Password generators suck

For a book project I had to review the current state of password generators, including the Schneier vs. GRC vs. XKCD/diceware wars.

Bah. Humbug. The memorable vs. random debate is obsolete. The real criteria is tappable. A password needs to be tappable on a twee iPhone virtual keyboard that shows only one character at time (Yes, I use 1Password. I still find lots of times I have to type and tap.) I can’t tap a long random string. I even have a hard time tapping an 8 word string — and I don’t have the patience for it.

I think the obscure and much maligned Apple keychain ‘Memorable’ password generator strikes the right balance. A mixture of (pseudo) randomly (I hope) selected pronounceable strings with some extra characters. I usually tweak the words to be less English (but still memorable) and I toss in “extra characters” that don’t require too much keyboard shift/swap. I generally stop at around 16 characters.

It’s too bad Apple’s password generator is so hard to access. On OS X I use an ancient and now vanished app called “Password Assistant” (2006, codepoetry – don’t try the domain, it was lost long ago) that invokes it. I can’t believe nobody has put something like this on the Mac App store. On iOS there’s no easy way to access it, you only see it when entering a password on a web form (again, why no app to invoke it? Too bad Siri can’t access it.)

Sure, the NSA could crack these too short and too englishy passwords in a few hours. But a serious hacker team wants my stuff, much less US border security, I’m screwed anyway. For most criminals I just need to be have something well above average. That’s not hard …

PS. I think Atwood came close to me in his 2015 essay: “passphrases … are exceptionally painful to enter via touchscreen in our brave new world of mobile – and that is an increasingly critical flaw.” Alas, he seemed to have forgotten this in his 2017 essay.

Posted in t

Idiocracy: Trump admin medical technology expertise

The GOP is a cognitive wasteland. 

via Politico: “Speaking of new administration staffers: John Fleming, the former member of the House of Representatives and new deputy assistant secretary for medical technology, had some interesting views on drugs and addiction, BuzzFeed reports. In a 2006 book, Fleming speculated that tattoos might lead to drug use, and called opioids potential proof of the existence of a higher power. “Only a higher power and intellect could have created a world in which substances like opiates grow naturally,” he wrote.”

Posted in t

Cram school America 

At a gathering of graduates of “elite” private schools I met a woman who counsels upper class teens on college applications. 

She teaches and revised essays. Structures good works to craft an appealing history. Advises classes and direct applications. 

All necessary, she says, in the new world. 

It sounds like a less democratic version of the Korean cram school. 

I think, at root, like Trump, it is about AI,  what DeLong calls “Peak human”, and I call “mass disability”. A fear that is not understood but is real. Scrambling for lifeboats on a sinking ship. 

Posted in t

How to make your iPhone useless with one swipe.

Do this while driving in bright light. 

  1.  Have music playing.
  2. Swipe up from bottom to show Bluetooth etc panel. 
  3. Swipe to swap to sound but accidentally move brightness to nothing. 

Phone is useless. Display is too dim to see in daylight. Reboot won’t help. Siri won’t adjust brightness. 

Need to find dark bathroom at gas station to enter passcode and adjust.  

I think I might also have had some iOS “night shift” state confusion and a miscalibrated auto-brightness that made things worse.

Would be good to have a fix of some kind…

Posted in t

iOS Tips.app has “collections”

Bored I played with Tips.app. I learned things! There is always more. 

On my 6 there were @17 base tips. My work 6s had a few more – for force touch. 

Surprise was to find “collections” at the end, including a “genius” set. 

Yeah, I read manuals too. 

Posted in t

When I travel, what can I leave on my phone?

This is not good.

I’ll be visiting my father in Canada this weekend. The safest thing is to leave my laptop behind and use an adapter to put my i6 SIM into a sterile 4s from our emergency phone bin. Which would be an interesting digital detox experience.

Or I could try to clean my i6. I could change passwords on my primary Google and Twitter accounts then remove them from my phone. That’s troublesome though.

I think the sterile 4s is the best bet. I can put music on it then use one of my dormant iCloud accounts for email. I’ll have to bring my dSLR.

I am annoyed by those who say “things will be alright”. They are already not alright.

Posted in t

iOS 10 parental control bug?

#1 son tells me that turning on automatic downloads in iTunes and App Stores defeats the restriction setting that requires a password for free downloads.

1

I’ve yet to validate this — no time tonight. Even if it doesn’t work the way he thinks, the auto download is a restriction gap when an iTunes password is shared by family members (old school method, predates family accounts – iCloud and iTunes credentials can differ). If anyone with the shared iTunes account downloads an app it will be downloaded automatically even to phones where the password requirement is set.

 

Posted in t

China’s Foxconn incentives: keeping automation at bay. 

Reflecting on China’s massive Foxconn incentives it is important to consider the alternative. 

If China did not subsidize Foxconn, and thus the iPhone, Apple would still make them. 

They would be designed for robotic assembly so they’d look different. They wouldn’t change as often. They would probably be the same price. 

The big effect of China’s subsidies is to keep automation away. It is an employment intervention. 

An example worth considering. 

Posted in t

Russia’s successful attacks on EU & US: pushing on a broken door.

In its own way Russia’s far right success is as startling as the fall of the Berlin Wall. 

In a very short period of time history is changing. 

Russia pushed on a locked door and discovering the hinges had rotted out. In the US the GOP’s voter driven spiral into fact and value free hate and attack broke more than we knew. An aspect of a process that is much bigger; the stress of globalization and technology and culture transformations. 

It is all so cartoonish, too preposterous to credit. The villains carry “Dr. Evil” cards, they can’t be taken seriously. So we don’t take them seriously.

Now would be a good time to start taking them seriously.

Posted in t

Another deceptive Amazon listing.

Not quite counterfeit, but almost.

The product description includes the word ‘compatible’, but it also says ‘by Sears Craftsman’. Didn’t actually work, return fee, no return postage, etc.

screen-shot-2016-12-24-at-12-47-35-pm

I remember when Amazon was less scuzzy than eBay.

Posted in t

Google Wallet requires a debit card

Google has relaunched “wallet”. It requires a debit card for use — credit cards not accepted, bank accounts not supported, no way to create “Google Cash” for the account.

I don’t think I have a debit card; I use a non-debit ATM card.

Posted in t

Google has screwed Blogger users with custom domains.

Blogger doesn’t support https for blogger users with custom domains. Google has severely deprecated search indexing for non-http domains.

So people who use blogger with a custom domain are kind of screwed.

My old Google Custom Search engines no longer find posts of mine I’m looking for.

Posted in t

Subscribe to calendar feed on tap working in iOS 10.1?

I’d tested earlier and got the useless 9.x “add events” behavior when tapping on our special hockey calendar feed:

webcal://www.mnspecialhockey.org/ical_feed?tags=1768556%2C2152725%2C2838825

Today from iMessage I got “subscribe to calendar”. Added as new subscription source to Calendar.app. 

Feed probably needs webcal prefix, may not work in all settings. 

There are options to tweak feed:

Posted in t

Engineering employment for the non-college — the US military. 

There are several historic approaches to creating work for people that the market economy does not want. 

One is supported employment for people who meet traditional criteria for cognitive disability. 

Another is public works, from Egyptian pyramids to Roosevelt’s PWA. 

A third is the US military and civilian organizations that favor veterans, such as the US postal service and Veterans Hospital Association. 

The last is the dominant method of creating socially acceptable non-college employment. The techniques used in the vast industry could be the basis for future synthetic employment. 

Posted in t

We thought we had defenses.

In August of 2001 Americans felt pretty secure. We thought our Maginot line was strong.

In August of 2015 we thought we had defenses. Yeah, we knew newspapers were weak, but we had constitutional checks and balances. We had the power of the wealthy, the powerful, and the incorporated to balance the fear and despair of the credulous.

We were wrong. Our constitution has loopholes; it’s only paper after all. The business model that built the Adnet was a weapon hiding in plain sight. A few crazed billionaires had great power.

Now we have nutters running large swathes of government, not least the presidency.

Where else are we weak?

Posted in t

OneNote: surprisingly interesting. 

A new job is Microsoft-only with a very restricted computing environment. That led me to try the old version of OneNote used there. 

I kind of like it. Now I’m trying the Mac and iOS versions with OneDrive. 

I’m glad there’s life left in Microsoft. We need them. 

Posted in t

Aperture can run on Sierra.

That is the consensus of dedicated user-researchers:

https://discussions.apple.com/message/30943847?ac_cid=tw123456#30943847

There can be a lot of El Cap library prep to do first. Some of this may be old Aperture version data defects that El Cap tolerates but Sierra doesn’t (likely some Sierra bugs there too). 

So it should be possible to use Aperture through at least 2019. Maybe Photos.app will scale by then. 

Posted in t

Hold your ground. 

It is times like this that determine the future. Times to  unite and hold ground against long odds so we may rebuild and return.

All progress has required this strength.

Posted in t