Thought leadership, not immediate sales spikes.
Rolandt
Shared posts
Android March Security Update :: DTEK50 goes first

I have been checking in all three BlackBerrys since yesterday. And to my surprise, DTEK50 was the first to get the update. That is indeed a first. I will complete this list as the updates arrive on my devices:
- DTEK50: Build AAJ842, installed March 6th
- DTEK60: Build AAJ934, installed March 10th
- PRIV
Introducing Similarity Search
With billions of photos on Flickr, finding the ones you want by searching based on tags and descriptions only gets you so far. Today, we’re introducing similarity search, which uses advanced technology to allow you to discover visually similar photos without much work on your end. After your initial search, whether you’re looking for your favorite succulent or the perfect image of a ‘67 Mustang (not the horse), just click the “…” in the upper right of the photo you’re excited about. We’ll surface similar images for you.

Say you want to find pictures of tabby cats. You can search for the keyword “cat” and filter by color, but you’ll likely have to scroll through pages and pages of images before manually picking out the photos that match what you’re looking for. Now, simply hover over an image of a cat and click the “…” menu. From there, we’ll show you photos that look similar. No more guessing the search terms that would give you the most relevant results!
Do an image search and give this new similarity tool a try! Please let us know what you think on our Community Forum – we’d love to hear your feedback.
Lots new in Firefox, including “game-changing” support for WebAssembly
Today’s release of Firefox introduces great new features, making the browser more powerful, convenient, and secure across all your devices.
WebAssembly enables near-native performance for games and apps
Firefox has a rich history of giving the web new and amazing capabilities. Along these lines, I’m proud to announce that Firefox is the first browser to support WebAssembly, an emerging standard inspired by a Mozilla research project. WebAssembly allows complex apps, like games, to run faster than ever before in a web browser. We expect that WebAssembly will enable applications that have historically been too complex to run fast in browsers – like immersive 3D video games, computer-aided design, video and image editing, and scientific visualization. We also expect that developers will use WebAssembly to speed up many existing web apps.
To learn more about WebAssembly, see David Bryant’s post, and watch this video.
Easier connections to Wi-Fi hotspots with captive portal detection
If you’ve ever had trouble connecting to hotel wi-fi, it’s likely because you had to sign in to a “captive portal”. These captive portals are often problematic because the login page itself is hard to discover if the operating system doesn’t detect it. Very often, you try to navigate to a website and end up with an error.
With today’s release, Firefox now automatically detects captive portals and notifies you about the need to log in. Additionally, after Firefox detects a captive portal, it replaces certificate error pages with a message encouraging you to log in.
Firefox warns you about insecure logins
To help keep you safer on the internet, we’re building upon Firefox’s new warning in the address bar. Firefox now shows an in-context alert if you click into a username or password field on a page that isn’t encrypted with HTTPS.
There’s quite a bit more in this release. Web designers and developers may be particularly interested in CSS Grid, and today we’re shipping the only Grid Inspector developer tool on any major browser. You can learn more about CSS Grid and developer tools you’ll only get from Firefox on the Hacks blog.
Also with this release, Firefox has improved security and performance by disabling all plugins that use the Netscape Plugin API (NPAPI) besides Flash. Later this year we’ll further improve Firefox so that Flash content is only activated with user consent.
We hope you enjoy the new release, and would love your feedback.
- Download Firefox for Windows, Mac, Linux
- Release Notes for Firefox for Windows, Mac, Linux
- Download Firefox for Android
- Release Notes for Firefox for Android
The post Lots new in Firefox, including “game-changing” support for WebAssembly appeared first on The Mozilla Blog.
International Women’s Day Talk
Knitting and activism go hand-in-hand. On International Women’s Day, I will be speaking on the topic of feminism, art and activism. Be Bold for Change March 8, 2017, 5 pm UBC Bookstore, The University of British Columbia Book signing to follow Prior to my talk, the bookstore will host knitting lessons. I encourage knitters (or knitters in the making) to craft while I talk. Find out more about the event here: https://www.facebook.com/events/139446109907260 If you are in the area drop by, knit some stitches, and say hello!
The post International Women’s Day Talk appeared first on .
The Uber Conflation
The latest Uber scandal — yes, it’s getting hard to keep track — is Greyballing. From the New York Times:
Uber has for years engaged in a worldwide program to deceive the authorities in markets where its low-cost ride-hailing service was resisted by law enforcement or, in some instances, had been banned. The program, involving a tool called Greyball, uses data collected from the Uber app and other techniques to identify and circumvent officials who were trying to clamp down on the ride-hailing service. Uber used these methods to evade the authorities in cities like Boston, Paris and Las Vegas, and in countries like Australia, China and South Korea…
At a time when Uber is already under scrutiny for its boundary-pushing workplace culture, its use of the Greyball tool underscores the lengths to which the company will go to dominate its market.
Note the easy conflation: avoiding regulators, allegedly tolerating sexual harassment, it’s all the same thing. Well, I disagree.
Uber’s Three Questions
The first thing to understand about not just the current Uber controversy (controversies), but all Uber controversies is that while they are not usually articulated as such, in fact multiple questions are being debated.
- Question 1: Is Uber a viable business that can one day go public, make a profit, and return the unprecedented amount of capital it has raised?
- Question 2: Is Uber’s approach to regulation wrong?
- Question 3: Is Uber wrong with regards to the specific issue at the center of this controversy?
I and many others have spent plenty of time on the first question; it’s not the focus of today’s article. Rather, it’s the distinction between questions 2 and 3 — that easy conflation made by the New York Times — that I find illuminating.
Uber and Regulation
There is no disputing that Uber has operated in the gray zone, perhaps adhering to the letter of the law but certainly not the spirit. For example, in The Upstarts, a new book about the founding stories of Uber and Airbnb, Brad Stone explains Uber’s initial service in San Francisco:
In the summer of 2010, [San Francisco Metropolitan Taxi Agency director Christiane] Hayashi’s phone started ringing off the hook, and it wouldn’t stop for four years. Taxi drivers were incensed; a new app called UberCab allowed rival limo drivers to act like taxis. By law only taxis could pick up passengers who hailed them on the street, and cabs were required to use the fare-calculating meter that was tested and certified by the government. Limos and town cars, however, had to be “prearranged” by passengers, typically by a phone call to a driver or a central dispatch. Uber didn’t just blur this distinction, it wiped it out entirely with electronic hails and by using the iPhone as a fare meter. Every time Hayashi picked up the phone, another driver or fleet owner was screaming, This is illegal! Why are you allowing it? What are you doing about this?
Ultimately, Hayashi could do nothing: Uber drivers did not pick up passengers who hailed them on the street, but were dispatched via the Uber app. UberCab — despite the name, which was soon changed — was not a taxi service, even if the service offered was taxi-like.
That right there is enough for many observers to cry foul: getting off on a technicality does not mean a business is okay. Those cries have only grown louder as Uber has entered more and more cities with services like UberX that are even more murky from a regulatory perspective; now the questions are not just about hailing and dispatch, but licensing, insurance, and background checks, along with the ever present questions about the employee/contractor status of Uber’s drivers. Every technicality that Uber takes advantage of,1 or every new law it gets passed by leveraging lobbyists and by bringing its users to bear on local politicians, is taken by many to be more evidence of a company that considers itself above the law.
The reason this question matters is because if one takes this viewpoint, then the latest allegations against Uber are not independent events, but rather manifestations of a problem that is endemic to the company. And, in that light, I can understand the calls for Kalanick’s removal at a minimum: I will do said position the respect of not arguing against it.
On the flipside, I, for one, view Uber’s regulatory maneuvering in a much more positive light. After all, thinking about the “spirit of the law” can lead to a very different conclusion: the purpose of taxi regulation, at least in theory, was not to entrench local monopolies but rather to ensure safety. If those goals can be met through technology — GPS tracking, reputation scoring, and the greater availability of transportation options, particularly late at night — then it is the taxi companies and captured regulators violating said spirit.2 Moreover, the fact remains that both Uber riders and drivers continue to vote with their feet: Uber has gone far beyond displacing taxis to generating entirely new demand, and when necessary, leveraging said riders and drivers to shift regulation in its favor. I think it is naive to think that said changes — changes that benefit not just Uber but drivers, riders, and local businesses — would have come about simply by asking nicely.
The Uber Conflation
But I digress; I know many of you disagree with me on these points, and that’s okay — having this debate is important. The reason to point this question out, though, was perhaps best exemplified by the #DeleteUber campaign that kicked off Uber’s terrible month. As you may recall the campaign sprang up on social media after Uber was accused of strikebreaking for having disabled surge pricing while taxi drivers protested against President Trump’s executive order banning immigration from seven countries. As I pointed out in a Daily Update:
Uber was definitely in a tough position here: the company likely would have been criticized for price-gouging had surge-pricing sky-rocketed, while restricting drivers from visiting JFK would have entailed Uber acting as a direct employer for drivers, as opposed to a neutral platform (this point is in contention in courts all over the U.S.). And, I think it’s safe to say, a lot of the folks pushing the #DeleteUber campaign were probably not very inclined to like Uber in the first place.
That last sentence captures what I’m driving at, and why separating these questions is so clarifying (and, by the way, surge pricing is another reason why a not insignificant number of people feel that Uber is evil).
Kalanick’s Real Mistake
#DeleteUber was more significant than it might seem: it was the first time that an Uber controversy actually affected demand in an externally visible way; given that controlling demand is the key to Uber’s competitive advantage, that is a very big deal indeed.
However, the real bombshell was an explosive blog post from a (former) female engineer named Susan Fowler Rigetti alleging sexual harassment that was not only tolerated by Uber HR but actually used against the accuser. Said allegations, if true (and I have no reason to believe they are not), are ipso facto unacceptable and heads should roll — up to and including Kalanick if he was aware of the case in question. And Rigetti deserves praise: sadly, the novelty of her allegations may very well be her willingness to go public; based on conversations with multiple friends it’s often perceived as being easier to put up with sexual harassment than run the risk of being blacklisted.
The thornier issue is if Kalanick did not know; surely he has ultimate responsibility for creating a culture that allegedly tolerated such behavior? Indeed, he does. That’s why I drew a line from Kalanick’s refusal to fire an executive that allegedly threatened a journalist to the behavior alleged in that blog post: culture is the accumulation of decisions, reinforced by success, and Uber has collectively made a lot of decisions that push the line and been amply rewarded.
That, though, is why I drew the distinctions in this post: Kalanick’s mistake was in not clearly defining, communicating, and enforcing accountability on actions that pushed the line but had nothing to do with the company’s regulatory fight. In fact, it was even more critical for Uber than for just about any other company to have its own house in order; the very nature of the company’s business created the conditions for living above the law to become culturally acceptable — praised even.
To that end, those who already disapprove of Uber’s regulatory approach, that see the latest events as being part and parcel of what makes Uber Uber, well, that may be an unfair conflation, but Kalanick has only himself to blame: pushing the line on regulations didn’t necessarily need to equate to pushing the line internally, but to Kalanick it was all one-and-the-same. The conflation started at the top.
Taking Responsibility
Even if you agree with me about Uber and regulation, it’s completely reasonable to still argue that the company needs a change in leadership for the exact reasons I just laid out; I thought long and hard about making that exact argument. Moreover, if Uber’s scandals start impacting demand for the service, or end up impacting the company’s ability to retain and hire employees, there may not be a choice in the matter.
Still, it’s worth keeping in mind that many of Uber’s scandals implicate not just Uber but tech as a whole. The industry’s problem when it comes to hiring and retaining women is very well documented, and sexual harassment is hardly limited to Uber. Moreover, one of Uber’s other “scandals” — the fact that Kalanick asked Amit Singhal to step down as Senior Vice President of Engineering after not disclosing a sexual harassment claim at Google — reflected far worse on Google than Uber: if Singhal committed a fireable offense the search giant should have fired the man who rewrote their search engine; instead someone in the know dribbled out allegations that happened to damage a company they view as a threat. And while Google’s allegations about Uber-acquisition Otto having stolen intellectual property are very serious, it’s worth remembering that the entire industry is basically built on theft — including Google’s keyword advertising.3
Indeed, more than anything, what gives me pause in this entire Uber affair is the general sordidness of all of Silicon Valley when it comes to market opportunities the size of Uber’s. The sad truth is that for too many this is the first case of sexual harassment they’ve cared about, not because of the victim, but because of the potential for taking Uber down.
The fact of the matter is that we as an industry are responsible for Uber too. We’ve created a world that simultaneously celebrates rule-breaking and undervalues women (and minorities), full of investors and companies that are utterly ruthless when money is on the line, while cloaking said ambition in fluff about changing the world.
That’s the sad irony of the situation: changing the world is exactly what Uber is doing; for all his mistakes Kalanick has been one of the most effective CEOs tech has ever seen. Maybe Kalanick has finally seen the light and can change — I think he deserves the chance, even as I understand the skepticism — and if he cannot then by all means show him the door; in the meantime we can all certainly look in the mirror.
- Or Lyft: remember, it was Lyft that pioneered “ride-sharing”; Uber laid back because the company thought it was illegal!
- Uber absolutely needs to accelerate the roll-out of its accessibility services
- To be clear, downloading blueprints is on a different scale; again, if Uber is implicated Kalanick should be held accountable
How to Get Valuable Product Insight from Customer-Facing Teams
Internal feedback can come from lots of different places within your organization, and it’s essential for a product manager to capture and address it all, regardless of where it’s coming from. Let’s take a look at which groups are the most influential and how to handle their input.
We recently published a report on The Influence of Feedback on the Product Development Process, based on findings from a survey of 200 people in product roles of varying seniority at a range of organizations. One of our key findings from the survey is that product teams across the board say feedback from customer-facing teams like sales and support is highly influential when it comes time to prioritize their product roadmaps.

Internal teams ranked by level of influence over the product roadmap
We can make a few observations from the results in the chart to the right.
First of all, there’s no surprise that customer-focused functions dominated the top spots for this question, as any customer-centric organization is going to put the customer at the front of the line when it comes to new features and functionality. Customer Experience will be primarily bringing proactive elements to the user base (i.e. how can we make things better and easier) Customer Support brings a reactive focus to the process (this is what customers are complaining about, etc.).
Sales coming in at No. 2 shows that generating revenue and growing the customer base is obviously essential for the company, and the wish lists of prospects are being brought to the attention of product management by the folks in the field trying to close deals. Balancing the demands of the customers-to-be with the current customer base represented by Customer Experience and Customer Support can be one of the toughest challenges a product manager faces.
Slightly more than half of the organizations we surveyed say Engineering input is highly influential over the product roadmap, with those suggestions encompassing everything from addressing technical debt and upgrading the architecture to the feasibility and sanity checking of features and enhancements generated elsewhere.
Perhaps the most surprising finding is that Executive input on the product roadmap ranked dead last, with fewer than half of the respondents viewing the leadership team as a source for the contents and prioritization of the roadmap.
Collecting Feedback Can Be a Full-Time Job If You Let It
Given the variety of sources providing product feedback, it’s no surprise that collecting and managing all of these inputs can take up more than a quarter of a product manager’s day at 12-plus hours per week! Which is why it’s so important for product managers to have the right tools, processes and procedures in place to facilitate and streamline feedback collection to ensure they still have time to do the rest of their jobs.
Let’s look at each group of internal stakeholders and examine the best way to get their feedback:
Customer Experience
Some say customer experience and product management should be two of the most aligned parts of the organization, as both functions are focused on improving the customer experience. Product management concentrates on “what” users can do with the product while customer experience is locked in on “how” those users will do it.
Since these activities don’t happen in a vacuum and are so interdependent that product management and Customer Experience must always be in sync. That means there should be a lot of sharing and collaboration, with the roadmap being no exception. While you might guard the rough drafts of your roadmap until it’s ready for prime time, Customer Experience should be the exception. While product management has the final say in what’s in, what’s out and the priorities, Customer Experience’s input and agreement should be a prerequisite before you start shopping it around to other departments.
How does this work in practice? Every user research project should end with Customer Experience presenting you with their results and you jointly deciding what should change based on those findings. Since product management is involved in that judgment call, they can plug any new enhancements or tasks right into the backlog and slot it for future releases.
Additionally, product management shouldn’t be putting anything on the roadmap without asking Customer Experience to assess the potential impact on the user experience and perform user research when necessary to flesh out the implementation. In short, each party’s work informs the other’s.
“Crafting a truly delightful user experience requires a cross-team commitment from the organization to keep users’ needs and feedback in mind during every step of the product lifecycle,” says Phil Dahnke of UserZoom. “A successful Product Manager will champion the user and strive for a shared vision amongst the UX, UI and design teams based on their customer and user research.”
Sales & Marketing
At the end of the day, you and your sales team both want the same thing—more customers—but sometimes the relationship between product management and sales can be confrontational; each side thinks they know better about what the product should be or do to increase usage, adoption and purchase. There may be no solution to that argument, but regardless of how well you get along there is no excuse for neglecting the nuggets of insight your sales team has to offer.
Even though it’s in their best interest, providing input to the product team isn’t always seen as a priority for a commission-driven salesperson, so product managers need to make the extra effort to squeeze what they can out of their sales teams.
- Leveraging CRM as a data source. If the sales organization mandates usage of a CRM system, then there’s no excuse not to make it work as well for you as it does for creating forecasts. Work with your sales operations teams to ensure there are fields for capturing product feedback for customer meetings, potentially even making it a mandatory field to guarantee salespeople remember to input something. You can then create reports that extract that data for your convenience.
- Sit in on sales reviews and get copied on trip reports. Hearing sales team members recount their experiences is a great way to learn what prospects care about. These debriefs especially useful when sales doesn’t get the deal and you can see if a product capability or shortcoming could have made the sale possible.
- Tag along when you can. Getting into the field for sales calls lets you see first-hand how your target market is responding to the current offering and hear what else they’re asking for. Plus those hours in the airport and post-meeting meals offer a unique opportunity to spend quality time with sales staff and hear what they really think.
Customer Support
Your support team is on the front lines with your customers and are dealing with lots of cases each and every day. It’s not their job to make the product better, but it is their job to make customers happy.
As they’re dealing with confused, frustrated or angry customers, they’re not thinking about feature enhancements, they’re trying to turn a question or complaint into a positive outcome. That’s why you need to make their workflow work for you.
There are a myriad of software solutions the team may rely on, and your support team likely lives inside those tools. So make it easy to harvest product feedback from this team by making those tools work for you as well.
- Putting hooks into the product management pipeline right into the software. Support staff should be able to flag or tag a case as a possible enhancement, which would ideally show up in your inbox, your view of the system or in a report generated by the support team on a regular basis. You can then make the call one-by-one to see if it should end up in your enhancement queue.
- Having support run reports on their caseload to identify the most common sources for customer issues. If you see that a large percentage of complaints are coming in around a specific topic, it’s a good indicator that it’s something you should address in the roadmap. It also give you some great quantitative backup when justifying the worthwhileness of a given enhancement if it’s generating X complaints per week or could save your support staff a certain number of hours.
- Actually talking to them. Have a group lunch where they can have a free-form conversation about what they’re seeing them, what bugs them and what might make customers happier. It’s a fantastic opportunity for the team itself to discover common complaints or problems they may not have realized are showing up more often. Remember that your job is to simply listen and facilitate and not try to defend the status quo or start whiteboarding solutions.
Engineering
Including the requests and inputs of the technical organization is essential to making sure your product maintains a scalable and viable infrastructure.
“The more you involve [engineering] in the creation process, the more ownership and responsibility they will take for their role, and the more creativity and enthusiasm they’ll bring to the project,” says Andre Theus of ProductPlan. “Collaborating with your engineers, and soliciting their help, will make them feel more like a part of the process, and less like order takers simply being told what to do by a product manager.”
Aside from informal chats and brainstorming sessions, giving engineers the opportunity to flag something as a potential roadmap item in their bug tracking tools is a no-brainer.
Of course engineering also serves an essential function as the sanity checker for what’s actually possible in a given timeframe. Not running your thinking by some key team members could lead to embarrassing moments down the line when you’re promising features way ahead of any realistic schedule.
Executives
When the leadership team asks for something, the most important thing for a product manager is to make sure that an executive feels like their request was heard, considered and decided upon. You can’t expect executives to use the same tools and software you’re using, so collecting requirements from these leaders will be a more manual process.
Hold regular chats with executives about what they’re looking for, what they’re hearing from customers, investors and board members. While they’re suggestions may range from vague to extremely specific, each item should be considered, tracked and—most importantly—followed up on. 79% of respondents to the The Influence of Feedback on Product Development survey say they follow up with stakeholders all or most of the time, but that number should be 100% when it comes to an executive’s request.
When you inevitably decide not to slot a suggestion in the roadmap, be prepared to explain why that decision was made, using evidence that goes beyond not having enough time and the like. Show that careful consideration was given and there are legitimate reasons for your call to leave it out.
Rules for Every Function
Regardless of whether it’s an intern or a CEO, it’s your role to always be listening and considerate. Sure a large percentage of what gets brought to your might be undoable, impractical, unimportant or just plain silly, but great insights can come from anywhere.
Another good rule of thumb is to facilitate cross-pollination of multiple stakeholders from different areas. Getting a salesperson, customer service agent and engineer in the room at the same time to chat about a topic can unearth synergies that individually might remain undiscovered.
In short:
- Open Ears, Open Mind
- Keep It Simple for Stakeholders to Submit
- Record, Review & Revisit
- Close the Loop
Prisma Launches Store for User-Created Filters

Prisma, the popular photo editing and sharing app, launched a filter store today with its latest update. The store allows filters created through a new desktop tool to be shared with others publicly. At this time, only the most active Prisma users can access the desktop tool and share their filters in the store, but according to The Next Web, the app's developers hope to expand the option to more users in the future.
The filter store can be accessed whenever you're taking a photo by tapping the orange icon in the center of the screen. The store's main page presents a number of filters, currently categorized as 'New Releases,' 'Popular in Your Country,' and 'All the Old Styles.' There isn't a particularly large selection of filters currently available, but that should change with time.

My favorite part about the store is that when you tap an available filter to view it, you'll also see a feed of images that have used that filter. I find this helpful for evaluating whether a particular filter might work well with the type of photo I'm editing.
One other thing worth mentioning about the store is that on its main page there's a bookmark icon in the top-right corner. Tapping this will present a list of all the filters you currently have installed. This is a nice way to gain a quick overview of all your current filters and remove any you may not want. You can also view filters you've removed in the past from this screen.
Prisma is a free download on the App Store.
Support MacStories Directly
Club MacStories offers exclusive access to extra MacStories content, delivered every week; it’s also a way to support us directly.
Club MacStories will help you discover the best apps for your devices and get the most out of your iPhone, iPad, and Mac. Plus, it’s made in Italy.
Join NowThe Adapt or Die Tour is Over. The Content Lives On.
We’ve just wrapped up the London stop on our Adapt or Die World Tour. These gatherings of API and digital business experts were all about sharing experiences, best practices, and lessons learned and spreading digital know-how.

The slides from the keynote presentations are now available. Enjoy!
Chet Kapoor discussed how three flavors of APIs—APIs as services, APIs as interactions, and APIs as products—create the interoperability that enables ecosystems and innovative new business models.
Anant Jhingran discussed how artificial intelligence should become part of every app and every API, and how intelligence must be embedded at the edge, for operations, customers, and security.
From the cloud to microservices to security to serverless, Greg Brail discussed the technology lessons Apigee has learned over the past several years.
Also available: slides from many of the technology and digital business track breakout sessions from the Adapt or Die World tour in London and beyond.
Applicatives are monoidal
For the next few weeks, I’m going to be posting semi-regularly about
Applicativeand related topics. This will eventually end up touching on monoids, functors, monads, those typeclasses of the same names, and perhaps, eventually, applicative parsing. I have about 18 blog posts on these interrelated topics started, and I wish I could have them in a witz-like graph instead of this layout, but, alas, I am not that clever.
Prerequisites: While every attempt is being made to keep this series beginner-friendly, you should have familiarity with sum and product types, with theFunctortypeclass, withcaseexpressions, and with how typeclasses work in Haskell.
Intro
The first thing to know about Applicative is that it has two core operations, pure and <*>. The latter is often called ap or apply but I call it the tie-fighter. The second thing to know is that Applicative is superclassed by Functor, so any type with an Applicative instance must also be a Functor instance.
For both Functor and Applicative the type constructor must be of kind * -> *. Type constructor here means what it says: given a type argument, it constructs a type. Hence it is expressed as a function at the type level. The kind for a functor is two stars, no more and no less. Three stars shalt not be the kind, neither shall it be one.
Let’s look at the typeclass declaration, shall we:
class Functor f => Applicative (f :: * -> *) where
pure :: a -> f a
(<*>) :: f (a -> b) -> f a -> f bA type constructor together with an Applicative instance, describing how pure and (<*>) behave on that type forms an applicative functor. pure lifts a value (yea, even if that value is a function) into a context by applying a type constructor to it.
You may notice the type signature of <*> closely resembles the type of fmap
fmap :: (a -> b) -> f a -> f b
<*> :: f (a -> b) -> f a -> f bexcept now our function is also embedded in the f structure – the same type constructor as the a and b values are embedded in.
Another thing that is true but is usually less obvious about Applicative is that any type with an Applicative must be a monoid (or, if a sum type, at least a semigroup). McBride and Paterson say in Applicative Programming with Effects: every monoid induces an applicative functor, and that tells us something interesting: it is the monoid that gives rise to the applicative functor.
Most of the time, you do not need to think about the monoid (or semigroup, ok?) implied by an Applicative. Some instances make it more obvious than others, but it’s always there. This is what this post is primarily meant to demonstrate.
Trouble with tuples
The Applicative instance on tuples creates some confusion, and we’re just going to dive right in and see what we can make of it.
The tuple applicative behaves like this:
λ> ("julie", (+8)) <*> (" rocks", 14)
("julie rocks", 22)The tie-fighter takes a function embedded in some structure – the function here being (+8) – and applies that to a value embedded in (the same type of) structure.
But those String values – what’s happening there? They concatenate, seemingly by magic.
It’s not magic, though; it’s a Monoid constraint:
data (,) a b = (,) a b
instance Monoid a => Applicative ((,) a) where
pure b = (mempty, b)
(a, f) <*> (a', b) = (a `mappend` a', f b)Recall from what you know about Functor that we need to partially apply the type constructor to reduce its arity to * -> *. That application happens, in Haskell at least, left to right. Once we do that, the a is now part of the type constructor. When pure takes a value and embeds it in this type context, it takes a b value and embeds it in a ((,) a) – not (,).
λ> pure (+8) <*> ("hello", 9)
("hello", 17)We embedded a b (a function, because this is an applicative) in a context. The mempty we used in pure means that the String doesn’t change. That’s what mempty gives us: a way to ensure, parametrically, that a value won’t change.
The b values still do what we expect them to do with the function application.
So we must have a Monoid on the a (or first, or leftmost) value of the tuple to give us an identity value for the a in the case of pure, or to allow us to merge or combine (where sometimes this means “choose one”) a values.
λ> (3, (*10)) <*> (4, 20)
-- no good because the numbers in the a position
-- do not have a Monoid instance!
λ> (First (Just 3), (*10)) <*> (First (Just 4), 20)
(First {getFirst = Just 3}, 200)
-- but specifying a Monoid, even one that chooses one or the other
-- instead of combining them, is a-OK!Left unsaid here is that there is already a monoid operation merging or unifying the (,) portion of the structure. But it must be so because we need to add a constraint to let us combine the other portion of the structure. The difference is that (,) is not polymorphic, so we already know how to monoidally combine two of those; the a is polymorphic, so we don’t know how until it is applied to a concrete type.
An applicative functor is a functor over some type. When we know what type we’re talking about, then we already know which monoid to rely on to collapse two layers of constructor. But when there’s a polymorphic parameter, we can’t know in advance how to merge those values. We add the constraint to ensure that, for any a, we at least know there is a way. You don’t see the constraint added explicitly for sum types such as Either because the standard applicative functors don’t merge two (or more) a values inside a Left constructor.
We’ll look more at sum types next, and the next post in this series will look at an Either type that does require a (Semigroup, in this case) constraint on the a values because it does merge them instead of returning only one.
Sum type applicatives
There is no explicit Monoid constraint on most Applicative instances, and you do not usually have to consider how the f types will be merged when you write an Applicative instance. Perhaps we can understand why it can be implicit from McBride and Paterson’s phrasing: a monoid induces an applicative functor – the monoid gives rise to the applicative functor. Knowing which monoid we’re talking about it is enough.
With tuples, the accumulation of structure is made explicit to the degree that we can’t accumulate the a portion of the type structure without specifying that there be a Monoid instance for whatever type it is, but the monoidal merging of the (,) portion of the structure is left implicit.
But a typical instance for a sum type does not need a Monoid (or Semigroup) constraint:
data Maybe a = Nothing | Just a
-- the `f` variable is a function so Just (f a) is the function
-- being applied to the a value
instance Applicative Maybe where
pure = Just
(<*>) Nothing _ = Nothing
(<*>) _ Nothing = Nothing
(<*>) (Just f) (Just a') = Just (f a)
data Either a b = Left a | Right b
instance Applicative (Either a) where
pure = Right
(<*>) (Left a) _ = Left a
-- GHC 7.10 used to print "Left <function>" in this case
-- but now gives a "No instance for Show" error
(<*>) _ (Left a) = Left a
(<*>) (Right f) (Right b) = Right (f b)We’ll look at Maybe first. pure is Just because the point of pure is to lift a value into a context. We can most usefully lift a value into a Maybe context by applying the Just constructor to it. (You don’t want Maybe there because function implementations, such as in an instance, are term- or value-level and so we use data constructors and values there, not type constructors which stay up there in the type level.)
Either is similar, but now we have an a on the left. As with tuples, we’ve had to partially apply the Either constructor to get the proper kindedness, so the a, which is wrapped at the value level by the Left constructor, is now part of the type constructor itself. You can try writing this (with a different type name) and changing the implementation to have pure be the left value and see the exciting type error that results, like this:
-- a fake Either
data Choose a b = This a | That b
deriving (Eq, Show)
instance Functor (Choose a) where
fmap _ (This a) = This a
fmap f (That b) = That (f b)
instance Applicative (Choose a) where
-- pure _ = This mempty -- this is possible, if you add a
-- Monoid constraint but it probably doesn't do what you want
pure a = This a -- this one will throw a type error
(<*>) (This a) _ = This a
(<*>) _ (This a) = This a
(<*>) (That f) (That b) = That (f b)An accumulation of context
OK, so back to our monoids. There doesn’t seem to be any monoidal involvement here:
λ> pure (div 12) <*> Just 4
Just 3
λ> pure (++ "Julie") <*> Just " rocks"
Just " rocksJulie"
λ> Just toUpper <*> Just 'j'
Just 'J'
λ> Just toUpper <*> Nothing
Nothing
λ> pure toUpper <*> Right 'j'
Right 'J'
λ> Right (3^) <*> Right 2
Right 9(sometimes people ask how you even end up with a function embedded in a type context like that, in real code, and we’ll go over that in an upcoming post)
So what’s going on there, where’s the monoid? When we have two f values there, our functor can collapse them into one layer, and implicitly, the operation it uses to do that is the monoid (or semigroup! – since we don’t need the identity for this particular purpose, I suppose this is more accurate) on that type.
When we do this:
Just (+2) <*> Just 2We accumulate those Just wrappers, conceptually something like this:
(Just Just (+2) 2)The operation (the function) for the numeric values is specified, but the Justs just … accumulate. The operation that can merge or unify those Justs is left implicit – it’s the Maybe monoid.
Comparing sum and product types
An important difference between sum types and product types that is often taken for granted but is quite noticeable when one is writing instances is that sum types are disjunctive while product types are conjunctive. So, when we talked about Either, a value may be either a Left a or a Right b but not both. Product types, though, require all their parameters to be applied in order to construct a value of the type. Either a b needs to be applied to either an a or a b, but Tuple a b needs to be applied to both a and b. This helps explain why we need a mempty on the a for an implementation of pure for a tuple but not for an Either.
The difference between the sum types and product types is that the a never appears with the b in a sum, but it does in a product.
Outro
Here is the takeaway:
Applicatives are monoidal functors.
Applicative functors accumulate data constructors as they apply their function. With sum types, that accumulation is not visible and relies on an implicit monoidal operation to collapse them (although the type I’ll talk about in the next post gives us a way to visualize this, as we can with tuples). With product types that have multiple parameters, such as tuples, the leftmost type(s) are part of the type constructor, f, but their values must also appear in conjunction with the b values and so we must specify a way to merge or unite the values in the a slot.
Model building with time series data
A nice post by Alex Smolyanskaya over the Stitch Fix blog about some of the unique challenges of model building in a time series context:
Cross validation is the process of measuring a model’s predictive power by testing it on randomly selected data that was not used for training. However, autocorrelations in time series data mean that data points are not independent from each other across time, so holding out some data points from the training set doesn’t necessarily remove all their associated information. Further, time series models contain autoregressive components to deal with the autocorrelations. These models rely on having equally spaced data points; if we leave out random subsets of the data, the training and testing sets will have holes that destroy the autoregressive components.
The Daily Edit – The New Yorker: Victor J. Blue
The New Yorker
Director of Photography: Joanna Milter
Art Director: Nicholas Blechman
Photo Editor: Thea Traff
Photographer: Victor J. Blue for The New Yorker
Full story here
Photo Booth feature with Victor here
Heidi: How long were you on assignment for this story?
Victor: We worked on the piece for 6 weeks.
What was the hardest aspect of this assignment?
As with any military operation, there was a lot of “hurry up and wait.” It was tough to stay sharp and keep shooting when the down time dragged on, and to balance it with the more dynamic times.
Did you learn anything new about yourself for this project?
I learned that I need to trust a little bit more, and I need to count on my second and third impressions of people and situations as much as my first one. A few times, guys that I thought weren’t really into our presence ended up being some of the ones I eventually connected to the most.
Did you have any protection?
Well, we had body armor and helmets. But we did not work with a security advisor or anything like that. It was just me, Luke Mogelson the writer, and our buddy Sardar, our fixer and translator. We looked out for each other.
How many languages do you speak?
I speak English and Spanish. The Spanish didn’t help me out much on this one.
For each published image how many frames were shot in that scenario?
That’s really hard to say. It just depends. Sometimes only a few, sometimes hundreds. I can say that we ended up publishing like 22 photos total, and I ended up with about 300 selects.
You have a gift for being accepted into closed/difficult communities, how do you earn their trust?
I just try to be really open with people, and easygoing. I try not to be a “bro” or fake about who I am or what I’m doing there. Folks usually seem to relate to that and while it doesn’t ingratiate you off the bat, it earns trust over time.
What coping skills to you use to deal with the intensity of the work you do?
When I’m working I write quite a lot, and I think that helps. When I get home, one of the hardest things for me is not wanting to let the experience go- to not slip back into my spoiled first world existence. But that happens and I guess that’s natural. I make a concerted effort to reconnect with my friends and loved ones. I usually get sad sometimes, and I try to pour that into the editing of the pictures.
This is your life’s work, what cues do you now have that tell you it’s not the right moment to take a photograph or the situation is too intense?
There was a moment that happened like the second day- one of the SWAT members came tearing into the base collapsing and crying- he had just found out his wife and children had been taken by ISIS. It was a really intense moment and we had just shown up. I was torn about what to do, but I hung back and didn’t really make a picture. I was betting that taking it slow with these guys, earning their trust before I jump in their face like that would pay off, and it did. Later, when things were way crazier, no one ever got mad at me making pictures. You just have to take it slow, figure it out, and be smart as well as brave about raising your camera when things get intense.
You are documenting some horrific situations, how do you cope with this form of photography while you are doing it? and after
I just try hard to concentrate on the pictures, on understanding what’s going on, and making powerful images of that. It’s my job to take pictures of very serious circumstances. If I couldn’t cope with it, that would be fine, but it would be irresponsible for me to go there to do it. Then I ought to be shooting other types of stories. That’s what makes us professionals- our ability to function in what are difficult, fluid, and at times dangerous scenarios.
Have you ever self-edited feeling that an image was too much to share?
I’m not sure I believe that anything is too intense to photograph. It’s my job to interpret something horrific and make a picture of it that people can look at. I don’t think I pull too many punches. Of course sometimes the circumstances around making pictures require me to think about what’s going on- I have to be careful to be an honest witness and not work as a propaganda arm for anyone. If I feel like folks are trying very hard to manipulate the pictures I am making, I am wary about publishing them. But that was never an issue on this story.
When people look at your work are you hoping they see composition and balance in some of the photos along with your message?
For sure! I am trying to make visually dynamic photographs. My goal is a set of pictures that both inform people intellectually and move them emotionally. If the pictures are poorly made, if I’m not working really hard to “see” them, then I am not doing my job. They have to arrest you visually, make you stop and feel something, then want to know something about the people and the circumstances they depict.
Do you find beauty in cataclysmic images? Just because something is terrible doesn’t mean it can share something wonderful.
It’s an interesting question. Beauty per se isn’t a goal I’m concerned with personally. To me there are much more important aspirations for my pictures- truth being the first. Like I said, I am trying to make the most visually powerful pictures I can- but I believe in photojournalism and I am consciously working within its conventions. I work hard to be creative, but I am not making art. Wars, social crises, marginalized people- I don’t see these as legitimate vehicles for my artistic aspirations. I believe that making well-observed documentary pictures of their experience is how I can best serve as a bridge between them and the moral imagination of the readers that will see the pictures.
------------------------
Visit our sponsor Photo Folio, providing websites to professional photographers for over 9 years. Featuring the only customizable template in the world.
------------------------
SXSW – An important place for visual creators
For the 5th year, I’m headed down to SXSW Interactive. Since my first visit, I’ve been convinced that the future of visual media can be seen here, as it is making its way from idea, through doomed startup, successful startup, into the marketplace, and on to reiteration.
There’s no doubt that visual communication – journalism or entertainment – is highly dependent on the new platforms, business models, and distribution channels that are technology-driven. SXSW is the speed-dating phantasmagoria of media tech. If you want to see where media will be in 2, 5 or 10 years, there’s no better place to see it than at SXSW.
And it’s becoming obvious that tech companies are increasingly dependent on visual imagery for core capability. Photographic communication, writ large, is perfectly suited to the mobile era, with onboard cameras, beautiful screens, and a premium placed on jamming lots of attention-grabbing information into a 2×4 inch space. In recent years, visual storytelling and visual media have been a constant thread through much of the programming.
This year, we see some real love given directly to photography at SXSW. National Geographic photographer Cory Richards is a keynote speaker, and graces the cover of the SXSW magazine. NatGeo will have a Further Base Camp at the Vulcan Gas Company on 6th St.
I’ll be interviewing the amazing Aaron Huey at Further on Saturday at 6pm, discussing how he balances authenticity and passion vs. risk and vulnerability in his life and work. I’m so impressed with the way he has leveraged great photojournalism into awareness, advocacy, fundraising and cultural impact. Seriously, this guy is a poster child for visual creators owning their media stack and putting it in service for the things they believe in.
(Technically, being on stage at the NatGeo venue means I’m sharing the bill with Ron Howard, Brian Grazer, Ridley Scott, Neil deGrasse Tyson, Jason Silva, Cory Richards, Steven Kolter, David Guttenfelder and Aaron Huey.)
There will be a good PhotoShelter contingent at SXSW as well. CEO Andrew Fingerman will be there, as well as founder and tequila entrepreneur Grover Sanchagrin.
The post SXSW – An important place for visual creators appeared first on The DAM Book.
Them That’s Got Shall Get
I try — earnestly, with good faith — to understand the Republican ideologies.
And I think I’ve figured out one of them: they want to make life harder for poor people so that they have more incentive to become rich, and they want to make life better for rich people to reward success, since it should be rewarded, and since doing so provides even more incentive for poor people to become rich.
If you look at it just the right way, you can see it’s not entirely wrong. If the government made material life pretty sweet for everybody, then some people wouldn’t bother to work to earn a living. I wouldn’t bother — I’d just make software and give it away for free.
If the government made life semi-sweet — well, anybody who wants the full sweet would want a job. But some people would be fine with semi-sweet, and they wouldn’t work.
I think that’s where Republicans stand: they think the government has made life semi-sweet, enough so that a bunch of people just take and don’t work. Republicans think: we need to give them an incentive to work.
This explains the health care bill: it takes from the poor, who need incentives to work, and gives to the wealthy, who need rewards for their success. (So the Republicans think.)
* * *
It’s as if the Republicans have no realistic conception of what it’s like to be poor. The choice isn’t between health care and an iPhone, as one Republican suggested — it’s between food and rent, or worse, and forget health care and iPhones entirely.
I was “poor” in my very early 20s. I put that in quotes because I was never in danger of starving or becoming homeless — my parents would have helped me. (They did plenty, in fact.)
But still, even this small experience gives me some insight. I remember buying generic macaroni and cheese because I literally didn’t have enough money for Kraft. And forget hot dogs. And forget vegetables.
I don’t mean that I had some money lying around that I’d put aside; I mean that I had a few dollars to last a week, and if I bought Kraft, which was a few dimes more, I would run out of money before the week was over.
(My bank had a $5 minimum balance for my account. I could withdraw as little as $5 — and in those days ATMs were free — but that would have meant having more than $10 in my account to get that $5. I got so angry because I had, as I recall, $6.91 but couldn’t get at it. I remember thinking that another $5 would change my life.)
I’m not complaining about this, or saying that I had things particularly tough. Not at all.
I’m saying that if you take that experience, and take away any possibility of help from family, and then stretch it out for years and decades — with the inevitable issues, health and otherwise, that happen to everybody — then you have a life where getting ahead is really, really difficult. I can’t imagine; I can only try.
But it’s no semi-sweet life. Not even close.
Loving The Process
If you enjoy the outcome more than the process, you might have a problem.
It’s great to see an idea from the community included in the product, or feedback reaching the upper levels of management, or a huge community event filled with passionate fans.
But these moments are fleeting and tough to predict. If this is what gives you joy, you’re not going to get much joy. Or worse, you will see the daily inputs as something you have to get through to experience those fleeting moments of joy.
Like many lines of work, you really need to find a way to love the process here.
If you’re experiencing burnout, you probably don’t love the process. If you groan at a long list of discussions to participate in, you probably don’t love the process. If you’re finding yourself copying and pasting template welcomes or support messages, you probably don’t love the process.
You need to find meaning in each interaction. You need to find the joy in ensuring that every interaction makes both of your worlds’ better.
You decide how you will love the process. You might see dozens of daily challenges to find the right combination of words and tone which best convey empathy, compassion, and mutual understanding. You might see your job as getting to improve the lives of hundreds (or thousands) of people each day.
For sure, love and feel proud of the outcomes. But remember you probably won’t see the outcomes unless you truly find a way to love the process.
Why I Might Just Buy A Nokia 3310 (2017)
Smartphones must have become a really boring thing as a big hype was made at this year’s Mobile World Congress around the Nokia 3310 feature phone. It’s GSM dual band only (GSM is being phased-out in the US so why bother to include these frequencies) and its main purpose is to make phone calls and for SMS messaging. While most people wonder who would possibly buy such a phone who is in his or her right mind, …
Dean Bubley hits it right on the head: It’s the perfect secure (due to its lack of features) backup device for 2-factor authentication for online banking and shopping with companies that allow several devices to act as a second factor verification device. Personally, I think the phone is over-spec’d, I’d trade the color and resolution of the screen for more battery life any time (For those of you speaking German, here’s a great joke on the original 3310’s battery life). I’d insist on the snake game staying on board however.
The Tastiest Pi Yet: Raspberry Pi Zero W
I’ve been a big fan of the Raspberry Pi Zero since it came out. Â What’s not to like about a $5 computer? Â And lest you think otherwise, it’s a legit computer. Â It can surf the internet, edit documents, and run all kinds of gadgety sorts of things in your household. Â And at $5, it’s just fine if it only serves a single purpose.
However, the big issue with it was that in order to get it onto the network, you’d need to add a dongle of some sort, either ethernet or wifi. Â And the dongle itself would wind up costing more than the computer! Â That just seemed a little backwards.
That got address in spades last week. Â With the release of the Raspberry Pi Zero W, we now have a $10 computer that has HDMI, two USB ports (power and data), a micro SD slot and both bluetooth 4.0 and wifi. Â If you’re like me, you’re swooning already.
It’s a delicious combination of features. Â Add power to it and you can create all sorts of Internet of Things (IoT) gadgets. Â In the past, I’ve used the Pi Zero to listen for my Dash buttons in the house. Â Â But there’s another project I’ve been considering and decided the Pi Zero W was the perfect platform for it. Â So once I got my board earlier this week, the first thing I did was set it up to be a Pi-Hole server.
Pi-Hole is a black hole for internet ads.  You may be thinking that’s the same thing as an ad blocker.  Well, you’re right…. kinda.  Most ad blockers work on the computer level.  They’re chrome plugins or apps that will block apps on that specific device.  Pi-Hole is run on any computer that is always on and available on your network.  Then you tell your router to use the Pi-Hole to provide DNS information to every other device in your home.  Pi-Hole blocks the ads before they even get to your devices.  So the net result is that it blocks ads on EVERY computer, EVERY tablet and EVERY phone at the same time.  Heck, it even blocks them on visitors devices that connect to your wifi!  And if you’re a stats junky, it has a pretty sweet dashboard to see just how effective it is being.
$10. Â About 10 minutes of setup. Â And now I have a household-wide ad blocker set up. Â Wicked cool. Â I’m in love with this thing. Â And now… Â I’m off to buy another!
If you want to see some other interesting projects that may be on my todo list, check out the links below!
DropboxMacUpdate: Making automatic updates on macOS safer and more reliable
Keeping users on the latest version of the Dropbox desktop app is critical. It allows our developers to rapidly innovate, showcase new features to our users, maintain compatibility with server endpoints, and mitigate risk of incompatibilities that may creep in with platform/OS changes.
Our auto-update system, as originally designed, was written as a feature of the desktop client. Basically, as part of regular file syncing, the server can send down an entry in the metadata that says, “Please update to version X with checksum Y.” The client would then download the file, verify the checksum, open the payload, replace the files on disk, restart the app and boom! It would be running version X. This meant that the client had to be running in order to update itself. More importantly, it also meant that small bugs in other parts of the client could affect auto-update. Eliminating these potential failures was crucial to maintain continuity of Dropbox’s value to its users. So we decided it was time to move our auto-update mechanism out of the main app.
Back in 2014, we accomplished this on Windows by taking Google’s Omaha project and adapting it to our needs. Since Omaha is an out-of-process updater, if we shipped a completely broken client we could still update it. This project took a while to finish since Omaha is also an installer/meta-installer and we had to rework several of our installation flows to make it all work well. But we were happy with the end result.
Last year, we decided we wanted to do the same for macOS. Usually we like to start projects like this by doing lots of research. Why reinvent the wheel if you don’t have to? Google did have an open source project called UpdateEngine which was essentially “Omaha for Mac,” but the last code drop was back in 2008 and it wouldn’t compile cleanly with modern XCode, so we decided not to use it. Other options we looked at had other difficulties. Some were in-process only, or supported only one app, or only supported Sierra (we support Dropbox on some pretty old versions of OS X) so we couldn’t use them.
So we decided to write our own auto-update system. This gave us a lot of flexibility in the feature set, and rather than bolting stuff on after the fact, as we did with Omaha, we could build the exact system we needed. (We also didn’t have to use XML for the API
.)
So what did we want?
- Safety. We must ensure that users only run the code that they should be running.
- Speed. We want to update our users as fast as possible.
- Simplicity. This covers both the design and the implementation. Simple code with lots of unit tests.
- Separation of concerns. The details of how an app is updated should be separate from the method of getting the payload.
- Error handling. Handle all the most common errors correctly, e.g. Network connectivity.
- Logging. Log as much as possible to detect quality degradation.
And what did we build?
We built an “app” called DropboxMacUpdate. Because we needed to support old systems (Mac OS 10.7+) we wrote it in ObjC rather than using Swift. Picking one of Apple’s languages let us leverage many of the OS features without too much trouble. (In comparison, the client is written in Python, and when we need to do some OS-specific thing we have to write lots of bridge code.)
Upon installation, DropboxMacUpdate.app will register itself with launchd . This is a well known technique that will allow the app to periodically check for updates. Any Dropbox app can register with DropboxMacUpdate by giving it the path of where it’s installed. Every five hours, DropboxMacUpdate will check its registration database for apps, then check the paths of those apps for the installed version and send them to the server. The server will check if an update is needed and will reply with the version, the URL and the hash of the payload. DropboxMacUpdate then downloads the payload and uses it to update the app. This all happens without the need for any user interaction.
Payload Format
At a minimum, the payload is a DMG with an executable file called .dbx_install at the root. Those of you familiar with Google’s UpdateEngine may see some similarities here. The executable is in charge of doing all the work needed to install the new version of the app. In practice, the DMG will also include the .app that needs to be installed; however, this format allows us to (someday) create a DMG that can update the app using diffs, for example. Notice that DropboxMacUpdate doesn’t have to know the details of how to update the app. This means that if your payload won’t install for some reason, it’s not a problem; just have the server give it a different payload next time (one that actually installs), and you’ll be out of your predicament in no time.
Security
Shipping updates is no trivial matter. We have to ensure that there’s no way for a user to get a “bad” version of the client. So we employ multiple layers of security checks.
- By default, the connection to the Dropbox server uses TLS with certificate pinning. This way we know we’re talking to
dropbox.comand onlydropbox.com - The server replies with the sha256 hash of the payload. This gets verified once we download the payload.
-
.dbx_installwill verify that the .app is signed by Dropbox before copying it to its final location. - Additionally, on 10.12+ systems the DMG payload is verified as an in-depth security measure. (Sadly, DMG signature verification is not implemented in earlier versions of OS X.)
But most importantly, being able to deliver secure, reliable, and rapid updates to our users is the biggest security improvement.
Updating a running app
Because DropboxMacUpdate can pretty much run at any time, it might try to update a running application. For the Dropbox client we wanted to be able to ask the app to quit so the update could be done as soon as possible. So .dbx_install will find the running app and ask it to exit, using a Darwin notification. The client receives the notification, ensures that the app isn’t showing UI, finishes the current sync operations, and exits cleanly. .dbx_install will then swap out the Dropbox.app atomically and restart it. If the client is busy showing UI then we’ll wait for some time before quitting to make sure the user experience is not jarring.
And in the end
Many of our beta users have been running DropboxMacUpdate for the last months and have benefited from an increased speed in how fast they receive the latest version. In fact, we can update about 3000 clients/sec at peak! We’re excited about shipping this to all our macOS users with version 21 of the desktop client. Happy updating!
Microservices Done Right
What does it mean to be doing microservices right?
Seventy percent of organizations claim to be using or investigating this new trend because it's hard to resist the promise of faster innovation and the ability to independently develop, deploy, and scale components of large applications.
But, challenges exist—both known and unknown.
In this webcast replay, we identify key ingredients of microservices success. We discuss:
- why microservices is taking off
- challenges faced with microservices
- how companies are using API management to solve their challenges
The History of the Future of E-rate and Affordable Internet Access at Schools
While much of the speculation about the future of education technology under President Trump has been focused on the new Secretary of Education Betsy DeVos (her investment in various ed-tech companies, her support for vouchers and charter schools), it’s probably worth remembering that the Department of Education is hardly the only agency that shapes education and education technology policy.
The FCC plays a particularly important role in regulating the telecommunications industry, and as such, it has provided oversight for the various technologies long touted as “revolutionizing” education – radio, television, the Internet. (The FCC was established in 1934; the Department of Education, in 1979; its Office of Educational Technology, in 1994.)
Tom Wheeler, the head of the FCC under President Obama, stepped down from his role and left the agency on January 20 – the day of President Trump’s inauguration. Wheeler had been a “champion” of net neutrality and E-rate reform, according to Education Week at least, but his replacement, Trump appointee Ajit Pai, seems poised to lead the agency with a very different set of priorities – and those priorities will likely shape in turn what happens to ed-tech under Trump. As an op-ed in The Washington Post put it, “The FCC talks the talk on the digital divide – and then walks in the other direction.”
Indeed, one of the first moves made by the FCC under Pai was to block nine companies from providing subsidized Internet service to low-income families.The agency also rescinded a report about the progress made in modernizing the E-rate program, something that had been the focus of Wheeler’s tenure – a report that had been released just two days before Wheeler left office – removing it from the FCC website altogether. (An archived copy is available via Doug Levin’s website.)
Senator Bill Nelson (D-FL), the ranking member of the Senate Committee on Commerce, Science and Transportation, issued a strongly worded rebuke to that move, calling E-rate “without question the single most important educational technology program in the country.”
Despite this praise, the program has long been controversial, frequently criticized for fraud and waste. Arguably, E-rate is one of the key pieces of ed-tech-related legislation in the US, and as such it’s worth examining its origins, its successes, and its failures.
What can E-rate tell us about the relationship between politics and ed-tech? Who has benefited?
A History of E-rate Legislation
E-rate is the name commonly used to describe the Schools and Libraries Program of the Universal Service Fund, established as part of the Telecommunications Act of 1996. The act called for “universal service” so that all Americans could have access to affordable telecommunications services, regardless of their geographical location. The legislation also ordered telecom companies to provide their services to all public schools and libraries at discounted rates – from 20% to 90% off depending on the services provided and number of students receiving free and reduced school lunches. The program, whose subsidies were initially capped at $2.25 billion, was to be funded through mandatory contributions from telecom providers – the Universal Service Fund (USF). (Telecom providers added fees to customers’ bills in order to pay for their contributions.)
The FCC initially appointed the National Carrier Exchange Association, the non-profit organization charged with managing the USF, with handling the E-rate program, but eventually a new organization was created to do this: the Universal Service Administrative Company (USAC).
From the outset, the program faced Congressional scrutiny, with questions about its scope, its management, and its funding. In particular, legislators were concerned that the charges levied on telecoms in order to pay for E-rate might be a tax (rather than a fee). (If the charges were a tax, it would be unconstitutional for the Executive branch and not Congress to exact them.) Some members of Congress also objected to the level of funding for E-rate. They argued that the program cost too much money and took needed funds away from other “universal service” efforts; some proposed that the program be replaced by block grants.
In 2014, the FCC undertook a “modernization” plan for E-rate in part to address the changing demand for telecommunications services. The agency issued an order to support affordable access to high-speed broadband in particular (not merely “access to the Internet”) and to boost access and bandwidth of schools’ WiFi networks.
As part of these modernization efforts, in 2015 the funding cap for E-rate was increased to $3.9 billion and the way in which funds were allocated was an adjusted – all in an attempt to “spread the wealth” beyond just a few large districts that had historically benefited most from the program.
According its January 2017 report, the FCC’s modernization push enabled some 77% of school districts to meet the minimum federal connectivity targets by the end of 2016; just 30% had met those requirements in 2013. (That is, Internet speeds of 100 Mbps per 1000 users.) During the same period, the cost that schools paid for Internet connectivity fell from $22 to $7 per Mbps.
“Progress,” the FCC boasted in the report. “No comment,” the FCC said in February when asked why the report on the modernization efforts had been pulled from its website. Commissioner Pai had voted against those efforts, for what it’s worth, back in 2014, saying that the FCC order did little to curb bureaucracy or waste.
A Brief History of E-rate Fraud
Throughout its history, the E-rate program has faced repeated scrutiny from Congress, from Republican members of the FCC like Pai, and from the General Accounting Office, which issued a report in 2005 that took issue with the “unusual” organizational structure of the USAC and questioned whether or not E-rate was sufficiently responsive to accountability standards that would “help protect the program and the fund from fraud, waste, and abuse.”
And there have been plenty of accusations and lawsuits regarding “fraud, waste, and abuse.” Among them: an $8.71 million settlement paid by Inter-Tel in 2004 over accusations of rigging the bidding process. A $21 million settlement paid by NEC in 2006 for price-fixing. An $8.2 million settlement paid by AT&T in 2009 over accusations of non-competitive bidding practices and overcharging. A $16.25 million settlement paid by Hewlett Packard in 2010 over accusations of fraud. A $3 million settlement paid by the New York City DOE in 2016 over accusations of mishandling the bidding process. (Here is the full list of those who’ve been convicted of criminal or civil violations and have therefore been barred from participating in the E-rate program.)
As some of these settlements highlight, while the E-rate program was supposed to ensure that schools received discounted telecommunications services, this hasn’t always happened. ProPublica reported on over-charging in the E-rate program in 2012,
Lawsuits and other legal actions in Indiana, Wisconsin, Michigan and New York have turned up evidence that AT&T and Verizon charged local school districts much higher rates than it gave to similar customers or more than what the program allowed.
AT&T has charged some schools up to 325 percent more than it charged others in the same region for essentially the same services. Verizon charged a New York school district more than twice as much as it charged government and other school customers in that state.
Despite these issues, a court decision in 2014 blocked the USAC from prosecuting telecoms for making false statements about offering schools and libraries the “Lowest Corresponding Price,” arguing that this falls outside the False Claims Act, a statute that allows the government to pursue fraud claims against businesses. The burden of proof that schools and libraries are being offered a competitive price falls on the applicants themselves.
E-rate and the History of the Future of the “Digital Divide”
When the E-rate program was first established in 1996, only 14% of K–12 classrooms in the US had access to the Internet. Almost all schools are now connected to the Internet, although – as that FCC modernization report underscores – not all classrooms have access to high-speed broadband, and not all schools have WiFi networks that can support the heavy data demands on their bandwidth. According to EducationSuperhighway, a non-profit organization that lobbies for increased Internet access, 88% of public schools now have the minimum level of Internet access – that is, 100 kbps per student), although just 15% offer the FCC’s goal – that is, 1 Mbps per student.
According to both EducationSuperhighway and the FCC, it is imperative to “level the playing field” so that schools and libraries, regardless of geographic location or the income level of students they serve, all have access to affordable high speed Internet. Certainly in the 1990s, when E-rate was introduced, its goal was to address this very issue – “the digital divide.”
Cost has certainly remained a barrier for the poorest schools, as has the infrastructure itself in some areas – a lack of high speed broadband service altogether, for example. Some schools “cannot overcome the 19th century buildings to take advantage of 20th century technology,” Education Secretary Richard Riley told The New York Times in 2000.
But there’s another access to “the digital divide” beyond simply who can afford “the digital,” and that’s something that Macomb Community College professor Chris Gilliard calls “digital redlining”: “the growing sense that digital justice isn’t only about who has access but also about what kind of access they have, how it’s regulated, and how good it is.” That issue with “what kind of access” is core to E-rate because of an associated law, the Children’s Internet Protection Act.
The act, known as CIPA, was passed in 2000 – one of a series of pieces of legislation that attempted to curb if not criminalize “adult materials” online in places “where minors would be able to find it.” The Communications Decency Act, for example, was passed in 1996 – the same year as the Telecommunications Act – but was found unconstitutional by the Supreme Court the following year. In 1998, Congress again sought to address children’s exposure to “harmful materials” with passage of the Child Online Protection Act, but this too was challenged in court. The Supreme Court also found the Child Pornography Prevention Act of 1998 unconstitutional in 2002.
Recognizing these legal challenges, Congress took a slightly different tact with CIPA. Rather than regulating content on the Web writ large, it opted to restrict what schools and libraries that receive federal funding – through the Library Services and Technology Act, Title III of the Elementary and Secondary Act, the Museum and Library Services Act, or E-rate – could allow people to view online. CIPA requires schools and libraries to create “acceptable use” policies for Internet usage, to hold a public meeting about how it will ensure safety online, and to use a “technology protection measure” to keep Internet users away from materials online that are “obscene,” “child pornography,” or “harmful to minors.” That is, CIPA requires Web filtering.
The law has faced its own share of legal challenges, including one from the American Library Association. The Supreme Court ruled in 2003 that CIPA does not violate the Constitution.
One of the myriad complaints about CIPA is that it results in “over-filtering” – that schools and libraries block content that are not “obscene” or “harmful to minors.” There are many stories about how information about things like breast cancer or LGBTQ issues or drug abuse is inaccessible at certain schools. (I have found that my website is blocked by many because it contains that dangerous word “hack.”)
Now that schools are increasingly providing students with laptops or tablets, filtering software often happens at the device-level, not simply at the school network level. That is, the Internet remains filtered, even when students are on their laptops at home.
Clearly this is an equity issue – one that complicates how “the digital divide” has traditionally been framed and what E-rate was supposed to address. Those who rely on the Internet networks at E-rate supported schools have their Internet access restricted and monitored in turn.
E-rate and the Future of Ed-Tech
The decision by the new FCC to rescind its report on E-rate raises plenty of questions about the future of the program under President Trump. Will the FCC reduce spending on universal service? Will the agency revise regulatory oversight for the E-rate program? What might this look like?
How might this, alongside Ajit Pai’s opposition to “net neutrality,” reshape access to information at schools and libraries (particularly those that serve a low-income population and those in rural areas)?
Build a Custom Serverless CMS: Part 2
John Polacek,
CSS-Tricks,
Mar 11, 2017
The second part of this series is now available (I covered the first part here) and it directly relates to some of what I will be talking about tomorrow. The first part described how to build a serverless static site generator; this one covers a serverless content management system (CMS). This ties in to the idea that everybody will (eventually) have their own web presence. This is the mechanism that frees us from the hands of Facebook and Twitter (and puts us into the hands of AWS and Azure).
[Link] [Comment]Little Bit of This and That
I'll keep it short and sweet.
We're putting Microfiber Touring Saddles in regular and wide widths with dinged or crooked badges on sale. We've moved to doing a screenprinted VeloORANGE logo because we think they look better and are safer during transport.
We're working on a new design for our VO skewers to make them more disc brake friendly (they currently flip open more than 180 degrees), so our current ones are on sale. They're perfectly fine for disc and rim brake applications granted you have brushed up on Quick Release 101.
Thanks so much for your patience with the Cigne Stems being out of stock. They take a long time to make and the last production run sold through way faster than we expected - sometimes that happens when you test the waters with a new product. We're getting lots more in early-April.
More Mojave Cages are arriving next week. When you sign up for a product alert, you get an automated email telling you a product is in stock.
Using bikepacking equipment means you probably have braze-ons that go unused. These nifty plastic screws plug your frame and fork's holes to deter moisture and debris from entering your tubes.
That is all. Have a great day!
Twitter Favorites: [thismason] A theory: People who say "I would never do that" would totally do that.
Samsung Galaxy S8 and S8+ Compared In Leaked Photos
And the Galaxy S8 leaks keep on coming. The latest leak surrounding Samsung’s upcoming flagship handset compares the Galaxy S8 and S8+ side by side. The comparison pic gives us a clear idea of just how much larger the Galaxy S8+ with its 6.2-inch display is compared to the regular Galaxy S8 with its 5.8-inch display.
Continue reading →
Twitter Favorites: [bmann] @claire_atkin the frustration came through. I fear a general swelling of frustration due to lack of control.
@claire_atkin the frustration came through. I fear a general swelling of frustration due to lack of control.
What Happened to Pronto?
Seattle had high hopes and expectations for their bike share program when it launched in 2014. The ball was basically in their court: they have an extremely active cycling community, they have a strong bike infrastructure that is getting stronger, and they have an ever increasing traffic congestion problem. So what happened to Pronto?
Well, a few things. But the most critical perhaps is the bike helmet law. We are not condemning bike helmet laws by any means, we think it is incredibly crucial for communities to encourage safe cycling practices and bicyclist should wear a helmet without needing it to be a law. However, it's worth considering that bike infrastructure is immensely more protective for bike riders than helmets. Perhaps instead of enforcing bike laws, they should be advocating for bike infrastructure and road sharing policies. As Seattle Times and industry experts point out, about 1,000 cities have bike share programs, and fewer than 5 of those also have helmet laws.
A helmet law could have a reasonably negative effect on a new bike share program. Although they offered rental helmets as a solution, it's understandable why tourists and commuters alike find this cumbersome.
When the city began to admit defeat and move forward, there were rumblings about introducing an electric bike program. Which would be quite impressive. The idea of a city bike share utilizing pedal assist bikes seems like it would be a better fit than regular bikes for a number of reasons.
For commuters, it offers a quick and sweat free way to get to and from work without the stress of worry about bike theft. And for the tourists who aren't used to the hills of the city would welcome the assist when climbing. Perhaps the hope would be that those new to electric bikes would see the beauty of a pedal assist and ultimately bring their experiences home with them.
While this program did not work out for Seattle this time around, there's hope that with some adjustments to their laws, they could one day be home to an electric bike share program.
ZTE to pay approximately $1 billion settlement to U.S. government over business in Iran
ZTE has admitted to putting U.S.-made items into equipment that was then shipped to Iran without proper licensing. Subsequently, the company has agreed to pay a hefty settlement of over a billion dollars.
The settlement comprises a criminal and civil penalty of $892 million USD (about $1.1 billion CAD), along with an additional penalty of $300 million USD (about $400 million CAD) that will be suspended for a seven-year term on the condition that the company complies with the requirements in the agreement and will continue to work with an independent compliance monitor. The criminal fine is the largest ever handed out by the Justice Department in an export control or sanctions case.
According to court documents obtained by Bloomberg, ZTE, either directly or indirectly through a third company, shipped approximately $32 million USD (about $42 million CAD) of U.S. items to Iran between 2010 and 2016 without obtaining export licenses.
The U.S. Commerce Department blocked U.S. exports to ZTE in March 2016, but suspended the ban several times over. In a final rule published February 24th, the department extended the company’s temporary general license until March 29th, allowing U.S. suppliers to continue to supply ZTE with components.
“ZTE acknowledges the mistakes it made, takes responsibility for them, and remains committed to positive change in the company,” said Dr. Zhao Xianming, chairman and CEO of ZTE in a press statement.
“Instituting new compliance-focused procedures and making significant personnel changes has been a top priority for the company. We have learned many lessons from this experience and will continue on our path of becoming a model for export compliance and management excellence. We are committed to a new ZTE, compliant, healthy and trustworthy.”
According to Reuters, the Chinese manufacturer sources about one-third of its parts from American companies like chipset-maker Qualcomm, Microsoft and Intel.
Source: CNW
The post ZTE to pay approximately $1 billion settlement to U.S. government over business in Iran appeared first on MobileSyrup.
Amazon’s unwisely lets the nerds apologize for its AWS outage
Much of the Internet was down for three hours last week. Because of an outage at Amazon Web Services (AWS), Amazon’s cloud-based service that powers Internet companies, hundreds of services like Medium, Slack, Quora, Reddit, and Kickstarter stopped working or worked poorly. Amazon’s Web geeks then bungled the response, focusing on jargon rather than clarity and empathy. … Continued
The post Amazon’s unwisely lets the nerds apologize for its AWS outage appeared first on without bullshit.










