Why don’t I just use an IDE for everything?

I have been working on a PowerShell and SQL-heavy project at work for about a week now. To facilitate PowerShell development, I installed and configured Visual Studio Code, which is Microsoft’s Electron-based code editor. I was not a fan of Visual Studio Code (hereafter called, simply, Code), due mainly to its lumbering speed when compared to Sublime Text, and somewhat, too, due to its brutalist design aesthetic.

I must say, after using it for PowerShell development and debugging, that Code has grown on my quite a lot. I can develop, run, and debug PowerShell scripts in an IDE environment, edit Markdown files, and can even run SQL commands against my SQL Server Express instance (though query running is really slow compared to SQL Server Management Studio). There are many, many powerful extensions—way more than I would have expected. Some of them let me do other useful things, like convert delimited files to Excel right in the editor, that just aren’t possible in Sublime Text.

There are some drawbacks, though. RAM use is extremely high—nearly a gig even when there is only one file open—and runs, for me, about ten times as much RAM as Sublime Text uses. Also, it is really slow compared to Sublime Text. Loading even small files takes a few seconds, and I have to wait for syntax highlighting to be applied to the files after they are displayed in the editor for the first time. Still, I am liking it, and am using it, more and more.


I am a big fan of the Zero app, which is a tracker for intermittent fasting. It is free, attractive, and has just enough features to keep me engaged and motivated, and no more.

Currently, my favorite feature is its Apple Watch complication, which fills up a ring (similar to the Activity app’s rings) as you progress through your fasting period. I find that filling that ring every day, and the app’s cheerful notifications every morning, really help motivate me to stop snacking or having an extra meal at night.

The only thing I don’t like about it is that it requires you to set up an account with an email address. While the company behind it does not appear to be abusing my privacy in any way, I would prefer that they didn’t require an account. Perhaps they will adopt Sign in with Apple when it becomes available this fall.

If you are interested in Zero, download it from the iOS App Store.

Ransomware Attacks Are Testing Resolve of Cities Across America

I read this article in the New York Times with interest, because I am an information security auditor by trade, and we have been educating companies and regulators about the dangers of Ransomware for what seems like forever, but has probably only been four of five years now.

The part of the article I found most interesting, because I have worked in and for the insurance industry for the past twenty years, relates to cyberinsurance:

Fearing the worst, cities like Lake City, Fla., have bought cyberinsurance, and an insurer paid most of its ransom this summer. But some experts think that is only worsening the problem. “We see some evidence that there is specific targeting of organizations that have insurance,” said Kimberly Goody, a manager of financial crimes analysis for FireEye, a major cybersecurity firm, which says it has responded to twice as many ransomware attacks this year compared with 2018.

I have two main observations about this section:

First, it is galling that the typical fix for ransomware attacks is to pay the ransom, and rely on the good faith of the bad actor who locked away all the data to actually restore the encrypted data.

Second, that attackers are targeting companies that have done the fiscally responsible thing and obtained cyberinsurance to mitigate their ransomware risks is a perverse form of adverse selection. I am sure the cyberinsurance industry is working out ways to incentivize their customers to reduce their ransomware risks, because that is what insurance companies do, but organizational inertia and lack of funding will make it difficult and time-consuming to succeed.

Ideally, companies and municipalities would keep their systems up to date through regular software packaging and hardware upgrades, and would inventory and back up their data, so that ransomware attacks would be less likely to succeed, and so that data could be restored without paying the ransom. Organizations could also reduce their attack surface in other ways, such as replacing Microsoft Windows with ChromeOS for classes of workers, such as call center workers, whose job functions do not require Microsoft Windows. ChromeOS is less likely to be attacked than Microsoft Windows, and its use would encourage centralized data storage and software, which are easier to keep up-to-date and secure.

Beyond hardware and software upgrades, organizations need to train their employees to recognize social engineering attacks, as that is the number one or two attack vector every year. Having gone through that training every year for many years, and having been tested at random by a program at my company, I have learned that social engineering attacks can be almost impossible to discern from legitimate emails and instant messages. I think that no amount of social engineering training is going to be more than 80% effective at preventing phishing and/or ransomware attacks, but 80% is a good start.

The main reason organizations do not put these controls and practices into place is money. The second is organizational inertia. Both can be solved, but only through additional resources and external pressure. As citizens and as customers, we have to demand that the organizations, both public and private, that we interact with, protect their data and our data sufficiently.

The Keto Diet Is Popular, but Is It Good for You?

As a ketogenic dieter, Anahad O’Connor’s article about ketogenic diets is pretty balanced, but his premise, described in the block quote below, doesn’t hold up to much scrutiny:

Low-carbohydrate diets have fallen in and out of favor since before the days of Atkins. But now an even stricter version of low-carb eating called the ketogenic diet is gaining popular attention, igniting a fierce scientific debate about its potential risks and benefits.

I am grateful that ketogenic diets are being treated seriously enough to be written about in a national newspaper. Unfortunately, the New York Times is trying to teach the controversy, when no such controversy actually exists.

Here are some clarifying points about some of the topics discussed or touched upon in the article, from someone who actually follows a sensible, low calorie, vegetable-rich ketogenic diet:

  1. There is no “Keto diet”. There are a variety of ketogenic diets, all with the common element that they tend to put the body in a state of nutritional ketosis at some point (not all day long unless you fast; primarily while you are sleeping). All these diets involve restricting carbohydrate intake to very low levels, ranging from 0 g to about 50 g per day. They differ in meal composition, meal timing, and what foods are allowed or disallowed. Also, in real life, even people on ketogenic diets will eat a high-carbohydrate treat now and then.
  2. Nutritional ketosis is not the same as ketoacidosis.
  3. Ideally, ketogenic diets involve eating a great deal of high fiber (but low starch) vegetables. Imagine telling your doctor that you eat two huge salads per day, with four ounces of meat on them, one ounce of cheese, and a tablespoon or two of olive-oil-and-vinegar dressing. Doctors have told me that it is hard to eat healthier than that.
  4. Ketogenic diets are”high fat”, on a percentage basis, not necessarily on an absolute basis (as in, grams of fat per day).
  5. Similarly, ketogenic diets are not necessarily higher in meat or dairy consumption that the standard American diet.
  6. I have read many, many abstracts and articles about diet and nutrition studies. Almost every study I have come across demonstrates bias or lack of understanding of what ketogenic diets actually look like (they tend not to restrict carbohydrates in test subjects sufficiently), relies on bad data (epidemiological data, or prior studies’ data, self-reported food logs), or have durations that are too short (you need more than a couple weeks to assess a diet change).
  7. Sometimes the scientists’ own conclusions do not seem to be drawn from from the data they collected. This often evidences itself when the study concludes that, despite outcomes being equal or better for ketogenic diets, there is concern about their heart health due to the amount of fat in their diet.
  8. While you may believe there is insufficient evidence that ketogenic diets are healthy (whatever that means), there is ample evidence that the standard American diet (which I understand has spread to most of the world at this point) is obviously not. It it were, there wouldn’t be an obesity epidemic.
  9. I don’t believe it makes sense to adopt an all-meat, or all-meat-and-cheese, diet. My reasoning: Fermentation of high-fiber vegetable matter in the gut is something humans evolved to do, and, for that reason, it is probably a good idea to continue doing so. I would understand if this argument were made more clearly in the article; instead some scientist’s statement that mistakes “high fiber” foods with high carbohydrate foods (i.e. starchy foods) is there, casting doubt about about the diet in a way that doesn’t make logical sense.
  10. Ketogenic diets are not appropriate for some people, due to underlying medical conditions such as Type I Diabetes. This does not mean that that are not appropriate for anybody.
  11. In the end, we are all n = 1 studies. It doesn’t matter what the science says about a diet’s effect on study participants or on populations, it matters how the diet affects you. Many, many people have success with ketogenic diets that they did not have with low-fat diets or with calorie counting. If low-fat dieting or calories-in-calories-out tracking works for someone, it makes no sense to disparage that person’s diet choices, and almost no one would. Ketogenic diets should be treated the same way.

All in all, the article is 80% of good content with 20% of nonsense thrown in for the sake of balance.

My Hobby: Moving Files Around

I have found that my home server hobby is more a “moving files around” hobby. I have reached this conclusion based on the countless times I have found myself moving files from one place to another.

My FreeNAS media server

I have run FreeNAS on a HP N54L Microserver for over five years. It has been a fantastic server. I bought it, a slightly used review unit, loaded with four 500 GB drives that it would not have normally come with, for a song—less than a new one with no storage drives included. Over the years, I updated the storage (now I have 16 TB total, with 8 TB usable space, set up in a single RAIDZ2 volume), and the RAM (from 8 GB to 16 GB). Over that same time period, 8 TB went from an impressive amount of storage to something a relatively inexpensive single drive could handle.

What those single drives don’t have, however, is redundancy and data integrity features. My little FreeNAS server has that, thanks to the ZFS file system. At several times in my home media streaming career, the external hard drive I used to store my media files died, and I lost all my data. Thankfully, no important personal data, like my photos, was ever lost, but the experience was upsetting enough not to want to repeat any more.

Hard drive failures can happen to anyone, at any time, even if you have a nice server rather than a Raspberry Pi with an external hard drive attached via USB. Less than a year after I upgraded my FreeNAS server’s drives, one of them failed. The FreeNAS server emailed me about the error, and its UI showed that my drive array was operating in a degraded state. I quickly ordered a new drive, swapped it out the next day, and never lost a bit of data. (I returned the failed drive for a free replacement, so now I have a replacement available, in case I ever need it.)

File servers fill up, if you let them

FreeNAS has been stable, reliable, and a joy to use. One thing I have learned from running it, however, is that its file system, ZFS, degrades in performance when a volume (a pool of drives) is more than 80% full. FreeNAS will warn you about this threshold, but I never took it too seriously, because poor performance is mostly an academic concern when all you are doing with a server is transferring a few gigabytes a day. I do like to silence warnings, however, so I normally have to prune my media collection, or move some videos I want to keep, but am unlikely to watch again soon, to external, mostly cold, storage.

Of course, where is that old, external drive with my files on it? I have no idea. So, this week, when my FreeNAS server filled up way over the 80% warning threshold, I decided, rather than continuing to free space by deleting movies and TV series that I didn’t want to delete, to add some more redundant storage to my network, and move the old files there. This decision was mostly based on having some extra hardware lying around, unused. I have a 2 TB, two-bay Seagate NAS, which is a little, Linux-based server with a consumer friendly web UI for administration. Unlike FreeNAS, it is very locked down, and unlike my HP microserver, it has only two drive bays rather than four.

At any rate, I set that up again and started moving some files to it, which sounds simpler than it really is. I am cherry picking files that are less likely to be accessed to the new server, so I have to go through everything I have, to some extent. Because the files either number in the thousands (like music files) or are multiple gigabytes in size (like video files), moving them has been very slow. Because the Seagate NAS’s filesystem (EXT4) is different than the FreeNAS filesystem (ZFS), there are other interesting problems, like file naming rules, that trip up file transfers. Because these are two different UNIX-like systems with different users configured on them, sometimes there are permissions issues that prevent files from being moved, renamed, or deleted.

As cool as it is to stream movies and music throughout my house, making it all work requires, from time to time, a lot of low-level file transfers. It has been taking a lot more time and attention than I would like.

Temporary, by Feathermerchants

I was poking around my iTunes library, found an old album I loved from senior year of high school, by a local Connecticut band called Mr. Right. After some Google searches, I found a copy of a song that was one of my all-time, lost, never-had-it-on-a-proper-CD, never-could-get-it-anywhere songs: “Temporary”. It wasn’t what I expected, however. It was a different arrangement, which was entirely unexpected.

When I first heard “Temporary”, it was a power pop song, recorded by Mr. Right (or maybe just Jim Chapdelaine). Apparently, he dusted the song off almost ten years later to record with his new band, Feathermerchants, and reimagined it as a folk-rock (dare I say, Americana?) ballad, sung by a feather-light soprano.

When I was seventeen, I recorded, with my high school band, an EP weeks before we all left for college. Due to dumb luck (one of our friends grew up next door to a bonafide music producer—and the knew each other), two of our four-song EP was recorded, mixed, and mastered by Jim Chapdelaine, who went on to become a 13-time Emmy winner, among other amazing things. We first met up with him because his band at the time (in 1995), Mr. Right, played a gig at my hometown’s annual fall festival on the green. My friends and I pretty much idolized him for a little while after high school graduation.

Jim played a recording of the original song through his board as we were waiting for something to happen—probably while we were waiting for our gold master CD to be written, at 1/2X speed, in Jim’s basement music studio. The chorus is an ear worm, and I really enjoy the lyric. I remembered it to this day, and hearing it made me feel nostalgic.

Journal 2019-04-07

This weekend was great.

On Saturday, my wife and I took the kids to the Staten Island Zoo. One of my wife’s best friends is the director of education there, and she gave us (my 6-year-old daughter, mostly) a private tour. We all had a great time, and my daughter had an absolute blast. She loved everything about it, and got to touch a bunch of animals (sheet, goats, birds, snakes, lizards, an armadillo, a rabbit, and a chinchilla) that we never through she would touch. (You can’t touch most of these animals unless you’re on a field trip or you know someone who works there.)

On Sunday, my wife and I took the kids to one park in the morning and let them play a long time. My 2-year-old son, of course, only wanted to be pushed on the swing, but my daughter wanted to climb and jump and slide and dig in the same, and so on. We had a blast. I took her to another park in the afternoon, where she played for hours, blew bubbles, and made some little friends.

It was great to be able to watch my kids learn and play all weekend. We didn’t go too far from home, or spend that much money, but we all had a great time together.

My (Former) Hobby: Home Media Streaming

For someone who is, now, only marginally interested in television and movies, I have spent a lot of time and money over the years to make my television watching experience awesome. I used to be really into it, and—unless you had a lot of money to burn—it used to be hard to get it working correctly, which fed into my engineering mindset and led me to tinker with hardware and software frequently, for almost a decade.

I started in 2008 by connecting my 13” white MacBook to my (non-HD) TV via a $30 video adapter. Even though my TV was primitive, picture quality was way better when playing video this way, and I could watch streaming videos directly from the networks’ web sites, like “Lost”, on my real TV for the first time. I loved it. After about a year of this, I got a mini-PC as a Christmas gift, which I started using, with an external hard drive, as a home media server.

For the front end, I bought a set-top box that Western Digital used to sell. The system worked…mostly. Streaming over WiFi was reliable for non-HD (480p) and 720p HD encoded TV shows, but anything with higher resolutions, higher bit rates, or DTS audio would usually be impossible to play.

I was never serious enough to buy an expensive computer to connect to my TV, because I figured, correctly it turns out, that video streaming devices would become cheaper and more capable over time. Of course, during that time, I cycled through a ton of set-top boxes (most of which I got for free as review units): Roku boxes, a couple Roku knock-offs, the Boxee Box, the first Amazon Fire TV, an Amazon Fire TV Stick (which was quickly returned), a couple Raspberry Pis running XMBC (which worked great for TV but stumbled on DTS audio), and eventually a number of Apple TVs (fourth generation).

The reason I went through so many front-ends is that they all had two limitations. First, each one left out at least one of the top video sources: either iTunes, Amazon Prime Video, YouTube, or Plex. (Nothing left out Netflix.) Second, all of them choked on certain sorts of videos, depending on their audio or video encodings.

Eventually, I began to watch video on my iPad while I work. This led me to discover Plex in the App Store. Plex is a server that you can install on a computer, coupled with client apps that run on many different devices. Plex looks great, has server side transcoding to make video formats less of an issue, and allows you to manage a centralized library of TV, movies, music, and more. I used Plex on an Amazon Fire TV for a year or two. I started out very happy with it, but the software stability of the Amazon Fire TV decreased over time, and Plex and Amazon did not release software updates timely enough to fix it. Eventually, I was very unhappy with the Fire TV + Plex combo, but still pretty happy running Plex on my iPad.

When the Apple TV, 4th generation, was released, with support for iTunes, Apple Music, Netflix, YouTube, and Plex, I bought one right away. I figured, at the time, that Apple was so big that only it had any chance to get all the major video providers on a single box, and get them to stay long term. (Amazon, of course, was conspicuously absent for several years, but that was not as important to me back then as it is now.) I didn’t expect to love it for to watch baseball on MLB At Bat, but it plays games at 1080p/60fps, which looks amazing, so I do.

Over time, home media streaming went from being a niche hobby, in which nerds like me tried to hook up computers to their TVs, to a very mainstream way to consume video and audio. Thanks to cheap and nearly ubiquitous modern hardware, my home media streaming “hobby”, has basically come to an end. I still maintain a Plex library, but I no longer have to upgrade or to fiddle with hardware connected to my TV, or worry about audio and video encodings and bit rates before I watch a movie with my wife. I also stream a lot more video from outside the home (not via Plex) than I ever did before—just like everybody else these days. It’s not special any more; it’s just another entertainment product, and it deserves very little thought, because it just works. Things are much better now, but sometimes I do miss tinkering with hardware.

Apple Card

Apple announced Apple Card at its event on Monday. Details are incomplete, but its announcement excited me more than the media-related services Apple announced at the same event. Perhaps that is because I pay for things every day, but don’t watch much TV, and my wife and I are happy with our New Yorker subscription (she reads the physical magazine; I read it online) and our New York Times subscription (which we both read via its iOS app).

Apple Card interests me because I use Apple Pay all the time, and Apple Card’s Apple Pay-specific cash back rewards are a 33% better than what I get from either of my two current credit cards on the things I purchase most. From a pure spending and getting rewards perspective, Apple Card seems like a winner to me.

I am a somewhat baffled, however, at the Apple commentators’ many takes on how Apple Card’s rewards are mediocre. I suppose that may be the case for people who want travel rewards, but if you want cash back and can use Apple Pay at your local supermarkets and restaurants, Apple Card is a winner.

I base my opinion on lots of research into the best cash back cards. For the past twenty years, I have been a cash-back-rewards seeker who researches credit cards on NerdWallet and BankRate at least once a year, and occasionally jumps from one card to another. Based on my research, I already have the best credit cards for me, from a rewards perspective. Apple’s credit card’s cash back rewards system is better than all of them, again, for me. Two percent cash back on all Apple Pay purchases would increase the cash back I get from my largest non-mortgage monthly expense category, supermarket spending, from 1.5% to 2%.

I heard on TWIT this week that Apple Card does not have certain protections most credit cards come from, like purchase price protection and extended warranties. That doesn’t matter to me, though, as I have not used those benefits in the 20+ years I have had a credit card.

Apple Card’s announced interest rates fall within what I think is a normal range. Each customer’s interest rate will depend on their credit rating, so it is technically unknown until each person applies for it. Apple has not made it clear whether there is a monthly billing cycle with an interest-free grace period, which is common. This leads to more uncertainty about it, as better cash back rewards are not helpful if you have to pay interest on every purchase. I almost never carry a credit card balance, though, so whatever Apple’s interest rate is for me, and provided there is a normal grace period for purchases, it does not matter.

All in all, Apple Card sounds like a good deal for a lot of Apple’s customers.

Journal 2019-03-20

I have been working pretty steadily on finishing version 4.0 of SwiftoDo Desktop. I feel pretty good about the app, in general. It is coded in Swift now, as opposed to Objective C, and has a much more mature, and hopefully easy to support, architecture.

It will be a massive upgrade from version 3. While I would like to charge for it, even for my current customers, I feel bad enough about drastically changing an app I sold, even if it is for the better, that I am strongly considering just releasing it as a free upgrade. That’s basically my plan for the next version of SwiftoDo on iOS, which will be based on this codebase as much as possible.

My day job has been super interesting lately. I have hundreds of data analysis work papers to write, and I coded some pretty sophisticated scripts to generate all the data analytics I need to run, review, and report on. If only the software I was using made it easier to generate my work papers. I still have days and days of work ahead of me writing all the work papers that document the process. I also re-learned today about VBA’s superannuated support for interfaces, polymorphism, and delegation, for another project I am working on.

My wife has been baking cookies for Purim this week, which is a lot of fun, but incredibly tempting to me, as I have been on a low-carb diet the past few weeks. I have to loose all the weight I gained over the past 14 months, due to stress- and grief-related overeating. I am using MyFitnessPal, once again, to track my eating. I have also been doing low-paced treadmill workouts in the evenings, though not every night. So far, my diet and exercise regime has gone really well, but sweets can still be tempting.

One new wrinkle in parenting that my family is dealing with is that my two-year-old son has recently developed separation anxiety, which is normal at his age. It has lead to a good deal of interrupted sleep late at night, when he wakes up and screams “Mommy!” My wife bears the brunt of it, though. He cries for her, but not for me. I am definitely second banana during these intermittent nighttime terrors.