Skip to content

Facial authentication security

The Pixel 4 got dinged by the tech press for the fact that its facial authentication works if your eyes are closed. On the one hand, sure, ideally it would detect that you’re awake, alive, and consenting before it unlocks the phone. On the other hand, I wonder a bit about people for whom this is a concern. If you’re seriously worried about people unlocking your phone while you sleep, you might have bigger issues to contend with in your life.

Security driven by biometrics (face, voice, fingerprint, etc.) is always probabilistic, and the goal is to find an appropriate balance between false positives (letting the wrong people authenticate) and false negatives (not letting the right people authenticate). In practice mobile operating systems tend to err on the side of false positives; what are the odds you’re really going to go around verifying that the security is really as robust as the developers claim? While you’ll immediately notice if your phone repeatedly refuses to let you authenticate.

Apple, for example, likes to brag that there’s only a one in a million chance that someone else’s face can unlock your iPhone. Well, my wife recently got a new iPhone 11, and my daughter can reliably unlock it with her own face. I suspect it’s because they both were glasses, which complicate face recognition (my daughter can only unlock my wife’s iPhone when she’s wearing her glasses; if she takes them off it doesn’t work). Sure, she could be that one-in-a-million outlier. Or Apple could be overstating the quality of its face authentication. Finding an appropriate balance between false positives and false negatives is hard.

Our new building

Speaking of the new Android building, we moved! The Android team moved out of the central Googleplex (Building 43) into a brand new building this summer. The real estate team clearly had loads of fun with the design; the building is themed “like a California road trip”, and each floor has a different theme (the first floor with the lobby is themed like a “hip hotel”).

Overall it’s a been a big step up. There are lots of interesting indoor and outdoor spaces to work, the coffee area and cafe (which is themed like a food hall) are very cozy, and the theming is rather fun. And my desk now has a view out to the hills (which is a significant step up over my previous view of a conference room). Speaking of which, we now have plenty of meeting rooms (in 43 it was essentially impossible to ever find a meeting room on short notice).

I’ll post more pictures of the building at some point, but since we’ve finally gotten some more fall-like weather I thought I’d share one of the top-floor terrace.

The Android 10 statue

Google released Android 10 at the beginning of the month, and in the spirit of the former naming scheme held a small party with Q-named treats (the quesadillas were probably the highlight; there frankly just aren’t that many great foods whose names start with Q). During the party they unviled the latest statue, which took the form of a giant 10 with the new Android head logo peeking out of the base of the 0.

While the statue is certainly more bland than the previous dessert-themed statues, one nice thing about the change is that the white number provided lots of surface area for us to sign the statue. They had a small bucket of Sharpies handy, and anyone who worked on the platform got a chance to sign. So my signature is now on an Android statue. Of course, it’s an open question if they’re now going to put the statue out in public (where, let’s face it, we’d have people who think they’re funny trying to sign their own names or deface the statue) or keep it in a Googler-only area (it’s currently on the 3rd floor terrace of the new Android building.

Google’s new Seattle building

I had a workshop up in Seattle this week at Google’s new Seattle building just south of Lake Union (on Boren). The building just opened up; the first day with occupants was Monday, and the workshop started on Tuesday. The new building is pretty nice, although our new building in Mountain View is more fun. But the location is pretty sweet.

One somewhat strange thing about the building: there are residential units on the floors above Google’s offices. So the terraces have signs up warning Googlers to be careful about what’s on their laptop screens when they’re working outdoors. It’d be a little weird to be sitting out on a terrace getting work done or having a meeting, while residents are sitting outside on their balconies above you.

Previously when I’ve visited Google’s offices in Seattle I’ve been up at the Fremont offices (which are also nice, with a great location on the Ship Canal), so this was my first visit to the south Lake Union area since we moved away at the start of the millennium. Things have totally changed since then; aside from the Center for Wooden Boats (still there!) I barely recognized anything. Now the area is block after block of new condos and apartments mixed with office buildings. Hopefully future visits will bring me back to the area; I’d like to have a chance to explore it more (and see what the waterfront looks like now with the Viaduct torn down!).

Mexican Beef and Tomatillo Stew

Our local farmer’s market has had fresh tomatillos for the last few weeks, and we’ve been taking advantage of them. Last week we made enchiladas verdes (using a Cooks Illustrated recipe we’ve used lots of times before), but this week, thanks to the timely arrival of a new Milk Street Magazine recipe, we decided to try our hand at the Mexican Beef and Tomatillo Stew.

When we formed this plan, the high for today was supposed to be 76, and after several days of 90+ degree weather we figured that would seem cool enough for us to have the oven on for several hours. The actual high was more like 84, so having the oven on that long made things a little toasty in the kitchen. But the recipe is mostly hands-off: throw lots of stuff in a dutch oven, put it in the oven for 2 hours, pull it out and put some more stuff in, then put it back in the oven for another hour and a half. So we could escape to cooler parts of the house.

The stew turned out fairly tasty. My palate has been trained enough by the enchiladas that it kept expecting pepper jack cheese (apparently I now associated it with the flavor of fresh tomatillos), but the dish didn’t need it. The tomatillos provided a bright, clean flavor that contrasted nicely with the earthiness of the beef and potatoes. Definitely worth making again. Too bad it’s harder to find fresh tomatillos in the fall, though; it’s a lot nicer cooking for several hours when the air is cool and crisp, as opposed to hot and dry.

Bicycle as fiddly mechanical system

I got a new bicycle last week, taking advantage of Google’s quarterly bike sale (they work with local dealers to arrange a quarterly sale to encourage employees to bike to work). My old Trek Utopia is around 9 years old and starting to show some of its age, so I thought it was time for something new (and lighter).

While I’m definitely enjoying the new bike (it’s a lot lighter), it has reminded me that, despite all of our technological progress, bikes are still fiddly, mechanical systems. Particularly new bikes, as components settle, cables stretch a bit, etc. Luckily the bike store I got my bike from isn’t far off from my commute route from work (actually, it’s not luck: I chose it in part because it’s easy to get to), so I’ve been able to swing by and ask them to make quick adjustments. But in the last week I’ve had to swing by twice; fingers crossed that things will stabilize now.

The larger lesson is that I need to learn more about bike maintenance and adjustments.

Free as in loader

One of the discussions in the software community is around the different meanings of free: is that free as in beer, or free as in speech? But there’s another type of free that also relates to many of software’s users: free as in loader. That’s the group of users that complains how a $2 app is overpriced, and they’d never pay that much.

It’s trendy at the moment to complain about software that adopts the freemium (particularly the pay to play) model or relies on advertising for income. But guess what: if you refuse to pay for apps, those are the models that you’re driving developers to use. Developers need to make a living too; they’re not writing all that amazing software just out of the goodness of their hearts. Developers would largely be more than happy to just charge a one-time price that gives them a fair profit. But if you refuse to pay for apps, then developers must find other ways to make money. Hence freemium and ads.

So the next time you’re ready to complain about how if you’re not the customer you’re the product, consider why you aren’t the customer. If it’s because you don’t want to pay but still want to use the service, what exactly did you expect to happen?