Recently I switched to a new calorie counting app, Cronometer. I’m quite happy with it. It’s a huge improvement over MyFitnessPal (MFP) or Lose It and is not exploitative like Noom.

The key improvement with Cronometer is accuracy, particularly good data sources for nutrition information. MFP offered obviously wrong entries from random people, sapping my confidence. Also it’s quicker to log things from a trusted database.

And the app works well. Cronometer’s UI is modern and easy to use. It doesn’t display extra distractions. MFP’s insistence on scolding me about things I don’t care about was a bummer. The data sync is fast. And they have a good data export, something MFP won’t do.

I have some minor complaints. Cronometer is very excited to track macros and every single obscure nutrient (threonine, selenium?!). I really only want to track calories. Fortunately the other things don’t take up too much space. They also display ridiculous calorie precision in the diary. But that feels like a rare UI mistake, not a general design ethos.

The free version is pretty complete. The $55/year paid plan adds a bunch of stuff, the one I care about is dividing your diary up into individual meals.

I have a long history with food diaries, more off than on. Having a good app that I trust and is easy to use is important.

After yesterday’s post about passkeys I got enough answers to learn how to use passkeys myself as a consumer. Here’s what I learned. If you want to try it yourself, https://www.passkeys.io/ is a nice demo server.

Passkeys work a lot like passwords do today. You create a different passkey for each website and use it to log in. Your passkeys are stored in what’s called a “Passkey Authenticator”, agent software on your computer. (Behind the scenes passkeys use public key systems that are better than passwords.) Your phone probably works today as a passkey authenticator but most sites don’t support passkeys yet.

Managing passkeys — backing up, migrating, sharing passkeys between devices — is still a work in progress. Android and Apple both support syncing passkeys between devices, that’s important so you can log in even if you don’t have your phone with you. Some software can also delegate. For instance Chrome on Windows will use Bluetooth to use a passkey on a nearby Android phone.

The passkey authenticator is the main user interface. The rest of this post is notes on what authenticators are available to consumers. See also this companion piece that’s a deep dive into the user experience on Android, Chromebooks, and Windows.

Apple seems the best implementation of a passkey authenticator today. It’s built in to Keychain, Apple’s existing authentication product that is pretty well designed. There’s a bunch of screenshots in this article of how the Apple experience works. My Apple-using friends say it’s pretty usable. Keychain is connected to iCloud and your passkeys are synced between devices.

Android has a passkey authenticator built in to the “Google Password Manager,” which already saves ordinary passwords you use in the phone’s web browser. Here’s Google’s docs for users about that and some technical notes on security. Android syncs syncs passkeys between devices. It’s also pretty usable but passkeys are Android-only, not available on desktop (yet).

Chrome on Windows or a Chromebook has passkey support. But the Chrome browser doesn’t store passkeys itself, it delegates to nearby Android devices via Bluetooth. Firefox and Edge on Windows can also do this delegation. Chrome can also delegate to Windows as the passkey authenticator instead of Android.

Microsoft Windows has an authenticator that is connected to Windows Hello, their relatively new login system. I don’t know much about it.

1Password, the password agent, is shipping passkey support in about a month. They have a demo that actually works on Chrome and Edge. It’s nice!

Dashlane, the password agent, has passkey support. Sounds like early days but usable.

Yubikey, the hardware login token, has a passkey story. I don’t know much about it, their writing points out that passkeys aren’t really anything new and they’ve been doing this kind of thing all along.

Having spent most of a day playing with this stuff my main impression is it works today and is usable. My main concern is there’s no support anywhere for migrating your passkeys out of, say, Google Password Manager and in to Apple Keychain. And I fear given business realities no one is in a hurry to enable that. The other problem is how long it will take sites to adopt passkeys; we’re going to be stuck with passwords for a good long time.

That’s the post. What are passkeys? I don’t have answers, just questions. I believe passkeys are a great idea but the tech world is doing a terrible job explaining them. Someone really needs to explain how passkeys work in Internet products. Existing descriptions aren’t sinking in, as evidenced by the confusion online. For instance this Hacker News discussion where a new Passkey product announcement is met with a bunch of basic questions about what the product does.

The tech is pretty well defined: Passkeys are a password replacement that uses WebAuthn to log you in to stuff. Companies are widely deploying them now: Apple, Google, Microsoft, 1Password. Passkeys are an industry consensus and are arriving in production very soon or already has. Great! Now then what are they really?

Here’s some questions from my perspective as an ordinary if expert Internet user. I own a few computers and phones and don’t want to trust just one company with my entire digital identity.

• What device holds my passkey(s)? Let’s assume it’s my phone.
• What software do I use for my passkey(s)? I trust 1Password already; can do they do all my Passkeys for me?
• Who issues me a passkey? Let’s say Google issues me one.
• Logging in to Google with a Google passkey is easy, right? I just unlock my phone and press a button? Awesome!
• Do I have many passkeys or just one?
• How do I log in to my Mastodon server? Can I use my Google passkey there too? Or does my Mastodon server issue a different passkey?
• How do I log in to Google if I temporarily don’t have my phone with my passkey on it?
• How do I reset a passkey if my phone is stolen?
• How do I log in to other sites if Google goes offline or revokes my account or something?
• How do I migrate my passkeys to a new phone?
• Can I store the same passkey on several devices for convenience?
• Can I use multiple passkeys to log in to the same account?
• Can I share a passkey with my partner so we can both log in to the thermostat?
• Can I still use passwords to log in to a site even with a passkey enabled?
• I have two factor authentication with a TOTP code generator. Does the passkey replace my password? The code? Both?
• I really want to use two factors for my bank: I don’t trust just my passkey on my phone to log in me in. How does that work?
• Is there a way for me to generate a passkey myself so I don’t have to trust a company to issue it for me?
• Can I turn off passkey on a site and log in some other way?

The core of many of these questions is exactly what a passkey is. What I want to read is an article that explains the gestalt of passkeys and identity on the Internet in a way the answers to all these questions becomes clear.

My understanding from what I’ve read is that passkeys are an authentication token, basically a replacement for a single secret like a password. Naively that’d mean I’d need a different passkey for every website I log in to (just like I need different passwords). But I could be wrong. Or maybe the passkey intention is that we use federated logins, so sites like my Mastodon server use Google to help me log in? (That’s an enormous business problem, if so.)

My other understanding is a lot of my questions above don’t have good answers. Ie: revocation of a passkey or migrating to new devices. The product announcements from various companies say “trust us, that’s coming soon”. But I do not trust a company like Google or Apple to later add a feature that will make it easy for me to migrate away from their loving embrace. That stuff has to be defined and working before Passkeys are a good product for consumers and the Internet.

There really needs to be a good, clear description of Passkey as a product so questions like this aren’t being asked over and over again. I’m hopeful the folks working on this stuff understand the answers and just haven’t communicated it well.

I tried out Noom, the weight loss and cognitive behavioral therapy program. The app is more like CBT for upselling customers than CBT for weight loss. Now I’m hoping they’ll delete my sensitive medical data and refund the $3 they tricked me out of.

I was excited to try Noom. I’ve used basic calorie counters in the past and was hoping for something better. I’m also curious about CBT. And a friend recommended it.

The account creation process goes OK at first. Then it gets more and more involved, taking 10–20 minutes to fill out the questions. There’s little UI tricks to keep you engaged: fake progress bars, questions injected at random intervals. Classic product UI hacking.

At first it told me that I’d reach my weight goal in about a year. Seemed reasonable! Then it kept shaving weeks off that as I answered questions, like I was making progress already. The conclusion it came to is that I was going to lose 18 pounds in the first month. Pretty sure that’s not possible, certainly not healthy.

Then the upselling begins. They ask some questions to find out your interests and then offer premium packages. “Folks who pay for this package lose 35% more weight” Look, I just want to try the basic thing.

It looks like a 7 day free trial but before you know it they want you to pay asserting “it costs $10 to offer a 7 day trial”. Really? They gave me a choice of what to pay from $0.50 to $18.83. I chose $3 and had to pay via PayPal / credit card; super sus they don’t just use Google Pay on the Android app.

They also try to get you to sign up your friends. They talk about how having folks involved in your program will make you more successful. Which is probably true but then immediately they’re asking for email addresses and offering discounts and gift certificates. It’s marketing, not therapy.

The whole thing was so sleazy and deceptive. Particularly for a therapy-like product. Real therapists have all sorts of ethical guidelines to stop them from exploiting their customers. Noom instead seems to be using CBT to trick customers into paying more. Gross, gross, gross.

My Starlink Internet service has gotten pretty bad; I’m well under 50Mbps every evening and some hours I only get 5Mbps. (Compare 100Mbps+ last year.) I’ve given up trying to stream 1080p video at night; that’s a pretty dismal result for a new Internet service in 2022.

Starlink imposed major restrictions on US customers last month: 1 TB / month data cap and expected download speeds dropped from 50-200Mbps to 20-100Mbps. Details of all that on my secret blog. Note they didn’t drop the price, we’re still paying $110/month.

Maybe the new caps will help the congestion? I’m sympathetic to their technical problem. They have limited bandwidth and they have to share it somehow. Caps are an awkward solution; most users have no idea how much bandwidth they are using or why and thus can’t control it. Starlink’s caps are nice in that if you exceed the cap you just get lowered in priority, not charged money or cut off. So maybe it’ll be self regulating.

My real fear is that instead of improving service the result of all this is Starlink is just going to add even more customers to an already overloaded network.

This is gonna sound silly but one of the nicest home improvements we’ve done recently is install a new garage door opener, the Liftmaster 87504-267. It works so much better than my ancient old insecure garage door!

Internet access is the surprise best feature; I use it all the time. Mostly to walk in and out of the garage door without my car. There’s also a keypad remote I can mount outside so someone can punch in a code to open the door. Setting this all up was easy and reliable. There’s even a way to give Amazon access to open your garage for deliveries.

The opener also has a camera. I would have skipped that

• • • if I’d known, saved some money. But it’s actually quite useful! If I get a notification the garage door opens I can easily see on my phone what’s going on. Basic live views seem to be free, there’s a subscription if you want stored video.

Ken’s favorite feature is the motion sensor that turns the light on. The lights on the unit are bright, it’s enough to light the whole garage without having to flip a switch. I also appreciate there’s a battery backup built-in so if the power goes out I can still easily open the door. The drive itself is smooth and quiet too, belt drives are a real improvement.

The #1 upgrade you should do for an older house is a dishwasher; they got a lot better about 15 years ago. But #2 may well be the garage door opener.

Starlink is oversold in North America. I’ve had the service since March 2021 and it’s mostly great. But every evening it slows down. On bad nights I can’t watch a single 1080p video stream reliably. Over half of Starlink customers report problems. Starlink’s speed test app now admits “the network may be affected by slower speeds during busy hours”. As if that were OK.

Overselling capacity is a common problem with American ISPs. More customers = more revenue and if customers get a crappy experience? Too bad, there’s no regulation to stop them. Starlink has a serious financial challenge, so of course they have an incentive to oversell. And service quality is likely to keep getting worse. Their user growth is accelerating and the new RV service means literally anyone can buy a dish now without waiting (albeit at a lower service tier.) They are adding capacity but their growth plan hinges on the troubled Starship launch vehicle.

Customers were promised better. Starlink was advertised as offering 100-200Mbps and 20ms latency; their legalese description promises 50-250Mbps / 20-40ms. My reality is speeds drop to 10-20Mbps every evening. Upload speeds are tiny, often well below 5Mbps. 20ms latency is a fantasy; 50ms is typical. And capacity is highly variable minute by minute, a technical challenge for rate limiting protocols.

The US government is giving Starlink $900M to sell rural Americans 100Mbps download / 20Mbps upload. But Starlink is delivering just a tenth of that download speed during peak hours and nowhere near that upload speed ever. I hope the FCC RDOF contract includes measured performance targets.

I am still grateful for Starlink, it’s significantly better than anything else I can get in Grass Valley, CA. But they’re making a business decision that’s bad for customers. It’s a reminder of how important it is to have Internet competition. Investing in wired infrastructure is as important as ever.

Consumer websites need to be very careful about data deletion. There’s a risk of an account being hacked and deleted without the owner’s consent.

The GDPR includes a right to erasure, California’s CCPA has a right to delete. These are good laws, they allow an individual to require a company delete all personal data they have on someone. However this right also contains a risk. What if someone unauthorized requests the deletion? Proper deletion cannot be undone, in theory even backups should be deleted.

One solution is to delay the deletion and make every effort to contact the user before it’s done. Some users might interpret the delay as the company acting poorly but I think it’s an important protection against accidental or malicious deletion. Facebook has had a reasonable system for this for many years now; when you delete an account you have 30 days to change your mind. As a side effect some Facebook users keep their accounts in a perpetual state of almost-deletion, the super-logoff. Even better if the user’s data is hidden while in the delete-pending state.

I don’t know the legal niceties of whether a company can inject a delay. The GDPR language talks about “without undue delay”, which seems to leave room for a safety net. CCPA is explicit about businesses having 45 or 90 days to “respond to a request to delete”.

This whole post is motivated by my Goodreads disaster. One explanation for what happened is someone could have hijacked my Goodreads account and then deleted it to hide their tracks. At first I was outraged my data could ever be deleted, but Goodreads would be correct to do that in response to a valid request for deletion. And it looks like Goodreads will delete irrevocably immediately. (I’m not certain.) If they’d put in a 30 day delay I would have noticed in time. Speculating about this scenario made me realize that instantaneous deletion is a dangerous feature for any product.

After my Goodreads disaster I went and got dumps from every cloud service I care about that I could think to try. 13 in total, Twitter and Facebook and others. I’m impressed with the results.

The best of the data exports comes from Google Takeout. They were a pioneer in making a proper product out of data export and the Google Data Liberation Front did a lot of activism both within Google and externally to sell the idea. It’s not an obvious thing for a company to do; letting customers download all their data opens the door to competitors. But it’s the decent and right thing to do and it allows your power users to do complex things without much support.

Data export is also increasingly the legally required thing to do. The GDPR enshrines a right to data portability in the law governing businesses in the EU. California’s CCPA also has a data access right. It’s a little weaker than GDPR’s but a lot of sites seem to just provide GDPR to everyone, or at least to Californians. These are excellent regulations; they protect consumers and enable competition. They do put a regulatory burden on the companies implementing them but it’s not too huge and the technical infrastructure has other uses too. (Imagine, Goodreads could have backups of user data!)

One thing I hadn’t appreciated is how hard it is to build something to use the data. Recreating a product like Goodreads or Gmail is a lot of work! In practice the exports seem most useful when some other commercial service is designed to import them. There’s not a big ecosystem of open source tools to work with export data. Some of the data exports I got are pretty rough, low level dumps in CSV or JSON format. Then again Twitter has a whole working live webapp, you can browse and search nicely formatted tweets right from the files.

My Google data is the most valuable to me; I wrote up notes on what I found in my 67GB export. It’s impressive; Takeout covers some 50+ Google products, many of which have done a thoughtful job making their exports another designed product feature. Not only did the Data Liberation Front get the company to export the data but they created an infrastructure and culture of supporting and improving those exports. It’s a good thing.

Goodreads lost my entire account last week. Nine years as a user, some 600 books and 250 carefully written reviews all deleted and unrecoverable. Their support has not been helpful. In 35 years of being online I’ve never encountered a company with such callous disregard for their users’ data.

Do you use Goodreads? Don’t trust them with your data. Protect yourself with a backup; use their data export service right now. Consider quitting Goodreads entirely. LibraryThing and The StoryGraph are promising competitors. This blog post also has some ideas on DIY indieweb alternatives.

Don’t trust any cloud service with the only copy of your data. Most companies are not quite so reckless but consider what you’d lose if an uncaring company lost your data. Many of the better services have data export products; Google Takeout is fantastic, Twitter has good export, as does Facebook and Instagram and Letterboxd and others.

I’ve enjoyed using a product like Goodreads. My plan now is to host my own blog-like collection of all my reading notes like Tom does. It will be a lot of work to set up. Fortunately not all is lost, I happened to take a data export last July and I can recover some of the more recent data from emails they sent to my friends. It’s a shame they block Archive.org.

For anyone wondering how Goodreads could have simply lost all my data, I’m wondering too! It bespeaks contempt for users. And terrible system design, services should not be able to lose data irrecoverably. The specific bug is related to my removing Twitter API access to Goodreads last week (they stopped supporting Twitter login months before). Somehow that triggered their system to delete everything. Goodreads promises me it was a true delete, the data is wiped from their database. I don’t believe this: sites generally flag data as deleted, they don’t actually remove it. Goodreads also ignored my request to restore my data from backup. Either they don’t have backups or they can’t be bothered.

I’ve learned a hard lesson in trusting cloud services. Unfortunately just having a copy of your data isn’t enough; it’s a lot of work to build a useful product. In the meantime I will be more careful about which companies I trust. Goodreads has been in decline ever since Amazon bought them in 2013. Apparently an anti-competitive purchase, not a strategic acquisition.

The best thing an individual American can do right now to fight global warming personally is to switch to electricity for all your energy needs. In practice this means your next car should be electric and your next home heater should be a heat pump. Rooftop solar is an excellent idea too.

That’s the central argument in Electrify, Saul Griffith’s new book about global warming (Amazon). He’s been talking about this for awhile; Electrify covers a lot of the same ground as his free self published Rewiring America and his Make articles.

The most interesting part of the new book isn’t the personal advice but rather his global plan for how the whole world mitigates global warming. He starts by pointing out how urgent the problem is: we have to start doing more right now, this very year, and there’s no time to wait on new technologies. Electricity is the best form of energy for transportation and storage. The basic idea is to shift from fossil fuel to electric consumption while in parallel adding more carbon-neutral electricity sources to the grid. He argues we’ll need 4x as much electricity in the US to achieve full electrification but this is a huge net gain (50%ish) in both total energy consumption and actual costs. He advocates for an effort akin to World War II mobilization to get it done, financed with low interest debt.

What I like best about his argument is it breaks the Gordian knot about “what can we do”? Electrify now and work on adding clean energy sources. I also like his holistic clarity, he really looks at whole-world energy consumption and economics. The optimism is great too. I find the argument convincing.

That being said, I also think global warming is a terrible problem that world politics won’t solve in time. We’re at 1.2C warming now. The Paris goal of 1.5–2C seems impossible. 3C seems inevitable and I suspect we’ll get to 4C at least before warming starts to reverse. That’s an enormous global catastrophy so big I think we have to consider geoengineering in parallel to decarbonizing to stave off the worst effects.

I’m a published cartographer! I contributed a couple of static maps of Enga Province in Papua New Guinea for the academic press book. The Absent Presence of the State in Large-Scale Resource Extraction Projects, They’re in chapter 3, Restraint Without Control, which talks about the interplay of the mining industry and local tribal fighting. You can read more about it on author Alex Golub’s blog. There are high resolution versions of the maps on my site.