and really precludes me from giving them any of my money.

The Microsoft Band first leaked last night (due to an OS X App Store publishing slipup), and then subsequently was announced last night (along with the website and online purchasing). It includes a nice suite of sensors including a very responsive optical heart rate sensor, GPS (turned on only for workouts), skin temp, GSR, and UV sensor (manually activated). It has apps for syncing via Windows and OS X via USB, and iOS, Android, and WP via BTLE. Battery life is lower than the Peak or Surge (2 days) and it’s “splashproof” and not submersible, but you get some slick alerts and a capacitive (OLED?) display.

Here’s some running commentary:

• After the Band website had launched, I called a nearby Microsoft Store (in West LA) shortly before closing to see if they would have these in stock tomorrow. I got a “we can’t talk about future products” response, event after telling them I could order it online. What’s crazy is that when I checked the Microsoft Store site later, their main promo carousel was talking about the fitness launch event. After I saw that I just ended up just rolling into the local store in the morning (who knew that even existed?) and they had the displays set up w/ demo models for sizing. Of course, the store was empty, but it still took a bit of waiting around to get helped. Coming from the clockwork customer-oriented efficiency of Apple Stores, the whole shopping experience was a bit surreal to be honest.
• I set up the Band right outside the store – it took about 10 minutes to do an initial sync and registration via USB on the OS X app and to download the iOS app and pair it with my iPhone 5S. I think the instructions/guidance could have been a little better, but I didn’t run into any problems – it all worked rather pleasantly, and I was up and running. Syncs/updating preferences from the apps have all worked quickly and seamlessly, which is very different from the sluggish/always-seems-like-it’s-going-to-fail feeling I get when syncing my B1.
• I spent most of the day wearing both the Band and B1 on my left wrist. I first went walking counting 100 steps a couple times, and both devices did a pretty good job (+/- 2 steps).  When I checked, the B1 was at 1035 and the Band was at 360 (+675). Right now, the B1 is at 3602 and the Band is at 2958 (+644). That’s pretty good.
• The heart rate sensitivity looks very good – the numbers between the two seemed to be pretty similar between the B1 and the Band, however, while the B1 was static, the Band looks like it refreshes every second on the main screen. That being said, it seems to be pretty sensitive to position/how secure the device is on the write. Right now when drilling into the details (tap on the main screen, two swipes left) was “locked” vs “acquiring” about half the time. Locking seems to take about 3s on average. Earlier in the day this seemed a lot better. It seemed to be very responsive when I was trying a workout.
• The UI on the Band itself is pretty good – swipes are responsive and it wasn’t hard to figure anything out. You sometimes have a dialog to choose from (alarms, notifications, etc).  The only really annoying thing so far is that you need to press the somewhat inconvenient center button to activate the device. I wonder if it’d be better on the left corner (since the way it’s shaped means it’s less embedded there) or if there’s a way for a purely capacitive unlock (like a full swipe, or even a tap). The tiles metaphor works great – these tiles (and all notifications) are also completely customizable (order, on/off) from the mobile app. There’s a watch mode which shows the time, but it’d be nice if there was an option for the display to be inactive and for it to show the main-screen info when you lift your wrist a-la Android Wear/Apple Watch. Interestingly, it appears to be an LCD, not an OLED (the blacks aren’t true black). I wonder what that means in terms of power consumption for the display.
• The UI on the iOS app is clean and very Metro-ish. The only real weird thing with it was the “Save”/”Cancel” buttons. I sort of just want to be able to apply or swipe out I guess? Syncing/pushing updates/preferences seems to happen reliably/not take too long. The “Home” screen is not so useful to start out with. A bunch of these aren’t clickable.  I also wish it’d display battery time remaining on the Band device as well.
• I did a “Run” to test out the GPS and fitness tracking.  It records in your “activity history.” When you start, it enables the GPS, and allows you to start your workout while it gets a fix, or you can wait for the GPS fix (took about 30s). I did a 10-minute walk around the block and it ends up w/ a summary w/ all the information you’d expect (start time, duration, calories burned, pace, avg/hi/lo hr, ending hr,  splits, etc).. .The GPS trace looked pretty good to me:
  
• So, that’s all good, but what I haven’t figured out yet is how to access all the passive data it’s tracking. There doesn’t seem to be anything in the mobile app. Here’s the data that the Basis web app provides for example:
  
• I tested some notifications (text, incoming call) and they seem to work fine. There’s a whole bunch built in that you can individually enable/disable (and also remove the tiles entirely from the device. There’s also a notification center tile that presumably shows you all notifications from your phone. I don’t really care/can’t be too bothered by any of that -Google Now/Siri support would be useful, but honestly what I’d most like is to be able to be able to simply tell the Band when to switch modes or annotate activities via voice.
• The last big thing right now I’d say is comfort. While it’s not that physically bulky, it’s actually pretty dense and feels much heavier than the Amiigo or the B1. Also the shape is awkward – the inside of the main screen/processing unit is completely flat, and the optical HR sensor is raised up on the bottom size. In order to get good readings it seems that you need to make sure it doesn’t wiggle too much so you have to press your wrist into a pretty funny shape.  I’ve actually found that I can’t comfortably wear the Band with the screen facing outward. On the other hand, with the wrist band inward, it makes typing on a desk incredibly awkward.  There’s a adjustable buckle which is clever, but I sort of want to be able to slide it around.  Honestly, it makes me a bit sad because while I really like this device, if I can’t get used to wearing it in the next few days, I’ll probably return it.

My current two questions:

• Comfort: can I get used to wearing the Band? (it took me a couple weeks to get used to wearing a watch after a decade without one)
• Data: can I access all the data that the Band is recording
  • You can see the step and HR details when clicking on the Home summaries
  • Other sensors?
  • How is Calories calculated? Is it also extrapolated when you’re not wearing it?
  • Can BMR be factored in?

I’ll be updating this as I use this/discover more, and maybe with some more links as well…

• First Impressions of the Microsoft Band after a half marathon – most detailed (real world experience) writeup I’ve seen so far
• Wearing the Microsoft Band, the next big thing in fitness tracking – David Pierce seems OK w/ comfort, but talks about the size/weight
• Microsoft Band Day 1 Review – reddit /r/fitness discussion
• Windows Central Forums: Microsoft Band – the most active forums I was able to find (I’d be interested in finding one that’s more oriented around fitness tracking/qs/comparison and discussion)
• Heart Rate Extremely Inaccurate, Microsoft Says Band is Entry-Level Device – interesting comparison/discussion of HR data
• Band vs GPS watch 4.5 mile comparison – running test (GPS/HR)
• @JustinAngel has been reverse engineering the Band
• This is how often the Microsoft Band checks your heart rate
  • Exercise modes (Run and Workout): Heart rate records every second
  • Sleep tracking : 2 minutes on, 8 minutes off. Repeats throughout duration
  • All other times : 1 minute on, 9 minutes off, and repeating the cycle
  • Manual: You can force-check your heart rate at any time by tapping the Me Tile
• MS Band stacked up against Polar Loop (LONG) – detailed comparison to the Polar Loop w/ screenshots, etc.

Update 10/31: I went back and added a bit of a description on the notifications and UI. I also wore my band overnight, and got sleep details. The data looks pretty good, although you have to manual start/stop sleep mode for now. Interestingly, it was pretty comfortable to leave on, whereas I never want to wear my Basis in bed. I haven’t been too bothered wearing the Band today, so I may be getting used to it. I’m jonesing to get my data out of the app though…

Update 11/1: I got around to testing out my personal use case of having the correct time on the Band. The bad news: with time “auto set,” you must sync with your phone to update the time. The Microsoft Health app won’t let you sync if you’re not online. WAH WAH.  That being said, you can disable “auto set” and manually update either the time zone or the date/time on the device itself. That wasn’t so hard. Note: Basis has been selling a watch for the past two years where the time can’t be updated without an Internet connection.

Update 11/26: Just a quick update on time zones/travel. Unfortunately, like the Basis, you can’t sync the time to your phone without online access. You can manually set the time, however the issue there is that it’ll show a field for time zones, but you aren’t able to change it. You will have to change the time leaving the time zone, which will actually offset the actual absolute time, probably leading to all kinds of data recording weirdness. Boo-urns.

It’s easy to get caught up in the news of the day (right this minute: Ebola epidemic, global economic instability), or the latest big tech announcements (slightly thinner and shinier gadgets) and miss some of the mind-blowing things that continue to happen all around us.

• Is This the Future of Robotic Legs? – perhaps a rare exception to Betteridge’s law, this article is a writeup on Hugh Herr’s biomechatronics work that’s pretty astounding.

  Here’s a recent TED talk:
  

• Skunk Works Reveals Compact Fusion Reactor Details (video and some more details) – Lockheed Martin has announced some details about some promising research in fusion tech. This requires appropriate skepticism, as nuclear fusion is one of those technologies that is continually over the horizon. There’s some discussions on HN and on talk-polywell (see also: sciencemag, popsci, thepolywellblog). There are currently a number of promising Compact Fusion Reactor projects going on. If any are successful, the implications will be world changing.

Since I’m posting links:

• Kickstarter Freezes Anonabox Privacy Router Project for Misleading Funders – followup to Privacy Router Anonabox Gets $600K in Crowdfunding—And Huge Backlash. I originally backed the anonabox but withdrew after seeing the Reddit thread/AMA. Here’s some good post-facto chatter on HN. Clearly, there is demand for a cheap, plug-and-play device that can help enhance your privacy. Hopefully a non-scammy team is able to raise money for that.
• /jherico/OculusRiftHacking – I’ve been traveling sans DK2/workstation, but have been doing some documentation/support work for building Open Source Linux DK2 drivers. @okreylos in particular has been on fire and has published code and done some fantastic summaries/writeups of the reverse engineering work.
• Using virtual reality to desensitize troops – speaking of VR, this should be unsettling…

Ello blew up this week. It’s new and shiny and does some interesting things. That being said, it’s not where social networking or how we use the Internet needs to go.

If you want more reading:

• Andy on VC funding
• Aral Balkan on Sustainability/Economic logic of VC funding
• Quinn on Social Networks
• Anselm on decentralization and protocols

I had posted some of my own initial thoughts, which is that the ideal social network should be end-user controlled and distributed and decentralized. A natural pre-condition is there should be an open protocol, but it’d be worth fleshing out the type of functionality that’s required (I’ll have to revisit some relevant thinking I did in the early 2000s in decentralized SNSs, the mid-2000s on permeability/privacy, and the late-2000s on Y!OS).

FWIW, the more interesting social networking-related project I discovered is an open source, decentralized, massively-distributed 3D simulation engine called Lucidscape. It is explicitly designed for an open metaverse. (See also: Open Cobalt née Croquet)

Most people I’ve talked to the past year probably aware that VR has been something that I’ve been getting more excited/focused on.

• For those unfamiliar with what’s been going on for the past couple of years (really, kicked off by the Oculus VR Kickstarter), I have a little primer on VR on my Hackpad. It’s one of the emerging technologies I’ve been keeping track of.
• I’ve been working on a 3D Window Manager project, although the lack of Linux SDK for DK2 has been a real bummer and put a damper on my enthusiasm (not to mention technical ability to run anything)
• Oculus Connect is happening this Fri/Sat and I’ll be there. For those that aren’t there will be some liveblogging and the keynotes will be livestreamed. Here are my questions for the “Future of VR” panel

• Looks like @nvidia is seriously stepping up their VR game w/ Maxwell. All slides: t.co/xN1HRYzloc pic.twitter.com/l1cs5iXBbt

  — Leonard (@lhl) September 18, 2014

• Leap Motion has slowly been building some awesome VR functionality (the video on the page is pretty sweet)

Oh, somewhat unrelated, but an awesome Cashmere Cat set:

As excitement of Apple’s new product announcements dominate today’s press coverage, and the memory of the celebrity iCloud hacks fade to obscurity (already seemingly long forgotten), completely un-remarked and un-addressed at today’s event (a good PR move, to be sure), I felt it might be worth posting some of my personal thoughts on the matter, as the silence from Apple on the issue has been quite disquieting.

To be clear, I’m a long-time fan of Apple design and engineering, and today’s keynote is a reminder of
Apple’s best-in-class in hardware and device software. I also own a not-insignificant amount of AAPL shares, but while I’d like to give them the benefit of the doubt, it seems to be increasingly clear that Apple should not be trusted with my personal information.

It’s famously well known that despite their technical prowess in hardware and software, Apple is just not very good at hosted services. Terrible at it really. From their earliest web-based apps, to their ongoing capacity problems, or their laughable attempts at building social services (Ping, anyone?), Apple’s online components are sometimes passable or on par, but more commonly they are mediocre, not-well thought out, clunky, outdated, or just plain broken; “not serious,” was the phrase a friend used. The problem is that today, the online components are as integral to a product as the device hardware or software. They are bound together, and sadly, the weakest link will cause the chain to break. Also, unfortunately, these traits seem to carry through for security for these services as well, which is definitely serious.

Over two years ago now, a friend, Mat Honan, had his Apple account (and digital life) hacked, in much the same way (via an almost identical vector) as the recent celebrity hacks. He’s a journalist, so he wrote all about it, and got a fair amount of press along the way, appearing on news shows, getting writeups, and generally making a big hubbub about it.

If you’re not familiar with that incident, it’s worth taking a look. Also worth reading is some of the analysis on the latest compromises:

• Notes on the Celebrity Data Theft (HN discussion) – Nik Cubrilovic gives technical commentary and context
• iCloud Isn’t Safe, Because Everyone’s a Target and Apple Doesn’t Care – more info from public forums showing how wide-spread/common these compromises are
• Inside the strange and seedy world where hackers trade celebrity nudes
• The Police Tool That Pervs Use to Steal Nude Pics From Apple’s iCloud

Apple issued a terse official statement last week which denied any “breach” in any Apple systems and claimed that the accounts were compromised due to “targeted attack[s].” From a lawyerly perspective, this is perhaps technically accurate, aimed at deflecting blame and absolving responsibility, if not liability. Of course, like most such statements, especially looked at in context of the afore-mentioned writeups, it is quite misleading.

The attacks used to reset passwords via security questions and acquire iCloud access and backups were so frequent and common-place that discussions and communities had formed not just on the darknet, but on public forums/websites.

Either Apple’s security was so incompetent or negligent that they have not been aware of what was going on, or they knew, but actively ignored the issue and decided that it was not worth fixing. I’ll leave it to the reader to decide which scenario is worse.

Today, Apple announced their “Most Personal Device Ever”. They also announced Apple Pay (the only mentions of “security” and “privacy” in today’s event), and are rolling out health tracking and home automation in iOS 8.

Given their feckless track record, would you really trust Apple with (even more of) your digital life?

Some notes:

• Last week, the same day where the big Apple news was the hiring of designer Marc Newson, Mike Hearn published a fascinating writeup of his anti-spam/abuse work at Google. Maybe unfair, but it struck me as an interesting contrast.
• Over the years that these compromises have been happening, I haven’t heard of anyone that has been informed by Apple of a compromised account, or any information on their customer-facing forensic abuse team. Ignoring the larger issues of systemic security-holes (Apple can talk about “no breaches” but between non rate-limited/info-leaking endpoints, allowing resets via VPNs, lack of device pinning/access notices, they’ve left the door wide open for widely known attack vectors), what kind of support does Apple give you once your information is stolen?
• Much hoopla has been made on 2FA. iCloud’s 2FA is less useful than you might think.
• Not Safe For Not Working On – Dan Kaminsky writes about some of the implications of cloud security; also worth a read is What if I was a cloud? by iBrute‘s author. It’s obvious that cloud services need to seriously rethink how they store and authenticate personal information.
• If you’re not already using fake security answers to security questions, you should. If you are, it may also be worth considering using a password manager to store unique nonsense answers for those questions

In anticipation of my DK2 arriving in Berlin (Oculus refused to update the shipping address to Berlin, so it had to make a stop in my office in LA first; it’s currently in transit), I booted up the Linux dev box I’ve been carrying around. One problem became apparent booting up: I have a Bluetooth keyboard, but the Linux bootup sequence requires a USB keyboard because I set it up (on a whim) to run a cryptfs, and also because on an unsuccessful boot (like a powerdown) the default configuration for GRUB is for it to hang on the GRUB selection screen indefinitely (you can fix this by adding GRUB_RECORDFAIL_TIMEOUT=X to /etc/default/grub and then running update-grub).

OK, I ordered a cheap keyboard on Amazon.de. Got it.

So I’m able to boot now, except now I’m getting (this is new), kernel panics while booting… something related to the rtl8821ae wifi module… This is a little strange because this didn’t show in the office, but probably had to do w/ some combination of not being on a wired network…

Turns out, there are indeed some problems:

• Kernel panic on driver rtl8821ae – getting warm
• 10ec:8821 [Gigabyte GB-BXi7-4470R] Kernel panic in rtl8821ae – bingo, discussion is so typical
• [3.13.0-30.55] rtl8821ae Kernel PANIC due to calling incorrect function – fix committed for Trusty but only released for Utopic?

In the meantime I’ve blacklisted (you’ll need to remount,rw / from recovery) the rtl8821ae module. This took a lot of reboots/futzing, all told an hour+ of my life I’ll never get back.

Lunix, after a couple decades, still just working!

I’ve been pretty excited about the future of VR for the past few months (I’ve been gathering notes here). I was an original DK1 Kickstarter backer and have been following Oculus’ growth and development pretty closely lately. While an eventual acquisition was always a possibility (after a $90M B round at the end of last year), today’s announcement of a $2B Facebook acquisition came as a bit of a surprise, if only for the timing.

You can read Palmer Luckey’s announcement on the Oculus sub-Reddit, which doesn’t inspire much confidence, or Palmer’s comment responses, which are is a little more interesting. cliffyb and tycho have written interesting counterpoints/rebuttals to some of the knee-jerk responses.

Notch (Minecraft) has written a pretty insightful commentary, as has Max Temkin (Cards Against Humanity), which do a good job of summing up some of the unease/issues, particularly among enthusiasts and developers, are experiencing. cliffyb wrote an interesting counterpoint/rebuttal.

Rather than write something cogent and expressive, I’ll just collect some thoughts:

• From Facebook’s perspective, buying Oculus right now for $2B is a steal. As Chris Dixon tweeted, it’s the equivalent of Google’s investment in Android. It’s quite clear that VR is likely the next big computing platform. Honestly, it’s about time Facebook got some ambition about the future. (Google’s been making everyone besides Musk look pretty shortsighted) What’s unclear right now is what Oculus has to gain, especially when there are reports of not just other bidders (which probably would have been much worse for Oculus) but also that investors had offered Oculus more funding. It’s unclear whether “more” in this context means more than the FB sale, but assuming the same $2B valuation, Oculus should have been able to pick up at least another $200M. Beyond the exit price (which goes to investors and the team), the question is, what did FB offer Oculus in terms additional resources to make this worthwhile – $1B? $2B? The Oculus team certainly left money on the table, so the question really revolves around FB’s value add beyond the costs that all acquisitions entail. Hints are being dropped, but we’ll have to see what pans out.
• Part of the cringing I have reading Palmer’s announcement, of course is how familiar it is. Heck, I remember writing one very much like it about 10 years ago. I don’t doubt its authenticity/everyone’s best intentions, but having seen the cycle play out many times, I do think that the Oculus team may underestimate what the loss of independence means. Obviously enthusiasts will find it hard to root for Facebook, and developers should be justly worried (terrified, really) about Facebook’s developer/platform track record and manifold conflicts of interest, but beyond that, even though Oculus has assembled a fantastic team (the best team of creative technologists in field, and possibly across all of tech), what is the appeal for the best and brightest to work at Facebook? (That being said, I’m sure there are many bright people working at Facebook that would be excited to work on the Rift) While autonomy has been promised, maintaining focus as a subdivision of a large, publicly traded tech company has its own pressures/constraints and maintaining focus and drive requires a huge and different type of commitment over the long term.
• That all being said, people canceling their DK2 orders are being irrational. The current hardware is locked in. It’s awesome. There will be drivers available, and almost assuredly open alternatives will emerge if the worst happens. There are cross-platform APIs available, and while there’s a concerns with patents (if Facebook is serious about creating a new VR market, a commitment to FRAND licensing, open standards, and open source would do much to settle everyone’s nerves). As of right now, all the components for compelling VR are known/available. Future developments like virtual retinal displays, foveated rendering, inside-out tracking are open to whomever has