Home-made floating shelves

Delicious! And a fairly extensive recipe. We wanted some shelves to go above our nice new sideboard to give a little more balance (and functionality) to that wall. We had considered putting some art there, but decided that fit better on the opposing wall that was going to serve no other purpose.

I estimate I put 25-30 hours into this project between concept, finding the right lumber, developing the techniques involved to get it all mounted straight and finished, and then actually applying those steps. Once we figured out that we wanted floating shelves, here's how I did it:

The lumber:
This is the least deterministic piece of the puzzle. We figured out (and mocked up with some plywood) that we wanted shelves that were about 2" thick, about 8-10" deep and 4 feet long, with the slight overlap as you see in the final result. We debated several types of wood as well but then settled between maple (matches the floors) or cherry (matches the table). Anything in the dark wood family was out for color reasons, and other light hardwoods didn't quite fit the bill (poplar is too green-toned, ash and hickory didn't have the right types of grain and typical embellishments). Of course this is all personal taste. We then looked at possible sources. It's easy enough to buy a cherry or maple board, but most of them are milled to something like 1"x10"x6', which is really only 3/4" thick. Your typical lumber store may not have anything thicker. Since I have a table saw and miter saw, it's no big deal to shave the depth down to spec or cut the board to the length we wanted, but the thickness is not something I wanted to mess with. I floated the idea of  gluing two boards together, but Marisa vetoed the resulting grain disruption along all the edges where the glue line would go. I agreed too. I then looked to the internet, and found www.thelumbershack.com. They have a huge, searchable, inventory and I found some candidates, but Marisa said she preferred to see it in person so we committed to finding some specialty stores. That weekend we happened to be visiting her parents in Spokane and we took a quick trip to Windsor Plywood. I didn't really have my hopes up (based on their name, primarily), but they turned out to have the best selection I've ever seen (out of the 3 stores I've been to). We found a great, 9'-long cherry board, had the store chop it in half and brought it home. We then cut it to two 4-foot lengths, keeping the interesting features of the boards.

The mounting approach:
This was the hardest part to conceptualize, and we always had the backup plan of getting corbels and doing a traditional mount. I figured there'd be some ready-made solution somewhere but I couldn't find anything that was a) invisible and b) substantially strong. I went to a hardware store and pored over a catalog to find what I really wanted, which was basically a metal dowel with a screw tip. They actually had them, but after I received them it became quickly apparent they wouldn't be up to the task. The bolt bent under 5-10lbs of weight, and the shelves alone weigh about 20 apiece. I returned the hardware and decided I probably needed to make my own solution from basics I could get at Home Depot. My first attempt was to go with some 1/2"x10" lag bolts, though they had the complication that they have the big hex heads on them and I didn't want to deal with hiding that in the wood anywhere. But, if I cut them off, I have to find another way to drive them into the wall studs. A solution to this is to thread two nuts onto the bolt and use a wrench to turn the one farther from the wall towards the wall. It will then butt up against the other, seizing together and gripping the bolt instead. Unfortunately the lag bolt's unthreaded diameter is too large and those nuts would have to stay, thus forcing me to cut additional diameter into the shelf boards to hide those. Not a huge deal, but annoying. It then occurred to me that I could just use threaded rod instead, be able to remove the nuts AND it has the added benefit that the threads should grab into the shelves a bit and help keep it in place. Some prototyping showed me that 1/2" was the right diameter, anything less would be too flexible under a typical load.

The actual mount:
A lot has to go just right here. For starters, the holes in the board and the wall must line up exactly, and they need to yield a level shelf. To solve this, I cut two 4'x2" strips of plywood (table saw is handy here!) which I then mounted to the wall with screws exactly where the shelf would go, checking that it was level as well. I then used a stud finder to find where the 3 studs in the 4' stretch were. I then drilled 1/8" pilot holes through the plywood, into the drywall, using a drill guide to make sure they were exactly perpendicular. I marked the visible side of each plywood to indicate which shelf they corresponded to. Then I removed them from the wall, placed the marked face of each up against the back of the shelf it belongs to, lined up the corners and attached it with some screws. I then repeated the pilot hole process into the shelf. Without the guide, the holes may not be exactly in the right spots, leading to a shift or tilt in the shelf, or worst case, not all the holes lining up with the wall. Then, I needed help. There's probably some other way to do this alone, but I couldn't come up with an effective way to drill exactly perpendicular with a big speed-bore bit (the guide just shakes around too much to be useful). I used a square to draw lines straight down the face of the board, one lined up with each hole, that I could visually align the bit with. This solved one of the free dimensions, so I had Marisa sit there with the square against the back of the shelf as I drilled with a 1/2" bit, telling me when I was aligned or not. The ideal tool here would be a drill press, but I didn't have one of those. I used a spare threaded rod to make sure the holes were straight and to scrape them out slightly, essentially using the threads like a file. I tried using the guide when drilling into the all with a 7/16", but that didn't work so well. A similar line+sqaure+help process would have been better. Once all the holes were drilled (I went about 5" deep into the studs, the shelves are on an outer wall so they're going into 2x6s; fully into a 2x4 would be perfectly fine as well), it was time to drive the threaded rod into the studs. I did this using the two-nuts trick I mentioned before. Drilling the holes in the stud to be the same size as the core of the threaded rod allows the thread to twist nice and snugly into the wood. Use a hacksaw to cut the rods down to a length that will fit inside the shelf. I had them go most of the way through the shelf (~7 of the 8.5" depth), though I'm not sure that's needed structurally).

The finish:
This was another big unknown when we started. I was fairly certain that a Danish oil finish was the way to go, but we used the leftover foot of board to practice and try techniques on. Step 1 is definitely sanding. I used a powered orbital sander for all the steps. 80 grit got the mill marks and my doodles out of the wood, then 150 smoothed that out, and a final pass with 400 polished everything to a nice glass-like shine. I then found a great trick to clean out all the saw dust and snag any remaining loose splinters, etc: super fine steel wool. It's like $3 for a 12-pack and its texture pulls out and captures all the dust as well as essentially filets off any last loose tidbits. Running it along the edges between faces gives a great tiny-radius softening, just so the edges aren't literally sharp. However, when I applied the Danish oil, we liked the color but were surprised at how much it brought out the stripes (perpendicular to the grain, below right) in the wood. Using the leftovers as the practice was perfect here because it responds exactly like the shelf itself will. We nixed the Danish oil and went with just a buffed paste wax finish (left) instead. We had decided against a urethane-type coat because it's a clearly visible layer instead of just looking like richer wood. The other options provide less protection, but we're not planning on putting anything wet/sticky/etc on the shelves. I repeated the sanding and waxing on the actual shelves, and they came out great! Note: I also used the steel wool to gently smooth down the artfully split edge, which was quite splintery in its original state.

Mounting the shelf:
So now I had a wall full of threaded rods and complementary-drilled, finished shelves. The last step is to simply slide the shelf onto the rods! I knew the rods weren't exactly perpendicular though, so I wasn't expecting an easy step here. Both shelves lined up pretty well, but neither just "slid on". I ended up having to get out a hammer to get the shelves all the way to the wall. To avoid mangling my handiwork, I used a piece of smooth hemlock to cushion the blows from a large hammer. I broke my hemlock cushion into several pieces, but the mission was accomplished: the shelf wiggled on, bit by bit, until it was snugly up against the wall. Great success!

So about that stack rank ...

Microsoft recently announced that they are changing their review model. Several outlets have passed this on and added anecdotes about how "many current and ex employees say the stack rank is the single most destructive process to the company" and that "maybe doing away with the stack rank will finally get Microsoft out of its lost decade".

Let's start with the basics. Microsoft has had over 500,000 employees, past and present. It's trivial to find a handful of them to align with any viewpoint. In other words, any speculation about the effects of the stack rank are easy to 'support'. I haven't looked hard, but I've yet to hear about a counterpoint (though stories about 'company does things right' tend not make anyone's must-read list).

Now another basic: the new policies say nothing about getting rid of the stack ranking, they just remove the forced curve. These are separate things. Without a stack rank, there's no ability to create differentiated compensation. Take it for what it's worth, but when I worked at IBM the lack of differentiated compensation was the single most destructive aspect of the job. The good people get fed up and leave for greener pastures, or get sick of trying harder when there's no motivation and become burnouts.

There's a slightly annoying conflation of "stack rank" with "forced curve", and somehow we decided that both of these are terrible things, cause in-fighting and back stabbing, and take up everyone's mental faculties with trying to get ahead. Lost in this is that this only really applies if within the small group I work with, my success can only come at the cost of someone else's failure. In reality, the populations that the ranks are done over are big enough that we can both succeed more by helping each other. I'd never even talk to the guys we're both trying to surpass, therefore I have no ability to sabotage them.

Evaluation is a totally standard part of all perf-based endeavors. For example, we get grades in school. We are evaluated, given a rating. Those ratings more-or-less conform to an ordering of students, or a stack rank, if you will. Sure, there can be some ties here and there, but whatever. The better the evaluation, the better the reward. The big difference between school and work is that school doesn't have a fixed budget: the teacher can give everyone an A if they want. At work, there's a fixed budget. If I give someone an A, someone else has to get an F. Or 2 people get Ds. Etc. This would be the forced curve, which some teachers employ...and even in those classes, students study together instead of trying to undermine each other.

The interesting aspect of a forced curve is that it eliminates the ability for a manager to inflate reviews on an absolute scale (or go easy on their low performers) because they know their own people. Furthermore, how can we have any semblance of consistency across a company of 90,000 people. The forced curve combined with a stack rank is an external function that at least in some ways aligns evaluations across the whole company. It can also apply a large-scale statistical model over the company that sheds light on what percent of the workforce is doing at least a satisfactory job and what percent could likely be replaced by a new hire. In the soon-to-be-past system, my review would indicate clearly roughly what percent of people with my same title were better than me. And, that's valuable. Most of us do a fine job, and the best way to know we can improve is to know that, in fact, some non-trivial percent of people were deemed better.

People worry about the degenerate cases of the entirely all-star team or the entirely bad team where people get artificially low or high reviews. These are theoretically possible, and certainly some people end up on the wrong side of a curve boundary. However, in practice these degenerate scenarios don't exist and the monetary impact of being on one side or the other of a review boundary isn't monumental. Without getting into the details, the differentiation is big enough to be worth working for, but not so big that it's life-changing.

Without tangible incentives, workers will learn what their minimum passable effort is.
I believe that differentiation compensation is a must.
To assign differentiated compensation, there must be an ordering of employee performances that is in correspondence with the assigned rewards.

LinkedIn's Dilemma

I wrote a while back about Facebook's dilemma: that while they're sitting on a treasure trove of personal information, exploiting that information will likely alienate their user base because Facebook is supposed to be a somewhat safe place, a sandbox of sorts.

LinkedIn is in a similar pickle since going public. They're sporting a nearly 1000 P/E ratio which is propping up a market cap of 27B. In contrast, Facebook's is a mere quarter of that, suggesting that if LinkedIn can't do something drastic, they stand to lose about 20B of company value. Ouch. Clearly there is pressure for them to monetize, but they need to be very careful about how they do it. They recently announced a service called Intro that would re-route users' emails through LinkedIn's email servers and append the sender's LinkedIn profile data to all mails. They note that this will allow people to connect more with others, perhaps even adding those people on LinkedIn.

I don't know that this is valuable though, or at least not to anyone other than recruiters. LinkedIn should instead consider acquiring services like Angie's List and aggregating various reviews to create a sort of uber profile. Make a person like me want to have LinkedIn, because through it I can really assess the professional qualifications of someone I interact with. Appending profile data to every email is simply overkill because most people I send most emails to are my family and coworkers who I already know plenty well. Most mail I receive is corporate ad mail. For every one of these cases, additional profile data is just in the way. I also need to now worry that if I send someone something sensitive, it may go through LinkedIn's servers as well. Imagine if I send my mom an email that I'm thinking about looking around for other jobs ... now maybe I get promoted to recruiters suddenly as a higher-value target? And suddenly I start getting calls? I'm not sure I like that.

Finally, a note on the irony of LinkedIn's social graph. Promoting more connections actually weakens the information LinkedIn provides. Connections are supposed to be a sort of partial endorsement. If everyone endorses everyone, we get no new information. Same goes for skills endorsements: everyone has seen plenty of cases where someone with no understanding of a field endorses their friend in that field.

Instead of working on spamming and ad features, LinkedIn needs to work on relevancy. The end.

Minimum Wage

My cousin recently asked me what I thought of this article talking about how the USA's minimum wage leaves many below the poverty line and needing assistance. I didn't think much of the article, actually. I'm not an economist and there are undoubtedly many subtle points to raising a minimum wage, but none of those were explored. The article never goes beyond gut-level reactions, slapping around a few ominous, but not so meaningful, stats and then a silly judgemental statement about McDonald's (and btw, how is this problem fundamentally related to McD's??). Let's explore the framing of the article:

1. New research shows more than half of low-ware workers at fast-food restaurants rely on public assistance to survive - a rate double that of the overall workforce.
Why yes, people who make less money will get more assistance. Also, this isn't unique to the fast food industry. Other minimum- or low-wage jobs are equally affected. Why is this article only talking about fast food? Why not be more powerful and generalize to all such workers in the country? Is it because it's easier to make McDonald's look like the evil lord of just the fast food industry instead of all low hourly wage jobs? And while we're at it, if we make the highly plausible assumption that need for assistance is heavily correlated with lack of income, it's simply a matter of choosing what "low" wages are defined as to get the above result. It's basically meaningless, other than to say "there is a segment of the population that needs twice the assistance as the rest". Duh.
1a. According to the research, low wages in the fast food industry cost the tax payers $7B a year, more than the entire budget of the CDC!!
Math time: $7B divided into 300+M people, factoring out those are poor, let's say ... no more than $40 per person per year? So $40 of the $15,000+ I paid in taxes last year go to help the needy. I'm pretty ok with that. I'm happy to make that $80. $7B sounds like a tremendous number, but it's not really very much on a national budget scale. I'm frankly far more concerned about the several hundred billion a year that heart disease and diabetes (which is at least partially tied to the fast food industry) costs us in medical care, and that doesn't even include lost productivity, disability, etc. Again, what does the CDC have to do with anything here? This is just a sensationalistic comparison. Most people have heard of the CDC, so they assume it's something huge. I just ate an orange, which has more vitamin C than all 3 of the cars I've owned, combined!!
2. A study has found that McD's alone costs Americans 1.2B a year by paying insufficient wages.
Finally something concrete! I do wish they'd gone ahead and just presented a table of wage-vs-average-assistance-needed, but that'd be too nice of them. Let's keep this number in mind as data is brought up about the fast-food labor strikes and McD's profits.

Now we move into a transcript of hosts Juan Gonzalez and Amy Goodman, along with guest Jack Temple, a policy analyst from the National Employment Law Project. We'll notice that Amy and Juan are already pretty well in agreement with Jack, so the entire conversation is really just an echo chamber. There are no hard questions (or really questions at all). I usually associate this kind of setup with a person attempting to leverage another organization to legitimize their position, or in some cases to have both sides co-legitimize each other.

Juan: [same as framing] and the top 10 fast food companies made $7.4B in profits last year.
Amy: While CEOs are raking in record profits, fast-food workers protested to be able to form a union and make $15 an hour. National minimum wage is $7.25.
This is a conflation. CEO wages are certainly higher than ever before, but the largest companies are also larger than ever and more global than ever. This is simply market response. If a company has revenue of $10B, a 1% better CEO is worth $100M and is easily worth $10M more per year. While lots of people complain about the ratio of CEO-to-average employee going through the roof, company sizes are also increasing. Each employee relies on the CEO and senior management for their job to persist, so some fraction of their earnings should be allocated there. More employees = more company = more the CEO's value is. Amy's statement also implies that McD's employees are making $7.25, but this may or may not be the case. Again, all definitions of "low wage" and "poverty level" and similar are missing.
Amy then quotes Shantel Walker, a fast-food employee: I've had numerous jobs, and each starts back at $7.25. It doesn't matter where you work. That's the irony: that it's not just fast food, but other industries as well.
Shantel calls out that this issue is not limited to fast food, yet our panel continues to focus on fast food only, and mostly McD's at that. Shantel's quote also implies an important truth: these are not skilled jobs. These jobs can always be filled by an employee with no experience. This is the crux of an issue I'll elaborate on later, but basically there's no reason to give them more money. They are easily replaceable.
Jack: my report is really important and it shows that no matter what, this industry is costing you money, and therefore significantly affecting the economic growth of the country.
Well Jack, that's a bold statement. The GDP of the USA is $16.6T, and assuming this assistance money could be magically eliminated, we'd save ourselves a burden of $7B. Again, I'm no economist, but this isn't even a tenth of a percent of the economy. I'm now going to be cross-checking all your claims more carefully.
Juan: Jack, counterarguments include that McD's and BK's restaurants are franchises and are therefore effectively small businesses and that the wages are low because these are entry-level jobs from which employees are expected to move on.
I believe what Juan is referencing is that small businesses are less likely to have cash to invest in a higher-skill workforce. Since McD's locations are actually operated semi-independently by a franchise owner, they are effectively a conglomerate of very small businesses. Also, it's less about people moving on to other jobs and more about ease of replacement. There's little incentive to invest more in an employee and keep them longer when their skill-set is easy to replace for cheap.
Jack: Facts refute both of those. for all the talk about small businesses in the industry, McD's made $5.5B profit last year ...
Well, that's entirely ignoring the fact that each McD's location is a franchise, but continue ...
Jack, cont: McD's corporate exercises a lot of control over locations. They determine just about everything, but suddenly they don't determine wages? They infer wages by the control the exercise.
Sort of ... there's definitely some truth to this. McD's corporate controls all aspects that would affect their brand. This includes the food, the machines ('process'), logos, etc. However, some franchises operate in great locations and others in less-great locations, which certainly affects the volume of business each location does. It's not like McD's corporate has an equal-outcome consequence on every restaurant location.
Jack, cont: Regarding entry-level workers, this industry actually employs much older people than we'd expect. 70 percent of workers are over the age of 20, 30 percent of those** are supporting children, which adds to the public support cost.
I don't like this statement for a few reasons:
1. "Entry-level" does not mean "high-school job". It means "job with no prior experience or training needed. He's confusing age with skill set. It's a reality of the world that plenty of people old enough to have gone to college haven't, and haven't gained any other skills either.
2. Even if "entry-level" was tied to age, his stat has a cutoff at age 20. This is still in the very early phases of career development and includes kids in college trying to make money on the side, etc. Why not a percent of people over 25? over 30? This makes me feel like he cherry-picked this stat because it sounds bad.
2a. "30 percent of those" is vague. Is that 30 percent of workers? or 30 percent of the 70 percent? It's just a sloppy phrasing, but it's not really clear what we're to do with these numbers anyways. It's just statistical pseudo-support.
3. "adds to the public cost": we already agreed that the public cost is $7B. That's a final number and discussing the composition of it with no other reference to the composition makes me feel like he's trying to artificially inflate the value in people's heads. I ran into something similar while house hunting. The seller's agent was adamant about the added value of the brand new elementary school nearby, but was already in the comps because the houses that sold a few blocks away already had that factored into the price as well, so it's really just a bullet-pointing of something that's already been covered. Why emphasize this if the bottom line is already set?
Amy: how much do these franchises make and how much do the CEOs make? How much do the workers make? Justify the disparity.
Despite my claim before, this is actually a solid question. Good job Amy.
Jack: the CEOs at the 7 largest publicly traded fast-food companies made $53M combined.
McD's CEO Don Thompson made $13.7M alone last year. The median hourly wage of a fast-food worker is $8.69. It's one of the lowest wages in the economy today for the occupation. So you see the stunning disparity between workers and CEOs.
So the top 7 companies make $7.4B in profits and pay their CEOs $53M to get there. This is less than 1% to get the result they want. Also, consider the risk to replace a CEO. This is a company's right: they need to determine how much someone running the company well and with vision should be valued. Really, who cares. McD's employs 440,000 people world-wide. Don Thompson's income is about $30 per employee. Is it worth $30 to make sure they continue to have a job? Is that more or less than union dues they'd be paying? I'd also bet that most of that compensation is in company stock which comes from the fact that (shock!) the company is doing well. The CEO makes about 1000x a low-wage worker. This seems like a big number, but really, why does this ratio matter so much to us? These ratios get flung around the media like they're a definitive statement of guilt, wrong-doing, corruption, greed or something. But, it's just global capitalism at work. If McD's tried to keep CEO pay at, say, $1M per year, maybe Don would still be the boss. Maybe not. Since every other company would be willing to pay more, McD's would be left with either an unknown or a known mediocre person to run the company. Is that preferable through the lens of the 440,000 jobs they are supporting?
Amy: the demographic of the workers?
Huh? Not sure what she's referencing with this question. I guess it's a prompt to talk about that aspect.
Jack: the median age of workers is nearly 29. Many are supporting children. We've seen a real shift away from industrial jobs that supported the middle class to service jobs today, which are defining the American economy. This is a problem because the wages are so low.
This is a reasonable sounding statement. I suppose the implication is that industrial jobs have shifted to service jobs? I imagine that we had lots of service jobs decades ago as well, so I don't really know what concrete conclusion to take away from this. I guess this funnels into the 99% chatter, that it's a symptom of the hollowing out of the middle class? At any rate it seems the issue is not inherently that service jobs make little money, but that there's a lack of blue-collar jobs that require some skill and specialization.

After some more of the same, there's finally a concrete statement that it's the growth of the service industry relative to the rest of the economy that's going to perpetuate our issues because they get paid so little. Let's get to the final conclusion.
Amy: Companies argue that costs associated with increasing wages will have to be passed onto the consumers.
Jack: This is a multi-billion dollar industry. There's no reason to suspect companies can't afford higher wages.
Let's do a little more math using McD's as the example. Suppose we trust that McD's causes $1.2B of public assistance. Suppose McD's decides to foot that bill. This would drop McD's earnings to $4.3B. Assuming the same P/E ratio, McD's market cap would drop from $109B to about $85B. It would remove $24B of value from the economy, which is a 20-fold impact. That's no good. Fast-food is highly competitive and highly commoditized, meaning returns on investment and operating margins are not great. Thus, any hit to the bottom line would be magnified in stock value. Just because a company has large revenue doesn't mean it's got money to burn. This is a gross mistake from a guy who's involved with employment and financial matters here.

Now that I've ranted about the format and exact content of the discussion, there was also some talk about the fast-food workers wanting $15 an hour. I'm not really sure what to think of that one. I know other countries believe in much higher minimum wages and it works for them. My gut reaction is that it would really just escalate all wages a bunch, and there'd be a "cost of work" wash across the economy. It would likely lead to a compression in wages across the board, but you can't just raise a burger-flipper's pay to $30k a year and expect a teacher to stay happy at that same income. It'd necessarily push other wages up because otherwise other industries would lose people to easier jobs. This is all hand-wavy and vague, but I don't think it's quite so simple. What I do know is this discussion has left me with nothing new to think about.

Social Change and Hyperbole

150 years ago, our President would have been owned by someone. 100 years ago, our First Lady couldn't vote. And 60 years ago, they would have had to ride in the back of the bus together. Today, they lead our country. Social change happens, and it's slow and hard. Mere decades before each of these events, these outcomes were unthinkable, frightening. And here we are today. Let us not think that other major social change would, as some say, "ruin the foundations of our country" or similar. To make such statements is clear hyperbole: ridiculous, not applicable and desperate.

It is our right to disagree, and to have our own opinions. It is good that we have disagreement: it drives change and improvement while keeping checks and balances in place. However, we are a democracy and we need to let the majority speak and then respect that outcome. Sometimes you get your way, sometimes you don't. If you don't like it, go be the dictator of a small country and see how well that works out for you. Or start small as the overbearing head of a household and see just how happy others under your roof are.**

** - Don't be the overbearing head of a household. Or small country.

Hacking a phone

Phones are rapidly moving to the forefront of our electronic connectedness (or really, they are already there), as opposed to being a sort of auxiliary device that can also do some things. The super-fast hacking of the iPhone's fingerprint scanner security feature got me thinking about some of the assumptions we make.

First, more ways to log in, perhaps unintuitively, makes a platform less secure. This is exactly analogous to having multiple doors into your house, all with different types of locks. A thief only has to figure out how to exploit one of those, and they are in.  The key here is that any one door gives full access, as opposed to multi-factor authentications (ex: voice+fingerprint+passcode) where the thief has to go through ALL of the doors to get in. But really, let's assume a good thief can break through any of these doors and therefore we have to have a backup plan.

A technique to help users mitigate the loss/hacking of their phone is remote-wipe. Since we're talking about Apple, we'll keep using them as the example (though the concept should apply equally for any phone maker). I was debating if a thief could do something like:
1. Steal phone, turn it off
2. Turn on the phone in their underground lair where there's no cell signal
3. Take as much time as they want to hack the fingerprint reader using a print left on the phone by the original owner (** - what are the odds, actually?)
4. Connect to a firewalled internal network that blocks attempts to communicate with Apple's services (and therefore presumably could avoid the remote-wipe instruction)
5. Go party with data on the phone (email, pics, texts, ...), syncable by the phone (email, ... ), pushable by the phone (bank account app, perhaps ... ).

Turns out the iPhone can be put into airplane mode in iOS7 without even unlocking the phone, so steps 1 and 2 converge to "put phone into airplane mode". In this particular vein, the fingerprint is only valid for 48 hours after the last successful login (seems a pretty long time ... ), so the thief would have 2 days to replicate the fingerprint. At any rate, the remote-wipe may be easier to block than desired. At that point a user would have to resort to changing all their passwords, but that still leaves a thief access to anything cached on the phone (which would be quite a bit of personal data ... ). Hmm. Perhaps security features should be left as simple as possible?


** - I don't know how clear a print needs to be for a thief to be able to reproduce it. Just looking at my phone, I think there was one "good enough" one after I pulled it out of my pocket. For the scanner feature to be useful, it seems like a user would have to use their thumb, which is also a finger they are most guaranteed to place all over the rest of the body/screen as well.

Cracking the code

In this case, the NSA cracking various encryptions ...
Let's assume the media has the details right (which can be a pretty big if) and take a looksey.

"U.S. and British intelligence agencies have cracked the encryption designed to provide online privacy and security, documents leaked by former intelligence analyst Edward Snowden show." - USA Today.

They then go on to say that they actually mean individual keys. This is very different. There's no question that given enough effort, the NSA could reverse engineer a private key. Really, lots of people could ('people' here means those with access to serious computing power, though I wonder if you could successfully run cracking codes on Azure, EC2, etc?)

The article goes on to say that the NSA has maintained control over international encryption standards. I don't think that's actually true, that's NIST's job (and it's not 'control'). The NSA weighs in on the quality of new algorithms, etc, but they don't set the "rules" ... after all, people can use whatever they want. So we already have some bad info.

So far the NSA has done nothing that anyone else isn't trying to do. Then there are the allegations of back doors (either by hacking or pressure). Hacked back doors are, well, possible by anyone. China hacks stuff all the time. So does the USA. Nothing novel going on here.

The only allegation that's interesting is the possibility that backdoors are being added as a result of pressure from government agencies. This I like a lot less .... for obvious reasons.