Role Model

When I was growing up, people often asked me who my “role model” was.  Saying “I don’t have one” would lead to strange looks or awkward conversations, so I would typically say “Bill Gates” or “Wade Boggs” or some other easy answer.  Those weren’t lies, I did admire certain facets of these people, but I certainly never emulated them.  A few years ago, decades past the point where people ask me that question, I realized I finally have an answer.

I’ve been lucky enough to have several great dogs in my life, all of whom have been very unique, but Stella is, unexpectedly, the closest thing I’ve ever had to a role model. I admire, and try to emulate, how much she lives in the moment.  Her ability to grasp the excitement, or the mystery, or even just the simple peace of any given moment is amazing.  Even at 6 years old, she takes every minute as a new adventure.  I am not, nor will I ever be nearly as effusive as she is, but I do find myself noticing and appreciating the immediate moment even more.

As I observe this furry creature living her life, I’ve collected a some rules that she seems to live by, and that perhaps we all should too:

  • If something bothers you, bark at it.
  • If someone bothers you, leave them alone.
  • There is no such thing as too many hugs.
  • Do not eat when you you’re not hungry.
  • Do not sleep where you don’t want to.
  • Do not be alone when you can cuddle.
  • Do not care how ridiculous you look when you’re comfortable.
  • You don’t have to be happy about it, but share your toys.


I’ve been on a bit of an organizing kick lately, the source of which is a mystery, but the net effect of which I’m very happy with. As I sort things into labeled bins and ask myself if I will ever use something again or how much it costs to replace it, the number of hobbies I’ve found evidence of keeps adding up. I am starting to think that my main hobby is trying new hobbies!

Here are all of the activities I have come across, in no particular order.  Some of these I’ve spent mere hours on, others have entailed thousands of hours:

  • Collectible card gaming
  • Furniture making
  • Paper making
  • Cooking
  • Board gaming
  • Miniatures gaming
  • Computer building
  • Barbeque/Smoking
  • Novel writing
  • Blacksmithing
  • General photography
  • Macro photography
  • Portrait photography
  • Camping
  • Wood carving
  • Wood turning
  • Home theater
  • Programming
  • DIY/House Renovation
  • Pen making
  • Miniatures painting
  • Model scenery construction
  • Paper crafts
  • Electronics/Soldering
  • Chemistry
  • Piano
  • Harmonica
  • Saxophone
  • Beer brewing
  • Baseball
  • Softball
  • Fantasy sports
  • Reading
  • Gardening
  • Exercise
  • Home automation
  • Wood burning
  • Golf
  • Poker
  • UX Design
  • Freshwater aquariums
  • Game design

TV in 2015

I think most people, including myself sometimes, watch too much TV, but I don’t think the right amount of TV is zero.  We really are in a golden age for the artform and with the putrefaction of the film industry, I don’t think there’s anything wrong with enjoying it in limited quantities.  My thoughts on some current and recent shows:

American Ninja Warrior

This show has been on for a while but I had never even attempted to watch it because it has a terrible name.  I caught part of an episode last year and realized it was not some campy parody of a Japanese game show but something else entirely.  If you’re not familiar, it is a relatively simple concept.  Contestants run an obstacle course with the primary goal being to finish the course and the secondary goal being time.  The twist here is that the course is incredibly hard.  Most people fail.  They don’t get any practice and if they make one mistake they are done.  In this age of coddling and positive reinforcement this show takes us back to the days when video games didn’t have save files, when the 10th best hitter on the baseball team rode the bench all season, and cars would explode in minor accidents if they didn’t impale you on the steering wheel first.  It reminds us how satisfying hard work can be and there is no doubt that the frustration and happiness of the contestants is real.


Recently cancelled, hopefully to be picked up elsewhere, I am surprised it even made it this far.  It is a very dark, very deliberate, very long story.  The imagery, music, and sounds are often vague and pretentious, but they are always detailed and highly crafted if not beautiful.  And with all due respect to Anthony Hopkins, Mads Mikkelsen is amazing as Hannibal Lecter.  I recently watched a bit of Silence of the Lambs and Hopkins’ take on the role is almost clownish.

Halt and Catch Fire

A couples romance where the main conflict driver is entrepreneurship.  The show captures what feels like a very authentic bleakness about 1980’s Texas.  After two seasons, the writing has become a bit aimless but the characters are authentic and the acting is very good.

Mr. Robot

This show is brand new, but the pilot was amazing.  If someone said they were going to do a mashup of Dexter and Fight Club and maybe throw a teeny bit of Sherlock Holmes (Elementary-style) in, I don’t know what I’d expect but this show pulls that off.  The pilot could have easily been tweaked into a good movie and is one of the best I’ve ever seen.  The rest of season one was not as good but more sustainable, and has maintained the thriller aspect.  Christian Slater is television poison, but he has a limited role that doesn’t leverage his usually hamminess, so we’ll see if the curse can be reversed here.

52 Word Review: Mad Max: Fury Road

George Miller pulled off an impressive feat with Mad Max: Fury Road. After a 30 year hiatus, he managed to craft a movie that is better in every conceivable way than the previous 3 installments. It’s everything an action movie should be: fun, fresh, relentless, uncompromising, and extreme but, perhaps most surprisingly, not dumb.

Driverless Cars

I completely agree with the headline of this blog post, but not with the overall sentiment.  Driverless cars are going to change the world, and for the better.  I’m not sure how much they will do so in my lifetime, it’s hard to believe that anyone born before 1985 or so is going to completely trust them.

The car insurance industry will cease to exist. These cars aren’t going to crash. Even if there are hold-outs that drive themselves, insurance would be so expensive they couldn’t afford it, as no one else would need it.

These cars will crash.  For as long as humans are allowed to drive, they will be causing accidents, hitting other driverless cars and each other.  There are also a number of causes of accidents that are still going to happen, such as those involving wildlife or severe weather or mechanical failure.  The robocars will handle these situations far better than humans, but they will still happen, and people will still be injured and killed as a result.

If the cars don’t crash, then the auto collision repair / auto body industry goes away. The car industry also shrinks as people don’t have to replace cars as often.

The car industry will likely shrink over time, just as any other technology-driven industry as.  They will be forced to evolve to new products.  This will happen slowly enough that if they’re properly managed, they should be able to shrink through attrition.

Long-haul truck driving will cease to exist. Think how much money trucking companies will save if they don’t have to pay drivers or collision and liability insurance. That’s about 3 million jobs in the States. Shipping of goods will be much cheaper.  On that note, no more bus drivers, taxi drivers, limo drivers.

This is definitely true.  I bear no ill will towards professional drivers but I think we can find jobs that are more rewarding for people than driving goods or passengers from point A to point B, and often drive back to A with an empty truck.  Trucks also account for the vast majority of road wear, a single tractor trailer can do as much damage to a road as nearly 10,000 normal cars.  The main reason we load so much weight onto a truck is so you only need one driver.  It will be more efficient to send smaller loads by robotruck, as they can be better targeted (think one truck per state rather than one truck per region), which will result in smaller trucks.

Meter maids. Gone. Why spend $20 on parking when you can just send the car back home? There goes $40 million in parking revenue to the City of Vancouver by the way.

Considering much of that revenue is probably supporting the collection of that revenue (meter maids, infrastructure, towing, courts,etc.) I don’t think this is a net loss.  Also, fewer parking spots means more pleasant streets with less traffic problems.

Many in cities will get rid of their cars altogether and simply use RoboTaxis. They will be much cheaper than current taxis due to no need for insurance (taxi insurance costs upwards of $20,000/year), no drivers, and no need for taxi medallions (which can cost half a million in Vancouver). You hit a button on your iPhone, and your car is there in a few minutes.  Think how devastating that would be to the car industry. People use their cars less than 10% of the time. Imagine if everyone in your city used a RoboTaxi instead, at say 60% utilization. That’s 84% fewer cars required.


No more deaths or injuries from drinking and driving. MADD disappears. The judicial system, prisons, and hospital industry shrink due to the lack of car accidents.

Let us hope that we don’t see MADD exhibit the Shirky Principle (“Institutions will try to preserve the problem to which they are the solution”) and simply fades away to an irrelevance we can all agree is a success.

Car sharing companies like Zip, Modo, Car2Go are all gone. Or, one of them morphs into a robo-taxi company.

I think they will definitely be robotaxis, but there will also be a need for specialty cars like pickups.  We may even see an increased diversity of car designs available for rental where you can have a special grocery-mobile sent over, or a van with 12 seats, or one with extra entertainment options for your long trips, and so on.

Safety features in cars disappear (as they are no longer needed), and cars will become relatively cheaper.

Very unlikely, as people buy fewer cars and use them less frequently the prices will go up accordingly.  We’ll also probably require, through legislation, even more safety features, simply because of an inherent distrust of the technology.

I’m  really hoping that robocars are a reality within the next 30-40 years when I will be at the point where I shouldn’t be driving any more, and I’m happy to see that we actually seem on track to do that.

Amazon Showrooms

Amazon caught a lot of heat over this past holiday season over some improvements to its shopping app.  It made it easier than ever to find out that you probably don’t need to buy that blender at Sears, when you can get it for 30% less on Amazon and don’t even have to carry it home.  There were cries that small businesses can’t compete with this and would all be dead soon.

There is nothing at Best Buy or Barnes & Noble that you can’t get on Amazon (or many other online stores).  It’s rare that it will not be cheaper online, even during a sale (which typically just brings the price down to a normal online price).  Is it sustainable to have a store where I can go and hold something, and then order it from somewhere else?  No.  Should we feel bad for the big box stores?  No.  Should we feel bad for the shopkeeper who sells a particular niche at a high markup without adding value?  No.

Stores that only sell commodity products are a recent innovation to take advantage of a temporary imbalance.  They will eventually go the way of dodos, video rental stores, and record labels.  We’re still going to have a few, because there are enough “need it now” purchases to sustain the Targets and Wal-Marts, and we’ll probably still have a few high-end ones where excellent service matters like Nordstrom, but most of the stores out there are turning into showrooms.

What if Amazon bought BJs?

(BJs is a consumer warehouse/bulk goods store, like Costco and others).  My Prime membership takes the place of my BJs membership.  Instead of walking around with a giant shopping cart and driving home with mass quantities of things, I simply browse the aisles for products I like.   When I see one, I scan it with my phone, and it’s on my doorstep the next day.  There are a few people on staff that might help, and there’s a hotline to specialists that understand the products and can answer my questions.  No need for a massive loading-dock infrastructure, or inventory control, or 50′ tall ceilings to heat, or many of the other overhead expenses that yield the current retail markups.

What about the little guy?

I’d like to see our shops go back to actually making things and/or adding value.  Custom products, not “regional dealers”.  There will definitely be less of them, but this will make more space and lower rents for the people who just want a spot where they can sell their craft, or for people to provide useful services instead of distribution.

Security Club

Sony has been getting repeatedly hacked. We’ve seen it before with the TJX incident, and many others, most of which never get reported, much less disclosed, or even discovered. In some of these cases, only email addresses are taken, or maybe passwords. In others, names and addresses are exposed, as well as medical conditions, social security numbers, and other very sensitive information. It seems to me that this is happening more often, and I think it’s for a few reasons.

Bigger Targets

The first reason is that targets are getting bigger and the rewards go up with size. Nobody is going to waste their time getting into a system with a few thousand random users when you can get tens of millions for the same effort. As more people use more sites, it’s only natural that there are going to be more million-user sites out there. This reason isn’t a big deal, it’s just the way things are.

Better Rewards

The second reason is that more companies are collecting more data about their users. This data is valuable, possibly the most valuable asset some of these companies has. Facebook and Google make much of their money from knowing about you, what you do online, the types of things you’re interested in, different ways to contact you.

Large companies like Sony can afford to take whatever information you give them and cross-reference it against various databases to get even more information about you. This lets them focus marketing efforts, tailor campaigns to you, shape product development and so on. This also lets them make the site more easy to use with pre-filled information, to increase sales and conversions.

We don’t even really question when a site asks us for our name any more. What’s the harm, right? Sure, I’ll give them my ZIP code too, and maybe even my phone number, they probably won’t call me anyways, right? Now ask yourself, why do you need to give your name, mailing address and phone number to a company to play a game where you are a pseudonymous elf?

The real answer is that they don’t. They might need it for billing purposes, but billing databases are kept much more secure for reasons I’ll explain later. They ask for this information because it’s free, and because you’ll give it to them, and because it’s valuable to them. It’s probably not protected very well, and when it gets stolen everyone shrugs, changes the password on the database, emails the FBI to make it look like they care, and gets back to more important business like social media strategies.

No Penalties

The companies involved are embarrassed and probably suffer some losses as a result, but these are mostly minor injuries. The news stories spin it to make the intruders the sole criminals, and lose interest. The only people who really pay for these incidents are the people whose data has been stolen. There are no requirements on what companies have to do to protect this information, no requirements on what they need to do if it is compromised, no penalties for being ignorant or reckless. Someone might figure out that it’s going to cost them some sales, and they put some money in the PR budget to mitigate that.

This is the reason why billing information is better secured. The credit card companies take steps to make sure you’re being at least a little responsible with this information. And in the event it leaks, the company who failed to protect it pays a real cost in terms of higher fees or even losing the ability to accept cards at all. These numbers make sense to CEOs and MBAs, so spending money to avoid them also makes sense.

How to Stop It

There are obviously a large number of technological measures that can be put in place to improve security, but there’s one that is far simpler and much more foolproof. But first, let’s look at banks. Banks as we know it have been around for a few hundred years. I’d bet that you could prove that in every single year, banks got more secure. Massive vaults, bullet-proof windows, armed guards, motion detectors, security cameras, silent alarms, behavioral analysis, biometric monitors, the list goes on and on, and all of these things actually work very well. But banks still get robbed. All the time. When was the last time you heard of a bank robber getting caught on their first attempt? They are always linked to dozens of other robberies when they do get caught. Why?

Because they’re full of money.

They can make it harder to rob them. They can make it easier to catch the people who did it. But the odds don’t always matter to someone who sees a pile of money sitting there for them to take if they can bypass these tricks.

People break into networks for many reasons, but the user data is often the pile of gold that they seek. So the most effective way to stop someone from breaking in and stealing it is to not have it in the first place. This advice works in 2011, it will work in 2020. It works on Windows, OS X and Linux. It works online and offline, mobile or laptop, and so on.

“The first rule of security club is you try not to join security club: minimize the amount of user data you store.” – Ben Adida

So if you’re in a situation where you need to figure out if your data is secure enough, or how to secure it, start with this question: Do you need it in the first place? Usability people say they want it. Marketing people say they need it. If you’re an engineer, it’s a losing battle to argue those points, because they’re right. Stop convincing people why you shouldn’t do it, and put a cost on it so they have to convince each other that it’s worth it.

Anyone who went to business school knows the cost/value balance of inventory. It’s pretty straightforward to discuss whether a warehouse should be kept opened or expanded or closed. Nobody wants to store anything for too long, or make too much product or have too many materials. But ask them about how much user data you should be storing and the response will be something like “all of it, why wouldn’t we?”.

So make sure that the conversion bump from using full names asking age and gender and doing geo-targeting covers the cost of the security measures required to protect that data. Make it clear that those costs are actually avoidable, they are not sunk. They are also not a one-time investment. They should show up every quarter on the bottom line of anyone who uses that data. And if nobody wants to pay for it, well, you’ve just solved a major part of your security problem, haven’t you?

Update 10/18/2011: “FTC Privacy Czar To Entrepreneurs: “If You Don’t Want To See Us, Don’t Collect Data You Don’t Need


SEO sucks. It’s a fun little game to play for a while, but at the end of the day almost everyone loses. The searchers lose because they can’t find the best stuff any more. The search engines lose because their searchers see worse results and are less happy. Legitimate creators and business lose because they have traffic siphoned off by spammers and scrapers. They’re forced to waste brainpower and money on this ridiculous game that, from where I’m standing, they’re losing.

I’m not pretending that there was some golden age without spammers, they’ve always been there, and they always will be. Originally we had straight-up content matches, then keywords. Search quality was approaching unusability before Google came on the scene. They did a good job, PageRank put a trust network in the mix, and worked great for a while. Eventually that well was poisoned too. They’ve done many things since, and I bet many of them helped. The new site blacklist is a good step but certainly a tricky one to use. The rise of Bing is actually a good thing, I think Google is in a much better position to take risks and change things when they’re at 70 or 80% of the market as opposed to 95%.

So let’s stop talking about SEO as a black art. Let’s stop making our sites worse to prolong a losing battle. Let’s take that energy and put it into something else. Put your content out there in the best format you can. Forget code-to-content ratios and maximizing internal link structures that don’t benefit your users.

Instead, let’s think of ways that we can help explicitly affect results. Here’s one: Think robots.txt meets social graph meets PageRank. lists other sites in it’s /affinity.txt file, and defines some coarse relationship. Something like this: self
* follow
* follow

So we’ve got the “self” tag that basically says “this is another version, or a related version, of me.” If has a “ self” entry, you’ve got yourself a verified relationship. We’ve also got something like a follow tag that says “we like these sites and think they’re valuable, you should go there (and follow links from us).” It’s basically a vote. Unidirectional votes are useful for quality, and mutual votes are a big clue about transferring trust.

How many votes do you get? No idea, I don’t see any reason to limit it. I think those things will work themselves out. I don’t see regular sites managing thousands of links in there, I think they just link to enough to make it meaningful. Or maybe there is some hard limit, so there’s less of a guessing game on how to pick who goes there. 100 per site? 1000?

Now you might think, “this is just pagerank” but it actually is different I think. First, it’s much easier to spot foul play. There are far fewer domains than pages, so the graph is much smaller and easier to traverse. Junk sites are going to stick out like a sore thumb. A spammer can’t really use this channel by making artificial networks of trust because it would be so easy to kill them en masse. It’s also difficult to mask or overwhelm like linkfarms.

Does this hurt the little guy? Not any more than spammers, I think. I think even though the expression of the data is simple, the interpretation of it can be very complex. If you’ve got a little blog that just blathers on about computer stuff and doesn’t even have any ads on it, you may not need much trust to rise up on specific content searches. If you’ve got a site with 3 million pages that look an awful lot like wikipedia pages, and your only votes are from other similar sites, and your whole cell has no links from the larger graph, well, maybe, despite your flawless, compact markup and impeccable word variances, you’re not really adding much value, are you?

I’m not saying this particular idea solves all of our problems,, heck, I’m sure there are some problems with it as described, but I think approaches like this will not only affect the quality of our search results, but they will ultimately affect the quality of the web overall.

When will Google buy VMWare?

Google’s Chromebooks are starting to go mass-market. For those that don’t know, these are essentially laptops that only have a web browser on them. No Windows, no OS X or Linux. To many people, this seems ludicrous. You need apps, right? You need data?

The truth is, the majority of people already only use browser “apps”, which we used to call “websites”. Google has been leading the charge on this, by pushing the envelope on in-browser apps with Google Docs and the Chrome App Store. There are other players too, Apple is training people to buy apps, and not worry about having to reinstall them when your hardware fails. DropBox is training people to sync everything. Amazon is training people to have virtual CD shelves. Steam is training people to have virtual game libraries. Citrix and LogMeIn are training people to work on remote desktops, and so on.

These are all coming together to get people to the point where we basically go back to dumb terminals. Your computer is nothing more than a local node on the network. That, however, is not the interesting part, people have been saying that for years.

The interesting part, to me, is that it’s not actually going to be the typical early adopters going there first. My girlfriend’s computer literally has nothing on it. She only uses browser apps and iTunes, which is connected to our NAS where her photos are also stored. She uses GMail, Facebook, Google Docs, etc. With the exception of syncing her iPod, which I have to assume someone will figure out how to do in the ChromeOS ecosystem, I’m not sure she would really notice any difference.

Now my computer(s) are a long ways from there. I’ve got development environments, SQL servers, mail servers, all sorts of infrastructure set up. I could certainly move to a remote desktop or a remote terminal on a server, but the change would be much more disruptive and not without some costs.

Along a different path, we’ve seen a long progression of advances in virtualization. I actually do most of my work in VMs now, for a number of reasons, but one of which is that I’m not dependent on a particular piece of hardware. If my laptop is destroyed or stolen, I’m back up to speed very quickly. The only thing I’d need to do is install VMWare, plug in my drive, and I’m good to go.

I think these two paths are going to meet up soon. I think ChromeOS is a way to get the low-demand computer users on board. If Google buys VMWare, they can come at it from the other end as well. I think VMs will get leaner while browsers get more robust, and we’ll end up with a hybrid of the two. A lightweight OS that is heavily network/app/web based? I wonder where Google would get one of those? Oh, right, they already did.