Google takeout to the rescue?

My Motiv ring on my hand

So recently I’ve gone into Quantified Self overload with my new Motiv Ring, added to my Pebble smartwatch for sleep tracking.

The ring is very good, but the app isn’t the best, its seems to work but isn’t very clear when its not syncing with the ring. Also I knew the 2 day battery was going to be a pain but to date I’ve been charging it every 2 days and never got to the point where its gotten below 44%.

As the app is pretty rubbish, I have sent everything to Google fit. I pretty much have everything synced with Google fit now.

The first time I noticed it was all working, was when I looked at sleep as android which I use with my pebble smartwatch and noticed my heart rate over the top of my sleep data.

Sleep data with heart rate
I warn you the sleep is a mess due to my flu I currently have… also why I’ve not blogged those great conferences I’ve been to recently.

Likewise I recently hooked up my Withings/Nokia iot scale to Google fit. The scale has its own app which isn’t bad but frankly its not great. It suffers from the similar problems as most of the quantified apps attached to a device or service; they want to be the centre of the world. Reminds me of my Fitbit which import everything but export little.

I understand Google fit is mining the heck out of my quantified data but with Google takeout, I can get the raw numbers in one place. Everyone wants to sync with Google fit and the dashboard view is far better than what everyone else right now.

I’ve also set it up to send me an update every 2 months. Now that’s pretty neat. Would I pay for a service to do this? Yes I would, how much is the question…

Google Titan key security problem?

I was sure I tooted/tweet a thank you to the Google team in Berlin’s Re:publica conference. But it looks like it never quite happened due to connectivity issues with the wifi at certain points of the day.

So first of all I want to say thanks for giving me a titan security key for spending time listening to what changes Google had made to their security as announced in Google IO 2019.

I was surprised to see Google there with all the ill feeling about the 5 stacks, their monopoly and business practice.

But before I could get home try the key/system, I saw a bunch of problems with the key.

Google Titan Bluetooth Security Key Can Be Used to Hack Paired Devices

Titan-ic disaster: Bluetooth blunder sinks Google’s 2FA keys, free replacements offered

Obviously I was a little concerned, although I had not added the titan key to my google 2 factor auth yet.

After a bunch of reading, it seems its not completely flawed. The Google security blog confirms my research.

The problem is with the Bluetooth fob which to be honest is super convenient wasn’t the most secure idea in the world. The bluetooth stack is limited in its range but because of that, its not got as much security as most things on the net.

Due to a misconfiguration in the Titan Security Keys’ Bluetooth pairing protocols, it is possible for an attacker who is physically close to you at the moment you use your security key — within approximately 30 feet — to (a) communicate with your security key, or (b) communicate with the device to which your key is paired. In order for the misconfiguration to be exploited, an attacker would have to align a series of events in close coordination:

When you’re trying to sign into an account on your device, you are normally asked to press the button on your BLE security key to activate it. An attacker in close physical proximity at that moment in time can potentially connect their own device to your affected security key before your own device connects. In this set of circumstances, the attacker could sign into your account using their own device if the attacker somehow already obtained your username and password and could time these events exactly.

Before you can use your security key, it must be paired to your device. Once paired, an attacker in close physical proximity to you could use their device to masquerade as your affected security key and connect to your device at the moment you are asked to press the button on your key. After that, they could attempt to change their device to appear as a Bluetooth keyboard or mouse and potentially take actions on your device.

This all being a big mistake, Google has offered a replacement key. However because my key hasn’t been added to my account yet, I get a message saying no action is required but a email to override this. However after double checking my key is a type T3 meaning it wasn’t effected.

Good work Google…

I decided to get the Motiv Ring

Oura Ring vs Motiv Ring

I have been considering something else to help track different activities, since I lost the Mi Band 1. The pebble smartwatch is great for this but there is no way I can wear it while playing volleyball. I also found using gadgetbridge more painful than it needed to be.

While keeping my eyes open for alternatives, I seen Oura but not the Motiv. After reading about it against the Oura and then further reviews. I decided its worth trying. FIDO and 2FA swung it for me, so put down the money and bought one. I’m looking forward to giving it a proper review once I get it and try syncing data, etc. Hopefully its more spa proof than the pebble.

This is not Plex on your GPU

https://www.flickr.com/photos/nvidia/30153594058/

I hadn’t really thought Plex Media Server could massively benefit from a GPU, to be fair its not really a thing you put in a headless server? But after reading about it, I gave it a try by borrowing a Nvida Quatro PCI-express card and after some small issues getting the propitery drivers working gave it a try.

I thrown together a shell script to log the CPU and GPU heat to a text file called heat.txt

while true; do date >> heat.txt ;
 nvidia-smi -q -d temperature |
 grep 'GPU Current Temp' >> heat.txt; sensors |
 grep -e 'CPU Temperature' -e 'CPU Fan Speed' 
-e 'MB Temperature' >> heat.txt; sleep 10; 
done

I know theres a better way but it was quick and dirty.

From the short tests I did, it seemed the CPU kicked into high gear for a minute or two before it hands off to, what I thought was the GPU. However… During a stream encode of 4k h.264 content to 1080p h.264, while directly streaming at the same time. I got these results.

Thu 20 Dec 20:23:51 GMT 2018;
> GPU Temperature: 33.0°C
> CPU Fan: 1650 RPM
> CPU Temperature: +71.0°C
> MB Temperature: +34.0°C
Thu 20 Dec 20:24:01 GMT 2018;
> GPU Temperature: 33.0°C
> CPU Fan:: 1599 RPM
> CPU Temperature: +68.0°C
> MB Temperature: +34.0°C
Thu 20 Dec 20:24:11 GMT 2018;
> GPU Temperature: 33.0°C
> CPU Fan: 1261 RPM
> CPU Temperature: +59.0°C
> MB Temperature: +34.0°C
Thu 20 Dec 20:24:21 GMT 2018;
> GPU Temperature: 33.0°C
> CPU Fan: 1167 RPM
> CPU Temperature: +54.0°C
> MB Temperature: +34.0°C

A while later once the transcoding stops

Thu 20 Dec 20:37:40 GMT 2018;
> GPU Temperature: 33.0°C
> CPU Fan: 725 RPM
> CPU Temperature: +37.0°C
> MB Temperature: +35.0°C
Thu 20 Dec 20:37:50 GMT 2018;
> GPU Temperature: 33.0°C
> CPU Fan: 724 RPM
> CPU Temperature: +37.0°C
> MB Temperature: +35.0°C
Thu 20 Dec 20:38:00 GMT 2018;
> GPU Temperature: 33.0°C
> CPU Fan: 725 RPM
> CPU Temperature: +37.0°C
> MB Temperature: +35.0°C

As you can see with proper testing it was clear the GPU isn’t being used for transcoding (unless the CPU magically is doing something else, but looking at Htop, its clearly Plex transcoding). This was confirmed when doing more research on the issue.

Seems the problem I got is the AMD processor and if I was to swich it to a Intel one it should work with the Nvidia GPU?

So this brings me to the idea of maybe changing parts of my server.

Si pointed me at PC part picker which is alright but I don’t really understand why some Linux operating systems are not listed under operating systems? I listed most of my parts here and to be fair changing the CPU, motherboard, case and of course getting my own GPU might be a good idea?

The pebble maybe water resistance but not spa resistance…

Dead pebble

Sadly its the 2nd Pebble smartwatch I have lost to my love of spas. First one died during a spa visit in the Midland hotel, weirdly about a year ago. I instantly got another one exactly the same as my kickstarter version. It worked great but I didn’t learn the lesson and kept wearing the smartwatch at spas and swimming pools.

Then a few days in a hotel spa in London and Liquidrome in Berlin, caused my smartwatch to fail again.

Dead pebble

Looking at the damage I think its the intense steam of the steam room (to be fair, was in the steam room for over 30mins) mixed with the heat of a sauna. Then floating in a salt water pool just killed it for good. I really should have done the bag of rice trick but I was mitte, Berlin and well bags of rice wasn’t easily available at midnight while leaving Liquidrome.

After a few days in Berlin with no smartwatch I realised how much I missed it and looked online to get a replacement. Black pebble 2’s were closer to the 400 pound mark, while the white one was less than half that brand new. So I got a white one.

All the my pebbles
From left to right, My dead pebble from 2017, then my new white pebble and finally the one which just died in Berlin

I did spend some serious time looking at alternatives to the pebble but couldn’t find a decent alternative for anywhere near the price. My list was simply this…

  • Non LCD, so I can get more than 3 days battery on a charge
  • Basic apps to do sleep/fitness tracking, read Google tasks, etc
  • Clear display in sunlight and darkness
  • Replacement straps which are not custom to the device
  • Android WearOS support to get notifications, etc

Nothing too complex but the smartwatch still seems lacking in diversity. As most seem to be clearly copies of previous with beefed up specs. I even consider the Fitbit charge but I hated the straps and the size was massive.

How good is the Oura ring tracker?

https://www.youtube.com/watch?v=ji5U4F9xvWY

Its a nice looking device, seems to work well but at £300+ its a high price.

I do find the back story interesting however, especially since its been floating around the Quantified Self community for quite some time.

My usual worries about data-portability, app access (the android app looks like it needs work), etc all come into play but as a replacement for myband2 and sleep tracking on my pebble smart watch. It does interest me.

I don’t usually wear rings but I did obviously have a wedding ring and also did try wearing one of those cheap NFC rings.

Making Slack useable on x64 Linux?

 

Slack

Its been a while since I reinstalled my work laptop; one thing I haven’t reinstalled properly is the Slack app.

The amount of times I use to start it up and go and make a tea because it would make my ubuntu install act like Windows 95. Most of the time I would come back to find my laptop completely frozen.

I tried removing the amount of slack workspaces I had attached to the app but it made little difference. So I decided to hell with the slack app, which seems to be a wrapper for Chrome, with each slack instance being another instance of chrome!

This time I’m using Slack in Firefox and limiting how many I have open at a time. I noticed if you login into the different slacks, the cookie will hold them open for you without using the resources. This can be done from the main page using the Workspace options.

Slack home

I also noticed the enterprise slack version also has a front page which can be used to reach the other slacks.

Recently I decided to give Flatpak Slack a try. Interestingly I found you can launch the Slack app from the slack pages mentioned above.

It sounds like a lot of hassle but it works and mean my ubuntu system is fully useable.

Hopefully this will be useful for other Linux Slack users?

I bought a Chromebook

https://www.youtube.com/watch?v=YDIhZZJQWRw

The other day my work Dell XPS 13 which has been running Ubuntu 16.04.1 asked me to upgrade. This message has been coming up for a while but I decided it was time for a upgrade, 18.04 was running well on my server and well it was time.

However the upgrade broke and I was left with Ubuntu 18.04 with Busybox. I had backups but as it was a BBC R&D build of Ubuntu, I needed to go to work for them to reinstall it. All of this was just before I went away to Mydata 2018 in Helsinki. On top of that my ubuntu server also had a problem.

Double wammy!

It was clear I could reinstall Ubuntu quickly but I would need to do a bunch of configuration and that takes time. I have a task to create a live CD with a bunch of configurations just for me, incase similar happens again.

I’d been looking at Chromebooks since I bought one for my parents ages ago and seen how ChromeOS has matured. I’m not the only one. It was the ability to run Android and Linux apps which pushed to get one.

Google Makes it Easier to Run Linux Apps on Chromebooks

So I bought the Asus chromebook flip c302, and I’m quite impressed with it. The size is good and the performance is good. As a backup laptop its ideal. It also kinda a solution to my lack of a decent tablet now my Nexus 7 is pretty much dead. I was tempted with the Google Pixelbook but it seemed too close to what the Dell XPS 13 is for.

I did consider getting a second hand XPS and sticking ChromeOS on it myself actually.

Dataportability and Dock.io

Dock.io stack

You may have gotten an invite to dock.io which is a service which reminds me of the late atomkeep;

Atomkeep helps users sync their profile information on social networks, job boards and other Internet sites. Users gain a streamlined way to validate and control their social identity across multiple sites.

The nice thing about the Dock.io is they are doing things more correctly. The potential of blockchain is being talked about everywhere but its great to have these services showing the actual potential.

I always found Atomkeep interesting but found it heavy on the trust and apis. Dock.io benefits from dataportability and GDPR, as I was able to get my Linkedin data dump and drop it in dock.io. Export and import, now thats good! Dock.io reminds me of openhumans as you can have applications which run on top of the protocol which then talks to the actual data.

So far so good, sure to write more about it soon including the use of Ethereum and IPFS.

Love your pebble, don’t want to see it turn into plain watch? Setup a rebble account now!

Pebbles growing in work

If like me you love the pebble and although I hate that Fitbit bought them, can’t really slate their support to keep the watch alive and working with the rebble team.

The Rebble team have been literally everywhere urging pebble users to create an account on the rebble servers before the pebble servers are switched off for good.

The Rebble account system is up and running, and now is the time for you to create your accounts. Head over to Rebble Auth and log in using your preferred site. You’ll then be asked to link your Pebble account. Please do: we will use this to import information from the Pebble servers before they shut down in order to help make the transition smoother.

It is especially important for developers to link their Pebble accounts now. Once the Pebble services shut down at the end of this month, we will no longer be able to identify developers who did not link their accounts, and so we will be unable to let them update or otherwise change their apps.

We are also going to use the number of accounts created to assist us in determining service usage and attempt to validate our assumptions about the number of users we expect to see.

That’s all there is to do right now: there is no app to install, and we are not yet ready for users to switch over to Rebble services. We will be sure to update you when we are!

Do it now, it takes a minute or so and will save you a lot of heartache later!

The realm of third-party trackers on Android

Luman android root cert

I was excited to learn about Lumen Privacy Monitor, as I’ve always wondered about the apps I have installed even when I have restricted the permissions wanted from the installed app.

New research co-authored by Mozilla Fellow Rishab Nithyanand explores just this: The opaque realm of third-party trackers and what they know about us. The research is titled “Apps, Trackers, Privacy, and Regulators: A Global Study of the Mobile Tracking Ecosystem,” and is authored by researchers at Stony Brook University, Data & Society, IMDEA Networks, ICSI, Princeton University, Corelight, and the University of Massachusetts Amherst.

“This is the start of a long project to uncover all the hidden data collection and data dissemination practices on the internet,” Nithyanand explains.

“There’s a huge lack of transparency around how mobile applications behave,” adds Narseo Vallina-Rodriguez, a co-author and researcher at ICSI. “People install software, but don’t know what that software is doing.”

The paper’s introduction lays out a troubling scenario: “Third-party services inherit the set of application permissions requested by the host app, allowing them access to a wealth of valuable user data, often beyond what they need to provide the expected service.”

To study this scenario, the researchers used Lumen Privacy Monitor, an Android app they built themselves over a two-year period.

So I installed it just to see what was going on with my Android devices. But there is a problem… Best summed up in this comment from Wcat.

Not open source? TLS interception? Before you install this stop and think about TLS interception. “Those who would trade privacy for security deserve neither.”

Luman asks for permissions to install its own root certificate, and this deeply worries me. TLS inception isn’t a trivial thing to be honest, I know its needed but it had me questioning how I really want to monitor the apps? Also if I remove the app, will the certificate be removed too/how would I know?

Right now, I’m keeping an eye on the app but haven’t installed the root cert yet.

Google clip, decentralised intelligence?

https://www.youtube.com/watch?v=AD48ZEltaSo

The reviews are appearing about the Google Clip camera. Its not great but to be honest, the only thing I found interesting about it on the announcement, was all the logic/intelligence was onboard. Google has become well known for doing the logic via their own cloud systems, so this was a surprise.

the main reason Google Clips isn’t as worrying as “Google camera that recognizes your family’s faces and records them automatically” sounds is that Google made a few carefully considered technical choices to protect its users’ privacy.

The first is that everything on Clips happens locally. Nothing is synced with Google’s cloud at all — except the photos you save into Google Photos. All the facial recognition happens on the device using its own processing power. None of it is paired up with whatever facial recognition you may have set up in Google Photos. It doesn’t pair faces with names, it just recognizes faces it sees a bunch over time. It also tries to ignore faces it doesn’t recognize. So if you’re at a park with your kids, Clips will endeavor to only take photos of your kids.

The clips the camera takes are also stored only on the camera itself. They don’t try to sync over to your phone unless you ask for them. They’re also encrypted on the camera, in case you lose it.

On first look, I thought it might be a similar replacement for Google Glass, then I thought maybe its the Google GoPro but it doesn’t seem to operate like a point and shoot. So I thought maybe a lifeblogging devices like the autographer and narrative clip. But it seems to be a different category all together.

Its a interesting device, but certainly pricey for a new category camera.

Google maps you have a speech problem

Google Maps

I love google maps but it has a problem.

I use it as a GPS when travelling around on my scooter, which means I don’t have a screen in front of me. Instead I’m reliant on the audio output to tell me where to go and when. I imagine for most people this sounds kind of crazy because they want to see the map and directions, but when it works it really works well. It says before the turning and then again just at the point of the turn. Pretty much once you get use to it, its just great and I find it weird sitting in peoples cars when they are not listening to the voice.

However there is a bug/problem.

I use to think it was just my Nexus 5X but its happened with my Google Pixel2 making it clear its a google maps issue.

Every once in a while, google maps stops talking and leaves you with silence.  This seems to be solved with a restart, which is hardly great when driving along. I imagine most users tend to have the display and don’t care too much about the voice. But if you are reliant on it, when it suddenly goes quiet you start to wonder. Worst thing about it is Google maps doesn’t say anything when you don’t need to take a turn. Meaning if you are going down a motorway you have to assume everything is fine.

Google maps fail

This is what happened as I drove down the M6 towards London not Bristol on Monday afternoon, wondering when the M5 turn off was coming. Now to be fair I was on the right motorway but when I came across the M6 toll road, I took it and that led me towards London.

M6 toll
Taking the M6 Toll road
M5 from Birmingham
The M5 I should have took

Google maps said nothing, so I just kept going expecting something over the headset when the turning came. To make things even more difficult I had my pixel 2 phone locked in the scooter charging, meaning I couldn’t see the phone unless I pulled over and turned off the engine. Once again not ideal.

Ok this example is quite extreme (but it happened) and you could say I should have been aware but I honestly didn’t see a sign for the M5 south. Its likely I wouldn’t as I took the M6 toll road.

Google maps has a speech problem and I’m not the only one who has experienced this.

Anyone else?

Nexus 5x issues ongoing…

Google Nexus 5x
I like the irony of the good place paired with the problems of the phone

I recently got my Nexus 5x back from Carphone Warehouse. This follows the sudden bootloop of my Nexus 5x in November.  They replaced the motherboard as it was still under its 2 year warranty. I was hoping they would just refund me for it, as I bought the Google Pixel2 on its launch.

But it will do for now, till it happens again and I’ll be demanding more. Right now its a spare/backup phone with my pay-as-you-go 3 sim inside. I did pause to think if I should upgrade to Android Oreo, but decided I should do it.

In the mean while its interesting to see some of the solutions people have come up with including this one using salty ice to keep the CPU cool.

Nexus 5x under ice

Riding the Bitcoin bubble up and out?

Bitcoin market price over last 8 years

Bitcoin is something everyone is talking about right now. I wouldn’t be surprised if my parents asked me about it soon.

It was a while ago when I received some bitcoins from a friend via tipjar.  I added the tipjar link on my blog and every once in a while I received a very small amount of bitcoins as tips. The amounts were so small that I didn’t really take note till I needed to move the wallet.

That was when I noticed the amounts were adding up to less decimal places  in bitcoin and the value in British sterling was also starting to add up to a few coffees. After the move to blockchain.info (no matter what I thought about the founder), I decided to keep an eye on the figure but forgot about it. Wasn’t till about a week ago, when I decided to have a quick look at the amount it was worth and was pretty shocked.

The tips were adding up to something quite big and thats when I decided maybe I should convert some to sterling and ethereum. I have never put any money into bitcoin, its all been donated or paid to me in return for something, I treated it as a bit of a joke to be honest. But over the last few weeks it became very real as I transferred quite a bit out and still had some left over, just in-case the bitcoin bubble keeps growing. But i’m simply not motivated enough to track its progress and put money into it. Ethereum I’ve found interesting since I first saw the videos about it so I’ll keep an eye on that too.

Thanks to everyone who tipped my blog or paid into my wallet over the last 3 years,  I owe a great gratitude to all those people. I’ll keep writing… feel free to keep tipping.