Officially In Shape

After yesterday's outing, I think I need to declare myself officially in shape.  I rode my bicycle up to the Little Farm in Tilden Park, then ran out the fire road into Wildcat, with a small figure eight through the Tilden Nature Area.

• Total distance: 14.2 miles
• Clock time: 2:20
• Moving time: 1:56 (I was distracted by some mayday dancers)
• Bike ride up to the Little Farm: 2.45 miles in 18 minutes
• Run: 7.5 miles in 72 minutes
• Bike ride back home: 4.25 miles in 26 minutes (I took a different route, going by the merry go round)
• Total elevation gain: 1762 feet

Wildlife seen:

• Wild turkey
• Maypole dancers
• Bunny rabbit
• Bird Photographer
• Squirrel

Whee!

 (track comes from a Garmin Oregon 450.  Image comes from Google Earth.  Labels come from Jing. Obsessive behavior comes from Ben)

Undiscovered Features - Nikon D300 setting b4

I spent some time wandering through the menu on my Nikon D300 the other morning, and came across a feature I had missed or forgotten about when first exploring the camera.  This camera and the control UI continue to impress me.

The camera, like so many others, has 4 main modes:

• P - Programmed auto (fully automatic)
• S - shutter priority
• A - Aperature priority
• M - Manual

On the Nikon D50 (and many others) there is only a thumb dial on the back of the camera.  Depending on whether you're in S or A mode, it controls the shutter speed or the aperture.  The D300, on the other hand, has both a thumb dial on the back of the camera and a finger dial on the front.

When in Manual (M) mode, the thumb dial controls the shutter speed and the finger dial controls the aperture.  This makes sense; both controls are exposed.  The little bit of genius that seems so obvious is that the assignment of shutter speed and aperture to each dial is consistent - when in A mode, the finger dial still controls the aperture (and the thumb dial does nothing) while in S mode the thumb dial controls the shutter speed (and the finger dial does nothing).  This allows you to form a tight mental mapping of thumb=shutter, finger=aperture, and if you happen to be in the wrong mode, the wrong dial just won't work, providing additional feedback about the state of the camera.  Genius.

I nearly always stay in A mode, which means that I control the aperture and the camera will automatically adjust the shutter speed in order to maintain a correct exposure.  When that exposure isn't correct I can under or over expose the picture by holding down the exposure compensation button (right next to the 'ON' text in the picture of the front) and spinning the thumb dial.   This takes coordination, often requires looking at the body (instead of continuing to look through the viewfinder), and if I forget I've changed it, will adversely affect future shots.  But it works.  (The other method of adjusting the exposure is to use the AE-lock button on a darker part of the frame, then adjust the composition, but I find that's less predictable.)

Enter the Custom Settings Menu item b4: "Easy Exposure Compensation".

This control has three settings:

• On (Auto Reset)
• On
• Off (default)

When you turn b4 to On or On (Auto Reset), it enables the other control in S and A modes.  When in S mode, the thumb dial still controls the shutter speed, and if you change it the camera will automatically change the aperture in order to maintain correct exposure.  However, if you adjust the aperture manually (still with the finger dial), it will have the same effect as the exposure compensation button - adjusting the aperture to under or over expose the picture.

Even though you are in S or A mode, you are always able to control both the shutter speed and the aperture!  If you adjust the 'right' one (shutter speed in S, aperture in A) it will keep the exposure level correct.  If you adjust the other one (aperture in S, shutter in A), it will adjust the exposure under or over.

Setting b4 to On has exactly the same effect as using the exposure compensation button.  Using the On (Auto Reset) has one additional benefit - when you turn off the camera the exposure adjustment resets to normal.  I have my camera set to On (Auto Reset).

I am in love with how this makes the process of getting your exposure just right that much easier.

1. Frame the picture, choose the right aperture for the desired depth of field
2. Take the picture, see that part of the subject is slightly over exposed
3. Increase the shutter speed two notches and take the same picture (yay!  perfect!)
4. Turn off the camera and everything resets so your next picture isn't under exposed.

Brilliant!

I love the apple store.

I know the apple store is efficient and they've spent a lot of time streamlining the experience. Know what? They succeeded.

I went in there today, knowing what I wanted. I had an old laptop battery to recycle and I wanted the family pack upgrade to Snow Leopard. I started a timer when I walked through the doors of the store. Nobody was available so I wandered a bit inwards. Pretty soon, someone came up and asked if he could help me.

When all was said and done and I was walking out of the store, I stopped the timer.

00:02:45

that's hot shit.

The Poor State of Online Banking Passwords

It's been time for me to change my passwords for a while. I believe in good password security, but I also know that I need to have a sane number of passwords if I will have any hope of remembering them. To that end, I have a couple of different 'category' passwords. I have:

• secure financial password - used for banking sites and the like
  
• secure non-financial password - used for sites with secure login that are important, but not financial. flickr, for example.
  
• insecure password - used for mailing lists, http-only logins, throw-away sites
  
• personal password - laptop unlock
  
• work password - all things employer-related
  
• PGP key passphrase
  
• ssh key passphrase
  

That list is already longer than a coherent memory can handle, especially since all my passwords are more random than not (such as Hm.t8U%$[1]). So I keep them in a PGP-encrypted file just in case.

Anyway, the time came to change them, and I started with the laptop, work, then secure financial password. pwgen is a godsend, btw. The laptop and work email changes went fine, and I started in on the financial passwords. I was using pwgen -y 9 to create candidates (mixed case, numbers, and symbols, 9 characters long) and then fiddling with them a bit, adding or removing characters, changing one here or there. I came up with a good candidate and started changing passwords.

Then I came to Discover's website. "Sorry, that password is invalid." it says. What company in their right mind uses some password hash so broken that it can't handle punctuation in the password?! I mean, seriously! Are you having people hand-transcribe them or something? Maybe I shouldn't use confusing characters like 1 vs. l either, huh? Idiots. Anyway, I change it around, strip out the punctuation, and add a character to make up for it. Alright, carry on.

A few more go by and then comes American Express. Here are their requirements (straight from their website):

• Contain 6 to 8 characters - at least one letter and one number (not case sensitive)
  
• Contain no spaces or special characters (e.g., &, >, *, $, @)
  
• Be different from your User ID and your last Password
  

WTF is up with 6-8 characters?! Really? What, are you using some archaic version of crypt that still only supports passwords of 8 characters? ... wait a minute. IT'S NOT FUCKING CASE SENSITIVE?!?! Amex, I know you're all old-school with your 'only rich people use amex' and the whole no-limit amex black cards thing but it's not cool to be old-school with website security.

Last in the set of FAILed banking sites comes Smith Barney. They also prohibit symbols, and add one more requirement. Your password must start with a letter. Why, oh God of Security, Why?!?!

Ok, fine. Now my list of passwords has increased yet again

• standard financial password
  
• financial password with no special characters that starts with a letter
  
• short alphanumeric password for broken sites from the last century
  

::sigh::

Why is it that the web sites for which security should be the highest priority are the slowest to adopt (what seem to me to be) standard password / passphrase heuristics? A good password should be at least 6 characters long (recommend at least 8 and preferably 10+) and choose 3 of the following:

• have lower case letters
  
• have upper case letters
  
• have numbers
  
• have symbols / punctuation
  

Note - I said 'choose 3 of the following'. If you always require all of them, that *also* reduces the space of the password set! (of course, any restrictions reduce the password set, but choosing three at least encourages good password choice.)

p.s. Can I tell you how hard it is to find the 'change password' link on some of these websites?! OMGWTFBBQ! I should just give up. But I won't. I'm kinda stupid like that sometimes.

[1] Note - not an actual password of mine. pwgen ftw.

AT&T and "Multimedia" messages

[UPDATE 2009-03-23] Apple announced on their iPhone 3.0 preview page (http://www.apple.com/iphone/preview-iphone-os/) that the iPhone 3Gs will be able to send MMS. Thanks!

I am absolutely dumbfounded at how incredibly poorly the iPhone handles picture messages.

You'd think it was common knowledge that in 2009, people with picture phones like to send picture messages. There have been ads forever telling us to snap a picture and SMS (or rather, MMS) it to our friends. Why, then, is it not only impossible to send a picture message from an iPhone, but so incredibly difficult to receive one?!

OK, I don't know why it can't, but I can accept that my iPhone can't send picture messages. It's stupid, but whatever.

I don't know how many of you have received an MMS from someone on an iPhone, but here's how it goes:

• get a text message ("I sent you a message you can view within the next 7 days") with a URL, a login and a password


• tap the URL to load it in Safari


• forget the username (it's something like dc394he0m)


• go back to the home screen, load the text app, read the username again (because remember, you can't copy or paste on an iPhone either)


• tap the URL again, curse because the first half of the username you remembered is now gone


• fill in half the username


• go back to the text app, look at the username again


• don't tap the URL but instead go back to the home screen and then into Safari


• fill in the rest of the username


• repeat for the password (actually easier to remember like far4back)


• finally get the picture someone sent you.

Come on, iPhone, AT&T. You can do better than that.

Netflix, Tivo, Troubles and Triumph

When Tivo and Netflix announced their alliance, I rejoiced. It is fantastic to browse through a list of movies, choose one, and have it magically show up on your TV. Well done.

Except...

We tried to watch Empire Records, and the sound and video were several seconds apart. Bummer. I tried it on my laptop, and it was just fine, but we wanted to watch it on the TV.

So I called netflix! They have an 800 number on their contact page with 24hour support, and the website lists how long the hold queue is! That's pretty cool. The wait was only a minute, so I called. It was actually less, and the woman who answered the phone asked me the right questions, put me on hold for a moment, and then told me that it was a known problem and the video would be re-encoded. The Tivo gets its videos streamed from a different set of servers from when you watch the movie on your laptop, so it's not uncommon for one to be broken and the other work.

So while it kinda sucks that the video we wanted to watch was not working just right, I'm quite impressed by the availability and quality of 24hour phone support.

So Boo. Yay! Boo. Yay!

Off to watch something else...

Flying the Bay Area

Golden Gate and Marin Headlands, originally uploaded by maplebed.

The weekend before returning to the frozen wasteland that we call Boston (and having to shovel feet of snow), my coworker CG took me for a nice flight around the bay area in his little 4-seater Grumman. Man, what a trip. This picture says more than I ever could.