How to Read the News Online

This post is probably long overdue. I’m guilty myself of scrolling through Google News and letting an algorithm decide what I should see. But now, more than ever, its important to get the best information possible. Outlined here will be my attempt to provide some tips to escape the echo chamber, see past ideological spin, and find better sources of information online.

I should start with the caveat that of course this isn’t perfect. But its preferable to the norm…

App and website developers build for “stickiness” — that’s a primary goal. The longer they can keep you inside their experience, the more you are worth to them. That worth is often in advertising dollars, but its always in data: user and behavior information that lets providers create better personas (digital “voodoo dolls“) of their audiences. To restate that more clearly: the main goal of your favorite news app or website is not to inform you — its to make money off you. The longer you stay inside their experience, the more you are worth to them.

With this in mind, its easy to understand how content is created and prioritized. Content creators want to develop content that is interesting to their audiences. Content selection algorithms want to provide content that you resonate with — even when that’s not good for you. The “news” system is designed to affirm your biases, and reinforce the beliefs that brought you there.

Even information aggregators, like Facebook, YouTube and Twitter are running algorithms trying to find what you like and give it to you. They’re everywhere, and they’re cloyingly sycophantic. About once a day Google News offers me a bikini pic of a celebrity along-side other headlines — they know I’m an adult male, and they’re sure I want to see that content. All it takes is one tap to confirm that interest, and tip the algorithm toward more of it.

So if you’re ready to escape the fun house mirror that is Internet news, here’s what to do:

  1. Dump your current News app or go-to website. Google News, Apple News, MSN News, Fox News, CNN news… whatever you use, its all the same. I’m not even talking network bias yet, I’m just talking about algorithm-driven content providers. They’ve all got to go.
  2. Identify raw sources. In the US almost all news comes from the Associated Press first. Each network gets those stories, and puts their own ideological spin on that news. Skip the spin, and find the source: AP, and Reuters are both good for North America.
  3. Identify alternative sources. I’m not talking about fringe sites with extreme beliefs, I’m talking about a source of news that is further removed from the reach of your country’s political parties. In the US, the BBC or the CBC are reasonably impartial observers of what’s happening in your country. Find world news sources that aren’t reported from within your country — you’ll still get the big news items, but the context will be improved.
  4. Once you’ve selected better news sources, find their RSS feeds. OK, I know that sounds like techno-babble, so let’s break out of the numbered list and explain…

RSS stands for Really Simple Syndication (or Rich Site Summary), and its been a backing technology for the web since 1999. If you listen to podcasts, you use it regularly. An RSS feed is just the content from a site, none of the ads, none of the tracking technology, and none of the algorithms. Just the raw content.

Increasingly sites are hiding or obscuring their RSS feeds, because they want you on their site in your browser or on their app, so they can track you. But so far, no one has succeeded in removing it entirely. If you’re technically inclined, you can use tools in your browser to find the feed URL, but if not, there’s easier ways to get it.

I use a service called InoReader. They have a pro version, but the free one has everything you need to search for RSS feeds from the news sources you trust. Once you create an account in InoReader, you can add your selected news sources directly. The content is sucked out of the site via RSS, in aggregate, anonymously and automatically, then made available at the InoReader website or on the InoReader app on your phone or tablet, in a neatly organized fashion. Its a curated news stream that breaks the algorithms that taint the information you’re getting.

InoReader’s RSS Based News Feed

Like I said, its not perfect. InoReader knows what you’re reading — but because it serves raw feeds, it can’t alter them without detection (you can always look at the RSS directly to see if they’re changed; in 4 years of monitoring, I’ve never seen it happen.) Another challenge is that sometimes news sites only publish the first sentence or two into their RSS feed, and you have to click through to their website to read the whole article — but when you do, you can visit as a signed-out, anonymous reader (there are other work-arounds, for those comfortable with deploying a little open source software.) And of course, your critical thinking skills are always needed for any media you consume.

But even with the challenges, and the little bit of extra work it takes to make good selections, the difference is night-and-day. Do this for awhile, then compare the real headline with the liberal and conservative spin carried by other sources, and you’ll realize just how bad things are.

The dangers of the filter-bubble are real, and the increasing polarization in the US (and Canada too!) is a very real result. If you’re going to use technology, you should use it responsibly. The onus is on you to consume information that challenges your beliefs, educates you, and makes you more empathetic toward people who are different than you. Popular “news” technology does the opposite.

Update 10/5/2020: Associated Press feeds are increasingly difficult to find. This person has a solution — scroll to the bottom of his associated-press-rss repo to find a working URL.

Getting to Know Your Digital Voodoo Doll

Cambridge Analytica LogoIf the Cambridge Analytica scandal told us one thing, its how poorly people understand how data is being used. Although the folks at CA may not have had the most altruistic of intentions, they were really only exploiting what was freely available. That they used some data Facebook didn’t intend them to use doesn’t change the fact that the data was there for the taking. People volunteered it willingly, so it was inevitable that it would be put to use.

What is probably less clear in this tale of targeting was that they weren’t really targeting you or I. Rather, the technology allowed them to identify what kind of people we are like, and target people of that kind. This aggregate group identity makes up a persona — a fictional person that has traits and attributes, gathered from the self-provided data of real people, that are useful for addressing many actual individuals that are similar to that persona.

This is not new. In fact, in programming, type inheritance is a powerful concept that is useful for generalization. What’s new in the last decade or so is the volume of self-identified human data, and a few primary keys that allow that data to be associated with unique donators. Lots of web sites have data on you as a mostly anonymous visitor. There’s identifying information, for sure, but nothing you deliberately confirm or setup, so its a “weak link”. When a website requires you to create an account, then they truly have uniquely identifying information for tracking you within the properties that account uses. Facebook is mostly unprecedented because of the scope of that account. As an identifier, its used far beyond the actual Facebook website — its used on other Facebook properties (WeChat, Instagram) and on millions of partner sites that use Facebook log-in, or Facebook data sharing (when you see “Like on Facebook” on a website that is not Facebook, they are sharing data using your identity as a key.)

The effect is that activities spanning the web are opted-in to Facebook data collection, whether you’re aware of it or not. Suddenly a single primary key has a rich repository of information about billions of individuals. Realistically, it would take an incredible effort to actually target a single individual, but it does become very easy to group individuals based on activity. Individuals who “Like” a Republican candidate, individuals who participate in discussions about vaccinations, individuals who view religious videos, etc…

The field of psychographics is the emerging social science of identifying groups based on these common activities, then determining what methods are most effective at influencing the individuals within those groups. Facebook helps out even more, due to a built-in concept called Graph Relationships. These are the links between individuals that can be used to tie people to groups even if those linked individuals provide no explicit data that identifies them as part of the group. You may not have shown any visible interest in a particular political candidate, but if you’re linked to many people who have, you may find yourself targeted as part of that group.

https://www.businessinsider.com/explainer-what-exactly-is-the-social-graph-2012-3

This self-identification increases with your social network, and with your activity. If you’ve seen ads for something you recently thought about (but could swear you didn’t write down or say out loud) the odds are good that you’ve been targeted based on your activities or affiliations, and advertisers “knew” you would be interested in that product or service, because other people like you are interested in it.

I recently saw this concept described as a digital voodoo doll, and the analogy is apt. Advertisers and other influencers aren’t interacting with you directly, instead they’ve created an avatar that is like you, they’ve experimented to determine how best to impact those like you, and then they’ve launched their digital onslaught against the group. When the voodoo doll gets really precise, its called micro-targeting, and you really should be scared of it.

So what can you do about it? Well knowing the importance of identifier keys, you can participate in the web more strategically. It may be easier to sign up for a new service with your Facebook account (keeping track of multiple passwords is hard!), but know that when you do, Facebook gets all that data. Use different keys (new accounts) for different services, to reduce the chance of your activity being linked. You don’t have to quit Facebook entirely, but be careful what you indulge within their scope of view.

On that topic, there are ways to keep fences around that garden. FireFox has an extension that does just that — blocking Facebook tracking on sites not owned by Facebook. The same cautions should apply to any service whose tendrils extend beyond their own .com front-end. Microsoft, Amazon, Google all offer useful developer tools for web creators — in exchange for data collected from those sites. Diversify your digital activity: use different services for different features, and don’t mix and match. For example, Microsoft hosts our email, but not our voice commands. Amazon gets our voice commands through Alexa, but doesn’t store any of our documents. Opt out of data collection when given the choice.

As tech providers find newer, more clever ways to collect data, and the legal framework struggles to keep up, be aware of how you’re inevitably being targeted. Information is neutral — it doesn’t have a bias. Human beings, on the other hand, are biased. If something is presented as information but appeals to your natural bias, question the source — odds are that you’re being manipulated.

The dream of the Internet was that information could be shared instantly and freely with everyone. Those altruistic nerds that invented it may have forgotten that someone has to pay for technology somehow, and perhaps unknowingly, we backed our technology revolution into an ad-supported model. Being willing to pay for content that isn’t ad sponsored seems to have a tendency to inspire a little less subterfuge in the content provider. If you want to learn something new, or engage with a community on a topic, consider private online services — even those that aren’t free, or require a little more work.

There’s no quick fix for Facebook, or Google or even Apple. To make the Internet a better place, its citizens must be aware, involved and active. You can be online without responding to your baser instincts for affirmation or attention, but if you find the dopamine rush too irresistible, you might be better off closing those accounts after all…

Demarc 3.0

Back in the days of land-line phones, your demarc, or demarcation point, was the part of your house where the public utility phone network entered your home. Each outlet in your home connected here in what was called a POTS (Plain Old Telephone Service) network, and connected to one or more lines going out of the house. Frequently this was located near where power entered your home, and later, cable TV. This makes it an excellent point to retro-fit tech into a house that maybe wasn’t designed with nerds in mind.

I know this looks a little crazy, but in version 3.0 of my setup, its much, much cleaner than its ever been. To quote Morpheus, this is the core where we broadcast our pirate signal and hack into the Matrix! This diagram might be a little easier to read:

There’s some really cool stuff in this architecture that I’m pretty proud of. On one hand, its a modern 1gbps network, with distributed 802.11N WiFi, that can filter out ads and pornography, and support remote connections via VPN. On the other, it can also connect any device from the early 1980s to other devices, or to the Internet.

For the very oldest machines, a Raspberry Pi Zero, running the DreamPi image, connects to our home’s POTS network (long since disconnected from the public phone network), inducing the correct voltage, and playing back a dial-tone sound. A Python script on the the Pi listens for an old-school modem trying to dial out, then plays back the handshake sounds of an ISP, then continues to pretend to be a modem, bridging the device onto our network (and thus the Internet.)

For 90s and 2000s era Macs, either physical Ethernet or an old Airport Classic, provide an on-ramp onto our network. The Airport is configured with a whitelist of allowed machine IDs, so that it can run with only WEP security (since that’s the best it can do!) A Performa provides an EtherTalk to LocalTalk bridge, and a PhoneNet ring running around the basement networks the earliest of Apple and Mac computers.

For newer devices, that have always-on Internet connections, another Raspberry Pi runs PiHole DNS, which filters out ads, with OpenDNS upstream, configured to filter adult content. Dubbed the NetPi, it also runs an OpenVPN server, giving us the same safety when we’re away from home. The NetPi, and a little media PC next to it, also host Plex Media servers that share our content with our devices, no matter where we are.

With more of the Internet abandoning HTTP for HTTPS (whether its needed or not) and newer SSL cryptography ruling out connections from machines with lesser cryptography libraries, the NetPi will probably be pressed into service again running a SSL-stripping Proxy. I haven’t quite figured out how to do this yet, but I do have a RSS+Site Scraper utility running, which means I can still read a lot of content on older devices.

Although this one wall in the house is a little complex, the tech is effectively invisible throughout the rest of the house. Ben and I are working on a Raspberry Pi project using a PowerBook from 1999 as the programming terminal, but the 2019 home theater can also stream 4k content — all without touching or re-configuring anything. I can literally start a document on a Mac Plus, revise it on a Performa, print it from there, or pick it up off a combined AppleTalk/SMB share on the NetPi and publish it to the web from my 2019 Surface Laptop. In fact, I sort of just did…

Update: Squid SSL Bump Proxy running!

Einstein Newton Emulator on Android Oreo through 10

I recently brought my Newton MessagePad 120 back to life — for a brief window of time. It died again after less than 48 hours, but it was fun to play with while it lasted.

In lieu of finding more old hardware, I started playing with the Einstein Emulator. I’ve had it running on my Mac for awhile, but since the Newton was portable, it sure would be nice to have the emulator be in my pocket.

Unfortunately, Einstein hasn’t been updated in awhile and didn’t work on my Pixel 3a, nor would the source build in Android Studio on my Mac. A little hacking at it identified two issues:

  • The project had an undocumented dependency on a tool called ninja. Reported here, running this from the command line resolved: brew install ninja
  • Android notifications have changed since the project was created. I found how to update the notification, and implemented it as a work-around. I’m not sure its 100% backward compatible, so I’ve built and signed an APK of the original code and one with my updated code.

These updated bits, plus the necessary dependencies are assembled here.

Housekeeping – on HTTPS

Related to my previous rant on Internet security, the latest trend is to force a move to HTTPS — the encrypted version of the web’s primary protocol. In my opinion, this is largely silly: its security theater, since most scam sites can easily provide a certificate, and it gives browser makers even more leverage over little content developers.

I find it offensive in a different way, too: it breaks compatibility on the Internet. A whole generation of devices that have older versions of SSL, that can’t easily be upgraded, get cut off from today’s web.

There’s a place for HTTPS — namely, anywhere you submit data to a server. I don’t argue the importance of that. But lots of content is just there to be consumed, and the whole transaction with the server is “give me the content.” For a browser to claim that transaction is unsafe, just because the request and response weren’t encrypted, is dumb. Its perfectly safe to read this website without encryption — and there’s millions of sites where that is true.

That said, it irks me to see my own website marked as insecure, so I did what probably every other “little guy” should do, just to keep up with the times, and added a SSL cert for free through Lets Encrypt. However, my implementation does not break compatibility with older devices: you can still access this site without HTTPS by sending an uncommon user-agent. This will happen automatically if you’re, say, in Netscape Navigator on an old Performa, or visiting from a HP TouchPad. Only if a modern OS is detected will my main site meta-redirect to the HTTPS version, and you can over-ride through your browser’s Developer Tools. Otherwise, if you visit via HTTP, you’ll see a brief flash while the content re-loads over an encrypted connection.

Utility and classic sub-domains will remain on HTTP until all these young hippies get off my lawn…

Apple 2 Forever…

AtariComputerAlthough our first family computer, and my first attempt at programming, was an Atari 800XL (for which I collected every peripheral and game I could find), my first computer was a Macintosh 512k — which I rescued from a garbage can outside our church. Its display had collapsed to a thin vertical line, but that didn’t stop me from turning it on, and pretending to type on its keyboard or explore with its mouse. Eventually my parents found someone who could repair it, and it became a useful, slightly more modern family computer. At some point, long after it was obsolete, we traded it in for an also-obsolete Mac Plus, and added a hard drive. After a few years in service, we got a Compaq Presario 486, and the Mac Plus got relegated to storage.

Software was always my main skill set (most attempts at hardware hacking led to cut fingers — I’ve left my blood stains on many a motherboard) and after 20 years in the industry, I no longer feel like too much of an imposter when I call myself a software professional. On hardware, though, I remain a novice — it’s a hobby, not a profession.

I’ve carried that Mac Plus with me from job-to-job, keeping it setup on my desk, or a bookshelf, to remind me where I started and, on the rough days, how much I love what I do. I fired it up occasionally, but the display was beginning to degrade, and it was trending toward a thin vertical line. Recently I decided I was ready to try the same repair my parents had funded so many years before. A PDF copy of the Dead Mac Scrolls revealed the secrets that had eluded my 12-year old self: common failure points in solder and weak or aged capacitors made for an accomplish-able project. With a healthy respect for high voltages, a few YouTube tutorials, and more than a little trepidation, I put the old Mac Plus under the knife, and restored it.

Shortly afterward, I got a handful of other dead Macs, and found there was something of a market for vintage machines that have been lovingly restored. I managed to repair, clean and flip another Mac Plus, in beautiful platinum gray, a Mac SE, and an original 128k. I did not turn a profit, but I did manage to almost break even. In trade for one of those, I was given a couple other retro gems.

Apple ComputerThe Apple //c was the 10-year old computer my dad had in his classroom in Germany in the mid-90s, and the Apple ][gs was the last of the Apple 2 line up, and something of a unicorn that I never really had the chance to play with. The C lacks a power supply and may need some other repairs, but the GS booted up, and I couldn’t resist the challenge of figuring out how to connect it to my home network. Here’s the MacPlus and the IIgs talking to a range of newer devices — including a very new Raspberry Pi.

Here’s what was needed to pull that off:

  • LocalTalk PhoneNet is an adaptation of Apple’s old serial networking protocol, expanding its range using 4 pin phone cabling —- which was cheap and common at the time. I ringed the basement rec room with phone line to connect my Mac Plus, so adding an extension to the IIGS was easy.
  • The LocalTalk Bridge control panel was an unsupported Apple offering that allowed mid-90s Macs with a serial port and an Ethernet port to connect LocalTalk to EtherTalk. Technically both these networks are AppleTalk, with different names for the different connection types. A middling Macintosh Performa serves bridge duty.
  • A Raspberry Pi running a modified Netatalk install, thanks to the A2SERVER installer (and a lot of tinkering) talks AppleTalk over WiFi, and is reachable by the bridge, providing a modern file share for very old computers. The topology looks like this:

I’ll do a full-write up and post it on our vintage-computer friendly companion site: http://classic.jonandnic.com for those who want more details.

Internet Safety – a moving target

When you visit a webpage, you might think of its address, like www.cnn.com. That address isn’t really an Internet address though. It’s a domain name — a friendly and memorable shortcut for an Internet Protocol (IP) address. That kind of address is made up of four groups of numbers, called octets. CNN’s actual address (today) is 151.101.1.67. That’s what your browser really goes to.

The mechanism the browser uses to look up the number from the shortcut is called DNS, or Domain Name System. One of the most resilient and important parts of the Internet, DNS is often provided by your Internet service, whose own servers sync with other DNS servers around the world, providing a distributed system of record — a phone book, if you’d like, for instant address look-ups.

Importantly, DNS is first provided by your computer (or mobile device) that forwards DNS requests from the browser, to your router or modem, which forwards the request to your Internet provider, etc… If you don’t like your Internet provider’s answers (or the speed with which they answer), you can choose a different DNS provider by making a configuration change downstream (eg: on your router, or on your computer.)

This “chain of trust” allows organizations to filter the Internet within the network they provide internally. If an organization doesn’t want its members to visit a website (like pornography) they can insert DNS records locally that prevent the request from actually finding that website.

This is also the basis of many parental controls systems. They keep a list of addresses kids probably shouldn’t go to, and all you have to do is configure your local environment to use the parental controls DNS server, rather than a public unfiltered one. This chain, and the ability for administrators to control the chain, is a part of how the Internet was designed: the browser asks the computer, the computer asks the router, the router asks the network provider, the network provider asks the rest of the Internet.

Last year, Mozilla (makers of the FireFox browser) decided to experiment with breaking that chain of trust. Instead of the browser asking the PC (and so on), they decided maybe the browser could go around the chain, and just ask someone that Mozilla decided to trust. They claim this makes people safer, since they can encrypt that request, using a non-standard approach called DNS over HTTPS (DoH). The effect is that intentionally crafted trust chains will be broken. Fine as an experiment, but this month they decided this behavior would be the default for all FireFox users. If you don’t know how to work around it, your parental controls are effectively disabled.

And working around it is possible — but not easy. Because this is not a standard, or even an accepted RFC (the process by which the Internet is evolved through review and consensus), Mozilla gets to impose arbitrary hoops you have to jump through to disable it. The easier they are for you to implement, the easier they are for someone to defeat.

And Mozilla isn’t the only browser maker messing with trust on the Internet. I’ve written before about Google’s attempts to re-make the ‘Net in their own image.

So, how can you filter the Internet at home while bigger groups than you and me are hard at work funneling all traffic through bastardized versions of the Internet where they can monetize your queries? As of late 2019, here’s what still works — and my best guess about how long it will continue to work…

Circle with Disney – another 1-2 years
Circle is a device that you put on your WiFi network that filters actual traffic. Below DNS is the actual routing of data from a website to a device. This path is managed via ARP (Address Resolution Protocol) tables, which tell your router how to get traffic to a given device. Circle needs to know which devices on your network belong to a child (which is a bit of a pain to setup), then it can stop traffic that’s not appropriate.

Unfortunately, Circle is abandoning the one-time purchase device, in favor of a device+service model that will cost you more. If you can still find them, the original Circle is less than $100, and really works well. It also lets you set time limits and curfews from a reasonably friendly app on your phone.

PiHole + OpenDNS – 3-5 years
PiHole is a tiny service that runs on a Raspberry Pi. In total it’ll cost you about $50 to set this up on your network. Once the Pi is built and running, you can install PiHole in a couple seconds, and tell it to use OpenDNS as your upstream DNS provider (instead of your Internet provider.) Then tell your router to use the Pi as a DNS server — your own chain of trust. You can then use the OpenDNS website to determine what kinds of web pages should be allowed within your home network.

It sounds complicated, but its really not too hard, and because its actively being developed, they’ve been able to stay on top of changes, like Mozilla just made. As of today, they’ve implemented one of the work-arounds for DoH, that tells the browser not to trust any other DNS provider. Eventually Google is going to realise there’s an untapped data source here, and move to eliminate competition from parents who want to protect their kids. But for the near future, this works well.

Mobile Device Parental Controls – constantly changing
The best phones for parental controls are iPhones… personal preference aside. The Screen Time feature lets you set a PIN and access control for many things on the device. Unfortunately, you need regular physical access to configure and change these settings, which appear and disappear through different OS versions. This obviously requires parents to keep a certain amount of hands-on with their kids devices.

Apple has an app called Apple Configurator that allows you to setup a number of Supervision controls over the device remotely — but they’ve intentionally limited that capability so only organizations (schools or businesses) can use it. They actually research you to determine if you should be allowed to Supervise users before you can use the feature with kid’s devices — presumably they’re monetizing this somehow, because there’s no reason this shouldn’t be free to everyone.

Amazon has a number of features for parental control and monitoring on their tablet devices (yours truly was responsible for some of them), but with each version of their OS, they make those harder to find and use.

Our kids don’t have their own phones…yet. We have one “kid phone” that they can check out if they’re going to an event where we’re not with them — but its locked down tight. Still, their friends all have phones, and the pressure is on. Soon enough, I guess I’ll be trying out some parental control apps, to see what works best outside the home. Any suggestions?

Machines Who Think

The practical birth of A.I. dates back to the 1950s, when Frank Rosenblatt developed the Perceptron algorithm. Interestingly, while it was initially conceived as software for the IBM 704 computer, the “productized” implementation was a hardware solution called the Mark 1 Perceptron. Even back then, the best experience was a complete one: hardware and software combined for a specific task; in this case, image classification. A version of that algorithm is still around today – in fact, Shelby uses a Multi-Layer Perceptron for its chat interface.

The point is, there are a countable number of steps, over relatively recent history, in the field of machine learning. Most of what is in-use today is derived from what we knew yesterday. If you narrow that field to manufacturing, the milestones are even more sparse. If you narrow it again to algorithmic learning that runs within the operation, Sherlock is virtually peerless. The release of this product is a markedly significant point in the history of artificially intelligence…

The above is an excerpt from the email I sent my team upon completion of our latest 1.0. I included it because I didn’t think I could write anything better to mark this spot in time. I’ve introduced you to Shelby in the past, and while Shelby observes an operation, its newest sibling, Sherlock, actually learns from it.

I didn’t invent Sherlock (nor was I the only inventor on Shelby!) – in this case, the product is deeply indebted to the research and development of folks much, much smarter than me. But I did lead the effort to productize it, and I’m proud that I got a part in bringing it to life. Launching a 1.0 product in manufacturing is act of sheer willpower; once again, I got lucky to have a small core team of people who believed in an idea enough to pour some of themselves into it with me.

This release was step two in a 3-step strategy I helped put together almost 4 years ago: Device -> System -> Enterprise — our plan to make sense of the data in a manufacturing environment in an automatic fashion. I signed up for step 1, committed to step 2 after-the-fact because of the great partnership, and watched someone else make a total mess of step 3.

Most of the people who worked on that strategy with me have given up, or moved on (although one of them recently came back!) and the leadership that originally endorsed it lost focus, or position, or faith… it’s been a long and bruising haul getting to this point — and often a lonely one.

As proud as I am of what we’ve built, I am also very, very tired…

Stop buying new smart phones!

Apple kicked off 2019 by announcing that iPhone sales are down — way down. Their letter to investors largely laid the blame on China (and indirectly, on the trade war with China) but more astute observers noticed some sub-text: people just aren’t buying the new iPhones they way Cupertino is used to.

Shocking, no? $1000 cell phones that are largely unchanged from last years model aren’t flying off the shelves?

When I was growing up, the effects of Moore’s Law were hard at work. I sold computers in college, and the joke customers would make as they walked out the door was “this thing will be obsolete by the time I get it home, won’t it?” At the time, they weren’t far from wrong. Just look at this chart that I stole from someone on the Internet — CPU speeds were literally doubling every year.

Thanks, random Internet person:
https://smoothspan.com/2007/09/06/a-picture-of-the-multicore-crisis/

Then something happened: the point of diminishing returns. Just off this chart is our current home computer, a 2011 iMac. Its had a RAM upgrade and a newer OS installed, but 8 years later, that machine still does everything the kids need it to. And its not just the kids — I’m a professional software developer, and I’m typing this on a rebuilt 2008 MacBook Pro. Why? Because there’s no reason to upgrade. None.

Smart phones had their own curve, that arguably really ramped up starting in 2007 (I couldn’t find a chart to steal.) Like PCs in the 80s, there was a rapid evolution of features, capabilities, form factors and speeds, but their point of diminishing returns hit around 2015: Apple’s peak was the iPhone 6s. After that, they literally began removing features, and focusing more on cosmetics than capabilities (the camera being an exception with a slightly offset maturity curve.)

Of course, the drooling public was a little slower to catch on. Apple got 4 more years of grinding semi-annual upgrades out of the masses, but now even that group is catching on. Its not just China, Americans are having trouble justifying paying a grand every year or two for something not materially different than what’s already in their pocket.

This decline forces companies to look for new revenue models — because the “next big thing” hasn’t emerged yet (hint: its not going to be Virtual Reality). And that’s where you and me, and our personal data, comes into play. If you won’t give them money directly, you can be monetized indirectly — through harvesting of your data.

So, what are you going to do about it? I’ve written before about how the Internet could still be good — if we’d all stop behaving like sheep, and acted more like responsible human beings. You can similarly turn the spy you invite into your bedroom back into a reasonable useful tool:

  • Don’t buy a new one. If your battery sucks, replace it — even at Apple’s full price of $79, that’s a lot less than $1000 for a new phone. And if your phone breaks entirely, buy a refurb. You’ll love having a headphone jack again, and you won’t need all new charging cables!
  • Tame your phone: turn off notifications and location services unless you really need them. A Pebble or a Fitbit are a nice way to get critical notifications without needing to be tempted by the rest of your phone — keep it in your pocket.
  • Leave it behind: there’s a trend toward companion phones (my parents call them “beach phones” — but they live on a tropical island) that I really like. Its hard to be completely out of touch, but you can get a “dumb” phone and swap out your SIM when you don’t need constant access to email or Instagram.
  • Turn it off at night: “I use it as my alarm clock” is a dumb excuse for having a hot microphone and a radio next to your head all night: you can pick up an alarm clock at Walmart for $8 and you’ll sleep better.
  • Don’t use native apps if you don’t need them: when possible, use the website instead of the app — they get a lot less out of you that way.
  • Don’t buy one for your pre-teen. Today I learned that children at my kids school aren’t allowed to run on the playground at recess — but they are allowed to have a cell phone. If this isn’t a generational crisis unfolding before our eyes, I have no idea what is.

I’m going to end this with an anecdote, for those who think I’m being alarmist: I worked for a large online retailer with a consumer electronics division, back when Facebook was still a powerful and popular Internet service. We wanted a native Facebook app for our devices, and Facebook couldn’t be bothered supporting us (even though we could have re-used 99% of their existing Android app with only minor modifications.) When we went to the negotiation table to try to change their minds, do you know what they offered? Give us your customer’s buying data, and we’ll give you an app. Not content to know about all your relationships, conversations, photos and travels, what Facebook wanted most from us is to know everything you were buying too. (To its credit, the big retailer told Facebook to pound sand.)

Big tech companies don’t value you as a person, and they don’t make hot new gadgets out of altruism. They build these things to extract revenue from you. No one loves gadgets as much as I do, but be aware that each of these toys and services you add to your lifestyle has a dark side — if you don’t control them, they will control you.

Game and Watch

These are a few of my favorite things from 2018. Abandoned tech is a treasure trove of ideas, both good and bad, and always makes you wonder how the world would be different if a given technology battle had gone another away. Take, for example, this little phone: the Palm Pre3 (by HP.) Although HP had big plans for the platform when they bought the ailing Palm company, a change in leadership resulted in a sudden death for the technology dubbed webOS.

More than just a name, webOS provided a Linux-based environment where both front-end, and back-end (service) apps were written in web technology (namely, Javascript.) On the user-facing side, the first Javascript framework was called Mojo, and supported the phones, followed by Enyo, with support for the short-lived TouchPad tablets (and later phones.) On the service side, an early version of NodeJS provided Javascript for lower-level platform coding. This is interesting to me, because my own Shelby product has a similar architecture — although its backed by Windows instead of Linux.

Its arguable whether webOS had the right combination to make it in the Apple vs. Google smart phone war, but we’ll never know, because shortly after they launched the TouchPad, HP chickened out. In its short life, developers produced some brilliant apps for webOS, delivering them onto a friendly form factor that tucked away a real keyboard behind a smooth, svelt and totally pocketable phone. The whole thing is truly delightful, and a blast to write code for. Had HP stuck with it, would we have the surveillance state we have now? Or would someone have offered us an alternative to the penetrating and oppressive spying platforms we line up to buy now?

Another delightful also-ran is the Pebble smart watch. Launched as a Kickstarter, Pebble was arguably there first. Using a battery-sipping eInk display, the Pebble could run for a week on a charge, count laps while you swim, thanks to its water-proof design, and get apps and notifications from any smart watch.

Later versions improved the design and added color, but kept compatibility with the add-ons and watch faces that a vibrant developer community created for it. Long before the Apple Watch provided a luxury status symbol for your wrist, the premium Pebble Steel lent both tech cred and good looks to the wearer.

Pebble was bought by FitBit, the distant second-place winner in the smart watch race, who, like the other purchaser in this post, summarily killed it off in a quick strategy change. Although HP did the classy thing and open-sourced much of webOS (then sold the rest to LG, who uses it in Smart TVs), FitBit went even further, and pledged a period of active support to the Pebble developer community as they took-over the Pebble services.

Re-launched as Rebble, most of the Pebble capabilities are up-and-running again, on community-run servers, and watch faces and apps can once-again be loaded onto your wrist. The Pebble Time remains an in-demand and highly capable smart watch, for a fraction the price of an Apple Watch.

This year, I wrote a trio of apps for this kit, with help from the communities that still back them. Stopwatch was my starter app for webOS, followed by Night Moves, which makes the phone fit your life (instead of the other way around), and finally I modernized an old app called mWatch, re-structuring and re-designing it as My Watch, to connect a Pebble watch to a webOS phone.

Early next year, Microsoft will block connections using TLS 1.1, in the name of security. This effectively cuts off a generation of still-useful devices from getting email from their servers. Much of the web is going the same way — ostensibly to protect us, but really to lock us in to a combined ecosystem of vendors that need to know what their users are doing at all times. This New Year’s Eve, I think I’ll raise a toast to all those hackers still keeping alive the idealized version of the Internet we once all dreamt about…