Thursday, June 30, 2016

#empoplaaybizz Revisiting Ingress - much has changed

It has been years since I have written about the Niantic Labs game Ingress. Several things have happened in that time.

First, after a brief rally playing Ingress in downtown Ontario, I drifted away from the game again.

Second, phone technology improved, allowing you to track exercise without using an app such as Runkeeper - rendering my Ingress-Runkeeper compatibility issues moot. But I didn't know that, because I had drifted away from Ingress.

Third, the Ingress application became available for iPhones. But I didn't know that, because I had drifted away from Ingress. And, after all, I didn't own an iPhone.

Fourth, within a couple of months of my Android phone upgrade (to a Galaxy S 5)...I got an iPhone from my work.

Fifth, at about the time that Google morphed (heh) into Alphabet, the Google subsidiary Niantic Labs announced that it would be independent of both Google and Alphabet.

Sixth, my office moved about three miles east of where it used to be. The relevance of this will become clear later.

Seventh, I loaned my Android phone to a mouse for eight months. But after the mouse left us to seek better cheese, I obtained possession of my Android phone again and thought, "Why not install Ingress on this phone?"

So I did, and immediately noticed that there appeared to be more portals than there were three years ago. In fact, there are at least a half dozen portals within walking distance of my new office. When I was last playing, there was only one portal within walking distance of my old office - now there are three.

After playing on my Android phone for a bit, I belatedly discovered that Ingress is now available for the iPhone, and installed it on that phone also. Since I'm using Apple Health (and Jawbone) to track steps, using Ingress on that phone provides the nice gameplay/exercise tracking combination that I've desired for years.

I'm slowly remembering how to play the game (while continuing to play it on my own terms), and so hopefully I will eventually progress in it. (My current level is level 4.)

Oh, and another thing changed; Ingress now has sixteen levels, not just eight. So I'm now twelve levels away from the top.

Wednesday, June 29, 2016

#brexitubi Empoprises Rule of Brexit Ubiquitousness

There's one Empoprises Rule that I haven't gotten around to finishing yet. I got really close last December:

I have yet to formally publish the Empoprises Rule of Fair Food that I have previously mentioned, but I will reveal that part of the rule involves the universal use of the suffix "on a stick." (At this time I am not prepared to reveal the prefix that can be universally used - suffice it to say that it rhymes with "lied" and "died.")

But I'm ignoring that now because I want to work on another rule, suggested to me by my RSS feeds. (Thanks Winer.)

Early this morning I was reading one of my RSS feeds, and three articles in a row were of the "What does Brexit mean for..." ilk. This sort of analysis, conducted after the United Kingdom's Brexit referendum, meets the need of all of us to understand what the heck Brexit will do.

I am forced to conclude that Brexit, like chaos theory, will affect everything. And I mean everything.

Hence, my latest copyrighted rule (copyright 2016 John E. Bredehoft):

The Empoprises Rule of Brexit Ubiquitousness

When the phrase "What does Brexit mean for" is followed by ANY word or phrase, the resulting question will be meaningful and worthy of serious consideration.

Perhaps a few examples may be helpful.

What does Brexit mean for...fair food?
What does Brexit mean for...Kim Kardashian's personal assistant?
What does Brexit mean for...Nickelback?

Have fun...and use the #brexitubi hashtag with abandon.

Monday, June 27, 2016

Why I don't fear Big Brothersky, late June 2016 edition

In my previous posts in the "why I don't fear Big Brother" vein, I've pretty much concentrated on U.S. organizations. Because I live in the United States, I know that the FBI-CIA-DHS is not this one monolithic agency. But when I am looking at governments that I don't know a lot about, that knowledge goes out the window.

Take Russia. Back in the day when Russia was part of the Soviet Union, we thought of it as an "evil empire," controlled by Darth Vader-like forces, and always working together under control of the Soviet king. The rules of bureaucratic infighting apply just as much in Russia as they do in the United States, as the two recent hacks of the Democratic National Committee demonstrate.

Yes, two hacks.

One group, which [security company] CrowdStrike had dubbed Cozy Bear, had gained access last summer and was monitoring the DNC’s email and chat communications, Alperovitch said.

The other, which the firm had named Fancy Bear, broke into the network in late April and targeted the opposition research files [on Donald Trump]. It was this breach that set off the alarm.

In passing, it should be noted that the hacker groups are probably really upset that they are now known as "Cozy Bear" and "Fancy Bear." But who are they?

The two groups did not appear to be working together, Alperovitch said. Fancy Bear is believed to work for the GRU, or Russia’s military intelligence service, he said. CrowdStrike is less sure of whom Cozy Bear works for but thinks it might be the Federal Security Service, or FSB, the country’s powerful security agency, which was once headed by Putin.

So these hackers were from separate parts of the Russian government. Well, why didn't they just work together? Because it is rarely in the interest of separate bureaucracies to work together.

“There’s an amazing adversarial relationship” among the Russian intelligence agencies, Alperovitch said. “We have seen them steal assets from one another, refuse to collaborate. They’re all vying for power, to sell Putin on how good they are.”

And now things will get even worse, since Fancy Bear - Putin's ex group - is the one that ruined the party for both groups. Cozy Bear will now call Fancy Bear a bunch of incompetents, while Fancy Bear will ask Putin to exterminate Cozy Bear just because.

And what did Fancy Bear learn about Donald Trump? The Post article doesn't say, but presumably there's a Fancy Bear report somewhere that says that Trump likes women and likes shooting off his mouth.

(An aside for my regular readers - the deeplinks in this post will probably result in a follow-up post in the Empoprise-MU music blog - even if I didn't work Bob Dylan or Doris Day specifically in there somehow.)

Saturday, June 25, 2016

Hewlett Packard All in One Printer Wasn't All in One for a time (on scan and copy power)

Although I didn't advertise it at the time, I recently left my home for a one-week vacation in Washington DC. (Actually more than one week, including an overnight stay in a cot at DFW, but that's another story.) Before leaving the house, I dutifully turned off and/or unplugged various electronic devices, thinking nothing of it...

...until, after our return, we were unable to scan a picture on our HP 8600 All-in-One printer - the kind that prints, copies, scans, faxes, shines floors, and improves desserts.

The printer still printed, but the scanning part wasn't scanning. And then we discovered that the copying part wasn't copying either. Time to visit the HP Customer Support website, where I found a page that specifically addressed my error message:

Scanner failure. Unable to scan, copy, or send a fax

So I proceeded to solution one, resetting the printer. This was a simple solution that required me to unplug the power cord at the printer end, unplug it at the surge suppressor, and then replug the cord at the surge suppressor and printer ends. After this I was able to successfully copy - but couldn't scan, and then was unable to copy again.

Time for solution two, which definitely merited consideration.

The surge protector, extension cord, or power strip you were using [may] not allow enough voltage for the printer to work properly.

I then remembered that when I went on vacation, I ended up unplugging a few things. By chance did I unplug the printer from the wall, and then plug it in to the surge suppressor?

On to executing solution two. I tried to turn the printer off, couldn't, and then proceeded to step 2 to unplug the printer from the surge suppressor. After plugging it directly into the wall outlet, everything worked fine, including both copying and scanning. (I haven't had the fax set up for years.)

I then remembered why I probably didn't have the printer plugged into the surge suppressor in the first place. I was probably afraid that I'd overload the surge suppressor. And after all, new printers can be bought for a couple of quarters these days (the old "sell the razors cheap and razor blades dear" strategy), so it really didn't matter if an electrical storm fried my printer.

Now I just have to replace my ancient Windows Vista computer.

Wednesday, June 15, 2016

#empotuulwey In which Chris Brogan, Jesse Stay, and I use the "B" word

WARNING: While I will try to redact a particular offensive word that begins with the letter B, there is a chance that I may slip up and forget to redact it on one or two occasions. Sensitive people should avoid this post.

Not too long ago, I made a change to my LinkedIn profile. My profile lists my Empoprises work in addition to my day job, but the profile does not describe me as a Freelance [REDACTED]ger. Instead, it describes me as a Freelance Writer/[REDACTED]ger.

Why is writing listed before [REDACTED]ging?

Well, duh!

I was reminded of the [REDACTED]ging controversy earlier this month when I saw this item (note that I saw it on Facebook). It's something shared by Chris Brogan.

Brogan's original written product, found at, makes the point that content is still being created. It's just that people aren't going to the [REDACTED]s directly, but getting there via avenues other than direct visits or Google Reader.

Going back to the Facebook share of Brogan's written content, Jesse Stay offered the following comment:

It's not what it used to be though

This reminded me of something - namely, the fact that the [REDACTED]ging is dead debate has been going on for years - possibly even BEFORE Google Reader starting pining for the fjords. In fact, I wrote about it back in 2012, back when Chris Brogan was writing "Never Fall in Love With the Medium" and Jesse Stay was writing"My Official (and Obligatory) 'Traditional [REDACTED]ging is Dead' Post."

It's important to note that Brogan and Stay are NOT disagreeing with one another. This excerpt from Stay's 2012 written product illustrates a point that Brogan would heartily agree with:

Does that mean that personal opinion and citizen journalism is dead? Does that mean that sharing is dead? Does that mean engagement is dead? In fact, it’s even greater than ever.

The one change, as Brogan notes:

Gone are the days of “Just write something because we were told to have a blog by some ‘guru.'” Instead, you have to have created something of value.

What is value? Is this particular post one that I'm going to immediately rush and share on LinkedIn, Instagram, terrestrial radio, and fake scientific journals? Probably not. I'd be willing to bet that the majority of people don't even realize what word I'm consistently redacting throughout this written product, and therefore would be confused by the content.

But perhaps it's something that I can refer to later. After all, when you have a [REDACTED] of sequential written products (this [REDACTED] alone has over 2,600 of them), it's a resource that I - and you - can dive into at will as needed.

P.S. It has occurred to me that by redacting the offensive word, I have shot myself in the foot regarding search engine optimization. So if you are a sensitive individual, stop reading now. Because I am going to use the offensive word.

Like a true so-called "SEO expert."

blog blogs blogger blogging blog blogs blogger blogging

Tuesday, June 14, 2016

Can you hear me...NOW? (When spokespeople become free agents)

It seems like a good idea at the time. "Let's start an ad campaign and use a highly recognizable character as part of it!" a marketer exults. So the campaign is launched, people like it, and the campaign - and its character - get attention. A lot of attention.

But the years go by, times change, and contracts expire. The most interesting man in the world isn't so interesting any more. The two guys on the porch - no, their real names were NOT Frank Bartles and Ed Jaymes - lose the support for which they were so thankful. We don't really care what beer Bob Uecker and John Madden drink any more (we want to see women wrestling). And we don't want to know what Jared Fogle is doing.

Or, in the case of former Verizon pitchman Paul Marcarelli - Verizon's "Can you hear me now?" guy - Verizon didn't want to hear him any more.

By Stagophile - Own work, CC BY-SA 4.0,

The contract with the spokesperson ends, and perhaps there's a non-compete clause, but eventually it also ends. Which leaves the pitchperson free to work for someone else, to the possible embarrassment of the original company.

And Paul switched to Sprint.

Verizon can do nothing to prevent Paul Marcarelli from working for Sprint, so they're trying to make the best of a bad situation.

"Sprint is using our 2002 pitchman because their network is finally catching up to our 2002 network quality."

Sprint is hoping that Marcarelli's presence will help convince people that Sprint is now the better network. Meanwhile, Verizon is hoping that people won't remember Marcarelli, or won't care even if they do remember him. Meanwhile, Marcarelli is hoping that Sprint's contract lasts as long as Verizon's did. And T-Mobile's former spokeswoman Carly Foulkes and AT&T's current spokeswoman Milana Vayntrub are hoping that there's more wireless service money to be doled out to actors.

Monday, June 13, 2016

When small data is more important than big data

Have you ever completed a survey?

While surveys are sometimes conducted for other purposes, the usual reason for conducting a survey is to obtain information from a subset of the population, and use this aggregated information in decision making.

For example, if the Donald Trump campaign took a survey and discovered that the majority of people think he shoots from the lip way too often, the campaign would then conclude that Trump should be quiet. And Trump would immediately overrule his campaign staff. But I digress.

To get back on topic, I'm going to look at something that I wrote back in February. Here's an excerpt:

I cannot share the details of the two instances, although there is one that I'd REALLY like to share if I could. But both boil down to the same thing. In each case, Person A sent an email to Person B at a particular company. Not receiving a response, or an out of office message, Person A sent a follow-up message to Person B. After increasing frustration, Person A finally asked other people, "Why isn't Person B responding to my emails?" In both cases, it turned out that Person B had left the company, and the person's email account was not disabled.

Now I'm going to reveal a few things - but not everything - about one of these instances.

Person A was (and probably still is) an accounts receivable person at a company that I'll call Company X. Person B is the person who signed the contract with Company X for its annual service - a service that has an auto-renewal clause if you don't cancel at a particular time.

Filling in the blanks from my February post, Person A sent the annual renewal bill for the next year to Person B, who didn't answer his email because he had already left the company. Finally, after several months, Person A sent an obnoxiously-worded email to everyone that he knew at Person B's company, saying that the bill was overdue and was about to go to collection.

At this point the people at Person B's company decided, "Well, the new term hasn't started yet, so we just won't renew."

That's when they found out about the auto-renewal clause, and that the date to cancel had already passed.

So Person B's replacement paid the bill for the forthcoming year, then immediately sent a notice cancelling the service. Both sides were unhappy with the whole episode.

Several months later, employees at Person B's former company received a survey from Company X, asking for opinions of Company X's service. Person B's former coworkers just rolled their eyes - after all we went through, Company X is asking how we feel?

The results of the survey, of course, would be aggregated with everyone else's from the survey, and conclusions would be drawn from the aggregated data.

This is one of the data points that formed part of the aggregated data.

Now this data point in and of itself doesn't provide a lot of context - the person who completed this survey was so disgusted with Company X that most of the open-ended responses were left blank. (Why bother?)

But when all of the data is aggregated together, it will provide even less context. The aggregated data will simply report that in response to question 10, 1.62% or 2.3% or whatever of the respondents indicated that they would never recommend Company X. And then Company X will have to decide how to improve its performance in that area.

And I'd be willing to bet that Company X's solution won't please Person B's former coworkers. Company X doesn't have all the necessary data, despite its survey.

P.S. For more on surveys, see this Marketoonist cartoon.

Tuesday, June 7, 2016

Why I don't fear Big Brother, June 2016 edition - and WHY the DHS is at war with the DHS (and we are at war with ourselves)

In our last installment of "Why I don't fear Big Brother," we looked at an interturf battle between various entities within the Departments of Defense, Homeland Security, and Justice - including a battle between two units within the Department of Defense against each other. In that post, I quoted from a 2012 Wired article.

In the midst of an ongoing turf battle over how big a role the National Security Agency should play in securing the nation’s critical infrastructure, a Defense Department official asserted on Wednesday that the military’s controversial intelligence agency should take a backseat to the Department of Homeland Security in this regard.

DHS as of August 26, 2015. From the DHS website.

Fast forward to today, and we're talking about a fight between two parts of the DHS. This is actually part of a larger battle - the two people who raised the topic were Republicans, and one of them noted that this problem occurred while Democrat Barack Obama was in charge - but the referenced fight was an incident that occurred after last year's terrorist attack in San Bernardino, when Enrique Marquez, an admitted friend of Syed Farook, happened to be at a DHS facility for an immigration hearing.

"The report from the Office of Inspector General confirms whistleblower complaints I received about a dangerous lack of coordination between Immigration and Customs Enforcement and U.S. Citizenship and Immigration Services,” said Sen. [Ron] Johnson. “The refusal to allow armed ICE agents into a USCIS facility to detain a suspected terrorist could have had tragic consequences. Congress created the DHS to unify and improve coordination among agencies in defending our homeland. What happened in the San Bernardino USCIS field office on December 3 shows that work remains. I hope Secretary Johnson and DHS leadership take this independent watchdog report to heart."

So why did the USCIS burn ICE when they came calling? The press release goes into the thought process that occurs when bureaucrats collide.

The DHS OIG report found that USCIS “improperly delayed HSI agents from conducting a lawful and routine law enforcement action.” The HSI agents waited 20 to 30 minutes in accessing the USCIS building because the USCIS field office director incorrectly asserted that she had authority to determine who could and could not enter the building. The report states that the HSI agents should have been allowed to enter the building immediately after they had identified themselves and explained their purpose. The USCIS field office director incorrectly asserted that USCIS policy prohibited making an arrest or detention at a USCIS facility.

So what happened in this case? Whether you're a USCIS field office director, a political campaign volunteer, or a strategic marketing manager, your primary loyalty is not to humanity, or to your (country's or company's) president. Your loyalty is to the person right above you. People leave jobs because of bad bosses, so it stands to reason that people stay in jobs because of good bosses.

So in this particular case, the USCIS field office directory expressed her loyalty to someone within USCIS, not to the overall goals of the U.S. Department of Homeland Security. Thus, the vision that a unified Department of Homeland Security would result in a unified purpose in all of its components has come to naught.

But this isn't just isolated to a single USCIS official. In fact, I am guilty of the same issue. When I worked as an AFIS product manager for Motorola, I did not spend every waking hour of every day wondering about how police radios and RAZR phones should penetrate the market. And if you ask me today whether I constantly worry about aircraft engine sales, my response is - no comment. Although to be fair to myself, the folks at Safran Helicopter Engines (formerly Turbomeca) don't spend their days and nights worrying about ANSI/NIST-ITL 1-2011 either.

Back to the USCIS-ICE brouhaha - in the end, the half-hour standoff between the two agencies didn't matter. Enrique Marquez, rather than going on a shooting spree or anything like that, instead went to the UCLA Harbor Medical Center psychiatric ward and was subsequently arrested.

No word on whether the psychiatric ward had to battle any other units within UCLA regarding Marquez.

Monday, June 6, 2016

Duh! court case of the day

Courthouse News Service reports that the Arizona attorney general has brought suit against a company that received clothing orders (and money) from customers, and that 900 customers never received their orders.

The name of the company in question?

Lawless Denim & Co.


I have found independent confirmation that Lawless Denim has problems filling orders.

The history of Lawless Denim can be traced on its Kickstarter page. Despite original high hopes for Roman Acevedo's firm, its web page is defunct, and its unofficial Facebook page is occupied by rugged hardworking American crickets.

Thursday, June 2, 2016

#empoexpiire Microsoft's approach to password protection

Warning: this post presents some theories from Microsoft, and there are those of you who think that Microsoft is stupid, backward, and evil. Therefore, some of you will probably want to do the exact opposite of what Microsoft recommends.

For example, IT professionals may want to enforce password expiration schemes and insist on password complexity rules.

Why? Because Microsoft says they're ineffective.

Now that the Microsoft haters have stopped reading this post, shaking their heads at the post's inanity, let's turn to the work of Microsoft program manager Robyn Hicock. In brief:

I’d recommend you read this great whitepaper that Robyn Hicock, a Program Manager on our team just published online. It highlights a bunch of very cool research and gives some great guidance on improving the security of passwords.

The paper draws on some great work done by the folks in Microsoft Research, our data and learnings from 10+ years of defending the Microsoft Account service from attacks and information across the industry.

I think it will change the way you think about your password policies. For example, did you know that in the real world all of these common approaches:

•Password length requirements
•Password “complexity” requirements
•Regular, periodic password expiration

actually make passwords easier to crack? Why you might ask? Because humans act in pretty predictable ways when faced with these kinds of requirements.

In the paper (PDF), Hicock refers to "anti-patterns" that result from the use of common security techniques. Regarding password expiration, Hicock notes (as others have noted) that

Password expiration policies do more harm than good, because these policies drive users to very predictable passwords composed of sequential words and numbers which are closely related to each other (that is, the next password can be predicted based on the previous password)....

One study at the University of North Carolina found that 17% of new passwords could be guessed given the old one in at most 5 tries, and almost 50% in a few seconds of un-throttled guessing. Furthermore, cyber criminals generally exploit stolen passwords immediately.

But this is just one of the "anti-patterns." Password length and complexity requirements result in their own anti-patterns, as detailed in Hicock's paper (PDF).

And why listen to Microsoft? Because it deals with passwords like Facebook deals with users - in massive quantities.

Microsoft sees over 10 million username/password pair attacks every day. This gives us a unique vantage point to understand the role of passwords in account takeover.

So while you've been reading this post, Microsoft has dealt with over 10,000 password attacks. Perhaps we should listen to the company.

And what DOES Microsoft recommend? One of its recommendations is to ban common passwords, as defined in a constantly-updated list of common passwords. The white paper links to a list of the most commonly used passwords in 2015. Spaceball's famous "12345" password is on the list of the top 25 passwords, and has been for a while. But in 2015, a number of new passwords made the list, such as "princess" and "solo." And if you're not sure why those passwords suddenly appeared on the list, perhaps another password - "starwars" may give you a hint.

Of course, the most popular passwords in 2015 may not help the criminals in 2016. I'd be willing to bet that by the end of the year, "makeamericagreatagain" will appear on the list, despite its length.

Wednesday, June 1, 2016

Painting a mental picture of some ALMOST complete instructions

They should really put instructions when going to a hotel on how to use the shower, I can never get it to work then I feel really dumb for not knowing.....

I spent the last week in a hotel...which means that I spent the last week dealing with hotel showers.

They can be confusing. You're used to your home shower, and then you're in this other room with unfamiliar bathroom fixtures. So when you take your first shower during your stay, you have to allot some time to figure out exactly how to take the shower.

But this hotel thoughtfully provided a solution. I failed to take a picture of the solution - for some reason, whenever I was in the shower, I didn't have my camera with me - but when you entered the shower, you could see some printed instructions that covered how to use the shower.

Pull the handle - water comes on.

Push the handle - water goes off.

Turn the handle counterclockwise - water gets hot.

Turn the handle clockwise - water gets cold.

Although these aren't the instructions for MY hotel shower, these instructions from Lemonsoap illustrate the concept. While Lemonsoap believes that the very need for instructions indicates bad design, I assert that it is probably impossible to design a shower fixture that is intuitive for a worldwide audience.

As you can see, the Lemonsoap-cited instructions, as well as the instructions that I found, covered EVERYTHING that you would need to know to use the shower. Right?

Well, almost everything.

The printed instructions failed to tell you how to change the water from the BATH faucet to the SHOWER faucet.

Luckily, I was able to find the separate control to switch between bath and shower - but what if I couldn't?