Troy Davis

Letter to Washington State legislators about consumer data privacy bill (SB 5062)

2021-03-19T07:09:05-07:00

The Washington State legislature is considering a consumer data privacy bill, Senate Bill 5062 (summary). While I was creating Simple Opt Out, I assumed that the CCPA made consumers opt-out of paid data sharing - not a business sharing data to target their own ads, but selling consumers’ personal data to unaffiliated third parties for compensation - due to an oversight. When the CCPA was in process, not everyone realized that retailers would sell their customers’ purchase history to anyone who would pay. It may not have stood out from targeted advertising and may have actually been an oversight.

Not for this Washington State bill. Turns out that many, if not all of this bill’s sponsors know that its default protection is incredibly weak. By now, legislators are aware that consumers’ data is sold to unaffiliated third parties - and that no consumer would opt in to that. They just don’t care or don’t care enough to do anything about it.

That’s why I sent this letter to the Washington State House of Representatives Civil Rights & Judiciary Committee and individual members. While Washington is probably stuck with this bill - and privacy for a vanishingly small number of residents - I hope my self-contained explanation helps another state or motivates a Washington State legislator to close the data sales loophole.

Here’s my letter.

Subject: SB 5062 - Please don’t let businesses sell my data unless I opt out

Dear Chair Hansen and Civil Rights & Judiciary committee members,

My comments are about requiring consumers to opt out of having their data sold to third parties for compensation, as SB 5062 currently does.

If you’ve purchased from Ace Hardware, Crate and Barrel, Home Depot, the Seattle Art Museum, or hundreds of other companies, they sell or trade your information - often including purchase history, contact information, and preferences - to third parties for a few extra cents of gain. Yes, completely unrelated companies know what you bought at many traditional and online retailers.

These businesses don’t do this in order to operate or market their business (as is the case with targeted advertising). Rather, this is turning the consumer into the product: selling customer information to completely unrelated businesses, merely because they’ll pay for it.

Reasonable people can debate the pros and cons of targeted advertising, but the practice I’m talking about, selling detailed data about customers to third parties, has no pros. It shouldn’t have ever been legal.

I know because I spent 100+ hours reading privacy policies, finding these practices, and creating a directory of opt-out instructions. My not-for-profit site, https://SimpleOptOut.com, has made it a bit easier for tens or hundreds of thousands of people to opt out of data sharing that they would never have opted in to.

I want the Washington legislature to make my Web site obsolete.

This bill begins with ”The legislature finds that the people of Washington regard their privacy as a fundamental right” … and.. then it disregards that statement by requiring Washingtonians to opt out of these sales. Has anyone on the committee actually tried to opt out of data sharing? I have. You’ll spend most of a day digging through privacy policies, calling phone numbers, filling out web forms, and printing and mailing letters. If you’re lucky, after doing that 30 or 40 or 50 times, you’ll cover about half of the businesses that sell your data. My Web site makes that easier, but not easy – and that’s only because I’ve tried to mitigate a problem that the legislature should solve.

Opting out of data sharing requires so much time that less than 1% of Washington residents will actually do it. Instead of 100% of Washington residents having this so-called “fundamental right,” this bill will provide it to less than 1%. And that 1% will be well-educated computer engineers and attorneys. This bill makes privacy contingent on resources, on privilege and for no commercial justification. Unlike advertising, this doesn’t help a business deliver or market their products.

Since literally zero Washingtonians would opt in to having businesses sell their personal information for extra revenue, forcing each of us to opt out with each business is nonsensical.

Imagine if, in order to have First Amendment protection for something you wrote, you needed to visit every web site which might publish it or have access to it, find their instructions for opting out of First Amendment violations, and follow them - which could take two minutes or twenty minutes each - and then hope the business actually processed your request.

Or, imagine if every time you moved, you needed to call or visit the new city, county, state, and federal police and fill out a “Fourth Amendment violation opt-out” form. This form requested that they not unreasonably search or seize your property. Oh, you didn’t spend the time to opt-out of Fourth Amendment violations? You must not mind them.

That’s how this bill handles unnecessary data sharing. The right to request that an entity not sell my personal information to third parties… that’s not privacy. Privacy is not needing to do that in the first place.

There’s a better way. Require residents to opt in to data sharing for compensation. If privacy is a fundamental right like this bill says, then privacy should be the default. Nobody needs to opt out of having their other rights violated, and we shouldn’t need to opt out of having our privacy violated, either.

Alternatively, if the bill is going to require opting out, then change the rest of the bill so it’s accurate. Instead of stating that privacy is a fundamental right, explain that privacy is a luxury that the legislature is offering to state’s most privileged and technically experienced residents. Explain that businesses can assume residents don’t deserve and shouldn’t receive privacy, unless and until each individual informs each business using whatever method the business prefers.

If you’re thinking, “Wow, that sounds terrible,” you’re right. It does, because it is. All I did is accurately describe the bill’s current treatment of selling data.

Businesses should be able to deliver the products and services that we depend on, and to market them effectively, but not to share or sell our personal information with unaffiliated third parties for compensation. Please change this bill to deliver privacy for 100% of Washingtonians, not less than 1% like it does now.

Thank you,

Troy

Checklist for configuring iPad for regular people

2021-02-03T12:19:17-08:00

I configured some iPads for regular people. If you’re configuring an iPad for a parent, young child, or a good friend who is new to the iPad or new to computers, maybe the checklist I posted will give you a starting point.

Chrome loves auto-play, but do users?

2018-05-17T10:46:01-07:00

I’ve encountered many, many examples that:

in some cases, users don’t want Chrome to auto-play any videos – even muted ones (mostly because sites abuse the privilege by autoplaying unrelated overlay videos), and
users incorrectly think Chrome’s chrome://flags/#autoplay-policy flag disables auto-playing videos, when it only affects auto-playing videos that aren’t muted

Unfortunately, as of this post, Chrome’s policy is that “Muted autoplay is always allowed.”

I’ve responded a few times on Hacker News to clarify the current behavior (see above links). The confusion and the unmet demand for disabling autoplay entirely, at least for certain domains, led me to tweet inviting the Chrome product management team to respond, then when they didn’t, to comment on the Chromium bug tracker.

Google has never explained nor substantiated its decisions to allow muted autoplay by default, and not let users change that policy, at least globally and perhaps on a per-site basis. Since Google has a clear conflict of interest, both decisions justify more transparency than they’ve been given.

I don’t have any data about user preferences for muted auto-play. I do know that no one likes the current behavior and that Chrome has per-domain controls for far less frequently used – and less polarizing – features, like whether to clear cookies on exit.

Here’s my Chromium bug tracker comment:

Anyone have some data that substantiates the theory that users want muted videos to autoplay by default (rather than, say, on a per-domain basis like cookie retention and “Clear cookies on exit” settings)?

It’s entirely anecdotal (that’s why I’m asking for data…), but everyone I know can’t stand muted autoplay. Google didn’t provide any reasoning or substantiation why “Muted autoplay is always allowed” in https://developers.google.com/web/updates/2017/09/autoplay-policy-changes. Advertisers and consumer-facing sites abuse that privilege by autoplaying muted unrelated videos.

Clearly some users want autoplay for some domains. My question is whether at least a meaningful percentage of users would prefer to disable autoplay entirely, even for muted videos, at least for some domains.

Roon: More ways to discover/play music not in my Roon library

2018-05-14T10:40:08-07:00

I recently started using Roon Labs and posted this suggestion in their customer Discourse forum.

Here’s the suggestion:

Hey all, here’s a wish and a few possible implementation ideas. Please understand that I’m spending the effort to write this down because I care about seeing Roon succeed, not because I want to slam Roon.

Also, as with any feature request, some of this is almost certainly wrong or doesn’t apply to Roon’s business :-)

Summary

Make it easier - heck, make it possible - to play music that I haven’t explicitly added to my library. At a minimum, expose Tidal’s artist radio and track radio.

One step up from there, make navigating between Roon’s version of an artist and Tidal’s more seamless, like letting me see my favorited or frequently played albums on Roon’s view of an artist (instead of a separate “Go to Tidal artist” dropdown choice and “Tidal artist” in search results).

One step up from there, let me treat Tidal as my Roon library, at least in concept if not in implementation.

Ideally, eliminate the idea of a binary “it’s in or it’s out” library entirely and split that into 2 concepts: music Roon has access to, and a continuum of opinions about that music (from love to hate). “The longer-term solution” has more on that.

Background

It feels like 10 or 15 years ago, the standard for music software was to play the music I had. Roon’s current feature set is basically the perfect implementation of what I wanted, and would have been thrilled with, in about 2005.

In the last 10 years, a couple things changed:

Access to music. Thanks to Tidal (and before it, Rdio, Spotify, etc.) “My library” is actually almost the entire North American music catalog. I don’t have an “it’s in or out” library (where anything in the library should never be played), I have a continuum of I love, like, am so-so about, dislike, or never want to hear again.
Quality of that music. Tidal is as good or better than anything I’d ever have locally. In the last 2 years, lossless and MQA eliminated the last reason that music from other sources might not be as play-worthy as “library” music.
Expectations. Between the size of someone’s “library” (ie, all Tidal music) and the rise of machine learning, a computer (think Discover Weekly) can do a great job of finding new music I like – way better than I’d do with manual curation, and good enough that I’d put my effort into correcting it rather than creating playlists myself.
Publishing rate. The number of new songs appearing on even Tidal, let alone Spotify or Soundcloud, makes it impossible to listen to and curate new stuff even if I wanted to. I’d literally be listening to only new stuff just to decide whether I liked it.
User persona. 10 years ago, Roon would have been most valuable to folks with hundreds of albums (in a sense, Roon depended on a substantial investment in media). Not only is that no longer true, it might not even be a predictor of/correlated with interest in music or playback portability anymore. Now that lossless subscriptions exist, I’d guess that an appreciation for audio quality (ie, lossless playback) plus ownership of more than 1 output are better predictors of suitability for Roon than, say, a desire or past experience collecting albums.

To boil this down: The idea of a binary “it’s in or out” library was a byproduct of needing to collect albums or at least ripped MP3s. Today, the hard part isn’t playing stuff that I know I like; that’s table stakes. The hard part is surfacing new stuff that I didn’t know I liked, and delivering a great playlist from the entire music catalog that (a) matches my mood or interests, and (b) doesn’t require explicit curation. That’s also the only viable way to surface new music at the scale it’s currently released.

This is also where the market is going. In 3 years, the idea of a manually-curated library will feel even more outdated than it does now. Even if Roon considers music fanatics to be its only target user (and isn’t ever trying to serve a more mainstream audience), having a manually-curated library is not correlated with that category anymore. And if Roon does want to serve a mass market at some point, it’s a gatekeeper to doing that.

The problem

Roon is built on the idea of a binary “in or out” library, which makes it difficult - actually, almost impossible - to play anything not in my library that I don’t curate manually (say, manually creating a playlist or going to a specific album).

As an extreme example, if one uses Roon’s “Focus” feature and the Focus only matches a single song in one’s library, Roon will play that one song on a continuous loop.

Imagine if, instead of listening to an entire set from Imogen Heap, you want a multi-artist playlist of stuff similar to or related to her or a song of hers, across all music you have access to (ie, Tidal, not one’s library). As I understand it and Roon’s staff confirmed, there’s no way to do that in Roon today.

The obvious example is dynamic artist or track-inspired radio, what Tidal calls “Track radio” and “Artist radio.” These aren’t currently exposed anywhere in Roon. So, my first and probably simplest wish would be new choices in the “Play” dropdown for “Track radio” and “Artist radio” that use Tidal’s implementations of same.

The longer-term solution

If one agrees with the factors in “Background,” then having access to lossless versions of almost every song ever released should cause Roon to adapt. Today, the library serves 2 purposes:

Ability to play. Roon considers the library to be the music that it has access to (other than being specifically told to play an album not in my library)
Preferences. Roon considers adding something to my library as a proxy for my preferences. Music in one’s library is presumed to be loved (it’s the only music that Focus and Roon Radio will play), and music not in one’s library is presumed to be hated (never played automatically).

These were never actually the same thing, though. Only item 1 - “Do I have a way to play this song?” - is binary. Item 2 is not binary. Right now, item 2 is treated as binary even though it’s not, and item 1 isn’t treated as a separate construct.

Using Roon’s terminology, I want a way to add the entire Tidal catalog to my library. Obviously that’s probably not the best actual implementation, but it’s a good explanation. At that point, item 1 is actually correct (my library is all music that can be played, so Focus and Roon Radio can consider way more music), and item 2 would adjust based on ratings at playback.

In practice, it probably means splitting these two purposes. Item 1 becomes “Anything on a remote service that I have access to, plus anything I have locally” and might eliminate the concept of a library.

Hopefully obvious, but just to say it: none of this is mutually exclusive with local music storage. Someone with no Tidal subscription and purely locally-stored music is just a different set of item 1 – it’s no worse for them than today. The core concept is recognizing that for many Roon users, items 1 and 2 are actually separate concepts, so that for users who do have access to a ton of music (Tidal subscription), Roon automatically makes use of it.

DIY 360° review: how I asked colleagues for anonymous feedback about myself

2017-10-31T07:45:31-07:00

I explicitly asked colleagues, customers, and friends for anonymous feedback about myself – a self-administered 360° review. Here’s how I did so (twice in 5 years), and how anyone with 30 minutes can do so for free.

Why I did this

I thought that my role could make it less likely I’d receive unsolicited negative feedback, and that those negative comments were disproportionately valuable (compared to, say, compliments). Specifically:

I mostly work with people whom I hired or at least chose to work with, so I’m part of the furniture. It’s easy to think of me as an aspect of the company that can’t change, or that at least requires taking a risk to change.
While I regularly ask coworkers for feedback, making the feedback totally anonymous transfers the burden of interpretation on to the recipient, me. Since I care about the happiness of everyone I solicited feedback from, that’s ideal. I want someone to feel safe saying anything, even if it’s totally subjective and unsubstantiated. I can choose to disagree with and not act on it.
In a small company, there’s little or no formal HR. If I don’t solicit this feedback (or more broadly, try to personally improve), no one else is going to do it.
Although my main goal was incremental improvement, if I or the company did have any true blind spots, this could be the only way I’d find out. Sometimes a blind spot isn’t even a personal trait or skill, it’s not accommodating different personality-based perceptions.

What I wanted to learn

In product management, asking users for non-specific comments (“Do you like our product?”) usually leads to less actionable feedback than providing a bit of focus, or even a lot of focus.

I wanted this survey to take less than 10 minutes, and if a recipient didn’t have much to say, less than 5. That meant I couldn’t ask many questions. I asked open-ended questions for recipients who wanted them, but also tried to save time with short answer form fields and some pre-populated choices.

I was most interested in things which don’t come up on their own in daily conversation, so here’s what I asked:

When you think of Troy, do any word(s) come to mind?
What is Troy best at?
What is Troy worst at?
When I interact with Troy, it’s (choose one): Painful; Tolerable; Unremarkable; Enjoyable; Great; Describe it yourself
Complete the sentence: “My own work with Troy would be more gratifying if he…”
Tell me anything - things I suck at, life advice, whatever.

If you do this, adapt the questions and answers to your personality and situation. I’ve this twice, so the questions above

How I asked

A Wufoo form

I chose Wufoo because its form URLs are so simple: anyone can see they don’t contain personally-identifiable information like a UUID, so it’s relatively anonymous. I also stated that in the preface. Also, Wufoo’s standard themes feel very approachable.

Here’s the form exactly as reviewers saw it:

An email request

I emailed myself and BCC’ed about 20:

Coworkers
Business counterparties, though not only those who I interacted with the most. I biased the sample towards edge cases: projects where I wasn’t sure how satisfied the other person was (an open feedback loop), one-off tasks which I felt pushed my skills or where I may have under-executed, and personality types whom I didn’t interact with very often. Basically, I tried to get as wide a range, and as much criticism, as I could.
Friends

Here’s the email, exactly as sent:

Hi,

I'm conducting an anonymous 360-degree review of myself.  You're
receiving this because we've worked or interacted a lot, over a long
period of time, or in a unique situation, and I value your feedback.

I'd really appreciate 5-10 minutes of your time, preferably by Sunday,
April 14. Head over here:

    http://example.wufoo.com/my-form

The URL has more. Again, it's completely anonymous and should only
take a few minutes. If you have questions, just reply.

Thank you!

Troy

Results

I received the same number of form submissions as received my email, so in as much as I can measure, 100% responded. None of the comments were totally surprising (not a bad thing!) and they actually skewed more positive than I expected. There’s no substitute for seeing people’s assessments in their own words, though. The return for the time - mine and others’ - was very high. I did this twice over 3 years and I’ll do it again if I’m in a similar working situation.

Questions to ask before joining a startup

2017-10-22T11:16:16-07:00

A friend asked what I’d want to know about a startup, even a late-stage one, in order to better evaluate a job offer. Here’s the short list of less-obvious questions I’d ask before joining a startup.

The role

If you could make one impact in the business in your first 6-12 months, what what would it be (according to them)? This is as much to understand the metric they chose - revenue? product usage? features shipped? employees hired? - and why it’s important as it is to understand the amount.
Where do you see the company in 3 years? What internal or industry changes might make you cut the vision short or significantly change the goal?
Is there an employee who everyone thinks of as very connected and savvy, who you could use as a mentor for a few months to learn the communication style? If you’re remote, ideally this person will be too.

The offer

Get enough understanding of the company’s cap table to have an idea what your offer represents. At a minimum, ask what percent of the shares currently outstanding your options would be, if they were vested.
What happens to vested options if you leave? Have they solved this problem? If not, it dramatically decreases the value of the options; you basically have to stay until IPO (or some resale event) or acquisition, or take a risk that few people would (exercising illiquid options), or leave without the vested options. 7 years is great. 3 years is okay. Given how long companies remain private, 1 year or less make the options basically toys.

If Yelp put quality above quantity…

2016-07-29T11:09:35-07:00

I posted this comment on this Hacker News thread:

If Yelp put accuracy and completeness ahead of # of reviews, they’d have already made 2 changes:

Let anyone comment on other people’s comments - like HN or Reddit, with similar reputation (points) and up/downvotes. Right now, unless an owner monitors and responds to every negative comment, there’s no recourse for being unreasonable or flat-out inaccurate. Even when an owner does so, the recourse is minimal. Let any other Yelp user reply, turning each comment into a thread.
When someone posts a 1- or 2-star review, show a second, required comment field for “What happened when you informed the retailer?” If someone is served a meal they don’t like and says nothing at the time, they skipped a - the - critical step. While there are cases where a low review could be justified without ever giving the retailer a chance to address the perceived problem (like if someone showed up twice during posted business hours and the retailer was closed), they cause fewer than 10% of 1- and 2-star ratings and they’re easy to explain. Otherwise, the minimum for a negative review to be constructive is having informed the retailer (and let them try to address it).

FastMail as “customer or consumer?” experiment

2015-11-16T10:07:23-08:00

I posted this comment on FastMail: Shutting down our XMPP service.

Background: A comment criticized people for wanting to be “consumers” instead of “customers.” Many other comments implied that people should want to pay for service received and/or to encourage interoperability. That’s a fine opinion, but not when concurrently using Google because it’s free.

Here’s the comment.

–

When someone raises this concern, I ask who hosts their personal email. 30-50% use a legacy free Google Apps account or Gmail. When I ask why, it’s a variation on “because FastMail costs ~$40/year.”

Of the rest, more than half host their own MX. While that’s totally reasonable, it means the percentage of people willing to pay just $3/month to be a customer is even smaller than it seems. And $40/year is the cheapest that one could ever hope “being a customer” would cost.

So, lots of people say they want to be customers, but even when doing so is close to free, very few actually do.

(Nothing wrong with using Google because it’s free, only while concurrently claiming to want to be a customer. I agree with your point and I’m a happy FastMail customer. I’m amazed FastMail can make a profit at $40 and it’s a huge credit to them that they can.)

Comment on: How do I stop comparing myself to others?

2015-11-08T07:52:11-08:00

I posted a comment on the Hacker News thread “Ask HN: How do I stop comparing myself to others?.”

Society didn’t offer “Start a geek-centric Web service, then spend years quietly building it profitably, and do so while living in a dozen different cities” as a viable journey, let alone a valuable goal.

Here’s the comment:

Find a goal or even a yardstick that’s more meaningful to you than to anyone else. Ideally, also find a path to it that’s uniquely appealing to you.

It’s way harder to think about what you want than to hop on to society’s defaults (schools, work prestige, wealth, looks, ..). http://www.paulgraham.com/love.html touches on this (“if you admire two kinds of work equally, [choose the less prestigious]”).

When no one else is trying to accomplish the same thing in the same way, only absolute measurements matter: how close did you get? How much did you enjoy the ride?

Papertrail joins SolarWinds and accelerates growth

2015-04-28T09:00:00-07:00

I’m thrilled that Papertrail is now part of SolarWinds. Here’s more:

Papertrail joins SolarWinds and accelerates growth on papertrailapp.com
SolarWinds Adds Cloud-based Log Management Capabilities with Acquisition of Papertrail on solarwinds.com
Bootstrapper success story: Seattle startup Papertrail sells to SolarWinds for $41M in cash on geekwire.com

Notes on standing desk

2015-01-04T16:14:55-08:00

I posted a bit about my first 6 weeks with a standing desk on Philip Greenspun’s blog. The post is below.

I bought both a GeekDesk Max frame and an Uplift 920. The 920 has a removable section of the desk mount so it can accept a full-depth keyboard drawer.

I kept the Uplift and after 2 months, am thrilled with it. They’re both excellent products and incredible values. I opted for the Uplift because of the removable section, a longer warranty, no back brace between the legs (leaves room for bike or taller treadmill), and a design which allows the controls to be mounted anywhere. I don’t see any difference in sturdiness or daily use. The motor on the Uplift is slightly faster, but it makes no difference. I mounted an IKEA Numerar solid butcher block on it, mostly because just about all desktops on the market are deeper than the ~24” I wanted.

A lot of adjustable standing desks are actually rebranded legs, controls, and control boxes from a company called LINAK: LINAK. Other than the very high-end office furniture makers, I’d guess more than half of electric adjustable desks are from LINAK VARs (GeekDesk and THS included): LINAK Deskline

Now that I know how to spot them, I see Uplifts everywhere. The standing desk photo in this article is the Uplift or identical components.

Along with the desk, buy a large CumulusPRO mat: The Wirecutter. A quality anti-fatigue mat is not optional. I also use a Kinesis Freestyle split keyboard and Evoluent VerticalMouse. Typing and mousing feel like extending my arms forward. Otherwise, just listen to your body. If you’re exhausted or something hurts, sit down.

I have no firsthand experience with a treadmill desk. Our accountant uses a treadmill desk and has for years. He swears by it.

I bought my desk intending to add either a treadmill or a bike. Last week, I ordered a bike because I wanted to also use it for full-energy cycling (while not working or barely occupied). It’s essentially this, only with a belt drive Sunny SF-B1002 flywheel bike instead of the chain drive Marcy bike in the photo.

Improve Linux tcp_tw_recycle man page entry

2014-11-23T09:01:38-08:00

We recently identified the cause of a problem affecting one of Papertrail’s service providers. Their hosts occasionally could not establish TCP connections with a seemingly-random small set of Internet hosts.

Troubleshooting was difficult because:

The affected hosts changed. One host would oscillate between being able to establish a connection for a few hours (or days) and not, seemingly with no pattern.
I didn’t have direct access to the service provider’s hosts or the end users’ hosts. This made reproducing the problem in a controlled environment basically impossible. “Paste the output of..” and “Run this packet capture..” was what I had to work with.
I couldn’t draw conclusions from the end users who reported the problem. Fewer than 5 users reported problems and they were biased towards inquisitive people (who investigated or reported the first occurrence) or those who experienced the problem multiple times. Presumably, some end users couldn’t connect once and just tried again later.

Among this tiny pool, there was one common theme: the remote hosts traversed NAT. My investigation eventually led to tcp_tw_recycle, a Linux sysctl flag with far more Google results than it deserves. Here’s why.

Linux TCP header verification

Modern Linux kernels verify that TCP header values meet certain requirements. These include “Protect Against Wrapped Sequence numbers” or PAWS, defined in RFC 1323, and RFC 6191 “Reducing the TIME-WAIT State Using TCP Timestamps.”

With tcp_tw_recycle enabled, a connection’s TCP header timestamp value is retained in cases where it otherwise would not have been kept. From tcp_ipv4.c:

if (tcp_death_row.sysctl_tw_recycle &&
    !tp->rx_opt.ts_recent_stamp && rt->rt_dst == daddr) {
        struct inet_peer *peer = rt_get_peer(rt);
        /*
         * VJ's idea. We save last timestamp seen from
         * the destination in peer table, when entering state
         * TIME-WAIT * and initialize rx_opt.ts_recent from it,
         * when trying new connection.
         */
        if (peer != NULL &&
            peer->tcp_ts_stamp + TCP_PAWS_MSL >= get_seconds()) {
                tp->rx_opt.ts_recent_stamp = peer->tcp_ts_stamp;
                tp->rx_opt.ts_recent = peer->tcp_ts;
        }
}

The problem: the TCP timestamp is only tracked on a per-remote-IP basis, yet some NAT devices don’t rewrite TCP timestamps in the translation process. As a result, the Internet-facing IP of a NAT device may transmit valid packets with unrelated timestamps.

The problem we saw manifests when more than one remote host (for example, two employees on an office network) try to connect to this Linux host within a few minutes of one another. The first connection will succeed, but the second connection attempt (from the same public NAT IP) will fail. The kernel considers its timestamp invalid.

In another function, a comment hints at the difference between tracking timestamps on a per-host basis and doing so on a per-port-pair basis. From tcp_ipv4.c:

/* With PAWS, it is safe from the viewpoint
   of data integrity. Even without PAWS it is safe provided sequence
   spaces do not overlap i.e. at data rates <= 80Mbit/sec.

   Actually, the idea is close to VJ's one, only timestamp cache is
   held not per host, but per port pair and TW bucket is used as state
   holder.

   If TW bucket has been already destroyed we fall back to VJ's scheme
   and use initial timestamp retrieved from peer table.

Note: I haven’t read anywhere near all of Linux’s TCP header source. If you find an error in this post, let me know.

Root cause

Although that’s the problem, the root cause is poor documentation. The two places that a systems administrator is most likely to consult are the kernel IP sysctl docs, which suggests consulting “technical experts”:

tcp_tw_recycle - BOOLEAN
        Enable fast recycling TIME-WAIT sockets. Default value is 0.
        It should not be changed without advice/request of technical
        experts.

.. and the tcp.7 man page, which says:

tcp_tw_recycle (Boolean; default: disabled; since Linux 2.4)
        Enable fast recycling of TIME_WAIT sockets.  Enabling this
        option is not recommended since this causes problems when
        working with NAT (Network Address Translation).

Neither of these explain what the option changes or how it interacts with NAT. I’ve submitted a patch for the man page. The changed copy warns of the possible impact and says where to learn more.

Enable fast recycling of TIME_WAIT sockets. Enabling this option is not recommended for devices communicating with the general Internet or using NAT (Network Address Translation). Since some NAT gateways pass through IP timestamp values, one IP can appear to have non-increasing timestamps. See RFC 1323 (PAWS), RFC 6191.

There’s also a 2013 BCP (“Network Address Translation Behavioral Requirements Updates”) which informs future NAT implementors of this consideration.

Clearer permission message for Chrome new tab extensions

2014-08-16T10:38:02-07:00

In creating Taco’s Chrome extension, I became familiar with Chrome’s permission system. An extension defines the information it accesses, like request history, and Chrome shows permission-specific descriptions to end users when they try to install it.

I recently added the topSites permission to Taco’s extension, which grants very limited access: the URLs and page titles of the 20 most frequently visited sites. It’s the information shown on Chrome’s new tab page.

When I added this permission, here’s what Chrome presented to users (as reported by a justifiably surprised user):

@tacoapp The reason I ask is that it states on your website that the extension 'can't access your browsing data'… pic.twitter.com/9EUFn4TrW5
— Adam Sait (@adamsait) August 15, 2014

“Read your browsing history” isn’t an accurate description of the access Taco has, especially when a different permission level (“history”) exists which does grant exactly that. I’m sure that led some users to uninstall the extension instead of upgrading and granting this permission, so I wanted to solve the problem for other users like this person and for other extension authors.

I found this Chromium issue about improving permission descriptions and posted a request and a followup justification, both duplicated below. The justification led to Chromium issue 404334 to change the description to something clearer, like “Read a list of the 20 sites you most frequently visit.”

Comment #1 (original)

Our users encountered this problem. Namely, as permission warnings says, the topSites permission causes users to see the same user-facing description as the history permission, even though it has far, far less access.

Both permissions say it’s possible to “Read and modify your browsing history.” While that’s accurate for the history permission, for topSites, it should say something like “Read the 20 most frequently visited URLs” or “Read most frequently visited URLs.”

(If one wanted to be really user-friendly, I could see checking for newtab in chrome_url_overrides and adjusting the message for that, like “Read most frequently visited URLs (such as for new tab pages)” or linking to a page which says same.)

Anyway, end result is that right now, end users can’t tell the difference between two permissions which should involve very different amounts of trust.

Comment #2 (original)

Thanks for the fast reply and thoughtful comments, Mustafa. I totally agree that none of these is universally perfect. I do think there’s 3 challenges with the current (new) topSites description:

When interpreted by almost any user, it’s inaccurate. No user thinks of “browsing history” as “the most frequently accessed sites,” let alone “the sites on my new tab page.” It uses a phrase (“browsing history”) which, while obviously not intentionally wrong, doesn’t mean what it’s intended to.

Here’s an example I encountered today: tweet. Nobody thinks “browsing history” means “URLs of top 20 sites.” This manifests in lower user satisfaction because users decline to use extensions they’d actually be comfortable with.
Users can’t differentiate between 2 very different permission levels. By conflating two very different amounts of access (topSites and history) into the same single message, a user isn’t told the difference. Many, maybe a majority of, users who would be uncomfortable granting history would be completely comfortable granting topSites.

In as much as the goal of the permissions system is to let users make informed decisions, two very different amounts of access should be described differently. (The corollary of this argument: if they aren’t different enough to justify different descriptions, we might as well obsolete topSites and exclusively use history. I don’t think that at all, though!).
It deters extensions from using topSites, or would if extension authors knew about this problem ahead of time. I just released an update to a new tab page which started using topSites (tweet). If I’d known 24 hours ago what I know now about the permission wording, I would not have added topSites support to our extension. Because it’s so generic, the user message is scarier than the feature justifies.

Experience as a customer of Simple.com

2014-05-21T15:12:54-07:00

Jack Gavigan posted What would a disruptive bank look like? and Simple Finance Technology Corp. (AKA Simple.com, formerly BankSimple) was one of the services he used as a baseline.

I’ve been a customer of Simple since very close to day 1, so I posted a comment with off-the-cuff notes. My comment is duplicated below.

Here’s my notes on experiences as a customer since very close to day 1.

Overall

Simple does almost everything I want from a basic retail bank. I felt like they had enough access and control to try to solve many of the problems I’d had with other banks. Without the full stack, they still had no shortage of ways to stand out.

Completeness

I actually wanted fewer internally-maintained features than Simple provided. For example, I didn’t use Simple’s goals at all, though I can see from Twitter comments that some customers did. As another example, Simple’s automatic merchant name cleanup was a minor convenience at best, and had enough errors that I’m not sure it was worth the effort.

Simple had basically reached maturity for a basic retail bank. Yes, there was and is more it could do, but they’re the long tail of retail banking features. (What would an end-to-end reinvention of a bank let them provide that isn’t doable today? Perhaps doing less, not more, and exposing “raw” parts of the stack for a future ZenPayroll or Balanced to consume).

Support (and paying for it..)

Support made or broke the service to a degree that I didn’t expect, even coming from a bank where I had a personal rep. Simple’s site treats support discussions as the first-class elements they are. The staff is responsive and savvy. It made a huge difference.

I don’t know how interchange fees would cover the costs of Simple’s customer support, let alone software development, ops, and support. Although support was very thorough, Simple didn’t spend a lot of effort turning answers into something that would let other customers find the answer themselves.

Many of my questions were factual topics which could easily go in a FAQ: policies, limits, service features. Obviously I’d like my bank to be sustainable on the fees it collects, which made it somewhat frustrating when I had to ask a question that didn’t then end up somewhere in Simple’s docs.

This might be a comprehensive FAQ (yes, there’s a FAQ, no, it’s not comprehensive), a public Discourse-style forum, or giving certain customers edit access to the existing FAQ and having staff moderate and release the changes. I think Simple was hoping to differentiate mostly on service, so providing fewer human interactions didn’t really appeal.

It felt like there was a decision here: either they’re a premium bank with a monthly price, or they’re a friend-of-all consumer bank like what WaMu tried to brand themselves as.

Oaxaca street food recommendations

2014-03-30T14:08:23-07:00

When I returned from Oaxaca, I found a Chow.com thread titled “Oaxaca for dummies.” I’d eaten at most of the sit-down restaurants mentioned in the discussion, yet they weren’t meals I enjoyed most or remembered most. Street food was. I wrote this comment with food truck and tianguis/market meal suggestions. My comment is duplicated below.

trying to support entrepreneurs in Oaxaca. added Tlayudas Doña Gloria to Google Maps, Flickr: http://t.co/V7JZmO1nyN, http://t.co/qDbkesD2sP
— Troy Davis (@troyd) November 12, 2013

I just returned from 4 months in Oaxaca. Here’s my very condensed best-of.

DESAYUNO - TACOS: 2 taco stands setup on the sidewalk at the far NW corner of the Templo del Carmen Alto starting at 8:30: Google Maps

Get a tinga taco from the southern-most one (in the corner), then walk on to the northern one on the sidewalk. If the northernmost one isn’t there that day, get 1 tinga and 1 chorizo :-) It’s actually on Foursquare.

DESAYUNO - MUFFIN: the Cafe Brujula on Garcia Vigil bakes berry muffins every morning. They come out at about 9: Cafe Brujula. Most pastries in Mexico are little more than sugar and flour. These muffins are amazing and the venue is nice for wifi. Skip the banana loaf thing if that’s all they have.

COMIDA - TOSTADAS: Tostadas at a stand about 3 meters into Parque El Llano (off of Avenida Juarez). There are a handful of stands throughout the park, so I’ve attached a map with an X where this one is. At least as of this writing, it has a green awning and is run by 1 woman and sometimes a man. They’re around every day. Recommend 1 or 2 tostadas with tinga, tasajo, or whatever she’s got.

COMIDA - TORTA: Every Friday, there’s a mercado at Parque El Llano. At the southernmost street bordering the park, there’s a taco stand called. Chitos Tacos or Chatos Tacos It’s across the street from 100% Natural, facing north into the market. Get a torta Hawaiana and a taco.

CENA - TLAYUDA: after 8:30 or 8:45 PM (which is not late for dinner in Oaxaca), get a tlayuda con tasajo from Cenaduría Doña Gloria: Google Maps.

If I picked one must-have meal in Oaxaca, this is it. The food is amazing, uniquely Oaxaqueñan, and you’re eating on her front porch.

It’s great with friends, and if you’re so inclined, bring a beer poured into a Coke bottle. Ask for cebollas on the side and she’ll hand you a Tupperware of awesome.

The map is dead-on accurate. You’ll see this sign on the sidewalk of Río Amazonas: Cenaduría Doña Gloria

Many of the streets in Xochimilco/La Cascada are dead-ends, but if you’re lost, ask someone and they’re likely to know where she is.

The walk from El Centro is really nice, too, and leads past where Mercado El Pochote happens every Friday and Saturday: El Pochote.

Enjoy!

Taco: Basecamp to Zendesk, all your tasks on one place

2013-06-22T16:00:00-07:00

My take on productivity, Taco, is now on Kickstarter: Taco: Basecamp to Zendesk, all your tasks in one place. As I told friends:

“Most of you know I run Papertrail and that it takes all of my time and then some. I’ve stayed sane because of a unique Web app that I’ve been prototyping and using daily for 23 months.”

Last week that secret weapon took on a life of its own when Taco launched on Kickstarter.

Even the creator of Rails took notice:

Nice kickstarter for a unified todolist that brings content together from Basecamp, Github, Google, and others: http://t.co/To88EwsXh6
— DHH (@dhh) June 19, 2013

Take a look and see whether it fits the way you work. I look forward to bringing you the same fine productivity I’ve enjoyed for 2 years.

The elements of a great customer support reply

2013-04-03T15:39:00-07:00

I wrote a comment reply on “A Better Feature Request Email” (at SupportOps) that covers the elements which I think go into a great customer support reply. I also rewrote an example reply from the blog post. My comment is reposted below or you can read the thread.

Your reply is absolute gold. I don’t have much to add. I completely agree it’s all about being authentic, whatever authentic is. I particularly love the “You company should be customer inspired not customer driven.” I can’t imagine any better way to state it.

My responses boil down to 3 things:

demonstrating that I understand what the user asked for, whether it’s by restating it in my own words or talking through the pros and cons of what they propose.
either clarifying what they’re asking for and why (the back story that led to needing it) or when none is needed needed (like because the request stands alone or we’ve already thought about it), sharing our thought process about it rather than just an answer.

This is by far the most important part because it means the user is a peer in the process. They should have the opportunity to explain why I’m (we’re) wrong, just like a co-worker of mine would. if I’m suggesting some other way to solve the same problem, it forces me to talk through (justify) its pros and cons clearly.
providing a clear resolution, whether it’s that nothing will be done, that’s the use is on our radar and I see the value but it’s not likely to happen anytime soon, or that we love it enough that it’s likely really soon. (We don’t do a roadmap or anything like that, and I think they – and committing to them – do more damage than good.)

Now I need to put my keystrokes where my mouth is. For a new user with whom I’ve never interacted, I might write something like the reply below. I made up the facts to show a range of responses, though I may only have one. For questions which I’d answered before, the meat would be based on an existing reply. I’d adapt it to the recipient’s apparent interest – is it more “I want..” or “You guys should..” – and technical ability.

Hi James,

Thanks for trying SupportOps and moreover, for caring enough about it to spend the time to send this suggestion. I appreciate it.

There’s not a way to login with Facebook or Twitter credentials. I can understand why you’d want to, though, especially if you’ve standardized on one of them as your login service at other sites. Right now I have so many passwords that Keychain or LastPass are the only way to keep them all.

We do one thing that’s made logging in way less tedious for me: SupportOps’ login time (session duration) is 4 weeks. If you’ve checked “Keep me logged in,” you should not see a login prompt more than once a month.

Based on your email, I think we’ll improve it by resetting the timer on every page view. I know that yet another password isn’t great, but at least you’d almost never see a login prompt. I can’t commit to it, so I’ll let you know if and when that goes live.

Abstractly, I’d like to add third-party authentication. would probably be what we used, since it’s most related to SupportOps. That said, basically all of our dev resources are going into the core service right now. might be used by 20% of SupportCo users, and we’re not done with big changes that improve the service for almost everyone.

(I might also write: “One thing I’ve learned is that aside from the actual integration, providing a great user flow with third-party services is a lot harder than it seems. http://viget.com/extend/facebook-connect-ux-challenges explains more. I think maintaining a great UX would mean we’d need to invest the time to get it right.” -Troy)

I’d welcome feedback here, and thanks again for giving me the chance to talk through our current thinking. if you have any other questions, just let me know.

Troy

Why Web apps suck at invoices (and vice versa)

2012-09-04T00:00:00-07:00

On the Scout support mailing list, a prospective customer asked to receive an invoice instead of the typical credit card payment. I have some unique experience with that, so I posted the comment below as food for thought (see thread).

This is “Why Web apps suck at invoices” and “Why invoices suck for Web apps,” all rolled into one. Next time someone requests an invoice, send them here.

Subject: invoice billing (was: Re: Fees for Rails Apps..)

I’m not affiliated with Scout except as a customer, but I run an unrelated subscription Web service that sells to businesses and I’m occasionally asked the same question. It sounds like a really simple request, so I can understand the frustration at not being able to accommodate it.

I wanted to add some color about how challenging it is to provide invoices. I’m speaking only about my experience, not Scout’s. Here’s why this is often a much bigger pain than it looks like, and is often actually a disadvantage to both parties:

Everything is a one-off. Almost everyone who wants an invoice also needs some other customization: the delivery process, the followup, the formatting (“We’re in Germany and our government requires you to tell us who we are”), whatever. Aside from tracking those one-offs, they makes it harder to solve or automate the other issues below. Which leads me to..
Everything requires a human. If you don’t pay, a human has to email you, and it will almost never be worth the time to automate that process (especially in light of customer-specific processes above). Even something as simple as a credit becomes a time sink. A human needs to figure out how much is due (best case, transferring the amount from a summary email that a developer had to implement; worst case, calculating it manually); figure out how to get you the money (edit a future invoice, reissue an existing invoice, or cut you a check); deliver that credit, probably to someone in accounting who doesn’t know anything about what’s being purchased; process the payment; and come back a few weeks later to verify it was paid.
Someone has to go to the PO Box and then to the bank, and it needs to happen often enough that you don’t look like an idiot for depositing a 2 month old check.
Reconciliation is harder. Accounting typically needs an entry for every individual customer payment, rather than one per day per credit card or however other transactions are handled.
Having an elastic payment method is really awesome, and our service and many others bake that assumption into our UX decisions and business processes. By “elastic” I mean that the amount isn’t set in stone a month before the service is provided. What should happen if you add a new host that you didn’t plan for? Does the vendor extend credit, or do they issue an invoice with a pro-rated line item and make you wait until it’s paid? How about 100 new hosts? Before long, the customer is predicting and committing to a certain amount of usage, quite possibly just to make billing simpler, and we’ve undone 15 years of software-as-a-service progress.
All of this distracts from making the product better. Whether a company has 2 people or 100, the resources are finite, and at some level any other work is in place of product improvements. No Web service will ever be great at invoicing, most will never be good at it, and not one will ever enjoy it. That “morale debt” accumulates.
The overhead will eventually be reflected in prices, and it’s way higher than the ~3% for credit cards. This thread started as a question about fees. One reason that Scout is such a good value is that their decisions mostly optimize for practical value. Building off its usage-based fees, would you be willing to pay a $25/invoice fee, and/or have a $500/invoice minimum? From my own experience, that’s the absolute minimum it takes to make this practical, and I’m probably still way too low.

None of this is rocket science, it just takes time, and that’s why invoices suck for typical business subscription services. I consider it a positive that Scout is savvy enough to focus on what they’re good at.

Finally, a potential solution: get a company card that’s only used for recurring purchases like this. You’re freed from monthly employee expense reports and accounting gains authoritative information about the transaction, since it’s essentially their card.

Examining borrower privacy in peer-to-peer lending

2012-08-21T00:00:00-07:00

I just noticed that the sales reports published by Lending Club contain enough personally-identifiable information (PII) to be, well, personally-identifiable. Per the instructions on their privacy policy, I emailed this to the privacy role account.

As a point of reference, here’s the equivalent prospectuses and an example sales report from Prosper. Prosper doesn’t seem to publicly disclose a borrower’s employer or city, only an job category and a state. Prosper’s freeform loan descriptions are more detailed and the borrower sometimes refers to a location, but the aggregate information is still not generally enough to identify the borrower, and never is unless the borrower over-discloses. I am not affiliated with either service.

Here’s the email to Lending Club (August 21, 2012) and their reply (September 6, 2012):

Hi all,

I’m a prospective lender and I just skimmed the prospectuses and the sales report filings, then I read them, the privacy policy, and the privacy section of Lending Club’s knowledge base in more detail. The privacy policy contains two material discrepancies, one of which I believe is substantial. I explain the discrepancies in detail below.

I believe the fix is relatively simple: the new borrower signup process, the privacy policy, and the knowledge base privacy section should all contain visible, obvious links to the sales reports. Right now they’re buried, and the privacy policy spends lots of words to (incompletely) describe how much will be disclosed. The borrower should be shown the actual information which will be disclosed about them, using the existing sales reports as an example. I believe this description explains the disclosure much more clearly:

If your loan is funded, Lending Club must publicly disclose certain information about you as part of public SEC filings. This includes employer, year hired, city, income, loan reason, and credit information. Click here to see examples of Lending Club loan disclosures.

I’m spending the time to write all of this down because I want to see peer-to-peer lending and Lending Club succeed, so please let me know if I can clarify anything here. Here’s more details about the 2 discrepancies:

The information disclosed about borrowers in sales reports is enough to identify many of them individually. Although the information doesn’t contain a real name, the privacy policy states:

Personal but not personally identifiable information about borrowers is contained in loan listings that can be viewed by all users and is filed with the Securities and Exchange Commission and as such is made publicly available.

This is inaccurate. Using the information on Lending Club’s sales reports, I could personally identify many individual borrowers, and take an educated guess about many more. In some cases this would take a bit of existing information, such as from discovering a loan request from a co-worker based on their listed employer. I can almost guarantee that another employee of Friendship Public Charter School, Reis Law, pair Networks, Fundly, and many other small- and mid-size employers listed on the 2012-08-21 sales report could name the borrower using only information from the report.

In other cases, the combination of employer, year hired, city, income, and freeform text description is enough for a stranger to identify them using relatively simple Google, LinkedIn, or Facebook searches. For many companies, the combination of those fields is unique throughout the whole company. It’s often very unique, like because only a few people were hired in a given year. Also, the “Earliest credit line” field is often a reasonable proxy for the borrower’s age, and is at least a minimum age.

In those cases, a single external corroboration such as a LinkedIn job announcement, a title transfer on BlockShopper, or a Facebook photo posted to the company’s page could be enough to attach a name.
The credit score information is both public and disclosed alongside other information which is personally identifiable. The data disclosure section says:

Qualified Lending Club investors will also see certain credit data collected from or calculated based on your credit bureau file. It is necessary to allow prospective investors to see this information as they evaluate your loan request. The information displayed to investors includes a credit profile section and a credit history section. As noted above, this information is also contained anonymously in loan data files available on the statistics page.

It goes on to define the fields disclosed as part of the credit profile and the credit history.

It doesn’t say that the credit information is disclosed alongside lots of other personal data. Even when that information is not enough to be personally-identifiable (discrepancy #1 above), it’s public and visible to anyone. It’s not visible only to “Qualified Lending Club investors,” and perhaps more importantly, the disclosure is not on a loan-by-loan basis. In reading the paragraph above, I would interpret it to say that my information will be temporarily disclosed to all qualified lenders (prospective investors) while my loan is being funded, then will be only shown to those lenders who actually funded my loan. That isn’t the case.

Thanks,

Troy

Reply from Mark D’Arrigo, Associate Counsel, Lending Club:

Mr. Davis:

Thank you for your email regarding the protection of personally identifiable information on the Lending Club website. Lending Club takes consumer privacy seriously and has implemented procedures and policies designed to protect consumer information. We appreciate your detailed feedback and have discussed your suggestions regarding our Privacy Policy and disclosures to members. However, we believe that our Privacy Policy is consistent and does not contain material discrepancies.

As part of our consumer privacy efforts, Lending Club informs applicants regarding the type of information that will be disclosed to the public both in the Privacy Policy itself and throughout the application via the use of tool tips, a pop-up that notifies the applicant that information placed into certain fields is made available to the public. We also review loan titles and free-form answers provided by applicants in an attempt to limit the exposure of personally identifiable information that applicants may provide outside the marked application fields. Lastly, credit information is only available for viewing by Lending Club members and not available to non-members merely perusing the site. As you noted, from the information available on our site, members such as yourself can view the information about borrowers that Lending Club must file with the Securities and Exchange Commission. We do not agree, however, that this constitutes “personally identifiable” information. Your letter indicates that you were only able to take an “educated guess” about the identity of some borrowers using information you gathered from other sources. The fact that certain limited information regarding borrowers is viewable through the Lending Club website – which, again, Lending Club flags as publicly disclosed in the application itself and in our Privacy Policy – and that similar information may also be available through external sources that contain additional information does not, in our view, indicate that Lending Club displays personally identifiable information or that our Privacy Policy contains material discrepancies. We also do not believe that the manner in which certain personal information is presented on the website is inconsistent with our Privacy Policy or other consumer protection initiatives.

Although we disagree with your conclusions and interpretations, we appreciate your email and thank you for your feedback. We periodically review our consumer privacy policies and processes and will take your specific suggestions under consideration as part of that review process. Thank you very much for your time and your interest in Lending Club.

Sincerely yours,

Mark D’Arrigo

Associate Counsel

A few days with the SlimFold Tyvek Wallet

2012-08-19T00:00:00-07:00

Update (January 19, 2014): After 2 Slimfolds, I’m still completely satisfied. I ordered a Slimfold Micro today. Read on for my initial experiences.

My SlimFold Wallet arrived in Bangkok. Here’s a photo of mine when loaded.

After five days - and two walks through monsoonal downpours - I highly recommend it. A few smart UX choices make all the difference.

Each section actually holds two cards. In the photo, you can see both card pockets on one of the sections. There’s two more sections (four pockets) inside. It doesn’t try to make a statement about how much crap I should carry.
Cards are held firmly because the Tyvek isn’t pre-streched. Each pocket retains whatever capacity you stretch it to. (My tendency to RTFM/Skim TFM paid off here: the instructions warn not to ever stuff two cards into one pocket.)
They chose a good compromise between thickness, capacity, and physical size. It’s slightly larger than a typical trifold, and in return, can hold 10 cards and still stay hipster thin.
The ID pocket is secured by a folding tab, and more remarkably, it actually stays closed.

The creator notes that he made and tested over 100 prototypes, and it shows. It’s available in Plutonian Gray, Steal Me Orange, and now Everyone Asks For It Black.

Troy Davis

Letter to Washington State legislators about consumer data privacy bill (SB 5062)

Checklist for configuring iPad for regular people

Chrome loves auto-play, but do users?

Roon: More ways to discover/play music not in my Roon library

Summary

Background

The problem

The longer-term solution

DIY 360° review: how I asked colleagues for anonymous feedback about myself

Why I did this

What I wanted to learn

How I asked

A Wufoo form

An email request

Results

Questions to ask before joining a startup

The role

The offer

Meta

If Yelp put quality above quantity…

FastMail as “customer or consumer?” experiment

Comment on: How do I stop comparing myself to others?

Papertrail joins SolarWinds and accelerates growth

Notes on standing desk

Improve Linux tcp_tw_recycle man page entry

Linux TCP header verification

Root cause

Clearer permission message for Chrome new tab extensions

Comment #1 (original)

Comment #2 (original)

Experience as a customer of Simple.com

Overall

Completeness

Support (and paying for it..)

Oaxaca street food recommendations

Taco: Basecamp to Zendesk, all your tasks on one place

The elements of a great customer support reply

Why Web apps suck at invoices (and vice versa)

Examining borrower privacy in peer-to-peer lending

A few days with the SlimFold Tyvek Wallet