Bad Argument: Russell's Teapot / Flipping Burden of Proof / Unfalsifiability

Sometimes when you argue with someone else, your opponent, instead of answering with evidence that support their position, they answer with worthless-isms like "It's obvious / well-known", "they said...", "Google it", and so on, sometimes with implied or outright stated "don't be lazy". 

Don't fall for this bad argument. They want you to disprove them, when it's actually their turn to prove their own position. 

During an debate / argument, each side states their position on the question, and each side is supposed to show evidence that supports their own side. If one side answers with worthless-isms, it means one of two things:

A. they don't HAVE any evidence, and they want YOU to prove THEIR side, which is NOT YOUR JOB. They are supposed to support their side, and they're trying to flip "burden of proof". 

B. they used an unfalsifiable argument (whether intentionally or not), which makes their argument an assertion, but there is no evidence, because it's impossible to obtain. 

One such example is known as "Russell's Teapot". First coined by Bertrand Russell, he basically postulated that there is a teapot in an eliptical orbit. You can't see it, because it's too small. And since you can't prove it doesn't exist, it therefore exists. Right? 

Wrong. The person making the assertion / argument has the burder of proof. If they made an unfalsifiable assertion, they've argued themselves into a corner. Nobody would be expected to believe something that cannot be proven. 

Russell used this assertion to argue against religion, because most religions presume the existence of God. But a lot of bad arguments started with a presumption, and that's not evidence. 

This sort of argument are often seen in cults and cult-like organizations, such as MLMs and scam cults (Ponzi schemes and pyramid schemes that had yet to collapse), where the victims, for various reasons, WANTED to believe in the scam and thus invent unfalsifiable assertions and instead of proving their own side, they want to critics to DISPROVE their unfalsifiable assertions (which is of course, a paradox in itself). 

So watch out when it's used against you. Call them out, and refuse to play their game. Reveal their bad argument. Watch them sputter. 

Cybersecurity: Hilarious (to me) Explanation for Attempted Verification Code Fraud

One of the scams that had been around a while was the verification code scam/fraud. To make a long story short, scammers, who cannot get a new account because they had abused their own account, would attempt to trick other people into "verifying" them by entering the victim's phone number when registering a new account, then claim "I'm just verifying you are real, gimme that code you just got". If you do give them that code, you just helped them get a new account to scam from, and now YOUR phone number is associated with them (and that also means you may not be able to register an account later on that service because your phone number's been "used" (and blacklisted due to abuse). 

Today, I just ran into a new spin on this old scam that gave me a chuckle. On reddit's /r/cybersecurity, someone, who may be romance scammed, wrote that someone, who claimed to be in the (US) army, sent her something he claimed to be a STIR verification code, "to verify you exist". 

Clearly, this is a scammer who tried to do the "verification code scam", but this STIR angle is new. 

So what is STIR? It has nothing to do with verification code, at least the type you send via SMS. 

STIR/SHAKEN is a protocol that was being implemented by phone carriers to "authenticate" callers, to combat the spam call problem. Similar to a website using HTTPS instead of regular HTTP, each phone carrier for a business is supposed to link a certificate to the main phone number. So when that caller calls out, the recipient's phone service can look up the certificate, verify it with public key encryption, and thus authenticate that the call did indeed came from that business. STIR is the outbound phase, and SHAKEN is the reverse-lookup/authenticate phase. Once the caller was authenticated, you get a "caller verified" checkmark as your phone receives the actual call. Obviously spammer who spoofed their caller ID cannot pass this authentication, and thus, no checkmark. 

Needless to say, we advise her to drop the scammer like a hot potato. The verification is nonsense and a lie. 

Restaurant Review: Taqueria El Farolito (North Beach, 1230 Grant)

El Farolito is reputed to be one of the two restaurants in San Francisco that invented the Mission-style burrito. I live in Chinatown, so I can't really head down all the way to Mission to the original location, but I *can* get a burrito from their North Beach location. 

The door and the shop is a bit on the small side, and the door is facing Grant, not Columbus, which makes it a little hard to find. Got in. There are many seats available, but I needed to head back to work. So I ordered a superburrito al pastor to go. It took 5 minutes, as I did watch them cook it. I also ordered an horchata. I guess I was thirsty, and I finished the horchata before burrito arrived. The horchata has visible spice bits and was quite delicious. 

I got the burrito wrapped in foil, plenty of napkins, and small cups of red and green salsa, all in a nice and thick plastic bag with their logo and verbiage. 

Got back to my "office" (only a few minutes away), and started to unwrap the burrito by tearing off the foil on one end. Strangely, the inside seems a bit... dry, but then, that's why we have the salsa. It's wet enough with the salsa, then I started to worry I don't have enough salsa.   

Then I started to notice red oil dropping onto my desk... Huh? It seems the burrito foil wrap developed a leak at the bottom. I had to hold folded napkins against the bottom of the burrito, while I unwrap and consume the top. It is a bit dry without the salsa, as the pork seems overcooked and dry, or did all the juice went to the bottom? 

I ran out of salsa when I consumed 3/4 of the burrito. There was a little "crunch" with the pork... I seemed to have gotten burnt bits of the pork. Should I have ordered carnitas? As I was full, I dumped the rest into the trash. 

Overall, the superburrito is merely... average. The horchata was good, but it can't really raise the overall score. I probably should try Taqueria Zorro again. It's been a while since I've been there. 

Taqueria El Farolito (North Beach): 3/5

App Discovery: Google NotebookLM

Recently I started seeing a lot of mention of NotebookLM, so I decided to take a look, and it surprised me. 

You can access NotebookLM at https://notebooklm.google.com/ and it's free so far. 

What does it do? It's a summarizer, but it can act across multiple types of media. 

• Google Docs
• Google Slides (with a lot of text)
• PDF, Text and Markdown files (with a lot of text)
• Web URLs (with a lot of text)
• Copy-pasted text
• Youtube URLs of public videos (with captions)
• Audio files (with speech that can be transcribed by Google)

You're probably still confused as to how do you use this. Here's one possible example:

• You are trying to cram for an exam, and the professor made all the lecture notes available as a bunch of PDFs. 
• You load all the PDFs into NotebookLM as one notebook which you call (Subject) Cram 
• You can now generate a study guide of all the notes
• You can generate, then listen to a "podcast style" audio overview where a male and female host discuss the subject in an engaging manner. 
• Use the prompt window to ask Gemini to generate a quiz to test your knowledge of the subject. 

This is a VERY powerful tool due to its "multi-modal" ingestion. Previously, you can buy access to "book summaries", and some even have audio summaries available, but this basically lets you generate summaries on ANY subject, as well as have the AI generate quizzes, study guides, cheat sheets, and more to suit YOUR study style. 

Give it a try. You may wonder how you never heard of it until now. 

Job Hunting: A Few Questions for the Hiring Manager that Makes You Memorable

One of the more difficult things to conclude the interview is the hiring manager tend to ask you "are there any questions you have for us?" Even I flub this all the time and answer with a non-answer "Not at this time."

However, here are a few questions you *should* ask, and it may make you memorable when it comes to decision time. 

What's the "one thing" a new employees should know if they want to work here?

Who are the heroes in this company/department, and what do they have in common? 

(This goes AFTER the "company culture question")  If there is one thing you can change about the company culture, what would it be? 

(Controversial) If there is "one thing" in common about people who got burned out, resigned, or terminated... what was it? 

(Controversial) Is there anything I've said, or haven't said, that would make you think I am not a good fit for the job? 

Cybersecurity: Stop Diagnosing Yourself with Pegasus!

As one of the "trusted contributors" on /r/cybersecurity on Reddit.com, one of the FAQs was "Is my phone hacked with Pegasus? My (evil ex) is stalking me." 

The answer is "extremely unlikely". Pegasus is reserved for nation-state actors because it costs a TON of money to license, so it's only deployed against mostly political people, or people with possibly high influence and wide reach, such as reporters. While Wired deployed sensational headlines "Spyware  Scandals are Ripping Through Europe", and the verbiage was literally "commercial spyware has been deployed by more actors against a wider range of victims", implying that even normal citizens can be targeted by commercial spyware, the literally truth is, again, only people of high influence (politicians and reporters) are being targeted, i.e. "prevailing narrative has still been that the malware is used in targeted attacks against an extremely small number of people", even though the article was stating that literally despite trying to claim the opposite. Yes, Pegasus, developed by NSO Group, is getting some competition in Europe, where OTHER companies are developing similar spyware... with similar price tags.  

The article in question "$1 phone scanner finds seven Pegasus spyware infections" basically states that iVerify has managed to develope a tool to detect Pegasus and other commercial spyware. It sold $1 trial package called "IVerify Basics", and if the user choose to turn on Spyware Detection, they can generate a fingerprint to be submitted to iVerify for analysis, and 2500 or so people have done so. Out of the 2500, they found SEVEN instances of Pegasus infection. According to iVerify, "people who were targeted were not just journalists and activists, but business leaders, people running commercial enterprises, people in government positions", even though in the next paragraphs, they pointed to a Sikh political activist (and a lawyer) as one of the iVerify successful detections. They also pointed out that two of Harris-Walz staff's phones were infected.  

The article concludes with "the rate (of spyware infection) is much higher than the prevailing narrative". Yes, it is much higher, but the original number was such an infinitisimally small number, even if it's 10-100x higher, it STILL a tiny number of users being targeted. Important people... Business leaders, CEO, Company Presidents, government employees, political employees, etc. in addition to the typical reporters and political activists. 

Not average citizens on the streets. 

Restaurant Review: La Venganza in Ikea Saluhall San Francisco

 Decided to walk around a bit this Saturday, and decided to give Salut Hall another try, and decided to try La Venganza, a Mexican Vegan eatery. Ordered a Tostada de Barbacoa (simulated), which is actually made of mushroom, and an horchata. This is what I ended up with...

It's not bad, it's not really "barbacoa", and the jalapeno isn't distributed well. There's a little bit with the guac, and that's it. I was expecting a bit more salsa, but there's enough beans here so it's okay. It's a bit on the cold side. I probably should have ordered "carnitas" instead. 

The horchata tastes okay, but it's not really that fresh, the cap was on crooked, and it's not mixed well, with a lot of the cinnamon and stuff settled in the bottom. They did warn me to shake well, but I didn't realize they mean cocktail shaking vigor. 

The problem is... the price. For $16 for the tostada, and $6 for the horchata, there's really not that much food here. I guess that's the "vegan tax", eh?  

3.5/5

Rant about PC Microphones: Specifically, the search for a Shock Mount

To optimize audio quality of a PC recording, one of the things that was emphasized was the necesity of a "shock mount", which are basically isolation for the microphone from the desk, because any sort of vibration on the desk can be transmitted to the microphone, thus affecting audio quality. And we're talking about condenser mics, not the tiny boom mics on headsets. 

Unfortunately, some mics are so niche or so unsupported, you cannot get shock mounts for them, or at least there are none advertised for them. One such is the Joby Wavo Pod. With MSRP of $99 launched back in 2022, Amazon is already discounting them to as low as $19.99. 

However, there seems to be no shock mount for it, until you look up its diameter, which is nowhere to be found on Joby's website. (FWIW, it's 60mm) Most shock mounts are the "tube" type, where two half pipes form a tube tightened by elastic shock cord in a complex pattern, which provides friction to secure the mic as well as isolation from the mounting "ring". 

You *can* find 55-65mm shock mounts on Amazon, but they cost almost as much as the mic itself... starting at $15. Then you realize those are not really compatible because the microphone has controls on the body, and the shock mount would cover those up. 

You have to get a VERTICAL shock mounts, which basically goes between the mounting "bolt" and the "nut" on the microphone itself. Which completely bypasses the friction mount problem.