Book review: Mirror Man

At first glance, the plot line of this book seems tired: part clash of the clones, part “Total Recall” memory conflicts, part retread sci-fi mystery. But as you get drawn into the book, which concerns a pharma marketing exec who volunteers for an illegal cloning experiment, replacing himself with a clone for a year, you find out it is quite original and intriguing. The clone — and his body double who is locked away — are both carefully observed, although not as carefully as the scientists think. By the time you reach the end, you’ll have thoroughly enjoyed this book, and the combination of sci-fi and mystery is a nice balance. Highly recommended and I might have to rewatch the original Total Recall just to savor some of those memories, wholesale.

Here is an excerpt from the new Jane Gilmartin novel.


Cord cutting ain’t easy

For years now many tech folks have discussed cord cutting. This usually refers to eliminating the traditional cable TV provider and replacing it with one or more streaming TV services. Earlier this month I spent a week trying to eliminate AT&T Uverse cable TV service from my life. It was a dismal failure. I first tried Hulu Live TV, then YouTube TV. Both would have saved me about $75/month if they worked as promised. What I found out is that there are two general conditions that these streaming/cord-cutting services are a good fit for:
— If you just have one TV (or have all relatively recent smart TVs) and
— If you have a cooperative family that can ignore some of the usability issues.
If you have > 1 TV (or a mixture of various vintages), you will need multiple boxes or sticks or whatever add-ons to turn your older dumb TVs into smarter ones. This is because in order to fully take advantage of the streaming service of your choice, you need a good app that runs on the TV that will present the channel guide and allow you to add programs of interest. The more gear (besides the TVs) you need, the less compelling the economics and the more complex the usability issues. Not helping matters is that the services are raising their rates: YouTube TV, for example, had a big price hike over the summer. Doing my usual thing, here is what I found:
    • The UIs are just awful for the streaming services. Maybe we got used to the cable UIs over time — which wasn’t anything to crow about. YouTubeTV has the best interface, but it is the best of a bad lot. The problem is those change-resistors that I mentioned above. And it doesn’t help matters that you don’t usually have a keyboard to navigate these UIs. While it is nice that the new Google TV and some of the other devices (Like the sticks from Roku and Amazon) come with a remote, this isn’t enough.
    •  If you have a mixed collection of different TV vintages, you are probably going to be switching between the web UI and the TV app UI, which will further confound the change-resistors in your family. Exhibit A is Netflix: their web UI has been perfected over a longer time than any of their app UIs, and despite all the code development, both of them are still less than satisfying.
    • The app collection for your TV is disappointing. This isn’t like getting apps on Google Play or iTunes app stores. You are stuck with whatever is available for your particular generation of TV. I got a new TV last year, which is great for that TV, but unless you plan on upgrading all your home’s TVs you won’t be happy with the older vintage apps available.
    • One of the bigger downfalls of the streaming services is being able to easily rewind and fast forward (including through commercials). Uverse (and just about every cable TV provider) makes this easy. Every streaming service makes this a lot harder, and in some cases you can’t skip the ads (unless you buy a premium package, and then that just lets you skip some of the ads). One of the reasons why we record our favorite programs is being able to skip ALL the ads. I also found that the time of day that you watch will determine how many ads get inserted into your programming streams.
  • You need to read the fine print. Some of the streaming services have extra charges for multiple users or multiple TVs or multiple devices, to remove some of the ads, or to add additional capacity for recording your shows. A small subset of the various Hulu “add-ons” are shown in the screencap at left.
  • Finally, the TV apps don’t easily maintain channel states after the TV is turned off. When I am watching channel 5 on any of my TVs — smart or not — if I turn it off and then back on, it stays on channel 5. This is not necessarily so with the apps. With my smartest and newest Samsung TV in my living room, there is a setting on the menu that I found after much poking around to enable this. But it was purely by persistence that I found it.

So I went back to Uverse over the weekend. It was an interesting experiment, and I appreciate my wife being patient as I messed around.

Mail-in ballots are the new literacy tests

I was watching a fascinating movie on Amazon called All In. It documents voting suppression history in the US. While we have had various laws, including several Constitutional amendments, their implementation is mostly a local matter. Some local officials have done what they can to deny the vote over the years. For the most part, the documentary is accurate. It features numerous interviews with Stacey Abrams, who lost the Georgia governor’s race in 2018.

The movie comes at an interesting time. In my blog post for Avast this week, I summarize many of the voter suppression efforts that we have seen in the past several years, including leading up to the 2016 and 2018 national elections. There was a lot of data on suppression collected by Mueller. His report  showed that more than 3,500 ads on Facebook were placed by the Russian Internet Research Agency to try to convince potential Black voters to stay home during the 2016 elections. The same group also posted a series of anti-Muslim ads and organized concurrent protest rallies in Texas on opposite political sides. My Avast post has more details on the recent suppression efforts seen this year.

There are efforts to try to encourage everyone to vote, including a major ad spend by a new non-profit group called National Council on Election Integrity.

In the Amazon All In documentary, one person suggests the 2016 efforts should be called “Jim Crow v2.0,” referencing the pre-60s laws (and more recent changes) that made voting difficult by instituting literacy tests and poll taxes. You can see some archived examples of 1960s-era literacy tests here. These tests are almost impossible to pass, even f you have a graduate degree in American Studies.

I want to take things a step further: I think we are now in the Jim Crow v3.0 era. The new literacy test is the result of a confusing series of mail-in and absentee ballot regulations and shifting court challenges that are now happening across our country. My wife and I voted via mail-in ballots in Missouri: it took a lot of re-reading the various instructions, figuring out the steps involved, getting our ballots notarized and then mailed in. Each ballot has to be returned in a matching envelope and is tagged with a QR code that you can scan to check on its progress, to ensure that the elections board received it. (They did.) A good resource is what the Washington Post has put together that tells you when and how you can vote in your state.

But there is a subtle difference between mail-in (which anyone in Missouri can do) and absentee (which you have to certify that you aren’t going to make it to the polls). They have different deadlines and other requirements. For my Avast blog, I got to talk directly to Trevor Timmons, the CIO for the Colorado Department of State, the agency that supervises its elections. In its June 2020 primary, more than 99% of registered voters submitted mail-in ballots. Colorado is one of those “universal” mail-in states, meaning that every registered voter will receive a mail-in ballot. You can come and vote in person, but most people don’t. You can also register and vote on election day, something only a few states have.

After I had mailed in our ballots, I had a senior moment where I thought I swapped my ballot and put it in my wife’s return envelope, and vice-versa. Timmons told me that they specifically look out for these situations and still validate both ballots: “It is a common error that takes manual intervention to resolve, but it is resolved quickly.”

What about fraud with mail-in votes? If you examine this page from the Heritage Foundation, you can see their dashboard of fraud has found 1,300 cases. That sounds like a lot but not when you compare that with the hundreds of millions of votes cast. Timmons is more worried about election security, and has put a series of measures in place, such as MFA required for all election judge since 2013), applying current software patches and using other endpoint detection tools to stop malware attacks. “We have seen ransomware incidents in some of our counties that compromised other agencies. We detected them when the attacks attempted to move to the elections boards and we were able to stop their spread.”

Meanwhile, October hasn’t been without its election systems hiccups. Voter registration systems were overwhelmed in Florida. Georgia’s electronic voting machines had some issues on the first days of early in-person voting, and Virginia’s and Pennsylvania’s online registration systems were both down thanks to a construction crew cutting a fiber cable and a systems crash in a data center, respectively.

In praise of cheat sheets

While my days of being in engineering school are in the paleolithic era, I do remember a fondness for cheat sheets, especially when it came time to cram for exams. I was recently reminded of this while watching a movie about NASA’s mission control doings during the Apollo era. On the screen flashed the following handwritten cheat sheet, to be used when one of the spacecraft computers was showing a particular alarm code. I believe it was compiled by Jack Garman.

This struck me as fortuitous — as some of you might remember, when the Eagle lunar module from Apollo 11 was making its descent to the surface of the moon, it had set off a 1202 error code. The engineers had experienced this code in previous simulations, and within seconds were able to tell Armstrong and Aldrin to just ignore it and carry on: the code indicated that the computer was being overwhelmed with inputs. Given that computer had the processing power of today’s coffee pots (1 MHz processor with 150 kb of RAM), it wasn’t a show-shopper.

But it also struck me as somewhat amusing too. Here is NASA, spending billions of dollars inventing all this technology, and the success and failure of the first moon landing came down to some engineer putting this one-pager together that saved the day. Garman had memorized these error codes and was able to quickly respond to the flight controllers that the landing could continue.

If you want to read more about the circumstances around the moon landing, check out what I wrote about in 2009. There are some links to interesting web pages that show simulators for the guidance computers and also a real-time video and audio of the entire mission.

If you want to see some good examples of the cheat sheet genre, Peter Nikilow has collected hundreds of them on his Pinterest account. If you have your own favorites, put a link in the comments and say what makes it so.

Tech innovations we owe to HotOrNot

Nineteen years ago, I taught a high school computer networking class for ten boys. It was my first time in a classroom, which had a live network and Internet connection using a bunch of Windows 95 computers, hard wired via Ethernet. We had some fun times with the class, which lasted all year, and I am still in touch with many of the students today. I can’t imagine trying to teach a class like that via Zoom, but that isn’t why I am writing about the experience.

One of the more memorable moments was when some of the kids posted my picture on, a new website that just celebrated its 20th anniversary and got some mention in Mashable here. I would urge you to read the entire story, even if you are in a stable relationship and don’t have any use for dating or matching sites. The story notes the many places where HotOrNot was ahead of its time, and lay the foundation for many of the web technologies we have come to know and love today. For example, the site connected online and offline social interaction in new and useful ways. Now we take this kind of connection for granted. Some other ground-breaking things:

  • Gamified ratings of each participant’s photo, now enshrined in Likes and up-votes across all the social media platforms.
  • Word-of-mouth traction: traffic doubled every few hours in its first weeks. In the piece there is this charming story about how UC Berkeley engineers figured out the extra traffic was coming from one of their servers that had been connected without approval on the campus network.
  • They very quickly put in place a subscription model and became cash-positive by using auto-renewing subscriptions. That was a rarity then but now is so commonplace that you would be hard-pressed to find a website that doesn’t do this.
  • Outlandish promotional billboards. They put up one with the two founders mostly naked, strategically covered by their laptops with low scores. The founders were nerds, after all. This is way before Oracle and numerous other tech companies used similar tactics, not to mention every airport ad ever used by a tech vendor. Remember airport ads?
  • Something not seen currently were a series of anti-bullying measures, include great take-down response time if someone complained about their photo. It has taken many tech companies far too long to figure this out.
  • A real tagline: keeping the site “fun, clean and real.” Unlike other taglines (don’t be evil, say), they actually meant it and ran their company accordingly.
  • Eliminate needless clicks: when it was first conceived, there was a “click to submit” button. That was eliminated.
  • Virtual goods purchased through real money, typically with Western currencies that could retain their buying power if they lived in other parts of the world. Now we have Bitcoin.Not sure that is progress.
  • Mutual opt-in messaging, a precursor to many what many subscription and dating  sites do, and the model behind Twitter’s DMs.
  • Inclusive dating to the same-sex world. While not as inclusive as today’s alphabet soup of non-binary genders, it was still innovative in moving beyond hetero norms.
  • Speaking of gender, HoN also had several female managers way before it became a cause. Again, this has taken way too long to implement.

FIR B2B podcast episode #142: Why B2B marketers should care about “The Social Dilemma”

The movie The Social Dilemma is now streaming on Netflix. It’s been widely reviewed, and most of the reviews are positive.  (You can read my review for his Avast blog here.) It combines documentary-style interviews with leading minds formerly at Facebook, Twitter, Uber, Instagram and so on, along with star turns from Shoshana Zuboff, Jaron Lanier and Renee Diresta. The thesis is that the social giants have sold us and our data down the river, and we now are stuck with the results.

Paul Gillin and I discuss the wider implications about the movie for B2B marketers, particularly for the tech world that we both know so well. While neither of us learned anything new, the movie does portray a dark and dangerous situation situation developing. We feel that the time has come for advertisers to band together to acknowledge that this is a problem, to fight platforms’ tacit support for conspiracies and hate speech and to educate the public about how to be careful in their own consumption of social media posts and misinformation. There are several privacy suggestions in both the ending credits of the movie and on David’s post that could be starting places for a discussion.

Earlier this summer a group of advertisers banded together to boycott Facebook. The NY Times wrote about the results here. Basically, while many advertisers went dark, most of them came back in August. The revenue impact on Facebook wasn’t significant and many smaller businesses really have no choice but to use the platform.

We’d love to hear from you with other suggestions on how we can work together to improve the social media landscape. You can listen here for our podcast commentary about the movie.

What is QAnon and why should you care?

I am not a big fan of conspiracy theories. As my wife has suggested, this practical reason makes more sense to me: the number of folks that have to be in on the secret have to be a very large number. It is far easier to just explain the “theory” as baloney.

Let’s talk about one of the biggest conspiracies sweeping the world right now, QAnon. Its adherents are a very scary bunch. It has gotten so popular that now they have hijacked what were normally causes for good, such as using  the #SaveTheChildren hashtag (as explained by the NY Times) to organize and recruit new members. They are so popular that a software development conference with a similar name has received registrations from people who can’t code. Last summer the FBI identified QAnon as a potential domestic terrorism threat, linking the group to the Tree of Life shooter.

“QAnon is a baseless internet conspiracy theory whose followers believe that a cabal of Satan-worshipping Democrats, Hollywood celebrities and billionaires runs the world while engaging in pedophilia, human trafficking and the harvesting of a supposedly life-extending chemical from the blood of abused children,” wrote The Guardian in a post earlier this summer. If you recall the whole PizzaGate fiasco a few years ago, that was their heretofore most infamous moment. (You can find references to that on your own.)

I will give you a lay of their landscape, and assure you that my hyperlinks go to legit sources that hopefully won’t amplify their messages of hate. And they have nothing to do with the delightful musical referenced in this image here.

Their membership, from various accounts, appears to be catching on. There are dozens of Republican congressional and local races with avowed QAnon supporters, including a couple running in safe districts that will most likely get elected. That is pretty depressing. One reason for their popularity is social media, which makes it easy for potential members to find like-minded individuals in their area to connect with. Facebook banned many QAnon groups in mid-August. When Twitter took similar action in July, it limited reposting features for approximately 150,000 accounts and banned more than 7,000 accounts outright.

But here’s the problem: banning this reprehensible speech isn’t the best solution. Unlike the “shouting fire in a crowded theater” (not that any theater right now is even close to crowded), these groups aren’t so easily silenced or adjudicated in a courtroom. The problem with an outright ban is that this almost always encourages the QAnon supporters to find other places to post their garbage and attract new followers. What is needed is to leave the original post (usually a video) and attach a piece debunking their claims. What Twitter did was to also downrank the Tweet and preventing any reposting. “This creates one location that can be used to offer debunking content, both as a pre-roll on the video and in the recommended next videos,” says Renee Diresta here. She goes into more detail in a Wired piece where she documents the path that many conspiracy adherents take, calling them Cult 2.0. She writes, “The social platforms are still behaving as if they don’t understand the dynamics at play.”.

Sadly, our cancel culture has made the problem worse. We need to operate with a more granular mindset if we want to prevent these hate groups from spreading. It is too bad that Facebook can’t seem to figure this out.

Avast blog movie review: The Social Dilemma

Earlier this month, Netflix started streaming the movie The Social Dilemma. It was first screened at Sundance earlier this year, and now is widely available. Since its release, it has been widely reviewed.

The film combines documentary-style interviews with leading nerds behind Facebook, Twitter, Uber, Instagram, etc. along with star turns from Shoshana Zuboff, Jaron Lanier and Renee Diresta. The thesis is that the social giants have sold us and our data down the river, and we now are stuck with them. The New York Times review is mostly positive, saying the interview subjects are “conscientious defectors from these companies who explain that the perniciousness of social networking platforms is a feature, not a bug.” The best interview subject is Tristan Harris, a former design ethicist at Google who now runs a non-profit called the Center for Humane Technology.

You can read my extensive review of the film on the Avast blog here. The film could be one small step to help understand the role that social media plays in our lives. It could  also help start some conversations with the less tech-savvy family members and friends.

You can also listen to my podcast as Paul Gillin and I discuss our reactions to the movie and what B2B marketers can takeaway from it.

Congradulations: you have been phished!

Phishing scams abound, if my own personal situation is any indication. This past weekend, I received two text messages — technically this is smishing or SMS phishing, but still. One looked like this (don’t worry, it is just a screencap):

You’ll notice a couple of tells. First is that it is addressed to me by name Usually, when my close friends and family send me texts, they don’t include my name. And the fact that a phisher knew my name is a bit concerning. The other is that it contains an active link, just waiting to be clicked on.

I got another text that was slightly less salacious, as you can see to the left. Again, my name is mentioned. Because of the subject, it is more insidious — now that we are ordering almost everything online the packages are coming to our doors in droves. But note this one tell — the package was mailed back in April. Granted, things are slowing down somewhat over at the USPS, but still.

The FCC has issued this warning about smishing with several illustrations. And the crooks are getting more clever, with this case described by Brain Krebs on how one criminal combined smishing with using a cardless ATM transaction (meaning just using a mobile phone for withdrawals) to steal funds from victims’ accounts.

Corporate security folks are trying to get ahead of the attackers, and many regularly conduct phishing simulation or training exercises. Sometimes these misfire. The WaPost reported on a recent phishing training exercise that was completely misguided. The Tribune Co. sent around a message with “Congradulations, executives!!” in the subject line (hence my usage in today’s essay title). The email promises bonuses to come, if only the staffer would click on the enclosed link. Yes, the deliberate mistakes (spelling and duplicate exclamations) and the embedded link should be the tells that something is amiss. Whether you think this insensitive (given the number of layoffs in this industry) or just plain dumb, it still was a poor choice to demonstrate and train users. While it is true that potential phishing messages do use this particular lure, the Trib IT department should have known better.

Smishing isn’t the only lure used by hackers of course. Ironscales has compiled a collection of fake login pages that try to fool people into thinking they are authenticating their AT&T, Apple, Bank of America and more than a dozen other accounts. Their research has shown there are thousands of these fake login pages circulating around online.  Ironically, the email from their PR department announcing this research was flagged by Google as risky, warning me not to click.

So here are a few pointers on how to prevent these types of attacks.

Don’t respond to any calls to action you get via texts or emails. Think before you click on the links or call the phone number listed. Better yet, don’t respond or click or call. This includes sending back a “Stop” text message. Just hit the delete key.

If you feel you have to respond, do it out of band. Go to the Fedex website directly and track your package that way. Call your bank directly to see if you have a fraud alert. Here is a Tweet stream that shows the lengths that one person went through to research and vet one text. My wife got a phishing email recently and did exactly that to find out it wasn’t genuine. 

Finally, is something out of character? Is this a text or email out of the blue from some long-lost correspondent? Or does it contain (one or more) simple grammatical errors?  Or is an offer of money too good to be true? That is because it isn’t. Do you really think the IRS or Social Security Administration sends you texts? News flash: they don’t.

Back to college, Covid-style

As most of you know by now, I live in St. Louis. This is midway between two major rival state schools, in Columbia (Mizzou) and the University of Illinois at Urbana-Champaign. The two schools have markedly different Covid testing policies this semester. I will get to that in a moment, but first, take a look at this dashboard developed by the College Crisis Initiative:

You can see the focus in my metropolitan area of each school and the various policies that have been adopted, ranging from full in-person classes to all-online instruction and various in-between choices. There is a lot of variation among the colleges and universities just on this small portion of the map. This reflects the variation of policies about the pandemic. In my region, we have different policies for mask wearing: a county just south of the city went from masks highly recommended to required to revoking the requirement, all within 24 hours. Such is the toxic mixture of politics and public health, with emphasis quite literally on toxic.

It is certainly a confusing time to be attending college. Mizzou is using a hybrid model: some in-person classes and some online. Each school’s dean makes their own decision. Students are required to report positive tests to the campus health department.

Illinois has gone whole-school testing. They aim to test everyone (including staff and faculty) twice a week, whether or not they show symptoms. They are doing thousands of free tests daily, using a new saliva-based protocol that was developed internally (Yale and the NBA are also doing something similar), with results available in minutes. Students receive results on an app on their phones, which allow them access to classrooms if they test negative. Interestingly, most of their classes are being held online, even though students are living on campus. All this planning didn’t help: students still went to parties and got infected.

Some schools, such as Notre Dame, began their semesters with plans for all in-person but got spikes in infections and then paused these classes to do more testing. The cause appeared to be a combination of large on-campus gatherings of non-mask wearers and two off-campus parties attended by biz school students. I guess the students took to their mirroring of adult life very faithfully.

To show you what shouldn’t be done is the example of Albion College in Michigan. Ironically, it has academic programs to train contact trackers to be hired by health agencies. Last month Zack Whittaker at TechCrunch wrote about a new Covid tracking app from Aura that is being deployed at the college. The app is mandatory for all students and tracks their real-time locations.

If you think you have already heard about Aura, there is another product with this name that is a mood tracker for the Apple Watch. There is also the Oura ring which is another health and activity monitor. But the Albion Aura app is a problem. Like at Urbana, students need to use the app to gain entry to classrooms. If students uninstall the app or don’t share their location with the app, they could be suspended. Its first release contained rookie security errors, one of which was found by one of the college’s compsci students. There is a long list of FAQs on the college website.  I was more confused reading the entries and I can’t imagine what students and parents at Albion might think.

Clearly, we are all feeling our way through these trying times. And the Mizzou link above will take you to a SciAm piece that compares strategies at other schools. If you have a college student in your family, do share your own reactions here about your own perspective.