About trust and the Norwegian contact tracking app

The Norwegian government is doing their best to combat the pandemic. Well, mostly. The digital contact tracing initiative from the institute of public health is a clear exception. Dear government, a question arises: how do you expect to gain trust when at each important turn your decisions, actions and elusiveness only creates distance, suspicion and speculation ?

You keep the source code closed. And defend this decision with arguments to the likes of security by obscurity, commerical interest, “we are not used to open sourcing” and an unsubstantiated fear of tech leakage to other not so nice governments. Weak at best !

Be open, honest, collaborative and willing to share, gain trust.

You pollute what should be the maximally important purpose: contact tracing. By use of centralized (and foreign) storage of detailed GPS tracking data for research purposes. (Then also failing to describe how exactly the anonymization process will work.)

Keep it to the point, do privacy by design, gain trust.

You release the app with permanent user identifier broadcasting. Leading to real world security issues in production.

Respect privacy, listen to expert advice, gain trust.

The CEO of Simula Aslak Tveito calls for shame in a public letter. On those who elect not to install a voluntary and heavily criticised application., April 21 2020

Be humble, understanding and generous, gain trust.

I can only hope there will be a new simpler version of the app made solely for the purpose of contact tracing. Open source and with privacy by design.


Slow HP Elitebook 840 laptop ?

I currently use an employer issued HP Elitebook 840 G4-laptop for development work. It has annoyed me. It has bothered me. It has always been totally under-performing, despite its Intel Core i7 CPU, and even with power connected and all Windows power management settings verified to be sane. I didn’t figure out why until recently ..

As it turns out, the laptop has unfortunate default BIOS-settings coupled with a power supply that is probably too weak. At a glance, all the important settings look ok: CPU turbo boost enabled, multi-core, hyper threading and virtualization enabled, runtime power management enabled. But there is another option that turns out to be extremely important for performance. It’s buried under “Built-in device options”, and it’s called “Boost Converter”. Off by default. There is no explanation in the BIOS itself about what this option does. (Hello, hardware vendors: how difficult can it be to provide a one sentence explanation for ALL the settings ?)

Eventually I found a PDF document online that explains various HP BIOS options. And it describes “Boost Converter” as:

Draws power from the battery to give the CPU a momentary performance gain.

Check ! Enabled. And the laptop suddenly becomes much more powerful when connected to A/C power. Because now, CPU turbo boost actually works. Instead of maxing out at 2,8GHz core speed, it now happily jumps up to 3,8GHz when needed. (There is also a BIOS option to enable turbo boost when only running on battery power, but I left that off.)

I now enjoy more fan noise, in addition to faster software builds, faster Docker containers and a faster IntelliJ. And in case you wondered, the battery still charges, even though it us used for extra power in addition to A/C when needed.


Why you should use Mozilla Firefox

Recently, Microsoft announced that it will base future versions of its Edge browser on the Chromium web engine (Blink, which also powers Google Chrome). The linked blog post states:

Making the web better through more open source collaboration

I will not argue against open source collaboration being a good thing, but the web will not be a better place with less browser diversity on the market. Instead, it will likely give Google Chrome an even more dominating position, because Edge will just become another boring Chrome clone. The situation gives much power to just one browser engine, which in turn will cause web development to focus more on this single implementation and less on compatibility and standards-compliance. I think standards are hugely important to keeping the web open and accessible for all, and I strongly dislike browser engine monopolies. Web publishing needs diversity in applications which consume, process and present the data, as a force that pulls it towards agreed upon and open standards.

Sometimes I encounter web applications and sites which are developed solely to work with Chrome, because “everybody uses Chrome” (or it’s just pure developer ignorance). That’s very unfortunate and takes us right back to the Internet Explorer web domination period, years ago. Now it’s called Chrome instead. Future Edge users will be using the Chrome engine under the hood, not even realising they will be giving more power to Google.

I’ve used the Mozilla Firefox browser for many years on the desktop, and in recent years also on mobile devices. It’s a personal preference based mostly on the fact that I really appreciate its features, and I dislike Chrome and its close ties to Google. I’ve also realized the importance in supporting diversity through my choices, and supporting independent market players as forces against monopoly.

If you’re a Chrome or Edge user, I encourage you to try Mozilla Firefox, or any other Firefox-based browser. It has a healthy focus on user privacy, and it is not developed by Google or Microsoft. It works great on mobile platforms as well. By using it, you are contributing to keeping the web open and accessible.

Final note, I am not in any way sponsored by the Mozilla Foundation, the opinions expressed here are solely my own.