If you’re happy with Kubuntu 14.04, I wouldn’t go jumping to 16.04 just yet

I’m running Kubuntu 14.04.4 on three very different systems. My main PC sports a 6-core AMD FX-6300 CPU at about 4.2 GHz, 16 GB RAM, a 2 GB FSX Radeon R7 360 graphics card and 6 TB of HD storage between multiple drives.

The second most-used computer in my arsenal is a Lenovo T510 laptop. It has an Intel Core i5 CPU at 2.5 GHz, 4 GB RAM, and a 1 TB HDD. It also runs Kubuntu 14.04.4.

The third, a much less powerful one works as a web server that occasionally serves up video to a monitor in the bedroom. This computer also runs Kubuntu 14.04.4. This one has a 2-core AMD Sempron 2650 CPU with 4 GB RAM and a small 320 GB HDD. No, this is not the server that hosts this blog. Its purpose is very specialized and is never connected to more than three clients at a time, usually only one.

Canonical, the company that oversees the core source code that goes into all of the Ubuntu derivatives such as Kubuntu, Xubuntu, and Mint, named version 14.04 “Trusty Tahr”. And TRUSTY it has been. I’ve been using Linux on my personal machines since 2010 and Trusty has been the most useful, powerful, and stable OS I’ve had the pleasure to use. Everything is customizable and customize it I do. I’m thankful that it’s a long-term-stable version of Ubuntu and is supported until April of 2019.

Unfortunately, I cannot say the same about 16.04, code-named Xenial Xerus. This, too, is an LTS (long-term support) version. I tried it on the main machine and laptop both and found it to be rather buggy. Video would flicker, sometimes quite badly, when moving windows around the screen. I tried to change the video drivers but Update Manager hangs searching for updates. I installed an Nvidia driver via the command line but when the computer rebooted, I got a blank screen, which I was able to fix from the command line by uninstalling the proprietary driver (the new Nvidia card died shortly thereafter and was replaced with an AMD card – I should have known better). The DavMail icon doesn’t fit in with the taskbar notification area. Dropbox finally got around to fixing their missing notification area icon (too bad they won’t fix this in 14.04). Every now and then, some process or another would crash for some unknown reason and I dutifully allowed KDE to send the error report. When Private Internet Access could not establish a connection to the VPN, my tolerance for bugs hit its limit and I went back to 14.04.

The process reminded me of some previous *buntu updates. Canonical forces the release twice a year, ready or not. And that’s the sad part. I wouldn’t christen a new ship that still has leaks to fix. Why in hell would I release software with glaring bugs galore? I should have known better. A lot of people won’t upgrade from one version to another until the new version has been out for several months. This usually gives the maintainers enough time to fix most of the obvious bugs. I don’t recall having this many problems with 14.02, but if I remember correctly, I didn’t upgrade until 14.04.2. Lesson learned. When 16.04.2 comes out, I’ll test it in a virtual machine first. At least with Linux, I can reinstall my OS and all of the software I use in about an hour; a chore that would take all evening with Windows.

 

 

Hey web developers – what looks OK on my phone looks like shit on my 24″ monitor

Guess where I spend most of my time on the internet?

a) sitting on my couch with my head pointed down toward my phone

b) sitting at my desk at home with a full-sized PC sporing two 24″ large monitors

c) sitting at my desk at work with two (rather crummy by comparison) monitors

This may come as a shock to you, but both b & c are correct answers. Yes, I pull up the browser on my phone on occasion, but truth be told, the World-Wide Web is ALWAYS better experienced on a full-sized screen, even when it’s the puny 22″ monitor I must suffer with at work. Thanks to “pinch and zoom”, websites on my phone are almost as useful (which depends on how well the site is coded…)

My point is this: when I’m on your website on my home PC, work PC, or laptop, I expect to get the most out of my screens. I paid almost $400 for the monitors at home plus another $120 for a graphics card to feed them so I’d appreciate you saving the login and password boxes that take up the entire horizontal width of my screen for the smartphones and even then, only for those who WANT the Fisher-Price layout. Oh, so your boss told you to quit coding for multiple user agents? Well your boss is a dick. It doesn’t take THAT much more effort to code for both. If it does, you’re doing it wrong.

Why I’m leaving Facebook

fakebookIn short: I’m tired of the manipulation. For a long time now, Facebook has been picking and choosing what people see and I’ve had enough of it. I’m tired of the echo chamber. Facebook sucks and I’m done.

As I think most people have noticed, Facebook is constantly trying to shove “Top Posts” down our throats instead of just letting us see the posts in chronological order. “Top Posts” are those posts from friends (and advertisers) that Facebook thinks you’re most interested in seeing. Over the past few years, I’ve found myself constantly having to change the newsfeed from “Top Posts” to “Most Recent” so I can get a chronological feed. For some reason, Facebook hates this because no matter how many times you change the setting, they eventually switch it back to “Top Posts”. I eventually installed a Firefox plugin called FB Purity that put a stop to this nonsense.

But the worst part of the Facebook experience is the newsfeed filtering that we can’t do anything about. Even with “Most Recent” turned on, if you think you see all wall posts from everyone in your friends list, you’re in for a surprise (I was). They have an algorithm that sorts through the wall posts from all of your friends and based on criteria such as how often you interact with those people, what common interests you share, etc., they determine what posts you see. In other words, if you and your Aunt Sally are always exchanging recipes, then Facebook will make sure you see most all of Aunt Sally’s posts. However, your cousin Bob may share a recipe now and then but you’d never see them because you don’t interact with cousin Bob very often on Facebook. In fact, you might not ever see them unless you actually go visit his “wall” page.

This is where the biggest problem lies. Just yesterday, my daughter posted something on Facebook which included a reference to her pregnancy. I’ve known she’s pregnant for the past couple of months but she hadn’t yet posted it on Facebook (at least I didn’t THINK she had). I made the comment, “that’s one way to break the news to the world”, to which she replied, “I already did last week, Dad.” Of course, I never saw it because Facebook didn’t think I’d be interested. Instead, I ended up looking like an idiot. Fuck you, Facebook.

Thankfully, I’m not the only person to notice this. The Guardian did a story on it 2014 when Facebook was caught red-handed using these filters for social experiments by psychologists. Facebook claims that these filters are “Essential”. From the Guardian article:

“Essential? Why can’t Facebook just show me an unfiltered feed?

“Because, it argues, the results would be overwhelming. ‘Every time someone visits news feed there are on average 1,500 potential stories from friends, people they follow and pages for them to see, and most people don’t have enough time to see them all,’ wrote Facebook engineer Lars Backstrom in a blog post in August 2013.

According to Lars, we should be thanking him for saving us from having to stare at our newsfeed for hours on end just to see what our friends and relatives are up to. Of course, nobody does that, right?

“With so many stories, there is a good chance people would miss something they wanted to see if we displayed a continuous, unranked stream of information.”

So you see, according to the wizards at Facebook, you really don’t want to see cousin Bob’s recipes, so they’re not going to bother showing them to you. Meanwhile, poor Bob gets the impression that no one cares for his recipes when in fact, the people who might care never saw them. This is the most troubling aspect of the newsfeed filter: it results in a sort of social engineering, intended or not.

Facebook never asks what you want to see, they just make assumptions based on what you do on the site. It seems to me that a more fair (and transparent) way to keep people from being overwhelmed is to let THEM decide how much of this filtering (if any) they want. Let the USER throttle how many recipes they see from Aunt Sally. Instead, we all end up in echo chambers where we only see and hear from those with whom we agree and that’s fucked up. But no, just like “Top Stories”, Facebook knows best.

Except that they don’t. If they did, people wouldn’t be leaving in droves. I find myself missing the days of GeoCities and MySpace, where people had to put a little more effort into showing the world what’s going on in their lives. At least then, no one was filtering what I saw.

Facebook appears to be a dying fad. I praised it highly for helping me find friends and relatives I hadn’t seen in years. Unfortunately, many of them don’t stick around anyway. You know how it is. Someone you haven’t heard from in 20 years disappears from Facebook just as quickly as they joined. Maybe they got tired of the BS faster than I did.

I’m going to make sure my contact list of email addresses and phone numbers are up to date and check out of Facebook, at least for now. I’m not ready to cancel my account altogether, but I am taking a break. Time will tell if it’s permanent or not. The next time you hear from me, it might be an email, a phone call, or maybe just a blog post here that you took the time to check out. An occasional email exchange or a phone call seems like a better way to keep in touch anyway.

Your easy passwords make hacking easy

I recently acquired some files containing over 78,000 username/password combinations. I won’t say where or how I got them, but I broke no laws in the process and simply possessing these files are perfectly legal. After all, they’re nothing but lists of words and numbers. Sadly, there is no additional information. I don’t know the source of this data. Facebook’s servers? Yahoo’s? Google’s? I have no clue. I loaded them into a mySQL server and have been having some fun looking them over.

Unfortunately, most people who connect to the internet still haven’t gotten the memo about good username/password selection. So without further ado:

A good password does NOT contain words that can be found in dictionaries (of any language), nor should they contain proper nouns (i.e. Steve, Wyoming, Korea, Google, etc.). This is because the first technique used by password-cracking software is a dictionary check. What language are you using? English? Great. English language dictionary loaded. Now, let’s guess every word in the dictionary in combination with some random numbers. This method is called brute-forcing and is very effective because people use passwords such as these (from the actual database):

carlyle
didius1
spirit
minime02
cookie
dewey34
avonlady57
mark0318
Kiera1
aquick
eureka13ak
3433748
rochelle
dasani69
Faith01
snack
ginger19
benjamin
melissa marie
chic50
dennis
dat11715
j05211520
cjn0906
CHANCE
3li2he1h

This is a random sampling of 26 passwords people have actually used on the internet. I literally copied/pasted this form my database. Only ONE is relatively secure. Did you see it? Go look at the list again, the answer is given in the next paragraph.

It’s the last one. But even it sucks because it contains no upper-case characters. This is important because it all comes down to mathematics. The more potential characters that have to be tried, the longer it takes and the harder it is to crack your password. If you use only lower-case letters, I only need to guess with 26 characters. If you use both lower and upper-case, I need to guess with 52 characters. Simply mixing lower and upper-case letters makes our passwords twice as hard to crack.

The most staunch password enforcer will insist upon your use of the special character, such as punctuation ($, %, &, *, !, @, etc.). This is indeed harder to crack. However, their use makes them difficult to remember.

A method I developed over 10 years ago creates a secure password that obeys the above rules AND is easy to use. This method works because it’s based on memorizing a phrase, rather than random letters and numbers.

Most web-based services such as Yahoo!, eBay, Hotmail, etc. require your password be at least 6-8 characters in length. Most everyone recommends at least one or more numbers and some letters should be capitalized. Don’t go over 10 characters for most services. These are the key ingredients to keep in mind.

Next, I come up with an 8-word phrase that consists of at least one capital letter and one or more numbers. A very old example that I’m willing to share publicly is the phrase “my daughter Alex is 12 years old”. Take the first letter of each word to make up the password. This translates to mdAi12yo. There you have it: a more secure password that contains letters, numbers, and no words from any dictionary. It contains no proper nouns. It can be strengthened by inserting punctuation and/or making it longer. I have one such password that is 32 characters long. I can remember it because it’s a longer phrase I memorized.

And of course, never forget, change the password every so often.

The moral of the story is this: If you don’t want your email, bank account, or other services hacked, quit using easy-to-guess passwords! As I have stated previously, my method is not perfect. However, I’ve found it to be quite effective. I’ve been using the internet since its (public) birth in 1995 and have been hacked only twice: on Twitter and Hotmail. I have no idea who or how they got in, but when I was made aware of those hacks, I closed those accounts and changed my passwords everywhere else, immediately. So far, so good

Google pairs with Ford to throw away investors’ money on self-driving cars

Google_Lost  An error I got one day with Google Maps. 2015.
Here’s another fine example of Google wasting its investors’ money on worthless technology that almost nobody wants.

Google wants their computers to drive cars. I think they should get navigation down first. Google would be better served putting its money into something actually useful like its buggy Maps application. Add some options to Chrome to make it useful, like Firefox.

Self-driving cars won’t work because cars need drivers with intuition, something computers just don’t have. Autopilot in the air is relatively easy when the nearest traffic is several thousand feet, if not a few miles, away. It’s a whole ‘nother story on the road, when a sudden decision must be made in a split second that can mean the difference between life and death.

Autopilot in a car may be more palatable so long as the driver can take control whenever they want. But not with arrogant Google. They want to remove the steering wheel, gas, and brake pedals. This is the part that really gets under my skin. In fact, I was all for their autopilot research until I saw this nonsense. You are completely and utterly at the mercy of their buggy software. The pilot in the air can take control of his/her plane whenever they want. Unless the same is true for cars, FORGET IT.

But even still, if I got my wish and they DID wise up and leave the steering and other controls in place, there will be people who rely TOO MUCH on the autopilot and they quit paying attention to the road. Hell, some will take naps. Again, that may be acceptable for a few minutes at 40,000 ft., but certainly NOT when I’m routinely coming within a few yards of other vehicles moving just as fast as I. And even at 40k feet, do you really want your pilot to be napping?