Thinking About the Cost of Freedom (Updated)

A number of people contacted me about this post and wondered whether I still feel the same way about Memorial Day. The fact of the matter is that I feel even more strongly that the need to recognize the ultimate sacrifice made by fellow Americans to assure our freedom should take precedence on this day. As I read about the overwhelming odds faced by veterans in the newspaper, magazines, online, and in various veteran’s sources, I become even more aware of the lifelong commitment that anyone who has spent time in the military makes. Some things simply can’t be fixed—the commitment, the sacrifice, and the awful truth of the outcome of decisions made to help our country are permanent. Those who made the ultimate sacrifice paid the highest price of all to ensure that everyone else can enjoy the freedom this country has to offer.

For many people, Memorial Day, which is also known as Decoration Day, is simply another day to spend time with friends and family. Of course, every veteran would agree that the reason for the sacrifice is so that people could spend time with friends and family. Everyone loves a good picnic or barbecue and being free to gather as we wish is important. The freedom to do what you want, when you want to do it, is an important right. Memorial Day is all about remembering, at least for a moment, the cost of that freedom.

I’m writing this post on Friday. Like many people, I won’t be in my office today. In fact, I’m making it a true day off—I’m not even bringing my computers up. About now, I’ve spent some time thinking about the guys I served with in the Navy and said a prayer for their well being. I’ve also thought about all those people who came before me and have served since my time—people who gave of themselves. However, I have to wonder just how many people have thought of those who died (or even the veterans who managed to live through it all).

In preparing for the post today, I wanted to find something interesting—something I haven’t discussed in years past. It was a bit surprising that Google returned all sorts of unexpected results. The first entry was from Wikipedia, which is quite nice, but hardly noteworthy. However, the next several entries were about the things that could (and should) surround Memorial Day, but didn’t discuss the main event at all. There were entries about the weather, finding the food you need for your picnic, the potential for wet conditions ruining the Memorial Day celebration, and an ad for Travelocity. At least I didn’t go ten straight entries without finding something worthwhile. The next entry was a CNN presentation of the difference between Memorial Day and Veteran’s Day. I then went another 14 entries before I found something that was actually related to Memorial Day. So, out of the top 20 hits on Google, 18 of them talked about the weather, picnics, travel, television shows, and all sorts of things that really don’t have anything to do with Memorial Day.

Fortunately, you don’t have to follow the crowd. You can choose to celebrate the true meaning of Memorial Day, which is to remember those who have made the ultimate sacrifice to ensure you have the freedom to live as you wish to live. Take time this Memorial Day to provide a moment of silence at your picnic or other festivity. No one is asking you to be somber for the rest of the day, just to take a quick time out in remembrance. After all, all those fellows in Arlington (and other cemeteries worldwide) thought your freedom was worth far more than a moment of silence, they gave their lives to attain it.

 

Is Your Car Green, Really?

It seems like I receive yet another brochure about the huge advances various government entities, enterprises, vendors, or energy companies making in protecting the planet every month. Everyone seems to think that their technology is going to be the next green thing, when the facts simply don’t bear them out. The previous post I wrote on this topic, More People Noticing that Green Technology Really Isn’t, discussed the issue that some informed people are discovering that all that green technology out there is really just designed to sell more products—not help the earth in any significant way. The problem is one of complexity, which is the case with the green car.

Driving an electric car might seem like the right way to reduce emissions. However, recent studies show that your electric car might actually be worse for the environment. I say might here because it all depends on how the electricity is generated. In some cases, your electric car actually is better than gas at the first level. That is, the manner in which the electricity is generated produces fewer pollutants than driving a car with a gas engine would be. For example, sunlight and wind are both plentiful in Nevada, so driving an electric car could make sense there. However, as I’ve noted in previous posts, solar and wind power both rely heavily on special materials, the mining of which actually produces a serious amount of pollution. The studies available right now also assume that the manufacturing processes for the supposedly green cars are actually no worse than the older technology they replace. Consequently, even though it might appear that your electric car is a win, it may not be right now.

A problem with all the entities making the promises and telling you just how good they are at fulfilling them is that they lie. Sometimes they even get caught. For example, the EPA finally caught VW in the act of lying about its emission test results. The only problem is that those cars are still out there producing millions of tons of lung killing smog. In fact, it’s hard to tell whether any of those green technologies actually do anything at all, except make you pay a lot more when buying the vehicle, and to run and maintain it later. Add to this the fact that some people are now saying that the solar industry is dying (and would already be dead were it not for government subsidies) and you have to wonder just how long these green cars will even maintain the appearance of being green.

Some people are saying that we should simply get rid of cars, which is obviously not going to happen. If people really wanted to use mass transit, it would have happened already. In addition, there isn’t any evidence that mass transit actually reduces pollution either. The vehicles are often poorly maintained and spew a horrid amount of pollution out of their exhaust (as evidenced by the stench when you drive behind a bus). In addition, mass transit only works when you live in or around a major city, which won’t work for those of us who live in the country.

The best way to create a green car is not to drive it any more than necessary. I’ve taken to planning out my trips so that I drive the fewest possible miles. Because I’m self-employed, I don’t even start my car five days a week (getting everything done in just two days). Not only does my strategy save time, but I’ve reduced by gas bill by half in the last two years. Green often equates to not using a resource such as gas. Using the resource will inevitably produce some sort of pollution. Through careful planning, you can significantly reduce the number of miles you drive and you can drive more of them at once (a warm engine normally works more efficiently and produces fewer emissions). You also want to reduce gas waste by starting up slowly, stopping over a longer distance, and keeping your engine from idling. In fact, there are a wealth of tips you can find online for making your car more efficient (such as removing all that junk from the trunk).

You can make the world a cleaner place and still keep your car. All it really takes is planning and careful maintenance. Unfortunately, there is no magic that will just make the problems with pollution go away. Driving that electric car or paying more for a vehicle with dubious emissions extras isn’t going to do much. What it really takes is a bit of self control. Let me know your thoughts about green cars at John@JohnMuellerBooks.com.

 

Supporting Creative People

I work really hard to support my readers and so do many other authors. In fact, most creative people are in creative trades because they like to communicate with others using a variety of methods. The simplest goal is to provide something of intangible value to others—be it a painting, sculpture, dance, music, or writing. It’s well known that creative people are often underpaid (hence the cliché, starving artist). Because the starving artist (and most of them truly are starving) makes little money, it’s important that people do support them whenever possible. That’s why the piracy of Intellectual Property (IP) is such a problem. I’ve written about this topic before from a writing perspective (see Piracy and the Reader), but IP theft has become a serious enough problem that we’re beginning to lose many good creative people simply because they no longer have enough money coming in to make a living.

The problem is that many people would support the creative people whose IP they use, but they don’t really understand that they need to pay for this material. For example, there are many sites online now that offer my books free of charge. Just viewing the site doesn’t provide a clue that anyone is stealing anything. These sites have a clean appearance and simply offer IP in the form of downloadable music, books, and so on. In fact, many of these sites are fully searchable. The reasons that someone would do something like this varies, but it pays to employ some critical thinking when you see something free that possibly looks a bit too good to be true. Many people download viruses, spyware, and other sorts of malware along with their free download. In the long run, it’s actually less expensive to buy the IP, than to have a computer compromised by some of the crud that comes with these free downloads.

For the record, my books are never free. You need to pay for your copy of my book in order to support the various things of value that I provide to you as a reader, including this free blog. It isn’t my goal to become rich—if that were my goal, I’d be in some other line of work (believe me when I say authors aren’t paid particularly well), but I do need to make enough to pay my expenses, just as you do. Even though I know many people do download my books free, I still support everyone that I can with good advice on how to get the most from the books I write. To me, coming in each day and working with all of you is one of the benefits of being an author. I truly do want people to use my books to get ahead in life. If you’d like to discuss the effects of piracy on you as a consumer of IP, please write me at John@JohnMuellerBooks.com.

 

Old Laws, User Privacy, and Vendors Caught in the Middle

I’ve talked a number of times about researchers creating security busting software just because they can. The software often gets out into the wild where people who wouldn’t normally have a clue as to how to overcome security features can now use it to break the latest security in some product or application. Now the government is trying to force Apple (and probably other vendors) to write such software in pursuit of information hidden by encryption based on the mandates of a 227 year old law written at a time when no one had any idea that modern digital devices would even exist. The decree issued by the judge in charge of the case seems quite reasonable until you consider the fact that once Apple writes the software, it could end up in the wild, where hackers will almost certainly find ways to use it to overcome the security of legitimate users—making it impossible to ensure private information, such as credit card data, really does remain private.

The iPhone comes with some interesting security features that make it a relatively secure device. For example, tampering with certain device hardware will brick the device, which is the sort of security feature more devices should have. Modifying the security hardware should cause the device to lock down in order to protect the data it contains. The encryption that Apple offers with the iPhone is also first rate. No one but the user has the key used to unlock the encryption, which means that only the user can create a security problem by handing the key out to others.

The government is trying to change this scenario to make it easier to learn about anything it can about the data on Syed Rizwan Farook’s iPhone (one of the two San Bernardino shooters). On the surface, it seems like a good idea, if for no other reason than to potentially prevent other shootings. However, the manner in which the government has pursued the information opens the door to all sorts of abuse and then there is the matter of that software getting out into the wild. The issue here is that the law hasn’t kept up with technology, which is a recurrent problem. The government doesn’t have a law to cover the need to break encryption in a reasonable way, so it resorts to a 227 year old law that was never intended to address this need. The fact that the government is using the same law to try to force Apple to breach iPhone security in at least twelve other cases means that the argument that this is a one-off requirement doesn’t hold any water. Once Apple cooperates even once, it sets a precedent that will allow the government to force additional cooperation, even when such cooperation decidedly damages the privacy of innocent parties.

Tim Cook has rightly refused to cooperate with the government. There really is too much at stake in this case and even the government should be able to figure it out. What needs to happen is that our government needs to catch up with technology and write laws that everyone can live with to deal with the need to preserve the privacy engendered by encryption, yet make it possible for the government to obtain information needed to solve a case.

The question here is more complicated than simply managing information properly. It’s also one of keeping good technology (such as that found in Security for Web Developers) working properly and ensuring that government entities don’t abuse their positions. What is your take on the San Bernardino shooting and the information needed to pursue it? How do you feel about keeping your private data truly private? Let me know at John@JohnMuellerBooks.com.

 

A Fuller Understanding of the Internet of Things

You can find the Internet of Things (IoT) discussed just about everywhere today because the Internet has become pervasive. IoT is part of most business applications today as discussed in Security for Web Developers and part of any PC you build as discussed in Build Your Own PC on a Budget. It appears as part of smart TVs and Blue-ray players. In fact, you find IoT employed in a lot of places you might not have thought possible even a year ago. The point is that IoT is here to stay and we need to consider some of the ramifications of it on every day life.

One of the issues that hasn’t surprised me too much is the issue of security. Both my smart TV and smart Blue-ray player require me to enter a password to access the Internet through my wireless router (mostly because the router is configured to require one). So these devices do employ security to some extent. However, they remain logged on at all times, so the router is also configured to disconnect devices after a certain time. Each time I turn the devices on, I must reenter the password. It’s a level of security, but not necessarily the best security. Some devices, such as Apple Watch, lack any form of security. (In the case of Apple Watch, the device authenticates through an iPhone, so it still has some level of security, but not security that is part of the device itself.) Some industry pundits are saying that these devices will eventually kill the password, which means that some other form of primary authentication is needed.

The problem is increased by the proliferation of headless devices (products that lack any sort of display, such as a door lock, security system, or robots). In these cases, you can’t enter a password. No one is really sure how to secure these devices, but a solution really is needed and soon. Unless we find a solution, the issues surrounding intentional hacking will increase. A recent InfoWorld article, Welcome to the smart home … of horror!, emphasizes some of the sorts of things that could happen due to a lack of security.

Security and configuration problems aren’t just limited to outsiders gaining access to your home, office, business, or other location due to holes in IoT security. It also turns out that smart devices aren’t particularly smart, so sometimes you lose access to your network and its connected devices due to a combination of security and configuration issues when a failure occurs. In the ComputerWorld article, The Internet of Things: Your worst nightmare, you can hear about one person’s attempt to recover from a simple router failure. It turns out that simply replacing the router wasn’t enough—everything connected to the router needed reconfiguration and sometimes the task was less than easy to perform.

The world is in a age of transformation. The ride will be bumpy and the problems severe. When you consider the immensity of the things that are changing, the future looks incredibly different from anything that has gone on in the past. Not only is there IoT to consider, but the whole issue of robots and other technologies that are coming to fore. As these new technologies become part of everyday life, we have to ensure we can use them safely and that ability of someone to hurt us through them is curtailed. Let me know your thoughts about IoT security and configuration at John@JohnMuellerBooks.com.

 

Recycling Stalled

Recycling is an important part of the strategy for keeping planet Earth livable for future generations—not to mention making lives more enjoyable today. After all, no one wants to end up neck deep in garbage. Most recycling revolves around paper, metal, plastic, and glass. However, recycling efforts are starting to stall in America and other countries for various reasons. A common theme is that recycling doesn’t generate enough money to make it practical as a for profit effort. The companies tasked with obtaining, recycling, and selling the materials don’t make enough money to remain viable.

Of course, theories abound as to why this problem occurs, but the bottom line is that recycling must increase. Most countries recycle less than 50 percent of the waste that people generate (34 percent in America according to a number of sources), which means that the landfills still fill at a prodigious rate. I know that some people point to ancient civilizations that survived just fine without recycling, but the earth’s population also continues to grow and we will end up neck deep in garbage sooner than later at the current rate of use. A few people have embraced a radically new idea of simply moving to another planet once this one is used up, but barring some major advance in space travel, I don’t think that particular idea will work.

A major problem is that some companies have a hard time finding profitable venues for selling the recycled goods they make. You can find sites online that discuss all the innovative uses for recycled materials, but the fact is that the companies actually doing the work still say that profits are low and customers continually get more picky about the materials they’ll accept. In order to make sorting the materials easier and to ensure customers will actually buy the recycled materials, it’s up to individuals to ensure they do their part. For example, rather than stick an entire packing carton in the big blue bin, make sure you separate the materials to remove the materials that a company can’t recycle (such as Styrofoam) from those that it can. Sloppy consumer habits have actually resulted in the disappearance of some public recycling bins, such as those in shopping centers like Walmart.

Keeping some materials out of the garbage can in the first place can help you as well as the company responsible for performing the recycling. For example, composting materials (such as food) to create soil for items you can grow yourself saves money in the long run and makes it a lot easier to recycle the glass and other materials that currently end up creating a huge mess at the recycling company. In addition, ensuring you actually sort the materials according to the conventions for your local community will help.

The point is that recycling will continue to stall until everyone does their part. Ultimately, this effort may require that governments step in and provide financial incentives to keep recycling going (although, it would be better if they didn’t have to). Let me know your thoughts on why you feel recycling is stalling at John@JohnMuellerBooks.com.

 

Technology and Child Safety

I recently read an article on ComputerWorld, Children mine cobalt used in smartphones, other electronics, that had me thinking yet again about how people in rich countries tend to ignore the needs of those in poor countries. The picture at the beginning of the article says it all, but the details will have you wondering whether a smartphone really is worth some child’s life. That’s right, any smartphone you buy may be killing someone and in a truly horrid manner. Children as young as 7 years old are mining the cobalt needed for the batteries (and other components) in the smartphones that people seem to feel are so necessary for life (they aren’t you know).

The problem doesn’t stop when someone gets the smartphone. Other children end up dismantling the devices sent for recycling. That’s right, a rich country’s efforts to keep electronics out of their landfills is also killing children because countries like India put these children to work taking them apart in unsafe conditions. Recycled wastes go from rich countries to poor countries because the poor countries need the money for necessities, like food. Often, these children are incapable of working by the time they reach 35 or 40 due to health issues induced by their forced labor. In short, the quality of their lives is made horribly low so that it’s possible for people in rich countries to enjoy something that truly isn’t necessary for life.

I’ve written other blog posts about the issues of technology pollution. One of the most recent is More People Noticing that Green Technology Really Isn’t. However, the emphasis of these previous articles has been on the pollution itself. Taking personal responsibility for the pollution you create is important, but we really need to do more. Robotic (autonomous) mining is one way to keep children out of the mines and projects such as The Utah Robotic Mining Project show that it’s entirely possible to use robots in place of people today. The weird thing is that autonomous mining would save up to 80% of the mining costs of today, so you have to wonder why manufacturers aren’t rushing to employ this solution. In addition, off world mining would keep the pollution in space, rather than on planet earth. Of course, off world mining also requires a heavy investment in robots, but it promises to provide a huge financial payback in addition to keeping earth a bit cleaner (some companies are already investing in off world mining, but we need more). The point is that there are alternatives that we’re not using. Robotics presents an opportunity to make things right with technology and I’m excited to be part of that answer in writing books such as Python for Data Science for Dummies and Machine Learning for Dummies (see the posts for this book).

Unfortunately, companies like Apple, Samsung, and many others simply thumb their noses at laws that are in place to protect the children in these countries because they know you’ll buy their products. Yes, they make official statements, but read their statements in that first article and you’ll quickly figure out that they’re excuses and poorly made excuses at that. They don’t have to care because no one is holding them to account. People in rich countries don’t care because their own backyards aren’t sullied and their own children remain safe. So, the next time you think about buying electronics, consider the real price for that product. Let me know what you think about polluting other countries to keep your country clean at John@JohnMuellerBooks.com.

 

New Look! New Features!

If you’re visiting my blog for the first time this year, you probably noticed a few changes in its appearance. Sometimes a site changes its appearance simply to provide a different look—to enhance its aesthetic appeal. It’s true that I had used the previous design for a number of years, but that’s not the reason for the changes you see today. These changes come as the result of input from the people who read my blog and took the time to comment on it.

The biggest change is one that you can’t readily see until you access my blog from a smartphone. My site now works well with devices of all sizes so that you can gain access to the information my blog provides from any location using any device. It took me a while to find a theme that I thought would preserve most of the look and feel of the original blog, but allow for this added functionality. Even though the feel is a little different, the addition of this feature is important to enough readers that I really want it to work well.

As part of making my blog easier to use, I also went for a cleaner look. The new format should work in a wider range of settings, even in bright sunlight (as well as anything works in bright sunlight). The larger type should also make it easier for people with special visual needs to see. I tested the new setup out on a number of monitors and find that it scales better than the old design too.

Part of the update also affects my web site. I wanted to provide better consistency between the two locations. Some viewers said it was a bit disconcerting to use one layout on the web site and another on the blog. My original intent had been to provide the best layout for each setting, but this method of configuring the two locations didn’t work nearly as well as I thought it would.

Of course, I always want your input because this site is specifically designed to meet your needs. I want the readers of my books to get maximum benefit from them, which means having a blog that actually meets those needs. If you see what you like or want to express concerns about issues you don’t like, please feel free to contact me at John@JohnMuellerBooks.com. As always, your input is essential to the success of my books, my blog, and my other endeavors!

During the upcoming months I do plan to make additional changes. The blog has gotten a bit unwieldy, so I plan to remove some existing content to make room for new information. I’ll also be adding more linkage between my web site and the blog so that the two work better together. Your patience during this time of transition is greatly appreciated!

 

The Internet – The Home of Old Data Made New

I have to admit to making this error myself.  I’ll perform a search online and fail to fully check the freshness date of the information I obtain. Of course, there are several levels of freshness date to consider. The first level is the information source. This is the easiest level of data to check. You simply look at the date of the material when you get to the page. Unfortunately, some authors don’t date their work, so you can’t always rely on a posting date. The next best alternative is to ask the search engine to list only those entries that come from a certain time frame. In most cases, you can verify that the information appearing in an article or other posting is current enough for your needs.

Unfortunately, just verifying the posting date may not be good enough. The second level of check is the version of the products discussed as part of the post. For example, you might come to my blog and find a post on CodeBlocks. Unless you read the article carefully, you might think that I’m discussing the latest version of CodeBlocks. However, I have a number of books that rely on CodeBlocks, so I might actually be discussing an older version of CodeBlocks that I used in a specific book. Reading carefully and ensuring you understand version issues is the best way to verify this second level of information.

A third level of freshness checking is the information sources used by the author. This is where things get tricky because the author could truly think that the information source used for an article is the most current available, yet it’s outdated before the author even uses it. Some technologies change so fast that using a resource even a few months old is deadly. These resources become outdated so quickly that they can blindside even a professional author, much less someone who writes on the side. Verifying this level of information requires that you depend on at least three information sources (I recommend finding as many as you can). Gently nudging an article author and mentioning that the information sources might contain outdated material is often helpful when done in a constructive manner.

Freshness checking can occur at even deeper levels. The point is that you can’t be sure that a resource that keeps information literally forever contains the latest information on any given topic. In addition, even when that information is available, it’s up to you to find it. I do try to provide the latest information available when I can. However, when the topic is a question on an older book, I need to address the question in the context of that book and will provide you with some sort of version information so you know what to expect. If you ever question the freshness of the information I provide, please feel free to contact me at John@JohnMuellerBooks.com.

 

Web Security, A Lot More Complicated Than It Seems

I recently finished writing Security for Web Developers. During the months that I worked on the book, I became aware of a serious problem in the reporting, handling, and supposed fixes for the problem of web security—everyone seems intent on making things fast and easy. Depending on the source, you also see a fair amount of finger pointing at play. Sources put the blame on just one or two entities in most cases. Unfortunately, the picture is far more complex than simply applying a bandage to one or two potential security problem sources. I started understanding the problem when I wrote HTML5 Programming with JavaScript for Dummies and CSS3 for Dummies, but it wasn’t until I wrote this book that I began to understand the true enormity of the problem. It isn’t just one or two or three sources—it’s all the sources combined. In this latest book I explore a lot of different sources of security problems and provide advice on how to overcome these issues to some extent.

  • Users
  • Application Developers
  • Third Party Library, API, and Microservice Providers
  • Administrators and Other IT Staff
  • Product Distributors
  • Data Service Providers

Many other groups appear in the book as well. The more I dug, the more I found that just fixing one problem or educating one group wouldn’t solve anything. Hackers look for easy ways to gain access to applications and the current system provides them with plenty of opportunities. The current strategy of responding to just one potential threat will continue to fail simply because the hacker will move on to another threat. Unless an organization is willing to take a holistic approach to security, hackers will continue to enjoy overwhelming success without a whole lot of work. In writing Security for Web Developers, I attempted to provide a broader view of the security picture so that development teams that include all of the stakeholders involved in an application effort can finally work together to resolve the security issues in their individual areas of expertise (including users who are susceptible to too many kinds of attack to mention).

A reader recently asked me whether the strategies in my book will prevent attacks, which is a loaded question and one that is hard to answer. My view of security is that a determined hacker will always gain entrance to your system, so you must remain vigilant at all times. If someone wants your data, they’ll gain access, but if you’re equally vigilant, you can keep the damage to a minimum. For that matter, you might be able to prevent any real damage. However, you need to realize that no security measure you take is going to succeed all the time.

What my book does is help make your system less appealing. In other words, if a hacker is just looking for a system to invade and not specifically your system, then making your system less appealing will see the hacker move to other systems. Like anyone else, a hacker seeks to minimize effort and maximize gain. Making your system less appealing by employing a holistic security approach will increase the effort the hacker must employ and make it less likely that the hacker will continue probing.

Unless you really want to see your organization’s name join the victim list in the trade press, you really do need to employ security across an organization, which means vetting software fully, educating users, having appropriate policies in place, reviewing software before placing it in production, and so on. Using just one or two measures simply won’t work. Let me know if you have questions regarding my upcoming book at John@JohnMuellerBooks.com.