Brad Ideas

Robocars & More

In part 1 I outlined the many problems caused by wifi login pages that hijack your browser ("captive portals") and how to improve things.

Today I want to discuss the sad state of having security in WIFI in most of the setups used today.

Almost all open WIFI networks are simply "in the clear." That means, however you got on, your traffic is readable by anybody, and can be interfered with as well, since random users near you can inject fake packets or pretend to be the access point. Any security you have on such a network depends on securing your outdoing connections. The most secure way to do this is to have a VPN (virtual private network) and many corporations run these and insist their employees use them. VPNs do several things:

• Encrypt your traffic
• Send all the traffic through the same proxy, so sniffers can't even see who else you are talking to
• Put you on the "inside" of corporate networks, behind firewalls. (This has its own risks.)

VPNs have downsides. They are hard to set up. If you are not using a corporate VPN, and want a decent one, you typically have to pay a 3rd party provider at least $50/year. If your VPN router is not in the same geographic region as you are, all your traffic is sent to somewhere remote first, adding latency and in some cases reducing bandwidth. Doing voice or video calls over a VPN can be quite impractical -- some VPNs are all TCP without the UDP needed for that, and extra latency is always a killer. Also, there is the risk your VPN provider could be snooping on you -- it actually can make it much easier to snoop on you (by tapping the outbound pipe of your VPN provider) than to follow you everywhere to tap where you are.

If you don't have a VPN, you want to try to use encrypted protocols for all you do. At a minimum, if you use POP/IMAP E-mail, it should be configured to only get and receive mail over TLS encrypted channels. In fact, my own IMAP server doesn't even accept connections in the clear to make sure nobody is tempted to use one. For your web traffic, use sites in https mode as much as possible, and use EFF's plugin https everywhere to make your browser switch to https wherever it can.

This year, we stayed with Kathryn's family for the holidays, so I attended dinner in my own mother's home via Skype. Once again, the technology was frustrating. And it need not be.

There were many things that can be better. For those of us who Skype regularly, we don't understand that there is still hassle for those not used to it. Setting up a good videoconferencing setup is still work. As I have found is always the case in a group-to-solos videoconference, the group folks do not care nearly as much about the conference as the remote solos, so a fundamental rule of design here is that if the remotes can do something, they should be the ones doing it, since they care the most. If there is to be UI, leave the UI to the remotes (who are sitting at computers and care) and not to the meeting room locals. Many systems get this exactly backwards -- they imagine the meeting room is the "master" and thus has the complex UI.

In this family setting, however, the clearest problem for me is that no camera can show the whole room. It's like sitting at the table unable to move your head, with blinders on. You can't really be part of the group. You also have to be away from the table so everybody there can see you, since screens are only visible over a limited viewing angle.

One clear answer to this is the pan/tilt camera, which is to say a webcam with servo motors that allow it to look around. This technology is very cheap -- you'll find pan/tilt IP security cameras online for $30 or less, and there are even some low priced Chinese made pan/tilt webcams out there -- I just picked another up for $20. I also have the Logitech Orbit AF. This was once a top of the line HD webcam, and still is very good, but Logitech no longer makes it. Logitech also makes the BCC950 -- a $200 conference room pan/tilt webcam which has extremely good HD quality and a built-in hardware compressor for 1080p video that is superb with Skype. We have one of these, and it advertises "remote control" but in fact all that means is there is an infrared remote the people in the room can use to steer the camera. In our meetings, nobody ever uses this remote for the reason I specify above -- the people in the room aren't the motivated ones.

This is compounded by the fact that the old method -- audio conference speakerphones -- have a reasonably well understood UI. Dial the conference bridge, enter a code, and let the remotes handle their own calling in. Anything more complex than that gets pushback -- no matter how much better it is.

I've made some updates to my Better to Give than Receive Gift Guide for Christmas Eve.

In particular, to help understand the philosophy of the guide (which forbids cash and gift cards, among other things) I propose you imagine the world where you, and all those who you would give gifts to are billionaires. The reality is the money amount of gifts between adults is normally a blip in the annual budget, so reality is not too far from this hypothetical.

Here in Canada, a hot political issue (other than disgust with Rob Ford) is the recent plan by Canada Post to stop home delivery in cities. My initial reaction was, "Wow, I wish we could get that in the USA!" but it turns out all they are doing is making people go to neighbourhood mailboxes to get their mail. For many years, people in new developments have had to do this -- they install a big giant mailbox out on the street, and you get a key to get your mail. You normally don't walk further than the end of your block.

It's the bane of the wanderer. A large fraction of open Wifi access points don't connect you to the internet, but instead want you to login somehow. They do this by redirecting (hijacking) any attempt to fetch a web page to a login or terms page, where you either have to enter credentials, or just click to say you agree to the terms of service. A few make you watch an ad. It's sometimes called a captive portal.

I'm going to contend that these hijack screens are breaking a lot of things, and probably not doing anybody -- including portal owners -- any good.

One of the biggest issues with wind and solar is that they are intermittent, and so either need storage or grid-tie to work. There really is no good storage, and generally storage-based systems are highly wasteful, throwing away most of the power you generate because you want to keep the storage near full. Grid-tie is the only green choice, but it's expensive and requires expensive inverters and permits and more.

The past few weeks have been rife with governments deciding to throw support behind robocars.

I wrote earlier about the plan for pods in Milton Keynes, NW of London. The UK has also endowed a a £10m prize fund to build vehicles and for a town to adapt to them. This will be managed in part by the Oxford team which has built a self-driving Wildcat and Nissan LEAF.

Back from 5 weeks of international travel, I continue to seek the best solution in my quest for reasonably priced data service when outside the USA.

Data has become a must for me when on the road. In spite of the fact that we all lived without it a decade ago, I find it very frustrating if it's not available (or priced at $15,000 per gigabyte, which is the typical default roaming rate.) It's how I find directions, food, tourist info and keep in touch with others.

For a while my normal practice, if in a country for more than a few days, has been to purchase a local SIM card, and of course to have an unlocked GSM phone. Usually local SIMs are now available with 500mb to 1gb of data for $10 to $20. There are various web sites that list the local data providers to help you choose. The best prices tend to come from the MVNOs -- not the main incumbent carriers -- but even the big carriers tend to have decent prepaid deals. These usually come with some voice minutes and texting. This is useful though I don't do a lot of voice minutes when overseas due to time zones. I use them to reach local friends, book hotels, check restaurants, and with my companion. Annoyingly, though I have bought many of these SIMs, even for data, it's not nearly as nice and easy as it should be. A large fraction of the time, something goes wrong.

The hassles of local SIMs

• It can often be a pain to research and pick the right carrier, and then to find one of their stores, and get the purchase done. This was particularly true in the past, when selling a SIM to a random foreigner was not a common event at many stores. You have to go out of your way, and deal with people who don't speak your language. Some providers put a store in the arrival area of the airport, which is great, though they tend to be the more expensive cards.
• Until you get the new SIM, you are faced with very expensive roaming.
• Research does matter. In England (where language is not a problem) some carriers give you your data bundle free when you put 10 pounds on the card, others charge you those 10 pounds, leaving you with no voice minutes.
• Once you get the card, you often have to deal with web sites, menus and voice prompts not in your language. Setting up the voicemail is already a pain, and is far worse if you can't understand the prompts.
• Fixing odd problems is difficult in an unfamiliar system. My Orange card had a package of 500mb in it for 10 Euros, (great) but kept draining the money I put on it, leaving it unusable for making calls and texts, and though I can read and speak modest French, I was unable to find the cause.
• There are always issues of prepaid cards for short use. If you put too much in the card, it's wasted unless you are coming back soon. If you don't put enough in, you have to run around buying and adding refills -- again with prompts not in your language. Carriers would do well to let you add a lot to the card, and then refund it to you on request. This would make me put more in the card, and use the phone more, so it's a win for them.
• As noted, balances usually expire quickly, and cards often expire after 6 months or a year if not used. Though some cards are lasting longer.
• In some countries, they won't let you refill from a credit card, which means you must buy cards at local shops with cash, and always have a card handy -- then throw away the spare cards when you leave, wasted.
• You need to learn and give a new phone number to people. You may be able to forward your old number, but often that comes at a high cost. As a plus, you make it much cheaper for locals to call and text you, while making it more expensive for people back home to reach you (unless you forward and eat many times that cost.) You do get the "advantage" that incoming calls and texts are free.
• Text messages generally do not forward, so you will not see those unless you keep 2 phones -- and pay roaming.
• Calls back home may or may not be quite expensive, but usually are much less than roaming rates on your home SIM.
• If you move to a different country, you usually have to do it all over again -- shop again, and have a new number. In Europe, where it is common to hop from country to country this becomes a real issue. Some prepaid plans allow tolerable voice roaming in other countries, though data roaming tends to still be expensive on prepaid, in spite of a European order to reduce it.
• You are going to pay $10 to $20 plus your time for all this, and if all you want is to do a few voice minutes and some texts and keep your data usage to wifi, you might not come out ahead on a short trip.

T-Mobile's new solution

Back from Budapest, tomorrow I head to Buenos Aires to talk cars and security to city officials. (I wondered if I am ending up touring the world in alphabetical order.)

In the meantime, some interesting tidbits and press:

I'm back from one European tour and this weekend back in Budapest for our "Singularity University Summit" on the 15th and 16th. If you are nearby, come check it out.

While I've been away, a few news items.

I'll be back and forth to Europe in the next month giving a number of talks, mostly about robocars. Catch me at the following events:

More and more often in mainstream articles about robocars, I am seeing an expression of variations of the classic 1960s "Trolley Problem." For example, this article on the Atlantic website is one of many. In the classical Trolley problem, you see a train hurtling down the track about to run over 5 people, and you can switch the train to another track where it will kill one person.

One day I noticed my nice 7 month old Nexus 4 had a think crack on the screen. Not sure where it came from, but my old Nexus One had had a similar crack and when it was on you barely saw it and the phone worked fine, so I wasn't scared -- until I saw that the crack stopped the digitizer from recognizing my finger in a band in the middle of the screen. A band which included dots from my "unlock" code.

And so, while the phone worked fine, you could not unlock it. That was bad news because with 4.3, the Android team had done a lot of work to make sure unlocked phones are secure if people randomly pick them up. As I'll explain in more detail, you really can't unlock it. And while it's locked, it won't respond to USB commands either. I had enabled debugging some time ago, but either that doesn't work unlocked or that state had been reset in a system update.

No unlocking meant no backing up the things that Google doesn't back up for you. It backs up a lot, these days, but there's still dozens of settings, lots of app data, logs of calls and texts, your app screen layout and much more that's lost.

I could repair the phone -- but when LG designed this phone they merged the digitizer and screen, so the repair is $180, and the parts take weeks to come in at most shops. Problem is, you can now buy a new Nexus 4 for just $199 (which is a truly great price for an unlocked phone) or the larger model I have for $249. Since the phone still has some uses, it makes much more sense to get a new one than to repair, other than to get that lost data. But more to the point, it's been 7 months and there are newer, hotter phones out there! So I eventually got a new phone.

But first I did restore functionality on the N4 by doing a factory wipe. That's possible without the screen, and the wiped phone has no lock code. It's actually possible to use quite a bit of the phone. Typing is a pain since a few letters on the right don't register but you can get them by rotating. You would not want to use this long term, but many apps are quite usable, such as maps and in particular eBook reading -- for cheap I have a nice small eBook reader. And you can make and receive calls. (Even on the locked phone I could receive a call somebody made to me -- it was the only thing it could do.) In addition, by connecting a bluetooth mouse and keyboard, I could use the phone fully -- this was essential for setting the phone up again, where the lack of that region on the touchpad would have made it impossible.

One of my security maxims is "Every security system ends up blocking legitimate users, often more than it blocks out the bad guys." I got bitten by that.

I've written about the issues relating to robocars and walking before. On one hand, some people may find themselves hardly ever walking with convenient door-to-door robocar transportation. Others may find the robocars may enable walking by allowing one-way waking trips, or enabling trips that that allow drive-walk-drive (eliminating short driving trips done just to save the trouble of walking back to get the car.)

I recently read a complaint by an EV driver that the charging station at De Anza College cost 55 cents/kwh. The national average price for electricity is around 10 cents, and at that price a typical electric car costs under 3 cents/mile for electricity. Gasoline costs about 8 cents/mile in a Prius, about 13 cents in a decent non-hybrid and 18 cents/mile in the average car which gets 22mpg. (At least here in California.) But the college's charger's electricity is almost 15 cents/mile in most electric sedans today, which is more than the gasoline in any gasoline car an eco-conscious person is likely to buy. (California Tier III electricity is 30 cents/kwh and thus almost as much.)

The price of charging stations varies wildly. A lot of them are free still, financed by other motivations. Tesla's superchargers are free -- effectively part of the cost of the car. It's not uncommon for parking lots to offer free charging if you pay for parking, since parking tends to cost a fair bit more. After all, you won't put more than 20kwh in a Leaf (and probably a lot less) and that costs just $2 at the average grid price.

This got me thinking of how the economics of charging will work in the future when electric cars and charging stations are modestly plentiful. While the national grid average is 10 cents, in many places heavy users can pay a lot more, though there are currently special deals to promote electric cars. Often the daytime cost for commercial customers is quite a bit higher, while the night is much lower. Charging stations at offices and shops will do mostly day charging; ones in homes and hotels will do night charging.

Unlike gasoline pumping, which takes 5 minutes, charging also involves parking. This is not just because charging takes several hours, but because that is enough time that customers won't want to come and move their car once full, and so they will take the space for their full parking duration, which may be 8 or more hours.

Charging stations are all very different in utility. While every gasoline station near your route is pretty much equivalent to you, your charging station is your parking spot, and as such only the ones very close to your destination are suitable. While a cheap gas station 2 miles off your route would have a line around the block, a free charging stations 2 miles away from your destination is not that attractive! More to the point, the charging point close to your destination is able to command a serious premium. That have a sort of monopoly (until charging stations become super common) on charging at the only location of value to you.

Put another way, when buying gasoline, I can choose from all the stations in town. When picking an EV charge, I can only choose from stations with an available spot a short walk from my destination. Such a monopoly will lead to high prices in a market where the stations are charging (in dollars :-) what the market will bear.

The market will bear a lot. While the electricity may be available cheap, EV owners might be easily talked into paying as much for electricity as gasoline buyers do, on a per-mile basis. The EV owners will be forgetting the economics of the electric car -- you pay the vast bulk of your costs up front for the battery, and the electrical costs are intended to be minor. If the electricity cost rivals that of gasoline, the battery cost is now completely extra.

Naturally, EV owners will do at least half their charging at home, where they negotiate the best rate. But this could be worse, as they might well be talked into looking at the average. They could pay 80 cents/kwh in the parking lot and 10 cents/kwh at home, and figure they are getting away with 45 cents and "still beating gasoline." They would be fooling themselves, but the more people willing to fool themselves, the higher prices will go.

There is another lack of choice here. For many EV drivers, charging is not optional. Unless they have easy range to get back home or to another charging place they will spend lots of time, you must charge if you are low and the time opportunity presents itself. To not do so is either impossible (you won't get home) or very foolish (you constrain what your EV can do.) When you face a situation where you must charge, and you must charge in a particular place, the potential for price gouging becomes serious.

It began with reports on a job ad at Tesla for an ADAS engineer to work on self-driving systems, and now there is a declaration from Elon Musk of a desire for a semi-automated car in three years. Musk says he expect the car to be "90% automated" which I will interpret as meaning it does highway driving.

Over the years, particularly after Burning Man, I've written posts about how RVs can be improved. This year I did not use an regular RV but rather a pop-up camping trailer. However, I thought it was a good time to summarize a variety of the features I think should be in every RV of the future.

Smart Power

We keep talking about smart power and smart grids but power is expensive and complex when camping, and RVs are a great place for new technologies to develop.

To begin with, an RV power system should integrate the deep cycle house batteries, a special generator/inverter system, smart appliances and even the main truck engine where possible.

Today the best small generators are inverter based. Rather than generating AC directly from an 1800rpm motor and alternator, they have a variable speed engine and produce the AC via an inverter. These are smaller, more efficient, lighter and quieter than older generators, and produce cleaner power. Today they are more expensive, but not more expensive than most RV generators. RV generators are usually sized at 3,600 to 4,000 watts in ordinary RVs -- that size dictated by the spike of starting up the air conditioner compressor when something else, like the microwave is running.

An inverter based generator combined with the RV's battery bank doesn't have to be that large. It can draw power for the surge of starting a motor from the battery. The ability to sustain 2,000 watts is probably enough, with a few other tricks. Indeed, it can provide a lot of power even with the generator off, though the generator should auto-start if the AC is to be used, or the microwave will be used for a long time.

By adding a data network, one can be much more efficient with power. For example, the microwave could just turn off briefly when the thermostat wants to start the AC's compressor, or even the fans. The microwave could also know if it's been told to cook for 30 seconds (no need to run generator) or 10 minutes (might want to start it.) It could also start the generator in advance of cooling need.

If the master computer has access to weather data, it could even decide what future power needs for heating fans and air conditioning will be, and run the generator appropriately. With a GPS database, it could even know the quiet times of the campsite it's in and respect them.

A modern RV should have all-LED lighting. Power use is so low on those that the lights become a blip in power planning. Only the microwave, AC and furnace fan would make a difference. Likewise today's TVs, laptops and media players which all draw very few watts.

A smart power system could even help plugging into shore power, particularly a standard 15a circuit. Such circuits are not enough to start many ACs, or to run the AC with anything else. With surge backup from the battery, an RV could plug into an ordinary plug and act almost like it had a high power connection.

To go further, for group camping, RVs should have the ability to form an ad-hoc power grid. This same ability is already desired in the off-grid world, so it need not be developed just for RVs. RVs able to take all sorts of input power could also eventually get smart power from RV campsites. After negotiation, a campsite might offer 500v DC at 12 amps instead of 115v AC, allowing the largest dual-AC RVs to plug into small wires.

Videos have been released on some real-world tests of robocars. The most notable is from Mercedes.

As a nice reflection on the past, Mercedes drove the 100km route done by Bertha Benz in the first automotive road trip 125 years ago. You will also find that this alternate video is much better at talking about the technical details of the vehicle.

Recent news has been big. First, Nissan announced it would sell robocars by 2020 and now today Daimler has announced the same. (Note that the 2014 S-class is the first car with a self-driving feature, a "you must still pay attention" traffic jam autopilot.)

I'm back from Burning Man, and this year, for the first time in a while, we didn't get internet up in our camp, so I only did occasional email checks while wandering other places. And thus, of course, there are many hundred messages backed up in my box to get to. I will look at the most important but some will just be ignored or discarded.

We all know it's getting harder and harder to deal with email backlog after travel, even connected travel. If you don't check in it gets even worse. Vacation autoreplies can help a little, but I think they are no longer enough.