Lightbulb Math in 2016

I ran across this 2015 article on LED light bulbs in my Twitter feed today, and it reminded me of a short post I made… over 10 years ago now running some numbers on power savings from replacing 60W incandescent bulbs with 13W CFLs. I figure it might be worth running the numbers for 2016.

  • Home Depot sells a 4-pack of 60W Equivalent LED bulbs for $7.97 ($1.99/bulb). These are 2700K soft white, 8.5W, 800 lumens bulbs and are rated for 10,000 hours
  • Note, this is actually cheaper (and brighter) than the cheapest reasonable 60 Watt Incandescent A19s I could find. These are 2700K soft white, 60W, 630 lumens bulbs rated for 3500 hours (pretty good!) and cost $4.97 for a 2-pack ($2.49/bulb).
  • Philips also sells a 60 Watt Equivalent Halogen A19 4-Pack for $6.97 ($1.74/bulb). This is 2720K soft white, 43W, 615 lumens, rated for 1900 hours.
  • The EIA publishes detailed average electricity pricing – the national average is about 13 cents/kWh. Prices vary widely (as low as 9.5 cents in WA and LA and up to 27.8 cents in HI). The cheapest residential electricity rate I could find is in Chelan County, at 2.7c/kWh. They also provide Gbps Fiber. (This wouldn’t be a bad place to set up a mining farm.)
  • Before we calculate the power-inclusive cost, lets just total bulb replacement cost based on rated lifespan. The LED bulb is $1.99/10K hours, the incandescent is $7.10/10K hours, and the halogen is $9.17/10K hours. It’s somewhat surprising, that even if electricity were free/infinite and a non-issue, the LED bulb would still be over 3X cheaper than the incandescent now (post 2014 phaseout, prices will probably keep going up if you can even find standard incandescents).
  • Now, lets look at power over the same 10K hours using the 13 c/kWh average rate. The LED light bulb would use 85kWh, costing $11.05. The incandescent would use 600kWh, costing $78. And the halogen would use 430kWh, costing $55.90
  • In my 2006 post, my 110M household number stats was actually probably outdated/from previous years. In any case, Statista pegs 2015’s households at 124.59M, we can conservatively ballpark 2016 household numbers at 125M
  • We can now do a 1:1 update of the 2006 numbers. Replacing a single incandescent light-bulb per household with an LED bulb (probably a lot less common now), you would save approximately $9B over the lifetime of a single LED bulb
  • When looking at the power usage, say taking the 5 hours/evening usage from the old post (1826.25 hours/year), we end up at just under 12M MWh power savings, or about 1.5 1000MW nuclear power plants
  • Based on a ballpark distribution cost of $250M (assuming bulb+handing out bulbs = retail cost of the bulb), we end up at about $21/MWh saved, far cheaper than USD/MWh costs for any type of new power plant.

Misc notes:

  • Incandescents are almost impossible to find these days, besides as specialty/decorative versions. These vintage quad loop ones are pretty neat.
  • The LED bulbs linked above are CRI80 while the incandescents/halogens are CRI100. A high CRI (90, 93) LED bulb runs at about $4 or $5. Either way, they should in general be more pleasant than most CFLs from last decade.
  • GWB signed the EISA that had a low-efficiency incandescent phase-out (triggering the introduction of halogen alternatives, more about that here and on wikipedia)
  • Chelan County actually looks quite pretty
  • I think I had the savings cost off on my original post (fixed now I hope). Math! ¯\_(ツ)_/¯

Pardon the Dust

It’s been much too long since this blog has seem some love, but I’ve finally decided to give it a bit of a wipe down rather than give up entirely and move to Medium or something like that.

I originally tried switching to a content theme like Casper, but at the end of the day, since there were a fair number of customizations I wanted to make anyway, I decided to start with an _s based theme. Since I’m base16-based in most of my work environment, I figure I’d have a go w/ those colors.

  • New theme is on Github, nothing fancy, but you can see the commit log
  • The only thing that took a bit of headscratching was with some weird zooming on the index page in Mobile Safari. Turns out, it doesn’t like long links and will just zoom to the width. My final solution was to add some CSS word-breaking code to a mobile-specific media query (it does some weird breaks to Firefox on the desktop for example).
  • Last year I switched completely to HTTPS (thanks Let’s Encrypt!) and have been slowly making fixes when I’ve encountered them (mostly broken images/media due to HTTP redirects and mixed content annoyingness).

Desk.pm Review

I just picked up a copy of Desk.pm after reading about it on HN. At the base, it’s an ingenious, but long overdue idea – an offline/local blog-publishing tool that adopts the style of a focused-writing editor.


I’m very hopeful that this lowered friction will have me publishing more often. Desk.pm is relatively expensive to drop sight unseen ($30 on the Mac App Store) and still quite young, so we’ll see how it works out.

Current Summary (2015-01-27, v1.1 (5)):

  • While it has potential, it also has a bunch of deal-breakers for me so I can’t really recommend it right now, but this may change as it gets updated.
      • Basic editing stuff is slightly buggy (paragraphs!) or missing (embeds/source-editing)
      • Publishing model feels wrong
  • Be sure to check out the forums: http://talk.desk.pm/c/support/ideas


Here are some thoughts so far (I’ll be adding to this as I use it more)


General:

  • The minimal approach is nice, but there probably should be a bit more of a getting started guide (dismissable, of course). Also, there are a lot of hidden options, like spell-checking and some other globals should probably be something that you can set-up on start.
  • Changing the blog-post title is a lot less obvious that it should be. It took me forever to figure out that it’s under “Rename…” in the File menu or you need to hover over over the topbar and click to rename. It feels like maybe “Rename…” should be replaced with a “Post Info” palette or something, and that there should be an option for having a Title Bar/Field that can auto-hide or stick at the top (especially useful if there’s support for tags, categories, post-date, what have you).
  • Publishing is actually more confusing than I’d like as well. Ideally, I’d like to be able to simply see my state and toggle it. For example, here’s how bad/confusing things are.  Currently, I’m editing a new draft that’s saved in a “Blog”.  Great. However, when I go to “Blog > Publish”, it brings up a sidebar where I have to select my blog again, and then use a pull-down to update the status? As far as I can tell, I have to do this every time I want to update my post. It seems like I should only have to set my publish settings for a blog post in a modal once, and simply be able to publish after that. Also, it seems like I should be able to have some sort of auto-publish behavior or barring that, some sort of way to be able to tell when this saved post is different from my published post. (A slick way would be a diffing view I suppose, but something should show my last saved vs last published time and if it’s different at least).

Editor:

  • I like the Medium-style inline callouts on selection in theory, but in practice, they’re sort of annoying: I wish I could just disable it. There’s nothing there that I shouldn’t be able to do better keyboard-only.
  • Markdown auto-conversion is nice, although I do wish it was a bit more responsive. Hackpad does a better job of doing per-character vs end-of-line conversion.
      • BUG: Markdown italics doesn’t appear to auto-convert in the editor although it will work once posted.
  • The first thing I did was go to System Preferences > Keyboard > App Shortcuts and add CMD-K for link creation. I don’t know why it’s not the shortcut in the first place. However, sadly, the linking behavior is still a bit broken. If you try CMD-K on an empty selection, it does nothing, which is arguably OK behavior, but if you CMD-K with the cursor within an existing link, it should let you edit it, right? Furthermore, if you create a link with CMD-K and then with the word still selected, try to CMD-K again (say to edit the URL) it fails.
  • Doing things like adding an embed are currently impossible. I would have liked to embed a Desk.pm video, for example, but I can’t. As far as I can tell there’s no “manual HTML insertion” ability or any way to extend formatting (personally, I embed Flickr photos a lot in my posts, also I tend to use a fair amount of <blockquote> and <code> tags (<– see how that’d would be useful there?)
  • Full-screen is nice, but it’d be nice just to have an adjustable defocus/darken feature. 
  • It’d be nice to have preview as a split-screen or a sidebar view.
  • Has some serious indents on lists. Wish there was a way to style the editor.
  • BUG: There is wonky stuff going on with line-breaks/paragraphing…

Keyboard Support:

  • In general, Desk is sadly not as keyboard-driven as I would like, and not in a vim-emulation mode either, but lots of little things like the lack of proper focusing when sidebars come up, and less than ideal formatting shortcuts (compare say vs iA Writer), or the way say the linking popup disappears if you use a clipboard manager (I use ClipMenu) or tab out to grab a link. In general, I would just like to be able to use Desk.pm w/o having to touch my mouse, which doesn’t seem like too much to ask, but currently seems impossible.
  • I wish there was a Keyboard Help keyboard shortcut (cmd-/ or cmd-?)
  • Tooltips should have keyboard shortcuts appended
  • Sidebar panes are not keyboard navigable. Since those panes disappear if you type anyway, it seems like focus should change, and you should be able to get out of a pane then by either using the keyboard-shortcut again, Escape, or clicking the main editor pane.

Apple: Untrustable

As excitement of Apple’s new product announcements dominate today’s press coverage, and the memory of the celebrity iCloud hacks fade to obscurity (already seemingly long forgotten), completely un-remarked and un-addressed at today’s event (a good PR move, to be sure), I felt it might be worth posting some of my personal thoughts on the matter, as the silence from Apple on the issue has been quite disquieting.

To be clear, I’m a long-time fan of Apple design and engineering, and today’s keynote is a reminder of
Apple’s best-in-class in hardware and device software. I also own a not-insignificant amount of AAPL shares, but while I’d like to give them the benefit of the doubt, it seems to be increasingly clear that Apple should not be trusted with my personal information.

It’s famously well known that despite their technical prowess in hardware and software, Apple is just not very good at hosted services. Terrible at it really. From their earliest web-based apps, to their ongoing capacity problems, or their laughable attempts at building social services (Ping, anyone?), Apple’s online components are sometimes passable or on par, but more commonly they are mediocre, not-well thought out, clunky, outdated, or just plain broken; “not serious,” was the phrase a friend used. The problem is that today, the online components are as integral to a product as the device hardware or software. They are bound together, and sadly, the weakest link will cause the chain to break. Also, unfortunately, these traits seem to carry through for security for these services as well, which is definitely serious.

Over two years ago now, a friend, Mat Honan, had his Apple account (and digital life) hacked, in much the same way (via an almost identical vector) as the recent celebrity hacks. He’s a journalist, so he wrote all about it, and got a fair amount of press along the way, appearing on news shows, getting writeups, and generally making a big hubbub about it.

If you’re not familiar with that incident, it’s worth taking a look. Also worth reading is some of the analysis on the latest compromises:

Apple issued a terse official statement last week which denied any “breach” in any Apple systems and claimed that the accounts were compromised due to “targeted attack[s].” From a lawyerly perspective, this is perhaps technically accurate, aimed at deflecting blame and absolving responsibility, if not liability. Of course, like most such statements, especially looked at in context of the afore-mentioned writeups, it is quite misleading.

The attacks used to reset passwords via security questions and acquire iCloud access and backups were so frequent and common-place that discussions and communities had formed not just on the darknet, but on public forums/websites.

Either Apple’s security was so incompetent or negligent that they have not been aware of what was going on, or they knew, but actively ignored the issue and decided that it was not worth fixing. I’ll leave it to the reader to decide which scenario is worse.

Today, Apple announced their “Most Personal Device Ever”. They also announced Apple Pay (the only mentions of “security” and “privacy” in today’s event), and are rolling out health tracking and home automation in iOS 8.

Given their feckless track record, would you really trust Apple with (even more of) your digital life?

Some notes:

  • Last week, the same day where the big Apple news was the hiring of designer Marc Newson, Mike Hearn published a fascinating writeup of his anti-spam/abuse work at Google. Maybe unfair, but it struck me as an interesting contrast.
  • Over the years that these compromises have been happening, I haven’t heard of anyone that has been informed by Apple of a compromised account, or any information on their customer-facing forensic abuse team. Ignoring the larger issues of systemic security-holes (Apple can talk about “no breaches” but between non rate-limited/info-leaking endpoints, allowing resets via VPNs, lack of device pinning/access notices, they’ve left the door wide open for widely known attack vectors), what kind of support does Apple give you once your information is stolen?
  • Much hoopla has been made on 2FA. iCloud’s 2FA is less useful than you might think.
  • Not Safe For Not Working On – Dan Kaminsky writes about some of the implications of cloud security; also worth a read is What if I was a cloud? by iBrute‘s author. It’s obvious that cloud services need to seriously rethink how they store and authenticate personal information.
  • If you’re not already using fake security answers to security questions, you should. If you are, it may also be worth considering using a password manager to store unique nonsense answers for those questions

2013 Review in Tech

I’ve been a bit under the weather the past couple days (the dangers of hanging out near other peoples’ little germ factories (aka kids)), but I wanted to post some of my thoughts about the year in tech. The last time I did that was probably a few years ago (related).

Over the weekend a friend was going on about how this year was a crappy one for “tech” (echoing the sentiments of those crappy articles floating around, but more along the lines of lack of ambition/innovation) which I strongly disagreed with. I think the kernel of truth there is that the SF/SV tech scene is definitely caught up in a weird spiral of chasing/making less and less interesting mobile/social apps, so of course from that vantage point, it’s going to seem terrible, but from the outside, things are… pretty interesting.

  • NSA Leaks – In some articles, this was cited as some negative development, but Edward Snowden’s leaks revealed (and continues to reveal) how much the world has been changed by technology and hints at some of the implications that both as technologists and end-users, we’ve been oblivious to. It’s certainly the biggest tech story of the year, and has profound/deeply unsettling implications. It’s also kicked off a number of new projects, and made a lot of techies think harder about the things they’re working on. I think that in coming years, the world and the tech industry in particular will be better for it.
  • Bitcoin – Bitcoins, alt-coins, cryptocurrency. While it’s been building up steam, this is the year that it boiled over and it’s another development that’s more than a little world-changing. I mentioned it briefly in a rebuttal comment I made on Charlie Stross’s blog post Why I want Bitcoin to die in a fire (I don’t know about his conclusions, but on just about every point of fact supporting his reasoning, he cited inaccurate/just plain wrong sources), but regardless of what the eventual value of BTC ends up as (which this year was driven mostly by the Chinese, not media hype), whether it’s $10K/BTC or $0/BTC, Bitcoin has not only served as a solid proof of existence for the viability of truly P2P digital currency, but has also laid down a protocol/framework that makes it trivial to create your own. The classes of problems that can be solved by a distributed public ledger are numerous… There’s some more thinking I need to put on that.
  • Tesla – Finally, something out of the Valley. Between Tesla, SpaceX, and SolarCity, this was a huge year for Elon Musk, and they seem to all be converging into some techno-utopian vision that’s quite honestly, a rather refreshing respite from the totalitarian surveillance state, increasing economic disparity and general grim meathookiness going on elsewhere. If you aren’t excited about what Tesla has been up to this year, maybe you just aren’t that into tech.
  • Robots – Google’s buying spree was pretty well reported, but less well covered was Schaft’s (one of the Google acquisitions) performance at the DARPA Challenge. It scored 27 out of a possible 32 points on the challenges. That’s 84%. This year has shown some tremendous accomplishments in robotics on just about every level, most interestingly/disturbingly in drone-tech. If you haven’t read this recent brief, but intense editorial in the Guardian this past week, btw, please do: I worked on the US drone program. The public should know what really goes on
  • Kickstarter – I’ve been active (maybe a bit too active, seeing as I started getting KS spam this year) on Kickstarter this year. It’s not new, but it’s certainly gained even more steam in 2013, and I don’t see it decelerating. Kickstarter seems to be increasingly, one of the more important tools helping the Maker/DIY movement grow.
  • 3D Printing – speaking of which, another not quite new, but thought I’d mention it, we finally got our Replicator 2 in the office this year, and it’s been incredibly useful. It’s also very close to being consumer friendly/ready. Like, say if the platform would self calibrate and if the prints were a little easier to peel off… But still, getting a 3D printer is now cheaper than an office laser printer was a decade ago.
  • Quantified Self – In some ways, still nascent, but I got my Basis Watch, and I’ve been trying more than a few autologgers/aggregators released this year (Saga, Memoir, Heyday among others), but I think we’re seeing some really interesting first steps into pulling together both the data exhaust we’re already generating and combining that usefully with other things we’d like to track (beyond fitness trackers, things like the Automatic car tracker). One thing’s for sure though, things are just getting started
  • VR – I admit, my Oculus Rift Devkit sat unloved and completely unopened for months. It’s been a hectic year. I did finally get around to break it out and try out about a dozen demos, and it was great, and also left me motion sick the rest of the night (I’ve played FPS/TPS’s for decades w/o problems). Carmack’s full time commitment and the news coming out of the community has me hopeful that they’ll have that problem licked, but it’s been pretty exciting following along. For those interested in what’s going on, I recommend Road To VR
  • Open Hardware – this is an ongoing thing that isn’t new in 2013, and has also been greatly helped by Kickstarter, but there’s just a ton of interesting stuff happening in the cheap microcontroller world akin to the early web days. I’ve been poking around with a lot of this stuff, but this year, got pretty serious about it, doing a fair amount of soldering, exploring/evaluating pretty much every single ARM dev board around, and getting my first PCBs printed. Again, we’re going to see a continued proliferation of interesting hacks/automation/sensors as it gets increasingly cheaper and easier to program the world

I think most of these things point to how wrongheaded talking about these things in context of a year are though – tech is incremental, and it’s hard work. You can bet anything that’s being announced, let alone making a big splash probably took quite a bit longer than a year to get there.

I’ll also link to Some Notes on Labor, Technology and Economics that I wrote about earlier this year. 2013 started out on sour note and what’s been going on in the world this year has definitely given me some pause.

We’re none of us getting any younger, and the pace of innovation continues to increase though, so here’s to the next year. Let’s hope we can make it a better world.

ADDENDUM: Putting this here since it’s related. Not really an innovation per se, but a tech problem that may be reaching a breaking point – we continued to see bigger and bigger data breaches (Adobe, Target, SnapChat) by cyber-criminals. Will 2FA finally replace Passwords? Is there a different security model that can more effectively handle APTs/inevitably compromised networks? Is there a way to expire/invalidate leaked data or will fraud models improve enough that it’s OK that black-hats and script kiddies around the world trade your personal info? In traditional security, the deck is always stacked against the defense, but it makes me wonder if there’s not a way of changing that – after all, the physics of software (if not software engineering) are malleable…

2013 Geek Reading:

Why Automation Is Problematic

It’s Labor Day here in the US, and automation and its implications is something that again, has been weighing on my mind.

Here’s the short, to the point summary in two graphs:

Changes in Productivity and Hourly Compensation since 1948

Change in Productivity and Wages since 1979

To spell it out: the fundamental problem with automation is that when workers (lets call them the “proletariat”) are displaced by automation, they don’t see any of society’s productivity gains – those benefits are instead captured and concentrated by a smaller and smaller set of owners/capitalists (lets call them “bourgeoisie”).

Economic and technological logic is no doubt going to inexorably drive this displacement, but it’s not going to address the resulting social instability creating a massive and literally unsustainable underclass.

Related recent articles/discussion:

Fixed the Glitch

I think this Hacker News back and forth (in response to new that the NSA will be cutting sysadmin staff by 90% to limit data access) cuts right to the heart of the matter.

zaroth:
But who will manage the systems that are managing the systems? I’m sure this will work out brilliantly for them when systems crash, or hackers start exfiltrating their data, and there’s no one left to analyze the logs and discover and fix the holes.
The problem at the NSA isn’t that there are too many sysadmins, although apparently that plays well with tech illiterate politicians. The problem is too many morally unconscionable programs which lead to a growing revulsion in the ranks.

Mr. Alexander defends his agency’s conduct and claims the press is distorting the facts. “No one has willfully or knowingly disobeyed the law or tried to invade your civil liberties or privacies,” he said. “There were no mistakes like that at all.” Except we know that even FISA says that’s not true, in a report so damning apparently even elected members of congress can’t read it.

I have news for you Keith, blanket collection of the “meta-data” of every call on Verizon’s network is ex vi termini, invasion of privacy and civil liberty. DEA’s SOD (Special Operations Division) handing off your clandestine intercepts to civilian law enforcement is just the latest, but not the last, sickening revelation. The leaks won’t stop until you stop, and I hope your hubris continues to blind you to how close the political tides are to turning against you. It seems to me that your ‘ends justify the means’ mentality conflicts with your sworn oath to uphold the Constitution, and I can only hope history will look back on this whole endeavor as a dark stain in American history, and view you like a McCarthy of our time. Machiavelli would be proud of you, sir.

rhizome:

The problem is too many morally unconscionable programs which lead to a growing revulsion in the ranks.

Au contraire, it’s extremely morally conscionable to people who see law enforcement as a noble profession empowered to rid the nation (and beyond) of people they see as the scum of the earth. These programs are run by people who, I can guarantee you, do not wake up in the morning wondering what morals and ethics they can ignore that day.
However.

“No one has willfully or knowingly disobeyed the law or tried to invade your civil liberties or privacies,” he said.

And he’s right. And that’s the problem: these things are likely not against the law. The law has both been perverted inch by inch and the agencies have been allowed to operate under looser legal interpretations than you and I receive for parking tickets. This means that to the degree that laws exist that permit their behavior (PATRIOT Act, FISAA), those who would constrain them to even the loose boundaries do not (and by all accounts refuse to) do so. This goes for the FISC as much as Dianne Feinstein and Eric Holder. This means they can say it’s legal for them to do pretty much whatever they want. So now what?

I wish I could agree with the zaroth and the optimists – the romantic view that as they squeeze tighter, as they transgress, actors of conscience will react or that as Assange posits, that authoritarian organizations will become less effective as the secrecy cost increases (PDF link to Assange’s 2006 essay State and Terrorist Conspiracies), however sadly I feel that this reduction in numbers will have quite the opposite effect.

While it’s easy (and satisfying) to decry the opposition as evil from my experience, the idea that no one (well most) people are not the villains of their own story seems to reflect reality much better (see also guardian organizations in particular are predisposed feel paternalistic. This is only magnified by a culture of hidden, hoarded knowledge, secrecy and elitism (“if you only knew what I knew”). Depending on your location on the libertarian/authoritarian political compass, your skin may be crawling a bit reading this description, but certainly those involved in this total surveillance view themselves as professional and honorable – their duty is to serve and protect those that (by design) don’t know any better.

However, there of course must be those within the organization that will have qualms and doubts. After all, history has shown again and again the inevitable progression of unchecked state power against its citizenry, especially when an organization can act in secrecy and with impunity. And of course there are those that, having been brought up with the belief in liberal democracy (you know, the Constitution, the Bill of Rights, the Federalist Papers) would have a very hard time indeed justifying secrecy and actions that would fall under what many would consider the very definition of tyranny. And of course, some of those individuals must also be concerned about what it means to society to have total surveillance, archived forever, and searchable instantly. This combination of the panopticon and the memex has never existed before and its existence (and now the public knowledge that it is controlled by a state actor w/ no meaningful oversight) and I suspect its impact and consequences has yet to be fully digested by society at large…

All this is a long way to say that there surely are those working at the NSA that have doubts – but as this continues to polarize, the ranks will only further close. Those that have the strongest doubts will leave or be forced out, but the Death Star is already fully operational, and there will be more than enough authoritarians, opportunistic, power-hungry, and just plain sociopathic boots to fill the ranks. And as those that would resist the trends towards aggregating more power and authority leave, so will the last remaining internal checks and balances (the external ones having disappeared long ago), leaving the organization more focused, in fact accelerating the slide towards… well, something that will no longer be much of a democratic republic in function, if not form.

Without drastic changes (full transparency, full oversight), this logic feels inescapable, inevitable. The truism about power and corruption seems apropos here.

That’s not to say that the issues of digital privacy and surveillance wouldn’t otherwise be a problem, that cat’s certainly out of the bag, but there’s a clear difference between the commerce vs the state (that centers on the monopoly on violence).

It’s also not to say that the society automatically becomes some sort of Grim Meathook (well, unless you’re poor in which case it already is, or if you decide to stand in the way of the Harkonnen fist). After all, in this new society, you capacity for autonomy will depend primarily on how innocuous/complicit you are within the system (also, being rich never hurts) – this, perhaps alarmingly, is not so different from how it’s always been.

OK, this is much longer than I was planning on, and has turned out to be a bit of a ramble that certainly lays out a lot of rope at least as far as my thoughts on political theory goes. I wish, that after quite a lot of thinking and processing, that I had some better conclusions, but … I don’t. Oh, here’s a catchy one:

Welcome to the future. Enjoy your stay.

Obama’s Speech at Woodrow Wilson Center

Full transcript here.

This Administration also puts forward a false choice between the liberties we cherish and the security we demand. I will provide our intelligence and law enforcement agencies with the tools they need to track and take out the terrorists without undermining our Constitution and our freedom.

That means no more illegal wire-tapping of American citizens. No more national security letters to spy on citizens who are not suspected of a crime. No more tracking citizens who do nothing more than protest a misguided war. No more ignoring the law when it is inconvenient. That is not who we are. And it is not what is necessary to defeat the terrorists. The FISA court works. The separation of powers works. Our Constitution works. We will again set an example for the world that the law is not subject to the whims of stubborn rulers, and that justice is not arbitrary.

This Administration acts like violating civil liberties is the way to enhance our security. It is not. There are no short-cuts to protecting America, and that is why the fifth part of my strategy is doing the hard and patient work to secure a more resilient homeland.

Hacking the Ouya

I’ve made a public Hackpad (I like it and have been using it more and more, although not without reservations) to gather some notes/docs on getting Linux to run on Ouya.

I’m a fan and hope they succeed as an additional channel for indie gaming, but the short of it is that despite some previous claims/hopes, the Ouya is completely hacker unfriendly (bootloader locked, GPL-violating lack of Linux kernel sources, no one at the company answering their emails).

If you’re looking for anything besides playing Android games, you should look elsewhere (there are many alternatives).

So it’s off to the land of misfit gadgets for mine (aka the pile on my workbench) or to gather dust w/ my XBox, but was fun to d/l Gordon’s Beast Boxing Turbo demo and play it on the 70″ screen in the office.

View Ouya Hacking on Hackpad.

MasterCard SecureCode and securesuite.net

Today was my first time encountering MasterCard®SecureCode™ when making an online order. I honestly thought I was being phished. Here’s where I got redirected to.

Going to https://www.securesuite.net/ gives you a nice blank page. And here’s the whois information:

Registrant:
      cyota
      yaron shohat
      174 Middlesex Turnpike
      Bedford, MA 01730
      US
      Phone: +1.8665606153
      Email: 

   Registrar Name....: Register.com
   Registrar Whois...: whois.register.com
   Registrar Homepage: www.register.com

   Domain Name: securesuite.net
      Created on..............: 2002-08-23
      Expires on..............: 2012-08-23

   Administrative Contact:
      RSA
      Network Operations
      174 Middlesex Turnpike
      Bedford, MA 01730
      US
      Phone: +1.8665606153
      Email: 

   Technical  Contact:
      RSA
      Network Operations
      174 Middlesex Turnpike
      Bedford, MA 01730
      US
      Phone: +1.8665606153
      Email: 

   DNS Servers:
      pdns3.ultradns.org
      pdns4.ultradns.org
      pdns2.ultradns.net
      pdns1.ultradns.net
      pdns5.ultradns.info
      pdns6.ultradns.co.uk

Who’s cyota? Who’s yaron shohat? And what fucking moron at RSA thought this was a good idea? Here’s the Google results for securesuite.net phishing. Doing a search for Securesuite.net does not return Visa or Mastercard’s official sites…

Well, it turns out securesuite.net isn’t a phishing scam, after doing some Internet searching, digging up direct links from Mastercard.com, and calling MasterCard directly to get verbal confirmation and to give them a piece of my mind. It’s not a scam, it’s just moronic and a phishing scam waiting to happen.