Android 11 first impressions: payments with less stress

My pick for the single most helpful new feature in Android 11 doesn’t even get a description in Google’s highlights of its mobile operating system’s new version.

This addition lurks behind the power button: Press and hold that, and instead of Android 10’s sidebar menu with the “Lockdown” option that disables biometric unlocking and scrubs notifications from the lock screen, you see a full-screen menu with large buttons for that security feature, your Google-linked smart-home gadgets–and the credit cards you have active in Google Pay.

I’ve been a fan of NFC payments for years, but the world has caught up to me since March as merchants have rushed to provide contactless payment options. But until Android 11 landed on my Pixel 3a 11 days ago, matching a purchase with the card offering the best cash-back or points reward required me to open the Android Pay app and switch payment methods. Now, I just mash the power button and tap the card I want.

The Conversations features that do lead off Google’s sales pitch for Android 11 also seem like they’ll simplify my digital life. That’s “seem” because it took me until today to remember to swipe left on a text-message notification to expose the option to make the sender a priority–starring them in the Contacts app doesn’t affect this, nor do I see a way to promote people from within the Messages app. But at least now I know that messages from my wife will show up on my lock screen with her picture.

Android 11 also brings some less-obvious application-privacy enhancements, as detailed Google’s developer guidance. It improves on Android 10’s ability to deny apps background access to your location by letting you give an app only a one-time peek at your location. If you turn off location services altogether, COVID-19 exposure-notification apps like Virginia’s COVIDWISE now still work. And if you don’t open an app for a few months, the system will turn off its permissions automatically.

The biggest problem with Android 11 is one that has existed with every other Android update–but which fortunately doesn’t affect me as a Pixel 3a user. This update will probably take months to reach Android phones outside the small universe of Pixel devices and those from such other, smaller vendors as Nokia and OnePlus that decided to commit to shipping Google’s releases quickly.

My fellow Virginians, please install the COVIDWISE app. Now, thank you.

As the United States continues to flail away at the novel-coronavirus pandemic, my part of it has done one thing right. Wednesday morning, Virginia’s Department of Health launched COVIDWISE–the first digital contact-tracing app shipped in the U.S. on the privacy-optimized Exposure Notifications framework that Apple and Google co-developed this spring.

What that means is that COVIDWISE, available for iPhones running 13.5 or newer and most Android phones running Android 6.0 or newer, requires none of your data–not your name, not your number, not your e-mail, not even your phone’s electronic identifiers–to have it warn that you spent a sustained period of time close to somebody who has tested positive for COVID-19.

COVIDWISE and other apps built on the Apple/Google system instead send out randomized Bluetooth beacons every few minutes, store those sent by nearby phones running these apps, and flag those that indicate sufficiently extended proximity to allow for COVID-19 transmission as doctors understand it. That’s the important but often misunderstood point: All of the actual contact matching is done on individual phones by these apps–not by Apple, Google or any health authorities.

If a user of COVIDWISE tests positive and alerts this system by entering the code given them by a doctor or test lab into this app, that will trigger their copy of the app to upload its record of the last 14 days of those flagged close contacts–again, anonymized beyond even Apple or Google’s knowledge–to a VDH-run server. The health authority’s server will then send a get-tested alert to phones that had originally broadcast the beacons behind those detected contacts–once the apps on those devices do their daily check-ins online for any such warnings.

The U.S. is late to this game–Latvia shipped the first such app based on Apple and Google’s framework, Apturi Covid, in late May. In that time, the single biggest complaint about the Apple/Google project from healthcare professionals has been that it’s too private and doesn’t provide the names or locations that would ease traditional contact-tracing efforts.

I’m not writing this just off reading Apple and Google’s documentation; I’ve spent a lot of time over the last two months talking to outside experts for a long report on digital-contact-tracing apps. Please trust me on this; you should install COVIDWISE.

Plus, there’s nothing to it. The pictures above show almost the entire process on my Android phone: download, open, tap through a few dialogs, that’s it. At no point did I have to enter any data, and the Settings app confirms that COVIDWISE has requested zero permissions for my data. It uses the Bluetooth radio and the network connection; that’s it, as I’ve confirmed on two other Android phones.

If I’m curious about how this app’s working, I can pop into Android’s Settings app (search “COVID” or “exposure”) to see when my phone last performed an exposure check. But I don’t expect to get any other sign of this app’s presence on my phone–unless it warns me that I stood too close to somebody who tested positive, in which case I may not enjoy that notification but will certainly need it.

Updated 8/6/2020 with further details about the app’s setup and operation.

Work-from-home advice from a work-from-home regular

My occupational routine of working from home is suddenly in fashion for the dreadful reason of a global pandemic. Employers ranging from Google to the federal government to the Washington Post have been telling people to get out of the office and stay out until some sort of all-clear is declared about the novel coronavirus.

This may be a new and unsettling development to many of you, but it’s been my everyday reality for the past nine years–longer, if you count all the time I’d work from home while at the Post to test one gadget or another.

The joking on Twitter that “the only ones to survive will be freelance writers” may overstate things a bit, but all of this Me Time has left me well versed at staying productive without such traditional work delineations as a commute to a geographically distinct workplace and frequent in-person professional interaction with other human beings.

Here are the best practices I’ve learned since 2011 or so:

  • Have a spot at home that serves as your logical office. Ideally it’s a physically separate room–if you’re self-employed, the home-office deduction is easier to claim that way–but it should be someplace you can associate with work. And can then leave when you’re not on the clock.
  • Get a comfortable chair (I should have followed this advice years ago instead of letting my current chair get even more worn out) and make sure it’s positioned so you can type comfortably for hours at a stretch
  • You don’t need a separate webcam–unless your laptop has one below the screen that treats video callers to an up-nostril perspective of you–but a desktop USB microphone would be a good idea. My client Wirecutter has some useful advice; you should be fine with the budget pick unless you do podcasts for a living.
  • Make sure that your webcam shows a tidy office to the rest of the world. You can still have piles of paper and dirty clothes around; just keep them out of the frame.
  • You will probably spend a lot more time on conference calls, and some con-call systems are more evil and stupid than others. Please try to lead your office away from the ones that date to 1980s telecom and and to apps like Zoom or Uberconference that indicate who’s speaking at any time. Note that the free version of Zoom limits meetings to 40 minutes, which is such a good reason not to pay that I must wonder if this company is trying to go out of business.
  • Does your WiFi offer reliable coverage in your home office? If it doesn’t, you will notice that intensely and often once you’re clocking eight hours a day on that questionable connectivity. And no matter what, you should have all of your important documents cached or copied for offline access.
  • You should know what kinds of backup bandwidth are available–for example, major cable operators say they will open their WiFi hotspot networks to the public, while Sprint and T-Mobile plan to offer their subscribers 20 GB of mobile-hotspot usage.
  • Yes, you still need to shower and get dressed. But you may find that you can use those daily habits as fake deadlines: No showering until I finish this task that I didn’t get done yesterday.
  • Find ways to shut out distractions. If you find yourself wandering down Wikipedia rabbit holes, clean part of your house instead. Or go outside and get in some gardening, if it’s warm enough. If nothing else, walk around pointlessly your home as you would in an office.
  • We all have coworkers who don’t reply to e-mails fast enough. Figure out what comms channel works to bug them when they inevitably leave your last message unanswered: Slack, a text, a call, a direct message on their most common social platform.
  • Don’t eat lunch at your desk. Ever. You’re at home, and you don’t have to do that anymore. While you’re at it, get in the habit of making yourself lunch; you can put the savings into patronizing the restaurants, coffee shops and bars closest to you.
  • It’s okay to run short errands during the day. It’s not like you were that productive over every hour of your in-office workdays anyway.
  • Get to know your neighbors, especially those who have been working from home all along and who may have useful neighborhood-specific advice. Human contact during the day is good.
  • You’ll also soon realize which of your neighbors insist on hiring people to tidy up their yard with noisy, polluting gas-powered leaf blowers.
  • Have some kind of back channel–a text or WhatsApp group, a Facebook Messenger group, a Slack channel, whatever–for personal banter with your favorite fellow cubicle-farm dwellers.
  • Take time to call friends about absolutely nothing.
  • You can swear at your computer as much as it deserves without freaking out co-workers, but please don’t get in that habit anyway. (This is literally me saying “do as I say, not as I do.”) Especially if you’ve got a kid stuck at home too.
  • On the other hand, go ahead and play your preferred productivity playlist through your computer’s speakers. If blasting Kool Moe Dee’s “I Go To Work” or R.E.M.’s “Finest Worksong” gets your day in gear, you don’t need to confine that to headphones. (This is totally me showing my age.)
  • If you’re tired, you’re allowed to nap. You’re at home! Nobody outside can tell you’re enjoying a postprandial snooze.

(My thanks to everybody who replied with further suggestions to the Twitter thread in which I first shared most of these tips.)

Updated 3/18/2020 with a few extra tips.

Happy 10th birthday, iMac

A decade ago today, I set up the computer on which I’m typing this post. That is an absurdly long lifespan for any computer, much less one that’s seen near-daily use over that many years.

But here we–meaning me and the late 2009 iMac that’s now graced the same desk for 10 years–are. Three things made this longevity possible.

One is my working mainly in text and non-moving images. If I had to do any serious video editing, this model’s processor would have forced its retirement long ago. As is, there’s not that much computational labor involved in polishing prose–and while working with high-resolution photos can require a few CPU cycles, I do most of that editing online anyway.

Another is the relative repairability of this model. In the previous decade, Apple still designed desktops that allowed memory upgrades, so I took advantage of that option to double this iMac’s RAM early on. Apple didn’t intend for owners of this model to replace the hard drive, but its design left that possible with fairly simple tools–as in, no need to cut through adhesive holding the screen in place. I didn’t exploit that opportunity until a couple of years later than I should have, but the SSD upgrade I performed last spring now looks like some of the best $200 I’ve spent.

I could have replaced the optical drive that stopped reading CDs and DVDs in the same manner, but instead I bought a cheap Samsung DVD burner and plugged that into a free USB port–so much for the all-in-one concept!

(My second-longest-tenured daily-use computer, the Mac clone I kept from 1996 to 2002, was far more tolerant of tinkering, since Power Computing designed it along the lines of any PC desktop. That box ended its service to me after two processor upgrades, one hard drive replacement, an internal power-supply transplant, a memory upgrade and the addition of two USB ports.)

Last comes Apple’s baffling inability to keep its desktops current over any sustained stretch of time. The company formerly known as “Apple Computer, Inc.” spent several years not updating the iMac or Mac mini at all. By the time it finally refreshed the iMac, buying a new all-in-one desktop would have meant buying a 4K monitor inseparable from a computer would grow obsolete well before the display. But when Apple finally updated the moribund Mac mini last year, it shipped it with a joke of a 128 GB SSD and then listed insultingly high prices for adequate storage.

It’s since slightly moderated the storage rip-off, but the Mac mini has now gone over a year without an update, so I’d feel like a chump paying new-Mac pricing for that old design now. Even though my legacy Mac is now living two editions of macOS in the past–Apple dropped support for this model with macOS Mojave, leaving macOS Catalina completely out of the question. If Apple weren’t still shipping security updates for macOS High Sierra, I’d be in a real pickle.

Okay, I guess there’s a fourth factor behind this iMac’s longevity: I can be really cheap, stubborn or both sometimes.

Updated 12/3/2019 to note my OS-support issues and better crop a photo.

Six updates in, iPadOS still needs work

It hasn’t even been two months since Apple shipped iPadOS, but in that time the tablet offshoot of iOS 13 has seen six maintenance updates–from iPadOS 13.1.1 to 13.2.3.

That plethora of patches has squashed some obvious bugs, like the ones that made Dock shortcuts to recently-opened non-Apple apps inert. They have not, however, cured other trying aspects of iPadOS:

• The new QuickPath gesture-typing option is, for some reason, confined to the floating keyboard you can invoke, not the standard-sized one. Has nobody at Apple tried using Google’s Gboard?

• The new multiple-windows option for an app is buried beneath a long-press of a Dock icon–sufficiently hidden that I did not realize that feature existed until reading Ars Technica’s iPadOS review.

• I appreciate Apple’s attempts to make me aware when apps request my location in the background, but after being nagged 10 times about my choice to let the Dark Sky weather app check my coordinates in the background, I’d appreciate having an option to the effect of “I know what I’m doing and you can stop asking about this.”

• Seeing which apps have updates or have been recently updated takes more steps than in iOS 12–presumably, so that Apple could use that spot at the bottom of the App Store app to promote its Apple Arcade subscription gaming service.

• The process of moving app icons around feels even more maddening than before, especially if I happen to drop an app inside a folder by mistake. Meanwhile, the OS still affords no relief from its inflexible app grid; I can’t leave a row or a column blank as negative space to set off particular icons.

• AirDrop remains as enabling of anonymous harassment as ever.

• I still see display glitches like the charming overlap of portrait and landscape screen modes shown in the screengrab above.

It’s not that I regret installing iPadOS–some of the new features, like the privacy-preserving Sign in with Apple option, are only starting to reveal their promise. Others, such as the Sidecar Mac screen-mirroring option, require newer hardware than the aging iMac on which I’m typing this. But seeing these obscure, illogical or insensitive bits of user experience, I can’t help thinking of all the times I’ve taken a whack at Windows for the same sort of design stumbles.

Android 10 first impressions: location, location, no you can’t have my location

A dozen days after installing Android 10 on my Pixel 3a, this operating-system update’s major accomplishment has been helping me to chain down a bunch of my apps.

That’s good! The location-privacy improvements in Android 10–starting with the ability to deny an application access to your location when it’s not running in the foreground–more than justify the roughly seven minutes I spent installing this release.

I expected that after seeing Google’s introduction of Android 10, then named Android Q, at Google I/O this May.

But I didn’t know then that Android would actively warn me when individual apps checked my whereabouts when I wasn’t running them, in the form of “[App name] got your location in the background” notifications inviting me to take the background-location keys from that app.

I was already planning on limiting most of the apps on my phone to foreground location access only, but these reminders have sped up that process and helped spotlight the more obvious offenders. (Facebook Messenger, go sit in the corner.) This is an excellent case of Google borrowing from Apple.

There’s much more that’s new in Android 10–if you’re curious and have an hour or so free, Ron Amadeo’s novella-length review at Ars Technica exceeds 2,000 words on the first of nine pages–but its other changes have made less of a difference in my daily use.

• The battery, WiFi and signal-strength icons are now simple outlines, and when swiped down the notifications area shows your remaining battery life in human language instead of a percentage: “1 day, 2 hr.” Less attractive: The text of notifications doesn’t appear in Android’s usual Roboto font, which bugs me to no end.

• The array of icons in the share sheet no longer painstakingly paint their way onto the screen. And the one I employ most often–the copy-to-clipboard icon–always appears first and at the top right of this list.

• The switch to gesture navigation (for instance, swiping up to see all open apps) hasn’t been as confusing as I’d feared… because Android 10 didn’t touch my previous “2-button navigation” system setting, which keeps the back and home buttons one swipe away. I guess I should try the new routine now.

• I still think dark mode is an overrated concept, having had that as my everyday screen environment on too many DOS PCs, but I get that it can be less distracting at night. And on phones with OLED screens, dark modes also extend battery life. So now that dark theme is a supported Android feature–hint, edit your Quick Settings sheet to add a “Dark theme” tile–I would like to see more apps support it. Starting with Google’s own Gmail.

Finally, I have to note that my phone has yet to crash or experience any impaired battery life since updating it to Android 10. I hope I didn’t just jinx this update by writing the preceding sentence.

 

Three years in thrall to Duolingo

Hace tres años, comencé a aprender español con la aplicación Duolingo. Pero todavía no soy bilingüe. Lo siento!

The fact that I had to double-check the prior sentences with Google Translate should say something about my efforts since July 2016 to learn Spanish in five-minute sessions with the free Duolingo app on my phone and iPad.

And yet getting anywhere in a new language in my late 40s feels pretty good, since the last time I seriously tried to learn another language was in high school.

It may not be much that I can keep up with the Spanish of such U.S. politicians as Tim Kaine and Beto O’Rourke, have a quick conversation with a vendor at a farmers’ market, or get the gist of news reports in Spanish, but at least it’s progress I can measure.

(It helps that Spanish, unlike the French I reached fluency in during college, is easy to hear on the radio/TV/online as well as around the D.C. area, not to mention during Mobile World Congress trips to Spain.)

The other thing I’ve realized about making this app a daily habit–to use a Yahoo-ism that hit buzzword-bingo status during Marissa Mayer’s tenure as CEO–is that with my schedule as it often gets, I appreciate having this little constant each day. Yes, even with Duolingo’s passive-aggressive notifications, the upsells for Duolingo Plus, and the emotional button-pushing from this app’s judgmental green-owl mascot. Cómo se dice “I’ve internalized my own oppression”? 

First impressions of 1Password

After several years using the same password-manager service–and then paying for its premium version–I’ve spent the last few weeks trying an alternative.

I can credit a sales pitch that included the italicized phrase “completely free” for this departure: 1Password’s offer of a free membership to journalists, in celebration of World Press Freedom Day this May 3. But I was also overdue to spend some time in a password manager besides LastPass.

So far, I’m impressed by the elegance of the interface but a little put off by how persnickety 1Password can be to set up. You don’t just create a username and password, you also have to type in a complex and random secret key to get going.

Having read this Toronto-based firm’s documentation of how this extra step helps ensure that a successful guess of your password still won’t compromise your account, I get where they’re coming from. But I’m not sure I’d recommend it to just anybody, especially not when LastPass’s free version suffices for many casual users.

Further time with 1Password’s Mac, Windows and Android apps has revealed other things I like:

This time has also surfaced one thing I don’t like: an incomplete approach to two-step verification that seems to require choosing between running an authenticator app on your smartphone or employing a weird Yubikey implementation that requires running a separate app instead of just plugging a standard USB security key. That’s no better than LastPass’s inflexible notion of two-step verification.

I’d like to see 1Password improve that and support the WebAuthn standard for security-key confirmation. But I’m prepared to give them some time, based on everything else I’ve seen so far.

Here’s my Web-services budget

The annual exercise of adding up my business expenses so I can plug those totals into my taxes gave me an excuse to do an extra and overdue round of math: calculating how much I spend a year on various Web services to do my job.

The result turned out to be higher than I thought–even though I left out such non-interactive services as this domain-name registration ($25 for two years) and having it mapped to this blog ($13 a year). But in looking over these costs, I’m also not sure I could do much about them.

Google One

Yes, I pay Google for my e-mail–the work account hosted there overran its 15 gigabytes of free storage a few years ago. I now pay $19.99 a year for 100 GB. That’s a reasonable price, especially compared to the $1.99 monthly rate I was first offered, and that I took too long to drop in favor of the newer, cheaper yearly plan.

Microsoft Office 365

Getting a Windows laptop let me to opting for Microsoft’s cloud-storage service, mainly as a cheap backup and synchronization option. The $69.99 annual cost also lets me put Microsoft Office on one computer, but I’ve been using the free, open-source LibreOffice suite for so long, I have yet to install Office on my HP. Oops.

Evernote Premium

This is my second-longest-running subscription–I’ve been paying for the premium version of my note-taking app since 2015. Over that time, the cost has increased from $45 to $69.99. That’s made me think about dropping this and switching to Microsoft’s OneNote. But even though Microsoft owns LinkedIn, it’s Evernote that not only scans business cards but checks LinkedIn to fill in contact info for each person.

Flickr Pro

I’ve been paying for extra storage at this photo-sharing site since late 2011–back when the free version of Flickr offered a punitively-limited storage quota. This cost, too, has increased from $44.95 for two years to $49.99 a year. But now that Yahoo has sold the site to the photography hub SmugMug, the free tier once again requires serious compromises. And $50 a year doesn’t seem that bad, not when I’m supporting an indie-Web property instead of giving still more time to Facebook or Google.

Private Internet Access

I signed up for this virtual-private-network service two years ago at a discounted rate of $59.95 for two years, courtesy of a deal offered at Techdirt. Absent that discount, I’d pay $69.95, so I will reassess my options when this runs out in a few months. Not paying for a VPN service, however, is not an option; how else am I supposed to keep up on American news when I’m in Europe?

LastPass Premium

I decided to pay for the full-feature version of this password manager last year, and I’m already reconsidering that. Three reasons why: The free version of LastPass remains great, the premium version implements U2F two-step verification in a particularly inflexible way, and the company announced last month that the cost of Premium will increase from $24 a year to $36.

Combined and with multi-year costs annualized, all of these services added up to $258.96 last year. I suspect this total compares favorably to what we spend on news and entertainment subscriptions–but that’s not math I care to do right now.

CES 2019 travel-tech report: overcoming oversights

I’ve survived another CES, this time after committing two of the dumber unforced errors possible at an enormous tech trade show.

One was not arranging an update to the Wirecutter LTE-hotspots guide to coincide with CES, such that I’d have to bring a couple of new hotspots to the show. Instead, I was left to cope with intermittently available press-room and press-conference WiFi.

It confounds me that in 2019, anybody would think it okay to host a press event and not provide bandwidth to the press. But that’s CES for you, when either PR professionals or their clients seem to shove common sense into the shredder.

Fortunately, the show press rooms offered wired Internet, so I could fish out my USB-to-Ethernet adapter and get online as I would have 20 years ago. A couple of other times, I tethered off my phone.

On its second CES, my HP Spectre x360 laptop worked fine except for the one morning it blue-screened, then rebooted without a working touchpad. I had to open Device Manager and delete that driver to get it working once again. I also couldn’t help think this doesn’t charge as fast as my old MacBook Air, but I’m still happier with a touchscreen laptop that I can fold up to use as a tablet–and which didn’t gouge me on storage.

My other big CES error was leaving the laptop’s charger in the press room at the Sands. I looked up and realized I had only 30 minutes to get to an appointment at the Las Vegas Convention Center, hurriedly unplugged what I thought was everything, and only realized my oversight an hour later. Fortunately, a call to the Sands press room led to the people there spotting the charger and safeguarding it until I retrieved it the next morning.

Meanwhile, my first-gen Google Pixel declined to act its age. It never froze up or crashed on me, took good pictures and recharged quickly over both its own power adapter and the laptop’s. I am never again buying a phone and laptop that don’t share a charging-cable standard.

I also carried around a brick of an external charger, an 8,000 milliamp-hours battery included in the swag at a security conference in D.C. I covered in October. This helped when I was walking around but didn’t charge the Pixel as quickly, and leaving the charger and phone in my bag usually led to the cable getting jostled out of the Pixel.

The other new tech accessory I brought on this trip made no difference on the show floor but greatly improved my travel to Vegas: a pair of Bose QC25 noise-cancelling headphones that I bought at a steep discount during Amazon’s Prime Day promotion. These things are great, and now I totally get why so many frequent flyers swear by them.