Samsung's not "Smart" enough TVs

I own a Samsung TV. It was a reasonable value. I don't care much about all the A/V specifications that most reviewers go on about. I care about the user interface. It gets a C-. Here's why:

Let's start with the input selection. There are plenty. TV, 4 HDMI ports, component, old-style A/V. That is great, but then let's have a way of disabling the ones we don't need. When I press the source selector, I get an overlay like this

WTF? This is far too many enabled choices. I have 3 HDMI devices (Tivo, Chromecast, Mac) and a DVD player on Component. That means I should have to cycle between 4 things. Nope. TV stays live, even though there is no input. Screen Mirroring is there - I have no idea what it even means. Touch_P5 is another inexplicable option. It should be possible to disable the useless choices and make the interface less confusing for the daily user.

But less clutter does not seem to be the Samsun way. Let's open the Smart functions. We get this menu

What's wrong? MLB.tv is the most obvious thing wrong. I will never want that app. Ever. But it is featured on the quick launch bar, and not removable. The more subtle issue is that this does not seem to be "my" apps. The choice is Featured and Recent. We can select one of the few recently used apps, or press Featured, which brings us to this screen.




You'll notice that we landed on the What's New page. Why? Mostly likely because branding money is flowing somewhere. Someone might want to channel surf on regular cable, but who wants to start their entertainment experience with "app surfing"? No one does. We want to watch something.

OK. I can press up-arrow, left-arrow to get to My Apps.

Again, we see the same love for sponsored apps over my content. The 6 apps in the upper left corner are mine. The rest are forced on by Samsung and I can't get rid of them. I can't even use many of them because I don't subscribe to the channels.

So much for a seamless, pleasant viewing experience. I have to navigate around a set of billboards hawking Samsung's partners before I can get to the entertainment I was hoping for. Sigh.

I know this kid who wants a job at Google, Amazon, Facebook, Twitter, ...

At least once a month I get mail like this. I'm sure many of you have too.

Hi Tony,
My friend's son is a super smart computer science student at Whatsamatta U. He is looking for a job at <Insert FAANG here>. He wants to know where he should send a resume.
Thanks, Billy

Please. Please. No more of these.

To be perfectly honest, if the kid does not realize that they can search for "jobs at ..." and get direct links to the hiring pipeline, then they are probably not cut out for the job at a tech company in the first place.

If you want to ask if they can reach out to me for help with how to write a resume, fine. That is something where I can provide mentoring. I'll be happy to. Just don't ask questions that someone who is "super smart" can figure out on their own.

Maybe they are really asking a different question. Most likely, they are asking "Can you use connections get this child of a friend a job?" Probably not. But if you ask directly, maybe I can explain why.

DoWiSeTrePla Great Neck - The Avalon

The Avalon bills itself as "luxury" apartments going up in Great Neck. But they are literally directly across the street from a sweage treatment plant. Surprisingly, that does not emit an oder. It is just a visual eysore. The real stench comes from being on a bay that doesn't get enough water flow. Low tide is always an olefactory delight. https://goo.gl/photos/zxwFqgSSxr2524dNA

HBO's static

I could go on for pages about how HBO doesn't quite get it. They have an inscrutable distinction between HBO Go and HBO Now - possibly to please the cable-tel-cos. They have a truly terrible site for HBO Now. They don't do TiVo integration for HBO Now for unknown reasons.  But that would just be picking on the clueless and weak.

What I am interested in tonight is their on-screen logo. It is an "HBO" filled with TV static. I get the intent of it - but I am way over 30. For everyone born in the post broadcast era, it is meaningless. There is no concept of static on the TV, because it has been cable and internet for the entirety of their lives. The best association they have for it is "They're here". That's probably not the image anyone should be shooting for.

Thursday Truths - Han Shot First

Welcome to Thursday Truths. My goal is to write about one obvious truth each week.

Tonight the truth is "Han shot first". This is no surprise to anyone who saw Star Wars when it was released as the director originally envisioned it. Han Solo was (is) as scoundrel. And a hero. And a man who is not a sociopath.

He shoots first not because he couldn't give a dam, but because he is threatened. Very pointedly threatened. He knew his assailant. He knew he would suffer horrific pain if brought to Jabba. He did the math and came to the conclusion there was only one way out alive.

I can not emphasize that enough. Knowing the threat completely is the only thing which absolves him. For him it was a decisive act of self defense. To kill without comprehending the threat reduces a person to the mindlessness of a George Zimmerman. This is the key point. Without knowledge and understanding, you can not wield extreme force.

Our society does not like subtle points like this. So, we have the Disney-fied remix of the movie. Here Han was just lucky. He happened to not get hit with a shot at point blank range, then managed to retaliate. I believe the term is dice-liced. This reduces him to someone who simply has reasonably good reflexes. Or worse, someone who has no comprehension and just reacts.

I'll take my Han Solo as I found him. A scoundrel yes. But a thinking man's one.

Could Hollywood improve cyber security?

The digerati know that vehicles using Chrysler's Uconnect can be compromised remotely. You can read more in the Wired Article (Hackers Remotely Kill Jeep). The problem is that the general public, nor their elected representatives know or care much about it. If they did, they might understand how this is a threat to both our nation's economy and security.

Q: How do you raise awareness?
A: Motion Pictures.

The basic idea: Standard fare action adventure movie. Someone pretending to be a valet at a car park slaps a device into the OBD port of the target's car. They drive away and are remotely executed in what looks like a plausible car crash.

Now you need a few reviewers to point out that this is not fiction, and possible today. With that you might generate some justified public concern. Make the movie target an elected representative and you might get some actual movement in our laws.

Senators Markey and Blumenthal have introduced a bill which addresses these issues. (http://www.markey.senate.gov/news/press-releases/sens-markey-blumenthal-introduce-legislation-to-protect-drivers-from-auto-security-privacy-risks-with-standards-and-cyber-dashboard-rating-system, http://www.markey.senate.gov/imo/media/doc/SPY%20Car%20legislation.pdf). It is a great start, but it misses one point. It should not simply say "such as penetration testing". It should require "penetration testing by multiple independent third parties".

Well, I seemed to have gotten a little off topic here, but I do think it would make a great plot element in a film. I'm claiming copyright on that idea. I won't require much in residuals.

Online banking password fun

Security teams that do not test UI flows deserve a special place in hell....

• I bank with Chase.
• My current password is long enough and not made of any known words, but it has no digits in it.
• www.chase.com recognizes machines you sign in from (cookie or browser fingerprint, I do not know).
• When I use a new machine or browser installation, they redirect to a page where I can get a verification code sent to me via text or email.
• When I click Send, they direct me to a page where I must enter the access code and my current password.

Nothing that special so far, simple 2-factor authorization. But wait for it.......

When I enter my access code and password, it rejects the password in browser side code because it does not have a number in it. They have implemented the new password policy in the UI, without making sure the customers have complied with the new policy. I can certainly work around this, but they are going to have some unhappy people over the next few months.
​