What does EMF have to do with Sara Bareilles?

It isn't often that a CD comes along that you can just put in, press play, and listen for the next 62 minutes without hitting "skip forward".

The first such time this happened to me was in the early 90's, after I popped in EMF's Schubert Dip and was mesmerized by the catchy loops and mostly-spoken lyrics.

There have been few times since then that compilations have made their way onto my "play the whole thing" list. The most recent was a welcome surprise.

I first heard "King of Anything" by Sara Bareilles scattered throughout an episode of Medium, and three days later I couldn't get the hook out of my head. It was some work to figure out what song it was, playing on repeat in my wetware- I could only hear the melody and I wasn't even sure where I'd heard it. Amazon sold me the single in MP3 format and my poor computer had to endure those 3 minutes and 27 seconds over and over and over for the better part of two work days.

Then, I stumbled onto the video for "Uncharted", via Ben Folds, and again, Miss Bareilles had a firm grip on the soundtrack playing in my head. I decided, on a whim, to just get the whole CD.

Falling in love with her talent was a gradual process. I'd normally play track 2, and then track 5, and then skip to the strings version at track 16. Repeat.

But every once in awhile, "Gonna Get Over You" would start up (it's track three) and I found that I really liked that one too. My fingers were playing the bass line on the steering wheel, without any help from me. Then I discovered the one-minute A cappella intro to Uncharted at track one. Then a demo version of track 3 at track 14. Before I knew what had happened, I was just sticking in the CD and letting it play. It wasn't much longer before I realized that I was singing every lyric to every song, driving down the road. People stared. Freak!

At some point, it came to my attention that the singer-songwriter I was listening to almost every time I was in the car was going to do a show in Tulsa. Sign me up. We had tickets to that show for months. Tuesday finally came and we found ourselves in line outside the venue- General Admission and standing room only means you'd better get there early.

I've been to a lot of concerts in my life. I couldn't even begin to count the number. I have never walked out of a concert feeling like I did that night. It was so amazing I couldn't even find words to describe it. I figured that by the next day I'd be ready to put some kind of word down about it, but I was still high from the concert. When I put the CD in and Uncharted fired up, I could hear her doing it live. I could see her doing it live. I had chills on top of goose bumps. What a voice!

The show started out with Uncharted, and then Vegas, followed by a cover of Cee Lo Green's "Fuck You", which really got the crowd going. That was the perfect intro to Gonna Get Over You. Next, she slowed things down a bit with Machine Gun, Many the Miles, and Breathe Again. Then she asked if we wanted to hear another depressing song about failed relationships (or something to that effect) and of course we did, so we all sang along to Basket Case and Bluebird.

Basket Case and Bluebird were performed with only Sara on keys and Daniel Rhine on a beautiful upright bass, and then she said "What's that back there?!" and pointed to the back of the room. The other three members of her band were at the back and started playing. While everyone turned around, Sara and Daniel ran from the stage to the back (upright bass in tow) to join them. From there they covered Little Lion Man, but the only parts we could hear (from near the stage) were the chorus, which everyone at the back half of the room sang at top volume!

Then they all ran back to the stage. The set list from there is a little hazy, but it included Love Song ("if you know this one, sing along!" -- who would come to a Sara Bareilles concert and not at least know Love Song?) and an audience participation version of King of Anything.

For an encore set, Sara played Gravity on Hanson's Wurlitzer, and finished up with Let The Rain with the band.

Two days later, she played in New Mexico. I woke up wondering if I could make it if I started driving now.

New Company!

I found this site, to rename nameless, with the following text on the home page. (my comments in [brackets] and the real name of the company has been replaced with "Fulff"!)

Fluff’s immediate focus is to lay the technical foundation to digitally connect households together...[Oh, cool! You're going to run cable or fiber from house to house?! What a neat idea! Will it make my Internet speed better?] The company aims to empower individuals with their own online household portals that can digitally connect them to other people that they know. [Wait- you mean like Facebook did five years ago? or like Google+? Hasn't this been done before?]Fluff expects that this network of collected portals [the portals are connected? I thought the households were connected?] will become the next progression of a private social network. [That's interesting. Google thinks Google+ will become the next progression of a private social network.] Portals will also serve as virtual storefronts where individuals can buy and sell products and services and share information among connected households. [ok, like eBay? like a big connected eBay garage sale? when are you going to run a fiber optic cable between the houses in my neighborhood?] The biggest value in being a part of the household network [my household already has a network. It runs at 1Gbit/sec. There are 42 drops and 19 nodes...] is the ability to buy, sell and share with each other and to capture the collective benefit among local people that you know, value and support. [WAIT. This is starting to sound like a pyramid scheme. Oh- that's right, we don't call them that anymore. I meant to say "DIRECT MARKETING". So your new network will allow all my neighbors to spam me with the crap they want to sell me, and in return I can do the same to them? Sounds like a NOVEL idea!] This human touch strengthens loyalty within the network [Within my household network? The computers connected to my network are pretty trustworthy already.] and the community to propel growth, sustainability and profitability. [if we were playing BUZZWORD BINGO, I think I'd already have a full card.] The household portal carries the personalized identity of a household in the form of its own domain name (or URL). [You're giving my HOUSE a URL? What happened to the fiber optic cable! My house doesn't need a URL, thank you.] Each online portal gives members of the family access to three basic operations: buy, sell and query (or share). [Of all the things I am interested in doing, those three are at the very bottom of the list. ] Members of the family can buy items of interest, sell items to others and earn a commission. [huh? a commission? If I sell something I own to someone else, I don't get a commission, I get whatever they paid me for it. you people are not making a bit of sense now. ] They can also query information relating to particular products and services and subscribe to the manufacturer, supplier, distributor or service provider. [supplier or distributor? service provider? why would I need any of those things to sell my stuff to people I know via your magic portal?] As part of the household portal network, the company will create a directory of local businesses that can be searched to locate items or services of interest. [uh, like Google?]

It is reported that over $115 billion in sales are generated through direct sales [WTF!? This IS a pyramid scheme!] worldwide, and in excess of over 55 million individuals actively participate in these activities. [55 million people out of nearly 7 billion?] Fluff plans to take this a step further by empowering these individuals with their own online portal that can digitally connect to others they know. [LIKE FACEBOOK OR GOOGLE+] These collections of connected portals become the NEXT EVOLUTION OF PRIVATE SOCIAL NETWORKING [JUST BECAUSE YOU PUT IT IN BOLD TYPE DOESN'T MAKE YOU LOOK SMARTER] that can act as a virtual storefront for savings [my savings doesn't need a storefront]; creating earning opportunities and sharing family values and services [you haven't really said anything about how this works yet.] According to new research from The Nielsen Company, Americans spend nearly a quarter of their time online on social networking sites and blogs [THAT ALREADY EXIST!], up from 15.8 % just a year ago (43% increase). The research revealed that Americans spend a third their [a third their?] online time (36%) communicating and networking across social networks, blogs, personal email and instant messaging. [SO?]

Good luck with all that.

Tea (sweet?)

My grandmother is a retired school teacher. Correction-- retired twice school-teacher. One of those elementary teachers that was really good-- just ask any parent of any kid she ever taught. And an organizational freak- everything has its place, and every place has a proper label.

More than two decades ago, I noted to my grandmother (this was at Thanksgiving or Christmas, I'm sure) that calling tea "unsweetened" didn't seem right to me, because "un" seemed to imply that the sweetness had somehow been removed from the tea. And how once you add sugar to tea (well, the warm kind anyway) it would be near impossible to remove it.

Every time since that I've been to her house for family gatherings, I note two pitchers of tea available: "Sweet" and "Non-Sweet". I'm sure I've overheard her explaining to someone who had asked about the labels that non-sweetened tea hasn't ever had sugar added to it.

I don't know if she knew I was listening and yanking my chain, or if I converted her. But I like to think she's a believer in non-sweet tea.

Gawker User Passwords Compromised

I'll try to keep this short.

For those who didn't hear or didn't care, Gawker Media Lost Some User Info.

And then, a thing started happening at Twitter-- TweetSpam on accounts previously not responsible for TweetSpam. Specifically to people who had accounts compromised at Gawker. How is this so? Because the people used a common password between the two sites.

As an IT person, I can tell you rules of passwords:

1. Don't use passwords that are short or easy to guess.
2. Use uppercase, lowercase, symbols, and numbers.
3. Don't write down your passwords, someone will find them.
4. Don't use the same password on more than one site.
5. Change your passwords often.

Now then, honestly, we've been saying these things for more than a decade now, and everyone knows that they are blatantly ridiculous. Make a password that is hard to guess, difficult to remember, complicated, don't write it down, and don't use it at more than one place. And then change all of those passwords every 30/60/90 days.

Like you might be that super human. Maybe 1 in 1 million people have the mental capacity to pull that kind of thing off, but for the rest of us mere mortals, we're left to either break one or more of The Rules or use a password manager. Or use your openid/google account/facebook login-- a central authority for your authentication.

And that's what this post is about. The terrible solutions we propose to the unsolvable problem we created.

Password managers? Sure, they are safe- the data is encrypted! The source code is open! The company is reputable! These all may be true today, but if the company is compromised and a group of hackers manages to insert their send-all-the-passwords-to-me code into the application, it could be weeks, months, or years before anyone finds it. What if they hacked the compiler used to create the completely-safe password manager app? What if they hacked the compiler that compiles the compiler that creates the completely-safe password app? Yes, Virginia, that can happen, and there are many thesis written on the matter. Your passwords aren't really any safer than the database that runs the web site that has your password.

Linked accounts? Now, if there is a breach at one place, you're compromised at every single other place that was linked. There's a great solution!

If you're looking for answers, they are not here, because really: they do not exist.

Because of this, we really have to stop preaching the password rules as if they are the IT Gospel.

What can you do? Try to follow the rules, enough to make yourself able to sleep soundly each night, and maybe buy some identity theft insurance.

I'm just sayin'.

Spoiler Alert!!

So, I'm watching this movie the other day, and it occurs to me that I've been Nicholas Sparksed.

You probably know what I'm talking about already, but in case you don't, here's a brief synopsis of the last 10 minutes of the movies made from his books:

(even if you haven't seen these- just keep reading. If you haven't seen them by now, you're not really going to, and you won't be missing anything anyway.)

Message in a Bottle: Garrett (the main character) goes out on his boat,the storm ends up being faster than he thought, and he ends up drowning before he can swim back to shore.

A Walk to Remember: Jamie (the main character) lived through the summer, and then passed on.

The Notebook: Allie and Noah (the main characters) die in their sleep together holding each other's hand.

Nights in Rodanthe: Paul is killed in a mud slide.

Dear John: John gets one last letter from Savannah telling him that they received an anonymous donation, which allowed Tim (one of the main characters) to be at home for the last two months of his life, and now he has passed away.

The Last Song: Steve (one of the three main characters) dies.

(synopsis excerpted from http://www.ruinedendings.com/ and http://www.themoviespoiler.com/ )

So I'm watching "Remember Me" (don't worry- I've saved you from the misery of sitting through it) and there comes that point in the movie where everything seems fine. You know -- it's that point where the main conflict has been resolved, you realize that it wasn't really that big of a deal after all, and it occurs to you that the only possible thing left to happen is for someone- likely a primary character- to be destroyed in some freak happening.

So, rent "Remember Me", and when you get to the point where everyone is happy again, just turn it off and go to bed. Great Movie!

Security? Whatever!

Do you ever get the feeling that a lot of the "security features" around us are nothing more than a charade created to convince us that we're safer than we really are? I mean, seriously, take a look at your average TSA screener. But this post isn't about those people. Don't get me started on "security" at the airport. Just take down the gates and let us open-carry on planes and there will never be another hijacking in the United States. Think about it. (explosive decompression is a myth anyway.)

Today, I called my bank to reset my web access password and get them to unlock my web log-in. I gave them my account number, my name, my phone number, my birth date, my address, my mother's maiden name, and my social security number. That got me access to the username I had forgotten.

Now, to actually reset the account so that I can log in-- to reset the password to "abc123" so that I can log in once and change the password to something I know, I have to provide one final bit of information.

Yes, there is *one* more thing I have to know to get the person on the line to 'do the deed.' So this must be something SUPER-SECRET, right?? I mean, so far I've given them everything but a blood sample to prove my identity, but there is ONE MORE CRITICAL PIECE of information they must have to COMPLETELY VERIFY MY IDENTITY.

"What was the amount of your last deposit?"

Now, on it's face, this seems like a fine question to ask me, because after all, it is something about my account that I should know. But in reality, who has access to the correct answer to the question "What was the amount of your last deposit?"

You might think that the account holder and the person at the bank who processed it are two people who would have access to that information, but you're actually not being specific enough. The correct answer to the question "who would know this information?" is "the person at the bank that processed the deposit and THE PERSON THAT MADE THE DEPOSIT."

"But wait," you say, "I'm the account holder. I made the deposit, stupid!"

Grasshopper; a deposit (thank the banking gods) is an unauthenticated transaction. Any Joe walking into any branch of your bank with your account number (or your social security number) can make a deposit into your account, and at that point, that person knows the all-important amount of the last deposit into your account. They don't even have to walk in. There are drive up windows and night drops.

Don't get me wrong- if some stranger off the street walks in with my account number and wants to deposit money into my account, I DO NOT want the bank harassing them in any way, shape, or form--- I mean, FREE MONEY!--- But at the same time, the amount of the last deposit is not secured information! Your name, address, phone number, and account number aren't really even secure information, they all typically exist on every check you've ever written. Even if they aren't on your checks already, no one will accept a check unless you write all that down (along with your driver's license number) on the check.

So have you seen Idiocracy? I suggest you watch it.

Digital Movies In Tulsa

Just a note to inform you that the Dickenson Starworld 20 in Tulsa has at least 1 digital projector (in #20) and probably two- they have an identical mirrored theater across the way from theater 20, but I don't recall the number. The picture is stunning, and they are showing Christmas Carol in 3d (of the real-d persuasion) until Thursday night. Then Twilight (New Moon) will start in that theater.

Also another thing- the Cinemark down the road (on 71st) is, to my knowledge, still selling large drink refills at full price, despite numerous complaints from yours truly.

On the other hand, Starworld 20 (about 4 miles down the road to the south) has free large refills on large drinks and popcorn. And both their large drink and popcorn are priced lower than Cinemarks.

To top it off, the manager at the Starworld 20 is an awesome guy, incredibly friendly and really seems to understand that customer service is king in the multiplex business. The VP in charge of concessions ("Vice President, Food, Beverage & Amusements") at Cinemark Corporate down in Plano, on the other hand, is a tool who actually wanted to argue with me about their concessions being cheaper (they aren't) while saying [emphasis mine] "We don’t offer refills on our large drink on an ongoing basis because we have found that it encourages customers to share one drink instead of purchasing individual drinks. We would need to raise our drink price 25-50 cents to offset that customer behavior."

By the way, when I worked at a very small buyer of fountain-based beverages from Pepsi, the wholesale cost of soda (any flavor) was about 2 cents per ounce, and there were no discounts involved. If cinemark is paying as much as 2 cents an ounce, I would be surprised. If you pay $4.50 for a 40 oz fountain drink at a theater, I can assure you they are making at least $3.00 in profit, and that includes the $6.25/hour high-schooler who sold it to you.

The same Cinemark VP also notes: "Since most of the movie ticket price goes to the Hollywood studios, theatres rely on concession sales to cover the costs of operating the theatre. "

Interesting business model.