2021, Allison Sheridan
NosillaCast Apple Podcast

Edit Transcript Remove Highlighting Add Audio File
Export... ?


[0:00] Music.

[0:11] 20th, 2023, and this is show number 954. Well, we've gotten a lot of really nice messages from people asking whether we're okay because of Hurricane Hillary and a wee tiny earthquake that was not terribly close to us. It did feel really good to have folks worry about us, but we've been fine so far today. As of right now, the peak wind has only been 9.2 miles per hour, and we've had 1.4 inches of rain. It's not over yet, but with our whole home batteries, the Tesla Powerwalls I've told you about, we're not too worried. Thanks to all who checked in with us.

[0:44] Okay, so remember how I told you the show would come out on Wednesday because we were going to Houston for the weekend to finally meet our new grandson? Well, early in the week I got a wee bit of a cold so we canceled the trip. You see, there's this virus called RSV that can be very dangerous to babies and especially dangerous to premature babies like our little Teddy, and RSV can present itself as a cold in adults, so you can have RSV and not realize it. Rather than take any risk to Teddy, we postponed the trip by a few weeks. We were disappointed, but were able to pick a time when Kyle will be on the second half of his paternity leave, so it, will be even more fun for Scott to visit them.
Now since we told everyone there would not be a live show, but there actually is a live show going on while I'm recording right now, I sent out the bat signal on every channel I could think of. I sent it out on Mastodon, I sent it out on Twitter, I gave it to Steve to post on Facebook, I put it on Slack, I put it in the Podfeet Press, the newsletter I told you about recently and a whole bunch of people signed up for, which is great so they got the message, I put it on Patreon, and I even send individual messages to the people who are most recently showing up often.
If you missed the fact that there was a live show today, my apologies, but I tried everything short of sending out owls to let you know.

Will the PETLIBRO Smart Cat Feeder Keep My Cat from Overeating?

[1:58] You may have noticed that Steve and I spend a fair bit of time away from home.
Tesla, our wonderful dog, requires a great deal of playtime and attention, so she either goes to doggy camp, or if it's a longer trip, she either goes to Camp Nancy, a very dear friend of ours, or if it's a long voyage like when we went to India or Antarctica, she stays with Lindsay and Nolan. She loves going to Lindsay and Nolan's house.
And by loves, I mean she does not want to go home. When we start packing up to take her back, she always hides. She'll be under the dining room table, she'll be under the desk in the guest room, wherever she thinks she won't be discovered. We actually had to put it on our checklist to go home to take Tessa with us because we were afraid we'd forget her. I think we may have started to pull the car out once without getting her. Anyway, our cats, Ada and Grace, named after Ada Lovelace, the first computer programmer, and Grace, named after Grace Hopper, who is a rear admiral in the Navy and the inventor of the first computer compiler, the two of them require a lot less attention than Tesla. To be fair, they give back a lot less love and affection, so it's a fair deal.

[3:01] They're actually the most affectionate pair of cats we've ever owned, and they do seem to notice when we've been gone. But to survive, they really only require their cat litter scooped, some food now and then, and fresh water. Ever since our very first pair of cats, Halliday and Resnick, yes, that Halliday and Resnick, we've had a very simple, gravity-fed feeder for when we're away. While Grace will eat the amount of food necessary to stay alive and healthy while we're away, Ada seems to have some self-control issues in the food department. Each time we go away, she seems to get bigger. When we return, we put Grace's food up on a windowsill. We know that Rubenesque Ada, a term coined by her vet, is too heavy to jump up there, but Grace will easily be able to hop on up, and that way we can monitor Ada's food after we get back.

[3:48] With our recent trip to Mammoth, I decided to try to use technology to solve the problem.
I went on the hunt for a smart cat food dispenser so Ada wouldn't have access to an endless supply of food while we're away. I found a great rundown of the 9 best automatic cat feeders from 2023 tested and reviewed at Now some best-of sites are just link farms or worse yet are paid placements, but the Spruce Pets actually did do in-depth testing and evaluation. They broke it down into the best overall, best budget, and best for multiple cats, along with a few other options. Their top pick for multiple cats was the $90 Petlibro Dual Pet Feeder on Amazon. This would have met our needs, dispersing specific quantities on a schedule, but then I noticed that for $150, I could get nearly the same model, but with 1080p HD video with night vision and Wi-Fi. I really had no choice, For future reference, this Petlibro feeder is affectionately referred to as PLAF203.
I'm just going to call it the Petlibro. Alright, here's a spoiler to start with.
We really like the Petlibro cat feeder, and we're especially glad that we got the one with the video and Wi-Fi.
Before I dig into the setup and why we like it so much, let me say up front that if you're blind, just move along.

[5:12] The interface on the Petlibro cat feeder does not have any real physical buttons that you can feel, the app is pretty much inaccessible, and even the online manual isn't accessible as it appears to be one giant image.

[5:24] It's really a shame, and I did write to them and I was assured that my message would be delivered to the correct people to try to rectify it. Nothing new in the last week since I've written this, but I did what I could.
The Petlibro feeder has a five liter cylindrical chamber with a little window on the front so you can see how full the feeder is at a glance.
Very analog.
You add food by simply rotating the lid on top to access the chamber.

[5:50] Below the chamber it has a food chute that spits out the food on a schedule you define in the app.
Since this is for two pets, there are two stainless steel bowls to accept the food.
Stainless steel was a differentiator in the Spruce Pets reviews because many of the feeders only had plastic bowls.
Now you would think the Pet Libre would send equal amounts automatically into the two bowls, but you'd be wrong.
By default, it seems to spit a lot more into one bowl than the other.
So there's a small plastic piece you have to kind of pop back on that's called the meal splitter.
You have to connect and then rotate to direct it to split the servings.
It's weird though, because it barely moves between being equally centered, which oddly doesn't make them equal servings, and about like a 10 degree angle to one side that does make them equal.
I have a feeling people really try to crank on the meal splitter because it doesn't really make sense that it barely moves and they included a spare.

[6:44] Below the food chamber is a black angled screen that lights up virtual buttons. By default the buttons are locked so that curious noses can't trigger anything like manual feeding. We wouldn't want Ada doing that. One of the lit up buttons is a lock that you can disengage to allow manipulation of the device. Now the instructions that come with the Cat Feeder explain how to do this unlocking and then how to get it to pair with the phone app. I tried repeatedly to make the connection as instructed but it kept failing. The instructions explain that there are two different versions of their phone app, Petlibro and Petlibro Lite. That's a bit annoying, but it's even harder to figure out which app you need. The instructions said to look at the serial number inside the battery chamber, and that requires flipping the entire cat feeder upside down. If the number after the C in the serial number is a value greater than 43, then you're supposed to use the non-Lite version of the app. Well, my serial number after the C was 55, But the non-Lite version kept failing for me.
Finally, in desperation, I tried the Lite version of the Petlibro software and instantly I was able to connect my cat feeder with the app.
Now that I look back at my photo that I took of it, technically the number after the serial number after the C was 055, so maybe that's why. Maybe it's 05.
Anyway, it was a really annoying way to figure it out, but once I used the Lite version of of the app, I was in business.

[8:07] Now, the app allows connection using Bluetooth, Wi-Fi, or you can bring up a QR code on the phone and show it to the pet feeder's camera. I'm not sure which one I was using the way I was doing it, but it's all working now. Once I got it connected using the right app, it was all joy from there on out. You'll get the typical permissions request, like whether to allow it to have access to the microphone. Now that makes sense, because then I can chat with my cats while they're eating. Who's not going to want to do that? It asks for permission to access your photos library, which is supposed to allow you to put avatars of your pets into the device, but I don't think I'm going to do that. I also declined the option to let it use location services because I didn't see any reason it would need to know where I was. If the app allowed automation based on location, that might make sense, but I could not find that option in the app. The best thing about the PetLibre app is how easy it is to schedule feeding of your little beasts. It's as easy as adding a time, choosing how many portions to feed at that time, and what.

[9:03] Days you want that scheduled feeding to happen. I played with a lot of automations for doing schedule events in apps and with home automation, and the PetLibro app has nailed ease of use compared to most of them. By the way, you can set up to 10 times a day to feed your pets, which is definitely not what Ada needs. Figuring out the portion size was a little bit tricky, because, or I should say the portions, because one portion is 20 milliliters. Well, how much food is 20 milliliters. What we did was we poured what looked to be a typical amount of food into the two bowls, then we combined them into one, we weighed the bowls with and without the food.

[9:42] That of course told us how many grams we fed the cat, so it really wasn't that much help at all.
I think in the end we ended up using the manual button in the app, or maybe it was on the device, to spit out one 20 milliliter portion at a time until it looked about right. If you're curious, For our two cats, they eat three portions served three times per day.

[10:02] In addition to scheduled feeding, you can also manually feed the cats a serving or two if the poor darlings give you those sad eyes asking for more.
While cutting back on Ada's endless access to food while we were away was my primary goal, we realized that it's actually pretty handy to have them fed at different intervals while we're even at home. I think Steve secretly misses having the cats swarm around his ankles first thing in the morning, but the pet Libro is fun in so many ways that he's willing to to sacrifice that joy.
What he does now is he spends time telling them how long it is until they'll get fed.
Two more minutes, kiddies, two more minutes. Anyway, a big concern with an automated feeder is what happens if something goes wrong? You wouldn't want him starving to death, right?
Well, if the food level gets low, the Pet Libre will send you a notification to your phone.
I accidentally tested this by just putting in a very small amount of food at the beginning, and sure enough, it let me know the poor darlings would starve soon.
What if the food gets jammed?
The Petlibro will also notify you in the app.

[11:01] The Petlibro is powered via the included USB five volt power adapter, but what if the power goes out?
Remember the battery chamber where the serial number was located?
That's for the battery backup of the cat feeder. Since we have a whole home battery system, in theory, we won't ever experience a power outage again, but we might slap some three D cell batteries in there just in case.
Now, how can you be sure the little beasts are being fed? There's a couple of ways.
And probably the only unintuitive part of the app, if you tap on the icon in the top right that looks like a phone and a tablet on top of each other, you'll be shown the option to log the activity of the pet feeder.
Once you've done that, on the main screen, one of the buttons across the bottom lets you see that log, which will simply say the date and time and portions of your scheduled events with the word success if all went as planned.

[11:48] While reading text-based logs is super good fun for everyone, you might also enjoy watching your pets eat. In the PetLibro app, you can manually turn on the camera and watch what's going on in your house at ankle level, which would also include watching the cats up super close as they chow down. If you want to watch stored videos, you can either subscribe to their cloud service or pop a microSD card into the teeny-weeny slot inside the battery compartment on the bottom.
Now, I didn't buy a new microSD card for it until after I'd filled the chamber, so it was a bit of a challenge for Steve to hold it up while I was underneath trying to find that tiny slot and of course putting it in backward the first three times.
Now, the instructions say the card has to be less than 256GB, but I'm betting they meant 256GB or less.

[12:37] Just in case I went for the 128GB, just in case it wasn't a typo.
When you put the memory card in, after flipping it three times as always required, you'll be shown the option to format the card from within the app.
I tried repeatedly to format the card via the app interface and it never worked.
I finally ended up reformatting it with my Mac and it worked just fine after that.
While it's fun to just spy on your kitchen floor at random times of the day, it might be a little more fun to look at the camera when the cats are actually there.
The Pet Libro allows you to turn on notifications when it detects movements, so while we were and Mammoth for a week, we'd get notified and we'd be able to watch them.
Do you know how many times in a day one or the other of our cats went to the cat feeder?
I'd estimate it was around 126 times a piece.

[13:23] We got notifications every single time and even sometimes when the leaves on the trees cause shadows to move in the line of vision of the Petlibro's camera.
We have the sensitivity set to low, but I think they might need an extra low option.
They have a sound detection notification too, and I thought that might work better since I thought it would only trigger when they're eating or the food is falling.
What I didn't take into account was that when we're home, we make a lot of noise in the kitchen.
So maybe I'll leave alerts off altogether while I'm away from home until I'm away from home again.
I'll probably use the sound trigger though in the future. I should mention that the alerts are on a schedule too, so you can turn them off when you're sleeping.

[14:01] While we were away, I watched a lot of the stored videos just to see if Grace was able to get any food at all. I'll admit that it was Ada chowing down more often than Grace, but at least she was in some of the videos. The video quality is very good. It's 1080p with a 145 degree viewing, angle. As you scroll through the recorded videos with the timeline, you can even download the videos from the memory card to your local gallery within the app. I have to give big credit to the Petlibro people for how fast the app is in a lot of ways, including how easy it is to scroll in the timeline and do a video. So many apps, Ring, Tesla, YouTube I'm looking at you here, they're so bad at letting you get right to the recorded bit.
You got a big timeline and it's really hard to get it right where the actual recording, is. With PetLibro, as soon as you get anywhere near to a recording, the timeline snaps right to the closest video.

[14:53] Now, every time I play with the Petlibro app, I find something new it can do.
I've said the app is intuitive, but I found one really funny thing buried in a very obscure location in the app.
Remember I told you you can turn on logging of events by tapping on the icon with the phone slash tablet in the upper right?
In that same menu, again, I don't know why it looks like that, you'll see recording length.
What is recording length? Recording of what?
If you tap on it, it gives you the funniest thing. You can record your own voice with a feeding time message.
Okay, but here's what makes it so funny.
You use the app to initiate the recording of your voice, but it's the feeder's microphone that actually records your voice.
So here I am, down on my hands and knees, yelling out my best hog call, going, SOO-WEE! PING! PING! PING! PING! PING! PING!
Into the microphone on this feeder. Now every single time the feeder starts spitting out food, I have the joy of watching ADA come to a hog call. Petlibro has a section on scenes and automations, but it appears to only be possible to do any of these if you own other products by the same manufacturer.
I went looking for them at different devices they have, and I don't really understand how this is ever going to work because the menus imply you can do things like turn on lights when you feed the cats, and they didn't have any lights to sell that go with it, so I really wasn't able to experiment with that part at all.

[16:19] Now, while I'm very bummed that the Petlibro PWAF-203 Dual Cat Feeder is inaccessible, for those of us with sight, it's a really cool device.
I should probably weigh Ada and Grace right now and see whether it has any effect on how much Ada will eat or if Grace will just get thinner.
Check out the Petlibro Cat Feeder and their other products at

Create Surveys, Feedback Forms, Organize Events, and More with the Free Google Forms

[16:41] Back in 2009, Steve and I hosted a party for the Nosilla Castaways during Macworld at a local bar.
In fact, it's at that actual event that Rose coined the term Nosilla Castaways.
Anyway, it was a great success and everyone had a great time.
The following year, we did it again, but something awful happened.
Someone who publishes a list of open parties during Macworld included our party, and we had tons of party crashers show up.
Steve and I funded this party with our own pocketbook, so this was a real bummer.

[17:11] In 2011, we wanted to do it again, but we needed a way to control who showed up.
We deployed one human tactic and one tech tool to make the party a success.
Barry Falk, well known to everybody as the host of the Midwest Mac BBQ, Paul Shadwell and Julie Keel volunteered to be bouncers for the event.
It was awesome. Barry wore a tuxedo, Paul wore an all-black suit and he's really bad looking, and Julie dressed up in her Harley biker gear complete with a leather jacket and a bandana.
The tech angle was Connor Jackson's idea. He suggested I use a Google Form so people could register to attend.
That would give the bouncers a checklist to ensure no miscreants showed up to spoil the party.
I'd never heard of Google Forms before, but it turned out to be the perfect solution.
While it's been 12 years since I first discovered Google Forms, I just realized I've never talked about it on the show beyond a passing mention.
I'd like to rectify that and teach you what Google Forms can do and how to make them yourself.
They're really nifty, they're really easy, and they're free.

[18:16] The basic idea of Google Forms is that you create a series of questions and decide how you want them answered, and then you send out the form and it automatically collects the data for you.
Well, that sounds really dry and boring, doesn't it? How about a couple of examples to kind of tickle your interest instead? Let's say you're planning a big family reunion. You want to accommodate as many of the family members as possible, so you might want to create a form that asks for people to vote on which dates would be best for them. You might want to include where the event should occur, narrowing down the available options by a vote.
Maybe once you find a date and location, you'd want to create another Google Form to get people to sign up to bring potato salad, beer, or cake. Perhaps you'd include a section on when people will be flying in and out so you'd know when to expect them.

[18:59] Maybe you've got an event that's a lot simpler, like a birthday party, and you just want RSVPs.
A quick Google Form is all you need.
If you teach a course or make a presentation, perhaps you'd want to use a Google Form as a method to get feedback on how the audience perceived the information you delivered.
Maybe you're working on a project and you'd like to get feedback. I used a Google form to ask people what they liked best about the design of and what they wished was different about the site. I used some of that feedback to figure out how to redesign it into what you now see as its current form.
During COVID, Steve cooked his usual giant Thanksgiving dinner even though we couldn't have our normal large family gathering. We decided to drive care packages to each of our friends on Thanksgiving Day. Now, I didn't want to bring sweet potatoes to someone if they hated them, or dark meat when they prefer light meat, so I created a Google form with all of the options listed and let them decide what they wanted delivered. Our friends found a delightful bit of entertainment to fill out and have goodies delivered to their doors.

[19:57] Google Forms provides a great deal of flexibility in what kind of information you can collect, and even has ways to protect the privacy of the participants so you don't gather more information than you need. So now let's talk about the settings for Forms.
Google Forms are available from under the New button, which will open a new blank form. Or better yet, start at slash forms, which will show you a lot more options.
Across the top, you'll see the Template Gallery. This is a great place to peruse to create different types of forms and see what can be created. You can study a job application, an assessment, an event registration, and a form to find a time for a group to do something together.
But let's start with a blank form and learn how to use Google Forms.
As soon as you start a new form, you'll see three tabs at the top, Questions, Responses, and Settings. I'm going to start kind of backwards by walking you through do the settings first because they'll change what options are available to you when you start creating your questions.
Within settings, you can make the form a quiz, which allows you to assign point values, set answers, and provide feedback.
If you don't want to do a quiz, do not toggle this setting on.

[21:07] Next, you have a lot of control over how you deal with responses.
By default, Google Forms do not collect email addresses.
I applaud Google for making this default because collecting people's email addresses means you're responsible for protecting those addresses.
In the case of the Nocilla Castaways party way back when, I did collect addresses because I needed to be able to notify the attendees if something went awry with the party, such as a venue change.
You can toggle on the ability to collect email addresses in settings, or you can do it later in the creation of your forms.

[21:40] In Google Forms settings, you can automatically send participants a copy of their completed form.
So if Cousin Billy is committed to making that potato salad for the family reunion, you sure want him to have a copy of that commitment, right?
Now, let's say Cousin Billy remembers he doesn't actually know how to make potato salad, but he'd like to make his world-famous quiche.
In settings for Google Forms, you can allow participants to go back and edit their responses.

[22:05] If you'd like to limit users to one response, there's a toggle for that in settings, but it warns you that this will require the participants to sign into Google so their participation can be tracked. Again, I think it's quite polite of Google to have that turned off by default and let you know the repercussions of turning it on. The next section of settings allows you to control how the form and responses are presented to your participants. I really appreciate it when I start a survey if they show me a progress bar. Sure, I'll bail early if I realize after five minutes that I'm only 10% through, but that should be my choice I think.
Google Forms lets you show a progress bar to be courteous to your participants.
If your form is a quiz, you might want to shuffle the order of the questions, and you can choose whether to show the respondents the results from other respondents.
That's another thing I really like in a survey. I need to know how much people agree with me.

[22:56] Finally, you can change whether by default questions are required to be answered.
This is a default, as I said, so you can always toggle required on and off question by question.
Now that we have our settings just the way we want them, let's make a form already.
We'll start with an example. Let's say we want to take a survey of the Nosilla Castaways to find out how well they like the show. We'll start by adding a title, and we can also write a little form description. Under the form description, you'll see a set of formatting options you can use within the description, including typical, you know, bold italics underlined, but you can have numbered and bulleted lists along with the option to create links, and finally, you can remove all formatting. A new Google Form will insert a new untitled question. To the right you'll see it's defaulted to multiple choice and a radio button that says option one has been auto-created.
Before we write our first question, let's explore the options for the answers.
We can allow two different free form text fields, short answer or paragraph. In addition to multiple choice radio button, the option that was the default for our new form, you can also choose checkboxes or a drop-down.
Multiple-choice radio buttons and drop-downs only allow one answer, while checkboxes allow more than one answer to a question.

[24:10] Let's say your form is for collecting bug reports. People might need to upload screenshots of a problematic area in your app.
Google Forms allows file uploads for this purpose as the answer to the question.
They warn you that respondents will be required to sign in to Google if file upload questions are added to a form because their files will be uploaded to each person's own Google Drive folders. they're being very courteous to you telling you that's going to happen.

[24:35] Now, the next three ways to present possible options for answers are linear scale, multiple-choice grid, and checkbox grid.
This took me a little while to figure these out, but linear grid was pretty self-explanatory.
Respondents get a little slider where they can drag along a scale.
You can set the minimum to 0 or 1, and up to a maximum of 10.
I didn't really understand the checkbox grid, like I said, until I looked at the template to find a time. That was the one where, like, trying to find a time to meet.
Their find-a-time template shows Monday through Friday down the left column, and then four columns across the top for morning, midday, afternoon, and evening, and then little checkboxes for the intersections of those rows and columns.
So I mean by that, you can check a box for, say, Tuesday in the morning, any time of the day on Wednesday, and the evening on Friday.

[25:24] So just like how the dropdowns work, if you change that same find-a-time template to be, via multiple choice grid, the respondents would only be able to choose one time to meet up instead of all of the times they'd be available.
Now, there's certainly a use for the different types of options, so it's good to understand which ones allow which kinds of responses.
The last two types of responses are date and time. I assume these options would be useful for choosing a time to meet up like the previous example, but that's not what they're for.
It's to define a specific date or time. You could use this, say, to ask someone for their birthday the date they're submitting a form. I thought it might be useful for quizzes like, when did Columbus land at Plymouth Rock? But you can't just answer 1492, you have to give the month a day too. By the way, when I was a very young child, I got that question on a quiz. I want to say it was second grade and I didn't know the answer. I looked at my neighbor's paper and I wrote down the answer. Before I turned it in though, I erased it because I knew it was wrong to cheat like that. I'm no saint, but my parents raised me not to cheat.

[26:30] Okay, now that we understand all of the ways we can have questions answered, can we finally start writing our No Silicast Away survey?
Let's make the first question, how did you find the Podfeet podcast?
The obvious type of response should probably be a paragraph, so people could explain in detail how they found the shows.
At the bottom right, I can set the toggle on whether to make this question required, like we talked about in the defaults. Some people might not remember how they they found the show, so I'll make that one optional.
To the right of the question field, there's an image icon. For reasons I can't explain, they've made it so you can embed an image into any question, either by uploading, linking to an online image, or even using your webcam. Once it's inserted into the question, you can change the alignment, change out the image, remove it, or add a caption.
Still don't know what it's for, though. At this point, we probably want to see how this will look to the respondents to our survey. Google Forms changes the location and and even the names of some of the icons, depending on how wide your window is in the browser.
On a narrow window, you'll see a three dot icon in the upper right with a lot of options, one of which is preview. That's what we're looking for.
But if you have your window wide enough, you'll see an eyeball icon that allows you to preview your form.
So again, your window width is gonna change where you find things.

[27:45] To add additional questions to your form, look around for a plus icon.
Again, if your window is narrow, It will be in a group of icons across the bottom, but if you've got a wider window, they're going to be in a column on the right.
For my next question on my amazing survey, I'll ask them what kind of devices they use.
This question would be ideal for checkboxes so they could check all that apply.
As soon as you choose checkboxes, you'll see option one next to a checkbox.
You can enter the first response option and then manually click to add another option, or if you just hit the enter key, it'll add options as you type, so it's very efficient.
They also allow you to add an option called Other, where people can enter a free-form answer.
I made check boxes for PC, Mac, Linux, iPhone, Android, Raspberry Pi, Synology, iPad, Apple Watch, and Other. Let's get to the meat of the survey and ask them to tell us how well do they like the NosillaCast?
How about a linear scale response to that question? In addition to defining the numerical scale, the numbers, we can also assign values to the two endpoints.
It's important for people to know whether one is best or 10.
I think we'll label the value next to one to mean they truly love it, and five will say it's the best show ever.
That way we'll get fully good answers.

[29:00] At any time while creating your questionnaire, survey, quiz, or party invitation, if you hover over a question, you'll see a light gray icon with a grid of three by two dots.
This is a handle, and it allows you to drag the questions up and down to rearrange them.
Like I said, this is a really easy to use tool and it's got lots of flexibility.

[29:19] All right, let's ask them how often they listen to the different shows.
I use a checkbox grid for this one.
For the rows, I'll put in the no-silicast, chit-chat across the pond light, and programming by stealth.
And for the columns, I'll put never miss an episode, most of the time, dip in and out, and not my cup of tea.
And for snarky people like NASA nut, we'll make the last option, never heard of it.
While I was writing up these options, I realized I needed them in a different order.
Just like the questions, the response options within a question can be rearranged using the same kind of grab handles with six dots.
After all this work, I think our respondents deserve a reward.
Back on that elusive menu of icons where we found the plus button, there's an option to simply embed a video from YouTube.
I thought it might be nice if those participating in my little survey got to watch a beautiful short video Steve created a few years ago.
It's a compilation of the total eclipse we saw in Chile. It's very moving and well done.
After giving the YouTube URL, the embedded video will have a three-dot bubble on it.
It. That allows you to left, center, or right align the content, change the video to a different one, or remove the video altogether.
In case you're wondering, you can't embed any other video formats. I tried Vimeo and a video I put on my own website of my cat responding to the dropping of the food by that new automated cat feeder, and Google Forms did not accept either one.

[30:43] This video is really a separate part of the form, so let's use that elusive menu again that moves between the right side and the bottom of the view, and choose the last icon that looks like two tiny rectangles. That lets us add a section to our form to separate the two distinct pieces of it. If you've got a long form, separating them into sections has a bonus feature for you because it allows you to collapse sections while you're working and it's easier to work on your form that way.

[31:09] Now, if you're happy with the default color scheme Google gave you, you're pretty close to done. But if you'd like to customize the look a bit more, take a look at the painter's palette icon at the top menu bar. Not only can you change the text styles for the header, questions, and text, but you can also choose the overall color and add a header image.
If you select to add a header image, you get a plethora of very cool looking banner images under the theme sections with topic areas like work and school, illustrations, birthdays, weddings, travel, and more. You can also upload your own banner image or choose from your already uploaded Google Photos. I uploaded a banner image. I have the of the four PodFeed podcast logos. When the logo came up, Google Forms automatically changed the theme colors to complement those images. I thought that was pretty cool. Before the banner image, the form was lavender, but I think it picked up on the gray from the Taming the Terminal logo because the form changed to a more professional dark gray border and light gray background.
Interestingly, it also gave me a color palette that complemented the four logos so I was able to choose a nice blue instead of the boring gray.

[32:15] Let's say we're done with the survey for now and we want to test it out.
We don't want to send out the raw URL to where we created the form. That doesn't make any sense.
We want to send out the form in a way that people can actually fill it out and submit.
If your window is narrow, you'll see a paper airplane icon that lets you send out your form.
If you're big in the window, there's a big purple send button that does the same thing.
I do not know why they keep changing the views and the names. It doesn't make any sense to me.

[32:41] Anyway, you'll get three different ways to send the form to your intended respondents.
The first option is to send via email.
If you are sending out birthday party invitations or asking your relatives to help you pick a date for a family reunion, this might be a practical method since you'll have a specific set of recipients.
You'll still see that collect email addresses is set to do not collect, but I think that just means that you won't collect the email addresses.
It was not clear to me whether Google might collect the addresses if you did it that way.
The second method to send the form is to use a link. You can simply copy the giant long URL with a lot of glop after that, or they offer to give you a shortened URL.
It's still a bit gloppy, but this time it's to, and it's a bit less glop.

[33:29] Finally, if you manage your own website, you can get an embed code ready to plop into a web page as an iframe.
That's how I did the NoSilicastAways party invite all those years ago with a double-secret private URL that only listeners of the show would know.
Now after you send out your Google Form, you'll actually be able to see the responses roll in.
Remember when we started on this journey about three and a half hours ago, I said at the top of the form you'll see questions, responses, and settings. Even without selecting the responses tab, it will have a number next to it showing you how many people have responded to your survey.
When you open the responses tab, you'll see three additional tabs, summary, question, and individual. On the summary tab, you'll see the data presented differently depending on how you allowed the participants to respond. For example, if you gave them a free-form text field, you'll just see the text-based responses. But if you gave them a multiple-choice slash checkbox option, then the responses will show a horizontal bar graph for each answer and what percentage of the participants selected each of those options. Likewise, you'll see a vertical bar graph if you gave them a linear scale like 1 to 5. Now here's something really fun. Next to the non-text-based response sections, like the bar graphs, you'll see a copy button that lets you copy the graphic itself. This can be a great way to embed the results into a final report. It's kind of an odd copy, though. It doesn't really show in the clipboard or even in my clipboard manager, so it's a little hard to extract, unfortunately. I'm not sure how or why they made it so hard to use.

[34:58] After the Summary tab, we can look at the Questions tab, which focuses on each question one at a time. Text-based responses will be all listed and it'll tell you how many people wrote the same thing. Probably not too valuable with an open-text-based response question, but a multiple-choice checkbox question will show you all the different sets of options people chose, and if you have a large enough sample size, that could end up repeating so you might see more than one response to a specific combination of answers.
Likewise, linear-scale responses could be very valuable to show you the frequency of each response. The final tab under Responses is Individual, and that lets you see how each Each respondent answered each of the questions.
I could see this view being very helpful if you're giving out a quiz.
Now, these three ways of viewing the data you receive may meet your needs, but if you've got a giant survey you're doing and you want to do a lot more analysis, there's also a link at the top to create a Google Sheet for the responses.
Once a sheet is created, the button will change to view, and as more responses come in, they automatically populate the sheet.

[36:00] Now, I want to make one last comment, and it's about quizzes.
I didn't quite understand how to make a quiz, so I experimented using the quiz template they provide.
Even after starting with a template, I had a lot of trouble figuring out how to get it to do things.
It seemed like it was kind of a bit buggy. It was getting stuck from time to time, where I'd have to refresh the whole page to work with it.
Sometimes the quiz would open with an answer I'd already chosen, even though it shouldn't be answered in the quiz as I'm creating it.
I couldn't figure out how to consistently give the quiz taker feedback either.
Maybe I was just doing something wrong, but none of the other templates or form options gave me a lick of trouble.
I'd be curious whether any of you could get the quizzes to work consistently.
The bottom line is that Google Forms is a highly flexible tool to collect data, whether it be from a vast audience survey, or to create a quiz for a class, or to organize an event and get participant information. And it's free!
If you'd like to take my little survey and watch Steve's Eclipse video as a reward, there's a link in the show notes to the Nocella Castaway survey.

Support the Show

[37:02] One of the ways you can support the shows we do here at the Podfeed Podcast Empire is to use my affiliate links. One of my must-have apps is Parallels Toolbox. I've written scads of articles about all the things it can do, including the most recent Parallels Toolbox, the gift that keeps on giving, but the folks at Parallels license the toolbox on a per-machine basis.
For one Mac at $25 per year, I find it a great value. But now that I'm living the two-laptop lifestyle, paying an extra $25 per year, it seems a bit steep. However, some grand nocilicastaway recently used my affiliate link for Parallels Toolbox and I got a license for three months free and they got three months added onto their subscription. So, if four times a year, one of you would buy an annual license of Parallels Toolbox, I wouldn't have to pay twice. Check out the link in the show notes to my affiliate link page to Parallels Toolbox to help out both you and me, or look for other applications and things and services you might want in the affiliate links there.

Security Bits

[38:03] Music.

[38:11] Well, it's that time of the week again. It's time for Security Bits with Bart Blue Shots.
How are you today, Bart?

[38:17] Now that I'm dry again, I'm good. A damp one, huh?
I managed to find the world's smallest shower. It was so small it didn't even show up on the weather radar, but it was wet.

[38:29] We had ran into a very isolated cell while we were up in Mammoth last weekend, where we were hiking. It was beautiful, blue skies, big puffy clouds. We got into the center of town, and it was actually hailing.
And then we went to our condo and it was fine. And then we went back to the center of town and it was still hailing down there.
It was like hail and rain. It was kind of a wet, small hail, but you know, hail nonetheless.
And we'd never seen anything like that, where it was like this little cylinder around us.
No, that happens. I know that was happening here today, because I'd be cycling along on a bone-dry road, then in puddles, then a bone-dry road.
And it will be like, you know, the rain would have been no more than, say, half a kilometre.
So you know, so very localised, and the last one got me.
We took the kids out because it was raining, you know, took them out and held them out in the rain. You know, look, kids, rain and hail.
Bring them over here, they'll love it, briefly. Now, I told Bart I wasn't going to say the date, but I actually realised I do need to say the date.
We are recording on Sunday the 13th, but this will come out on the show on Wednesday the 16th. If anything happens on the 14th, 15th or 16th, it's not that Bart missed it, it's that it hadn't happened yet.
Yes. And my time machine is on the fritz, so I don't know what's going to happen.

[39:48] Alrighty. Yeah. Now, as it happens, Alison, we're recording one week after we recorded last, so we don't have a huge amount of news.
So I decided it would be fun to do a deep dive into a little change to a service I think we all love called Have I Been Pwned? and an opportunity some of our Nocilla castaways may want to partake of.
Are you going to remind us what Have I Been Pwned is about? I will indeed start right there.
So Have I Been Pwned is Troy Hunt's amazing database of all of the known data breaches.
So whenever there's a known data breach that gets submitted into the Have I Been Pwned database and it is a huge repository, given that it contains the Yahoo breach of billions with a B, username and password combinations that have been leaked.
That's right, you stopped telling us about the breaches after Yahoo because you said they won, there's no more contest.
There isn't exactly. And the question is not, am I in a breach? The question is, how many in which?
And the answer is always the same. Use a password manager.

[40:54] Because you can't reuse your passwords. So it's not just actually usernames and passwords. It's also things like associated email addresses and telephone numbers and stuff. So you can use the web interface to do a one off check on your email address, no matter what email address you have. But a really cool feature they've had for years is the ability to set up alerts on a domain if you own it. So if you're using a Gmail address, you're at a look on this one. All you can do is check your Gmail address every now and then to make sure you're still wherever you were last time. But if you own your own domain, like you and I do, yeah, just as pwned or usually a little bit more. But if you own your own domain, you can actually have it proactively email you. You just have to prove ownership of the domain to have it have been pwned and then they'll set up an alert and then you get an email saying, and your address on your domain has just been caught up in X, Y or Z data breaches.
Just I'm not sure why to do that, by the way, because the answer is yes.
OK, different contexts have slightly different reasons.
So I have the domain for our family on it because I know we have family members who may be a little bit less careful than me.
And it's useful to say to them, by the way, whatever password you're using on Twitter, you need to A, change it and B, you need to not use it anywhere else.

[42:14] OK, it is OK. Proving an opportunity. Your family.
Yeah, it's it's proving an opportunity to proselytize one password to my family.

[42:25] And obviously, if you're in if the domain you're looking at is, you know, belongs to a small company or something or a big company, then the other reason is to make sure that when something does come up, the person hasn't reused a work password in a non-work context.
Oh, OK.
So it's it's useful if you have a domain with more than just yourself, it's useful.
And I kind of like to know where my stuff is just because sometimes I have been good for about a decade.
But if a breach comes to light now that's older than a decade, I'd like to know about it because maybe it was before I got good.
Before I started to be a good boy, I would, you know, like everyone else on this planet, I would have been I would have been telling people what they should be doing before I was actually doing it.
I don't know about you, but when I started with one password, I didn't retroactively go back to everything.
I sort of went, yeah, from here forward, I'll be good.

[43:20] Yeah, that was what was so impressive about Rod Simmons after the giant mess that was the last pass breaches. He moved to one password and he changed every single password and it was something like six or eight hundred passwords. He changed them all.
He deserves a medal. Yeah, that's some work, right? Yeah, if we're giving out like nerd awards that you can iron on patches, that's got to to be one. That has to be an iron on patch you can earn. That's amazing.
Right, right. Iron on. Not a stitched one, but at least an iron on.
Well, okay. If you're going to be really fancy, a stitched on one is like a proper scouts badge, I guess. Yeah, true. So anyway, it has been a thing you can do for a while is to add your domain as an alert or to do a domain wide search. You can do a one off domain wide search, but it was always a pain in the backside because there was no concept of an account. So you would say, I would like a set of accounts that could get pwned, probably.

[44:22] That's probably feeding into it to some extent. Also, there's more backend involved in remembering things than just offering a one-off functionality, right? So anyway, what you used to have to do is prove ownership, and then you could do a search, or prove ownership, and then you could set up a notification. But if you got a notification, it would say, there is a new breach on your domain, run a search to see what it is.
Well, that means you have to reprove ownership, which either means you have to receive an email at one of the there's a list of email addresses that are officially reserved, like hostmaster at and stuff like that.
I think Postmaster Hostmaster does a few of them. So if you own a domain, you can theoretically set up that mailbox and that proves you own the domain or you can put a special file on your website or you can put a special DNS record.
And that was such a pain in the backside to have to do that every time you wanted to run a search.
So I'll be honest, I didn't really do them for family stuff because it's so much effort.
But they've now changed things. And it's one of those is the glass half empty or is the glass half full questions.
So on the one hand, you can now create an account.
And you can add multiple domains to the one account. And you can prove your ownership of your domains once.
Once, and then they will be in your account as your domains.
And then from then on, you just push a button and you get the latest updates, and you don't even have to ask for notifications. That is just part of what you get when you have an account, you get notifications.
That's what comes with it.

[45:49] And so you do still have to prove ownership, because otherwise it will be a giant big data breach of its own.
But of course, now you do it once.
And he's also added a fourth mechanism. At least I think he's added it.
I don't remember it being there. you can add a metadata tag to the HTML of your website.
So I guess if you're using a website hosted by.
Someone else, like if you're using like a paid for version of Drupal or WordPress or something, you obviously can't upload a file, but you can go into the settings and say, add a custom header.
And so this way, even those people can prove domain ownership. So that was actually a nice touch.

[46:26] Okay. Now I just use the DNS method because that's by far the easiest to pop in a DNS TXT record. And that's the same as you would have done for iCloud or Google Apps or Office 365.
Yeah, so I'm getting a little bit tangled here. I thought you said you had to have a something like hostmaster at your domain. No, but OK, there's all different ways. Yes, you pick one of four. Oh, good. Yes, exactly. So everyone should be able to fit one of these four. So either you have one of the special email addresses or you put the meta tag at the top of your website, or you upload the text file into your website, or you make the DNS entry. And if you can't do one of those four things, I actually don't think you've owned the domain. I'm pretty sure it's now yours.
Or you're not nerdy enough to run your own domain, one or the other.
Precisely. Precisely. So once you do that...
I'm kind of wondering whether things have slowed down on getting pwned, because obviously my email address is everywhere. I just checked it and there isn't anything since 2019 I think is the latest or 2018. So it's been like five years, four years. There's a 2019 one. Okay.
That seems odd, doesn't it? Spammers know my address for sure.

[47:51] I have a 2023. But anyway, I'm not going to give people out the details, but I have a 2023, just in case I was getting complacent.
I also have too many email addresses because, of course, I've changed my mind too often.
Anyway. I have two. Yeah, I had eight domains to add. I set up eight domains today.
It only took me half an hour to set up two accounts, one for personal, one for my personal business. Four domains in each. Did it all in half an hour.

[48:21] Not bad. Anyway, so backtracking a little bit. So there's all the shiny happy good news.
Easy to set up a control panel, add your domains once, get your notifications, glass very much half full.
This obviously needs to be paid for. So here's where the glass goes half empty again.
It is now a subscription service, but it's set up in such a way that people who are not big users get a free account.
So the way Trey worked it out was that he looked at his statistics and he said that If I draw the line at 10 pwned addresses for a free account, then 60% of users don't have to pay.

[49:02] Oh, people above 10, they're doing something else, right? They're a little bit bigger, right?
That's 10 pwned domains, right? So even if you have a domain for your whole family and there's 20 of you, you still may not have 20 pwned domains or 20 pwned addresses, right?
So when you make 20 entries in his database, or sorry, 10 entries in his database, then you have to start paying.
And it's spread over all of your domains, though. So if you add five domains or whatever, and you have two on each, well, then you're going to make your 10. But it also means that when you buy a paid subscription, you can still fit on the first tier because it's spread over all of your domains.
So then you're paying, I think it's like, the first tier is like $5 a year or something.
It's very, very small. Oh, so it's very reasonable.
Yes, and then there's four tiers. And only when you get to the top tier does it jump.
But the top tier covers 10% of the domains, and it's, frankly, it's corporations.
So it'd be the CNETs and the, you know, your big players. Right, well, not necessarily, you know, I mean, not necessarily CNETs, but it's gonna be people who run, you know, who have a factory or who run an enterprise.
It's someone who's seen it's an enterprise.

[50:06] True, but I mean, it doesn't have to be someone of high profile.
It can just be a corporation, like any corporation. I you know, if you're running a brewery somewhere or a law firm or something, once you get up to, I think it's it's a hundred pound addresses or something, I think is where that that tier kicks in.
But there's four tiers and the bottom one is free. The first one is cheap.
And I think the vast majority of Nestlé castaways will fit quite comfortably in the free tier.
I bet so. I do like seeing that the only advertisement on the site is, generate secure unique passwords for every account. Learn more at
Yeah, there is a relation. I can't remember what the relationship is.
Troy Hunt, is he a paid consultant for 1Password? There's a relationship between Troy Hunt and 1Password.
Okay, so it might not even be a paid ad. Now, what's the benefit of doing this if you've got 1Password, which has connection into, have I been pwned?

[51:02] So you can automatically see it if you're in 1Password. That will show you your stuff, it won't show you family stuff.
So if your domain is shared with family, you're not going to...
So if you're the only person on your domain, you're right, there's no improvement, because 1Password gives you the same information through a different mechanism.
It's all querying off the same database.
But if you look at it in 1Password, it is checking the actual...
The email address in your 1Password entry against the database.
Whereas if you do it at a domain level, it's every email address in the domain level.
So if it's you and a spouse, if you have a bunch of aliases or something set up that flow into the one address, it could be interesting to see, because I've forgotten how many mail aliases I've had over the years. Some of my ponies is not on addresses I use today, but still my addresses and the still passwords I should know about.
So having it on the whole domain is a slightly wider net.
It also tells me that some websites don't do email validation because i have some ponies on addresses that do not never have existed which means that there were hacked websites that were so bad at security that people create accounts without verify email addresses.

[52:11] So i think that happens all the time. I mean right now I'm getting somebody has signed up for hello fresh with my email address and I'm getting I'm they go straight to my junk folder but I'm getting them all the time and it hello fresh is a real company that's not just a show that's being a bad net isn't.
Yeah. Yeah, I'm not sure, well, sometimes I should make sure I'm not throwing them under the bus unnecessarily.
Some of these are where the emails I'm getting are, verify your address, verify your address, verify your address, over and over again, so that is them doing the right thing.
There isn't any way to do what you're talking about if you are using, say, Gmail or whatever the Microsoft has decided to name theirs this week.
What do you mean using Gmail? Do you mean with your own domain?
You can't do, no, I'm saying without your own domain.
So OK, so just someone at or someone at... This is where...
Go ahead. You just do the normal search on the website for enter your email address and then you put in the one address and me, I don't know if it'll offer you to do a notification on that. I've never tried.
Yeah, you might be able to do the notify me.
Yeah, you can just enter your email address and let me know if I've been pwned.

[53:38] OK, so that's a one off. Yes, well, no, get notified when future pwnage occurs, so that's not that's continuing.
Brilliant. Yes. So when I said one off, I meant it's a single address.
Correct. Correct. Not scooping up all of your addresses. Got you. I see what you're saying.
Yeah. Which obviously shouldn't be allowed for every Gmail user to get.
Actually, Jesus, I'd hate to see how many how many times Gmail shows up in the Have I Been Pwned database.
That would be a big, big, big export.
Oh, and you'll like it that when you have been pwned, you can get it as an Excel file.

[54:13] Oh, that's interesting. Yeah, so you can have some fun with that.
I don't agree with this choice of Excel columns and stuff, but, you know, a little bit of transforming and you can explode it out as you wish.
But anyway, yes, so you can get an Excel or JSON format, so there you go.
I don't, I think, we haven't done it in the order I'd popped it in the show notes, but I actually do think we've covered all of that. So as I say, it's sort of a free tip.
It's a free tip for our listeners that you may be interested in setting this up.
And it's just I really like that Troy has set it up. Basically, his his aim was that most people should be free and the first people that should be about the price of a coffee.
That's a good that's a good. And then it goes up. Yeah. So I was really happy.
I really like Troy Hunter. He does great work.
And if he needs to pay his bills to keep his amazingly big service on the air, Like his, I would not like to see the bills for his hosting.
I think it might be substantial. Right, right.
So anyway, details linked in show notes. He did a blog post a few weeks ago announcing the update, the service, and then he did a blog post announcing the tiers.
He announced the pricing separately to the features. so they're both linked in the show notes.

[55:23] Okay. In terms of action alerts then, first up, it has been Patch Tuesday. Microsoft have patched many, many things. Of note are two patches, are two exploits that were not discovered.

[55:36] They're not zero days in the strict sense because they weren't discovered before they were patched, but they are now being exploited. So for all intents and purposes, patchy, patchy, patch, patch remains. Whether they're zero days or not, they're now being exploited. So patchy, patchy patchy patch patch.
I get the next story. As I described this to Bart, this is a bad news, good news story, things working as designed.
There was an app called Night Owl that a lot of people used on their Macs to auto switch light and dark modes at the operating system level.
Apparently it was pretty popular. I didn't actually know about it, but it was purchased recently and the people who purchased it changed the terms of service that says your device will be put into a botnet and you do not have the ability to opt out.
A lovely gentleman named Taylor from Robbins.1 wrote up a good article recently about the problems with this app.
Actually it was in June that was published. I only found out about it this last week, but his post has been updated that Apple has now revoked the developer certificate, so it can't even be launched if you do have it.
So uninstall, we have a link in the show notes to Taylor's site where he explains how to extract it from your computer.

[56:54] As I understand it, this was a utility that used to be really useful because it was hard to change from night to day mode in the very... Automatically.
Yeah. When Apple first released the dark modes, people wanted more control.
And now apparently the core OS can do it all for you, so the fact that it's for you...
Exactly, that's what I was going to say. So even though you now have to get this thing off your system, you're not going to lose your functionality. You might just need to change how you achieve your ends.
But we also might have people using operating systems that have not been upgraded, and they might still have this. But now it can't hurt you, but here's how to uninstall it if you do have it.
Unfortunately, we don't know how to make your functionality come back.
Right, except you have to figure out a way to... But you have to uninstall it, yeah.
Because you definitely don't want to be running malware just to make your screen go dark.
Well, especially if it doesn't even launch anymore.

[57:52] Well, that too, right? Yeah. So yes, indeed. And I believe it was recommended, I think it was Jason Snell or I think it was Jason Snell had recommended it. So quite a few people in the community were using it because it had once been recommended. And I saw him post a tweet saying, I undo my recommendation. De-recommend, whatever the opposite is of recommending.
Oh, you have another bad news, good news story.
I do. So there was a it looked briefly at the start of the week, like I would have to be doing a story here where I told people that if you're using Zoom, especially in a corporate environment, but even in a home environment, you may need to stop because their terms of service is we can use all of your stuff to train our eye.
And that may make you as a human being feel ick.
But in a corporate environment, it may be a lot worse than feeling ick.
It may be illegal or certainly against company policy to give away company data.
And if you work in, say, legal practice or health care.

[58:57] Big problem, potentially, right. So I thought it was going to be a you or government have done it again.
Or government. Right. Yes, it's lots of places. But Zoom have done it again.
They've done that. They have a they have a core competency.
It's do something super stupid and then go, oh, my bad.
Right. Yeah. And they even did the oh my bad bit quite well, because their blog post was posted into the Nasila Castaway's Slack,
And I thought it was very well explained. Now, they've since updated the blog post to remove all of the detail and replace it with a paragraph with bold, shouty text that just says, we don't, excuse me, we don't run on your data. But initially, they actually had a way better description, which they've now...
Well, their initial thing was, we're going to use everything of yours and train our AI, and make money off of it and sell it to people.
I mean, it was like, you didn't need to be a lawyer to understand what it said?

[59:53] It didn't say they would, it said they could. Right. It's your typical thing where we've always had the terms of service being so broad that they could that they can't be wrong. And I think that's sort of the way the attorneys like to work.
Right. How can we make absolutely sure we're not exposing the company to legal liability?
Meanwhile, PR liability. Oh, boy.
So, yeah, they backtracked. They are now very, very explicit and very, very clear, which is very, very important.
And they underline the fact that if you're working in, what do they call it, a, is it a restricted industry or something?
They use a word to basically say if you're in education or health care or something like that, then they definitely, definitely, definitely, definitely, definitely don't do anything like that.
Don't worry. We're good.
So that, that was, thank you, Zoom. But I really did, I genuinely sort of choked on my coffee when I read your comments, you know, but the whole core competency, it's like, yep.
It really is, right? They were, it was like that, remember early in the pandemic, they kept doing stuff.
I forget what it was, but they would do something super stupid.
And then 10 minutes later, you'd get a thing going, never mind.

[1:01:03] Wasn't it end to end encryption would only be available? Oh, if you were only if you paid for it. Right, right.
Yeah. And then there was something about routing stuff through China and you could opt out of it being routed through China and then only not free people. There was a couple of them.
You're right. I did it a couple of times and I was like, undo, undo, which they did. And it was all good.
Yeah, I thought they'd learn their lesson, though. Anyway, I'm speaking of people who need to be careful in a regulated environment.
If you work at a publicly traded company, you have to abide by the rules from the federal thing on FEC, which is sorry.
I forgot which three letter acronym it was that they got in trouble with.
Federal Exchange Commission FEC.
There are literally rules on what a publicly traded company can do, because insider trading and stuff like that is very very illegal.
And so if you're a major executive at these companies you can't do some stuff in secret, it has to be able to be found under discovery.
So a bunch of US banks were fined $549 million because their senior executives were using end-to-end encryption that did not have the appropriate configuration in place to capture the legally required paper trail.

[1:02:19] So one way to interpret this story is it's illegal to use end-to-end encryption, but that's actually missing an important nuance.
So I thought it might be interesting for listeners just to say that it's not a case that if you're a publicly traded company you can't be secure, it's illegal to be secure, which is how I've heard one or two people interpret this news story.
It's like, no, you've missed a point slightly.
You have to be secure in a legal way. way. So the end in end-to-end encryption needs to include the legally required retention.
So the service you're using never sees your data. No one who's not within either end ever sees your data, so it's still end-to-end encrypted. But there is a record of the data kept with your end.
Of the data. So if I type hello Bart, and it's end-to-end encrypted, people at my end, people at your end can't read it. What is the data that...
No, no, they can. People at your end can. You said the opposite then. You said the opposite.
No, no. So end-to-end encryption means that it's only the people on the ends who can read the data. The service provider in the middle can't, and now they can have an eavesdropper in between.

[1:03:30] That makes more sense. Okay. So, and you just have to make sure the data retention requirements, are met. Are implemented on the ends.
Yeah. Now, in my experience in corporate America, in a government contractor, we actually went the other way. It was like, okay, make sure that stuff gets deleted up to what the legal requirement is.
Oh, that's the other side of this, right? Because data retention, when you're managing your data as a corporation, you do two things. You cover your legal liabilities by retaining exactly as long as you need and then you avoid.
Yes, exactly, exactly, exactly. The deletion is every bit as important, because if you have it, you have to produce it in discovery. And you're making a rud to beat your own back in terms of just searching. Oh, you've been keeping backups indefinitely. Great. You now have to search them for the word boobity boop, going back to 1972. Have fun!
But the problem was that meant our email backups, or our email was kept back 30 days, Bart.
Have you ever needed to retrieve an email more than 30 days old in your work hat? Hell yes!
Yeah, so what it was... So instead everybody was running around trying to figure out ways to export all that email to keep it locally. Which is harder to search for discovery.
That's a whoopsie.

[1:04:56] That's like making you change your password so often. You have post-it notes everywhere.
Yeah, yeah. It was not smart. I don't know if they've changed it, but I don't care anymore.
Well, it's not your problem. Exactly. Yes. But just to say to people that this is not an unknown thing.
So if you as a corporation go to Slack or to Microsoft or to Google and say, hi, I'd like to buy your corporate product, there will literally be a button that says configure your data retention and every one of them I have seen, they have presets for the major government regulations.
So you're literally just going to go, ah, I'm a US government contractor, tick the box, and they will just set all the settings to the appropriate way.
And then you carry on with your life. But it's really important that when you're working for an employer, You do your work through your work identity.
Because your work will have set everything up. If you use your personal account to do work stuff, you may be getting your corporation and or yourself in big trouble.
So I figured it was an interesting sort of example to point out that this is why you have to use your work email to do work and why you have to use your work. Even if you don't like the choice, like you may love Slack and work on Google or something tough, use the work stuff for work.
You have to. And this is why it can cost hundreds of millions of dollars.

[1:06:21] Now, another timely reminder. So Accenture are a fairly major contracting company, and from time to time they release various reports. And one of the reports is a cyber threat activity report. And one of the things they do is they analyze the dark web to see who's advertising what on the dark web, because that's where a lot of cybercrime is advertised.
And so they group these people selling stuff on the dark web, they call them dark web actors because they could be single people or they could be giant big cybercrime operations.
But you know, every brand, for want of a different term, is a different actor.
And so one of the things they do is they count up the amount of actors selling different types of services.
So in 2019, there were 202 brands of cybercriminal selling malware targeting the Mac.

[1:07:11] Today, there are 2,295. That is literally an order of magnitude in three years.
So that's a number completely out of context. What was the number of dark web actors targeting everything versus now versus 2019? Did that go up by a factor of 20? Did that go up by a factor of one? Did that cut in half?
At this point, I don't pay Accenture for access to these kind of reports.
So I'm still relying on about Microsoft. How much what was the the change in that?
That's really a metric that doesn't mean very much, I don't think, without any context around it. I only put it in because I think it's important for us to remember that this whole notion of, oh, yeah, you don't need to worry about security. You're on a Mac.
Just just a reminder that if I mean, it is a metric. It is the same metric used three years in a row.
So it is not meaningless, but you're right, we don't have all the context here.
I did sort of want to show you just to...
I followed the link that you put in the show notes to... That was from Apple Insider, but that linked to Accenture, and there was a 1000% increase in dark web threat actors targeting macOS, is what it says.
This number you've got here is only a factor of 10.

[1:08:29] I guess the timescale... But, uh, yeah, but it also doesn't tell me any more.

[1:08:37] You're getting a summary there. Yeah, but this is just Mac OS, so it doesn't tell you anything about any of the other things.
I hate metrics that are given without context. That's frustrating.
I'm afraid this one has an even worse thing, Allison, that I hate even more.
This is a metric given in the context of we want your money so you can see the detail.
Because Accenture are not doing this for the good of their health, right?
Of their health, right? Accenture are releasing press releases because they want people to buy Accenture's products.

[1:09:07] Yeah, the article is pretty lengthy, but it doesn't have any data on anybody else's dark web. And that's weird that it's a thousand percent when it's a factor of ten.
Well what did they say in a thousand percent? What's the actual wording they say?
The title is, one thousand percent increase in dark web threat actors targeting macOS.
For what timescale?
2019 to 2023 goes from 200 to 2,295, but if there's an older number that could get to a factor of 1,000.
No, the graph in there is 2019 to 2,295. So yeah. I'm not good at math and you're not good at math, but I'm pretty sure that's not 1,000%. Well, we're both good at math.
I'm not good at arithmetic, but.
Rob, not good at either. Yeah. So, okay. Well, people are attacking the Mac more.
One interesting statistic in here is something I've been looking for for a long time in the Apple Insider article is it says that the percentage of people using macOS in business went.

[1:10:13] Oh, I lost it, 17% to 23% in enterprise. And I've always been looking for what are those enterprise numbers for the Mac, because usually when you do, what is the overall usage of Macs versus PCs, it always includes enterprise, which swamps the numbers.
So no matter how many more Mac users there are, it never moves the needle, but that is a needle move.
Yeah, that is actually, geez, that's quite a difference from a decade ago.
Yeah, well, this is from 2019 to 2020.
So one year, it went from 17 to 23 percent.
Yeah, I'm sorry, I was just sort of thinking back to the days when the Windows was in the 90s, right?

[1:10:55] Yeah, so it must not be. Yeah. So anyway, that's interesting.
Yeah, now, I have an interesting insight to recommend with the caveat of, I don't know know if everyone wants to read this because it's not a pleasant topic, but it is nonetheless we it exists.
It's on the Internet. It's evil.

[1:11:15] It's unmasked it on to. There was a report by Stanford and CSAM unmasked it on that was misrepresented in a lot of newspaper headlines with, well, frankly, clickbait.
I didn't cover it because I didn't think it was fair coverage, but I didn't do a particularly good job of I didn't really want to do a good job of explaining why I thought it wasn't accurate, but someone else did. So I'm just going to link to someone else doing the work for me. So if you want another perspective on the Stanford study on CSAM on Mastodon, link in show notes to John Gruber's analysis. I do not disagree with John's analysis, and I think it's fair. And a lot of coverage has it.
So you didn't actually say what the story was? Was that there was...
There is CSAM on Mastodon, there is. And they're sort of saying that because it's not a central platform, they need to do something centrally to manage CSAM on the whole of Mastodon, which I think is missing the point completely.
That's like saying there is CSAM on the internet, therefore we need a central system for every website everywhere.
No, the valid criticism is that there should be better tools for the moderators, so that if you are running your own Mastodon instance, you have more tools to make it easier for you to do the right thing.

[1:12:29] And that to me seems like a takeaway. So it's not an argument for centralization as much as the tools. I see what you're saying, yeah.

[1:12:35] Yeah. Okay. Yeah, because it's hard enough to run anything on the internet.
So any tooling that can be put into that open source product to make it easier, I say go for it.
And there is certainly APIs and stuff that could be called to bring the scanning for the known hashes into an easy to use interface.
And the other thing that the study actually pointed out that a lot of the media didn't is that one of those tools that's missing is the ability to choose to have, anything discovered that needs to be looked up by an admin automatically blurred.

[1:13:04] So the admin can see enough to know it's real, but does not be exposed to it.
Yeah. Yeah. Because that's pretty traumatic stuff out there on the Internet.
So anyway, I thought John's analysis was fair And a lot of stuff was just click, beat, shout, shout, shout.
And I don't like that.
Good, good. I'm going to back us up just a little bit. The statistic about macOS devices in the enterprise at 23% from 70% in 2019 was from IDC and it's U.S. enterprise.

[1:13:35] Okay, that's still an interesting context though. Yeah, but if I said it's got to be in context, I got to hold myself to that.
That's fair, that's fair. Yeah, that is an interesting number though.
Apple would be happy with that number. Yeah.
Okay, some palette cleansing after that. I have lots of media to recommend. No reading.
None of this palette cleansing is reading. You can use your other senses though.
So the first one is actually two different ways of getting the same story. So I was just too young.
I just missed General Magic and the amazing product that almost was.
General Magic. No idea what that is. Oh, OK. Interesting. So General Magic was a spin off out of Apple, in the John Sculley days that tried to make the iPhone about a decade before the iPhone.
And it's where, as someone you may have heard of, what's his name, father of the iPod.
His name was just falling out of my head because I was about to say it out loud, and that's how it always goes.
You mean Johnny Ive? No. No. And I know the engineer, bald head, really, really nice guy.

[1:14:44] Blanking on it, too. OK, keep going. You can yell it out in a few minutes when it comes to you.
Anyway, the point being, when you see the people who are in this company and how close they came.
Hey, Bart, hold on just a second.
Your audio just dropped like it did the other a couple of weeks ago.
We've been trying to chase down an interesting problem where Bart's audio just suddenly drops.
Did you just change him? Yep, it's back. You have a bad audio cable.
I wiggled the cable. I'm going to order myself a new XLR cable.
I think so, yeah. Okay, so I'll back you up now. So you were starting to say, I'm glad we caught it this time.
The last time I didn't say anything, and it turned out it caused a lot of noise to bring his audio levels back up. So if you hear me say that again, that's what we're doing.
Yeah, so General Magic, basically, they almost invented the iPhone before the iPhone.
They had all of the ideas they were and they had a lot of the technology.
What they didn't have was the network and the partners to make it so.
And it's a fascinating story. And they in the movie version, they have like a picture of a team meeting, and then they start labeling the people.

[1:15:53] And every major company you've ever heard of has their origins in general magic.
It's like the place where everyone failed first and then went on to do amazing things.
Like, Apple's main AI guy now is John G. Andrea, who was in Google for a while. He started off in General Magic.
Oh, wow. And the guy who founded eBay as an evening project while working at General Magic. It's.

[1:16:24] Just full of these amazing people, and the story is fascinating.
Was it Tony Fidel you were thinking of? Yes, yes, yes, yes, yes, yes.
Tony Fidel. Yes, it was.
He's one of the big stars of the telling, both in the movie.
So, yes, there is a movie called General Magic, the movie, which I rented on Apple TV.
But if you're in the States, it's on some of the streaming services.
So you may not have to pay for it.
I paid for it. I really enjoyed it and I highly recommend it.
They got interviews with some of the big people, including John Scully, who was quite candid, and he's actually been I quite like John Scully's candor in recent years, despite the fact that he's not necessarily beloved by much of the Apple community. But the other thing is, there's a mini series on a podcast called Business Movers. So they do like four or five episodes on a topic and then they move on to another topic. And they did a mini series called The Disappearance of General Magic. And it tells a story extremely well. Both of them tell the story really well. And I actually enjoyed the podcast. The podcast then interviewed the director of the movie. And then I watched the movie and I enjoyed both of, them, even though I'd already listened to one.
Oh, interesting. Now, I think there's a trend right now to documentary dramatizations about nerd stuff.

[1:17:39] Like, the Blackberry movie is fantastic. It is a really, really good movie.
I loved it. The Tetris movie was fantastic. I really, really loved it. Learned so much.
Things like, it sounded really stupid to watch a movie about the origins of Tetris, but it's got like Russians and intrigue and dirty dealings, and that one was fascinating.
And I think I enjoyed the BlackBerry one just because of the ending, and I don't want to spoil it, but it was, it explained.

[1:18:09] Why I really disliked a specific blackberry model. It really made me happy that it the way it ended It was it was perfect. I'll tell you after we're done, but I don't spoil it for anybody else Well, don't spoil it because I may well listen to it. I may not listen to it. I may well watch the movie So don't spoil it for me either. They're both. They're both fantastic. But now I want to watch this one I just looked it up. You can watch it for free on Plex, Interestingly enough or canopy if that's in the US And it's on Apple TV and it's on Amazon for four bucks, three bucks.
Oh, three bucks on Amazon, four bucks in 4K on Apple TV.
I don't know how many K I watched it in, but I did watch it on Apple TV because it was easier.
I hit the button and went and rent. Years since I'd rented a movie.
There we go. Oh, every Friday night we rent a movie.

[1:18:57] Yeah, that's what I was saying. My Apple TV had to ask me for my password.
It's like, oh, this is your first time making a purchase.
Oh wow, OK, you have been a consumption device anyway. And then I have another podcast recommendation.
I don't know if you remember the news story about a guy who copyrighted every possible melody to stop people suing.

[1:19:22] Go ahead. Yeah, so like the Ed Sheeran case was a famous case recently that ended up going out of court because basically there's only so many melodies possible.
What makes a song isn't the melody, it's everything you do around the melody.
And it was considered ridiculous that you could take someone to court because they happened to have stumbled on the same combination of a few notes.
So this guy basically generated them all, put them in a piece of really boring music, published it, and then copyrighted it.
So he now has the copyright on all possible melodies. So he can sue everybody?
No, he then made it public domain.
Oh. So no one. That's awesome. So no one can sue anybody ever again?
Yeah. He's the interviewee.
He's a lawyer, big into open source. He's called Damien Riehl.
And that was cool. I was like, oh, that's really cool. That's really fun.
And then they went on to talk about AI and about the legalities and the things we should think about and not think about with training AI.
Yeah, CodePilot is, or CoPilot, CoPilot? The GitHub one from Microsoft. Yeah, CoPilot.
CoPilot. Yeah, typo to fix me there in the show notes. I call it CodePilot, which isn't a bad name. It's just not the name they've used. No, it would have been a better name.
They discussed CoPilot sucking up all of GitHub, which got a lot of controversy and stuff.
And I'll cut to the chase and say, I've changed my mind on all of this stuff. He makes a distinction.

[1:20:46] That my head went, oh!
And I, yeah, he's very good at being a lawyer. Like, he explains the concepts really well, and I was amazed, like, I thought it would be fun.
Hey, he's the guy who copyrighted all the music. But it's actually serious and good, too.
So, I enjoyed the episode twice. Now, what keeps him from getting sued by people who generated the melodies originally.

[1:21:13] Well, he's not selling them, so I'm not sure there's much they could get out of it.
And I think the arguments he made in court were that these are not copyrightable because they are not.
There are only a small, finite amount of them. And that's actually the argument.
So it's like someone patented the wheel in Australia to prove that the patent system in Australia was broken.
And so it's that sort of an idea. Right. So I'm going to copyright all of this to prove how silly this is.
So what actually won in the Ed Sheeran case was the argument, as opposed to the act of copywriting the dumb piece of music with every possible melody.
So it was the argument that actually won the case.
Oh, interesting. Okay. This reminds me of, and now I'm blanking on the name of the song.
There's a guy who does this hilarious video where he's playing a song.
Oh, Pachelbel. Pachelbel's Rant is what the name of the video is.
And it's basically this guy saying that every song is Pachelbel's Rant.
Or Pachelbel's... Canon.
Canon, that's what it is. And it is absolutely hilarious, because it's in every song.
It's everywhere you can go.
I may find a... I know I've talked about that one before. Oh, please link that in the show notes, because that is such a good palate cleanser. That is like the ultimate palate cleanser to round this one off.
If you can find that and pop it in, I love it. Oh, found it right away.
I love watching it too.

[1:22:35] Yeah, because he gets crankier and crankier, but it's everywhere and he's playing a piece of music and then it transitions seamlessly into Pachelbel's Canon again and again and again.
And it's actually from, it starts with classical music, but then it ends up in all these other songs in pop culture. It's very, very funny.
Centuries of Pachelbel's Canon.

[1:22:59] Well, is that it for us this week, Bert? Well, yeah, I think I've done pretty well at stretching out a week's worth of very little news into a fun conversation. But yes, that is all I was able to do.
I think so, too. This is great. And people will be hearing this, like I said, on August 16th. And hopefully nothing fell apart in the world between the 13th and the 16th.
And I know we have planned it out and I know it's in our diaries and I know it'll happen on time, but it's going to be an amount of time until we do this again.
An amount of time, yes. All right, thanks, Bart.
Okay, remember, folks, stay patched so you stay secure.
Well, that is going to wind us up for this week. Did you know you can email me at allison at anytime you like?
If you have a question or suggestion, just send it on over.
You can follow me on Mastodon at podfeet at I'm very active over there and it's really fun.
You should come join me.
Remember, everything good starts with If you want to join in the fun of the conversation, you can join our Slack community at slash slack, where you can talk to me and all of the other lovely nocilla castaways, and you would be notified there if I did have a live show when I said there wasn't going to be one.
You can support the show at slash Patreon, where you also would have been notified that we had a live show, or with a one-time donation at slash PayPal.
And if you want to join in the fun of the live show, head on over to slash live on Sunday nights at 5 p.m. Pacific Time and join the friendly and enthusiastic Nocilla.

[1:24:23] Music.

[1:24:37] Castaways. Thanks for listening and stay subscribed. During the live show, alert listener Sandy pointed out to me that Columbus did not land, at Plymouth Rock.