Categories
privacy Security Technology

Does Apple care about your privacy?

I’ve been an Apple user since 2005 or so. Well, unless you consider my Apple IIc, in which case I guess I was a customer since 1987. I managed to negotiate with my parents to bundle two birthdays (my 12th and my Bar Mitzvah, that’s a big one) to get one of those. It was a turning point in my life… But I digress.

By Bilby – Own work, CC BY 3.0, Link

I really admire Apple’s push for security without compromising convenience, with Touch ID and Face ID making things safer. Apple’s touting their efforts to reduce web tracking, and Tim Cook publicly stated that “We at Apple believe that privacy is a fundamental human right”.

But when it comes to their own backyard, does Apple even meet the requirements of the GDPR? (The European privacy directive). I don’t think so.

Categories
coffee marketing Technology

The cup-of-coffee pricing fallacy

If you’re lurking on HackerNews, or are interesting in entrepreneurship, you might occasionally bump into something like this

Starbucks coffee is $2.45 + taxes. $100/mo is less than a cup of coffee a day.

And it’s very tempting — and somehow logical — to consider how much money we might spend without thinking too much about, and conclude that we should be willing to do the same with online services.

This coffee costs just like a cup of a coffee

And for some services, we might actually think in similar terms. Hey, my Netflix is only 4 cups of coffee per month. Amazon Prime maybe 2…

But why aren’t we spending it just as easily on other online services, software licenses and apps?

Categories
Technology UX

Remember me

No, it’s not about the song …

Remember me (From Coco, Disney/Pixar)

It’s about those tickboxes we’re all so familiar with, and yet, are we?

Remember me. Keep me Signed-in. Keep me logged in.

Some people always tick them. Some people never tick them.

Most people haven’t got a clue what they do.

Categories
docker hosting Security Technology

envwarden and kubernetes secrets

envwarden is a simple open-source script that lets you manage your server secrets with Bitwarden.

Read more about envwarden here

Here’s a simple way to update your Kubernetes secrets directly from envwraden, so they are always in-sync.

Categories
docker hosting Technology

hosting-compose (or) the sad buyout of Webfaction

docker-compose is one of those essential tools that make working with docker so much better. I do use docker directly occasionally, but anything non-trivial, I’d reach out docker-compose immediately. It allows you to “glue” things together and describe the stack in such a neat way.

I currently handle my dev environments with docker-compose, and even some live and staging deployments (like thumbor). I also manage remote database backups with it (using restic, postgresql, stunnel, redis and rdb-tools). In the latter example, it saves me from installing different versions of the database clients and connectors. I am able to instantly upgrade them, and then connect to the remote databases and back them up or restore. It makes the backup system itself immutable and disposable.

Recently however, I started using docker-compose for something that I haven’t considered before: a replacement for shared hosting.

a snippet of my hosting-compose docker-compose.yml

Why?

Categories
marketing optimization Technology

SEO optimization for suckers

There’s a famous Jewish, Yiddish phrase:

Man plans and God laughs.

I think the same applies to SEO and Google nowadays.

Man SEOs and Google laughs.

I was always a bit suspicious of SEO, and let’s face it, the sea of snake-oil SEO salesmen doesn’t help to establish credibility here, does it?

But I think that I’m becoming even more cynical of it every day.

The problem with getting good advice for SEO is that there’s no money in telling you “Don’t do anything”, “It’s a waste of time”, or “Focus on valuable content for your audience”. But there’s tons of money in doing a site audit, in telling you about best strategies to extract link juice, or why alt tags for images are important.

But it works

Categories
rails Security Technology

simple and secure cron using AWS Lambda

Many apps require some tasks to execute on schedule: cleaning up inactive user accounts, generating daily, weekly or monthly reports, sending out reminders via email, etc.

cron is a simple and trusted scheduler for unix, and used on pretty much any unix-based system I come across.

So cron seems like a natural candidate for triggering those job executions. But it’s not always the best solution.

In our case, we’ve used the whenever gem for rails successfully for a long while. The gem acts as a cron DSL and lets you inject and manage cron entries from your rails app.

The problem starts however when you start growing, and your app spans more than one server. Or even if you only use one server, but want to be able to fail-over, or switch from one server to another.

Why? suddenly you have more than one cron launcher, and jobs that should execute once end up executing once on each server. This can cause some weird and unexpected lockouts, duplication and other issues.

So what’s the alternative?

Categories
food marketing Technology

marketing lessons from the street market

When you walk inside the Ben Tanh market in Ho Chi Minh City, Vietnam, you’ll eventually end up inside the food area. There are probably hundreds of stalls selling local food. Lots of delicious Banh Mi sandwiches, noodle soups, fruit juices and summer rolls.

One thing that you can’t ignore however, is that as soon as you walk around, you’ll get approached by one of the stall owners. They’ll simply hand you the menu to choose from.

Categories
Technology work

Innovation, Promises, Lies and Toupées

I recently finished reading “Bad Blood – Secrets and Lies in a Silicon Valley Startup”, by John Carreyrou. It’s a remarkable piece of investigative journalism and an amazingly grabbing read. I just couldn’t let it off my hands.

I think it particularly stood out, because the amazingly stark contrast with another book I just recently wrote about: “It doesn’t have to be crazy at work”, by the co-founders of Basecamp.

Categories
Technology

SmugMug video data loss

I’ve written only recently about SmugMug, and expressed my frustration as a developer who built an open-source tool for their platform. This has led me to try to get my data out of SmugMug as I was considering moving away from it as well… Only to discover that some of my video data is lost and/or not being made available. This applies only for videos. Both the quality is potentially degraded, and the metadata that is available on SmugMug cannot be downloaded or exported out of their platform.

If you upload a video to SmugMug, they don’t actually store the original video for you. Here’s a quote from their official page:

Originals

We don’t keep a copy of the original video you upload. We make high-quality display copies, which are probably altered from what you send us.

I’m not sure what this high-quality display copy means in actual terms, but I won’t be surprised if some quality is lost in the process. For a company that prides itself caring for photographers, where quality and reliability is key, I find it rather vague and disconcerting.

Furthermore, what isn’t mentioned on this page is that if you want to download your videos again, those videos would be stripped-out of the original metadata as well. This metadata includes information about the Camera you used, the date/time of the video, location information etc. All of this data is still stored on SmugMug, but you can’t get it back when you download it. It’s locked-in. For me, personally, this is even worse than losing video quality. My video memories are very tightly linked to the time and location of those original scenes. Without this info, the videos are next to useless. I just can’t find them (without going manually through hundreds or thousands of dateless and location-less videos, that is)