Proxmox production container for linkblog

Starting to containerize some stuff that I originally migrated to a VM. My linkblog, for a start. I need a generic Linux environment that’s fairly beefy; libc, not musl. Ideally I’d bake all this into a reusable container but I’m rolling it by hand for now. Here’s my notes.

Container creation

• Create a unprivileged container with hostname “blogs”
• Add root password, my SSH key
• Use the Ubuntu 22.04 (or latest) template. Ubuntu so I can get deadsnakes for Python versions. I’d like latest Ubuntu but can’t because Playwright (the screenshot library I need for the app) only supports LTS releases.
• 16GB of disk, 4 CPU cores, 16GB of RAM, 1GB of swap. Or more, these are all soft limits so it may be better to set these higher
• Default networking but enable DHCP instead of static.
• Consider adding access to vmbr1 for the NFS server.
• Edit the container options to make it start on boot

Linux configuration

• Start the container, launch a console, log in as root with password
• apt update; apt upgrade
• apt install joe sudo curl avahi-daemon git zip unzip rsync webp sqlite3
• locale-gen en_US.UTF-8
• Install tailscale
  curl -fsSL https://tailscale.com/install.sh | sh
• Shut down container
• On the Proxmox hypervisor server, modify /etc/pve/lxc/???.conf to give access to tailscale in the container
• Start the container
• Log in on console again
• tailscale up, approve the URL to join the machine. Consider disabling tailscale key expiry in the web console.
• Use ordinary ssh client to log in as root@ ts.net tailnet name.

(not sure avahi-daemon is working here, I can’t use the .local DNS name I am expecting. I tend to use Tailscale to connect to things anyway.)

Linkblog configuration

Specific to my application, but some generic notes here also about creating a prod environment for anything.

User setup

• As root, make a user for the project.
  adduser linkblog; adduser linkblog sudo;
• Log in as linkblog@ with password
• ssh linkblog@localhost, to create the ~/.ssh directory.
• create ~linkblog/.ssh/authorized_keys

Linux configuration

• sudo apt install python-is-python3 python3.10-pip

App configuration

• mkdir ~/prod
• cd ~/prod
• rsync -a nelson@sf.somebits.com:~nelson/somebits/linkblog/prod/ .
• rm -r venv
• python3 -m venv venv; source venv/bin/activate; python3 -m pip install -U setuptools pip wheel
• pip install -r requirements.txt
• sudo venv/bin/playwright install-deps
• shot-scraper install

Testing and running for real

• ./update.sh -f
• cd site-generated; /usr/bin/python3 -m http.server 9191
• Test HTML load in web browser
• Push site manually and accept ssh host key.
  ./update.sh -f -p
• Install crontab entry to run update.sh for user linkblog

Feed2toot for @somebitslinks@tech.lgbt

Separate cron job to update a Mastodon account from the RSS feed. Does not depend on any of the linkblog code, just the RSS feed.

• As user linkblog…
• mkdir ~/mastodon; cd ~/mastodon
• python3 -m venv venv; source venv/bin/activate; python3 -m pip install -U setuptools pip wheel
• pip install feed2toot
• copy over the install from the old system. This gets credentials, config, and state.
  rsync -av --exclude=venv nelson@example.com:~/src/mastodon/linkblog-toot/ .
• run a quick test, should show posting nothing if there are no new stories
  feed2toot -n --debug -c feed2toot.ini
• Install crontab entry to run go.sh for user linkblog

TODO

• Package linkblog as a proper Python package so deployment is better
• Write linkblog code to manage crontab (or at least emit the line)
• Write linkblog code to run test server

Windows and voice recognition

Looking for typing accommodations while my wrist is giving me trouble. I love how Google Voice recognition works on Android, you’d think that it would be even easier and better on a desktop PC. But the UI doesn’t quite seem to be there.

Update. I originally wrote this post using Windows 10. Turns out Windows 11 has an entire new thing called Voice Access and it’s quite good, just about what I need. I’ve edited the post to reflect all this, but it’s probably a little confusing.

I’m fortunate that I can use both hands still and mousing gives me no trouble, just trying to take some load off my left hand.

Windows 10

Windows 10 seems to have two different systems for voice recognition. There’s an older speech control system that is mostly focused on UI control like opening the start menu or closing windows. It has some speech to text dictation but the language model is terrible and not useful.

There’s also the newer windows dictation accessible via Win-H. It’s dictation only, not really system control, but reasonably good. However the UI’s awkward. Also the language model is not as good as what I get on my pixel eight. But it is usable.

The biggest problem is activating dictation mode. I have to click in the window I want to type in, then click this weird microphone icon that’s hovering in a fixed width window on the desktop. And even then it does not work reliably. I would dearly love to assign the “take dictation” function to something like a hot key or mouse button four. Haven’t found a way to script that. Quick searches make it look like it’s not possible.

I had thought Microsoft put more work into usability. The full speech control system does work, but it’s pretty awkward and is something you would only use if you had no alternative. And the fact it’s basic dictation speech model is no good makes it useless to me. Maybe it’s better in Windows 11? I think the full control Voice Access system is much better.

Windows 11

Microsoft did put more work into usability! Windows 11 is significantly better. The old speech control system that I didn’t like is basically gone. Windows Dictation has been extended to Windows Voice Access and gives you fairly reasonable control over the whole UI.

For my purposes, the most important thing is that the speech to text in the new Windows voice access is much better. The UI is also better. You can basically leave it running all the time, no need to press a button to activate the microphone every time you need it. It doesn’t do anything until you start talking. Then it will just insert what you say as if you typed it. That means I can leave the thing running all the time. And when I have something more extensive to say, I can talk instead of type. (Although it seems like it picks up audio from the speaker so that’s a little annoying if you are playing a video with someone talking.) The speech model is pretty good, other than the automatic punctuation system which I’ve had to turn off. Totally usable though, it’s closer to Google Board speech detection than not.

There’s a good little voice control demo that I ran through and I’m impressed that I could actually use this to control a PC with my voice if I’m patient enough. It works by you speaking voice commands. It has some generic controls for clicking named buttons or narrowing in on a region of the screen to click on. It also has some specific app integration. For instance, “close tab” seems to be something it understands explicitly to close tabs in a web browser. It doesn’t work in Chrome but it works great in Edge. Maybe Edge has extra code to interface with voice access? One drawback is there is some ambiguity. If I start a sentence with the word start or close it may interpret it as a command and not me trying to type those words. There is a dictation only mode but I haven’t figured out how to turn it on (saying “switch to dictation mode” should do it but does not for me.)

Voice In extension

Now I’m wondering why Chrome on desktop doesn’t have voice typing. It seems like it would be easy to build it into the browser. I’m finding some third party hacks like Voice In.

I gave Voice In a try and it seems to mostly work and be a lot simpler trigger than the windows built-in thing. You can bind it to any windows hotkey but in Chrome that means control or alt + a letter. I really want just a mouse button. I probably can use Autohotkey to make that happen. Being a Chrome extension makes it pretty limited but then also probably easier to integrate.

I gave it more of a try and it’s mixed results. The language model these things recognize to is so important. I was writing an email to a friend about gay stuff and it kept missing very basic words that would be common in a gay context but not in some other. Also it has a habit of capitalizing random words like extreme or City. Mostly it just made me wish I could use Google Voice typing model because I am very good at getting what I want to out of it.

Having the extension be Chrome only is a little irritating particularly when I switch to slack. I guess I could run slack in the browser. The free version works reasonably well but really you’re going to pay $60 a year if you use it all the time. It’s not a big problem not having a keystroke to activate, mostly you just leave it active all the time.

Google could absolutely build a good Windows desktop or Chrome product for voice typing. I suspect the market just isn’t big enough for them

Kinesis classic on a modern computer

My RSI is flaring up so I thought I’d fire up my ancient Kinesis Classic keyboard, the one that saved my career 20+ years ago when I first had problems.

The keyboard has an ancient AT keyboard cable. I found it with a PS/2 adapter already attached, those two ports are electrically identical so the adapter is easy. I don’t have a PS/2 to USB adapter around the house but fortunately my 2019 PC still has PS/2 ports on the back. Purple for keyboard! After plugging it in the keyboard lit up but I had to reboot to make it actually work. IIRC that’s a problem with the old Kinesis firmware. It works fine with a second keyboard on USB.

It mostly seems to still work fine. Sometimes keys seem to be repeating when I don’t mean it, like I’ll press x once and xxx is inserted. It’s not frequent though, a missed interrupt maybe? I mostly still remember how to type with it too, I suspect it’ll take a day to adjust (took a week or more the first time).

I can’t find any documentation of the custom remapping I set up long ago. It sounds complicated but the main effect is to move keys more to where they are on a normal keyboard. Here’s what I found I had:

• Bottom row right hand: all 4 arrow keys in hjkl vi configuration.
• []{} remapped to bottom row left hand (where left and right arrow were)
• `~ is moved to upper left (where += is on the Kinesis)
• += is moved to caps lock
• Caps Lock is unmapped.
• Escape is moved to the key marked “delete” on the thumb
• Delete is on lower left (where ~` is on the Kinesis).
• The Backspace key sends VK_BACK in windows, a Backspace.
• The Insert key is default, VK_INSERT.

I also went and found my ancient notes on the keyboard firmware for programming.

Progrm-Ctrl-F10   Reset keyboard memory 

Progrm-Backslash  Toggle keyclick mode 
Progrm-Hyphen     Toggle tones for caps lock, etc. 
Progrm-F9-xx      Change repeat rate to xx 
                    F1 .5 cps  F2  3 cps F3  5 cps  F4   7 cps  F5   10 cps  F6   15 cps
                    F7 20 cps  F8 30 cps F9 40 cps  F10 60 cps  F11 125 cps  F12 300 cps 

Progrm-Ctrl-F5    Toggle Dvorak/Qwerty mode 

Progrm-Shift-F6   Toggle shift as sticky modifier 
Progrm-Ctrl-F6    Toggle control as sticky modifier 
Progrm-Alt-F6     Toggle alt as sticky modifier 

Progrm-F12        Enter/exit remapping mode 

Progrm-F11        Enter/exit macro definition mode 
Progrm-F7         Make macro pause for data / End entering macro data 
Progrm-F8         Put a half-second delay into a macro 
Progrm-F10        Disable/Enable all macros

Shift-Shift-F12   Report firmware version (press both shift keys)

Python packaging, pytest, click, VS.Code

I’m working on my blog engine. I want to package it nicely as a Python package. I also want to be able to run my code from a command line using the click library, and write and run tests using pytest, and be able to do all this with the debugger in VS.Code. I’ve never made my peace with Python packaging, for many many years now I’ve avoided it. Because it’s a mess.

Anyway I just tried again here in April 2024 and more or less succeeded in just an hour or so. This is where I would write clear docs with a github repo with the code but.. nah. I’m not confident it’s right and I don’t understand it well enough to present coherently. But I’ll write up what I learned.

I mostly followed the Packaging Python Projects tutorial which explains the creation of this sample project. Following that gets you a basic Python project which you can install with pip install -e. The key thing here is everything’s driven by the pyproject.toml file. If you are reading any docs that talk about setup.py they are old and outdated; the TOML is the new way.

Some subtleties in the pyproject.toml:

• My project has dependencies that I specified in the TOML. It depends on pytest and click.
• I had to pick a build backend; I’m using setuptools as the old non-fancy default.
• My project has console scripts. You can specify these in entry points or in a scripts section.

Getting click working was not hard. There’s docs for click + setuptools. Note these are in terms of the old setup.py style but translating to pyproject.toml isn’t too hard.

Here’s my source tree for a toy package called “whir”

• pyproject.toml in the root directory
• Python code in sys/whir/.
• src/whir/__init__.py that imports all the public functions, particularly the click commands.
• src/whir/lib.py is simple library code that other stuff imports.
• src/whir/main.py contains a main_cli() function that’s a click command. __init__.py imports it so it can be used as a script in pyproject.toml. It also imports the lib code via import whir.lib, not a relative import.
• tests/test_lib is a pytest function that tests the lib code. It imports it with from whir import lib.

Getting pytest working was not hard either. The default setup worked just fine from a shell. Getting it to work inside VS.Code’s extension for it required adding something to pyproject.toml to get pytest to use importlib, as described here. But now I can just press a button the IDE GUI and all my tests run with a nice display. Yay!

Getting the VS.Code debugger to work with click was tricky. AFAICT there’s no easy way to get VS.Code to invoke a click command. But there’s a hack where you call the click command with string command line arguments inside a if __name__ == '__main__'; then VS.Code can be used to just debug the file and it will work.

Ranting reflection

It all worked pretty straightforwardly! But I have no idea at all how it works. If something goes wrong I won’t understand what is happening or how to fi x it. And the tools are creating little files and shims that get between me and my code. It’s always like this with packaging and build systems and I hate it.

Fix for Android Pixel Delayed Notifications

I’ve had an annoying problem on my phone for two months: notifications would be delayed by many minutes, mostly only showing up when I manually woke the phone. I think I found a fix.

Turn off Adaptive Connectivity. Details in this Reddit post the text of which I will duplicate below.

Update Apr 10: after a few days of trying this I’d say turned it off has helped but not fixed the problem entirely. Updates still don’t always come immediately but they are delayed by just a few minutes now, not 30+. I don’t have solid data on that, just observing.

Update Apr 24: notifications still seem better before but it’s not perfect. Also I’ve since learned about Android Doze, a feature that dates back to Android 6 where the phone goes into a low power Doze mode. It’d cause exactly the delay problem I’ve seen. Some more discussion here. I wonder if something changed recently with the implementation that made the delay much more noticeable?

But first, a rant. This is a supremely irritating kind of problem that shows how frustrating the modern tech support experience is. There was no realistic way to get helpful info from Google about what this bug might be or how to fix it. I don’t know if there’s even any real personalized support path at all, if there is one I assume it’s the usual “turn it off and on again” useless response. Web searches didn’t get me anywhere, in part because Google’s index is awash in spam. The Android docs are not good, Adaptive Connectivity doesn’t seem to be described adequately anywhere. I did finally find my way to Google Issue Tracker which has what looks like a relevant bug entry. But that’s write-only, barely any acknowledgment.

I’m a software engineer! I understand the tech, I’m careful, I’m willing to spend the time providing expert help to reproduce and debug this issue. But I have no way to get through to someone. I guess that’s inevitable given the economics of supporting millions of users. Still irritating for my $1000 flagship phone.

Not for the first time have I wished that shibboleet was a real thing. I did get some really helpful Google engineer feedback on Mastodon after a passkey problem I reported but that was just dumb luck and a particularly friendly Googler, the right person happened to see my complaints.

The Reddit post

Are you getting delayed notifications on your phone? Try turning off the setting “Adaptive Connectivity” (under Network & internet in Android 14). I think that fixed it for me. Also check that “Adaptive Battery” and “Battery Saver” are off.

Two months ago I posted about getting delayed notifications; they’d only show up when I woke up the phone. A popular post, it keeps getting comments from people saying “me too”. Thanks to a hint in this comment I learned about the “Adaptive Connectivity” setting. I’d never heard of it before. But it was turned on; I turned it off and now 24 hours later my phone has been reliably getting notifications the moment they happen.

As a bonus, I think this may have also fixed my problem with the weather app showing me in the wrong location. Sometimes I’d get weather for Los Angeles where my IP address is rather than Grass Valley, CA where my phone is. I’m less certain of it but it’s plausible.

It’s not clear to me what Adaptive Connectivity is supposed to do, I can’t find clear docs about it. I think it may be a Google Pixel only thing? A lot of web pages talk about it only in terms of cellular, 4G vs 5G. I’m on WiFi almost always and still had notification problems. I don’t know what Adaptive Connectivity’s intent is but my experience is in Android 14 it means “break notifications”. My guess is it’s some power saving setting that is having the effect of taking the phone offline.

Note there’s other phone settings that might cause delayed notifications. Adaptive Battery is the big one (I’ve always had it off). Battery Saver mode may disrupt notifications.

Also individual apps all have battery settings. That used to be Unrestricted / Optimized / Restricted and my understanding is Optimized was supposed to let notifications through immediately. The UI for all that just changed in Android 14 QPR2 but I think it functions the same. Most of my apps are set to Optimized and are getting notifications on time.

Bottom line: turn off Adaptive Connectivity and Adaptive Battery if you are having trouble with delayed notifications.

GPSLogger v129 preferences on Android 14

I use Mendhak’s GPSLogger to track my position. It’s a great tool but a little low level, and in particular its files access is a bit confusing because the docs are written in terms of a basic Unix model but Android has virtualized and secured file storage so many times it is hard to find things. (I hate this about Android; it still lets you use files, but it’s very confusing and no longer a visible part of the consumer product.)

My issue now is I want to back up my settings, reinstall the app, then restore the settings. GPSLogger allows for that! It’s a feature called profiles. Basically you get it to write all your settings to a .properties file, then you can restore them later. The question is, where is that file written?

I found the file by mounting my Pixel 8 as a USB drive, then on Windows going to This PC\Pixel 8\Internal shared storage\Android\data\com.mendhak.gpslogger\files. (Actually I found it using Windows file search, which took several minutes). There’s a Default Profile.properties there. Also a temp.properties I explicitly created. You may have to tell GPSLogger to save the profile first.

I can’t find the properties files using the Files app on the Android device itself. Nor Solid Explorer. Presumably these are being hidden or sandboxed by the OS?

The properties file itself is a simple text file with lines like startonbootup=true in it.

This whole path was deleted when I uninstalled the app. (No surprise! Android wipes apps’ saved files in most cases.)

Once I reinstalled the app and saved a profile once the folder was back. Just dropping Default Profile.properties back in the folder didn’t seem to work; the app may not reread that file? I created a new nelson.properties (editing the file first, the profile name is in the properties file). That let me switch to a new Nelson profile with my preferences loaded. There are a variety of other ways documented in the FAQ to load a profile’s file.

Everything seems to work on reboot. GPSLogger starts with the new Nelson profile.

I have GPSLogger storing my GPS tracks to /storage/emulated/0/Documents/GPSLogger. I can see that in Solid Explorer by looking at Internal Storage > Documents > GPSLogger. Syncthing also sees that folder and is syncing it for me. When I reinstalled the app it could no longer write to files there (an error in Log View). I had to re-enable “write all files” permission (GPSLogger prompts you to do this if you change the folder it writes to).

I verified everything’s working after the reinstall, all the way to my syncthing server the data that archives my data.

OpenStreetMap: temporary road closures

I made another complex OSM edit, marking a road closed for construction. Details of the closure are on page 2 here. Nevada Street Bridge (OSM) is closed to cars until Nov 1 2024 or so.

As with all things OSM, how to actually do something this complex is not clear and there are many ways in the free-form schema.

First as a practical matter, serious mapping apps aren’t just relying on OSM for road information. They are pulling road closures from other sources. Google Maps has the closure and is routing around it. The fanciest OSM routing app I know, OsmAnd, does not (yet) know about the closure.

I chose to do the edit the aggressive way. I changed the way from highway=tertiary to highway=construction and construction=tertiary. Ordinarily this is the kind of thing you’d do for a new road being built. But I think it will have the effect I want, I just have to remember to go back and edit it again in November when the road is open. As a bonus I was able to tag it foot=yes which captures that you can still walk through the area, just not drive.

The other option was to just add a Conditional Restriction to the way, as seen here or here. A tag like motor_vehicle:conditional=no @ (2018 May 22-2018 Oct 7). I didn’t do this. One reason is this tag seems mostly useful for tagging permanent things with relative timestamps, like “road closed to cars 8am to 10am evey weekday”. I was also worried that most OSM users don’t process such a complex tag and will default to showing the road open. And finally that date range syntax I pulled as an example is really hinky. The ISO 8601 syntax would be 2018-05-22/2018-10-07 but near as I can tell OSM does not have an ironclad standard to use ISO 8601 for dates everywhere. I haven’t seen ISO 8601 slash syntax for time intervals in any of the docs.

End of the day I just want it to look right on the map. This is good enough.

Update: a day later OsmAnd routes around the closure, I think because it picked up my edit. Both Valhalla and OSRM on the OSM website still show a route through the closed road. I have no idea if they have updated data or not, but I’m guessing not. Update 2: it took most of a week but now the routing on the OSM website bypasses the closed bridge.

City reference map

From page 2 of the newsletter. The blue area is closed.

Passkeys try two

Yesterday I tried using passkeys with Google and had a bad experience. I’ve since found a couple of sources of the problems and worked around them. I will reiterate it’s still all a bad experience, in no way is this product ready for ordinary users to rely on.

Some of my passkey problems may be specific to logging in to Google services. There seems to be something wrong specifically with their server-side authentication implementation, maybe related to the “new login page” they recently launched. I’m having a better experience with other sites. With both GitHub and Adobe I’m able to create a passkey, save it, and use it to log in. Sometimes. Chrome seems to be sending passkey requests to the wrong device.

Some of my problems might also be related to 1Password. It’s in the middle, between the authenticating site and my browser. But I really want passkey requests to go through to Google’s passkey agent on my phone (at least until 1Password works on Android). See below for notes on 1Password; I’ve disabled its passkey support in my desktop browser for now.

The main problem I’ve encountered is which agent I store the passkey on. I have at least four possibilities: 1Password, Windows Hello (on my desktop), my Pixel 8 Android phone, and my Samsung Android tablet. Those latter two are the same data store, with passkeys synced, but separate physical devices. I want to use the Pixel 8 because it’s the most likely to be accessible to me, at least until 1Password works reliably on Android. But it’s seldom the device I’m logging in on, so I’m relying on Chrome / Windows delegation to a nearby device.

Saving a passkey

This is what saving an Adobe passkey looks like. Before I turned off 1Password, Chrome on Windows wanted me to save the passkey in 1Password, that’s the screenshot above left. If I click the little Yubikey looking thing at the top then I get brought to a Windows dialog in the middle: this is asking me to save it to Windows Hello on my desktop, as authenticated with a PIN. If I then click “Use another device” I get the option of using my Pixel 8. That works; the Pixel gets a message (Bluetooth? Internet?), pops up a screen, and I can save the passkey.

Logging in with a passkey

Logging in worked for me, at least once. But as I tried to document this more thoroughly it failed. I finally turned off 1Password’s recommending passkeys in the browser and that seems to have simplified things enough where they work reliably.

• 

• 

• 

• 

• 

• 

• 

That slideshow is the easy seven step process that’s working for me to log in. I believe steps 1 and 2 are Adobe’s website, 3 4 and 5 are all Chrome on desktop, and steps 6 and 7 are Windows. Not depicted: the extra steps for the UI on the phone to actually use the passkey.

Things go really wrong between steps 3 and 4. I say “Use a passkey from Pixel 8” and then the browser sends the request to SM-X800 instead. That’s my Samsung tablet. WTF? Google knows I’m logged in to two Android devices and syncs passkeys to both of them. So in theory either device would work but I have the phone with me always, not the tablet. And it’s wacky that I am prompted for “Pixel 8” and it sends it to “SM-X800” instead. The passkey dialog sometimes shows up on the tablet but when I’ve tried using it it fails (now it’s not even showing up). I can’t find any way to tell Google to use my Pixel 8 exclusively, or preferentially. I asked on Reddit.

So instead of step 4 I do steps 5 and 6 instead, the awkward way to get Chrome/Windows to use another device for a passkey instead of the default. Note the UI stops being Chrome and starts being Windows at step 6. The good news is this does work; the passkey dialog shows up on the Pixel 8, I approve, and I’m logged in.

Mind you this 7 step process is the good case, I have it working reliably and repeatedly. But only after disabling 1Password entirely and only after going through contortions to work around some problem with using the wrong passkey device. Still not sure how that is happening.

Update: really helpful response on Mastodon from a Google engineer saying at least some of what I’m encountering with multiple devices could be a bug in Chrome.

1Password

I’ve only gotten this far by disabling 1Password’s passkey support entirely. It looks like this:

I’m sympathetic to 1Password, it must be very hard to preserve your business when dependent on the platforms of monopolists. I want them to be my passkey store. But until 1Password works on Android I can’t. And the Chrome desktop browser integration on Windows seems to be causing me problems. Not sure if it’s outright bugs or if it’s just some things are simpler without it.

Anyway, here’s the 1Password extension preferences and its confusing array of options for exactly where it will intervene. As you can see I’ve disabled the most obvious passkey part of it. I still see some evidence it’s in the middle sometimes though. I’m really not sure. Some of my testing has been with the extension entirely disabled in Chrome, I’m reasonably sure it’s not involved in those cases.

No landline for a month, is great

A month ago I turned off my AT&T landline and ported the number to NumberBarn. Couldn’t be happier. No more junk calls! Voicemails delivered to my email! It’s great. Can’t believe I wasted $100/mo on that horrible landline for so long.

Numberbarn has been fine. I wish it had more features. I just noticed today they don’t display any names in the caller ID info on the caller log, just the number. (CNAM, they call it). That’s too bad. Often the text info is pretty bogus but that’s a signal of its own kind, legitimate businesses identify themselves.

I don’t get a lot of spam voicemails. Maybe 50% of the 10 or so voicemails in the last month have been spam. 95% of the calls would have been, so that’s a big improvement. I suspect most of the fraud companies just hang up when they recognize it’s an answering service.

Ken pointed out one hassle with not having a landline; we don’t have wireless phones all over the house. Now if I want to call him I have to call his cell phone and hope he didn’t leave it in the kitchen where he can’t hear it. I can think of ways to fix this but they’re all pretty awkward and it’s not that big a deal.

I still have a landline in the other house. We may try porting that number to my ISP; Sonic.net bundles phone service I’ve never used. I’d get rid of the idea of a phone for the house entirely but Ken still likes it there for some reason. At least I can save some money.

AT&T cancelled my account as soon as the number was ported and prorated the last month’s bill without me ever having to ask. So that’s one worry settled.

OTOH AT&T also gave me a nasty little reward for being a customer for so long. A massive data breach dating back to 2021. They’re telling the press they have no idea how this data could have been leaked, not the reassurance their PR person is hoping it is.

Passkeys still awkward in Mar 2024 (Android, Chrome, Windows, 1Password)

Some tech friends surprised me by saying they’re all using passkeys and liking them. I’m still not, despite being very interested in them. Passkeys seem like a failure to me so far. But my friends who are having success with them are all full-in on the Apple ecosystem, that may be why they are having a good experience. I’m using mostly Google and Android stuff and really want 1Password to manage my passkeys.

Update: the notes below are mostly for trying to log in to Google using passkeys. I had a better experience using passkeys for GitHub.

1Password passkeys are a mess.

1Password doesn’t work. I’m not sure it’s their fault. The platform owners (Google, Microsoft, Apple) have all paid lip-service to supporting third party passkey stores but in practice it is clumsy if it works at all. 1Password announced support for passkeys last September, including Android. But here in March 2024 it still doesn’t work. It requires Android 14, which came out only 5 months ago and isn’t on many devices. It also requires Chrome support third party passkeys. Which maybe works? But requires setting a flag in Chrome to enable, and user reports say it may not work well. Disappointing all around and also a clear question for anti-trust investigation IMHO.

The Google passkey experience

Using passkeys in Google (Android, Chrome) is better but doesn’t work reliably. I successfully just created a passkey stored on my Pixel phone, in Google’s store. And then logged in with it using my Windows machine running Chrome. But I had to scan a QRCode to do that, an absurd workflow, despite my phone and my desktop communicating (via Bluetooth?) in the past in some Chrome thing. In theory this desktop/phone integration gets better the second time you need it but instead it just doesn’t work at all; the desktop browser tells me to press a button on my phone but the prompt never shows up on the phone. A similar workflow for Google 2FA is still working so my phone is still able to do some authentication related stuff.

Also I can’t reliably use accounts.google.com to manage my passkeys. Google’s webapp crashes. It might be related to my browser extensions, it works better in incognito mode. Or it’s possible this is something unique to me (I have one of the very first Google accounts ever, created when I worked there before anything launched). Or maybe it’s just broken?

None of this is giving me much confidence in Google managing passkeys.

How about Microsoft?

I also tried creating a passkey stored in Windows Hello to log in to Google using my Chrome browser. This actually works pretty well. But Windows Hello feels rinky-dink and I really don’t want to use it. And at least some part of Windows integration breaks.

Migration

Another huge problem with passkeys is there’s still no story for migrating. If I have a passkey stored on my phone and I get a new phone, can I move the old passkey to another phone? What if I switch from Android to iPhone? Every time I’ve looked they say “migration is a work in progress”.

The practical thing for now is to look at passkeys as ephemeral things you have many of. Your account at Google has many ways to log in: password, proprietary device-based unlock, passkeys. It might have several passkeys. If you get a new phone you’ll just make a new passkey.

Except… what if I use passkeys to log in everywhere? What if I have 100 passkeys on my phone? Do I manually have to create 100 new passkeys, one for every site? That’s ridiculous. But I think that’s where we are today.

Which brings me back to 1Password. They have an excellent story for migration; your authentication lives in the 1Password cloud. Or at least I think they do, I’m not actually sure for passkeys. I can’t test it. Because 1Password passkeys don’t work in Chrome.

Update: it seems Android is storing passkeys in the Google Password Store which you can manage via the Chrome browser. They are synced across devices.