Blog

Password

So first, and most importantly, never reuse passwords, no matter how trivial. Eventually any company will screw up or be hacked, and your password exposed, and then someone can try it on every other site.

Second, use a password manager for every password. I use 1Password, but other options are available. Don't write passwords on paper, unless that paper is stored in a safe (and then where do you store the combination?). Never write your passwords on a whiteboard! Never speak your passwords aloud!

Third, use a strong password, not 12345. 1Password will offer to generate a three-word password for you. I take that and often modify it, then save.

Fourth, keep your password vault safe: Put a good password (not just a number code) on your phone, always lock it and set it to autolock immediately, put a good password on 1Password, memorize that, write it NOWHERE.

Fifth, secure your devices. TouchID is a great convenience and a "tinsel lock" to keep semi-honest people from poking around in your phone, but it can be used against your will. When I go out, I turn off TouchID so pigs or other armed criminals can't force me to unlock my phone, and from there get to my password vault. If it's on, you can restart the iPhone quickly by holding power and home, and then TouchID is turned off.

On your computer, 1Password should always ask for a password, but it's also a good idea to lock the screen whenever you're away from it. On the Mac, open Keychain Access with Spotlight, Preferences, turn on "Show keychain status in menu bar". Now you can just click the lock in the menu bar, Lock Screen, and you're safe.

So you end up with defense in depth here: A strong unique password on each site. A secure password vault. And a secure device holding that vault. That's not paranoia, it's how you secure your data.

Gacha Nose

There's 6 games I've played recently with gachapon or free-to-play mechanics. I have no complaint about these mechanics when made optional, I'm fine with paying some money to a game company if they keep me amused. Not everyone is capable of that.

Animal Crossing: Pocket Camp: The "fortune cookies" cost 50 Leaf Tickets ($2 or so), with posted chances (3% for the best items), and rarely drop in-game for free. Given that any rare item costs 100-350 LT, cookies are a "deal" but still excessive.

I have more complaint with the goddamned pelican added last month, that wants 10 furniture per trip for apparently a 5% chance at a new animal friend. HATE. HATE. HATE that fucking pelican. 2 animals got, 1 to go. I'd pay real money to make pelican soup of him & get the last animal, but this is not what Nintendo monetized.

Harry Potter: Hogwarts Mystery: As of year one, this is barely even a game, but there are game-like elements. I initially started in Ravenclaw, but instantly got bored of goody-goody shit and blue's not my color; by fucking around with the Facebook login (to a defunct account used for developer shit 10 years ago) and a second game on my old phone, I was able to reset and join Slytherin. I'm a bad man, but I look good in black & green. The NPC dialog doesn't change much, and the stupid witch antagonist doesn't realize I'm now the real monster.

The energy economy in this is shitty, but not as shitty as it first looks. There are 1-2 items (paintings, statues, house Elf…) on each floor you can tap to get some energy. Doing a class takes 10-50 energy? So take the 8 hour classes, only tap on the lower-cost action bars (0/1 is better than 0/5), go out and refresh energy, wait a while, it's easy to pass without paying.

Grossly inferior to the LEGO Harry Potter games, but I'll at least finish year one, I think. I have been informed that all these games are for children, but I have the heart of a young boy… in a jar on my shelves.

Elder Scrolls Online: Crown Crates cost ~$12 for 4, each of which has 4-5 items, 1 costume/mount skin/trinket, the rest mostly consumables you can trade for "crown gems" and save 100 of those for a good item. I routinely use the "free" crowns from my ESO+ subscription to buy the crates, and like the results; my Flame Atronach Camel is ridiculous but awesome. Some ESO players are insane with envy (the shittiest of Human emotions) about other players having better luck.

Fate/Grand Order: I liked the anime, so tried playing this and while card/turn battles are a thing I like, the endless VN dialogues with useless parasite "Director" killed me. The gacha? Cruelly unfair, but playable without any money I could see. So when I see articles like Man spends $70,000 on Gacha, I dunno what he was doing it for.

Fire Emblem Heroes: Take all the stock elements of a daily clicker gachapon game. Add very pretty anime girls with swords & spears. Add the blandest tactical pseudo-RPG ever made. So dull and formulaic it makes me wonder how anyone plays this without falling into a coma. Gacha rates seem generous, but who'd care enough to spend money? "FEH" is the sound I make at this game.

Final Fantasy Brave Exvius: Before I kicked the habit, a daily struggle… Not really, it's very generous with free "lapis" and summons, and getting a good party was just a matter of time. I'm sure junkies spent money on it but that's not needed. Story drives you thru the map and fighting quests, but it's a real FF game with exploration, crafting, NPCs. Loved it but I'm done and not going back.

It's tragicomic watching ULA, classic WWII to Cold War baby-killers turned NASA teat-suckers, desperately try to compete with SpaceX and Blue Origin at a tiny fraction of the cost to orbit or deep space.

Why doesn't Boeing brag that the USS Enterprise, NCC-1701, will appear from time travel, tractor-beam a crew compartment into orbit, warp to Mars, and land astronauts for a day-trip? It's just as real and plausible as the "SLS Block 2", and much cheaper.

Javascript NaN

I just spent 30 minutes reading log files to find an actual bug that would've been prevented by a strong type system: Multiplying a coordinate by an array instead of an element of that array; Javascript helpfully gave me the result NaN and carried on instead of throwing an exception, because Javascript. I may put a few defensive asserts of Number.isInteger(n), Number.isFinite(x) in functions that process numbers.

This is the first such bug I've had in so long I can't think of the last. Many years not spent fighting BDSM type systems and slow-ass compilers, so I'm still happy with this choice.

What I'm Watching: Santa Clarita Diet, Frankenstein Chronicles, Expanse

  • Santa Clarita Diet: S1 was a fun but messy set of episodes with no structure, but I like Drew Barrymore, still a very talented and pneumatic girl, and Timothy Olyphant, who gets to do more comedy here which he's better suited to. S2 finally found a plot and upped the brutality and farce of keeping friends, neighbors, coworkers, cops, classmates, other zombies, etc from catching them. But now I'm out of eps until they make more! ★★★★½
  • Frankenstein Chronicles: A London copper chasing a conspiracy of Mary Shelley making real monsters from dead children presumably to resurrect Percy, could be made fun. He visits William Blake, one of my favorite artists and poets, on his deathbed and gets a book of art! But instead he's always sad about his family who died of the syphilis he gave them, unbearably whiny and miserable. And it's the peak of English aristocrats driving the poor into literally shit-gathering ("pure", they called it) and workhouses and then using their corpses, and shot with endless sad-music flashbacks or fantasies of Heaven instead of moving the plot along. Loathesome show, loathesome people, with no gallows humor. I stopped after S1E4 and wish I hadn't started. ★☆☆☆☆
  • Expanse: Watched S1-S2, I like it but the books are better. S3 is still $$$, so I wait on that. Bobby Draper is a very cute Samoan, not as ripped as the books but pretty badass. ★★★★☆

My to-watch list is all but empty, I need suggestions. I have Netflix, Amazon Prime, Crunchyroll, and I'm ill-inclined to pay for another service.

I dunno what's good on Crunchyroll currently. I have a queue that'll never end, but it's all trash I watch while barely paying attention. Since Akashic Record of Bastard Magical Instructor ★★★★½ ended, I've been bored.

Westworld alone isn't worth HBO to me. Maybe when the season's over I'll binge it in one month. Is there anything else good on Hey Beastmaster's On? Last season I ran thru their back library pretty fast. No, I don't watch "Game of War of the Roses for C History Students", except sometimes by fast-forwarding thru all scenes not containing Tyrion or Jon Snow.

I'm desperately lacking a light-hearted murder show. I got in the habit with Dexter, and growing up with Rockford, Columbo, and Murder She Wrote. Death in Paradise has been good for that, ridiculous and formulaic but pretty, and decent puzzle murders. Too much of the English detective, but the French/island cast were great. But I'm out of eps!

Most everything else like that is very English, and I can't stand them. I tried watching Fallet, which would be PERFECT if it didn't have the whinging English cop; Swedes are funnier on their own. There's an Aussie show The Strange Calls, but the protagonist is so whiny and sad I didn't finish S1E1, maybe it gets better?

Xcode is Flawed

"So, yes, Xcode is flawed. But is it fundamentally flawed? Is there some core concept — its multi-paned single window UI, its scriptable build system, the nature of app bundles and code signing — that makes it impossible for Xcode to ever be good? I don’t believe anyone is making this argument. The closest you get to this is storyboard haters who build their UIs in code. I disagree with that camp, but even if I didn’t, that alone is not enough to relegate all of Xcode to junk status."
Chris Adamson about his new book, Xcode Treasures

I like @invalidname, but wow do we ever not agree about this. I diatribed a bit yesterday, but let's look at just these claims.

The build system is basically a shell script but with a custom editor that's harder to use than typing. Did you know that most programmers are pretty good at typing? Most of my projects, in fact, just had a shell script "phase", and then I'd write everything in bash (I hadn't switched to zsh yet). It is no better than an old-fashioned Makefile or nmake, and for many projects a build shell script is enough. But, sure, this isn't the worst thing in Xcode.

Code signing is Hell, and Xcode's original version on iPhone SDK launch was appallingly hard, but it worked. Now they've automated it, which means you have 512 bogus auto-generated configurations on your ADC profile, and if the signing server is down (which happens… well, it's not even two 9s of uptime…), you can't do anything until some hours later when Apple plugs the server back in. Entitlements and services you turn on/off can permanently burden your app's configuration, until you go to the website and houseclean all the junk configurations and make a new one with just what you need. And that'll get replaced with an auto-generated configuration again.

Xcode does have a dozen or so color themes now, but you can't change the UI chrome from generic Mac gray, so it'll always be unpleasant to view dark-background themes, you can't choose different icons, can't script the goddamned thing. Meanwhile, here's Atom's 7556 packages including 2579 themes, and you can just hack on all of the editor in JS & CSS, live-updating your own tools.

I quit using storyboards except for nearly-blank launch screens, and XIBs (NIBs! We called them NIBs!) except as maximized view holders, because the corpse of Interface Builder trapped in Xcode's belly punishes you for using them; if you touch anything, your autolayout constraints go crazy. And you can't delete constraints in the view where you edit them, only in the tree view which isn't even visible normally, and is organized totally differently from the editor on the right. After a few versions, Xcode just can't edit an old project's XIBs anymore, and then you're FUCKED. Have fun recreating that entire UI, OR you can put it in code. And if you're writing code, why not just leave the walled garden and write HTML/CSS/JS like I do?

The one-window thing doesn't bother me, but the lack of functioning tabs is infuriating and stupid. Open three files. In BBEdit, all three appear in the sidebar, and you can switch with the top-left file selector or the bottom-left list of "Currently Open Documents", or other navigations; I prefer tabs, but it's entirely acceptable. In Atom or AppCode, all three appear as tabs at the top of the editor pane, and you can drag to reorder the tabs as you like; each tab is a unique single view into that file. In Xcode, you can open them in separate windows, or in separate "tabs", but the same file can be open in multiple places, but if you close it in one, it closes in all of them. WHY WOULD YOU DO THAT? If you click a file in the tree view, it replaces the contents of the current tab/window, it doesn't just open it in a new tab. So the process is click, double-click to get a window, then on the first view hit back and hope it goes to the right file. Flames on the side of my face!

Snippets. OH NO, I had a PTSD flashback to Xcode's Snippets. You write a piece of text you want to reuse. Select the text and drag it onto the Snippet area; you can't right-click or menu it there. No, you clicked on the background, now it's deselected. You have to reselect, click on the stroke of a letter in the text. Maybe zoom the screen in with ctrl-mousewheel, now you must grab a SINGLE MOTHERFUCKING PIXEL!!! Calm, deep breaths… and drag it to the Snippet area. ???? In Atom, you either copy-paste it into a config file, or install snippet-generator-plus, select text and hit a key.

Xcode isn't just accidentally hateful and awful. It must be the work of a malevolent intelligence to be this horrible. I've found a recording of the original design meeting for Xcode.

Spend a few days working in an IDE that doesn't hate you like AM hates Humans, and you'd kill anyone who tried taking you back.

Javascript Use Strict

Every Javascript file should be in Strict Mode, and if you run eslint — which you absolutely should — you should specify an eslint-env:

/* file header */
/* eslint-env node */

"use strict";

So just as a paranoid check, I wrote this script which I'll call from my build script (in the src folder, not project base where node_modules lives!):

jsStrictCheck.zsh

#!/bin/zsh
err=0
for f in **/*.js; do
    grep "\/\* eslint-env" "$f" >/dev/null
    if [[ $? != 0 ]]; then
        echo "$f: Missing /* eslint-env node */"
        err=1
    fi
    grep "use strict" "$f" >/dev/null
    if [[ $? != 0 ]]; then
        echo "$f: Missing \"use strict\";"
        err=1
    fi
done
exit $err

Already caught one file without strict, one without eslint-env, so my paranoia is justified.