January 4, 2020
Catalin Cimpanu on zdnet.com:
Song said the exposed database — an Elasticsearch system — was not a production system; however, the server was storing valid user data.
Elasticsearch is a really powerful tool, but it loves data. The more the merrier. If you designed a safe(ish) production environment and change management process for it — then things should be ok. But dev environments usually have more relaxed rules - which is ok, they also have less less data to work with - which is a pain to test, which usually leads to “lets just copy prod data for a test” - which becomes the weakest link in your security chain without you realizing it.
Song confirmed that the leaky server exposed details such as the email addresses customers used to create Wyze accounts, nicknames users assigned to their Wyze security cameras, WiFi network SSID identifiers, and, for 24,000 users, Alexa tokens to connect Wyze devices to Alexa devices.
As a big Wyze user: dammit.
December 16, 2019
Tidbits for 2019 Week 50
- Photo Editor : Pixlr Editor - 2020 version pixlr.com
- I’d buy this Apple TV Remote in second if available internationally. Update: it is just $20! someone in Zürich please buy me this.
- Craigslist Launches Mobile Apps. This AppStore thing might take off. 9to5mac.com
- Plex launches ad-supported streaming service in over 200 countries. techcrunch.com
December 2, 2019
Tidbits for 2019 Week 48
- Dual-screen Android/Linux Cosmo Communicator is out. I love this modern Psion Series 5 exists, just can’t justify one. zdnet.com
- Add CarPlay to Any Car With an Android Tablet and Adapter redmondpie.com. This is very hacky, but still intriguing.
November 28, 2019
Denise Grady on nytimes.com:
A lifelong swimmer leapt into deep water near his lakeside home, and was horrified to find himself completely unable to swim. Had his wife not rescued him, he might have drowned.He had recently received an electronic brain implant to control tremors and other symptoms of Parkinson’s disease, and somehow the signals from the device had knocked out his ability to coordinate his arms and legs for swimming.
What the heck? Just one initial study, but interesting to see where the research leads.
November 27, 2019
Enrico Campidoglio on his blog megakemp.com:
[…] git pull isn’t actually a core command per se, but rather a combination of two other commands: git fetch and git merge; the former downloads any missing commits from a remote repository, while the latter merges them into your current branch.
Very educational post, and great recommendation. I’ve been bouncing off the article here in the office, and even if you don’t go ahead with his reco, the discussions started have been useful.
November 25, 2019
Tidbits for 2019 Week 47
- Looom iPad + Apple Pencil artsy looping animation app. Keeping an eye for when it’s out.
- Legra, render your image using Lego like bricks.
- The 50 best nonfiction books of past 25 years. One down, many to go. slate.com
- Open source illustrations kit, free for commercial and personal use. Good to keep around. illlustrations.co
- Maxtand portable sit-to-stand desk. Very temped to back this. kickstarter.com
- Spark iOS updated with new design and more customizable UI. Will give it another try.
November 20, 2019
The Wizard and the Prophet: Two Remarkable Scientists and Their Dueling Visions to Shape Tomorrow’s World
The Wizard and the Prophet: Two Remarkable Scientists and Their Dueling Visions to Shape Tomorrow’s World by Charles C. Mann
Some books are hard to put down, this one was hard to abandon. It took me most of 2019 to read it, and although it’s long (~600 pages), the slowness was mostly because some of the ideas had to be digested.
The Wizard and the Prophet was a strange book for me. It’s the typical show-off book to causally mention you’re reading, but I struggled with it silently. It’s surprisingly, or even purposely, not an opinionated book. Even though it deals with many of topics I’d argue loudly with my uncle. It’s a extremely factual book, with the only preaching it hints at being: to always look for some unseen impact in all the simplifications that are required to arrive at these facts.
Above all it’s a calming book. It has a soft cadence that would make me read, stop, think, and picture many of the ideas. Lastly at least for me, it’s a humbling book. Many concepts that I attributed to recent fads, or corporate marketing are shown to have origins decades, and even centuries, in the past. It shows people that died not being rich, even though their work has improved my life even more than a smartphone or an app even could.
I can’t recommended it enough. I even bought a copy for my uncle — not to argue, but because I’m curious if given the facts, we can have a more intelligent argument.
November 18, 2019
Ryan Hanson on medium.com:
With Catalina, Apple made some incremental updates to macOS’s built in window management, including the addition of default menu items for tiling windows left and right in the “Window” menu for an application. Interestingly enough, we can actually configure keyboard shortcuts for these menu items directly within macOS.
It didn’t even occur to me to configure with the default keyboard shortcuts functionality. Giving it a try this week in with a slight modification:
This way I can have both the full Window style and also the simpler move to side of same screen mode.
November 18, 2019
Tidbits for 2019 Week 46
- Drafts Mac Beta with support for actions is out. This post being generated via my Dropbox Action.
- New MacBook Pro 16 is imminent according to Mark Gurman on twitter.com
November 14, 2019
Dave Teare, founder on blog.1password.com:
Accel will be investing USD$200 million for a minority stake in 1Password. Along with the investment — their largest initial investment in their 35-year history — Accel brings the experience and expertise we need to grow further and faster.
Hmmm… color me worried. While it’s not a marketing filled PR post, it’s a bit light on details. The one thing that jumped at me was:
Security is a process, not a product. 1Password already has the most modern security design, and Accel will help us take our processes, protections, and research to the next level.
Ok, I buy this. Just like anti-virus apps evolved from static definitions to behavior analysis, I can totally see how the next step in the _password maintaining _toolset is something that requires a lot of investment.
I’ve been a 1Password user for 11 years: it’s the first app I install on any new devices (Mac or iOS) and my trusted app given it’s function.
I’m totally along for the ride, and trust their love for the product. But still, it worries me.
November 13, 2019
Rui Carmo on taoofmac.com:
This oddly shaped, unwieldy chunk of purple plastic (which is around 6cm to a side, if you’re wondering) has been on my office desk for nearly twenty years now, and despite it being fundamentally useless (it doesn’t even make for a good paperweight) I keep it as a daily reminder of how dogma and preconceived notions can turn well-meaning engineering into a massive iceberg of technical debt.
Great story from the dinosaur days of the web on telco infrastructure design and implementation.
November 13, 2019
Press Release on apple.com:
The new Magic Keyboard also features a physical Escape key and an inverted-“T” arrangement for the arrow keys, along with Touch Bar and Touch ID, for a keyboard that delivers the best typing experience ever on a Mac notebook.
Great, now I just have to wait for this keyboard to trickle down to the 13in or the MacBook Air. Maybe looking at an aligning of planets next year of new keyboard with ARM processor.
November 12, 2019
In a major victory for privacy rights, a federal court in Boston today ruled that the government’s suspicionless searches of international travelers’ smartphones and laptops at airports and other U.S. ports of entry violate the Fourth Amendment.
This will go back and forth, but I hope this interpretation holds. It feels very un-American to have your devices searched at the airport.
November 12, 2019
Jason Fried on m.signalvnoise.com:
Basecamp Personal includes 3 projects, 20 users, and a gig of storage space. So kick off a couple projects, invite some friends, family, teammates, or volunteers.
At some point I organized everything on Backpack, the predecessor to Basecamp. Their tools are very opinionated on design and functionality — but if they work for you, they’re extremely well designed.
November 11, 2019
CJ Chilvers, on www.cjchilvers.com:
Every morning, set aside some time to start your day by writing in a stream-of-conscience way. No editing. No censoring. Just keep the pen moving (pen and paper tend to work better for this).
Did this for a while earlier in the year and it felt very cleansing(?) . This time around I’ll try to do some habit stacking for before I grab my iPhone.