Thursday, September 09, 2021

Go Hard, Go Early


The COVID-19 pandemic has been with us for what seems like forever.  Will it ever end?  New Zealand, for example, has a "go hard, go early" strategy which works better than the "go late, go easy" practised in Ontario.  Lockdown wrestles the virus to the mat but stopping too soon lets it rise again.

A small but loud segment of the population have gone nuts about health practices. Not only are they unvaccinated, but also unmasked while gathering in mobs to protest at political events.  They even mob at hospitals or homes of people they don't like. The police have been lenient with them so far.

From a software programmer perspective,  current society seems to be caught in an endless loop of viral desperation.

  1. Virus mutates and becomes pandemic.
  2. Government imposes restrictions to limit spread
  3. Health care practices are eased too soon.
  4. "Free-dumb" mobs resist vaccines and masking.
  5. Virus mutates and spreads among the unvaccinated.
  6. Goto 2
  7. Pandemic ends eventually
  8. Wait for next pandemic, goto 2

Jacinda Ardern      Tower of Song(Cohen)

Wednesday, June 16, 2021

Vaccine Games

Got another Pfizer dose from the Richmond Green Sports Centre. The clinic was perfectly organised just like before.  However, getting appointments in Ontario continues to be difficult for almost everyone because the software is very poor quality.  Toronto has pop-up clinics when delayed vaccine shipments finally arrive.  These do not require appointments but thousands of people start lining up at 1:00am for an 8:00am opening. Many are disappointed.

I live in Richmond Hill which is in York Region which is in the northern part of the Greater Toronto Area (GTA).  Richmond Hill does not have pop-ups but some doses are available at pharmacies and hospitals.  I prefer the large clinic at the hockey arena.  Unfortunately, it is out of reach for people without cars.

I checked for covid19 appointment slots three weeks ago. Only age 80+ were eligible then and there were hundreds of open slots because of low demand by that cohort. I was informed to wait until June 14. Meanwhile, the second 80+ week was opened for 70+ but I did not notice until midweek when all the slots were taken. So I phoned the Ontario booking line which offered an appointment after twelve weeks which would give twenty-three weeks between shots. Never mind that.

On the next Monday, I logged in at 8:50 just before the 9:00am official booking time.  I could see slots opening and disappearing on the first day so I picked a slot for the next day.  I was put in a queue for a few minutes. After that, my slot was gone because someone ahead of me in the queue had taken my selection. Since the first days were first choices,  I selected another slot near the last day of the session which worked.  All the slots for seven days 9 to 6 were taken within ten minutes. 

No software was designed specifically for vaccine appointments. Instead, an existing system was hacked.  This system was intended to schedule after-school activities for parents and children. It does not have the capacity for the surge of vaccine demands so a first-in-first-out queue was added. But the hackers made a mistake.  They only put the person identifier in the queue. The slot was left open for others to select.  Imagine you have an Amazon shopping cart with several items and when you decide to check out, some of the items were already sold to another buyer.  That is the experience when attempting vaccine appointments.  Another bug is the ability to make multiple appointments but take only the most convenient.  Some selfish people will do that no matter the cost to others. It's the Trumpian thing to do.

Wednesday, June 02, 2021

Risky Login To CRA With CellPhone SMS

Communication with the CRA is mainly by HTTPS which is a secure protocol for everyday Internet activity. However,  they have introduced an additional login procedure which they call Multi-Factor Authentication (MFA). But "multi" is an exaggeration, it is better known as Two-factor Authentication (2FA).  They send a one-time, temporary passcode to your phone by SMS which you must enter on the login page to satisfy the procedure.

If CRA needs to contact you, they do not send the content of your concern, they post the content to your account and notify by email that you need to login and read the content.  This avoid exposing your personal information in email.  So they care about security.

It is probably ok to use SMS passcodes for social media and other amusements where money is not involved. However, billions of dollars flow through CRA which is an attraction for bad-actor hackers. And hackers have tools to capture SMS codes while logging in as you.  Cell phone networks have security bugs so information passing through them needs to be encrypted.  This can't be done with SMS which is plain text.

Google "risk of sms for authentication" and it's all bad news. The best advice is don't use SMS for 2FA/MFA.  It actually weakens security for CRA business.  


Monday, May 31, 2021

The Toronto Maple Leafs Protected Their Vacation Time

Since golf clubs are opening soon, the Leafs went on vacation and brought in some beer-league look-alikes to take their place in the playoffs. Just kidding.

The Canadiens could beat the Leafs because they are a big, determined team backed by a super goalie and that team could defend the entire ice rink.  They gave the Leafs little time and space to make plays.  It does not matter what skill the Leafs have unless they have an answer to whatever tactics the other team tries. I only watched a part of game 7 and I saw a lot of small mistakes. Generally, the Leafs were slow and clumsy as if they were in an unfamiliar environment .  Playoffs require a special energy, not just skill.

It is insane to bring in high-salary players just to repeat the games of old. The Maple Leaf organization needs a fresh perspective starting with a name change to one that suggests energy or power.  Consider names like Lightning, Avalanche, Bruins, Golden Knights, or Jets.  They have energy to blow away the wimpy Leafs.  How about a name like Toronto Tornadoes.

Wednesday, May 26, 2021

Doorway Pull-up Rack For Home Exercise

A Doorway Pullup Rack, seen here suspended from a bedroom doorway, is a practical tool for home exercise. Body weight pull-ups and chin-ups, work the arms, shoulders, back, and abs.  This rack comes with optional straps that support easier exercises such as chest and bicep press, flys, and back row. It can be placed on the floor for tricep dips and pushups.

This steel rack can support 440 lbs. The hooks can rotate so that the rack is flat for storage.  There are no screws so the rack can be quickly hung or removed.  The padded grip bar is offset at angle so that a person's weight makes the rack fit more firmly.  Do not do jerky motions or hang from the unpadded bar.


Wednesday, March 24, 2021

Pfizer Jab Against Covid-19


Got the Pfizer jab for covid19 yesterday. The clinic was in a sports complex and was very well organised. It took 10 minutes to walk through the various check points, get the jab, and then linger for fifteen minutes in case of shock. I was pleasantly surprised given that there has been much grumbling and frustration concerning the vaccine rollout.  This whole week was fully booked as soon as the online portal opened last week but I was lucky to see a few slots open when I made a random check this week.  However, only two percent of Ontario people have been vaccinated and another lockdown is looming.

Canada was once a world leader in developing vaccines or solutions for Polio and Diabetes. But various governments decided to sell the excellent research facilities. They also got sloppy with the maintenance of PPE for health care workers. Now the Canadian government is finally woke to the fact that we can't rely on other countries for health care materials.  Vaccine labs will open up next year. Better late than never.

Thursday, February 25, 2021

Kindle PaperWhite For Reading Comfort


Amazon provides two devices for reading ebooks.  First there is the Fire or other tablet with the Kindle App.  It's pretty good but the display is inferior to the Kindle Paperwhite which has a reflective screen with no glare. It does have a light with five LEDs but they do not shine in your eyes.  They are at the bottom of the screen near the 'kindle' label and they shine across the screen.  They are not noticeable.

The displays of phones and computers have thousands of red-green-blue LEDs. All these LEDs are emitting to produce white which is the default color for web pages.  The blue component is not good for your eyes.

The blue in sunlight provides some healthy stimulation during the day but humans did not evolve to live in constant blue light.  So we should minimise exposure to device screens after sundown so that relaxation and a good night's sleep will follow.

The Kindle does emit some blue light but it is much less intensive than the blue level from phones and tablets.

About Blue Light

Monday, December 21, 2020

No Pain, No Gain

Some say "No Pain, No Gain" when talking about sports and muscle training. But suppose you just want to feel energetic and healthy.. pain should not be required. My idea is "train to maintain".

I can't go to the gym anymore and did not find any free weights to buy so I make do with large bottles of water (3 liters = 3 Kilo) which I use like kettlebells. They are used with a swinging motion to stimulate the upper body muscles and joints. I follow that with some pushups. And walk outside 30 minutes per day.

Saturday, December 05, 2020

Thursday, November 19, 2020

Living Room Upgrade

Replaced the tired old wooden TV cabinet with modern tempered glass stands.

See The Upgrade

Tuesday, November 03, 2020

Friday, July 10, 2020

Release The Kraken (Not)

And the candidates for Kraken of the Year 2020 are:-

- SARS-CoV2, the most terrible coronavirus ever
- Donald J Trump, the self-impeaching POTUS
- Jair Bolsonaro, President of Brazil
- COV-IDIOTS .. don't worry, be happy
- The Economy

Meme  What does it mean?

Wednesday, April 01, 2020

Defend Your Castle With Security Key

Castles of yore had multiple layers of defence. They had thick and high stone walls,  moats, and more walls.  It was very painful and expensive for attackers to breach these defences.  Internet security in the modern world is like this .. black-hat hackers create more clever attacks while security experts devise more defences.

It seems there is no absolute security with this neverending battle. But one can make best use of existing defences. For example, some WWW services use two factor authentication (2FA) when you update an account.  The server sends a clear-text SMS message which you enter into your application page. Hackers have tools and tactics to intercept and exploit this procedure.

A hardware security key mitigates this weakness because it has unique encryption codes which can't be modified by software hacks.  The key shown is made by Yubico to plug into a standard USB port. When you add this key to your account on Google or Facebook, the service requires you to plug in the key and tap it for login. Then you are good to go.

Keep the key with you as if it were a credit card. If your computer fails or is stolen, you can use the key on another computer.  Some phones, such as Google Pixel 4, have a Titan security chip which you can use for account setup.  Nobody  should use an App or SMS messages for account security.  If you have a business which stores private client information, it is more important to use this technology and consult a security specialist.

Yubico Example  .. Breaches come to those who wait!