CNN Underscored: Best mobile payment apps reviewed

Mobile payment apps can be a convenient way to send and receive money using your smartphone or smartwatch. Paying for items this way has never been easier, thanks to the availability of numerous mobile payment apps, better payment terminal infrastructure, and wider support for Bluetooth/near-field communication (NFC) contactless credit cards by American issuers. The coronavirus pandemic has also helped to make contactless “everything” more compelling. I tested out five different mobile payment apps: Apple Pay, Google Pay, Samsung Pay, Venmo (by PayPal) and Cash App (by Block, formerly Square) recently, and wrote my review for CNN/Underscored here.

Tracking the web of misinformation and copycats

How fast does misinformation spread across the web? Turns out, when it comes to the Kardashians, pretty darn fast. But even for those of us who are mere mortals and write about boring stuff like tech, still plenty fast. Let me explain.

Shelly Palmer also writes about tech stuff, and one of his articles quoted Kim and Kylie from an article in CNBC The quote contained a typo, namely, “Strop trying to be tiktok I just want to see cute photos of my friends.” Note the italics. He saw the typo and called CNBC, and within minutes the typo was fixed. No matter. By that short moment in time, hundreds of sites picked it up and included the original typo. Shelly used the typo as a “misinformation DNA marker,” as he puts it, to track who was more diligent about the typo and who could care less. It’s all about the clicks, and when it comes to Kim and Kylie, well, that can supercharge a story.

Shelly found the original phrase, with correct spelling, on a petition the women signed. What is interesting about his investigation was showing exactly how there are still close to 200 sites that haven’t changed the typo when I did my own search just now.

I feel for both Shelly and the CNBC reporter Jonathan Vanian who admitted to making the typo. I have found copycat websites all over the place that have taken my stories and posted exact replicas — some including my own byline — as if they were syndicating my content legally. They are not. It helped that I included (unintentionally at first, but now more deliberately) my own misinformation DNA marker in the form of a link to a previous blog post on my own blog. WordPress does a very solid job of tracking when someone else is posting to another WordPress blog with a link back to my content. I have seen dozens of these copycat posts, some within minutes of my story going live on the corporate blogs that have paid me to write for them. Of course, I notify my editors, but there is really very little that they can do. These copycat sites are often in other countries, and getting a takedown notice is nearly impossible, expensive, time-consuming, or all three.

Miss Manners: If I'd wanted your opinion, I'd have asked | News, Sports, Jobs - Daily HeraldAll this talk about copycat websites reminds me of a story from my early career at PC Week back in 1988. I wrote a column for the paper that envisioned the advice columnist Miss Manners giving out computing advice for common situations of that era. I have to say, first, I got her tone and style down cold (I will tell you why in a moment). And second, the piece has held up well after all these years, even though it uses terms that many contemporary PC users might never have heard of before. About a month after the piece ran in PC Week, I got a cease and desist letter from her syndicate’s lawyers. That to me was one of the high moments of my tenure at the pub, and an indication of how well the parody had gotten things.

Now, if any of you dear readers would like to try your hand at parodying my own style, please have it. I promise not to engage any lawyers.


CNN Underscored: Best cloud personal storage apps

It used to be that 1 TB of storage was a lot, but now this amount of storage is quite common to find on even the least expensive laptops. Over the years, a number of cloud-based storage vendors have begun to support the TB era and now many of them offer monthly storage plans for a reasonable price. We tested five different cloud-based storage apps—Apple iCloud+, Box, Dropbox, Google One, and Microsoft OneDrive—to see which one is the best cloud-based storage app for you. OneDrive comes out on top and it was easier to install on Macs than on some of our Windows PCs that had additional browser-based security that blocked the desktop client downloads.

You can read my full review here.

Your car has become yet another subscription service

The Verge has this piece about how carmakers have discovered subscription pricing, thanks in part to the leadership of Tesla. I have always thought of Tesla as a software company that installs their code in a big computer that happens to look a lot like a car. Now the traditional car companies have gotten more interested in selling subscriptions. For GM, these generate $2B annual revenues, which works out to customers paying around $40 a month for various options such as OnStar or SiriusXM.

But as Hawkins points out in his piece, this has fast become a nightmare for those citizens that don’t want to debug their car’s software and just want to drive them from one place to another. BMW was selling subs overseas to turn on the option for heated seats. Granted, most of the subs are for things like entertainment or driver-assisted features.

The problem with subscription cars is that the Netflix (or choose your favorite SaaS supplier) model breaks down quickly. There are several reasons. First, the software that comes with your car is most certainly out of date, sometimes by about a year even if you buy the current year’s model when it first goes on sale the previous fall. This is because it takes time to design the car and get subs it from the factory to your dealer and then to you. But another reason is that the car companies are not doing nightly software builds or set up like software companies — until Tesla came along.

Second, the car needs connectivity to update itself, and until lately that connectivity was either expensive (for cellular broadband) or inconvenient (such as using Bluetooth to get to your phone), or both.

Third, car subscribers are often paying to remove a software block on a functionality that already exists when the car rolled off the line. That can be frustrating for consumers, although Tesla owners seem ok with it for now.

Next, unlike SaaS vendors, you can’t usually try before you buy the subscription. Some of the car companies do offer enticement — when I got my used GM car from the dealer, they bundled in SiriusXM for a limited time. But for the most part, they haven’t fully embraced the SaaS model. Plus, the collection of features for the “free pricing tier” — if such a thing existed to the extent that it does in the SaaS world — is just brutally hard to figure out. It is hard to figure out a decent price point (see BMW’s mistakes charging upwards of $80/month for some of their services). It is hard to price something (like a heated seat) that was in the “free forever ” tier. And it is hard to support. Call your dealer? Yeah, right.

That brings up another point. How do you recover from a car’s software error? No one wants to see a blue screen in their car. My aging car’s GPS gets “lost” and has me driving through empty places on its map, which is somewhat disconcerting. It is one thing to wait for a file to download from some cloud server but another thing if you are going along at 70 mph down the freeway. Can I get a software update on my GPS? Nope.

Finally, the biggest issue is that carmakers are looking at subscriptions as found money when they should be dropping prices and using them as a way to amortize the vehicle sale. As prices on vehicles is rising faster than (insert your favorite supply chain metaphor here), you would think this is obvious. But no. This just adds to the distrust many of us have when the time comes to buy our next car and have to enter the 12 circles of hell otherwise known as the showroom.

Still, there is Tesla. Like I said, not your dad’s Buick.

How Fortnite spurred innovations in architectural technology

For someone who has been deeply steeped in technology for most of my career, I am woefully ignorant about computer games. I have written about this aspect of my life before, but today’s topic is how one game studio has had a breakout success in developing some very serious non-gaming business applications.

The company is Epic Games, most notably known for its Fortnite brand. Perhaps you have played it, or your kids have played it. Fortnite is built using the Unreal Engine, which has been around for decades and is now on its fifth version. Epic was smart with UE in getting it established as the premier 3D visualization tool, and it is used in all sorts of business applications. One of them caught my interest, when I watched this video from one of my favorite You Tube creators about the building of the Xi’an soccer stadium.  The architects of the stadium used UE to pre-visualize how the seating sight lines would work, how the roof would be constructed, and other design aspects of the stadium. It is still under construction. We are building a more modest soccer stadium here in St. Louis, so I have a bit of stadium envy here.

Anyway, Epic was smart with spinning out UE from Fortnite. First, it is free to download and get started. Yes, there are license fees if you want to do more with it, but you can figure it out and use most of its features without spending any money. Second, there is a huge dev community to support your efforts: discussion forums, loads of documentation, and professional education options too. UE is being taught in numerous colleges across the world. For example, there is this entire online curriculum. These efforts have paid off, and now there are numerous games that independent developers have built in UE.

Before I get to that, here is a short diversion into the world of film pre-viz. When I was living in LA back in the early aughts, I got to meet Dan Gregoire of Halon Entertainment. Halon is one of the pre-eminent pre-viz shops in the entertainment space, and has worked on numerous blockbuster movies. The concept is similar to what the architects are doing: if you can represent what will be shown on screen digitally, you can help a director figure out what camera and lighting and actors are going to be filmed and save a lot of time and money. I asked Dan about UE and turns out he has been using this tool for more than five years, first adopting it for his work for War for the Planet of the Apes. “It is the core foundation of our pre-viz pipeline,” he told me. “We use it for all sorts of things, including as a virtual art department, LED stage content and final pixel game cinematics.” Coincidentally, today they are part of a conference being held in Burbank featuring experts from Nvidia, UE and Microsoft.

But let’s turn back to this field of architectural technology. As architects have gotten comfortable with digital tools, things like doing pre-viz for the Xi’an stadium make a lot of sense. If you can create a digital copy of your building and experiment with various changes before you pour the first foundation footing, you can save a lot of money and build a better building too.

”In the past, architects had to put huge financial resources aside to hire experts who specialize in using visualization tools,” writes this one blog. “The Unreal Engine removes all this from the equation. It is an easy-to-use tool with medium hardware requirements and supports real-time rendering and experimental visualization.” In effect, UE has made rendering more of a commodity to designers and made pre-viz more approachable even for smaller design studios. Epic has this website that will provide all sorts of case studies and links to resources. There is the Atlantic Technological University in Dublin, which actually offers a three-year BS degree in this area. That is impressive.

It is ironic in a way. Just as our construction industry supply chains are getting choked, digital technology can help cut down on mistakes and help build better buildings. “Real-time technology is the future,” says Dan. “All it took was for the technology to be accessible from a business model perspective, and having Epic license it for free for non-game content was a big step.”

How to terminate staff safely

Let’s talk about layoffs for a moment. More specifically, let’s talk about the process by which a company fires its people. How does it work to terminate someone’s digital access? It is tricky.

Dos and Don'ts of Terminating EmployeesI have been laid off a few times over my career. The one that I wanted to tell you about was when I worked for the IT department for a large insurance company. My office was in a downtown LA high rise, and coincidentally, my wife also worked in the same building, for a different subsidiary of the company. Indeed, she worked on the same floor. I had just given my two weeks’ notice that I was quitting to go work for PC Week (now called eWeek). As was the custom of the times (this was in the 1980s), I was immediately terminated. My access to the mainframe was turned off, and I was accompanied by a security guard to clean out my desk, hand in my badge, and take me down the elevator and escort me out the door to the street.

There was just one problem: I had to tell my wife that I was fired, and this being the era before cell phones, I had to come back up to our floor. Also, our building didn’t have controlled access, so there really was no way to keep me out of the place.

Now let’s talk about today. How do you announce a layoff to everyone, including the folks that are still gainfully employed? Well, via email and Slack of course. But the timing is critical: if you terminate an employee’s accounts, they won’t get the memo. Some businesses wait a day. This recent survey shows that only 51% of organizations said they typically remove a user’s access to corporate systems the day (35%) or the day after (16%) the employee leaves. A day after is too late: there is a lot of damage a vengeful now ex-employee can do in that day.

Of course, it matters how many people are laid off at once, and where in the corporate hierarchy they are. If it is just a few people, you might get the security escort as I did. But what if dozens are terminated? This is what happened at Coinbase recently. They took a somewhat different approach. First, they cut off the terminated staff’s access to emails and other corporate accounts. Then the CEO sent out this note to their personal emails:

“If you are affected, you will receive this notification in your personal email, because we made the decision to cut access to Coinbase systems for affected employees. I realize that removal of access will feel sudden and unexpected, and this is not the experience I wanted for you. Given the number of employees who have access to sensitive customer information, it was unfortunately the only practical choice, to ensure not even a single person made a rash decision that harmed the business or themselves.”

I think this was the right sequence for Coinbase, but as I said timing is everything. If you are faced with a group layoff, here are a few suggestions.

First, make sure your HR department has the most accurate information about your staff. This means having both personal and work contacts, including private emails and cell phone numbers. You should have done this for all sorts of reasons outside of potential layoffs, such as being able to reach someone’s family in case of emergencies for example. And part of this census is ensuring that you don’t have active accounts for long-ago terminated staff.

Second, you should create a policy on who and how you will communicate company-wide news, both good and bad. How will this information be shared with the news media, and do you have the right media contacts too?

Next, how do you track all your corporate digital resources, and who has what kind of access to these resources? Does someone on your dev team use a private GitHub account? Are people creating Google shared workspaces with their Gmail accounts? Given how easy it is to setup a private cloud repository, you need to be aware of this as best as you can. Having all this information and accounting for the various communications channels correctly will take some effort.

Finally, you need to pay special attention to staff that have elevated access rights to various resources. Can you track if one of these privileged users have made copies of business or personal data? (This is the role of data loss prevention products, by the way.) Do you have too many administrators? That is usually a common problem.

Terminating people safely is a process, both from the affected individuals’ and the company’s perspectives. While the process chosen by Coinbase may not work for everyone, it is a useful template that can provide some important guidance.

There is a lot more to be said about termination policies and practice, and I would urge you to read this blog by Erica Marom and Uri Ar on how to build an employer brand.At the end of that post, they talk about how to craft a positive message and how to communicate it.

Avast blog: the evolution of self-sovereign data and Web 3.0 identity solutions

Earlier this month, Drummond Reed was one of the panelists at CoinDesk’s 2022 Consensus conference discussing “The Promise of Self-Sovereign Data and Web 3.0 Identity Solutions: Real or Mirage?” Reed, who heads Digital Trust Services for Avast, spoke about the evolution of these solutions and — like his fellow panelists — tried to frame Web 3.0 in terms of this perspective.

The session was moderated by Joe Cutler from Perkins Coie; other panelists included Richard Widmann, a strategy lead for Google Cloud; Tobias Batton, CEO of ExPopulus; and Lisa Seacat DeLuca, who is Director of Product and Engineering for Unstoppable Domains. They spoke about the evolution of Web 3.0 tech, what will tip it towards more general acceptance, and the role played by identities in the world of the blockchain.

You can read my reporting about this conference session in my latest blog for Avast here.

Online collaboration still ain’t easy

I have been writing about the challenges of online collaboration for years (here is a piece I wrote about synchronizing online calendars for the NY Times back in 2009)., and here is a link to my review of personal cloud storage that I recently did for CNN) When it comes to working on the same document (or spreadsheet or slide deck), it sadly still isn’t easy. Sure, there are tons of tools, including cloud storage vendors (like Dropbox, Google Workspace and Microsoft’s basketful of deplorable apps), team messaging apps (like Slack and Teams), and various other SaaS apps that claim to be collaboration forward but are still back in the dark ages.

Document Collaboration Tools - Document Management System FolderitWhat is wrong? All of this technology comes down to a bad marriage between the personal and sharing mindsets. And while the tools supposedly get more sophisticated, they still have fundamental and foundational issues, like these:

Our first problem is the personal computer is inherently personal. Back in the 1980s when we each had a huge 4 MHz CPU sitting on our desktops, we could run whatever apps we wished out of a tiny floppy disk. We didn’t share nothing with nobody. There was no internet, no SaaS stuff, no web browser. There weren’t even any graphic interfaces. Life was simple, and it was good, or so we thought. But now we have all this power: multiple CPU/GPU cores to run all sorts of complex stuff, gigabit speeds coursing through our home offices. But we still tend to think about the document that is sitting on our screen as our own proprietary property.

This background hasn’t made sharing easy. For a project that I am working on for a client, they set me up on their internal email system because they were using GDocs/Workspace. If you aren’t part of the domain, GDocs goes through some trouble and getting you in synch is painful. Much easier to just create a new email on their domain and share that way. Something is wrong with this picture.

Microsoft isn’t much better. They have almost as many varieties of sharing tech as Heinz has ingredients in their condiments. You have a Sharepoint drive, which isn’t the same thing as the Teams shared drive which differs from One Drive which isn’t the same One Drive on the E6 Enterprise license of Office 365, and oh by the way presents a different dialog from all of the above and is needed to manage all your various identities and sharing permissions.

Underlying all this tech are two basic ways to share stuff: either by URL (or by email, which embeds a URL in the message body), or by working with user identities, which also makes use of email addresses. Sometimes one method works better than the other. The ideal collaboration tool allows for setting basic access rights (view or edit your content), and sometimes these work, sometimes these are assigned to someone’s personal Gmail address when it should have been assigned to the common work domain address. Maybe this was an issue back in 2009, but it is still an issue today.

The sharing routines are broken because you have multiple paths and devices and apps to get you to your content. You can use a desktop or mobile app, a cloud app, a plain-Jane browser session. If you don’t have a desktop license to the word processor or presentation app, you have to bring up the browser and hope that you can run the app inside your browser — for those corporate-managed Windows machines that are under app lockdown, you might have to go through some hoops to get the right collection of permissions.

Plus doing this in near-real-time can be an issue if you are spread across a bunch of time zones around the planet and keeping track of what was done on a previous edit. This happened to me recently as one of my editors is in Europe while another is in California.

Sometimes I just give up and email someone the Word doc we are working on and just call it a day. That is absolutely the worst way to collaborate, bouncing bits back and forth across the internet. I hope it doesn’t take another decade to fix the collaboration problem.

Apple’s new privacy push

Have you seen this new TV spot from Apple called “Data Auction”? It is really bugging me. I must have seen it about 50 times on various streaming services. While it does a great job of showing how your personal information is being traded by data brokers, it takes tremendous license with its visual elements and how its iOS operating system actually works.

Apple has been improving its privacy protection over the past several years, so I give them some props for trying. But unless you are determined and really patient, fixing your phone (or other fruit-filled device) up the way you’d like it to preserve your privacy isn’t simple, and chances are you’ll probably get it wrong on the first try.

Apple’s commercial touts new features that they have added to iOS over the past couple of years: the ability to prevent third-party apps and advertisers from tracking your movements, including across your app portfolio, browsing and through using its Mail app. They both can eventually be found in the Settings/Privacy/Tracking screens. As we watch our hapless actor “Ellie” wander into her data auction, she fortunately has her iPhone at hand and is able to zap the auction audience into smoke with the press of A Single Button. Too bad that isn’t the actual iOS interface, which has a very confusingly labeled slider “Allow Apps to Request to Track” that should be off if you want to do the same thing (data oblivion). There is another button that Ellie used to rid her emails of trackers.

Okay, it is a very effective commercial. And I am glad that Apple has taken this approach to help users’ privacy. But why not use the actual UI? And better yet, why not hide it three menus deep where few can find it?

Apple has some interesting developments for iOS 16 that will be out later this fall, including one called “Safety Check” that Elllie will really love, especially if she has an abusive partner or a cyber stalker. Maybe if they use the same actor we can get a more faithful representation of what real users will have to do.

Printer inks and tractors, and the right to repair

You might recall several years ago when it came time to replace an “empty” Lexmark printer cartridge, you had to purchase a new “authentic” one as a replacement. HP had a similar program. Lexmark was sued (and lost in the Supreme Court) by a third-party ink maker who was blocked by the locking software. (The reason for the quotes is because these cartridges are seldom anywhere near empty, wasting a lot of ink. But let’s stay focused.)

John Deere 8 Series Tractor MY22 updates give farmers more optionsWhat does this have in common with tractors? John Deere has special locking software that prevents farmers from doing their own repairs. This came to light recently when Russian troops stole about US$5M worth of them from Ukraine and brought them to Chechnya. The Ukrainians were able to “brick” the tractors by engaging the software. This is not a coincidence: their software engineers have been hacking Deere tractors for years.

Now, while you may cheer on the Ukrainians, this exposes the dark side of tech called the right to repair. For the past decade, tech companies have come under fire for preventing “unauthorized” repair work on their equipment. Apple is one of the most egregious, you can’t just have anyone fix your gear. But as supply chains stretch and break during the pandemic, we need more flexibility, not less. And typically using the authorized repair folks is nothing more than having an added surcharge to your repair bill. (And if you are a farmer, waiting for the Deere repair dude to drive out to your farm.)

One small victory in this arena has been the unlocking of cellphones. Remember when you had to get permission from your phone vendor if you wanted to port your phone and your number to another carrier? You still need to go through a somewhat dense process, but at least the carriers have to sell you a new unlocked phone. Various states now have laws on their books to mandate rights to repair, but it still is far from universal.