Hey, you sass that hoopy Bill Napier? There's a frood who really knows where his towel is.

I Read These 10 Books, and You'll Never Believe What Happened Next!

What happened next is that I got on with my life. But it got you to click through, didn't it? Anyway...

Margaret and I were discussing one night our 10 favorite books of all time. 5 was pretty easy to get to off the top of my head, but filling in the last 5 was a bit harder. What helped fill it in was going to my bookshelf and taking a look. I tend to keep books I like.

Rather than just list these out on Facebook, I decided that it would be more interesting to actually write a little about each book. So here goes.

The Books

The Hitchhiker's Guide to the Galaxy (by Douglas Adams)

I've lost track of how many times I've read this series cover to cover. I've got a well worn copy of first four in the series and a standalone copy of Mostly Harmless. Adams has such a unique style of story telling. Kinda manic and all over the place, with a lot of (typically British) humor of the absurd. It's never really overtly comic, and yet still has a number of laugh-out-loud moments.

Hey, you sass that hoopy Bill Napier? There's a frood who really knows where his towel is.

The name of this blog actually comes from this book.

Lord of the Rings (by JRR Tolkein)

T'was in the darkest depths of Mordor, I met a girl so fair. / But Gollum, and the evil one crept up and slipped away with her, her, her....yeah.

I was introduced to LotR rather late compared to most other geeks. I didn't read it the first time until High School. And the only reason I really leared of it was because I was listening to a lot of Led Zeppelin at the time, and a few of their songs make reference to the series (Misty Mountain Hop).

LotR was my first exposure to what I call "Epic Fantasy". There is a huge, detailed world and the reader is thurst into it with no background and has to figure things out on the fly, much like the characters in the book. I love how detailed Tolkein made Middle Earth, where even things like the phase of the moon it properly described.

Snowcrash (by Neal Stephenson)

Didn't find out about this novel or Stephenson until college, again kinda late to the game. The opening of the book is really what grabbed me. Name another book that starts off with a pizza delivery and the mob. Where does he come up with this stuff?

Snowcrash was published in 1992 and most of what Stephenson talked about was totally fantastic, definite Science Fiction. I reread the book sometime later (2004?) and was gobsmacked to see how many of the things Stephenson made up were now actual products. Google Earth. Second Life. I bet startup companies today are going back to this book today to find out their next idea, I'm sure it's in there.

Ender's Game (by Orson Scott Card)

Remember, the enemy's gate is down.

Again, discovered this book in college (same guy who recommended Snowcrash). This was back before Card starting running off his mouth about gay people, so it was still OK to read him.

A lot of Ender's game could be described as pretty typical Young Adult SF, like Heinlein "Juveniles". Exceptional kid, picked to save the world, smarter than the adults, has to overcome the bullies jealous of him. We all wanted to be Ender. All pretty typical YA coming of age store. If it weren't for the ending, this book never would have made the list. I won't spoil it for you here (even though the movie spoiled it in the trailer...), but there's quite a twist at the end that catapults a good story into a great one.

Sadly, pretty much everything else Card has written is dreck.

Name of the Wind (by Patrick Rothfuss)

Words are pale shadows of forgotten names. As names have power, words have power. Words can light fires in the minds of men. Words can wring tears from the hardest hearts.

Of all things, Margaret's randomly bought this one for me. She has a history of picking winners for me, and this one is no exception. Another epic fantasy, this time with a believable magic system underpinning the story. If you've read the Dresden Files, you'll be familiar the magic system as Rothfuss has borrowed heavily from it (he's admits he's a fan).

But the store is so much more than that. Starts off as a pretty standard YA coming of age story, like a more adult version of Harry Potter (including the school!). Except Kvothe get's kicked out of school and then we're off on an adventure.

Have no idea how this one's going to end. He's promised a triolgy and has only written two of them. There's quite a bit of story to cover in a single book....

Dune (by Frank Herbert)

My own name is a killing word

I took a course in Science Fiction as a Junior at Penn. In addition to lecture (which basically covered a lot of this history), we had to read two books each week and be able to write about them for recitation.

This weeks theme was "Epic Novels" (I'm sensing a theme). We had to read Le Guin's The Dispossessed and Herbert's Dune. I stared with Le Guin's book and it took most of the week for me to get through it. Even though it won basically every SF award possible (Nebula, Hugo, Locus), to this day I have no idea what it was about.

I was in a bind. I had recitation in under 24 hours and all 500+ pages of Dune to read. My plan was to get through enough of the book to be able to talk about it, and finish it after recitation. What ended up happening was that I stayed up all night to finish it. I couldn't put it down. Again, another Epic story of a fantastic world and of interesting people. None of the movies for Dune do the book justice.

The Robots of Dawn (by Issac Asimov)

The robot had no feelings, only positronic surges that mimicked those feelings. (And perhaps human beings had no feelings, only neuronic surges that were interpreted as feelings.)

It was summer, probalby during high school. Church Youth Group trip to Ocean City, NJ. I needed something to read, so I picked this up at the bookstore. I proceeded to get very sunburnt on the back of my legs while reading it on the beach.

This book affected me so much that I still, 20 years later, remember where I read it. It was probalby the first hard science fiction I've read (at least that made this list), and some of the idea still stick with me. Of course, Asimov's 3 laws of robotics (and the 0th law). But also the "people mover" idea, where there are treads moving at different rates, and you can pay more to ride a faster tread. Or pay a premium and get a seat.

So this got me hooked on Asmiov. I went back and read the earlier books in the series, but this was by far the best. This one is where the ideas were more mature, more distilled. The earlier books still seemed a touch simplistic.

Why not Foundation? To be honest, it's probably the better series. But I couldn't tell you where I was when I read it the first time (The second time was spring break during college for class).

Hackers (by Steven Levy)

Systems are organic, living creations: if people stop working on them and improving them, they die.

In college I got really hooked on the history of computing. Still am. Soul of a New Machine (Data General). Revolution in The Valley (Apple). In The Plex (Google). Some book on a company who failed (Sorry, don't remember the name). The book on the history of the iPod.

But this book is by Stevn Levy (just like the iPod book and the Google book). It's one of his earlier works, and I actually like it better than some of this later works. Levy has a tendancy to write his books as a series of magazine articles. In Hackers, it works because he split the book into a series of separate stories. His other books it's more annoying.

And it talks about all the stuff that happened when I was a kid, too young to participate. The Altair. The original Apple. Woz and Jobs back when they were the dynamic duo. Homebrew Computing Club. The good old days.

On a Pale Horse (by Piers Anthony)

What kind of fool had he been, to throw away romance untried?

I read a lot of Piers Antohny as a kid. And by a lot, I mean pretty much everything he wrote. I loved his work. Eventually I realized that most of most famous books (The Xanth Series) were super formulaic and started to get boring.

On the other hand, his Incarnations of Immortality series Bio of a Space Tyrant were pretty good, at least in the mind of a 12 year old boy.

Imagine that Death is job that you can work for eternity. He (and his friends Time, War, Fate, and Nature) are in a constant battle against Satan. It blew my mind and I really enjoyed reading it.

Recently I started re-reading the series. It's been nearly 30 years, and I still remember quite a bit of it. And I'm finding that it doesn't hold up that well. Not that's its dated, but more that I'm older now and things that seemed profound to a 12 year old have been proven false via experience. Plus Anthony seems to be a touch of a woman-hater, which can make it hard to read.

Phantom Tollbooth (by Norton Juster)

Ok, this is weird one. I read it in junior high. I don't really remember why it was so impactful on me, but anytime a book for a 10 years old comes up, this is the one that I point out. Looking forward to Joshua being old enough to read it so I can get him a copy.

Didn't Make The List

There were a few books that I like, but felt just got bumped off the list. I'll list them here in case your interested.

  • Old Mans Way by John Scalzi. Very good book, really enjoyed reading it and the rest of the series, but nothing from it has really stuck with me.
  • Game of Thrones by George RR Martin. Only started reading this due to the HBO series, trying to stay ahead of spoilers. It's very very good, but I don't ever see myself re-reading it. The good points are too few and far between, especially in the later books.

So, what are some of your favorite books?

My Heart is Bleeding

A funny name for a serious bug. -- Bill Napier

You may have heard about it in the news, but may be unsure of what to do about it. I know this because I've had a number of people already ask me what they should do about it. Let me enlighten you.

What's the problem?

So I'll try and explain it two ways. Semi-technical, at a level most people who are familiar with computers should understand. And then as an analogy, for those of you who don't understand the first explanation.

Technical

The bug is in openssl, which is a library used in many (many) please to do secure communications. If you see "https" in your browser, there is a chance that the site you're talking to is protected via openssl.

Without going into specifics on the bug (Check out http://heartbleed.com/ or the CVE for more specifics there), the bug (essentially) allows an attacker to access anything the webserver can access. For most websites, this could mean everything. Usernames, password, credit cards, SSN, tax returns, etc. Or even use it as a starting off point for exploiting another bug and creating a backdoor.

Analogy

When you leave your house, you lock all the doors, right? Imagine that your door lock had a bug in it (a design flaw) that allowed an attacker (theif?) access to your home without you even knowing that they have been there. Obviously they can do the easy stuff. Steal your TV and your jewels. They could also be rather annoying and steal your Social Security card and birth certificate and passport and start impersonating you (Identity theft). Or they could come in and just put up hidden cameras and bugs and a backdoor into the house so they can come and go and do whatever they want, even after you've changed the locks.

Hold me, I'm scared

So first of, not every website is affected. There are some site (I like LastPass) that will check if services you use are affected or not. As you can see from this infographic, a lot of the financial sites are fine.

infographic

Should I change my passwords then?

Short and sweet? Maybe.

Here's the tricky part. The bug has existed for 2 years. As far as we know, nobody knew about it until December (at which point the bug was fixed and a release pushed). There is a slight chance that black-hat hackers silenty discovered the bug first and have been using it prior to December, but it's not thought that is a huge risk. So even if a site you use has the bug for a bit, you may be safe.

Prior to this weeks announcemnt, the good guys (white-hats) knew about it, but that doesn't really change the risk profile. Things changed this week when a tool was release that exploited the bug to recover recent traffic sent to and from sites with the bug. This made things much riskier because it makes it easier. Anybody could download this tool, click a few buttons, and possibly catch your username and password while you were logging into the site. And chances are people did.

Keep in mind that it makes no sense you change your password until the site has the bug fixed. Otherwise you're new password will be at just as much risk as your old one.

Levels of Paranoia

If you're a tin-foil-wearing-hat kinda guy, you should probably change any and all password for any site that has ever been affected by the bug (once they have fixed it of course). This isn't feasible for most people. In my LastPass vault I've easily got 150 passwords, and I know there are some that it doesn't know about (usually due to laziness).

A more reasonable approach would be to change the password for any affected site that you've accessed since (say) 4/5/2014. (again, once they have fixed the bug). And by affected I mean affected after the tool was release. Sites (like Google) that patched it prior to the tools release are probably ok. Even if you haven't entered the password during that "risky" window, you should do it to get a new login cookie. This should protect you aginst any of those "Script Kiddies" who downloaded the exploit and immediately started snooping traffic. This is a case of fixing things that we know are a problem (we know that people are going to be doing this) vs. fixing things we think may have happened (a more sophisticated custom attack).

I can't recommend doing nothing at all. At the least you should check any important sites (as defined by you) and change your password if accessed inside that risky window. For me, this is anything to do with money. PayPal, Google (wallet/play/drive/gmail), banks, credit cards, etc. Should hopefully be a smaller list that the full 150+.

Any other reccomendations

LastPass

I'm going to plug LastPass again. the basic gist of what they do is keep track of all your passwords. This is handy so if something like this happens again, you have a list of sites you go to rather than trying to figure that list out. LassPass also has a proven record of trying to inform and protect their customers and their tool can already tell me which of my sites have been affected and if it's time to change my password there or not (depending on fixed status).

An additional protection is its ability to handle site-specific passwords, where each site has it's own unique password. If you don't have site-specific passwords, it may be possible for an attacker to gain your username/password from a HeartBleed affected site and then start trying it against "safe sites". If each site has its own password, this isn't an issue.

And I promise I'm not a LastPass shill. I get no compensation for this post, just a VERY happy customer.

Second Factor

Please turn on second factor authentication on any site that offers it. This also provides defense-in-depth as even if an attacker gains your password via another bug, without having access to your second factor, they cannot access your acount. I wish more services had this kind of setup (banks, I'm looking at you).

Further References

http://krebsonsecurity.com/2014/04/heartbleed-bug-what-can-you-do/
Krebs is great. You should just read his stuff because.

Beer Bug: Bringing moar data to your brew

Getting started in brewing beer has a minimal capital investment. For around $80, you can get all the equipment you need to brew a beer better that most of the beer you can buy in the store.

What you'll quickly find is that yes, you can make good beer with a starter kit. But there are parts of it that just suck. Like trying to get a siphon going to rack your beer (but an auto-siphon). Or post boil, getting the temperature down to where you can pitch the year (get a wort chiller). Bit by bit you keep getting things that make the process a little easier.

The Beer Bug

So I signed up to kickstart this thing back in November 2012, expecting to have it by Christmas. It ended up arriving in Feburary 2014. This is pretty much par-for-the-course for kickstarter.

Anyway, what does this thing do? In short, it measures temperature and original gravity of your brew, and uses Wifi to upload that data to the cloud. On their website, they have pretty graphs and other stuff so you can keep track of how your brew is going.

Tracking temperature is actually a really good way to make your beer even better. Basically you want to keep it within a small temperature range to control the flavor of your beer. Too warm or too cold and the yeast may give off undesirable flavors. Without the data, there's no way to control that temperature range without resorting to guessing.

Example Graphs

Original gravity takes a bit more explaining, as it's not a measurement people have heard of. Roughly, it measures the amount of solids dissolved in a solution. For brewing, this means fermentables (basically, sugar) to feed the yeast. By taking a measurement at the beginning and the end of the brew, you can calculate how much alcohol your brew will end up with.

OG is also the only way to know when you're done fermenting. If you look at the green line in the graph above, you can see the OG leveling off towards the end, indicating the fermenting is done.

Without the Beer Bug, measuring OG is tricky. To do it safely (ie. with no contamination risk), you need to sneak a sample out and use your (rather fragile) hydrometer in a tall flask. It's a pain. I usually just end up guessing when the fermentation is done (based on time) and then taking the final measurement.

I plan on getting a brew together in the next couple weeks to try my new toy out. Very much looking forward to it!

One Month with Google Glass

So yeah, I promised updates on using Glass. And then things got busy. But I've now got some time to write, so here goes some updates after a full month of using it.

Overview

I've been forcing myself to try and wear it every day. I usually succeed about half the time, and almost all of that is during the week. I'm up to almost all day with it, but around 2 in the afternoon it has to come off for a bit. But then I can put it back on again when I come home and wear it almost all night. I'm really starting to not notice it.

But I have a hard time wearing it on the weekends. It's one thing to throw it on and wander around Mountain View, it's a whole different thing to take Joshua to Gymobree on a Saturday morning with it on. Glass has gotten so much bad press with the possibility of people being "pervy" with it, that I feel very self consicous about wearing to to a class that has about 30 2 year-olds in it. And if I don't put it on then, I usually don't bother with it for the rest of the day.

But I have worn it out to Target, Whole Foods, Starbucks, etc. I've even been stopped a couple of times by strangers asking me about it. This is all expected, I mean, I have a computer welded to my head! I'm surprised I haven't been stopped more. And I'm always very pleasent when people ask. I try to be an ambassador for the future and tell them what it is and what it does and answer their questions. Sometimes people even know what it is by name, but haven't ever seen it. But most of the time they have no idea (even in Silicon Valley).

Good Things

One of the first things you must setup is the BlueTooth connection to your phone. This is vital as this allows the MyGlass app on your phone to configure thing (like Wifi settings!) on Glass.

OK Glass, Call Margaret

In addition to a control channel, Glass uses your phone (via BT) for data when outside of Wifi coverage. But Glass also implements the BT Handset profile. So you can initiate calls from Glass with a simple "OK glass, Call Margaret". And sometimes it actually works. :)

I was totally surprised the first time I got a phone call while wearing Glass. My first thought was, "What is that noise?". And then Margaret's picture popped up in my vision, indicating that she was calling. A quick "OK Glass, Answer Phone" and I'm talking to her via the built in mic and the bone-phone on Glass. The bone-phone is OK if you're just doing a quick call, or as you try to quickly switch to handset, but I couldn't see taking a longer call with it. First, the volume is kinda quiet, and I'm usually in the noisy cafe when I get calls. And second, it just feels funny on your head.

SMS (or Messaging) via Glass is pretty nice. Especially since the messages are meant to be short, so you can easily word your response and send it out. Of course, this is leading to all new kinds of "auto-correct" issues, as Glass likes to swap homonyms or simiar sounding words.

Bad Things

Going back to my first post, there is still a lot of "feeling like a tool". It can't be helped. There's just no way to use voice control of any sort without feeling like everybody is staring at you because you're talking to your glasses. Not sure I'll ever get used to that.

I say "OK Glass" ALL THE TIME. It's get's kinda boring, especially since you're think "OK PEOPLE, LOOK AT ME USING GLASS" every time you say it. Plus it's different than the voice control for Google Now (OK Google), so I get mixed up quite a bit as well.

Some of the "default" apps are so simple as to be childish. I guess they really are "sample" apps, like the timer. I want timer that works like Google Now. "OK Glass, remind me in 45 minutes to check the laundry. Not the clunky interface provided in current builds.

Wish List

OK Glass, Turn on Flashlight

I wish Glass had a "flashlight" mode. This would be super handy when I'm trying to peer into the back of the cabinets in the garage. Or maybe trying to work on the car of something where I need the light to see, but also need both hands free. Of course, this also requires new Hardware, so not something I'll be seeing any time soon.

I want a better way to build Glass apps. I understand why they are built the way they are (Glass runs Android after all), but I think there could be a better way to build apps. Like maybe some hybrid HTML/Javascript/DOM thing, that could be packaged up into an APK. Or even something more like the classic "Hypercard" paradigm. I think you could whip up a lot of pretty simple (but effective!) apps with this method, and then fall back to the Java API when you're app get's big enough.

There is no way to simply push information cards to Glass (at least none that I could figure out). Like things that I want to refer to without having to pull out my phones. Like recipes, shopping lists, lullaby lyrics. It's almost like I'm asking for better Keep integration, but I would take it in almost any form! I think this would be a really useful tool in the aresnal.

Summary

So I've not written a lot about Glass (2 long blog posts). But I don't feel like I've even scratched the surface. There are a lot of features that I haven't had a chance to use yet (like the Strava integration, or turn-by-turn nav). And they push software updates every month that will bring out new features and fix issues. So I'll keep writing about Glass as the mood strikes me and keep you updated on what I find out.

Google Glass: My First Few Days

I've now had Google Glass for almost exactly 3 days. Not enough time for a really worthwhile review, but I can at least give some first impressions.

How I Got It

Back in December, I found out that one of my friends got Glass. I was jealous. We chatted for a bit about it, and I then started really thinking about Glass. I finally put in for the Glass Explorer Program at the beginning of 2014. About 3 weeks later, I got my invite. As a big coincidence (or maybe not), I got my invite on the day my year end bonus got paid out.

It still wasn't a done deal at this point, I had my doubts. $1500 is a lot of money for an unproved product that I'm not really sure how I'll use. But what put me over was the 30 day trial. This way I would be able to try it out and see if it works for me.

My main uses cases were pretty straight forward:

  • Strava app for bicycling
  • Some way to put text in front of my when I need my hands free (cooking, etc.)
  • Capturing those moments with my son that would be hard with one hand holding the phone

The Struggles

I'll be honest. Glass is beta hardware. Even calling it beta might be generous. Reference platform maybe? In any case, I Was prepared for some rough edges and a learning curve. As of day 3, it's been a struggle.

Physical

I haven't worn glasses in over 8 years, since I got my eyes lasered. My nose and ears are still trying to get used to having this weight on them (they get sore!).

I'm also struggling to get used to actually wearing the darn things. The screen is constantly hovering above you right eye. Outside you normal vision, but right outside (so you can easily glance at it). I've been working everytime I put them on to get this placement right. Too low and you spend a lot of time looking through the screen. Too high and you can't see the screen, it's either blurry or not all of it.

Social

For me, this is the most interesting part. How does wearing Glass affect how I interact with people, and how they interact with me?

First off, it's really hard to ignore the fact that you have a computer attached to your forehead. Makes me very self concious. Kinda like when I switched back to glasses after wearing contacts for 10 years.

I'm still not sure when I should wear Glass and when I should take it off. So far, family dinner is a "no Glass" time. I don't want that extra screen in between me and my family. This is inline with "no cell phone at dinner", I don't want the possible interruptions.

How about at drinks with friends? Or just sitting down and chatting? I'm kinda torn in these cases. It feels a little rude and disconnected to have this device between me, but on the other hand, if I take it off, what was the point in putting it on in the first place?

It's important to note that Glass is pretty unintrusive. The screen only comes on when you ask it to, either by touching the side of your head, or by making an awkward head nodding motion. In either case, everyone around you knows you're checking Glass.

I think these kinds of questions are part of the reason Google is keeping things exclusive. We (as a society) need to figure out the right way wearables change how we interact with each other, and figure out what's rude and what's acceptible. I don't have it figured out yet, and probably won't have it figured out by the end of the 30 days either. But it's very interesting to think about. Let me know if you have any ideas on this as well.

Hardware

The battery life isn't that great. So far, I've gotten it to last until about 5. I'm still trying to figure out the best strategy to extend my battery life. In general, I think I need to turn it off if I plan on taking it off for an hour or more, I don't think the "suspend" mode saves enough power.

I also think the processor is a little under-powered. It feels a touch sluggish at times, especially when rendering web pages.

Also not 100% happy with Wifi performance. I seem to have a few dead spots in my house, where all my other devices work just fine. Probably had to sacrifice this to get the smaller form factor (smaller antenna).

Closing

I've only had it for 3 days. I've worn it around the house (where everyone already knows I weird), at the office (where wearing Glass isn't that unusual), and out once or twice. But not out on the street or to Targe or anything like that. I need to work up the confidence first.

So, will I keep it? Only time can tell. I'm 100% convinced that it's impossible for Glass to live up to it's pricetag. I've been viewing part of it's pricetag is the exclusivity, which is priceless. My friend put it the best:

It's also pretty cool to be one of the only people in the world with it - it's how i felt w/ my gmail addr initially ;)

More Glass reports coming. Stay tuned!

Nimbus (by Quirky)

Nimbus

I got a new toy for Christmas (thanks Mom and Dad!), a Nimbus. It's an internet connected mini-dashboard, designed to convey status of things to you at a glance. Basically 4 little dials with a little text display on each dial.

Out of the box setup was a breeze. Configured it to jump on Wifi via my phone and started setting up the dials. My current configuration is like this:

  • Fitbit steps (LCD shows step count, dial shows how close to goal)
  • Weather (basically temperature)
  • Commute time to work
  • Commute time home

It also handles things like # of unread emails in your gmail, # of likes on your last facebook post, etc.

So, pretty basic functionality in a pretty good looking pacakge. My only complaint is that the hands on the dial can be kind hard to read in low light. Maybe a later hardware revision will make the dial hands glow. One can only hope.

But that's not all. Earlier this month they release their own API to allow you to add custom data sources to your dial.

The API

API design is hard. Most of the time when a company decides to add an API to their product, it's pretty much an afterthought. Maybe something they'll give to one of their junior programmers so they can check a box for Program Management. As a result, most API's are half-assed, hard to work with, and don't have 100% feature coverage.

Not this API. Somebody sat down and decided to do it right. The API has enough functionality that you can stop using the app on your phone to configure it. (Initial setup still requires the phone). This is in addition to defining custom data sources.

So I took the API for a spin last night. In about 2 hours (or so, I wasn't on the clock) I was able to hook enough stuff up to show stock prices on a dial. It was pretty amazing to see the commands running on my laptop and then within seconds the dials update.

Future Development

So I talked about the stock ticker data source. I think that's pretty cool, but there are some other things I want to see.

Remeber above when I used two dials, one for outbound and one for inbound commute? Why waste a dial? I know the times during the day in which I need to see what, so I'm going to program it up such that I can see my "to work" commute until about noon, and then my "to home" commute for the rest of the evening. I could even get fancy and start adding in commute time to other events (maybe reading it off gcal?).

I also have a BeerBug on order. Would be nice too hook up the data pushed from that (fermentation temp and gravity) to a dial. I could then know when the beer is done brewing by looking at the dial.

Got any other ideas? Let me know!

Api Docs: http://docs.wink.apiary.io/