Jake Savin Posts



I applied this morning for Facebook Instant Articles. There’s a plug-in for WordPress that will create FBIA feeds, so fingers crossed that it’s easy to get working.

Blogging Web

Right now, I’m not particularly optimistic about democracy and political discourse in the United States. There are so many things to love about our country, but She has been quite broken for most of my politically aware lifetime, and I have trouble imagining a nearby future in which this changes meaningfully.

I left a long comment tonight on a Facebook post made by a friend about a hotly debated issue in American politics. The post referenced a popular but not recent, oversimplified news story that was only tangentially related to the issue.

The comment thread on Facebook quickly latched onto the tangential story instead of the more current and much more important issue itself, and commenters fell back to lazily repeating polarized talking points from the side they happened to agree with. In this specific case the more polarized comments happened to be the right-leaning ones, but both sides are guilty of this behavior depending on the issue.

Instead of ignoring the post or jumping into the fray to argue with people whose minds I’m nearly certain I had no chance of changing, I thought (probably naively) that I might do more good by attempting to elevate the level of discourse.

The rest of this post is that comment…

I won’t bother with jumping in on the “man-who” fallacies, except to say that the real truth in all of it is almost certainly somewhere in the middle, and is more complex than most are willing to bother to think too deeply about. Stories like [this] are like the UV bait light in the center of a bug-zapper. We see the glow, and can’t resist flying straight in.

The older I get, the more certain I am that polarization (even radicalization) of opinion in this country on LGBT issues, guns, political speech, size of government, healthcare, religious freedom, immigration, and on and on and on…, is deeply hurting our country through a lost sense of shared values and community, and has been for decades.

We as a nation of individual citizens have to start to realize that we have so much more in common than not. We have to find ways to allow ourselves be more tolerant and understanding. We need to be able to communicate – even disagree and debate – with sensitivity to those with different opinions than our own. If we can’t do this we will continue to spend our money, time, and energy on fear-based, straw-man, defensive, 24-hour-news-cycle bullshit, with no real hope to change anything for the better. We keep on doing this instead of seeking out and implementing real pragmatic improvements, based instead on the common ground and understanding that are the highest aspects of our shared cultural heritage and our core values as Americans.

I still hope we believe in democracy, but these days it’s sometimes hard to believe we even know what it is.

Policy and politics should not be an “us vs them”, winner-take-all activity. It’s ALL US! It’s our own responsibility as individuals to respect each other and ourselves enough to tackle real issues and work to resolve our differences, rather than attack people we’ve never met just because someone said something about them that we find disagreeable.

The political class and the media (mainstream or otherwise) are reflections of our own attitudes and actions. If we want better government and less biased reporting, we have to invest ourselves into the future of our culture, our government and our community.

On the other hand, we could just keep screaming at each other and not listening to anyone who disagrees with us.

I know which path I prefer.


As a software project manager, I often run project retrospective meetings with my teams. Sometimes they feel like this:

Most of the time, we actually do ship, even with only one wing. 😉


Video (screen capture + audio) of the talk I did at Seattle Xcoders a couple of weeks ago is live:

I shared some lessons learned on projects that went off the rails, in spite of having a plan that we thought we could execute on.

No promises on it being a particularly good talk. 😉 YMMV.

How to Fail by Following the Plan (Jake Savin, March 10, 2016)


Here’s a random (but true) story, inspired by a story someone linked to in Slack this afternoon…

Back in the late ’90’s my brother worked at a small local ISP/DSL provider in Olympia, WA. In those days DSL lines usually topped out at 128-256kbps. A few senior people at his company had dedicated T1 lines at home, so they could get online and resolve outages without the hassle and delay of showering, getting dressed, and coming in to the office. (The T1 lines presumably made sense because an outage might also affect a DSL line on the same infrastructure as their customers’ lines.)

That ISP was eventually sold to another ISP in Santa Rosa, CA, which promptly purchased a fully-outfitted TelCo-style service van for the small team in Olympia. The folks in Olympia apparently used it exclusively to go out for pizza and Chinese food for lunch, since they never actually needed to touch any wires out “in the field”, and probably wouldn’t know how to repair anything even if they did.

Eventually the Santa Rosa company was itself acquired and the people with the T1 lines left the newly-merged company. But somehow in all the transitions the new company completely lost track of what infrastructure was running on those T1 lines that were set up by the original ISP. Since they didn’t know what they were for, they were afraid to turn them off.

So they just kept them running… For years… and years… and years

Strange but True

Apple vs. FBI

Syed Farook, the perpetrator in the San Bernardino attack last December, had an iPhone which is now in the FBI’s possession. Despite their attempts, the FBI has been unable to unlock the phone and unable to bypass the device’s privacy and encryption features.

Apple has long taken the stance that protecting the privacy and security of their users’ data is hugely important, and they have implemented strong encryption on the iPhone in order to protect this sensitive information.

Now a court order requested by the FBI is demanding that Apple build a custom version of iOS that circumvents these security features. This would, in the words of Tim Cook, “undeniably create a backdoor” to the iPhone that “would have the potential to unlock any iPhone in someone’s physical possession”.

Apple’s public refusal to comply, along with supporting statements made by some other high-profile technology companies including Google and Microsoft, has rekindled the fierce debate over the value of strong data encryption, and whether the government has the authority to demand that companies disable or defeat it.

The case is even becoming an issue in the presidential race, as candidates weigh in with their positions on encryption and privacy.

Our Digital Privacy Is Important

With the increasing pervasiveness of smartphones and other Internet-enabled devices, we rely on technology more every day for nearly everything we do. From seemingly mundane personal communications like text messaging, to business and financial activities like signing documents, searching and applying for jobs, and online banking– creating, storing, and sending our information digitally is nearly unavoidable.

When our trust that information we believe to be private is violated, the consequences can be severe. It should be no surprise to anyone involved in designing software products today that software involved in critical business communications and transactions must preserve security and privacy.

But what’s less well understood is that our personal interactions online can make us vulnerable, and personal information is increasingly the target of so-called “bad actors” who want to compromise our privacy in order to commit crimes from identity theft and fraud to stalking and burglary.

As makers of software products, we have an obligation to design and build our products to embody the principle of protecting the privacy and security of our users and customers. This is true regardless of whether the products we make are used for business or finance where security is an obvious concern, or for entertainment, gaming, or social networking where the privacy risks are either less obvious or seemingly less important.

What is Strong Encryption and What Is It Used For?

The most widely used strong encryption technologies are free, open source technologies that anyone can use. They provide key functions that protect your privacy and security, and they are integrated into many products from web browsers and mobile apps, to enterprise email systems, stock trading networks, and cellular phone communications. Encryption is everywhere.

Some of the uses of strong encryption include:

  • Preventing unauthorized third-parties from accessing information in storage devices like hard disks, smart phones and “cloud” services.
  • Protecting data from snooping in transit on the Internet or cellular data networks.
  • Verifying authenticity of messages and documents, and ensuring they have not been tampered with.
  • Proving the identity of a person or company, and preventing imposters from impersonating them in order to attack others.

Of course the same encryption technologies can also be used by criminals to hide information and communication from law enforcement. This is why the FBI wants Apple (and other companies) to provide tools that work around or remove the encryption technologies integrated into their software and devices.

Why Apple is Right to Fight the FBI Order

On February 16, Apple chose to take a public stand against the FBI’s order to make software that enables decrypting data on iPhones, so they can collect evidence in their investigation of the San Bernardino shooting case.

To some, Apple’s opposition to the FBI may seem wrong or even immoral. After all, why would we want to prevent law enforcement from bringing criminals and their accomplices to justice? Of course we wouldn’t.

By supplying software that decrypts data stored on the iPhone in the case, Apple would also be supplying the FBI with tools that could be used to undermine the privacy and security of any Apple device, and therefore anyone who uses one.

Here are some of the specific problems that would arise, which are too important to ignore:

As Apple CEO Tim Cook points out, and as Apple’s follow-up FAQ reiterates, making tools that subvert or remove encryption creates a real risk that criminals or other “bad actors” could steal these tools directly or replicate the methods they employ. This puts everyone at risk, including law-abiding people who uses these devices to store their most personal information.

Once these tools are in the FBI’s hands, there could be tens, hundreds, or even thousands of individual people who gain access to them over time, possibly even extending to other agencies outside the FBI. Even if decryption tools could only be used on FBI premises by authorized personnel, there is no way that the government could honestly guarantee to the public that no person with access to these tools would ever violate their privacy for criminal or political purposes.

There is also a real danger that hackers or organized criminals could get access to these tools through technical means, bribery, or extortion. Criminals could sell or even “weaponize” decryption tools for identity theft, fraud, or other criminal activities, even possibly cyber terrorism.

What’s At Stake

We’ve seen over and over again in recent years, the damage caused to individuals and businesses when criminal hackers steal credit card numbers, social security numbers, and other personal information. But in addition to personal information like contacts and phone numbers, the information we routinely store on our devices can be easily used to gain access to other accounts and systems.

The consequences of a widespread privacy breach on the scale of all smartphone users, or even all iPhone users, could be dire, not just for Apple and the individuals directly affected, but also for the companies and agencies they work for. The potential damage that could be caused by widespread cyber-security breaches puts our economy and our national security on the line.

The erosion of our personal privacy – which strong encryption is designed to protect – could also lead to misuse by private organizations. Imagine your health insurance provider data-mining your location, your driving habits, or who you associate with. Imagine mortgage lenders monitoring your location and discovering you enjoy casinos. What if you went to interview for a job, and they knew every other company you’d sent your resume to, and every other job you’d been turned down for.

Safeguarding our digital privacy and security is critically important. Sacrificing it in the interest of a single case, even with good intentions, is a trade-off that’s not worth making. Allowing this precedent to be set would be to sacrifice constitutional rights that our country’s founders fought fiercely to obtain, and which we should also fight to protect.



This post originally appeared on the L4 Digital blog on February 25, 2016.

Apple Security