Tag: I’m Neurotic and So Am I

One Foot in Front of the Other

BobbieLeave a comment

One of the things I do to relax – particularly when I need the hands to be doing something (e.g., knitting project, cross stitch project, etc.) is “watch” YouTube. I have a handful of subscriptions but the ones I’ve enjoyed most of late are History Hit and the “Tech Support” series from Wired. The most recent one I watched was with a polar explorer, and I listened as he answered questions from a wide selection of forums.

In answering one of the questions, he started talking about a time he was on day 4 or 5 of a 50-day solo expedition – this guy legit goes out there with a tent and a stove and assorted gear and no one else — and he lost his iPod. (His white iPod, in the snow and ice, the irony of which was not lost on him). It meant that for 45 days then — if he was to continue — he was alone with his thoughts. No podcasts, no music, etc. This was disheartening and he had to park himself for a bit to work through a mental impasse; he ended up using his satellite phone to call a friend who in turn talked him through how to deal. Then he continued, for the remaining 45 days, with only his thoughts. As he put it: he started by putting one foot in front of the other, for a thousand feet, and just kept doing that.

I will not even pretend that anything I do in life is that hard. There’s not a chance. I can still take a lesson from it.

If you are at this moment a corporate worker bee of some sort, you are watching very likely as coworkers get Reduced in Force, as the job market dries up, as we are increasingly asked to do more with less in the name of Efficiency and Cost Savings. AI, whilst somewhat useful for the basics, hasn’t (yet, knock wood) really replaced human capability (barring the impression it has from some CEO’s). The more load you pile into a machine — think of increasing the number of pages you put through a shredder each time — the more bogged down it gets, the less productive it is, or feels.

It’s review season again where I work, meaning that each person sets aside a nominal period of time (some do this in 20 minutes, some do this over agonizing hours) to identify their *impact* over the last 6-ish months. Not delivery.

You can have a lot of delivery with little impact. If you ship a bunch of code and no one uses it, you had a lot of delivery, and not much impact. If you write a lot of docs and no one reads them, ditto. You can mop the floor six times a day 7 days a week but if no one is walking on it there’s not much impact. I’m not even going to pretend that this is in the sole control of the worker bee: oftentimes we are directed to Do the Thing and if your boss tells you to Do the Thing you Do the Thing because capitalism and rent and groceries.

Whereas you can *feel* like you’ve delivered relatively little but had serious impact. It’s a bit of “proving a negative” but if you are beating your head against a wall with a project and making only the slightest headway, *but still making headway*, that can be impact – because you’ve either found a way to NOT do it again (hey, document that so others can learn) or you’ve blazed the trail and figured out how it was supposed to go, so others can find it easier (and hey document that too). *Someone* had to do it first, and it wasn’t going to be easy. It’s also not what we normally think of when we think impact.

Dollars. Views. Customers. Reduced time to X. We tend to think about impact in objective numbers and quantitative measurement. There is also room for qualitative feedback and the value of pivoting. There is value in slogging through things but, and I want this to be copiously clear, there is no value in slog for slog’s sake, and having to repeat a slog. If you’re the first one to explore and slog, share that out so it’s less of a slog. If you find yourself slogging through the exact same stuff with the exact same people, it’s time to convert that into impact – pull back/up/out and figure out how to break the cycle (if you can).

I am equally not going to pretend that it’s that simple – there are and will be situations in which you’re told to do the thing because you were told to do the thing, in spite of objective evidence that there’s a better/different/impactful way. The best you can hope for there is a workplace that apparently rewards delivery, vs. impact. If you’re very very lucky, you have an environment, resources, and work community that lends itself to impact over delivery.

And in the meantime, you put one foot in front of the other for the next thousand feet.

Burner

BobbieLeave a comment

I recently had the opportunity to travel internationally, and to test a few things. Namely, using a “burner” phone.

To be super clear: it is very hard to do this perfectly and I did not do it perfectly. We’ll discuss some hypotheticals further down, but I felt the need to start with that. This was a test, it was only a test, and it went pretty much how one could expect it to.

Why

There’s a lot of discourse in the media about phone confiscation, personal privacy, etc.; this shows up in articles hearing about journalists being issued “burner phones” or the advice to acquire one yourself before international travel. I wanted to see firstly how that would work and secondly, frankly, if I would actually need it. I am not the target demographic for the sort of privacy harassment (yet?) that would require a burner phone (I am not a journalist and I hold no real position of power) so the likelihood I was going to have to hand over my phone to a Cellebrite was small, but not zero. How painful, then, would a burner phone experience be?

Who

This phone was just for me, in my private travel, to talk with about ten people in two countries. The number, once acquired (see “How”), was shared with those people via What’s App and/or Signal. The phone wasn’t used by anyone else during this period.

When

The actual phone was acquired about 3 weeks before my trip which, with life being as busy as it is, did not leave me much time to set up the necessary infrastructure. The plan was to have it set up pre-trip, test it a bit, and then evaluate it for the trip.

How

There are the “right” ways to do this for “ultimate privacy” (and I put that in scare quotes for a reason) and then there are the “okay” ways to do this for like 80% of scenarios, and I went with that one. Firstly, you have to acquire a phone. You could, for example, revive an old one of yours or a family members’, or purchase one off of Swappa. I did the former, but for “perfect” you would ideally do a cash deal off-record for someone else’s phone. Once you have the phone, you need to install a phone plan. You could, in theory, get a prepaid phone plan through a different carrier and in some cases they don’t actually require an ID (as long as you’re paying with cash and/or a prepaid Visa card) but note that everything, on some level, is traceable. There’s cameras at the phone store, there’s call recording for the wireless provider, etc. I didn’t bother with that, I just added it to my current plan.

I will note here that adding a phone to your plan immediately gives it some tether to you. The phone, when added to my plan, got “my name”, and anyone with a warrant, or really good phishing, could probably divine that this “Bobbie Conti” on the phone plan is related to that “Bobbie Conti” on the phone plan. They can also then probably get that other phone number, and my address, which in turn means they would know already quite a bit about me. BUT, the *phone itself* doesn’t impart all of that – in order to get there you need to do that “hop” and either that warrant or phish. Moving on…

If you have an Apple phone – and for security reasons I prefer them – you are best placed to get an iCloud account, so you can load apps and suchlike. For that, you need at least an email address. For a Google email address, they like it if you have a backup email and a phone number for 2FA. So the phone comes first, but where do you get the 2nd email address? Proton mail. Armed with my new Proton mail, and then my phone number, I got a Gmail account and wired that all up to the Burner. Great! I now have a phone, with the ability to load apps, text, etc., that on the surface level isn’t “me”.

A really, really driven person would have gone to a public forum of some kind (e.g., Best Buy when busy and using their demo machines) and used their computer to set up the Proton Mail account, then gone to a second one several miles away to set up the Gmail account, and so forth. I did none of that, but I did use a VPN on the machine that I set them up with. That said, Google almost certainly was able to figure out it’s me, since the machine I logged into was the same machine I use my personal Gmail (note: my gmail is my spam hole and I do not use it for anything important).

From here I did some final tweaking and followed some basic principles:

  • I removed location services from all the things – including even weather.
  • I deleted a bunch of apps I did not need.
  • I installed Signal. Yes, What’s App was on there, too, but if one has to choose one chooses Signal.
  • I did NOT load up any other accounts (emails, etc.), and absolutely did not tether any cards/payment forms to the phone.
  • I brought my own chargers, charging cables, etc. and never hooked up to public USB, nor to any bluetooth.

This left me with a phone I could use to search the internet (Duck Duck Go for the win), send texts/Signals/WhatsApps, and… that’s about it.

A truly driven person would probably purchase, with cash, some Visa gift cards, load those up in the “wallet”, would add in one or more VPN’s, and would almost certainly have not used What’s App. I know what they say about What’s App being private. However, What’s App *can* read your texts if a recipient requests them to, e.g., if you’re getting reported for fraud or abuse. If they can do that under that circumstance, they can certainly do it under others. Additionally, What’s App shares data with other Meta products, so if you are traveling with others who use those, the proximity tracking (and more if those folks are your friends and taking pictures in which you may be, *tagged or otherwise*), it’s not much for them to figure it out.

What

What happened was an exercise in frustration for me, and not much else.

Not having access to “tap to pay”, location services (hello maps!), etc. meant for a substandard experience to the one I could have had, had I had my phone. Instead I relied on others and/or visual directions, and physically pulling out my card to tap it. It also meant I wasn’t getting health tracking benefits, etc. If I had been on a trip by myself and not with friends, the maps/location piece would have absolutely driven me nuts.

The phone itself received generic text message phishing (in this case offering a job), allowed me to text the group I was in, and that was about it. There was no case in which it was compromised, invaded, etc., and there was no indication that someone or thing actually cared about it (other than me). It’s hard to prove a negative, and as I said earlier, I’m not that important :).

The final curiosity was to see if it were to get plugged into the aforementioned Cellebrite on the return trip and… it wasn’t. Not a hint of it. In theory, an Apple phone equipped with Signal and not voluntarily unlocked is fairly “protected” (thus far) from Cellebrite forensics but nothing lasts forever and I would imagine that Cellebrite, having preemptively declared victory in the past only to have to walk back their words would, in future, not advertise a capability until proven. Still, the plan had been to see if any of the account information stored on the phone (with the new emails, etc.) were to show up elsewhere post-plug-in.

Addenda

You could fit the “what ifs” and caveats in this scenario into a small football stadium.

If the concern is a government acquiring the data to do things with it (whatever one might imagine those things to be) then it should be noted that so much of our data is available to JUST ANYONE at any time it’s scary. With a first name and last name, you can search court records, find addresses, see property tax records, etc. With a social security number (which, erm, the gov’t gives you), you can run a credit report, know where someone is banked, and (if again you are said government) know their income and income streams. The things the government would need a warrant (purportedly) for would be specific financial transaction information, and possibly what calls were made at what time and to whom and for how long. If one is to believe the news of the early oughts, the NSA is already listening in anyway. What is left, then, is texts to/from the device itself, the contents of which you have and the person to which you texted have; and either can be forced via warrant.

The other concern is non-government entities or government entities that are not your own and, in my case, again, I’m not that important :). I would imagine the same holes in the process apply to those, if not more. I also generally ascribe to the notion one should not say out loud anything one is not willing to defend in court or another public forum.

The core scenario in which we hear about burner phones (e.g., journalists) are different from mine – I don’t imagine journalists using tap to pay from a burner phone in the middle of a war zone and I don’t imagine foreign officials using said burner phone to send sensitive messages (or if so I imagine some sort of Mission Impossible self-destruct smoke thing happening). For their sakes I hope it works, but my own scenario is nothing so dire.

One should remember the name here, too: a burner phone is so named because when it ceases to be useful and/or is compromised, you burn it; the real purpose of a burner is to get a message from point A to point B and then discard it, hopefully with no traceability back to your thumbs.

You can donate to Signal here.

You can donate to Reporters without Borders here.

And by extension…

BobbieLeave a comment

I’m tired. It’s mostly a good tired, like the tired you get after a long but positive (either in productivity or just vibes) day. It has the same quality as the soreness you get from working out really hard, not the soreness you get from twisting an ankle or (as time marches on) that appears to show up from nowhere. (My brother and I once had a conversation on “aging” as he is junior and so I try to keep him abreast of what is up next. I told him that after 45, it’s not so much “what’s going to hurt today”, as “what all is going to hurt today, and for how long”.)

I spent my middle and high school years daydreaming, and didn’t quite get my act together until the last year, really. The interesting thing there is that last year was absolutely STACKED with stuff– unlike previous years, I participated in after school activities (to the extent that I could). I took at least one honors class. I had a fully stacked babysitting calendar plus at least one job. I learned to scuba dive. I had a bunch of things piled on in a very short period with very real deadlines and it weirdly felt like the more I piled on the more I could do; if there wasn’t a lot to do then I just kinda fell back and daydreamed and read a lot. (Note to self: if you have or are a person who likes to retreat in fiction books to the possible detriment of their schoolwork, having 2000 books *in the house* by authors like Michener, Asimov, Niven, Heinlein, Herriot, etc. are going to get you more of that behavior). I don’t regret it (much).

This extended into college, coupled with the realization that the major I picked and the reality of the world were two different things. Keep in mind this was before the internet, and before you could access information with a few clicks: the understanding of what a science degree was, what it would actually get you, and what the process actually was to get somewhere, didn’t arrive until I got into UW and realized: no one was going to hand me a bunch of money and a boat to go study sharks. Or at least, not any time soon. That path was going to entail a Master’s Degree, and probably a Doctorate, and I was already not having a good time at school. I was working three jobs (all part time, I wasn’t crazy) but I wasn’t really attending to my schoolwork. I graduated and took the first employment that had a reasonable wage so I could eat and pay rent.

Fast forward some years (okay about 10 years) and I found myself a single parent with a “career”. It just sort of happened – I mean, yes, I went back to school for some stuff and yes I cajoled and pleaded and got job transfers and tried really hard – but I didn’t do anything like the LinkedIn signaling/go do networking type stuff one does today. This was nearly 20 years ago. I just kept reaching out for things that looked interesting enough, and that would pay me.

In that time I’ve continued the pattern of piling on things when it didn’t look like there was “enough”. Before I was a mom there was always a side hustle (in the late 90’s and early 2000’s, you could make some cash if you knew VBA and could get PowerPoint to do things it does easily now, like embed videos; you could also build websites. Most folks of my generation remembers a time when “everybody was a web designer”). After I became a mom there was always something too: PTA, library trips, sports, Boy Scouts, etc. As the offspring grew and became more independent, and I started having more “free” time, I would toss in other things: helping out a local nonprofit, running food drives, taking on extra work from actual work, etc. I felt better when there was lots to do, and a variety of it.

One time I was changing companies and took a week off between the two. This gave me something unusual in and of that I literally had *no job* for that week and so in preparation for that week I made a longish list in One Note of all the things I was going to do that week. But because it was in a list, and I saw the list, the bulk of that list was done before the week ever came. (Don’t fret tho: I replenished the list). That was when I first clued into the fact that *something* was driving me to Do Things and that I couldn’t “just sit still”. I mean, I had had friends point this out before – a meeting in Montreal where I was constantly making lists and bouncing my knee and my friend looked at me and said, “you can’t sit still, can you?” (she said it *really nicely*; it was more of an observation than an accusation) – but it’s different when you realize that it’s *true*.

I have this fantasy of having a “do nothing weekend” – where I do nothing. No housework, no obligations, certainly no work. Every time I block the calendar for this, and I tell the Husband person, and we vow this will happen for real this time; and every time something comes up. Usually because I thought “well it’s just one thing”. I signed up for a knitting class (I finally have the finger dexterity to knit in the round! It only took fifteen years), I go out and deadhead the garden, well and I can’t *not* lift, etc. I get to Sunday and look back at a “do nothing weekend” in which I have indeed done something — usually many somethings — and I am tired. Yet here I sit, looking at my calendar for the week, the month, and the year — thinking “oh I can squeeze in more. I wonder if XYZ needs help? Or maybe I should plan out ABC?”

There is a part of my brain that is constantly looking for things to do and wanting the reassurance of relevance and purpose. It chooses to jam stuff into the “schedule” in a Tetris-like fashion, because it knows that if it does not and if I do not have enough to do, Things Will Not Go Well. I don’t know why it thinks that since it has been thirty years since I’ve neglected my schooling, and I don’t think I’ve dropped too many balls since then; it just thinks “more is better” and piles it in. I think there’s also a quality of “if I fill every day with lots to do of a positive and/or productive nature, I don’t have to think about the really awful things in the world” and I’m not sure that’s a bad thing. Thus far the only negative impact of this approach has been the occasional overextension, and the occasional crash that comes after fixing that. It doesn’t happen often enough to make me stop, apparently. I’m not typically over-extended, just… extended.

Privacy

BobbieLeave a comment

Firstly, and this is super depressing to write, understand that you will never be 100% private, and that privacy is also a never ending game. Everything we do online has an electronic trail that leads back to us and relies on the infrastructure of the entities we interact with to keep us private. In most cases – and especially when we are using “free” services – *we* are the product.

DeleteMe

Deleteme is a service you pay for that identifies how much of your personal information is out there for use/abuse, and helps you remove it: search engine results, data brokers (these are the companies that purchase from like Facebook and Amazon all kinds of data about you, and then they marry it up with other data they’ve gathered), and things like public records (e.g., why you can search someone’s name and see them on White Pages, Spokeo, etc.).  Remember the old days when White Pages was a physical book and you picked up your rotary phone to call them to tell them to remove you from the book (okay maybe you don’t but I do)? Those days are gone, and now every site has a different process. Using a service like Deleteme can help streamline that.

That said, there are places where you may want to share information, but only to people you know and like. This could be on Facebook, LinkedIn, whatever. Deleteme won’t delete from what you’ve specified there, and so there are some things you will want to do to make sure that your information only is visible to the people you want to see it.

Social Media

Meta (Facebook, Instagram, Threads)

On Facebook, go to the top right screen, click your avatar, go to Privacy Settings, and there’s a whole menu of things you can do. Here are some recommendations:

  • Identify who can see your profile information (things like your email, birthday, city, who can see your friends, who can see your people and pages, who can see your posts/stories, limiting your past posts, etc.
  • Most of these rely on a curated friend group and someone knowing you’re on Facebook and sending you an invite that you must accept (or direct) before they can see your stuff.
  • The levels are typically: Only Me, Friends, Public, or a curated group

You should then update your Ad topics in account center: this is who gets to advertise to you and what they get for it. Go to “Ad Preferences”, “Manage Info”, which will tell you how your data is used for advertising.

Finally – there is a section where you can view and manage your activities on Meta products. Note that it will have your activities across all Meta products (Facebook, Instagram, Threads) and will give you an idea of what all they track. And if you continue reading, there’s the FBP browser extension that can curb even more.

Instagram and Threads have similar experiences – go to your profile and there is a section that links to your privacy. Remember that unique identifiers are best for people who are trying to invade your privacy: usernames, emails, etc. Keep your email(s) private, and usernames unique, if you want to make it harder (never impossible) for someone to find you.

X/Twitter

X (fka Twitter) has a Privacy & Security section in which you can control your visibility, your post visibility, people’s access to your DM’s, etc.

LinkedIn

Much as with Facebook, on LinkedIn you can lock down to just your network of chosen people, make it so you don’t show up in search results (or only show up for a certain level of “connectedness”, e.g., if you and I know the same person I can see you, but if I know someone who knows someone who knows you, I can’t). You can also specify how LinkedIn uses your data. 

Reddit

One of the very first things that Reddit will tell you in their Privacy Policy is that they are a public platform. Anyone can see your profiles, posts, and comments, meaning that a person with a lot of spare time and access to their API’s could sieve through your post history and look for context clues of who you are (because your username can be blissfully anonymized, like “TigerPanda640” or suchlike. 

Microsoft

Your Microsoft account is likely also tied to your Xbox account or other products, and much as with other providers and platforms you can control some things.

In the Settings & Privacy tab of your Account Overview, and walk through the Privacy “Make sure you’re safe and secure” guide. It will also link you to the different Microsoft product structures (e.g., Xbox, Teams, etc.)

NOTE: much as with Reddit, Xbox handles are public, and so you would want to have a handle that isn’t easily identifiable as you. 

Most Microsoft data visibility is within your organization (so at work, people can see your work email information; at home, only you can see your email information (or your family if you have a family account)). It’s not like there’s a forum in which that information would be scrapable by simple search; for someone to get ahold of this there would have to be an actual security breach of some kind. For that, see “Security” to avoid the impact there.

Apple

Apple is KNOWN for its privacy and security, and much like Microsoft there isn’t a way for someone to get your information *from* Apple unless you shared it out or unless they’ve been breached. Much as with all these other entities, go to your profile, and adjust any privacy/security settings as appropriate.

Google

There are two places to lock down your Google information: one is locking it down from Google (managing your ad settings and activity controls) and the other is locking down your account information (and who can see it, including in product reviews and endorsements. To address that, go to your account, go to Personal Info, and under “choose what others see” select “Go to About Me”. You can see your visibility per information item there and make it private or visible to anyone.

Useful Apps are Useful, but…

Yelp. Open Table, DoorDash. Lyft. Instacart. Any application on your phone that requires you to log in, is getting some kind of data about you and has an account for you. (Even if it doesn’t require a login, that app likely has information about your phone, location, etc. it can get as part of existing on your phone). In your account settings you should be able to update how much is visible to someone (either at the company or as part of an advertiser). 

Other Websites

There will be sites you *want* your image on – a local foundation, board service, etc. – that you cannot lock down (because that would defeat the purpose of visibility). For these, there are a few things you can do, though it would be hard to enforce:

  • Use a unique picture. In the old days someone could take a picture, reverse image search, and find everywhere else that picture is used, to draw a connection to different places a person works/does work. (They can still do this). However, with AI, they could now use that picture to extrapolate similar other pictures so the picture no longer has to be exact to trace you. 
  • See if the information can be behind a log in (e.g., if it’s board information, require membership to log in)
  • Use an avatar instead of a picture (this… can feel unprofessional)
  • Use abbreviations of names (e.g., B. Conti or Bobbie C) – small roadblocks can be useful. 
  • Do not have emails useable on a website. E.g., instead of bobbie.conti@gmail.com, which can be picked up and read by a scraping machine (and useful for creating a spam attack), you can list it as bobbie.conti, on gmail.
  • Website owners can make things a little easier by requiring verification of humanity and actual enrollment for newsletters – e.g., when someone “signs up” for their newsletter, they should send a confirmation request/update to the email address *before* actually signing them into the email service. I love websites that do this because it makes it harder for people to use them in spam attacks.

Nom Nom Nom on your Data: Cookies

Cookies are little trackers that websites drop onto your local machine. If you log in to a website on your PC, and then on your phone, it’s dropped cookies in both places as relates to your log in (if you had one) or any number of other log ins (if they’re affiliated with say, Facebook). This means that when you go back to the site six days later, it can go to your cookies file and read all of the cookies in that file: and it will know things like what other sites you’ve been to, what you looked at, etc.

“Cookies” and your “cookie hygiene” are what comes into play when you go to a website and it gives you that “Accept All”, “Reject All”, and then typically a setting where you can “pick”.  The options are typically:

  • Functional – these you typically cannot opt out of, and they will help convey information to the site owner about issues with their site, performance, etc.
  • Experiential – these are things they track like your preferred products, pages, etc. 
  • Advertising/Marketing  – these are things like tracking what specific things you looked at and marrying it up with other data to either infer what you would like (target advertising to you) or to have other sites use (so they can target advertising to you). 

You can, for example, reject all cookies out of hand. You can also go through and clean out “cookie deposits” on your machines. Because cookies are dropped and used by a browser, the instructions on how to remove them are browser specific:

  • Edge
    • Go to Settings, Privacy, Clear Browsing Data, click Control and Shift and Delete at the same time. 
  • Safari
    • Go to Settings & Preferences, go to your Privacy tab, click Manage Website Data or Clear History and Website Data, select Remove All (or pick which sites), and click Remove Now or Delete to Confirm.
    • You can also select to block all cookies, and prevent cross-site tracking.
  • Chrome
    • On Chrome, at top right, click More (with the vertical 3 dots), and select Delete Browsing Data. Choose a time range (last hour, all time etc.) and specify which information you want to remove. 
    • Click Delete Data.
  • Duck Duck Go
    • Duck Duck Go doesn’t store cookies and cache.
  • FireFox
    • Click on the menu button (the three horizontal lines), select Preferences or Options, go to the Privacy and Security panel, in the Cookies and Site Data section, click “Clear Data”. You can elect to clear cookies, site data, or both.

Shields Up or Shields Breached: Browser Extensions

Browser extensions can help or hurt, depending on which browsers and which extensions. A Browser extension is software that will extend the functionality of your browser: it is supposed to add helpful things. These are things like password managers, social media tools, and ad blockers.

Helpful Extensions

  •  Fluff Busting Purity – this will remove Facebook’s ability to track you and spam you with ads. It hides sponsored posts, suggested posts, newsfeed posts from unknown authors, allows you to give it specific phrases for topics to avoid, etc.
  • Ghostery is a web privacy extension that blocks trackers, ads, and can opt you out of automatic cookie dumping (aka “never consent”)
  • Bitwarden has a browser extension for ease of access to your vault.

Generally speaking, most beneficial/altruistic extensions operate on donations (e.g., FB Purity and Ghostery do), and so it’s nice to slide a few dollars their way (if you can).

Private Messaging

There are a variety of messenger services out there, including iMessage (which comes with an iphone), regular SMS texting, WhatsApp, and Signal. WhatsApp and Signal offer double-ended encryption, meaning that, in theory, there is encryption on your device and encryption on the recipient’s device, and the intermediary (the messenging service) cannot access or decrypt your messages (they’d have to have access to both phones). That said, there is evidence that WhatsApp has a “back door” – the recipient of any message can flag it, and once that message is flagged it is copied and sent to Facebook/Meta for review. This means that there is nothing stopping WhatsApp from “self flagging” a message for perusal).

Instead, I advocate Signal. Signal is end to end encrypted, there is no evidence of a back door, and Signal has stated *in court* that it has no way of decrypting messages (nor will it build a back door to support that). Signal is also supported via donation.

App Hygiene

When you download an app to your phone, especially an iPhone, it runs you through a bunch of questions and may include Terms and Conditions. The biggest things it will ask you, though is:

  • Is it allowed access to your camera and microphone?
  • Is it allowed access to your photo library?
  • Is it allowed access to your contacts?
  • Is it allowed access to your location?

iPhones

Each of the privacy settings above are available in the individual app menu: go to Settings, scroll down to Apps, select which app you’re interested in.

You can: 

  • Set location usage to “always”, “while using”, and “never” (and if an app is using your location it will have the little location arrow showing purple or outlined). Some also have “Ask next time or when I share”.
  • Set access to photos (None, limited access (where you select which ones), Full access)
  • Microphone and Camera are typically toggles.
  • Contacts offer None, Limited (select users), Full access.

Android

To review the privacy settings on an Android Phone, go to Settings, App, the specific app, and then Permissions. Mostly you can toggle between allow and don’t allow. 

Sniff Sniff

Let’s say you’ve done the above – you’ve locked down your socials, you’ve used deleteme – the barn doors are closed! Except there’s a window, and that window is you out in the world with your computer – let’s close that window.

  • “Free Wifi” isn’t free, and it could be problematic. When you use your machine to connect to free wifi, you are giving up some measure of information about your machine and also what you are doing – they can get your IP address/MAC address (basically, they have an identifier for that machine/you), they can see what sites you go to (yes even in incognito mode), etc. They don’t see your passwords, but they would be able to infer from the collection of data over time (and marrying it up with that broker data) who you are and what you do and where you go. 
  • Use a VPN on your machines if you’re in public – yes, this is a pain and yes, you have to pay for it. A good one is Nord VPN. This establishes a secure network and so while you would be able to join the “free” wifi, the sharing of your IP address, visibility into what sites you go to, etc. is gone. 
  • Do not plug into public USB ports to charge your phones or any device. Instead, get a USB Condom (yes it’s called that). A USB condom looks like a little USB “bridge” that has one end you stick YOUR USB into, and the other end you stick into the “free” power port.  USB condoms work by shorting the data pins and only allowing the power pins to work on a USB connection.

Doxing

Doxing is rooted in the phrase “dox” which in turn is a bastardization of “docs” which is essentially the idea that someone has all your docs/documentation. In practical terms, if someone says they have been “doxed” or “doxxed”, or will “dox” you, what they are doing/have done is assembled enough information about you that they can blab to the world that User123 is in fact Princess Buttercup who lives at 642 Florin Way, Fire Swamp, Guilder, Fantasyland, and her phone number is 555-867-5309 and her IP is (insert rando ip address here). Someone “doxing” you means they know where you are and who you are and can publish that information, and it is an actual threat to your safety.

Here’s the thing to understand about doxing:

  1. Some people can actually do it, 
  2. Most people threaten to do it but don’t actually do it,
  3. Once you have been doxed it is very hard to get private again.

If you have set your stuff to private, used pseudonyms where you can, avoided posting anything publicly, used deleteme, etc. etc., it should be very hard to dox you. Doxing takes a lot of effort for a hobbyist and practically none for a hacker, but most hackers do not want to dox you they just want your money – so lock down your passwords and use at least 2 factor authentication on your bank accounts and rotate your credentials regularly.

Avoiding Doxxing

The person who wants to dox you on a public forum is a sad pathetic cretin who has nothing better to do in their life than make other people miserable because then maybe they can feel something. Doxers get off on the power trip of “I know who you are” and so there are two ways to combat this:

  • Yea, and??
    • This method (the it’s okay if you know who I am) is only good if you are reasonably sure of your physical security and circumstances – if you are living off the grid in remote Montana and surrounded by security cameras and a moat with sharks with laser beams attached to their heads, well, then that works just fine.
      • Alternatively, if you’re reasonably sure that someone would not have a real-world grudge against you then the likelihood that anyone would do anything with that data is small. But. That relies on rational actors, and we have precious few of those these days.
      • This is not “Come at me, Bro”. This is “all of the information you have/had is publicly available anyway and I am reasonably sure of my physical security”.
  • Locking down your stuff to make it hard.
    • See all of the stuff above. Use pseudonyms, don’t share your email address (or have a “spamhole” email address – I use my gmail for this – and then a separate one that is your “real people use this” and maybe a third for “this is my banking stuff email”), post privately, curate your audience.
    • Do Not Engage with Trolls.
      • Don’t get into online pissing contests in forums with people who are clearly escalating and/or not hearing it.
      • Leave the Chat

If you have been Doxed or are Threatened with Doxing

First, Don’t panic. Panic will not serve you now… force that panic down, get a cold glass of water, and if it helps to think about you leaping into action to help a friend, then do that. 

  • Document – screenshot the discourse, save emails, identify what was said, who said it, their username/handle, any identifying information you have about them, what they did or did not say they had done or would do, and how much information they have disclosed already.
  • Go back and clean your stuff – if you missed something or if there is any indication of where they got that information from, go back and see if you can further lock it down.
    • If you can, it will prevent others from using it.
    • If you can’t, it’s something to inform the site owners in terms of a privacy/ security hole.
  • Report the incident to whichever platform the doxing occurred on (e.g., if on Reddit someone says they’re going to dox you, report it to Reddit) and occurred from (e.g., if that Redditor says they found your info on Facebook, also report it to Facebook). Keep copies of your reports, date and time sent, and any replies you get.
  • Call in the law. Depending on the nature of the doxing you may want to involve your local police, sheriff, and or the FBI.  This has twofold purpose: one, is you may need their help for this (especially if this includes any sort of physical threat), but secondly, a popular pastime of some doxers is to “swat” your house (this is where they anonymously call in an incident at your house and the SWAT team shows up earnestly; if you’ve been doxed and you let them know you’ve been doxed they will be prepared to address it.
  • Get legal help. Doxing is also a form of harassment, and because it can lead to physical consequences (Even if the person *doing the doxing* wasn’t the one threatening physical harm – usually there’s one troll to share the information and one or more trolls to do something with that information), you want legal help in pursuing the doxer (if you can).

Other Things to Think About

How People Can Find You

  • Do you have a personalized plate? Does your car have lots of identifying stickers (e.g., “proud parent of a child at XYZ School”)
  • Do you have a blog?
  • Do you have a business *in your name*? Registered to your home address?
  • Are you prominently featured on one or more public websites?
  • Do you own property in your name (most public assessor’s sites are linked from Zillow, for example, and so addresses can be “backed in” to people’s names).
  • Google yourself. You’d be surprised. I’m on a registry for my son’s high school PTA from four years ago.
  • If you share photos, understand that every photo is by default encoded with metadata about where and when it was taken. That metadata can travel with the photo: in your iPhone, select any photo, and then slowly scroll up while touching the photo: you will see the date, time, what camera took it, what size the photo was, and so forth. If you share a photo, you’re going to share that metadata too. You can strip it from the photo before sharing it, and you can set your photo app on your phone to not include information like location data.

Perspective

You may find yourself – as I do, writing this – trying to do the risk assessment on privacy. After all, I have a personalized plate, I have property in my name, all of my social media handles (with the exception of Reddit and Xbox) are essentially my name and I have 15 years of blogging under my name with a personalized domain. Detaching myself from all of that would be a huge pain if not impossible. There are still things I do though: I secure my stuff, have a spamhole email, use Bitwarden, use USB condoms, etc. If a hacker is going to read through 15 years of posting history to glean information about me what they will find is that I am too hung up on work, I’m neurotic, I have an internet addiction that is useful, and occasionally I “enjoy” testing my physical capabilities. 

Risk has three elements:

  • What could go wrong?
  • How bad would it be if it did?
  • How likely is it to happen?

(Benefit also has the same calculation and so to illustrate that I will use a positive example):

  • What could go right? I could win the lottery.
  • How good would it be if I did? Pretty darned good!
  • How likely is it to happen? Extremely unlikely as I don’t often buy tickets.

Therefore, preparing for a lottery win, while it sounds like a fun distraction, is probably not useful.

Now the less fun side:

  • What could go wrong? I could get doxed on Reddit.
  • How bad would it be if it did? Not sure. Most of what I’ve posted are comments about sewing techniques or gardening. But they could find my reddit handle and attribute it to me, and maybe have my name and address and personal email to share. That said:
    • My address is already available by a property records search and/or white pages.I have four emails (active, two dormant) and depending on which one they share I make that one the spam hole one (if it isn’t already) and have to spend a tedious afternoon rewiring things.
    • If they show up at my house (or threaten to show up at my house) things would be problematic and for that I would engage law enforcement and probably an attorney.
  • How likely is it to happen? Also not sure. Most of what I post is banal, but I am associated with things that would make a certain factor in our society upset (love that for them), and so… I don’t know. I’m a mere Board Member, but one cannot plumb the depths of stupid mixed with malice. So to address a *potential* likelihood, I do some of the prudent things.

There is no foolproof way to avoid privacy/security/doxing issues, but there are steps you can take. 

DMV Beige

BobbieLeave a comment

I want you to imagine a color, a very specific color, that I think most US-based folks would recognize and it may have an international bent (I haven’t been to the motor vehicle licensing offices in other countries). This color is that sad, slightly icky beige color reminiscent of the transitional period of the 70’s to the 80’s where not everything was yet Duran Duran and you still had smokey glass tumblers and “non-smoking” sections in restaurants were new. It’s the kind of beige with no redeeming qualities- it’s not Indiana Jones Adventuring Beige, it’s not Tasteful Coat Beige, it’s not even Mid-Century Modern Influencer Revival Beige. This is that Beige of No Redeeming Attraction that can sometimes still be found on the walls of your local DMV (or other underfunded government office).

Yesterday I was feeling very DMV Beige.

I am *not* very good at discussing strong feelings because feelings are not logical, and they don’t follow a predictive pattern. When they happen, I end up having a “retrospective” to try to figure out why they happened. Nevertheless, I have them, they will surface. Yesterday I found myself talking with some good friends at work about feeling “beige” and… they got it. It resonated. A lot of us are feeling “beige”.

Beige isn’t bad, per se. You wouldn’t pick it on purpose, at least not this irredeemable beige. You’ve heard about “beige flags” and such and this is its cousin: the idea that “everything’s fine” but somehow it could be better and/or worse; it’s this liminal, waiting room feeling.

After noodling on this with a fellow engineering friend, we came upon a hypothesis: this feeling is appropriate and also going to happen a lot more. She and I both have A Lot Going On both personally and professionally, and those Lots Going On tend to be of an urgent and complicated nature. There are often fires, emergencies, or confrontations that have to be had to further the product (or to keep it alive). There are translations, meetings, “per my last email”, and “I think you’ll find that…”. This is not limited to our work lives but also to the complications of personal lives as you get to a certain age and stage (family members passing and estates must be settled, the additional attention your health requires as you advance, etc.). We’ve both been underwater on both fronts for so long that now, as we are bobbing on the surface and we see the rescue boat coming, we’re wondering if there’s a shark somewhere.

If you’re conditioned to be hypervigilant and constantly alert for a problem to solve, and no problem (that you can solve) presents itself, then what remains are the problems that exist and that *you cannot solve*. For an engineer, or any “go-doer”, this is problematic. Maybe it’s because you do not have authority to solve the problem, maybe it’s because you do not have the ability or technological understanding to solve the problem, and/or maybe it’s not necessarily *your* problem at all (but someone else’s), and the bias to action drives one part of your brain whilst the other part of your brain screams at it to stop wasting time and energy because surely, surely a You Problem will come along soon and you’ll need your energy for that.

There is no shortage of problems to be aware of and feel inadequate or unable to solve or even subdue them. Which problems those are and how focused or personal they feel are largely determined by where you live and what 24/7 news hysteria cycle you consume. I say “hysteria” not in a dismissive tone – real news is real news – but the objective McNeil Lehr News Hour/ 60 Minutes that I grew up with is gone and replaced with Alternative Facts and non-neutral phrasing like “crushed” and “slammed” and “outrage” and such. Curating the inbound flow is almost a job in and of itself – I mean yes, you can tweak your algorithms and provide feedback to the “machine”, but the machine doesn’t feed off of you feeling happy or even content.

It feeds off of you feeling sad, angry, outraged, or any number of negative emotions. The very *best* you can hope for, on some days, is that all it wants is to feed off you feeling DMV Beige.

Antici…pation

BobbieLeave a comment

Twenty-five years ago (and five days) I was at a gas station in Oceanside, California. It was something like 2pm and this was the era of TV screens in gas pumps being the Hot New Thing. You couldn’t control what was on them and mostly they were set to a news channel. It was December 31, 1999, and the United States was on the precipice of the year 2000. The world was angsty for a variety of reasons, geopolitically, but also for administrative ones: most computing software (including operating systems) had been programmed for a two-year date. So in 1977 or 1986 or what have you, the developers would have the year of the date stored as 77 or 86, respectively. This wasn’t the case with all software but it was the case in enough places that when 99 rolled over to 00 we would have a problem – HG Wells had written the Time Machine but should enough machines and systems decide it was 1900 instead of 2000 all hell would break loose.

Much as with the traveling barge of garbage, this was a wake up call to folks who hadn’t had to think about the dependency on computing and technology. In 1999 there was email, and you could apply for jobs and get your bank statements and purchase things online, but it wasn’t as default as today – many people still got paper statements, it was very common to get regular mail from regular people, and though we were on the verge of the dot-bombs in 2000 online shopping did not as yet compete with brick and mortar.

The reminders were everywhere: Y2K news stories, mail with updates from every OS and software provider about what they would be asking folks to do to update their stuff. Towers (aka “desktops”, so named because it was a tower-shaped box you kept under your desk or in a separate compartment to it, because your monitor most definitely was NOT flat) came with stickers reminding people to turn off their machines by 12/31/1999 just in case. There was both too much, and not enough information about what Could happen, what Should happen, and what Would (probably) happen.

As we know, in the end what happened was Not Much. The thousands of people set forth (if not millions) across the globe as part of their “IT Departments” (or consultants that would come out, for not every business had one), updated software, operating systems, and sometimes hardware, to avoid the potential disaster.

But we didn’t know that then.

There was palpable apprehension as the world rotated towards 2000, many folks took out extra cash, got extra groceries, had paper copies of everything to Prove what they owned/should have. This was juxtaposed with the idea that as a globe we were headed into not just a new century but a new millennium, that the Cold War was still over (and we didn’t have one again yet in the Middle East), and Europe was doing its collective government thing which looked hopeful. The biggest scandal in the US was that our President had gotten a consensual blow job in the Oval Office and repeatedly lied about it.

And so there I was, pumping gas into a 1996 Dodge Neon, watching the TV screen… and it showed Moscow as the clock turned midnight there. There were fireworks, people partying in the streets… but most of all there was power to the buildings, and amidst the celebrations it looked like everything was “normal”. In my head I figured, “if Russia can get through Y2K, so can we”. Remember, the iron curtain had collapsed, and Russia was in a conflation of oligarchic battles and a seriously unstable government.

Here we are 25 years (and some days) later, and we are again on a precipice — or many of them. What is AI going to do, really, in this next century? How are we (the collective we) going to deal with the impacts of climate change (rising sea levels, increased intensity hurricanes, no-snow winters, etc.). How does the world work without polarity of superpowers (it used to be pretty much one or two — and now it’s more than that). We live in a world where we can now vaccinate against some cancers, treat still others successfully; we can 3-d print heart valves and we have mapped the human genome so successfully you can figure out who you’re really related to with a cotton swab and a relatively small financial outlay. We have meat alternatives and organic farming and bitcoin and electric cars.

We also have increased conflicts, questionable ingredients, vaccine hesitancy and/or denial, four or five wars (depending on how you’re counting them vs “armed conflict” — but someone who dies in an armed conflict is just as dead as someone who dies in a war), a craptastic healthcare system (in which we pay more in premiums and personal outlay than we would in taxes to support a nationalized one, and in which drug makers have essentially carte blanche to set their prices (unlike everywhere else in the world)), billionaires publicly calling the shots (instead of in private like the good ol’ days), and a general decrease in civility in society (it is now perfectly acceptable to be an asshole in public apparently).

In 1899, the world was on a precipice, too; they just didn’t quite know it. I mean, sure, new century; but in their heads there was the Big Global Power (hello, England), your food came from your local farms and may get in by train, if you got a severe infection you very likely died (penicillin wouldn’t be around for another 28 years), and two World Wars and a Great Depression were in the next 50 years. The people who went in to New Years on 1900 had had trains and telephones and typewriters and cars, but they didn’t have planes and space shuttles and computing machines. If you had said the United States and China would become superpowers in the coming century, your peers would have thought you were absolutely bonkers. I’m sure that as 1899 rolled to 1900 there was apprehension and agita much as today: those kids were listening to the radio too much or using paper in class instead of a slate (so wasteful!), the prospect of bank runs was fresh (the Great Panic of 1893 had only been seven years prior), the Boxer Rebellion and the Philippine American war were active (apologies this post is very US centric). Those things that they knew about were, historically speaking overshadowed by the things that came — good and bad.

We go into 2025, that “perfect square” of a year, with a mix of hope and dread, exacerbated by a 24/7 news cycle that is fragmented, biased, hysterical, and algorithmically defined. We can posit, speculate, and make educated guesses at what the future holds. We will not know, though, until it is here.

Productive Tedium as Therapy

Bobbie1 Comment

About six or seven months ago some enterprising individual got ahold of my work email, my personal credit card, and did some damage: desiring to hide their purchase of a trip to Cancun, they created a spam bomb attack which flooded my mail with something like 2500 subscriptions.

One of the older “features” of Outlook and the instantiation of it in our company, was that if mail was in your junk folder, you could *not* click on links. That makes sense – phishing is as phishing does. When it’s not phishing and instead is noise, one wants the noise to stop.

Complicating this is that in response to the attack I set my junk folder on the highest threshold – meaning that a good many *real* mails got sent to junk. This has meant, for the last six months, me going into my junk folder several times a day to weed through hundreds of mails to find the pearl that is, for example, my company’s newsletter telling us how we should be all more secure (we’re working on it). It has given me the opportunity to be smug on a few occasions when someone says, “oh check your junk folder it might be in there”, which is nice.

After some resistance I have clicked the little slider on “New Outlook”, which instantiates a whole separate app. While I am disheartened to give up in-mail anchor points and jump links (I assume they want me to use the newsletter function, but I am obstinate), what has happened is we now have the ability to click an “unsubscribe” link from junk without sending the mail first to the inbox. In the last two weeks I have gone from hundreds of junk emails a day to about seven. It’s cathartic.

It’s also very, very tedious. Many of the mails are in a foreign language, so I’ve learned that things like “abstellen” and such are the “opt out”/”unsubscribe”/”stop” links. Edge translate has also been my friend. I’ve equally been fortunate that the bulk of the newsletters I got subscribed to are harmless — products and services from around the world (though there was one that I ended up having to email my manager to let her know what I was doing because I’m pretty sure the site I visited to unsubscribe was NSFW).

So here I am, each early morning, click, unsubscribe, click, unsubscribe, click, unsubscribe, and so on. For low effort “productivity” you can’t beat it. And I need some low-effort productivity right now.

This electronic version of doing a laundry load of towels is helping me avoid the crazed hype machine that is our current media and particularly the media circus around our elections. The ads, the next-minute analysis, the fearmongering, the rage, the hysteria, the 20/20 hindsight, and so forth: the exhausting part of politics is doing its thing, and we will be in it for another four and a half months. Given the last round, we won’t be done after election season, either. “If it bleeds it leads” is a disgusting phrase that turns out to be true and as such we get fed a steady diet of screaming rage.

I have voted in every election (even the teeny local ones) since about 2000. While I appreciate the phrase that “all politics is local” – it isn’t, or not really. The bulk of the politics that directly affect *you now* is/are local. The politics that will directly affect you *and your offspring* are more likely state and federal, and in a country that cannot seem to decide who is in charge (state or fed) it makes for an erratic tug of war.

I click, I unsubscribe, I delete the mail. I click, I unsubscribe, I delete the mail. With this, at least one small part of my world gets a little more orderly.

Hard Boot

BobbieLeave a comment

I am about four hours from a flight to 115-degree temperatures and this is me saying goodbye to my laptop. For now.

  • If I take my laptop, I will be tempted to “just check on a few things”.
  • If I take my laptop, I will get sucked into work stuff, when I am patently out of office.
  • If I take my laptop, I will sabotage this effort to unplug.

I know what happens when I take my laptop. I also know what happens when I do not: I come back more present, refreshed, etc. The lie I tell myself every time I take my laptop is that it’s just so I can be occupied on the plane. Or clear out my email the night before I return. Or “just in case”.

  • I do not work in any field that has 24/7 responsibility that ultimately rests on me alone: there are others who rotate through that responsibility and in this particular case it’s not my turn.
  • I do not work in any field where lives are at stake.
  • I do not work in any field where there is the expectation of total availability even when out of office (with plenty of notice, brandished in automated replies, and signified by a little purple-grey mark in Teams).

Yet every time I try to take time off, I delude myself or sabotage it and have to do things like get on a plane and fly a thousand miles away from my laptop, having disconnected apps from my phone, and, in other words, set some very hard boundaries. I do not have the discipline in this area (I promise I have it in others).

“It’s just going to be a little crazy for the next 6 months, but then it should ease up”, I have said, pretty much every month, for the last 3 years. The crazy will not stop – there will always be surprise meetings, and curveballs, and organizational “pivots”, and People Very Worried About Things, and as long as I am employed in the arena I am employed in, that will not change.

Before I leave for most vacations, I scurry around the house and clean All the Things. All the laundry, all the bathrooms, all the vacuuming, all the dusting, etc. — because I guess Architectural Digest will be dropping by in my absence and it’s Important That Things Are Ready. I do this with work too: I go update my documentation, I leave notes on who to talk to for what, I remind folks, I have recordings, etc.

Not once has my ability to (or failure to) make my bed before a trip helped (or hindered) anything. While I’m certain that folks do read the out of office reply (at least the first line that contains the most critical information: you will not be hearing from me for a bit) are “helped” by it, I’m equally certain that they’d still get unblocked sooner or later because nothing I write in terms of who to go to in my absence is a surprise. All of this frenetic effort before I can unplug is NOT for them, it’s for me. It’s a reassurance that I did everything I could to leave it easier for others because somehow that is how I should think about my time off. Which is weird, if you think about it: the whole point to time off, is to do something for yourself.

So, this is me doing it: farewell, laptop. See you in a few days.

Diamonds and Graphite

BobbieLeave a comment

[Edit: Math]

It’s a time of nontrivial pressure here at my work, as we arrive at the end of one Fiscal Year and on the precipice of another. Like a calendar New Year this invites all sorts of process of evaluation and review and planning, meaning that if you are a front-line manager you are currently juggling the evaluation of your individual team members (both career wise and performance wise, which I would argue are two different things), the evaluation of the team as a whole (did we do the things we said we were going to do and if not why not), the planning for what the team will do in the coming period (as informed by previous), and the budgeting for that plan (which… is a bit more constrained everywhere). Every year we “kid” ourselves that come the new Fiscal Year things will Calm Down because we will have Sorted Out Last Year and we have a Plan For Next Year; and in some cases, that’s legit. In others, it is an invitation to self-delusion.

One analogy I hear a lot is how you can’t make a diamond without pressure. Sure – that is principally correct, if you want those carbons matrixed such that they create a 10 on the hardness scale and you can use them to be effective tools to cut other things (e.g., industrial diamonds) or inspire awe and avarice (e.g., diamond adornment) then rock on: apply your pressure to that carbon. It’s expensive, but the end product is useful, and sometimes pretty.

You know what else is made of pure carbon? Graphite. The stuff in your pencils (whether they be Dixon Ticonderoga or mechanical pencils) is graphite, and it’s *elementally the same* as diamond, it’s just configured differently. If a diamond is matrixed carbon, graphite are cellular sheets of carbon. (You can see diagrammatic and explanatory differences here). While graphite requires pressure too (about 75k lbs/square inch to form), Diamonds require tenfold more pressure.

Diamonds and graphite are measured differently — even the goth diamonds (industrial diamonds) are priced in carats (about 0.20 oz) and graphite is priced in ton (one ton =2000 pounds, 1 pound =16 ounces, so the differential there is 32k). Industrial diamonds can be priced as low as 12 cents per carat (I’m using industrial diamonds here because they produce work, vs other diamonds are for “art”). Graphite is running about $2281 per ton. In terms of value, graphite is then about $1.10 per pound and industrial diamonds are about $1.92, so the price difference is about a fifth of the pressure difference.

You get what you pay for. But what do you want?

You wouldn’t, for example, use an industrial diamond to sort out your notes, to sketch things, to use as a heat sink for your laptop, for use in a battery, to reinforce plastic or to deflect radar; you wouldn’t use graphite to grind or cut things. The pressure exerted produces a fundamentally different material and you use the material differently. The markets are also different: the Industrial Diamond market is projected to be $2.5bn by 2028, Graphite is headed to $25.7bn in the same year.

Which is a link-and-fact-ridden way to say that if you are valuing the pressure for the pressure’s sake then you are not valuing anything at all. You can hone a clump of carbon into a very, very specific tool with very, very specific use cases in a narrow-ish market (again, unless you’re doing it for “art”), or you can use about a tenth of the pressure and get a fundamentally broader application from your toolset.

If the metaphor hasn’t hit you with a carbon-fiber baseball bat yet, here we go: reveling in the volume of pressure applied to personnel for the value that “people work well under pressure” and “you can really see the value people provide when they are under pressure” is a detrimental and flawed approach. If what you want to do is hone that particular person into that particular niche, understand that you are developing a very, very hard matrix in that human that will allow it to go and cut things and grind things but at the expense of its ability to buffer things, to connect things, and to elucidate things. Or if you are asking the human to do both of those things then you will get neither well.

Sure, people are not elements (well technically people are elements, collections of them, but whatever). People have the ability to compartmentalize, to have sentience, to make decisions, and to make choices. Some of us were hardened and pressured and then had things written in our reviews like “bodies in the wake”; it takes a lot of hard work on the person upon whom pressure was applied to de-matrix their carbons and get to those nice flowy sheets (Years. It takes years, trust me).

We should not spend all of our efforts trying to create batches of diamonds alone, and we should identify and appreciate the need for graphite.

Forcing Functions

Bobbie1 Comment

I am staring down a forcing function Then Me put into place for Now Me, and would like to have a talk with Then Me. To be clear: Now Me knows Then Me was right. In just a little over six weeks I need to be able to run 9.3 miles (15k), and I have successfully run recently as far as… 3. Three miles. If you are doing math and saying, “hm… you can make it, but just barely”, you’re right.

This year I turn 50, which is a nice round number. This year also marks the fifteenth anniversary of when I first started running – I was at a birthday party and a friend waited until after the second glass to let me know we were all running in the Seattle Half Marathon (2008). When I told my (then boyfriend) he laughed, which was all the incentive I needed to actually do it. At 50, incentives require a bit more “oomph”. Signing up for events as forcing functions is one of the “oomph” things, reminding myself of the health benefits is another. But oh, it’s hard to wake up when it’s gray and rainy and tell myself I need to go running up my hill (I live on a hill. No matter which way I leave my house, there will be hills to run).

I also have purchased a Smart Scale. The Smart Scale is quite smart – so smart that it talks to my phone, and it talks to My Fitness Pal, and it talks to Apple Health, and it blabs about all of my intransigence, including my lean mass and therefore also my body fat percentage. You’re not supposed to weigh yourself every day, more like once a week. So naturally, I weigh myself every day. In the olden days, I could step on the scale, and if it said you weigh NNN.4, I could say, “well we can just round that down to NNN” and put that manually into my phone. Now… now my scale tells on me, with that blunt matter-of-factness that I know I do to other people sometimes, and now I understand the look they give me when I do that. It’s not that I (or the scale) am/are *wrong*, it’s just that the message could be a little softer.

I do know what I have to do to get the numbers to go in the correct direction, but after a Holiday Season TM stretching from October to early January, it’s hard to convince yourself that cauliflower rice is really that good, and that you shouldn’t have that cookie. Four months of “I’ll take care of it later” have come home to roost.

The problem with all of these forcing functions is they also come with a dollop of potential backfire: at my age (and this is not me pitying being nearly 50, it’s me celebrating it but being honest about some of the constraints of it) you can injure yourself a lot easier by pushing too hard, and having taken a nasty fall a couple of years back I don’t want to do that. I’ve started lifting recently and got lectured by my PT for not stretching adequately (such that standing up “straight” had me pivoted slightly to the left; my left hand was correctly at my side, but my right hand was about 3″ forward). It’s a balancing act, and when you layer on the realities of the current working environment and just being an adult in general there’s a lot of room for failure … and improvement.

And so, I have my forcing functions, and I’m trying to expand them… as long as they’re not too forceful.