Kaep is back!

A little bit less than a year ago, when the last NFL season was still young, the Official Sweetie of MR&HBI pointed out to me that a legit NFL quarterback was unemployed because of his political stand.

I demurred. Colin Kaepernick was the flash-point of activism and he was unemployed, but I gave my sweetie the cringie-face and said, “the problem is that he’s actually not very good.”

After that conversation, several NFL teams hired backup quarterbacks and even a starter who were worse than Kaep in every measure.

Kaepernick is a dick, make no mistake. He hit on a teammate’s girl, and he required ridiculous privileges when he could get them. He is not friendly to his fans. Having him in the locker room will be a challenge. But in a league that hires actual fuckin’ murderers, and glorifies a coach who banged his assistant’s wife, being an asshole is hardly a disqualifier.

And seriously, some of the chumps hired over a man who was one bad coach-decision away from being a Super Bowl champion are ridiculous. Kaep has a beef.

He is suing the league. I’m no lawyer, but I think he has a case.

Enter Nike. A major sponsor of the NFL. On opening night of the new season, Nike introduced an ad campaign that cut Kaep as a hero, among many other hometown heroes you have never met, just trying to do what is right. Word on the street is that Nike did not inform the NFL of the content of the ad until maximum buzz could be achieved.

Kaep, for his part, has put a chunk of his personal fortune into addressing the issues he knelt to protest. So asshole rating is reduced several points. Kaep believes in the cause. That simple fact is really, really important. Obviously this is not a cynical career move for him. He’s making a stand for justice.

Honestly, I don’t like Colin Kaepernick as a person, but I respect what he is doing. To my sweetie, I was wrong back then. Clearly there has been collusion, and it’s time to make the league pay.

A Guide to Commenting Your Code

I spend a lot of time working with code that someone else wrote. The code has lots of comments, but they actually do little to improve the understandability of the work. I’m here to provide a concise set of examples to demonstrate the proper way to comment your code so that those who follow will be able to understand it easily and get to work.

These examples are in php, but the principles transcend language.

WRONG:

// get the value of the thing
$val = gtv();

RIGHT:

$thingValue = getTheValueOfTheThing();

WRONG:

// get the value of the thing
$val = getTheValueOfTheThing();

RIGHT:

$thingValue = getTheValueOfTheThing();

Oh so very WRONG:

// Let's get the value of the thing
$val = getTheValueOfTheThing();

We’re not pals on an adventure here.

RIGHT:

$thingValue = getTheValueOfTheThing();

You might have noticed that so far all my examples of the proper way to comment your code don’t have comments at all. They have code that doesn’t need a comment in the first place.

Computer languages are not created to make things easier to understand for the machine, they are to make sets of instructions humans can read that (secondarily) tell the computer what to do. So, if the code syntax is for the benefit of humans, treat it that way.

If you have to write a comment to explain what is going on in your code, you probably wrote it wrong. Or at the very least, if you need to write a comment, it means you’re not finished. I write many comments that start TODO, which my tools recognize and give me as a to-do list.

Stopping to come up with the perfect name for a variable, class, or function is an important part of programming. It’s more than a simple label, it’s an understanding of what that symbol means, and how it works in the system. If you can’t name it, you’re not ready to code it.

There is a special category of comments in code called doc blocks. These are massive comments above every function that robots can harvest to generate documentation. It’s a beautiful idea.

Here’s my world (not a standard doc block format but that’s irrelevant):

/*
|--------------------------------------------------------------------------
| @name "doSomething"
|--------------------------------------------------------------------------
| @expects "id (int)"
|--------------------------------------------------------------------------
| @returns "widget"
|--------------------------------------------------------------------------
| @description "returns the widget of the frangipani."
|--------------------------------------------------------------------------
*/
public function doSomething($id, $otherId) {
    $frangipani = getFrangipani($id);
    multiplex($frangipani, $otherId);
 
    return $frangipani->widgets();
}

The difficulty with the above is that the laborious description of what the function does is harmfully wrong. The @expects line says it needs one parameter, when actually it needs two. It says it returns a widget but in fact the function returns an array of widgets. If you were to try to understand the function by the doc block, you would waste a ton of time.

It happens all the time – a programmer changes the code but neglects to update the doc block. And if you’re not using robots to generate documentation, the doc block is useless if you write your code well.

public function getFrangipaniWidgets($id, $multiplexorId) {
    $frangipani = getFrangipani($id);
    multiplex($frangipani, $multiplexorId);
 
    return $frangipani->widgets();
}

Doc blocks are a commitment, and if you don’t have a programmer or tech writer personally responsible for their accuracy, the harm they cause will far surpass any potential benefit.

I have only one exception to the “comments indicate where you have more work to do” rule: Don’t try this at home.

public function getFrangipaniWidgets($id, $multiplexorId) {
    $frangipani = getFrangipani($id);
 
    // monoplex causes data rehash, invalidating the frangipani
    multiplex($frangipani, $multiplexorId);
 
    return $frangipani->widgets();
}

This is useful only when the obvious, simple solution to a problem had a killing flaw that is not obvious. This is a warning sign to the programmer coming after you that you have tried the obvious. Often, when leaving notes like this, and explaining why I did something the hard way, I realize that the easy way would have worked after all. At which point I fix my code and delete the comment. But at least in that case the comment did something useful.

2

Sucker Bet

While reading an article about sports, I clicked a supporting link and found myself here, at the NBA futures page at a gambling Web site. I’m curious about numbers and things, so I looked at the odds for a bit.

At this moment, there is an anomaly. “Anomaly” in my newly-minted dictionary of gambling terms is a time when a safer bet pays better than a riskier one.

In the NBA more than any other sport, random luck plays a smaller role in the outcome of games, and of seasons. There are no Cinderellas in the NBA. So when the Golden State Warriors managed to abuse the byzantine salary cap rules to land yet another all-star in Boogie Cousins for a season while the closest competitors went downhill, the gambling world said, “Fuck it, the Warriors are going to win the championship again.”

To bet on the Warriors winning the title next year, Las Vegas is giving you 10/17 odds. That is, the payoff is based on a 0.588 probability that they will win. Well over a coin flip.

But then I noticed this: on that same page the odds Golden State has of winning the Western Conference are 4/9, or 0.444 percent. Hence, a better payoff. Here’s the thing: The Warriors will not win the championship without first winning the division final. Yet somehow the bookies are paying less for the championship?

Yep. If you want action on the Warriors, don’t be a chump. Don’t follow the blind money to “Warriors win it all!”; follow the slightly-better-informed money to “Warriors make me money!”

3

Time Not Well-Spent

Here it is, Whiskey-Exemption Thursday, and my weight is on-target so I can even have beer. The purpose of Thursday is to devote an evening to pushing the writing forward, and hang the consequences.

What have I been writing this fine evening? I’ve been trying to come up with the least-objectionable way to emulate Swift’s extensions to Protocols in php. The answer: there is no way.

Begin geek

Coding with php is coding with flint knives and bearskins; the power of php is in its wham-bam-thank-you-ma’am ability to do a quick task and then to go away.

Bless the movers behind php, they’re trying to evolve their language to catch up with the way people are using it these days. If they had known Drupal was coming along, they might not have been so quick-and-dirty before. Drupal might be slightly less awful as a result.

There are design patterns enabled by Swift that I get a little misty contemplating. Being able to add extensions (with executable code!) to protocols is enormously powerful. Having experienced that, I wanted to do the same thing in php, creating a trait “taggable” and having classes that used it automatically injected with the implementation. Injected, not inherited. Ain’t gonna happen.

End geek

At least now I’m writing prose about writing the code rather than writing the code itself. Progress, I guess.

1

The Thursday Whiskey Exemption

In my days, I’ve only had success with one diet plan: set a target weight each week, lower than the week before. If, when I weigh myself in the morning, I am above the target weight, then I may not consume alcohol that day. Pretty simple, and embarrassingly motivating for me.

I lost more than 30 pounds on this plan, then events intervened, weakness ensued, work pressure ratcheted up, and I have now gained most of the weight back. In January I resolved to get back on the plan, but here’s the thing: While I don’t think my writing is any better after a couple of beers, it’s certainly more prolific. So now I do a dance between health and writing, and lately writing has been winning. But now blood pressure is a factor.

So I have launched my pound-a-week program again, with one modifier. On Thursdays, even if I’m over my weight target, I may have whiskey. I used to call Thursday “Beer-blogging day” — it was an evening where I set aside time to ramble for a bit, and to work on other, more serious projects. Whiskey is a little bit less fattening than beer, so I’ve decided this time around to try to relieve the tension between obesity and creativity by allowing a Thursday whiskey exemption.

For the record, on this particular Thursday I was below the weight threshold for the week anyway. The first few weeks of a new diet are actually pretty easy.

Happy Thursday, everyone!

2

The Journey Home: The Fading Glory of the Southwest Chief

I wasn’t paying close attention at the time, but in the late 1970’s the US government decided to buy out all the failing passenger rail services, with the goal of preserving some semblance of intercity passenger rail in this country. Out west, cities are far apart, and the new czars of rail travel realized that comfort and convenience would be paramount for success.

They took a design from the Santa Fe line, adapted it, made it too tall to work east of Chicago, and the Superliner was born. Superliner I was the last passenger coach built by the renowned Pullman company, while the Superliner II, a smoother-rolling variant that was a little more… judicious with the output from the toilets came along a short time after that.

None have been built since. Sure, there have been upgrades (self-contained toilets retrofitted, electricity available everywhere), but the rolling stock is aging.

On electricity — long ago I took a ride and there was exactly one electrical outlet available to coach-class passengers. A little community grew around that outlet, and while the cafe attendant tried to regulate us, we worked out a better system on our own.

But while the cars have been superficially modified to evolve with the needs of the passengers, there’s really no denying that they are getting older. Train 4 from Chicago to Los Angeles brought that home to me. Some cars had trouble with toilets. The public address system was spotty — at one point the attendant for my car got on the PA to say that the rest of the announcements were’t coming over our PA. Apparently there were a couple of dicey almost-missed-stop moments in my car.

The dining car’s air conditioning failed; my waiter said that on the last leg of the journey one of the crew knew what switch to throw, but now he was gone. Sounds to me like a circuit breaker.

The cars themselves still felt solid, we moved along smoothly. But it’s the little things, the door latch that required coaxing, the outlet that just won’t let go, that give you the feeling that maintenance is falling behind. And as the cars get older, the maintenance requirements are just going to increase. It’s going to require commitment to keep these cars comfortable and safe, and when the little things start to slide, it’s an indicator that the commitment is not there.

Twice on my journey east I heard a rumor that Amtrak would be canceling the long-haul western routes. If that’s true, I’m glad I took this ride. The subject of California’s high-speed rail also came up often. To which I said, “I’ll believe it when I see it.” I would honestly prefer it if the state spent maybe one percent of that cost to upgrade the low-speed rail already in place along that line (California has already pitched in to pay for other Amtrak upgrades in the state.) It’s beautiful country. Slightly-less-slow service would attract a lot of new customers, at a price the high-speed option could never touch.

I look forward to rolling along the coast in a brand-new Superliner III, then turning inland on the Southwest Chief, its rolling stock gleaming in the desert sun — the iconic journey that everyone must do at least once. The Route 66 where someone else drives.

Those will be the days.

2

Not a very Remember-y Day

Went to sleep early last night, after a day of restraint and sobriety. Woke up this morning, had a bit of an epiphany, then set about my day feeling perky and downright sharp.

So far today, I have locked myself out of my room not once but twice. Then I walked from the residence hall down to Massachusetts Street, only to realize I didn’t have my wallet.

To make things worse, during my walk down a woman on a park bench had complimented my shirt and then as an afterthought had complimented my beard. Then I passed a nice lady who was raising money for a church-based project to house the homeless, who remembered my “beautiful beard” from the previous day, when I had made a donation.

I couldn’t go back the direct route, or I would pass these people twice more. I had to go around. Putting some serious mileage on my new shoes today.

1

GDPR Announcement

I’ve got no idea who you are. Even if I did know, honestly, I wouldn’t care.

1

Voted. It was a little weird.

I vote by mail these days; it costs the state more money but is more convenient for me and it is less Russian-style shenanigable. Mail-in votes are more vulnerable to local-asshole shenanigans — just ask my Arizona-based nephew, who has been directly shenaniganized — but I’m pretty confident my vote will be counted.

Secure in that thought, I did my best to study the issues and make good choices. The propositions were the most important votes, at least in my mind — I’ll touch on the major political seats shortly. Two of the propositions came down to car vs. not-car. Easy peasy.

Locally, B and C asked us, collectively, whether we were willing to give up open space and embrace sprawl if a fraction of the housing created was dedicated to affordable housing for seniors. Affordable housing is a critical issue here; rent is fucking ridiculous. But a few token units in a luxury expansion that stretches city services is not the answer.

I voted to increase the state’s debt to help people move around without cars. Overall the state’s debt burden is down lately, due to prosperity — even as the federal government siphons money out of the state so Kansas can boast a balanced budget. State balanced budgets are a sham, propped up by the federal deficit and states like Texas and California.

On another prop there was one argument in the pro vs con section that said (more or less), “They might not use the money to make roads better! They might use it instead for public transport and bike lanes!” Yeah, bunky, whatever you’re opposing, I’m in favor of.

After the props there came a judge — you’ve heard of him — and I couldn’t kick him in the balls so I only did what I could to make sure his career was over. His defense said we shouldn’t let a single decision in a career that was not flagrantly biased be cause to eject a dedicated public servant, that it was a slippery slope to make the judiciary subject to the mob. (The actual argument was far less articulate.) But I’m with the mob on this one. Democracy is mob, and it’s at its best when things are ugly. The mob says rapists should not get off lightly. Let other judges take note.

Then there were the candidates. For only the second time in my life, I paid attention to party affiliation while voting. This is not a normal state for me. But until the Republicans purge themselves of Trump, and of the forces that allowed Trump to happen, none of their candidates at any level will get a vote from me. None. That’s just how it has to be.

3

An Exchange with HackerOne

In a recent episode I rambled about a system that pays good guys for finding and reporting security holes in the software we rely on every day. Fired up with enthusiasm for the cause, I sent this message to HackerOne:

I appreciate what you are doing here, and would love if there were a tip jar where I could contribute to the rewards you give out for making the world a better place. Like Zaphod, I’m just a guy, you know? But I’d happily pitch a little bit each month to promote what you do here, and to support the people who actually make the Internet less unsecure.

I debated “insecure” versus “unsecure”, and went with “un” for reasons I don’t exactly recall. Beer may have been a factor.

I got a very nice letter back.

Thank you so much for reaching out to us with this feedback on what we are doing. We appreciate you taking the time to reach out to speak with us about what you think of the program and how you would like to participate it make HackerOne a success.

You are correct about us not having a tip jar, however, our community can support us by word of mouth let others know what we do and what our goal is and if you are a hacker or know any white hat hackers we encourage you all to use our platform and help us with making the internet safer.

We really do appreciate you reaching out and I am going to share your message with the rest of the company.

Best,
Shay | HackerOne Support

The missing word and tough-to-parse sentence make me think that this was a hand-typed response. I am happy to contribute to their word-of-mouth buzz. I do not fit the profile of the geek HackerOne is looking for, and I suspect no one who will ever read these words is pondering the question “How can I break things and still be a good guy?” But if that’s you, head to HackerOne.

On the other hand, If you own a commercial Web site and want to get a major security audit, consider posting a bounty at HackerOne. You’ll get some really skilled people trying to break in, only in this case they won’t rob you blind if they get in.

1

A Set of Facts That Might be an Opportunity for the Right Person

A simple, unordered (perhaps obfuscated-ordered) list:

  • I tried to read Feeding the Eels on this site from start to finish but I could not.
  • I am growing seriously tired of spending my weekends fiddling with code
  • At this time, I have only indirect influence on hiring php programmers at my company—I can recommend, but there are no openings in my group.
  • At this time
  • I know php upside-down and sideways
  • I have decided that this is a year for finishing things.
  • I like to teach
  • I seriously don’t want to dig into the guts of my WordPress theme to figure out why I can’t read all of Feeding the Eels
  • I write software for a living
  • There are a lot of punk kids out there who can dance with WordPress and php even though only grandads seriously think php is cool
  • Feeding the Eels has been dangling, almost-finished, for years.
  • I would never ask a kid to work for free
1

Maybe this is Why Americans Celebrate Cinco de Mayo

The Battle of Puebla occurred on May 5, 1862. It was an unexpected victory for about 4,000 Mexican soldiers facing about 8,000 well-equipped French troops. Although it was a stirring victory, the outclassed Mexicans were eventually overwhelmed, and the French installed a new government in Mexico a few months later.

So… let’s climb on the alternate history bus and wonder what would have happened if the French had won at Puebla. Without that crucial lift to morale and Mexican national pride, would the French have won more easily? Would Emperor Maximillian have been able to hold his seat more comfortably for a couple of years?

A couple of years is all it would have taken. The Americans were slaughtering each other in their own civil war. Given a little breathing room, an enterprising European colonial power might have found it worthwhile to aid the southern states, and in return have a friendlier partner on Mexico’s northern border.

But, in part emboldened by their success at Puebla, the Mexicans never let Maximillian get too comfortable in Mexico City. As the US Civil war drew to a close, with France dealing with Prussia back in Old Europe and the Mexican Guerrilla warfare gaining intensity, Napoleon III bid adieu to Maximillian, and not long after that the emperor was executed.

Honestly, I don’t think for a minute that the French would ever have held Mexico with or without the Battle of Puebla. The colonization was a doomed endeavor from the start, and turned out to be a costly mistake for France.

So the Battle of Puebla may not have turned Mexican history that much. Maybe the Emperor would have lasted a couple more years, but that’s about it. That couple of years, though, may have been HUGELY significant to the United States.

So if you’re hoisting one tonight to celebrate Drinko-de-Mayo, stop for a minute and consider: about 4,000 hungry, ill-equipped Mexicans may have saved our nation. Now that’s something to celebrate.

3

The Best Friend You Didn’t Know You Had

I was reading the other day about how some hackers found a serious security flaw in php. php is a language used on Web servers to deliver content to your browsers; WordPress is written in php and thus every time you load a page here at MR&HI, code written in php is being run.

A LOT of the Web is written in php, so finding a security issue in that language is significant, but this episode is not so much about one particular flaw as it is about the constant battle between good and evil. This article gets technical fast, but there are a couple of important takeaways that you don’t need to be a geek to understand.

Pornhub offered $20,000 to anyone who could hack them, via the site HackerOne. This was a big enough incentive for a group of hackers to really go after them. They discovered one questionable practice by the programmers of that site, but it took a lot of long, hard work for them to turn that into an actual hack, digging through the source code of php itself until they managed to create an attack that could load and run code on the server.

Immediately they disclosed the vulnerability through responsible channels, earned their reward, and both Pornhub and the wardens of php moved to close the bug. Pornhub paid up the $20K, and HackerOne threw in a bonus.

And even shorter version: Pornhub paid some real dollars and made the Web safer for all of us.

You and I are fantastically lucky that there are people out there who will use their skills for a low-five-figure payoff, rather than exploiting that weakness for potentially millions. These are the white-hat hackers, incredibly skilled people who can write php-unserialize fuzzers to discover “unexpected” responses, but use their skills to make the world a better place.

Eventually these guys will have the hacking weapons that our own government lost control of, and when that happens, the Internet will become far more secure. In fact, if I were king of this country I’d give the good guys those tools right now. It can’t be only the Russians using that stuff. Worth noting: our government has discovered many security holes in the software that makes the world run, and they didn’t report those discoveries, leaving the holes wide open for them (and everyone else) to exploit. Our own government is not White Hat.

When you hear about a new terrible hole in security, remember: that’s when honest people found the hole. It’s geeks like Evonide that found it, and reported it. Often they chased that hole because some site like Pornhub gave them a reason to. So let’s stop and appreciate what the unsung good guys have done for us.

2

Checking Out the Sharks’ next Opponent

While working on, well, work, I’ve got the Nashville-Winnipeg game on. It’s been a pretty good game. Gritty but not dirty, some good skating, each team making the other pay for mistakes. Hockey.

The winner of this game will play the Sharks, after San Jose despoils Cinderella.

I’m not sure who I’m rooting for. On the one hand, Winnipeg may be the most miserable sports city, and as a former resident of San Diego I have to feel for people whose teams always lose the way San Diego teams do, but who also don’t live in San Diego. That would really suck.

But Nashville fans have a song for everything. Seems like every tape-to-tape pass has the fans singing the “Nashville Tape-to-Tape song.” And the whole damn arena sings. It might be the best fan experience in North American sports. (Don’t tell Las Vegas, because dang they’re building an awesome fan experience in the way only Las Vegas can.) Nashville is the hockey arena I’d most like to visit for a game.

On the other hand, I’m more afraid of Nashville. This might be naive; Winnipeg is really good this year. But Nashville has been a problem for a long time now.

On the other hand…

There are an infinite number of hands. I’m enjoying a good hockey game, and both these teams deserve to be here. Either will be a challenge for the Sharks. Either will make for a fun series.

____

A few thoughts about the Sharks/Knights series currently under way:

One of the great things about being a fan of a team is having rivals. I hate the Ducks and I HATE the Kings. Then there’s fuckin’ Buffalo, a hapless team that somehow keeps beating the Sharks (although now we have their best player). Las Vegas is new; they have no historic slights to fume over. I volunteer my team to be the team the Las Vegas Knights fans learn to hate. Step 1: Knock them out of the playoffs.

I call the Las Vegas Franchise the “Las Vegas Knights”. It is a far better name than the official title: the “Vegas Golden Knights”. “Las Vegas Knights” speaks to the character of the town itself; it echoes the allure of being there. It sounds like the title to a novel — or a memoir — or a song — or… It sounds like Las Vegas. Eventually the Las Vegas franchise will fix their name.

Talk about home ice advantage — whoo boy that city knows how to put on a show. To build the drama before the opening game of this series, they had a really cool lighting effect that made it look like a huge shark was swimming under the ice. Of course in their show the shark was eventually slain, but San Jose should seriously steal that effect.

While I think you would be hard-pressed to find a resident of the Las Vegas metropolitan area who agrees with me, there is supposed to be hardship when a team is first getting started. Without that hardship you can’t have fans who can say “I was with the team back when…” It’s the lean times that scar a true fan. (Scars are cool, right?)

I kind of feel sorry for the Raiders, trying to move football into a rabid hockey town.

3

Took My Data Privacy Training Today

The European Union is enacting a new policy concerning the way companies treat the personal information of their customers. Today I went through the training to make sure I understood what those rules meant to me.

Spoiler: nothing new. But there are a lot of other companies in this neighborhood that are probably scrambling. I’ll name names later.

The new privacy training was pretty much exactly the same as the previous data privacy training I have gone through, with the exception that there is a new report to fill out to make the decision process on using customer data visible to the outside world. There is also a new portal so people can see all the data my employer has collected on them, and request that that data be deleted.

But overall, the new privacy regulations in Europe might have been written by my company, they match our existing policy so closely.

Remember back when Google was “accidentally” collecting information about open home WiFi networks? Accidentally in this case means accidentally creating database tables and queries to store that information. I mean hey, accidents happen. That was a while ago, but that shit is really not going to fly now.

Hey! So much for “later”. I’m naming names.

The regulations go something like this:

  1. You have to spell out what you will be using the data for BEFORE you collect it.
  2. You have to protect that data.
  3. You have to let people see the data and tell you to delete it.

The Google thing was years ago. (There are plenty of current investigations, however.) But hey, remember last week when an Android user discovered Facebook was recording the recipient and duration of all his phone calls? Yeah, the beat goes on. In the aftermath of that I downloaded my own information and there were only a couple of surprises, none shocking. Hint: I don’t use Android.

At Google they must HATE Facebook for being so damn sloppy and leaking data all over the place, rather than just efficiently selling it. Regulators are swarming! Maybe now Google might consider putting in place basic security measures to prevent apps from rooting through shit that is none of their business.

My Facebook information was mostly unsurprising, but I suppose it’s possible that in the last few days Facebook has decided that fraudulently withholding some of the data they have collected on me is better than confessing to all of their shenanigans. Ironically, the ability for people to download their information was probably implemented by Facebook to comply with the new regulations. Sadly for them, the more people who download their personal info, the more trouble will arise for Facebook.

I encourage everyone to request a data download from Facebook. And from Apple, and from Google, and from Amazon. Probably Ebay, too, and the list goes on.

For the rest of this episode, I am full-on partisan. Just so you know. But there’s nothing I’m going to say that is not easily documented.

Google has a vast amount of data on you. If you use Google Wallet, downloading your data might be downright scary; if you use ApplePay instead you will find a big empty nothin’ concerning your spending habits. Apple built it so that it was not possible for them to learn anything about you from your spending. It was not easy to do.

I work for Apple. I am proud that my company puts privacy over profit — that HomeKit is slow to be adopted because it protects privacy and home-gadget manufacturers want to profit from personal data (and the hacking-resistance of HomeKit is more expensive to implement — something I’m also fine with), and I am proud that ApplePay was first out of the gate but isn’t growing as fast as the competitors because privacy requirements make it harder for banks to join in. Apple is losing money protecting privacy.

Unless protecting privacy becomes law. Then, suddenly, my employer is in the catbird seat, having built its information structure around privacy from the get-go. Apple has put a lot of systems in place to make sure they cannot collect large categories of personal data. Currently that data is an asset that they are failing to exploit. In the future, that data will be an onerous responsibility for any company that holds it. I hope so, anyway.

2