Getting hacked was only the beginning

Here's a great article about what happens when someone malicious takes control of your Gmail account. It's by the person that knows best: the person who got burned. Without spoiling it, they were in a world of hurt. Go read it.

One way that this whole thing could have been avoided was turning on two-factor authentication, "something you know plus something you have". The basic idea is that you don't just have a password, you also have some randomly rotating key that is attached to a physical device in your possession. For something like a corporate network, it's a little keychain that looks like the readout at the top of a solar calculator, with 6 numbers that change every 30 seconds. You type in your password with the 6 numbers at the end.

For Gmail, it requires that every time you log in to Gmail using a new device, and once per month after that, you have to type in the 6 digit code that they SMS to your cell phone. If you have to pay for texts this might not be the best. You can also print out backup one-time use numbers that will work as codes. Do this if you want to feel like a spy.

The great thing about two-factor authentication is that even if somebody knows your password, their ability to guess random numbers you have no control over is limited. For well designed systems like Gmail, they won't be allowed to try your password plus all million random numbers they need to enter to get into your account. Instead, after a small number of failures, they'll get locked out.

Another way most of this could have been avoided is using a program like Thunderbird to download all your mail to a local backup. You still might lose control of your account, but you won't lose years of your personal lifestream.

Without putting too fine a point on it, I'm proud of the way my company, Amazon, puts the customer first. Like good design, security, and scalability, you can't bolt on the customer service after the fact. Getting there might be painful for Google.

Lastly, I think this is not the last wake up call for personal data. Over the past several years, like all of you, I have outsourced some personal data to big corporations who may not be aligned with my interests. I've thought twice about how to own my own data and send it out to everyone. I think I'm settling on Blogger plus RSS to Google+ and Facebook. Eventually I'll host my own blog and email, as soon as I can think of a killer domain name (not surprisingly, most variations of danlewis.com are already taken). That's just the first step toward decentralizing the big sprawls these social networks have become.

Voyage begins

So maybe I'll restart this blog with an ending.

Sarah and I finished watching Star Trek: Voyager a couple nights ago. It didn't catch my interest while it was on. I distinctly remember my college roommate Rob watching, I think it was the black-and-white pulp episode.

Like all the Star Treks it had highs and lows. There were truly sublime episodes, like the one where two people are fused into one joint body and personality by a transporter accident, or the one where the crew go to work on a factory planet, or the one with the perfect prison, or the one where the crew is observed by aliens through the eyes of the doctor. And there were truly stupid ones, like the one with the big ball of water, or the space race, or the one with the self-aware ship. I actually called the entire plot of that last one from the cold open, you have to admit it's completely predictable.

I just noticed a pattern here. I loved all the doctor episodes (and more) and hated all the Tom Paris episodes. Similarly, loved Seven and Janeway episodes, hated B'Elanna and Chakotay episodes. Tuvok, Neelix, and Kim were somewhat hit or miss.

It was Star Trek, so there were Borg episodes and Q episodes and special appearances by the crew of the Next Generation and lots and lots of time traveling. And the techno-jargon got to me this time. I can't remember how many times I guffawed at officers solving problems by "trying a recursive algorithm". (For non-computer-scientists, this is a very fundamental way to write extremely simple functions.) There was a lot of reversing of shield polarity, subspace and gravimetric distortions, tachyons, and warp signatures. I even found a website that generates the babble.

I would up or down episodes early, and almost always be right. This annoyed Sarah immensely.

I had so many problems with the technologies the crew did and didn't have that I made it a personal snowclone: "They don't have X in the 24th century?" And tried to work it into every episode. It wasn't hard: body armor, personal shields, independent power sources, file permissions (there's one episode where Tom Paris rewrites a holo-novel written by the doctor without authorization), backups, lifestreaming, surveillance systems. These simple technologies, presumably ubiquitous, would have broken entire episodes.

Sarah's (or my) personal favorite was an episode where the ship shut down the warp core and main power and wandered around with flashlights stuck to their hands. So I said, "They don't have glowing glow globes in the 24th century?" Everybody knows, of course, that a glowing glow globe is a ball that floats in the middle of a room and sheds light on all angles. It has an independent power source and can float and glow for a long time. But I think all Sarah really heard was that I had said three different consecutive words that all start with 'glo'.

Despite these disadvantages (or lovable hangups), every two or three episodes one would come along that blew your socks off. And that's what Star Trek's really always been about.

At its warm heart, the show was about adrift people trying to get home, and their personal voyages of self-discovery and growth. It worked on that deep level for me most of the time. Sarah and I miss it already.

Dan's 2010 mix

Ok, so it's a little late, but...

I like putting together mix CDs. Who doesn't right? But there's a certain challenge in making it flow and giving it a kind of story and ending it all in 80 minutes. That's right, all my mix CDs are concept albums.

My brothers and sisters started a tradition of making these for each other for Christmas last year. I found myself putting together a bouncy album and a depressing album so in 2009 we had the Down album (featuring Radiohead) and the Up album (featuring Garrison Keillor). You get the idea. I had a mix for Groundhog Day, for traveling, one with all songs about death, one for Vancouver, you get the idea.

This Christmas, all the songs and albums were from 2010! It was a very good year. I can recommend all the individual albums, although The Lady Killer can get... dirty.

I keep coming back to this mix for listening pleasure, so I wanted to share it.

Yes, my CD contained Arcade Fire before they won the Album of the Year Grammy. :o) My album of the year was Sufjan Stevens' dizzying, outer space apocalypse symphonic dance rock album, The Age of Adz, but it's not for everyone. I was not surprised at all that Arcade Fire won. For me it was a no-brainer. It's got tons of musical variety, some big ideas, and real emotion behind it all.

01 Suburban War - Arcade Fire, from The Suburbs
02 Enchanting Ghost - Sufjan Stevens, from All Delighted People EP
03 Anyone’s Ghost - The National, from High Violet
04 This Is The Song [Good Luck] - Punch Brothers, from Antifogmatic
05 England - The National, from High Violet
06 I Can See Your Future - Belle and Sebastian, from Write About Love
07 We End Up Together - The New Pornographers, from Together
08 Next to the Trash - Punch Brothers, from Antifogmatic
09 Wasted Hours - Arcade Fire, from The Suburbs
10 Futile Devices - Sufjan Stevens, from The Age of Adz
11 Sweet Talk, Sweet Talk - The New Pornographers, from Together
12 You Were A Kindness - The National, from High Violet (Expanded Edition)
13 Up In The Dark - The New Pornographers, from Together
14 Read The Blessed Pages - Belle and Sebastian, from Write About Love
15 Old Fashioned - Cee Lo Green, from The Lady Killer
16 Get Real Get Right - Sufjan Stevens, from The Age of Adz

If you're looking for a mix CD, let me know and I'll send you an ISO.