tag:dcurt.is,2014:/feedDustin Curtis2021-05-04T12:05:48-07:00Dustin Curtishttps://dcurt.ishi@dustincurtis.comSvbtle.comtag:dcurt.is,2014:Post/contribution-and-abundance2021-05-04T12:05:48-07:002021-05-04T12:05:48-07:00Contribution and abundance<p>Ben Horowitz gave this remarkable response to a question about joy and happiness on <a href="https://sotonye.substack.com/p/the-architecture-of-tomorrow-an-interview">Time Well Spent</a>: </p>
<blockquote>
<p>In my experience there are really two things that lead to happiness and everything else is mostly noise. The two things are contribution and abundance. </p>
<p>Contribution is basically exactly as it sounds. If you can align your life with where you have the talent to make a large, meaningful, and real contribution to the world, your circle, or your family, then you can be very happy. As an aside, doing so often leads to making money because when you create great value like Elon Musk, you get a lot in return. Now, that doesn’t mean you have to be a business person to be happy, because happiness comes from the knowledge and impact of the contribution rather than the reward. However, this doesn’t quite work by itself, which brings me to the second point: abundance. </p>
<p>An easy way to think of abundance is that it’s the anti-hater/anti-jealous mindset. If you believe there is plenty in the world for everyone and you are always happy to see people who contribute succeed, then you become part of “team contribution.” You don’t worry that someone is getting ahead of you at work or that someone made a lot of money or that someone is better looking than you, because you believe in abundance over scarcity and you can focus on maximizing your contribution. In fact, their joy can become your joy (then you have an abundance of joy :-)). The good news is that abundance is actually true. There is plenty in the world for everyone and once you see that, there are so many ways to contribute. I visited a Syrian refugee camp in Jordan a few years ago. On the way to the camp, there were a few refugee families not even in the camp but in some tents on the way. The area was completely barren. No plants, no trees, no grass… just rocks. So here’s this extended family of about 20 living in this tent on rocks, because their farm was destroyed by the war and they had to flee to Jordan. They were all living in this tiny tent. If anyone should have had a scarcity mindset, it was them. But I experienced the opposite. They immediately offered me a cup of coffee and some rice pudding (as if they had enough to share) and told me the whole story of their journey. What struck me the most was that they were genuinely happy despite what they went through. They were less incensed by getting bombed out of their homes than people in the U.S. are if you accidentally interrupt them. I’ve seen this kind of happiness through abundance in many countries: Cambodia, Haiti, Uganda… Those refugees were happier than some billionaires I know. That’s not to say that money doesn’t help… it does, but without an abundance mindset, it’s not enough. </p>
<p>If, on the other hand, you have a scarcity mindset, it’s really hard to be happy no matter what you get or how rich you are or how good looking you are, because there’s always somebody richer or better looking or whatever. You become part of team “hate.” This is why you see so many deeply unhappy political activists. In theory, they should be making a massive contribution, but often they are just expressing hate for the other side. Hitler and Lenin are famous cases, but there are many, many more, because there’s a fine line between advocating for one group and hating the other group. If you’re doing the former like Martin Luther King Jr., you have an abundant view and will find joy in the work, but if you are doing the latter, you have a scarcity view. People with scarcity mindsets are always unhappy in my experience. Scarcity is not just in politics. You see it in business all the time. You see somebody stealing credit for someone else’s work or being deeply jealous about someone else’s promotion — these people are almost never happy. You even see it in the music industry or in sports. The quest to be the best turns into you not wanting anyone else to be the best. In these cases, even if you reach the pinnacle, there is no joy. </p>
<p><cite>Ben Horowitz</cite></p>
</blockquote>
<p>The interview is worth reading in its entirety: <a href="https://sotonye.substack.com/p/the-architecture-of-tomorrow-an-interview">The Architecture of Tomorrow</a>.</p>
tag:dcurt.is,2014:Post/apple-card-can-disable-your-icloud-account2021-03-01T12:38:07-08:002021-03-01T12:38:07-08:00Apple Card disabled my iCloud, App Store, and Apple ID accounts<p>About ten days ago, when I went to update a few apps in the App Store on my Mac, I was met with a curious error.</p>
<p><a href="https://svbtleusercontent.com/qest5zgsbPZ36zkUp7CHo40xspap.png"><img src="https://svbtleusercontent.com/qest5zgsbPZ36zkUp7CHo40xspap_small.png" alt="mac_app_store.png"></a></p>
<p>The internet is filled with stories from people whose Google accounts were locked for unexplained reasons, causing them to lose all of their data, including years of email, so I was somewhat concerned. But I’d never heard of similar cases involving Apple’s services, and I wouldn’t expect such behavior from a customer-focused company like Apple, so I figured it was a glitch and made a mental note to try again later.</p>
<p>The next day, Music.app stopped working.</p>
<p><a href="https://svbtleusercontent.com/oyQJaCT4RtgroGwU2afbHb0xspap.png"><img src="https://svbtleusercontent.com/oyQJaCT4RtgroGwU2afbHb0xspap_small.png" alt="mac_music_app.png"></a></p>
<p>Now I was genuinely worried. I checked my phone and neither the App Store nor Apple Music would work there, either. A few minutes later, Calendar popped up an error – it had stopped syncing. I immediately tried to call Apple Support from my Mac, but Apple’s Handoff feature had been disabled as well. </p>
<p>The first person I spoke to at Apple spent a while researching the issue and then told me there was nothing she could do but escalate the issue, and that I should expect a call <em>“hopefully”</em> within the next day. I asked what the problem might be, and she seemed as confused as I was. Although some Apple services were still working, like iMessage (thank God) and Photos, I was terrified that more services would suddenly become inaccessible or that I would lose the considerable amount of data I have stored in iCloud.</p>
<p>A couple of days later, I became impatient and contacted Apple Support again. This time, the representative mumbled something about Apple Card before saying that he also had no power to help me. Apple ID was a different department, he said, and they could only be contacted by email. He emailed them. I continued to wait.</p>
<p>The next time I tried to use my Apple Card, it was declined. Strange. I checked the Wallet app, and the balance was below the limit. I remembered the Apple support representative mumbling about Apple Card, so I did some digging through my email to see if I could find a connection.</p>
<hr>
<p>As it turns out, my bank account number changed in January, causing Apple Card autopay to fail. Then the Apple Store made a charge on the card. Less than fifteen days after that, my App Store, iCloud, Apple Music, and Apple ID accounts had all been disabled by Apple Card. </p>
<hr>
<h3 id="so-what-happened_3">So what happened? <a class="head_anchor" href="#so-what-happened_3">#</a>
</h3>
<p>In mid-January, I bought an M1 MacBook Pro. The checkout flow offered a trade-in credit for an old MacBook Pro I had laying around. The Apple Store said I would receive a “trade-in kit” by mail and then have two weeks to send the old MacBook to Apple. Sounds easy, and definitely a very Apple-like experience. </p>
<p>But the trade-in kit never arrived. I had forgotten about it. When I received an email in mid-February asking about the trade-in, I responded (as it had invited me to do) explaining that I never received the kit and asked for another one. I didn’t get a response.</p>
<p>Very soon after, it seems that Apple simply added the amount of the credit I received when I purchased the M1 MacBook Pro to my Apple Card balance. Normally, this wouldn’t be a problem. Imagine if I had used any other credit card – it would have just been an ordinary charge. But because it was the Apple Store and Apple Card, apparently, things escalated very quickly.</p>
<p>On February 15th, Apple sent me this email:</p>
<blockquote>
<p><strong>Action Required: Apple Card</strong></p>
<p>From: Apple <a href="mailto:payment@apple.com">payment@apple.com</a><br>
Reply-to: <a href="mailto:preceivables@apple.com">preceivables@apple.com</a></p>
<p>We’ve been unable to collect full payment for your new iPhone. As a result, we will block the device on the order from further access to the Apple iTunes and Mac App stores, and disable all accounts associated with the device purchased on the order.</p>
<p>To resolve this issue, please call 1-877-255-5923 to speak with an Apple Card Specialist at Goldman Sachs. Once the issue has been resolved, reply to this email so we can charge your card for the difference in value.</p>
<p>For your protection, do not submit credit card information via email.</p>
</blockquote>
<p>It appears as though charges from Apple are special, and if your account is not 100% current, Apple will quickly take drastic action. Unfortunately, this email got lost in my inbox and I didn’t see it until I went looking. But it is extremely concerning for several reasons.</p>
<ul>
<li>Apple says it will hold my Apple accounts hostage in order to collect a payment.</li>
<li>It says it is related to an iPhone when it was actually regarding a MacBook Pro. And iTunes no longer exists. The lack of attention to detail is not great given the seriousness of the threat that follows.</li>
<li>It was sent when Apple Card was only a few days past due.</li>
<li>It suggests that charges by Apple on Apple Card are different from other purchases, and this can have serious consequences. (Also: the Apple Card agreement does not mention this technicality.)</li>
</ul>
<p>After fixing the Apple Card issue, I replied to the email as it says, and received this in response: </p>
<p><a href="https://svbtleusercontent.com/7SNnHHaXX7jK7ewzeX4WLC0xspap.png"><img src="https://svbtleusercontent.com/7SNnHHaXX7jK7ewzeX4WLC0xspap_small.png" alt="bounce.png"></a></p>
<p>Great. </p>
<p>By this point, Apple Support had been unable to help me – or to even identify the issue. My App Store, Apple Music, iCloud, and Apple ID accounts were disabled. Replying to the email as instructed resulted in a bounce. </p>
<p>So I used Apple Business Chat to talk with Goldman Sachs. The representative there seemed confused, asked me to wait for quite a while, and then said the only way to reactivate my Apple ID was for him to email a department at Apple and wait for a call back within “a few days”. </p>
<p>Earlier today, I received a call from someone at Apple who explained that I had found the right department – finally! – but that the Apple account re-activation team can only be contacted by email and the process takes <em>at least 3-5 business days</em>. He emailed them.</p>
<p>And now I am once again waiting. </p>
<hr>
<p><strong>Update:</strong> My accounts have been reactivated. </p>
tag:dcurt.is,2014:Post/bill-gates-is-angry2020-08-08T01:35:42-07:002020-08-08T01:35:42-07:00Bill Gates is Angry<p>Steven Levy <a href="https://www.wired.com/story/bill-gates-on-covid-most-us-tests-are-completely-garbage/">interviewed Bill Gates for Wired</a>, and it is quite an illuminating conversation. In past public appearances, Gates – like most experts – has attempted to walk the line between antagonizing the Trump administration and promulgating real science. But now he appears to be finished with that nonsense. He almost sounds angry.</p>
<p>On the CDC, which has been conspicuously absent during this pandemic:</p>
<blockquote>
<p>You would expect the CDC to be the most visible, not the White House or even Anthony Fauci. But they haven’t been the face of the epidemic. They are trained to communicate and not try to panic people but get people to take things seriously. They have basically been muzzled since the beginning. We called the CDC, but they told us we had to talk to the White House a bunch of times. Now they say, “Look, we’re doing a great job on testing, we don’t want to talk to you.” Even the simplest things, which would greatly improve this system, they feel would be admitting there is some imperfection and so they are not interested.</p>
</blockquote>
<p>When asked more directly about politics, he makes his opinion of Trump pretty clear: </p>
<blockquote>
<p>Whoever gets elected in the US, we are going to want to work with them. We do care a lot about competence, and hopefully voters will take into account how this administration has done at picking competent people and should that weigh into their vote.</p>
</blockquote>
<hr>
<p>The most frustrating thing about the way this pandemic has unfolded in the United States hasn’t been the rapidly rising raw case numbers or even the death count, because those numbers are trailing indicators of response effectiveness. The tragedy of this pandemic is that the scientists who know what they are talking about – including teams of doctors who have been muzzled at the CDC, epidemiologists in academia, and public figures like Dr. Deborah Birx and Dr. Anthony Fauci – have been self-censoring to ensure they maintain good favor and access within the Trump administration. It is absurd and painful to watch such intelligent people avoid direct questions about epidemiological facts simply because they are inconvenient for the federal government and Donald Trump. It is a disservice to the people of this country and of the world to mutate facts in order to serve an agenda they don’t even believe in. </p>
<p>So it is nice to see Bill Gates finally giving up on placating Trump, and directly placing blame where it belongs, while exposing his anger at the failures of the federal government. I hope he continues, and that others join him. </p>
<p>In the long run, in the fight between public health science and politics, science will always win. There is no moral justification for an expert to give up on or distort science just to <em>be in the room</em> with the President – this government has shown that being in the room doesn’t really account for much at all. </p>
tag:dcurt.is,2014:Post/ipad-20202020-01-28T09:33:08-08:002020-01-28T09:33:08-08:00iPad in 2020<p>A couple of months ago, I switched entirely to an iPad Pro for about two weeks. I did not use my MacBook Pro at all, and forced myself to do everything on the iPad. After that experience, I planned to write some kind of review, but it turned out that my conclusions were pretty simple: </p>
<p><em>iPad Pro running iOS 13 can technically do almost everything a MacBook Pro can, but it is incredibly frustrating to use. Accomplishing anything other than trivial tasks takes 2-5x longer with 10x more cognitive overhead than on a Mac. iPadOS is simply an annoying operating system to use.</em></p>
<p>The iPad is amazing for content consumption and certain types of gaming, but no matter how much Apple pundits might try to say the iPad is a device well-suited for “creation,” it just isn’t – unless you are an artist using Apple Pencil.</p>
<p>And so, as the iPad turns ten years old this week, I agree with John Gruber’s assessment. In <a href="https://daringfireball.net/2020/01/the_ipad_awkwardly_turns_10">The iPad Awkwardly Turns 10</a>, he writes:</p>
<blockquote>
<p>[…] I don’t think the iPad has come close to living up to its potential. By the time the Mac turned 10, it had redefined multiple industries. In 1984 almost no graphic designers or illustrators were using computers for work. By 1994 almost all graphic designers and illustrators were using computers for work. The Mac was a revolution. The iPhone was a revolution. The iPad has been a spectacular success, and to tens of millions it is a beloved part of their daily lives, but it has, to date, fallen short of revolutionary.</p>
<p>[…] Software is where the iPad has gotten lost. iPadOS’s “multitasking” model is far more capable than the iPhone’s, yes, but somehow Apple has painted it into a corner in which it is far less consistent and coherent than the Mac’s, while also being far less capable. iPad multitasking: more complex, less powerful. That’s quite a combination.</p>
</blockquote>
<p>Complex, but less powerful. The result is something workable but annoying to use. I hope that separating iPadOS from iOS indicates that Apple is going to devote more resources toward making iPad a more powerful, usable computing platform.</p>
tag:dcurt.is,2014:Post/steve-jobs-rolling-in-his-grave2019-11-25T19:57:10-08:002019-11-25T19:57:10-08:00The 16-inch MacBook Pro: A Faster Horse<p>From Apple’s <a href="https://www.apple.com/newsroom/2019/11/apple-introduces-16-inch-macbook-pro-the-worlds-best-pro-notebook/">announcement</a> of the 16-Inch MacBook Pro a couple of weeks ago: </p>
<blockquote>
<p>“Our pro customers tell us they want their next MacBook Pro to have a larger display, blazing-fast performance, the biggest battery possible, the best notebook keyboard ever, awesome speakers and massive amounts of storage, and the 16-inch MacBook Pro delivers all of that and more,” said Tom Boger, Apple’s senior director of Mac and iPad Product Marketing. </p>
</blockquote>
<p>It’s almost unthinkable, but it appears that Apple compiled a laundry list of customer complaints about the 15-Inch MacBook Pro and then simply addressed them, matter-of-factly. Bigger screen? Sure. Unreliable keyboard? Reverted. Not enough RAM? Fixed. There is no story behind the 16-Inch MacBook Pro. It has no soul. It is just a larger, heavier 15-Inch MacBook Pro that lazily fixes some serious flaws that have been left extremely conspicuously unaddressed since 2016. </p>
<p>But the new speakers are incredible.</p>
tag:dcurt.is,2014:Post/apple-tv-all-the-way-down2019-11-01T22:39:26-07:002019-11-01T22:39:26-07:00Apple TV, Apple TV, Apple TV, and Apple TV+<p>Apple TV is a hardware device. </p>
<p>Apple TV is an app on Apple TV that curates content you can buy from Apple and also content you can stream through other installed apps (but not all apps, and there is no way to tell which ones).</p>
<p>Apple TV is an app on iOS/iPadOS devices that operates similarly to Apple TV on Apple TV. Apple TV on iOS/iPadOS syncs playback and watch history with Apple TV on Apple TV, but only if the iOS/iPadOS device has the same apps installed as the Apple TV – and not all apps are available on all platforms. Apple TV is also an app on macOS, but it does not show content that can only be streamed from external apps on an Apple TV or iOS/iPadOS device.</p>
<p>Apple TV is an app or built-in feature of other devices, like smart TVs and streaming set-top boxes, but when Apple TV is running on a third party device, it does not show content from other installed apps on that device. </p>
<p>Apple TV Channels is a feature on all Apple TV apps that lets you subscribe to external services like HBO and Showtime, which then display content within Apple TV. When Apple TV is on Apple TV or iOS/iPadOS, though, most Apple TV Channel services <em>also</em> have their own app. If you are logged into the app, the service’s content already shows up in Apple TV.</p>
<p>Apple TV Channels can only be viewed within Apple TV; you cannot watch an Apple TV Channel service’s content on any non-Apple TV device, app, or the web. However, if you subscribe to the same service within that service’s app or through a cable TV provider, you can watch that service’s content on other devices and apps and, if you use the service’s app on Apple TV or iOS/iPadOS, its content will show up in Apple TV as though you were subscribed to the service’s Apple TV Channel (but it will play the content in the app, not within Apple TV).</p>
<p>Apple TV+ is a subscription streaming service from Apple that functions like an Apple TV Channel but is not an Apple TV Channel.</p>
<p>Apple TV+ content can also be viewed in a web browser at tv.apple.com; no other Apple TV apps, devices, or features can be used in a web browser. </p>
<p>Apple TV content that supports special features like 4K HDR, Dolby Vision, or Dolby Atmos can be watched with those features only through Apple TV on Apple TV or Apple TV on certain unspecified Samsung TVs. It is not clear if Apple TV streams HDR content to iOS devices, but it might. There is no way to tell which device supports which set of features or which level of streaming quality – and no way to know which features are active when playing content. </p>
<hr>
<p>Other than that, though, Apple TV is relatively straightforward. </p>
<hr>
tag:dcurt.is,2014:Post/build-new-worlds2019-10-14T21:16:39-07:002019-10-14T21:16:39-07:00Building new worlds<p>Earlier this summer, the New York Times published an opinion piece titled <a href="https://www.nytimes.com/2019/06/11/opinion/fully-automated-luxury-communism.html">The World Is a Mess. We Need Fully Automated Luxury Communism</a>, by Aaron Bastani:</p>
<blockquote>
<p>To say the present era is one of crisis borders on cliché. We inhabit a world of low growth, low productivity and low wages, of climate breakdown and the collapse of democratic politics. A world where billions, mostly in the global south, live in poverty. A world defined by inequality.</p>
<p>But the most pressing crisis of all, arguably, is an absence of collective imagination. It is as if humanity has been afflicted by a psychological complex, in which we believe the present world is stronger than our capacity to remake it – as if it were not our ancestors who created what stands before us now. As if the very essence of humanity, if there is such a thing, is not to constantly build new worlds.</p>
<p>If we can move beyond such a failure, we will be able to see something wonderful. The plummeting cost of information and advances in technology are providing the ground for a collective future of freedom and luxury for all.</p>
</blockquote>
<p>I am certainly a capitalist. But it’s hard to ignore the signs that we are entering an uncertain age, one where human labor and intellect may no longer be the ultimate raw materials that drive the global economy. If people are out of jobs – replaced by automated machines and algorithms – there will be massive human suffering.</p>
<p>But it doesn’t have to be that way. If we collectively think ahead, and work on political policy that provides not just basic assistance to the vast majority of humanity but <em>luxury</em> lifestyles to those people, perhaps the coming catastrophe can be avoided. As Bastani points out, though, we need to believe it’s possible – that we can build new worlds. </p>
tag:dcurt.is,2014:Post/bourdain-on-travel2019-07-21T20:22:52-07:002019-07-21T20:22:52-07:00Bourdain on The Journey<blockquote>
<p><span style="font-size:30px;color:#000;line-height:42px;">Travel isn’t always pretty. It isn’t always comfortable. Sometimes it hurts, it even breaks your heart. But that’s okay. The journey changes you; it should change you. It leaves marks on your memory, on your consciousness, on your heart, and on your body. You take something with you. Hopefully, you leave something good behind.</span></p>
<p><cite>Anthony Bourdain</cite></p>
</blockquote>
<hr>
<p>Published from Medellín, Colombia. </p>
tag:dcurt.is,2014:Post/how-to-host-a-static-website-on-aws-with-https2019-06-03T20:18:39-07:002019-06-03T20:18:39-07:00How to host a static website with HTTPS on AWS, using S3 and CloudFront<p>Amazon’s AWS is an inexpensive and limitlessly scalable platform that can be ideal for hosting fast, secure, and reliable static websites. I host several sites using the method described below, and it costs me pennies per month. The only problem is that getting things set up–especially with HTTPS support–isn’t exactly straightforward.</p>
<hr>
<h2 id="summary_2">Summary <a class="head_anchor" href="#summary_2">#</a>
</h2>
<ul>
<li>We’ll create and configure two S3 buckets. One will serve static content via S3. The other will be used simply to redirect <code class="prettyprint">www.yourdomain.com</code> to <code class="prettyprint">yourdomain.com</code>. </li>
<li>We’ll create an SSL certificate using AWS Certificate Manager. </li>
<li>We’ll set up two CloudFront distributions which will use the S3 buckets as origins. (The website itself will be served through CloudFront’s edge locations, but the files will be stored on S3.)</li>
<li>We’ll set up DNS alias records which point to CloudFront, using Route 53.</li>
</ul>
<hr>
<h2 id="configure-s3_2">Configure S3 <a class="head_anchor" href="#configure-s3_2">#</a>
</h2>
<ol>
<li>
<strong>Create two buckets in <a href="https://console.aws.amazon.com/s3/">S3</a>.</strong> It doesn’t matter what they’re named, but one will be used to hold your content and the other will remain empty – I suggest <code class="prettyprint">yourdomain-static</code> and <code class="prettyprint">yourdomain-www</code>. (Note: Amazon suggests naming the buckets <code class="prettyprint">yourdomain.com</code> and <code class="prettyprint">www.yourdomain.com</code>, but there are downsides to this naming approach.<sup id="fnref1"><a href="#fn1">1</a></sup> ) Be sure to uncheck the boxes for “Block new public ACLs…”, “Remove public access granted…”, “Block new public bucket policies”, and “Block public and cross-account access…”. </li>
<li>In the S3 console, select the <code class="prettyprint">-static</code> bucket, click properties, and then turn on <strong>“Static website hosting”</strong>. Select “Use this bucket to host a website”. Make the “Index document” index.html and the “Error document” error.html. Then click Save. </li>
<li>Select the ‘-www’ bucket, click properties, and turn on <strong>“Static website hosting”</strong>. Select “Redirect requests”. Enter <code class="prettyprint">yourdomain.com</code> as the “Target bucket or domain”. Set “Protocol” to <code class="prettyprint">https</code>. Then click Save.</li>
<li>
<strong>Make note of the <code class="prettyprint">endpoint</code> URLs</strong> displayed for each bucket in the “Static website hosting” properties panel. (Endpoint URLs look like <code class="prettyprint">http://yourbucketname.s3-website-us-east-1.amazonaws.com</code>.)</li>
</ol>
<hr>
<h2 id="configure-aws-certificate-manager_2">Configure AWS Certificate Manager <a class="head_anchor" href="#configure-aws-certificate-manager_2">#</a>
</h2>
<p>If you don’t already have a certificate issued for your domain with ACM, go to the <a href="https://console.aws.amazon.com/acm">AWS Certificate Manager</a> in the AWS Console.</p>
<ol>
<li>Click “Request a certificate” (don’t worry–it’s free). </li>
<li>Create two entries under “Add domain names”: <code class="prettyprint">yourdomain.com</code> and <code class="prettyprint">*.yourdomain.com</code>. </li>
<li>Choose the validation method that works for you (but you should almost certainly use DNS validation), then request the certificate. It may take an hour or more for your certificate to be issued and available.</li>
</ol>
<p>You’ll have to wait until your certificate is issued before continuing. </p>
<hr>
<h2 id="configure-cloudfront_2">Configure CloudFront <a class="head_anchor" href="#configure-cloudfront_2">#</a>
</h2>
<ol>
<li>
<strong>Create two CloudFront distributions.</strong> Click “Create Distribution” in the <a href="https://console.aws.amazon.com/cloudfront/">CloudFront console</a>. Then click “Get Started” under “Web”. </li>
<li>
<strong>For the first distribution</strong>, use the following settings:
<ol>
<li>
<strong>Origin Domain Name</strong>: The S3 website endpoint url for your <code class="prettyprint">-static</code> bucket. (Note: Amazon will try to help you autocomplete, <strong>but ignore its suggestion</strong>. Use the S3 website endpoint URL instead).</li>
<li>
<strong>Viewer Protocol Policy</strong>: <code class="prettyprint">Redirect HTTP to HTTPS</code>. </li>
<li>
<strong>Compress Objects Automatically</strong>: <code class="prettyprint">yes</code>.</li>
<li>
<strong>Alternate Domain Names</strong>: <code class="prettyprint">yourdomain.com</code>
</li>
<li>
<strong>SSL Certificate:</strong> Choose “Custom SSL Certificate” and then select your ACM certificate from the dropdown. </li>
<li>
<strong>Default Root Object:</strong> <em>blank</em>
</li>
<li>Click “Create Distribution”.</li>
</ol>
</li>
<li>
<strong>For the second distribution</strong>, use the following settings:
<ol>
<li>
<strong>Origin Domain Name</strong>: The S3 website endpoint url for your <code class="prettyprint">-www</code> bucket. (Note: Amazon will try to help you autocomplete, <strong>but ignore its suggestion</strong>. Use the S3 website endpoint URL instead).</li>
<li>
<strong>Viewer Protocol Policy</strong>: <code class="prettyprint">Redirect HTTP to HTTPS</code>. </li>
<li>
<strong>Compress Objects Automatically</strong>: <code class="prettyprint">yes</code>.</li>
<li>
<strong>Alternate Domain Names</strong>: <code class="prettyprint">www.yourdomain.com</code>
</li>
<li>
<strong>SSL Certificate:</strong> Choose “Custom SSL Certificate” and then select your ACM certificate from the dropdown.</li>
<li>
<strong>Default Root Object:</strong> <em>blank</em>
</li>
<li>Click “Create Distribution”.</li>
</ol>
</li>
<li>
<strong>Make note of the CloudFront <code class="prettyprint">Domain Name</code></strong> for each distribution. It may take a few minutes for the domain names to become visible in the CloudFront console. (CloudFront Domain Names look like <code class="prettyprint">d1tj8z7yt99sdx.cloudfront.net</code>.) It may take up to an hour for the CloudFront distribution to actually start working. </li>
</ol>
<hr>
<h2 id="configure-dns-using-route-53_2">Configure DNS using Route 53 <a class="head_anchor" href="#configure-dns-using-route-53_2">#</a>
</h2>
<ol>
<li>
<strong>Go to the <a href="https://console.aws.amazon.com/route53">Route 53</a> section of the AWS console.</strong> Click “Hosted Zones”. Click on your domain. </li>
<li>
<strong>Delete any A-records</strong> listed for <code class="prettyprint">yourdomain.com.</code> and <code class="prettyprint">www.yourdomain.com.</code>.</li>
<li>
<strong>Create a new A-record</strong> by clicking “Create Record Set”. Use the following settings:
<ol>
<li>
<strong>Name:</strong> <em>blank</em>
</li>
<li>
<strong>Type:</strong> <code class="prettyprint">A - IPv4 address</code>
</li>
<li>
<strong>Alias:</strong> <code class="prettyprint">yes</code>
</li>
<li>
<strong>Alias Target:</strong> The CloudFront <code class="prettyprint">Domain Name</code> of the distribution that points to your <code class="prettyprint">-static</code> bucket. (In the dropdown, make sure you select from the list of “CloudFront distributions” and <em>not</em> from “S3 website endpoints”.) </li>
<li>Click “Create”</li>
</ol>
</li>
<li>
<strong>Create a new A-record</strong> by clicking “Create Record Set”. Use the following settings:
<ol>
<li>
<strong>Name:</strong> <code class="prettyprint">www</code>
</li>
<li>
<strong>Type:</strong> <code class="prettyprint">A - IPv4 address</code>
</li>
<li>
<strong>Alias:</strong> <code class="prettyprint">yes</code>
</li>
<li>
<strong>Alias Target:</strong> The CloudFront <code class="prettyprint">Domain Name</code> of the distribution that points to your <code class="prettyprint">-www</code> bucket. (In the dropdown, make sure you select from the list of “CloudFront distributions” and <em>not</em> from “S3 website endpoints”.) </li>
<li>Click “Create”</li>
</ol>
</li>
</ol>
<hr>
<h2 id="done_2">Done <a class="head_anchor" href="#done_2">#</a>
</h2>
<p>It may take a while for the CloudFront distributions to activate and the DNS settings to propagate. Assuming everything is set up properly, you’ll be able to store arbitrary files in the bucket <code class="prettyprint">yourdomain-static</code> and they will be available at <code class="prettyprint">https://yourdomain.com</code>. Visitors to <code class="prettyprint">http(s)://www.yourdomain.com</code> will be redirected to <code class="prettyprint">https://yourdomain.com</code>. </p>
<p><strong>If you make edits or changes</strong> to the files in <code class="prettyprint">yourdomain-static</code>, you will need to <em>invalidate</em> the cached objects on CloudFront. To do this, go to the <a href="https://console.aws.amazon.com/cloudfront">CloudFront console</a>, click on your distribution, then click the “Invalidations” tab. Click “Create Invalidation” and either enter the paths to the files you changed or just “*”, which will invalidate everything. Click “Invalidate”. </p>
<div class="footnotes">
<hr>
<ol>
<li id="fn1">
<p>It is outside the scope of this guide, but there are situations in which you might want to use the AWS S3 domain for your stored objects. Using a bucket name that includes a <code class="prettyprint">.</code> makes S3 more difficult to use because the AWS S3 domain name at <code class="prettyprint">https://bucketname.s3.amazonaws.com</code> will have an invalid SSL certificate. In any case, it is a good idea to “claim” the <code class="prettyprint">yourdomain.com</code> and <code class="prettyprint">www.yourdomain.com</code> buckets in S3 by creating them, even if you don’t use them. <a href="#fnref1">↩</a></p>
</li>
</ol>
</div>
tag:dcurt.is,2014:Post/a-faulty-opinion2019-05-30T08:40:48-07:002019-05-30T08:40:48-07:00One of the dumbest things I've ever published<p>While I was reading through some of my older essays the other day, I came across a piece called <em><a href="https://dcurt.is/privacy-vs-user-experience">Privacy vs. User Experience</a></em>, published in 2014. In the article, I argued that Apple’s then-nascent philosophical stance on the supremacy of user privacy was going to slow down its product development while competitors fully embraced deep data mining techniques to build better user experiences. </p>
<p>It is, I believe, one of the dumbest, most <em>wrong</em> things I have ever published.</p>
<p><a href="https://dcurt.is/privacy-vs-user-experience">The essay’s structure</a> isn’t actually that bad. It has a strong thesis. The whole thing seems relatively innocuous, whether or not you agree with the premise. What makes <em>Privacy vs. User Experience</em> so dangerous as an essay is that the thesis is undeniably correct in the abstract and yet completely wrong in practice. There is no valid counterargument to the abstract idea. It is a fact that if a company has better data and analyzes it more completely, then they can obviously produce better experiences for their users. I wrote:</p>
<blockquote>
<p>The truth is that collecting information about people allows you to make significantly better products, and the more information you collect, the better products you can build. Apple can barely sync iMessage across devices because it uses an encryption system that prevents it from being able to read the actual messages. Google knows where I am right now, where I need to be for my meeting in an hour, what the traffic is like, and whether I usually take public transportation, a taxi, or drive myself. Using that information, it can tell me exactly when to leave. This isn’t science fiction; it’s actually happening. </p>
</blockquote>
<p>Ah yes, that was the dream. If it were a benevolent system, created and run in a vacuum – in the land of butterflies, lollipops, and pure intellectual theory – what I posited could have been correct. But we are not in that place, and I was wrong. In fact, as the theory described above has been put into actual practice, it has caused at least two things to happen:</p>
<ol>
<li><p>A new enemy of mankind, called <em>the algorithm</em>, has arisen. With all of the private information collected about you and your network, this black-box set of neutral networks has been tasked with deciding what you will be exposed to in feeds of information on sites like Twitter and Facebook. I purposefully do not call these “social feeds” or “social sites”, because they are not social. News Feed and Twitter’s Timeline are artificial intelligence-powered aggregators that watch behaviors within communities of people and then serve content to maximize engagement. There is nothing social about these services; they are built around observation, collection, and profiling in the pursuit of conditioning people to behave in certain ways. This system does not create a better user experience, and it certainly is not a good reason to sacrifice privacy. </p></li>
<li><p>I argued in my piece that Tim Cook had conflated privacy with security. He may have. But in the five years since 2014, the following fact has become absurdly clear to me: <strong>there is no difference between privacy and security</strong>. Security is an illusion, just like the lock on your front door. Advanced cryptography can prevent immediate threats, but in the long run, it is impossible to keep things private at scale. Humans can only build flawed software. There will always be bugs. And thus your “private” information is not now and will never be safe in the hands of a third party, no matter how competent. The only solution is to keep the information within only your control, and that is how Apple has attempted to architect its systems.</p></li>
</ol>
<p>Thus: <strong>(1)</strong> The building of tools to aggregate private information in order to ostensibly improve user experience has in fact, at scale, caused strange and negative things to happen. Some of these things are threatening totally unrelated social constructs like democracy, addiction, and human decency. Even more insane is that the mechanisms of action driving the functionality behind these hyper-trained algorithms are not very well understood. Machine learning models are trained on huge amounts of data, and while you can input information (like a person’s private interests, likes, browsing history, etc) and then see clear output (a customized feed), you can’t really know exactly <em>how</em> or <em>why</em> the output was derived. All you can be confident of is that the output will perform according to some mysterious heuristics, often decided by the neural network itself. And: <strong>(2)</strong> If, after Snowden, Experian, Starwood, Yahoo!, and countless other examples of leaks, you think security is going to protect your privacy, you are either ignorant or insane. </p>
<p>I ended <em>Privacy vs. User Experience</em> with this discussion about compromise:</p>
<blockquote>
<p>As long as people understand the potential risks, the answer to the [question of whether to sacrifice a little privacy to improve user experience] is almost always, “Yes.” And with the emergence of artificial intelligence, the answer to that question will become increasingly more clear. The vast improvements in user experience far, far outweigh the potential security risks to private information.</p>
</blockquote>
<p>Wrong. In fact, my initial thesis was <em>so</em> wrong that the exact opposite turned out to be true. AI made user experiences worse. Private data being made available to algorithms made them unpredictable, extreme, and potentially damaging to society.</p>
<p>As it turns out, a bit of mystery, even when dealing with advanced artificial intelligence, appears to be way more valuable for user experience than a full profile of the private information inside someone’s mind and life.</p>
<p>Humans are complex, private creatures. Without privacy, they become drones… to the countless algorithms ready to guide their way. </p>
<hr>