For the past few runs, I noticed that my Gear Fit 2 would only lock onto GPS after more than 0.5 km. By “noticed”, I of course mean “got super frustrated with and considered briefly throwing the gadget onto the ground and arranging for its utter disintegration through repeated jumping on it”. Besides losing the first 0.5 km of my run data, the pacing information, delivered via synthesised voice, would be wildly inaccurate for the rest of my run.
Based on this tweet by Enrico Bertini: Little project I developed during the break looking back at 2016: "Quantifying and Visualizing “Deep Work”" https://t.co/s3d9Zn685Q — Enrico Bertini (@FILWD) January 3, 2017 … after having been successfully primed by this one some weeks ago (because locals!): I also recommend https://t.co/pILlM1OZpf. I was skeptical, but it’s surprisingly good. — Rian van der Merwe (@RianVDM) December 22, 2016
Following the rich tradition over here of year transition posts, having just rounded off a brilliant outdoorsy take-your-mind-off-of-everything vacation with friends, and also inspired by wogan.blog’s nicely personal 2016 review post, I decided that a farewell-2016 how-you-doin’-2017 post was in order. By the way, by rich tradition I mean that I wrote the grand total of one (1) similarly titled post previously, as the year ticked from 2009 to 2010, and at least one other, disguised as a weekly head voices, as we entered 2012.
Since yesterday (Tuesday January 3) multiple fires have been raging in my neck of the woods. Due to the superhero firefighters and their flying machines (multiple waterbombing helicopters and fixed wing planes), the fires surrounding my specific neighbourhood (Rome Glen, Somerset West) have been brought under control. It was quite scary yesterday when we could see trees going up in flames a few hundred metres away from our house. Late this morning there were still some flare-ups close by, but the helicopters were on the scene within minutes to waterbomb them out of existence.
Due to my terrible running addiction, my recent acquisition of the Samsung Gear Fit 2 sports tracker watch, and the mechanical incompatibility of the Bluedio Ci3 earphones with my ears, I was again in the market for a new set of bluetooth earphones. (The earphones are not only to listen to MP3s on the watch, but more importantly, to hear the pacing information communicated by the watch’s terrible synthesised voice.)
With some config file elbow grease, Karabiner-Elements works wonderfully on macOS Sierra to remap your keyboard to Dvorak. I have been using Karabiner for a while now to remap my keyboard to Dvorak, as the OSX system Dvorak keyboard mapping exposes a bug in many Java apps, including all of the JetBrains development environment tools I use intensively, whereby the keyboard is in fact Dvorak, but all shortcut keys are Qwerty, which is of course tremendously confusing.
(Summary: Cryptographically signing messages with my long-term PGP keys is too important to give up. Doing this on my Android telephone is easier than I thought. You should strengthen your secret key encryption if you’re also going to do this.) Recently, Filippo Valsorda, cryptography expert and TLS guy at Cloudflare, wrote that he was giving up on PGP, or at least on long term PGP keys. I agree with many of his points, especially the complexity of managing those keys, lack of forward secrecy (if someone were to steal my keys, they could decrypt all past conversations, unlike for example Signal) and accessibility (how do you verify a message with a baby on your left arm and your telephone in your right?
(With this edition of the WHV, I’m looking back through exceptionally forgetful lenses at the period of time spanning from Wednesday November 9 to Sunday December 4, 2016.) This post has been lying around in draft form since Sunday November 20. However, two of the bullet points I was planning to mention, one making the case for preferring short-form blogging over twitter and the other lamenting the sorry state of security on the Android operating system, somehow grew spontaneously into blog posts and then managed to make their way onto the Hacker News frontpage and various other high-traffic aggregators.
Oh happy day! Last night I released version 1.0.0 of nvpy, a cross-platform (linux, mac, windows) simplenote-syncing note-taking app. nvpy is also my most popular open source baby, at least by github stars and forks. Screenshot of nvpy 1.0.0 with a demo database of notes. Since I first released nvpy in 2012, automattic have released their own official open source desktop app for simplenote. Although the official app is prettier (it is electron-based), nvpy is faster and uses a fraction of the RAM (70MB RSS vs 1000MB+ RSS).
Summary Your phone probably contains banking, payment and personal information that can be remotely stolen via numerous known and unknown bugs in the Android software. This is attractive to criminals. Vendors (LG, Samsung, Xiaomi, etc.), after selling you their phone, have no incentive to keep your phone’s software up to date with Google’s fixes. Your Android phone is probably out of date and therefore a gaping security hole through which attackers can steal your stuff from the safety of their own laptops.