I don’t want to use biometrics on my phone. There are a lot of reasons, most of them not very good for a nobody like me. Still, I like reading about OPSEC and thinking about it.

Biometrics are not revocable like a code. That may seem like a strange concern, but if, say, your fingerprint gets reproduced on the internet, there’s no way to prevent its abuse. People have 3D-printed fingers in gelatin with a captured image and gotten past phone fingerprint sensors. Many years ago when I was in the aerospace industry, we’d joke about the Russians “borrowing” your head if they wanted to get through the retina scanner at a secure facility. Again, do I have this kind of security requirements? No, but I still don’t want to use biometrics.

For the longest time, I couldn’t find the way to get Apple to honor my preference. I get a daily pop-up telling me to “finish setting up your phone.” Naturally, it pops up when I’m in the middle of a phone call and trying to do something with my calendar or something, and it gets in the way. Furthermore, it’s disrespectful. I don’t want to set up Face ID. Stop bugging me, Apple!

I used to be able to click into Preferences > Finish Setting Up Your iPhone and clicking the “Set up later…” button on each feature I didn’t want. Now there’s only an “Enable” feature. But it turns out that you can click the “Enable” and then “Cancel” when it asks for your passcode. This stops the nagging.

Apple has always thought they know best how you should be using their products. I’m finding it increasingly annoying. Why should each update turn on Apple Intelligence? I don’t want “AI” just as much as I don’t want biometrics.

I don’t want to go full Luddite, but maybe it’s time for me to start thinking more along the lines of a dumber phone.

So, computer folks always talk about the 3-2-1 strategy of backups: have three copies of your data, stored on two different types of media, with one geographically separated. They also like to repeat slogans like “if you have one backup you have no backups.”

For years, I’ve relied on Time Machine, the backup system Apple includes with their operating system. It not only provides a backup, but it keeps multiple versions of files, so if you, for example, accidentally clobbered your book manuscript by searching and replacing a badly-chosen term but didn’t notice for a week, you could go back to the version you had backed up last week. I felt like I was doing a pretty good job of securing my data: I back up onto an external drive at home, and I also back up on an external drive at the office, a little over 1km away. These external drives are encrypted, so if someone were to break into either place and swipe a drive, they’d have the hardware but not my data.

A few years ago, I also added another layer of redundancy: an encrypted cloud backup. I hadn’t liked the cloud backup services I’d seen before, because all of my files would be on someone’s machine where I had no control over them. A screw-up on the part of a system administrator somewhere could make my files available to the open internet! However, a bunch of new services started offering encrypted backups, where the encryption happens locally and the service doesn’t have view into your files other than it’s a big chunk o’ data (more on this later).

To make a long story short, I tried a few services, and went with Backblaze (disclaimer: that’s an affiliate link, I get credits if you follow it and subscribe. You can always avoid that by going directly to https://backblaze.com).

Fast forward a few years. A friend who’s not particularly computer savvy needed help with some IT stuff. They had an external hard drive connected to their machine and used Windows backup, but the process had silently failed a year before. In diagnosing and fixing this, I also convinced them to pay for and use cloud backups.

This friend lost their house and everything in it during the wildfires last week. Among the long list of things that they didn’t have time to grab before evacuating was that backup hard drive. Cloud backups to the rescue! I was able to download all their files for them.

The surprising scope of the fires also brought one thing into sharp focus: my original strategy of “one backup at home and one at the office” is really insufficient. One kilometer’s not far enough away! Having a remote backup somewhere is an important part of backup plans.

I mentioned above that encrypted cloud services like Backblaze have no visibility into your data. This is not completely true. If you use their encryption scheme, the data is encrypted on your local machine before the data is transmitted over the network. So it’s true in normal operations that there’s no way for them to see the contents. However, when you use their interface to restore files, you need to give them your encryption key so they can identify which file(s) you wish to restore. That means the data is (at least temporarily) decrypted on their servers. When I did a full restore of my friend’s files, I provided the key and they generated a zip file for me to download. That zip file was not encrypted. They say it’s on their server for only a seven days, and I don’t have any reason to distrust them.

I want my data encrypted when it’s backed up because I have financial information like account numbers, etc, that could be abused. That these could exist as clear-text on someone else’s server for short periods of time is not ideal, but it’s also a pretty minimal threat. That being said, if you are involved in journalism, political activism, or other activities where your information could impact people’s lives, this may not be the best solution.

[insert old man yelling at cloud meme here]

Everybody’s pissed off because things are crappy and they used to be better. I know I certainly am. But it’s not “regulations” or “wokeness” that forces me to buy a $56 part to fix the dishwasher because a 5¢ switch embedded in an un-openable assembly burned out.

When we first moved into this house twenty five years ago, there were plumbing problems I had to fix. The kitchen faucet was leaking. In those days, there was B&B Hardware, an old style hardware store. I brought the weird brass fitting from the faucet to B&B, took a number at the plumbing desk, and eventually talked with the guy there. He cast a sardonic eye on the fitting, and said “You’ve got a 1950s Moen. In the 60s they changed this to have an additional flange right here for an o-ring, and in the 70s they stopped making this style altogether. The good news is I have a compatible part.” He went up on his ladder and sorted through some boxes and found me a part. It was expensive — nearly 15 dollars. But it worked.

Well, the kitchen sink’s been redone in the interim, and the faucet replaced with a very low-end wall-mount double-handle bridge faucet which lasted about seven years before being replaced by the new (yet not parts-compatible) version. And the new one’s leaking. So I took it apart, grimaced at the cheapness of the thin metals and plastic fittings. I headed to Home Depot, since B&B is long gone. At the big box, I got a shrug from the worker. No, there aren’t parts for those. They don’t sell that model, but new kitchen faucets are on aisle 6, and washers and stuff are on aisle 11, bay 9.

When I finally found washers and o-rings on aisle 12 bay 15, they didn’t have a replacement for the cracked plastic compression retaining ring. So I bought new o-rings in the hope that screwing down the conical ring cap tightly would continue to work. I went through the self-checkout, where the scanner pulled up the wrong price for the item and the employee that came over sneered at my mask and low-key accused me of shoplifting when he saw the old, broken part I’d brought along.

Eventually, it worked out. The sink is not leaking, I have 8 more of the o-rings (potentially saving me from buying another $2.92+tax set next time, if the smog doesn’t degrade them in storage), and I can go on to do other chores.

So Google requires an Android app be updated to a later API version if it’s to be distributed. No version 33 for the Play Store! That means a few gigabytes of downloads for the updated Android Studio and Android v35 SDKs.

Unfortunately, this Android app is built in Ionic/Angular/Capacitor. So we have to update from Ionic 7 to Ionic 8, Angular 16 to Angular 18, and Capacitor 5 to Capacitor 6. But that means we can’t use Nodejs 16 anymore. Which means that the Docker container we use for building needs to upgraded from Ubuntu 18.04 to at least 20.04.

We haven’t even gotten to the obsoleted Capacitor plugins yet. @capacitor-community/barcode-scanner has been deprecated in favor of @capacitor-mlkit/barcode-scanning, and I’m sure there are others. I’m just hoping the APIs are at least reasonably similar.

Once again, my plaint is: why didn’t I become a plumber?

Back in the 80s, I worked in Aerospace and had an old engineer tell me “nobody’s really figured out how to write software.” I scoffed. Totally ridiculous, I thought. He was researching a transition to Ada. I was writing tons of C code.

Now, much older, and perhaps somewhat wiser, I see his perspective. We’ve developed a lot of ways to try to deal with software. There are different approaches, with principles of abstraction, structure, and documentation. I tend to believe that most software methodologies are too discrete. Once you’ve maintained an active codebase for a business over a few decades, you discover that software design principles are great for coding but bad for business. It’s very difficult for a coder to understand which aspects of a business are virtually immutable (“the canonical catalog is Bob’s PDF notes from his meetings with manufacturing”) versus things that change (“yeah, we computed sales bonuses this way for the past twenty years, but now we’re changing that on a quarterly basis”). Often, the people running businesses don’t consciously know these unwritten laws themselves, and only reveal them when a change is suggested. Heaven help you if the change was implemented somewhere first.

Methodologies for business and software come and go, whether they’re TQM or Agile or just “move fast and break things.” I definitely see the advantages of the tendency away from front-loaded planning and towards flexibility and accepting change, but it doesn’t do a good job of managing the complexity of history. How do you maintain and document all of the Chesterton’s Fences in a continuously evolving codebase? When new components are bolted on to older systems, you accumulate a lot of weird adapters to make things fit. Sometimes, intermediary components go away, and you’re left with layers of adapters between things. Eventually, the solution might be the same as it would be for an analogous plumbing problem: rip it out, and start over — but, to overextend a metaphor, when the system is a million lines of code instead of a few thousand meters of piping, the solution may end up replacing the entire building so you can install a faucet.