Weekly output: mobile payments, Black Hat security, travel tech

I left Black Hat feeling a little overwhelmed–not because of how little time I had to take in things between my arrival in Vegas Tuesday afternoon and my departure Thursday night, but because of how many fascinating briefings I had to miss because I was attending others. And then there’s everything I missed by flying home before DEF CON

8/6/2018: Hang on, Apple: Phone payments still need work, USA Today

Seeing all the hype over Apple announcing that CVS will finally succumb to reality and accept Apple Pay (meaning you can also pay with any non-Apple phone that does NFC payments) got me feeling cranky enough to write this reality-check post. I’ve since received an e-mail from a reader saying he’s had no problem paying for stuff with his iPhone in Mexico, contrary to a statement in the column based on an incorrect reading of Apple and Google support documents. I’ve asked my editors to correct that part.

8/9/2018: Black Hat attendees are surprisingly lax about encryption, The Parallax

As I was putting together my Black Hat schedule, I got an invitation to tour the network operations center supervising the conference’s WiFi. I thought that visit would allow me a chance to look at a lot of blinking lights, but instead it provided up-close evidence of some horrifyingly slack security practices among a minority of Black Hat attendees.

FTU DC badge8/11/2018: Welcome and Keynote with Rob Pegoraro, Frequent Traveler University Washington, DC

After years of profiting from tips shared in various frequent-flyer forums, I had a chance to give back when FTU host Stefan Krasowski asked if I’d like to talk about my travel experiences to open this two-day program of seminars about airline and hotel loyalty programs and other sorts of travel hacking. We had a great conversation about freelance business-trip economics, the gadget accessories I take on the road, two underrated virtues of United elite status, and my worst airport-transit experience ever. My only regret: Since I couldn’t stick around for the rest of the day, I didn’t have a chance to meet the other FTU speakers, a few of whom I’ve been reading for years.

Advertisements

Weekly output: facial recognition, Washington Apple Pi

This was a challenging week, since our daughter’s camp schedule had her at home during most of the day. If I had a dollar for every time I was asked to help find a Lego piece… I’d buy our kid more Legos, because they are awesome.

7/27/2018: Microsoft argues facial-recognition tech could violate your rights, Yahoo Finance

My inspiration for writing this was Microsoft president Brad Smith calling for government regulation of this technology; having the ACLU report that Amazon’s Rekognition facial-recognition service falsely identified 28 members of Congress as criminal suspects motivated me to finish and file the post.

7/28/2018: Rob Pegoraro, ronin technology columnist, Washington Apple Pi

I spoke at the monthly meeting of this Mac/iOS user group about changing notions of security–or, to phrase things less politely, how foolish and gullible we’ve been in prior years. (Seriously, the defaults most people operated on in 1995 and 2000 look horrifyingly stupid now.) I also called out such lingering obstacles in infosec as Apple’s unwillingness to support “U2F” two-step verification via encrypted USB keys and Microsoft’s bizarre stance that full-disk encryption is something only business users need. In the bargain, I donated my now-deceased MacBook Air to the Pi’s MacRecycleClinic and gave away a bag of trade-show swag, including a couple of U2F keys.

Update, 7/31/2018: I had an embed of the Pi’s YouTube clip of my talk, but I didn’t know that stream had playback disabled on other sites until a reader called that out in a comment. (Thanks, jeffgroves!) So I’ve replaced that with a link to the clip.

Weekly output: Michael Chertoff on privacy, TV-streaming rate hikes

I only had four workdays this week, thanks to Monday being spent in the air on my way back from London to D.C. That said, my productivity was not as bad as this scant list would suggest, since I filed three other posts in those four days… and now I can find out how much more work edits on those posts will entail.

7/12/2018: Ex-Homeland Security chief Chertoff wants EU-style data privacy laws, Yahoo Finance

I spent about half an hour on the phone with Michael Chertoff Wednesday afternoon about his views on various privacy and security issues and came away with far more material than I could fit in this post, as well as a renewed appreciation of the time it takes to transcribe quotes from a recording of an interview.

7/15/2018: As cord-cutting prices rise, here’s what you can do to keep costs down, USA Today

No, rate hikes at such live-TV streaming services as DirecTV Now and Sling TV don’t mean that returning to the embrace of cable or satellite TV–both subject to the same inflationary pressures, both also fond of sticking you with monthly fees to return a tuner box–now makes financial sense for a lot more people.

Bandwidth battles in China

SHANGHAI–Crowded gadget trade shows like CES and Mobile World Congress usually entail connectivity complaints. But when you put the gadget show in China, you level up the complexity, thanks to the need to run a Virtual Private Network app to preserve access to U.S. sites blocked by China’s Internet filters.

In theory–and in every PR pitch from a VPN service advertising itself as the surefire way to stop your ISP from tracking your online activity–that should add no difficulty to getting online. You connect, the VPN app automatically sets up an encrypted link to the VPN firm’s servers, and then you browse as usual.

PIA VPN exit-server menu

The reality that I’ve seen at CES Asia this week while using the Private Internet Access Windows and Android apps has been a good deal less elegant.

  • Often, the PIA app will connect automatically to the best available server (don’t be like me by wasting selecting a particular U.S. server when the app usually gets this right) to provide a usable link to the outside world. But it’s never clear how long that link will stay up; you don’t want to start a long VoIP call or Skype conference in this situation.
  • On other occasions, the app has gotten stuck negotiating the VPN connection–and occasionally then falls into a loop in which it waits increasingly longer to retry the setup. Telling it to restart that process works sometimes; in others, I’ve had to quit the app. For whatever reason, this has been more of a problem on my laptop than on my phone.
  • The WiFi itself has been exceedingly spotty whether I’ve used my hotel WiFi, the Skyroam Solis international-roaming hotspot I took (a review loaner that I really, really need to send back), the press-room WiFi or, worst of all, the show-floor WiFi. Each time one of those connections drop, the VPN app has to negotiate a new connection.

If you were going to say “you’re using the wrong VPN app”: Maybe I am! I signed up for PIA last year when the excellent digital-policy-news site Techdirt offered a discounted two-year subscription; since then, my client Wirecutter has endorsed a competing service, IVPN (although I can’t reach that site at the moment). Since I don’t have any other trips to China coming up, I will wait to reassess things when my current subscription runs out next April.

Also, it’s not just me; my friend and former Yahoo Tech colleague Dan Tynan has been running into the same wonkiness.

To compound the weirdness, I’ve also found that some connectivity here seems to route around the Great Firewall without VPN help. That was true of the press-room WiFi Thursday, for instance, and I’ve also had other journalists attending CES Asia report that having a U.S. phone roam here–free on Sprint and T-Mobile, a surcharge on AT&T or Verizon–yielded an unfettered connection.

At the same time, using a VPN connection occasionally left the CES Asia site unreachable. I have no idea why that is so.

What I do know is that I’ll very much appreciate being able to break out my laptop somewhere over the Pacific in a few hours and pay for an unblocked connection–then land in a country where that’s the default condition.

Weekly output: “responsible encryption,” Flash and Silverlight

It’s been another week with less stories to my name than usual. I’ve done more work than the number of links would suggest–over the past two weeks, I’ve filed three pieces that have not yet been posted–but it does look bad.

10/20/2017: Why the Feds want to make it easier for them to get into your phone, Yahoo Finance

I’ve written dozens of posts about the angst of law-enforcement types over the rise of encrypted devices and apps that they can’t search, so for this one I quizzed a few different sources… and came up with the same overall conclusion as before.

10/22/2017: Why Flash and Microsoft Silverlight frustrations just won’t go away, USA Today

I had what I thought would be a decent column with meaningless quotes from publicists at three sites that still ask their users to install Flash or Silverlight–but then a publicist for Major League Baseball told me that they’d move from Flash to HTML5 video for the 2018 season, a fact they had yet to announce.

 

Weekly output: SXSW tips, Rudy Giuliani, 5G, WikiLeaks and CIA hacks (x2), SXSW marketing, Entrepreneur, Chris Sacca, Vint Cerf

AUSTIN–Welcome, readers frustrated by adjusting their Timex sport watches for Daylight Saving Time. You’re reading a weekly feature here, in which I recap my various media appearances over the last seven days. Most of this week’s items relate to the South By Southwest conference, which I’m covering for my sixth year in a row. Total number of tacos consumed so far: at least nine.

3/7/2017: 5 Insider Tips for Surviving SXSW, CyberCoders

My friend Andrea Smith interviewed me about how I try to stay on top of this sprawling conference. I was going to forget to pack a travel power strip until reading my own advice in this story–but I haven’t used that gadget here anyway.

3/7/2017: Giuliani talks security, Trump at cybersecurity conference, Yahoo Finance

I did not see the foaming-at-the-mouth Rudy Giuliani of the campaign season; instead, the former mayor drew a diagram to illustrate the cybersecurity contractors a company will need (see Violet Blue’s post on her Patreon page for context on that). He also noted that President Trump has more faith in private-sector cybersecurity efforts than the government’s, which led one reader to inquire on Twitter: “So a private email server would be more secure than a government server?”

3/8/2017: 5G data is coming, and it will supercharge your internet connection, Yahoo Finance

This last Mobile World Congress post explains the next generation of wireless generation–as in, why it’s a couple of years before you should be devoting any mental processor cycles to the topic.

3/10/2017: The real lesson of WikiLeaks’ massive CIA document dump — encryption works, Yahoo Finance

I wrote this largely out of annoyance with first-round coverage that played into the WikiLeaks-promoted storyline that the CIA has broken encryption apps. That group has yet to produce any such evidence, although some readers unaware of its increasingly apparent role as a Russian cut-out don’t seem to recognize that.

3/10/2017: WikiLeaks’ CIA-hacking disclosures, Al Jazeera

My Skype interview ended abruptly when the hotspot I’d been using ran out of battery, and that’s entirely my fault for assuming it had enough of a charge instead of checking beforehand. #fail

3/11/2017: How to avoid the marketing hype at SXSW, USA Today

There’s the SXSW that promises insights about the intersections of technology, society, culture, politics and business, and then there’s the SXSW that is essentially a Marketing Spring Break. Neither one can quite exist without the other.

3/12/2017: A Well-Known Tech Watchdog Dishes on the Writing Beat, Entrepreneur

Jordan French interviewed me in February about my history in the business. I’m not sure about the “well-known” part, but I’m not going to turn that description down either. Note that this story references me speaking at the PR Summit conference, which did not happen.

3/12/2017: Venture investor on Trump: ‘We are in absolute unmitigated crisis’, Yahoo Finance

Chris Sacca’s talk at SXSW was 💯, as the kids say. As a journalist, I had to appreciate his newsroom-level ability to use the f-word as a comma. I was only half-joking when I suggested this headline

3/12/2017: Google’s chief internet evangelist seems nervous about Trump’s tech policy, Yahoo Finance

Cardinal rule of tech journalism: If you have a chance to see the guy who co-wrote the core protocols of the thing you use everyday, you should show up. The payoff for me: a tweet that went slightly viral and a post I enjoyed writing–once I’d decided what parts of Cerf’s wide-ranging talk couldn’t fit in the post.

Weekly output: Web Summit reactions to Trump, Trump’s FCC, Trump’s tech policy, fake news on Facebook, securing IoT devices

 

The number of weeks left in the year is declining rapidly, which can only mean one thing: I’m due to get bombarded with CES-meeting requests.

usat-trump-web-summit-reactions-column11/14/2016: At tech confab, coming to grips with Trump, USA Today

Vox’s Matthew Yglesias linked to this column I wrote at Web Summit in a post three days later, which hopefully won me some new readers.

11/16/2016: How watching videos online could get more annoying under Donald Trump, Yahoo Finance

When I started writing this analysis of what Trump might do with the Federal Communications Commission, I expected to conclude that he’d demolish almost all of President Obama’s legacy. But on closer inspection, policies like net-neutrality regulations may not be quite as easy to unwind as some of Trump’s advisors might hope.

11/17/2016: Technology and a Trump Presidency, Web Content Mavens

I debated what Trump’s tech-policy agenda might be–we’re still mostly guessing at this point–with Epolitics founder Colin Delany and General Assembly education coordinator Lauren Jacobson, as moderated by my friend Adam Zuckerman of Discovery Communications and Fosterly.

11/19/2016: Facebook didn’t get the memo about fake news. Of course it didn’t., Yahoo Finance

Seeing Facebook chief security officer Alex Stamos explain his paranoid attitude about infosec in his Web Summit talk informed this post–in that I’ve yet to see an equivalent mindset among the people tasked with creating and enforcing conduct rules at social networks.

11/20/2016: Holiday tech support to-do: ‘Internet of Things’ cleanup, USA Today

Instead of doing a catch-all column inventorying tech-support tasks you should tackle next weekend, I opted to focus on the problem of hacked or hackable IoT devices. That’s a fundamentally squishy topic: How are you supposed to tell that a connected camera has an admin password hardcoded into its firmware?