Chinese Glucometer Review: Sannuo

As I start this draft I’m in Shanghai (mainland China), for a work trip. I have visited Shanghai before, but this time I have some more random time around, and while I was browsing stores with a colleague also visiting the city, we ended up in a big (three, four stories) pharmacy. We would have left right away if it wasn’t that I noticed a big sign advertising a Countour by Bayer glucometer, and I decided to peek around.

I found indeed a whole floor dedicated to health hardware, including, but clearly not limited to, glucometers. It had a long series of Omron hardware, blood pressure measurements, thermometers, etc. And a few desks of glucometer, some from brands that are established and known in the West, and a few I never heard of.

I looked around for the prices, and the meters are more expensive than in Europe, but about on par with the US, between ¥150 and ¥400. I asked if any of the ones they had that I did not recognize would allow downloading to the computer, and they showed me one for ¥258 (around €35), branded Sannuo and manufactured by Sinocare. I decided to buy it for the sake of figuring out how things differ in China for diabetes.

Before getting to the device itself, a few words of the act of buying one. First of all, as it appears to be common in China, or at least in Shanghai, buying something is a bit of a trip around: you select what you want, they send you to the cashier, you pay, and then you go back to the clerk who you chose the item with. If you’re lucky, you’ll be able to pay with card, and if you’re really lucky, they will accept yours. In this case the store accepted my Tesco Visa, but not my Revolut MasterCard, which means it probably costed me closer to €40, but it’s okay.

After I paid for the device, the clerks assisted me not only by giving me the box of the meter, but configuring it up, particularly date and time. You’d think this would be obvious to do (and it is) but one of the things that kept surprising me in Shanghai is that every time you buy something, the seller will configure it for you, and make sure it works at least to a point, the same was true when I bought a SIM card at the airport. They did not ask me to take blood there and then, but they showed me how to set up the date and time.

Finally, they gave me a box of two bottles of strips, told me there were two bottles in the box, and even warned me to use them one bottle at a time (valid warning for glucometers’ reactive strips). And just to make a point here: only one of the two clerks who assisted me spoke any English, and even she didn’t speak it very well. They still did quite a bit to make me understand and explain how to use it.

Now to go back to the meter itself, the €40 got me a fairly clunky meter, a box of lancets and 50 test strips, which declare themselves having a fairly wide range (from 1.1 mmol/l). In the box with the device came the usual (by now) carrying case, and a lancing device. The lancets appear to be “standard” or at least as close as that word as can possibly be used for lancets and lancing devices.

What became very obvious both on the box of the meter, and on the wall ads of all the other meters, is that China, like the UK and Ireland, use mmol/l measurement for blood sugar. I honestly thought that was just a UK (and Ireland, Australia) thing, but clearly it is much more common. Since I’m writing this before getting back to Europe, I cannot tell whether the meter uses this in the wire protocol or, like all the western meters, uses mg/dL internally.

The meter itself feels clunky and it’s fairly big, just shy of the size of an Accu-Chek Mobile. It uses two AAA batteries, and that has only three buttons: power and up/down arrows. The display is a monochrome LCD, but it also has two LEDs, red and green, to tell you whether you’re in range or not. Oh, and it speaks.

It felt funny when I arrived at the hotel and tried it with a blood sample (it seems consistent with the variation of other meters), and it started announcing… something. I don’t speak Chinese so I have not understood anything, I should probably start Google Translate next time I try it. Part of the reason why this feels funny is because it reminded me of the i-ching calculator from Dirk Gently: The Long Dark Tea-Time of the Soul radio series, which was effectively a calculator that spoke the results out loud. I did not make much of a parallel until this, but it then reminded me of the devices in the taxis I took last year, too.

Unfortunately even though I’m now at home, I have not been able to start on the reverse engineering, because I can’t seem to get the device to work on my laptop. According to Linux, the device is not accepting the assigned address. I should wire it up to the proper logic analyzer for that.

Revolut Review: a traveller’s best friend?

Update 2019-03-24: A few years later, I have some concerns about Revolut, so after you read this post, I will suggest you to read Is Revolut Still a Good Thing?.

Given the amount of words I have spent on payment cards you would expect that since starting to use Revolut last year I would have already written about it. But almost every time I started writing about it, something else changed that made some of my points moot. I think it’s time to break silence.

For those who have not heard yet, Revolut is an UK company that fits into the current profile of FinTech companies. It all starts with a mobile app, that allows you to sign up for their service, which effectively is an “electronic wallet” (or bank account). When you confirm identity, you can get sent a physical MasterCard payment card for a smallish fee (the fee was not present when I signed up – which is why one of the things that confused me when I suggested this to friends, the other being that it appears to be different country by country).

While at first sight this might look like one of the many prepaid debit cards that exist across most of Europe, the most famous of which, in Italy, would be PostePay, it turns out to have a number of technical differences. The first of which is that the card is a MasterCard Prepaid, rather than a MasterCard Debit, which has both good and bad sides to it: it can be used where debit cards usually can’t (e.g. hotels), but it also can be charged extra (e.g. by Ryanair).

The main advantage over the classical debit (or credit) cards is that the company built the payment system as a mobile-native platform, rather than bolting on mobile apps as an afterthought like effectively any other consumer bank I have used. In particular, the security of the card is tied to the app itself: from the app itself you can configure the card, allowing or disallowing transactions made with the magnetic stripe, the contactless payment, or “online” (card not present), as well as whether you want to allow ATM withdrawal, and whether you want to make use of Revolut’s Location Security feature – which is honestly my favourite feature.

This feature relies on the fact that the phone’s location is known to the company through the app, and they can take that into account when they decide to approve or reject a transaction. In most cases, this is exactly what you want. When my Tesco Bank credit card got skimmed, the fraudulent transaction that had them notice was made in New York, while I Was peacefully sleeping in Dublin. Unfortunately this feature is still a bit fragile, and relies on you having connection when you travel, and sometimes it takes more time than you’d like to realize that you have been travelling. For instance I had to disable location security to enter the DLR from London City Airport, after landing (for those who don’t know the airport, it takes less then 10 minutes walking from landing to public transport).

The good thing is that all these settings take effect immediately if you have Internet connection on your phone, so in most places in Europe, where the transaction happens with you holding, or eyeing, your card, it’s easy to just open the app, disable location security, and retry the transactions. In the USA, though, things are more interesting, as in most restaurant you just give the card to a waiter and they’ll run the transaction for you at the till. And if you have a mistake in the way the terminal is set, so that paying at, for the sake of example, a Mexican restaurant in Pittsburgh would appear as coming from Columbo, then you’re going to have a bit of a headache.

In addition ot the security features, the other reason why the Revolut card is a good fit for travelling is that they offer a 0% foreign transaction fee, and so-called interbank rates for converting to whichever currency you have your balance in (it supports euro, sterling, US dollars, and, added between me writing the draft and posting this, Swiss franks and Polish złoty). This is an improvement over the 1.75% of Tesco Bank and 2.75% of Ulster Bank (approximate, this is the rate for VISA cards; since my Ulster Bank card is MasterCard the fee is variable, and it’s more complicated to calculate).

The interbank rates are very hard to judge, but I have some data points, although for now mostly biased. When I went to London last, in April, I used at different places both my Tesco Bank card and Revolut, so I can compare the rate that they gave me: £0.8569 for Revolut vs £0.8531 (effective, exclusing transaction fee, alternatively £0.838 as declared by Tesco Bank in the statement, which includes the transaction fee). This is biased, since both cards are actually UK-based, so Sterling might not be the right currency to compare on. I’ll be able to compare Chinese Yuan Remibi next month, when the Tesco Bank statement arrive. The other comparison I was able to make was with my company card by Citi, but that’s unfair. For what it’s worth, it’s within reasonable variation, sometimes with Revolut standing on the better side.

If I have such a bright opinion of the service, then why did I not write about this before? As I said, there has been a few things that changed, and a few snags, that got me wary about writing about it too quickly. The first problem is that Revolut’s start looked a lot like Number 26 (now N26), the German bank that promised very similar features, although with a different setup. In particular, I don’t remember them having location-based security features, but on the other hand, they did give you a full IBAN you could use to wire money to directly, or issue SEPA Direct Debit against, assuming your provider was happy to accept said requests.

This is a problem particularly when you realize how bad a job they made of security (those particular problems addressed since then, but t’s still hard for me to trust them). But as the talk points out, it was an obvious answer to say “Well, okay, but I only keep €50 on it”; the same answer I could have given Revolut. Except that N26 first, and now Revolut, both allow you to ask for credit. And that makes the accounts a much more interesting target. I really wish Revolut had an option to say “I don’t want credit, please never provide credit to this account” – but alas that’s not the case right now.

There are more issues. In at least one case, I got scared and pissed at Revolut because after a payment at Red Rock, the exchange rate, the charge in dollars and the charge in euro did not match at all. Indeed the value of the charge in euro was almost double the dollars, which made no sense! Some bickering on Twitter about it, we could confirm the problem is that the Red Rock payment terminal does a pre-auth for the base total of the receipt, and then confirms the transaction with the amount including the tip. The Revolut app knows to update the total in euro with the settled amount, but it does not know to update the amount in dollars, unless you logout and log back in. Which requires you have access to your phone number to receive SMS. I noticed this during my trip in January; the bug was still present in April, when I visited London.

There is another problem with aesthetics. Since the names of credit card charges are usually difficult to decipher, as they appears to be still written in the same flat-file format as made popular by AS/400, the app tries to give you an easier tell of what a given charge is. The internal tracking of the transaction type is translated to one out of a handful of options such as Shopping, Groceries, Travel and Transportation, and the logo of a recognizable vendor is provided to make it easier to tell who’s charging you. This works great for things like Starbucks or McDonald’s, but it’s a bit less useful for Amazon, as it’ll bundle marketplace, Comixology and other third party Amazon Payments, but you can survive. The problem is that sometimes it’s completely wrong.

I assume the problem is that they do some fuzzy matching, as different pathways through the same charging entity may appear differently; that is the case for sure of Amazon, but as I also found out, of Uber, even within the same country. Starbucks and McDonald’s have at least the excuse of using different processors for different stores or at least countries.

More concering is the way they handle the breakdown by vendor in their Spending Analytics feature. The feature itself is actually pretty cool, and gives you an idea of how much you’re spending where, although for me that is only a very partial figure, as it does not factor in the other three cards and three accounts where other charges happen. The problem is not that, the problem is with companies such as PayPal, Square, or iZettle. These are intermediaries that don’t usually let their customers set the whole charge line, but rather only allow personalizing the suffix of the line. Most of these use the asterisk symbol (*) as the separator, so you have things like PAYPAL *STEAM GAMES or PAYPAL *PLAYSTATION.

What happens is that Revolut bunches together the “sub-vendors”, which is consistent with their fuzzy matching. Unfortunately they do not drop the suffix, just showing Square or Iz (they do that for PayPal), but they actually show an unrelated sub-vendor, probably the first charge they saw from the intermediary with the given charge type. Oops.

Finally I have one more concern, for now. While the card security is clearly improved by the location awareness, and the ability to enable/disable various payment options – including, finally, the contactless payments! – it appears Revolut did not actually set limits on how much vendors are allowed to charge you over contactless. As it happens, most terminals have limits imposed by the banks, which are often lower than the customer limits, or at best equal to them, but Revolut does not appear to have such. In Ireland, that limit would be between €25 to €35 depending on the bank, when using a physical card (Apple Pay and Android Pay use the same protocol but are considered different); in the UK, that would be £25 to £40.

I got very confused when in Hong Kong I bought my usual Starbucks souvenir mugs and a bearista, for a total of just shy of HK$500, and a contactless payment worth €57 was approved by Revolut with no issue! After contacting them on Twitter they said the limits are per-country, and quoted a CAD $100 limit in Canada. I asked them if they can provide a table of limits, so one can decide whether to leave contactless enabled or not in a card when they travel, but they have to look into it. The limit in Hong Kong appears to be around HK$1000, which is around €117, almost double the Canadian one.

This is of particular importance for a card that declares itself Sterling, by default, because it was not even three years ago that the foreign currency vulnerability got published in almost all the papers (including the Daily Mail, but I won’t link to that). And the fact that Revolut does not appear to have a proper published plan to deal with this bothers me more than a little bit.

All in all, I’m fairly happy with the service. I ended up getting an extra virtual card, which I use online almost exclusively for Amazon (but I have used it for other things including the China Eastern flights to Hong Kong, particularly as Tesco Bank refused the transaction). I calculated that just in the 1.75% foreign transaction fees on my Amazon UK orders (remember: the is no Amazon Ireland), the €6 fee was being paid off quickly.

Update 2019-03-24: continue by reading Is Revolut Still a Good Thing?

Laptop ban, and threat models

At some point this past month, the USA has been talking about banning laptops in cabin luggage, from flight coming from Europe as well as the Middle East, where such a ban is already in effect. This appears to have been reversed just a week later, so it may not be quite a problem right now.

Many words have been spent already to point out how pointless, unsafe, and ultimately futile this ban is from the stated reasons, and the security risks connected with the Government (capital G because this is mostly an abstract at this point) having access to your laptop without your presence, so I won’t be spending any time for that. I may come back to talking about practical security aspects, including mitigation, later, but for this post, I’m mostly interested in talking about the threat modeling, which should always be at the base of security practice, but often it isn’t.

Let’s handwave the first bullet point, and assume that anyone with the means who want to mess with you, either actively (attacking you) or passively (monitoring you), can take over your laptop against you if they have physical access. Any laptop, and an amount of time that is consistent with the time the laptop is out of your control in a situation such as checking it in a flight. As I said this has been discussed and is being discussed, and it’s not the kind of thing that I’m interested in talking about.

The question I want to ask is: who should be worried about their laptops? Everybody or a limited public? And to answer this question, I will use three straw travellers, and give examples of why all three of these should care about this particular problem, even though it may not appear so at first. These actors are drawn upon the information I have about myself, my sister, and my brother in law, because the three of us have an interesting different set of problems and fit widely different categories.

So there is me, working for a multinational company that, in its entirety, has access to a significant user base and personally-identifiable information (PII) (although I don’t have access to much of that, luckily for me). My sister, who works for a small, local company in Italy, that used to have PII from the local government, but at most nowadays has access to clothing and accessory manufacturers model and price information. And my brother in law, that works in the sales department for a different kind of multinational company, in a specific industrial manufacturing sector, holding a number of patents on their technologies.

Is every government interested in the three of us equally? I think it’s clear it’s not the case. The United States, with their current government being worse than the twenty years of Berlusconi we had in Italy, is moving further and further away from a democracy, and then having the ability to target people based on profiling that can only be done with PII no company in their sane mind would ever surrender them short of a hostile takeover, would probably be interested in me. Either because my laptop could contain, or be used to gather, credentials to access said PII, or because through me they can work their way through to more interesting targets.

Would they care about either my sister or my brother in law? Probably only if they knew the connection and were planning on getting me indirectly, which I would expect they wouldn’t do, as I’m too little a number in the organization for me to be worth that amount of time. Getting me first hand, sure, through third parties? Probably not. It would then be easy to discount the problem: who cares, if you’re a possible target of the US government, use burner laptops, if you’re not, check in your laptop and stop complaining! Except.

Except you can imagine a different government, say one that people have been very sceptical about because they tend to have a heavy hand on both their local and export market, and that has been suggested plays a role in industrial espionage on foreign companies. Such a government may actually be interested in my brother in law’s computer. While he doesn’t work on the technology himself any more, he probably gets to know about launches, new sale and, most importantly, prices they apply to their customers. If the government is out to make money, rather than profile people, he’s a target.

But governments, usually, play by some rules. Well, maybe not the US government this year, but even the TSA would have some regard about which luggage gets inspected, and how the content of said luggage is treated. My checked in luggage got inspected multiple times (because I flew a whole lot too much across the states these past few years), and they never broke or misplaced anything. In one case they actually repacked my bag better than I did myself, and I felt bad to have to empty it out to take my charger out.

What I would be more worried about is the baggage handling on the European airport side. It was in the 90s that Venice Marco Polo had a huge problem with theft from the checked in luggage, but my mother is still afraid of that and upset, because she lost a number of souvenirs from her trip to Madrid (back when such a trip was worth a lot more money, and she would get it as a prize for selling Avon products). But if valuable laptops are in the checked luggage, would you not expect this to happen again? This is something that everybody risks being a target of. But of course it is very obvious and easy to notice and possibly make right.

What if there are criminals among the baggage handlers that are more sophisticated than that, and can actually use techniques similar to the government’s to subvert your laptop? We have seen this happening already with the WannaCry attack just now, this is more than just possible. But of course just a ransomware in this case would be a lot of wasted effort and just as visible as the pure theft.

But what about criminals who may be looking for making much more money from CEO fraud? This kind of fraud is not new, and it’s spread enough, and can make quite a bit of money. In this case, the laptop of someone working in sales for a medium-sized multinational company, or someone working for a small company that contracts out for a much bigger fashion accessory company would be very interesting. Among other things, they are likely to let them in on the conversation happening with customers, and from there to understand their workflow of purchase orders and invoices… and if you just wait enough time between the travel and the scam, it’s going to be very hard to detect.

With these criminals, both my sister and my brother in law are targets, myself a significant amount less, because I work in the engineering department, and thus I have no access whatsoever to purchase orders and similar. Having an invoice arrive from me would raise all the possible red flags and give the criminals away immediately.

Now, there are of course more stereotypes or templates of people, and I’m sure that I can find one where storing a laptop in the checked luggage does not, actually, cause a significant risk. But my first impressions of having thought about this is that we should all be careful, and paranoid, about this particular attack vector, even more so than about end-to-end encrypted messaging, which has instead taken over the conversation for the past year.

i-Sim: a quirky way to get Internet in Asia

I started writing this while sitting on a very comfortable bed in a fancy hotel in Hong Kong. I spent the weekend in the SAR in the middle of a business trip to Shanghai, thanks to the multi-enty visa I managed to be given this time.

Whith a not quite relaxing trip to Pudong Airport in Shanghai (all my fault!), and the flight being delayed for well over an hour due to traffic control (weather forced a number of other flights late, even though by the time it was our turn, the weather was vastly fine), I got to the airport in a bit of a short temper (even by my own standards). The hotel was supposed to have a mobile wi-fi for me, but as I arrived almost at midnight, and the train requiring me to change stations, and not sure how long it would run, I was ready to spend more money for a Uber. That meant getting an Internet connection before getting to the hotel.

I’m usually okay with using portable hotspots (like the one I’m reverse engineering) but the problem here is that you have to rent one, and that means binging it back before flying out, which is a hassle. Of all the booth around me when I got in the arrivals’ hall, only one advertised SIM cards, so I headed towards that. After a good ten minutes waiting with the clerk explaining a guy how the thing worked, I gave up and proceeded to one of the desks that rented hotspots, but the card payment happens online, and it ended up blocked on Verified by VISA – and while I could have looked up the VBV password on LastPass, it seemed too sketchy. So I headed back to the SIM booth, as they had no customers.

What it turned out to be, is a bit quirky: they sold i-Sim data cards. The quirk is that while you buy a SIM and a 7- or 30-days plan, and you get 200 MB of data. Except, you actually have nearly unlimited data during the period, just as long as you click on some ads in their app.

It sounds like a bit of a scam, doesn’t it? It definitely reminded me of the Pay to surf stuff that was going on back in the ‘90s, and that, I’ll admit, at the time got me too. But it turned out to be working quite fine in Hong Kong, for me. Let me describe the experience.

The feature that made me more interested than wary about this, despite the bell I kept hearing, was that the service is available in Singapore, in addition to Hong Kong, Macau, Taiwan and Korea. This was relevant because after my trip to Shanghai, I headed to Singapore for SREcon Asia & Australia, and I was already planning to get a SIM there too, after all I am an Ingress player.

Since it’s just two days here, and then a few more the week after the next in Singapore, a single 7-days subscription wouldn’t have helped much, so I originally intended to get the 30-days one. The price was reasonable, HK$129 for the 30-days, particularly when you consider that the mobile hotspot rent would be HK$50/day with a minimum of four days. As it happens, the clerk was as tired as me, and by mistake activated a single 7-day pass on the SIM, which was supposed to be HK$59 (down from HK$69 regular price). When he realised the mistake, he offered to make it up for me by giving me the pre-order price (HK$49), and sell me two SIMs, the second one not activated yet, but with an already attached 7-day plan, which turned ended up being quite the deal for me. For those wondering, it’s just a bit less of €12.

For the i-Sim to be enabled, you have to activate it with their app. I checked the app permission both when I installed and when it requested extra, and it seems to be sane. It does ask for phone identity, but works fine without. It asks for camera permissions if you want to scan the barcode rather than typing the long SIM identifier by hand (particularly useful if you don’t know the manufacturer code by heart like the clerk did, except the gray barcode is effectively unreadable by the phone’s camera so I ended up having to type it anyway.

In the app, beside having a way to check how much data you used, there are a number of hexagons for different “areas” of advertisement. F&B (food and beverage) is the one the clerk recommended with the most ads, but I checked the others out and I even found an ads for the Intercontinental Hotel. Each time you select one of the ads with the i-Sim green logo in the bottom corner (not all of them do), a countdown indicator appears on the top-right. Only close the advertisement once it completes, and i-Sim will give you another 10 or 20MB credit (appears to depend on advertiser). It behaves like so many mobile games nowadays, where you can get more in-game currencies if you watch ads to completion.

As far as I can tell, the ads are not specific to the location you run them in, but they appear to be always Hong Kong’s. They also appear to have improved them during my week in China, as they went from being simply static images my first time, to being webviews pointing to the OpenRice or Facebook pages of the place, at least for most restaurants. I think this may be a bit buggy as now the counter appears and completes before the webview even finishes to load in some cases, so I assume they’ll have to find a combined option at some point.

On the technical side, the SIM uses the network of Three HK, which is ironic given my recent spat with Three Ireland, but it also means it appears to cover the tiny country very well. It does have its own APN settings though. The clerk insisted on setting them up himself, similarly to how the one in Shanghai did, although this time I managed to watch him doing so. He also explained to me how to set them again if I need for the new card, although I kept telling him I knew that. In Singapore it uses StarHub, and also seems to have good coverage around the city.

As a reference, the service will activate on a new card only once the card registers on the network. Which means you can’t start “topping up” the data until you actually land where the card will work, which is what I was hoping on doing while in China, heading to Singapore. Despite that the procedure was quite simple: switch the card number from the app, confirm you want to deactivate the old card, then once on the flight switch the SIM cards around, reset the APN to the NTT one, and that’s it. It’ll take a while to register on the network the first time, but for me it registered fine just after immigration clearance and before picking up the luggage.

Both the app, and the card, appear to have worked fine for me. I have used to “top up” over a GB of data, even though I clearly didn’t need that much, and it used less than 50MB itself. Given you can also use it over WiFi, it makes it fairly convenient. The ads I’ve seen are all in Chinese, which means they vastly fly over my head, and I only see the drawings, although there is the occasional image that includes English text to invite you to try some restaurant or other. There appears to have been a promotion with IHG as well, although it got me to an error page when I clicked on it, too bad.

So how does this fare, money for service? I’m happy with it as it is. I’m not sure if the prices of connectivity in Hong Kong or Singapore make this more expensive, but €6 for a week of nearly limitless connectivity is more than reasonable in my experience. The fact that you can actually not bother topping up the 200MB until you actually need to, means the ads are not even in your way.

Do they track you? Maybe, but how I wouldn’t know. Yes I had to sign up for an account, but they don’t appear to ask you for much information. And even if they were to do traffic profiling, they would see very little as obviously all (or nearly all) my connections are encrypted already (Chrome’s Data Saver takes care of the random HTTP link that still go around).

The only thing that makes me sad is that while they say the SIM is reusable, it only is reusable for the 90 days after you activated your last plan. I don’t think I’ll be back to Asia within three months, because among other things I’m mostly booked solid for that time frame, which makes moot this particular point. I got lucky to have gone to HK before Singapore, and I may be able to hand one of the two SIMs to one of my colleagues, if they allow me to hand the SIM to a different account.

I wonder if they are profitable, and if they’ll stay in business or not. For this trip, it looks like it was a good deal for me.

Book Review: Life Nomadic

I think it’s fitting that I’m starting the review of this book while sitting in the AirFrance lounge at Charles de Gaulle Airport, coming back from a four days trip to Paris to see Video Games Live playing at Le Grand Rex.

Life Nomadic was one of a set of suggestion that my dentist, of all people, gave me. Since the book is short, and it was available on Kindle Unlimited, I thought to start with it, even though it was possibly the one I was the least interesting of the list. Turns out my instincts were right and shouldn’t have even read this.

The premise of the book may be interesting, and depending on the cover you see for it, it might be what catches your eye: How to travel the world for less than you pay in rent. I find this is quite the clickbait (how do you call clickbait on a book cover?) because that’s not what it talks about at all; it’s not just travelling the world, the author argues for a complete overhaul of your life to be able to do so, and that, in my opinion, is myopic to say the least.

It might sound “trendy” to say this, but the book clearly reeks of white privilege — while the author never mentions that directly, it becomes very clear by oblique references that he’s white, and he’s clearly male, he says that at the beginning. He’s also healthy, and he’s insisting that this is thanks to his diet, rather than having won the health lottery and having grown up in a rich, healthy environment.

Indeed, the whole premise of the book is that if you’re privileged, in one way or another, travelling around the world is easy. But until you get to the end, when he’s talking about what to do with work (again in a fairly myopic way), you don’t realize that all his suggestions hinge on one important node: you have to be able to risk your job.

Forget to follow the advises of these books if (and this is an incomplete list, I’m sure):

  • you have a medical condition, light or heavy, that requires you have a relationship with a medical professional — I find it difficult to make appointments with my diabetologist while travelling for work, and with a relatively fixed schedule, if I were to follow his advise of just taking whichever next flight comes to your mind, I would probably be half-dead with untreated diabetes.
  • you are not American or European, as he’s ignoring all the difficulties of getting visas for most other nationalities; it is true that if you have an American or European passport getting visas for most of the world is just triviality and spending some money, it is less the case if you have other nationalities — and in some cases, it might actually get you outright in trouble;
  • you are not a white male, for whichever part of the world — the book starts with the author recounting doing something quite illegal and being given a slap on the wrist by the authorities; while it is true that I’d fear American police more than the rest of the world right now, plenty of stories from friends and acquaintances tell me this is a privilege; the risk of jail time is real if you’re not white even in Europe, let alone what may happen in some random country in which you happen to be one of the most obscure minorities;
  • your work actually requires presence, or timing, or any kind of (even flexible) schedule — the author does not quite specify what he works on, except by describing himself as a “die hard entrepreneur”; he says he stared by writing some software to sell, and points out he was mostly living off royalties of a previous book he published; I’ll get back to this;
  • you have any family ties at all — a relative, parent, close friend that is ill, or that you support directly or indirectly, as a lot of the talk in this book relies on how “cheap” (compared to US dollars) is the life in many developing countries.

To expand a little bit about how myopic his advises are, I’ll also point out how they can’t even apply to me, and I’m a well-off, single, straight, white guy with (loose) family ties. Even seeing my doctor three times a year (which is not much), I have to have with me a significant amount of “paraphernalia” for my diabetes: pills, insulin, needles, glucometer, etc. This by itself makes it almost impossible to just spend months at a time without a fixed schedule of being able to refill them. Not only some of those medications would not be available in some parts of the world at all, but even if they are, they are a significant cost, and I’m not even factoring in effects of the craziness of the US insurance system on the drugs prices. Besides, those things don’t really travel well. I have a refrigerated pack for my insulin, and luckily I never had trouble through airports before, but I have heard horror stories with insulin pumps and metal detectors. Even the Libre’s simple sensor managed to get me a stern questioning by the Nice airport security guards (and if you want to know, that was before the terrorist.)

While at it, I would like to present a thank you to AirFrance; their lounges at CDG are the only ones I’ve seen, up to now, that make it welcoming to take insulin: they have a sharps container in the bathroom, so you don’t have to ask for it (possibly embarrassingly for some people.) They also have signs on their aircrafts pointing you at their cabin crew for the container, which I’ve done before when flying back from Japan.

A particular note I’ll spend on the work section I noted above. As I said the guy defines himself as an entrepreneur, and if you have spent as much time as me around the Silicon Valley crowd, you can easily recognize the type in the book, even when they are from Austin, instead. He’s the kind of person who made “techie” into a bad word. The whole section about “Earning Money as You Travel” takes no consideration of workers outside of “our” (damn, I don’t want to be associated with this guy’s peers!) industry. The first suggestion is to start a business — well, I know how that goes, and it’s not easy at all, indeed it can only work well if you have capital to invest on it to begin with, which was a big problem for me when I did, because I had none, this guy clearly had since early on (as he goes on to say how he used to order random crap off Internet just for the giggles.)

The other suggestion is to go on contracting, or being a remote worker, suggesting that you may work on websites or software, or that (and I quote) «many office jobs can translate into contractor work» which to me sound like this guy has never seen an office worker outside of tech. And even within tech, he clearly has no idea what he’s talking about (emphasis mine):

Jobs that are particularly conductive to going mobile are jobs that require minimal interaction with others, like writing, editing, programming, graphic design and system administration.

If you have ever tried doing system administration remote, you would know right away that this is clearly bullshit — if you have no idea what the customer is doing, and how they are doing it, you are a horrible system administrator. Yes, you can work remote, but there is no way that they only require “minimal interaction”: they need plenty of interaction, maybe even more so when doing it remote.

Want to have even more fun? Again emphasis mine.

Figure out which program you’d like to become proficient at. Buy the software, buy the great tutorials to learn it from [omissis], and spend some time practicing. The money you’ve amassed from selling everything should easily last you through the transition period.

Yes, he did argue selling everything you own at the beginning of the book. He seems to think that you can do that, and amass money, probably while living in an RV and working from the tables of a closed-up restaurant in-between lunch and dinner, as he did. And that should be enough to learn something new you never did before. I’m sure this guy would have been able to, if he wasn’t lucky (because it’s all a matter of luck.)

Okay, enough with the usual SV-style no-work-is-important-but-tech part, let’s see if there is any value in this book otherwise.

He does have a significant amount of useful information on the actual travelling part, although some of it is clearly only important to note to Americans, such as the viability of train travel in Europe. He has good suggestions for the use of ferries (that I may actually try once in a lifetime too, because I am indeed lucky, and despite disliking travel, taking a week or so to traverse the ocean without a flight sounds cool to do.) Unfortunately that makes up only about half of the book.

He’s got a good list of suggestions about gear, too — although a lot of it is already part of privilege: most of the options are bloody expensive and not something that you can even consider without an injection of capital at the “transition” as he calls it. If you are lucky and privileged it might be worth a look, I have particularly been tempted by Smartwool, and particularly by their wool socks, as my diabetes makes it more likely I get blisters, if my feet get wet — but before those even got to me, I ended up buying a pair of tights in Paris, because it was very cold while I was there, and The North Face store in the city stocks Smartwool too; they are significantly expensive, but also much more comfortable that others I tried before.

His suggestions for services are also out of touch — among others he’s suggesting the American Express Platinum card, which admittedly it is a very useful card for a traveller lucky enough to afford one: not only it ignores the fact that not everybody can get a credit card but also that it’s not only the price that makes American Express an elitist card. It is effectively limitless (or rather, has a very flexible limit) which means their credit score requirements can be significantly higher.

In the book he points at his website to provide a list of gear — which sounded like a cool idea, I do something similar myself for my hardware, but the link is now dead. Which is a shame, because that might have been the only useful thing he could have done for the public. Too bad.

Finally, some of his suggestions are downright unethical, including abusing airfare rules to enter lounges he should not have access to (although I hope he took a shower while there, because one of the most anoying things while travelling is the well-off traveller smelling like goats for a four hours flight.) And mine and hsi point of view are clearly at odds on the general ethical side, too:

[speaking about airfare systems] I like systems like this — they reward the smart and determined at the cost of the lazy or ignorant.

I would rephrase it as “They reward the lucky elite at the cost of the otherwise busy masses.” But clearly my belief system and his are very different. It should not be a surprise by then that the book the guy got his money from, and that allowed him to start, sound like that a PUA title (or, in his words, “a book on dating for men”.

Travel should widen your horizons, it’s very hard not to, but my feeling is that this guy has been looking at the world as if he deserves all of it. Rather than being empathetic to the condition of others that might not have his privilege, he pours contempt for them: friends locked in their lives (whether by choice or lack of opportunities), people living in their own home countries, and even the readers of this book.

Final result: not a fan. I’ll actually synthesise this review in a form that is acceptable to Amazon and GoodReads and post it as a warning.

Gentoo Miniconf 2016

Gentoo Miniconf, Prague, October 2016//

As I noted when I resurrected the blog, part of the reason why I managed to come back to “active duty” within Gentoo Linux is because Robin and Amy helped me set up my laptop and my staging servers for singing commits with GnuPG remotely.

And that happened because this year I finally managed to go to the Gentoo MiniConf hosted as part of LinuxDays in Prague, Czech Republic.

The conference track was fairly minimal; Robin gave us an update on the Foundation and on what Infra is doing — I’m really looking forward to the ability to send out changes for review, instead of having to pull and push Git directly. After spending three years using code reviews with a massive repository I feel I like it and want to see significantly more of it.

Ulrich gave us a nice presentation on the new features coming with EAPI 7, which together with Michal’s post on EAPI 6 made it significantly easier to pick up Gentoo again.

And of course, I managed to get my GnuPG key signed by some of the developers over there, so that there is proof that who’s committing those changes is really.

But the most important part for me has been seeing my colleagues again, and meeting the new ones. Hopefully this won’t be the last time I get to the Miniconf, although fitting this together with the rest of my work travel is not straightforward.

I’m hoping to be at 33C3 — I have a hotel reservation and flight tickets, but no ticket for the conference yet. If any of you, devs or users, is there, feel free to ping me over Twitter or something. I’ll probably be at FOSDEM next year too, although that is not a certain thing, because I might have some scheduling conflicts with ENIGMA (unless I can get Delta to give me the ticket I have in mind.)

So once again thank you for CVU and LinuxDays for hosting us, and hopefully see you all in the future!

The Uber of Ubers

Looking at it from the outside, I’m still not sure how Uber became at the same time the religious icon of the new dot-io boom (to replace dot-com, of course), and the effigy to burn for all the things that are wrong with Silicon Valley’s lack of social awareness.

I think there are multiple problems with Uber, and all its spawnlings, the first obvious one is that at some point people started describing “The Uber of {thing}” for all kind of startups that try to provide services at slashed costs, usually by exploiting people with reduced means. And that meant that new “founders” decided to make “The Uber of {other thing}” by exploiting people with reduced means. Normalizing a bad behaviour just causes more of it.

Another problem I see is in the analysis of Uber and all its spawnlings, and it’s related to the point above. For most of the analysis I read, the authors keep making statements based on the idea that people use Uber almost exclusively because it’s cheap, and thus every of its spawnlings should just cut costs to all points.

I’m a Uber user, sometimes. I’m not happy about that, I dislike their cost-cutting policies, and I do think that the above-noted bad behaviour is cancerogenous to society in general and Silicon Valley in particular. And I would care, since I work for one of the companies out of said Valley. So why do I use Uber? Well, for the most part it’s about convenience in saving time and actions, rather than saving money. I’ll try to stay on the topic of hired transport, and share a few stories and experiences that helped forming my opinion over time.

The first time I needed to use hired cars was possibly ten years ago by now. Just like now, I didn’t have a driving license, and indeed to go and see customers I’d either manage to go somewhere close, or at least to the station, with my father, sister or friends, or I’d otherwise have to ask them to come to me to bring whatever is needed. This worked a few times, but there have been others it didn’t. In one case, I was asked to go to the HQ of one of my customers (about an hour and a half, almost two, from the place I lived), and I had noone to help me, so I contacted a car service to ask how much it would cost me to hire a car according to those timing — subject to me getting either the expense back from the customer, or at least a contract worth me putting up the money first, of course, which means ask a quote first, confirm after. The customer decided instead to send me the paperwork themselves, so I said no to the quote, and moved on.

Fast forward some time, maybe a few months, and the same customer contacts me to give them a one week course at their office, since they just recently started working on new, Linux-based devices, and they have not enough experience with them. This time the contract is worth well the money, and so I contact the car service for a new quote, and here’s my first impression with Italian professional car hire companies. Instead of the same price they quoted me a few months ago, which was of around €100/day (so €50 each way), they quoted me €190/day — I assumed at first this was for difference in demand; the day before I was supposed to give the course, they mailed me saying the price was now €250, and told me they wanted the whole money upfront, or they wouldn’t send a car… that one was not good, particularly because I wouldn’t have the money right there and then, the agreement with the customer was that they would pay me the travel expense on the day in cash, so I only had to upfront the first trip

When I pointed out that was the first time I heard of that to the car service, the owner went on a tirade of insulting because according to him I had been disrespectful cancelling the quote the time before, and that he was so sure I wouldn’t go through with it he didn’t even reserve me a car this time either. I panicked as I had no way to get to my customer’s and my mother had to find another car service to hire, that would take a one day notice, and that would take cash. She found one, for less money than the other service, and I managed to go and give the course. It turned out once at the course that one of the guys who was attending didn’t live far from me, so I actually cancelled the car service that night, which they did without charging any extra fee, and I instead expense the fuel for the then-colleague who picked me up and brought me back.

This shows that the ethics of different companies in Italy can be fairly different. I’ll skip ahead to two years back, when my mother turned 60 and I wanted to surprise her, by getting to her place on her birthday without telling her, or anybody that might slip and tell her (it was hard, but I managed to keep it hidden from everybody.) Part of that, it meant I didn’t have anyone who could pick me up at the airport, so I decided to get a cab. First problem, no cab in Venice appear to ever accept cards, only cash, and by the way Venice airport removed the ATM from land-side arrivals, you can either get it airside (which I didn’t) or you have to go back to the city to pick up cash. So he had to drive me to the closest ATM to my mother’s place (which is not very close) and then to her’s. It took me less than half an hour total, it’s less than 17km road from Venice Marco Polo Airport to my mother’s. It costed me €70.

Let’s compare and contrast with my life in Dublin. I don’t use Uber here; it’s available, but only with its UberTAXI service, that calls you a normal cab. That’s usually OK, cabs are aplenty over here, and many accept credit cards just fine. The service is good, never had any crazy experience like the one in Italy, although at least in one case recently I found what seemed like an incompetent driver at the airport, but it’s like once in three years, I don’t mind. But UberTAXI does not handle tipping, and tipping taxi drivers here is normal.

Instead there are multiple competing services in addition to Uber that handle calling cabs, the one I use (Hailo) was recently merged with a foreign competitor. It works in a very similar way to Uber, except it’s optimized for the taxi flow, including the tipping, showing up the license, being able to track down lost items and so on. It has similar problems with airport pick up that Uber had in various other parts of the world though. In particular, they can’t pick up at arrivals, but only at departure, and police and airport staff don’t like that. Indeed in the case I was referring to earlier, with the incompetent driver, I ended up waiting a good quarter of an hour at the airport, and one of the airport people reminded me that they have cabs just on the other side.

But I explained to him one of the reasons why I like using Hailo (when it works): it makes expensing things easier. Even when paying by card, handling the tipping and receipts are not always a solved problem. From one side, it’s easier for me not to have to do mental arithmetic, particularly when it’s late at night and coming back from who-knows-where around Europe, or when it’s early morning and I just arrived with a red eye. From the other, I have a clearly marked receipt in my email inbox that my manager will have no problem approving for expensing. A couple of cabs I took from the airport, before Hailo was available, managed to use PayPal, or Square, or other similar tools that do send me the receipt by email, but the vast majority, even when accepting cards, only gave me a blank piece of paper that I could write down myself.

I guess the point is that for many of the business travellers, paying with cash, or personal credit card, and getting a blank receipts make for an easy fiddling target. Myself, I use a corporate card, so I can only expense whatever the card was charged for, since I don’t need to fiddle. On the other hand, the lack of a properly-written receipt makes it difficult for my manager to approve them, because he can’t see that I followed policy on taxi tipping. Funnily enough one of the most consistent places I got receipts in (once I learnt fa piao to ask for it) was Shanghai: every taxi has the same (government issue?) machine that prints receipts, so I only had to keep those and scan them. Of course they were all cash expenses, which is not great for me.

There is one more thing for which I like Hailo, Uber and similar apps, even when I’m not expensing the trips. These apps are handy particularly when I’m in a foreign country I don’t know (or not know well) because it allows me to get a car wherever I am without knowing where to find the taxi rank, and to provide a destination based on the addresses I know already — this worked out well almost everywhere except in Shanghai; Baidu Maps do not respond to western names, so I couldn’t even find The Westin with it. One of the taxi companies around the Valley published their own mobile app, I tried it out and it was essentially a single page with a button that initiated a call to their normal taxi line; while I’ve been at this point to the Mothership enough to kind of know where I am most of the time, I don’t know I’d be able to describe where I am when calling for a cab.

All these conveniences might sound petty to you. They are clearly first world problems. But they are clearly worthwhile for a number of people, for sure to business travellers, but clearly not only. And they do not need to be tied to the exploitation of less favoured categories. Unfortunately, “founders” end up copying what looks like the meaty part of another business idea, and they seem to be copying that out of Uber, rather than the convenience.

So in all of this, why and where do I use Uber? Well, clearly mostly in the States, but also in many parts of Europe, mostly, in places where there is no other better app (that for instance calls taxis only, like Hailo), or where there is, but it’s not available in English (or another language I understand), or in the couple of cases in which they only allow you to set it up with a local phone number — by the way, Hailo used to be that way, too. Uber has the added convenience that is one app that works effectively everywhere — one account, my US phone number connected to it, and it works out. And it works in most of the States I visit, and I don’t have to figure out what the local app is, particularly for those cities I visit once only, for a conference, or something like that.

Am I proud of it? No. I don’t like Uber, and I would rather have an alternative that is more ethical and works under similar condition; a single taxi app that works across, if not the world, at least most of Europe, and a sister one that works throughout the US. If it means paying more for it, it’s okay: not only I can afford it (and so I think that ethically I should be paying it), but in most cases these hires are for work travel, which means someone else who can definitely afford it would foot the bill! Note, as I said above, I have no interest in cheating the company I work for; I’m just saying that they do not need for me to use Uber to save money compared to taxis.

Travel cards collection

As some of you might have noticed, for example by following me on Twitter, I have been traveling a significant amount over the past four years. Part of it has been for work, part for my involvement with VideoLAN and part again for personal reason (i.e. vacation.)

When I travel, I don’t rent a car. The main reason being I (still) don’t have a driving license, so particularly when I travel for leisure I tend to travel where there is at least some form of public transport, and even better if there is a good one. This matched perfectly with my hopes of visiting Japan (which I did last year), and usually tends to work relatively well with conference venues, so I have not had much trouble on it in the past few years.

One thing that is going a bit overboard for me, though, is the number of travel cards I have by now. With the exception of Japan, here every city or so have a different travel card — while London appears to have solved that, at least for tourists and casual passengers, by accepting contactless cards as if it was their local travel card (Oyster), it does not seem to be followed up by anyone else, that I can see.

Indeed I have at this point at home:

  • Clipper for San Francisco and Bay Area; prepaid, I actually have not used it in a while so I have some money “stuck” on it.
  • SmarTrip for Washington DC; also prepaid, but at least I managed to only keep very little on it.
  • Metro dayLink for Belfast; prepaid by tickets.
  • Ridacard for Edinburgh and the Lothian region; this one has my photo on it, and I paid for a weekly ticket when I used it.
  • imob.venezia, which is now discontinued, and I used when I lived in Venice, it’s just terrible.
  • Suica, for Japan, which is a stored-value card that can be used for payments as well as travel, so it comes the closest to London’s use of contactless.
  • Leap which is the local Dublin transports card, also prepaid.
  • Navigo for Paris, but I only used it once because you can only store Monday-to-Sunday tickets on it.

I might add a few more this year, as I’m hitting a few new places. On the other hand, while in London yesterday, I realized how nice and handy it is to just use my bank card for popping in and out of the Tube. And I’ve been wondering how did we get to this system of incompatible cards.

In the list above, most of the cities are one per State or Country, which might suggest cards work better within a country, but that’s definitely not the case. I have been told that recently Nottingham has moved to a consolidate travelcard which is not compatible with Oyster either, and both of them are in England.

Suica is the exception. The IC system used in Japan is a stored-value system which can be used for both travel and for general payments, in stores and cafes and so on. This is not “limited” to Tokyo (though limited might be the wrong word there), but rather works in most of the cities I’ve visited — one exception being busses in Hiroshima, while it worked fine for trams and trains. It is essentially an upside-down version of what happens in London, like if instead of using your payment card to travel, you used your travel card for in-store purchases.

The convenience of using a payment card, by the way, lies for me mostly on being able to use (one of) my bank accounts to pay for the money without having to “earmark” it the way I did for Clipper, which is now going to be used only the next time I actually use the public transport in SF — which I’m not sure when it is!

At the same time, I can think of two big obstacles to implementing contactless payment in place for travelcards: contracts and incentives. On the first note, I’m sure that there is some weight that TfL (Travel for London) can pull, that your average small town can’t. On the other note, it’s a matter for finance experts, which I can only guess on: there is value for the travel companies to receive money before you travel — Clipper has already had my money in their coffers since I topped it up, though I have not used it.

While topped-up credit of customers is essentially a liability for the companies, it also increases their liquidity. So there is little incentive for them, particularly the smaller ones. Indeed, moving to a payment system for which the companies get their money mostly from banks rather than through cash, is likely to be a problem for them. And we’re back on the first matter: contracts. I’m sure TfL can get better deals from banks and credit card companies than most.

There is also the matter of the tech behind all of this. TfL has definitely done a good job with keeping compatible systems — the Oyster I got in 2009, the first time I boarded a plane, still works. During the same seven years, Venice changed their system twice: once keeping the same name/brand but with different protocols on the card (making it compatible with more NFC systems), and once by replacing the previous brand — I assume they have kept some compatibility on the cards but since I no longer live there I have not investigated.

I’m definitely not one of those people who insist that opensource is the solution to everything, and that just by being opened, things become better for society. On the other hand, I do wonder if it would make sense for the opensource community to engage with public services like this to provide a solution that can be more easily mirrored by smaller towns, who would not otherwise be able to afford the system themselves.

On the other hand, this would require, most likely, compromises. The contracts with service providers would likely include a number of NDA-like provisions, and at the same time, the hardware would not be available off-the-shelf.

This post is not providing any useful information I’m afraid, it’s just a bit of a bigger opinion I have about opensource nowadays, and particularly about how so many people limit their idea of “public interest” to “privacy” and cryptography.

Hardware review: comparison of Bose QC15 and QC20

As I wrote in On the conference circuit I have been traveling a whole lot in the past couple of years, even though I used to be terrified of the idea. Because of that, I also tried looking for every escape hatch from all the bothersome parts of traveling that I could get to, within my budget — which does mean I don’t usually travel business class, though sometimes I do.

One of the earliest things I wanted to address was the headache caused by a long-haul flight. Part of the reason for the headache is directly the hum of the engines, but even more so than that, the problem was due to me cranking the volume up on audiobooks or podcasts I listened to, just to make sure I could hear them through said hum. The obvious answer was to be found in noise-cancelling headphones, so on my birthday, on a trip to Las Vegas, I bought myself a pair of Bose QC15 (no longer manufactured.)

This was a definite lifesaviour for me, particularly as the number of flights I took afterwards kept increasing steadily, and I found in these headphones the only way to sleep on planes. I really wish I had these when I was still living in Italy, particularly as all repeating noises, including lawnmowers and safety warning alarms can be cancelled very nicely — and these were the primary complaints I had when living back there, particularly during the summer.

Unfortunately, as everything in life, these were not perfect, and in particular they relied on making a good seal around your ears, which is perfectly feasible… unless you wear glasses. Indeed depending on the model of glasses I wore, the seal would be from imperfect to completely missing. This became more of an issue when I started flying Dublin to San Francisco non-stop, as that’s a quite long flight enough.

A second problem became more apparent as I managed to get a few more business class trips (either through bids for upgrades, upgrades with miles, or just random stroke of luck on the fare when booking.) When I sleep I tend to turn my head to the side, even more so in a plane because of lights usually being visible in the aisle. When that happens, if the earphone ends up touching the seat, the noise-cancelling gets completely thrown off by the vibration, and stops working altogether.

So last year I decided it was a good time to get a new pair, this time as in-ear earphones, Bose QC20, and I found the improvement worthwhile (of course, it’s still a matter of budget.)

While the actual noise-cancelling is stronger on the QC15 with a good seal (as in, when I’m not wearing glasses), the QC20 provide a better result in a plane when wearing glasses. This makes them much more suitable for the usage pattern I have, but I guess for those who don’t need to wear glasses, and who don’t travel as much, the QC25 might still be a better option.

Compared to the ‘15, the ‘20 have the drawback of requiring charging the battery, which luckily has a micro-B USB connector, so does not require any special cable. My previous pair is powered by a simple AAA battery, so I just kept one or two spares in the headphones’ case. This was also convenient because that is the same type of batteries that my glucometer uses. On the other hand, the ‘20s work fine even without being powered, though without the noise cancelling, of course.

Because of the nature of the earphones, they are also much more practical to carry: the case is many times smaller and easily fit in my pocket, while the previous one would stay in my backpack until I got to the plane. They also are more discreet (even with the bright aqua-colored stripe mine have), which means I have less refrain on using them on the street here in Dublin (I have heard stories about fancy headphones on the street here, but that’s probably paranoia.)

If you wonder why I use these on the street, while they don’t do much good to get rid of the cars themselves, they do take care of two major problems when trying to listen to Audiobooks while walking around the city: the wind (in the winter it can be quite nasty and noisy), and the wheels on the asphalt. Probably due to differences in amounts of rain, I can listen to audiobooks on normal earphones in California, but not so much over here. And I’d rather not crank up the volume on the earphones on the road, as it would cover important safety noises, such as the car trying to run you over.

An interesting factoid of using noise-cancelling headphones during flights can be added to the list of non-directly-logical actions while traveling. If you read the Wikipedia page I linked earlier on, you can read

In the aviation environment, noise-cancelling headphones increase the signal-to-noise ratio significantly more than passive noise attenuating headphones or no headphones, making hearing important information such as safety announcements easier.

In reality, due to the practical difficulty for the cabin crew to tell what kind of headphones you’re wearing (although you’d expect the QC15 to be a very common sight nowadays), in many flights I’ve been asked to take the headphones away during the security demonstration. In case of Aer Lingus (which is, by virtue of being based in Dublin, my airline of choice at least for “local” European flights), they allow you to keep “earbuds type headphones” on, which is another good reason for me to use the ‘20. Other airlines frown upon those as well.

The unfortunate bit is that Bose now requires you to choose your allegiance upfront. QC15 came with a generic cable without controls, and a cable with controls for Apple devices, while allowing you to buy the microphone and controls version for “Samsung” (really, Android), allowing you to pick the right control based on the device. QC20 and QC25 only have one cable each and you need to choose which ones to get the moment you buy them. I have the Android version, even though I also own an iPod Touch.

Hardware review: Asus WL-300NUL

Some people probably still remember that I used to have an absolute fear of flying and planes altogether. To the point that I have avoided going to the on-site interview of the company I’m now (years later) working for, because it would have taken place in California and I got scared. While I still do not like to travel, I’ve been traveling quite a bit in the past few years, not only back and forth between Venice and Los Angeles, but also within Europe and within other cities in the USA both last year and this.

In particular, TripIt is telling me I’m going to be away from home at least 41 days this year (and this is without including trips that are not scheduled yet, such as a visit back in Italy, and another trip to the United States in November). And most of them are not for personal reason (although some are, luckily). With all of this going on, I’ve started looking at any reasonably cheap option for me to reduce the pains of traveling.

One of these options came to me through a few colleagues, who presented me the Asus WL-330NUL — a tiny wireless router, the almost exact size of the Ethernet adapter that was bundled with my laptop, that provides you with your own, personal WiFi network, routed to another, less-private network, either wireless or wired. An absolute must if you spend a considerable amount of time in hotels.

First of all, the device itself is tiny, as I said it’s almost the exact size of my Ethernet adapter and it can replace it 100%. Indeed, the device has four interfaces (although not the proper term): USB (gadget), Ethernet and two wireless radios; the USB connection is used both for host connectivity and for power: if you connect the router to your computer via USB, it’ll present itself as a cdc_ether device, which Linux supports full well as if it was a standard Ethernet port — if possible, it’s better supported than some of the USB Ethernet adapters out there in the wild.

Once your computer sees the connection via Ethernet, the device itself can be configured to either use a wired or wireless upstream connection — if you choose to use a wired network, which is what I do, as I’ll explain in a moment, then this by itself is going to be already a replacement of the ethernet adapter; indeed at first the device will configure itself to be a simple bridge between USB and Ethernet, although that’s not what I use it for.

Once you configured the wired or wireless upstream connection, you can focus on setting up your own private WiFi network: the second radio can broadcast your own SSID and handle your own 802.11n network, protected with WPA for instance. Since you have a stable SSID/key combination, once you turn the device on, all your gadgets will connect to that network, without requiring manual, device-by-device, configuration.

Even better, since you’re now behind a router, for what the hotel or other provider is concerned, you have a single device: you consume a single IP and a single connection. For networks where you have to login separately for each device every 24 hours (or even every reconnection), this also means you only have to do it from one device, where it’s handy, and everything else will follow.

As I said above, my suggested approach is to always use the wired network if the hotel makes it available (most of the non-economy hotels do). The reason why I’m saying this is that it’s easy to misread the security implications of a device like this. While it is true that it can create your own private WiFi to then route to the hotel wireless, when you do so you add nothing to security, even if your WiFi is WPA2. The reason is simple: the public wireless network from the hotel is still completely unencrypted, so anybody eavesdropping can see what you’re doing, unless you’re using encrypted websites and even then part of your traffic can be inspected, such as which websites you’re consulting. If, on the other hand, you use the wired network, while not totally secure (the hotel and the provider can still see the non-encrypted connections), you’re still stopping a good bunch of people from gathering your data.

Finally, there is one more feature that is important if you travel a lot among hotels of respectable size: all of them use multiple access points for their WiFi networks, even though they broadcast the same SSID (and sometimes they don’t); these access point do not allow you to roam data across them, so if you have two devices, say a Nexus 7 and a Chromecast that you bring with you, they may not be able to talk to each other without a device like this, as they may end up on different APs, and unable to “see” each other on the network, or at least not consistently enough to stream from one to the other. Since with this device you can just connect all the gadgets at the same network and access point, your problem is then solved.

I’ve been using the device for ten days now on two hotels and two airports, and it’s definitely handy. I can’t complain about the range either: I’m now in Pittsburgh’s Bakery Square at the SpringHill Suites and my phone connected fine to it across the square in the Coffee Tree Roaster shop. Oh yeah and my room faces away from the square too.

Also, the power supply (by Asus!) that I bought last year (the original US one that I got with it just died on my, so I bought a different one) comes with a USB charging port by itself, which means I can just WiFi from my laptop even with a single power socket, freeing up the USB port (I only have two and one I use for my smartcard reader). I guess I could probably run this off my Anker battery but I have not tried that yet, as I somehow doubt that the airlines would be okay with me broadcasting my own WiFi on their planes. In any case, this is now part of my essential tools.