Victoria Real Estate Statistics and Data

 I have recently been studying the technology behind the real estate industry. One of the newest sites for Victoria BC real estate contains a large set of data to help with analysis on the market.  As a homeowner in the market, I have been curious about the effects of Covid-19 on the Vancouver Island real estate market in general.

My partner and I were amongst the lucky ones who got out of Vancouver prior to the market correct in 2018 and 2020 Coronavirus scare.  Since Jan 2020, a number of people have begun making the transition.

After analyzing the real estate data on this page, I have started crunching the data with R, a statistical computing language. Using Vancouver Island real estate data itself was not sufficient, so I have now expanded the scope of the project to include other statistical data. While the project is in early stages, it appears that there was an acceleration in migration from larger cities to Victoria, BC and surrounding areas.  The Victoria BC real estate price averages seem to show a significant uptick during the same time. A realtor friend had told me that initially, leads dried up during the first months of Covid, then the flood gates seemed to open.

While the initial results are indicative, there is no clear causality relationship established between Covid and rural real estate purchases, only a working theory that some people used Covid as a final nudge to get away from urban areas and secure real estate in a more rural and livable location.

I will continue to update as data becomes available.

Apply to Participate in Solar Decathlon by October 26

From my friends at the US DOE, an immense opportunity! 

Compete in the next U.S. Department of Energy Solar Decathlon® and join more than 25,000 students from 35 countries who have experienced the impact of this unique, life-changing competition! 

New and returning collegiate institutions are encouraged to register and participate in this competition that prepares the next generation of building professionals to design and build high-performance, low-carbon buildings powered by renewables. 

 Apply to Compete The Solar Decathlon Competition Guide, 2022 Design Challenge Rules, and 2023 Build Challenge Rules are now available to the public at https://www.solardecathlon.gov/

All collegiate institutions are encouraged to apply to participate in the next edition of Solar Decathlon by October 26, 2021, at 5:00 p.m. ET. Team Applications can be submitted for both the Design Challenge and the Build Challenge. The 2022 Design Challenge Finalist Teams and 2023 Build Challenge Participating Teams will present their projects to juries of experts in April 2022, at the Solar Decathlon Competition Event hosted by the National Renewable Energy Laboratory (NREL) in Golden, Colorado. At that event, the 2022 Design Challenge winners will be selected; qualifying 2023 Build Challenge Participating Teams will receive approval to proceed to the construction phase. 

Up to 20 advancing Build Challenge teams will receive $50,000 prizes which can be used to help defray a portion of their project costs.

Check it out at https://www.solardecathlon.gov/

SEO for difficult terms like "Real Estate"

Consider this blog post an addendum to earlier posts on the topic of Search Engine Optimization. Many people have asked us how to get the number one position. This depends upon the search term you are trying to get the listing for. Sadly, this is the Achilles heel that many fail to consider.

As an example, if you are trying to achieve the number one spot for "Real Estate in Victoria BC", you need to realize this is a very competitive term and there are realtors throwing tons of money into achieving the same result.  If you are trying to get the number one spot for "XCellois Edible Kites" or "Veemo Micromobility", these terms are somewhat more specific to a single company.  By contrast, they are much easier to achieve the #1 position for. The lesson here is to understand the laws of supply and demand.

As with any endeavour, the first place to start is research. Many so called "SEO Experts" fail to actually read the valuable information placed in the Google Search Central website.  Be sure to read the data there and understand how Google actually works.  We get tons of questions every week asking about the specifics of SEO and find most of the answers sought by our clients are available via this website.

Another place to start researching your SEO is the Google Keyword Suggestion tool.  This will give you the approximate volumes of search inventory that are available based on what people actually search for.

It is also important to understand that Google search results are based upon a dynamic algorithm. There is no magic formula for getting to the #1 spot and then staying there forever.  Google measures how people interact with search results and use this data to constantly change the top ten results for any search term.

As always, if you do need help, drop us a line and we will try our best to help out.  We've been at this for 26 years, since the days of Lycos, Alta Vista and other search engines prior to Google.

Tips if you are trying to sell me on our web developer skills

I get a lot of calls every day from people claiming that they develop "the best quality" websites.  Most of them have no clue what this even means.  Today I had a cold call from some guy who told me his company fitser.com makes the highest quality websites ever.  He gave me his domain name to check out his portfolio.

Before I go further, this is not an attempt to shame anyone. Rather, this is a pleas for so called web developers to learn more about what their craft requires.  I do entertain hiring the odd remote contract developer however, they must pass a certain threshold.  Sadly, Fitser.com came no where near the bar.  The site loaded very slowly, had multiple browser console errors and when I ran a Google lighthouse test, the results were less than flattering.

When I informed the person on the phone, they did not seem to understand what Google Lighthouse was.  To that end, I want to help educate others.

Google recently announced that SEO rankings are being based primarily on the mobile versions of any website, not the desktop versions as have been done in the past. To me, this means responsive is your first goal as a web developer.  This makes perfect sense given the overwhelming traffic on most websites comes from mobile devices.

Web developer must therefore design websites with MOBILE FIRST in mind.  This is described in my professional blog post at Webstation's Community Blog.  This means taking the time to use aria-labels, the HTML picture element and ensuring images are sized properly and in newer formats like WEPB and JP2.

I had planned to do a blog post on how to use Google Lighthouse as a web developer, however Google's own documentation leaves nothing to be enhanced upon. It is quite complete.

For comparison, here is our Lighthouse scorecard:

The tip I want to give is before you ask me to review your work, please do it yourself.

Nuff said!

U.S. Department of Energy Announces Winners of Lighting R&D Workshop Student Poster Competition

Reprinted from the United Stated Department of Energy.

The U.S. Department of Energy’s Office of Energy Efficiency and Renewable Energy (EERE) announced the winners of the 2020 Lighting R&D Workshop Student Poster Competition.

Congratulations to the winners:

GRAND PRIZE WINNERS

Syed Ahmed Al Muyeed, Lehigh University
Controlled Growth of Self-Assembled InGaN Quantum Dots Using Templates of Quantum-Size-Controlled Photo-Electrochemical Etched Quantum Dots

A.P. Sachintha G. De Vas Gunawardena, Rensselaer Polytechnic Institute
The Impact of Output Capacitor Aging Under Constant and Cycled Temperature Conditions on LED Driver Lifetime

HONORABLE MENTIONS

Ziqian He, University of Central Florida
Swelling-Deswelling Microencapsulation 2.0: Toward Ultrastable Perovskite-Polymer Composite Downconverters for Tailored Lighting

The student winners will be recognized at the 17th annual Lighting R&D Workshop January 28–30, 2020, in San Diego, California, where they will present their research at the Poster Session alongside more than 50 scientists sharing updates on their EERE-funded research projects.
Read more on the US DOE website at https://www.energy.gov/eere/buildings/articles/energy-department-announces-winners-lighting-rd-workshop-student-poster

Canadian Company flies World's First Electric Commercial Airplane

A Canadian company, in partnership with a US high-tech firm,  have successfully completed the first commercial aviation flight with an electric-powered aircraft.  British Columbia's Harbour Air (UK English spelling for those of you wondering about the superfluous "U") and magniX, the company powering the electric aviation revolution, today completed the successful flight of the world’s first all-electric commercial aircraft, announcing it on Dec 10, 2019.

The aircraft was a regular-hulled six-passenger DHC-2 de Havilland Beaver magnified by a 750-horsepower (560 kW) magni500 propulsion system.  The entire flight was video-recorded and much of it can be seen on the Magnix website home page at https://www.magnix.aero/.

The flight left the Vancouver Fraser River terminal in Richmond (YVR South) on the morning of the 10th, piloted by Harbour Air CEO and founder Greg McDougall. He now ranks in my books as one of the greatest test pilots of all time.  A CEO who actually puts himself out there for the cause of humanity?  Can we have a dozen more for a start please?

This historic flight signifies the start of the third era in aviation – the electric age. It will take time to sunset the internal combustion engine and jet engine ages so I won't be expecting to buy any tickets anytime soon.  A lot of this is to to the intense regulatory approval, explained by Greg McDougall on this video.

Free Speech MUST be protected

Recently, I have seen many news articles about people who are either wearing pro-Trump t-shirts or those who have taken drastic action against those who do.  So why am I writing this post?  Simple, Freedom of Speech MUST be preserved, no matter what.

I am no fanboy of Trump, nor do I feel the oligarchy of US politics is something others should emulate.  America is a great country. I have many friends in the US and abroad who carry US passports.  

Here are some examples of attacks on free speech:

1. Minneapolis police union selling "Cops for Trump" T-shirts, in wake of uniform ban 

2.  Epping student told to remove Trump T-shirt

3. N.J. teacher blamed for censoring Trump T-shirt says her life was threatened. Now she’s suing

4.  NH Student Told to Cover Up Trump T-Shirt at School

The idea of censoring a persons right to free speech is dangerous!  One of the hardest things any human might undertake is to protect the right of free speech for those who have a message they do not agree with.  While it may seem distasteful, I urge you all to consider the alternative, a totalitarian society whereby no one can speak their true thoughts.  Despite the arguments, disagreements, at least we are free to have such conversations.

It is important to remember that free speech is not-aligned with any specific political movement.  While you may find the very idea of Trump offensive (I am not a fan), it is important to recognize that freedom of speech has no limits, no bounds.  As such I will tolerate his statements.  We must also accept his followers messages, even if we do not agree with the substance.

Yes, there are arguments that shouting "fire" in a crowded movie theatre is probably problematic, yet at the end of the day, my personal belief is that it is a very slippery slope.  You start by banning opinion X, next comes a ban on opinion X divided by 0.9, then 0.8 etc etc. Eventually, we are all faced with a few degrees of separation.

Free speech is without limits.  My plea is for all who read this to reconsider their commitment to furthering their own causes, but within the realm of protection of free speech.  Today, we find ourselves in a democracy.  The current leader of the USA, no matter what you think of him, is making decisions that many do not agree with.  Censoring those who think his actions are correct is a very dangerous idea.  Some day, the tables may be turned.

Improve SEO Rankings | Page Speed and Mobile-First Development

It has been official for quite some time, yet very few Website Design Agencies have capitalized upon the recent changes in search engine indexing. On July 1, 2019, Google announced that Mobile-first Designs will play an imperative part in determining Search Engine Optimization Rankings (SEO). Google stated, "mobile-first indexing is enabled by default for all new websites (new to the web or previously unknown to Google Search)". Coupled with this announcement, we also would point out that Google announced in mid-2018 that page speed would play an equally important component of search engine optimization.

 The rationale is simple to understand. In our previous posts, we have pointed out that the majority of all website traffic is from mobile sources including mobile phones and tablet devices. So how does one check their performance? Simply using the tools available to webmasters from Google (thank you Google!) can give you a strong indication of whether or not you need to update or tweak your website. If you are not comfortable doing this yourself, you can also request a FREE consultation from Webstation.

Pagespeed scores of 90 -100 are optimal for achieving the best search engine results. Before contracting with any prospective digital agency to handle your search engine optimization, we would recommend comparing their Pagespeed rankings to ours. Below is the desktop ranking for https://webstationhq.com (where I now call home).

To compare this to others, we randomly selected a few websites that are not highly optimized for page speed. Here is one (candid) result:

Webhosting technology affects performance and SEO ranking! There are many other factors to optimize websites including optimizing images, placement of scripts, CSS files, minifying files, file formats, and responsive web design. The list is fairly exhaustive.

One of the most critical elements is to have your website developers ensure that Mobile-first enhancements are made to your website. Mobile-first is somewhat of a loaded term however we have created a formula for delivering great mobile experiences using a combination of CSS frameworks like BootStrap as well as newer HTML elements such as the <picture> tag. Rather than force mobile users to load up the desktop version first, then resize everything by requesting additional resources specific to mobile experiences, we highly recommend serving the smaller mobile assets first. Most desktop users will not even notice given our hosting packages are extremely efficient at delivering content coupled with Content Delivery Networks (CDNs). Of course, using a responsive framework is still the easiest way forward for many. To highlight the differences between responsive and non-responsive website, one has to look no further than http://art.yale.edu/. Try loading this into a mobile device or resizing your desktop browser window. The results are (stating this diplomatically) candidates for some improvement. NOTE: This website was chosen randomly as an example.

Other tactics include referencing common libraries (jQuery, BootStrap, FontAwesome to name a few), from their sources. These libraries are often already cached either on the users' device or very few hops away. These small improvements can greatly speed up performance.

Contact Webstation today for a free introductory call to explore your business requirements. Webstation can deliver the following for you are no cost:

• A Full Pagespeed report;
• A Lighthouse Audit trail and report; 
• Suggested optimizations; 
• Recommendations; and
• A quote if requested 

Google Open Source Robots.txt Parser

For those interested in seeing how their websites components are indexed (or not), Googles decision to open source their robots.txt parser is an amazing bit of news.  Webmasters have been struggling with understanding the robots.txt files for many years.  The challenge was not so much how to write and declare the directives in the files; more so to fully comprehend what actions would be taken by each search engine. While there is a single, de-facto standard, the Robots Exclusion Protocol (REP),  the manner in which the corner cases were handled was ambiguous, like when their text editor included BOM characters in their robots.txt files.


On July 1, 2019, Google announced they are spearheading the effort to make the REP an internet standard. Thank you, Google. We applaud your moves thunderously!

<p>Webstation has set up a public Github repository where you can download a snapshot of the full C++ library.  It is an Apache license.  Full instructions on how to build and run the library are included.


<p>Read the full article at https://webmasters.googleblog.com/2019/07/repp-oss.html

Neo4J rocks! Why? Well it's not just about the awesome technology

Developers:

I received a message from my friend Ryan Boyd (at) neo4j.(ext) (see below).  The message is posted for all to read.

Before I present the contents of his email, I want to stress the importance of a few things I believe are very important to all developers.

1. Not many incumbent software vendors care about start-ups. Neo4J is different. I was part of Neo4J as an observer/fan-boy when they launched and I became aware of their technology stack (circa 2002). I ended up becoming a technology teacher for Neo4J. During these times, there were many critics of GraphDB systems, but many of us saw the light and were happy to have an alternative to the RDBMS systems. Most of the critics stated that the concept was old [sigh), but I digress. Graph DBs are simply awesome. I do not want to be corporate specific as there are many great companies (like TigerGraph and AgensGraph/BitNine), that have embraced and expanded upon the ideas of graph databases coupled with advanced data models. Specifically, BitNine, has introduced a mixed-model DB, a technology that could address the shortcomings of pure GraphDBs; and

2. When the first analysts started naming the non-relational/SQL industry as "NoSQL", I saw the inherent flaws in that acronym. NoSQL means "Not Only SQL" (SQL meaning "standardized query language'). In a previous post (2012 - link: https://technoracle.blogspot.com/2012_12_09_archive.html), I expressed a concern that the logic of stating (x 'may include' y) but (x may alternatively 'dis-include’ y) was essentially meaningless since it did not actually did not negate anything. It's like me state "the dinner I cooked for you MAY have white pepper but it may also MAY NOT HAVE white pepper".  Are there really any other alternatives? As Homer said ... "D'oh!!!"

Neo4J did not let this affect them as they knew they were on to something much grander! Of course, their idea of a graph database was far before the social networks where it is obvious that (friend -> hasFriend) is an essential component of every graph (trust me that it gets a lot more specific than this).  Since social networks are so prevalent in every system, I found Neo4K ahead of its time by major factors; and

3. Neo4J was/is_still a start-up. They never forgot the people who helped them while they were trying to get on the map of IT. This makes the character of Neo4J far greater than other start-ups a.  If you are a new start-up, think about how you can emulate Neo4J’s methodology; and

4. They have invested most of their early revenue (see news release below) back into building a stronger community and helping developers> This builds a stronger eco-system of developers who help each other and a more productive environment to work within. Over the years, I have watched this grow in leaps and bounds!

On the latter note, I must disclose some facts.

- Peter Neubauer, is a friend. He was a co-founder of Neo4J. I have worked in a startup with him and come to love him as a brother-from-a-different-mother. Great guy, very smart and ahead of his time!

- I have met with Emil Eifrem on multiple occasions and have come to admire him, both as a human and as a leader in IT.

- Michael Hunger surprised us all by being the single most responsive Technical Evangelist any company has ever had.  I must juxtapose this to my own previous employment experience at Adobe Systems.  As a Tech-Evangelist, we were expected to answer any developer requests as soon as possible. The actual timeframe was stated as "as soon as you can" and Adobe is a very excellent company when it comes to terms with their developer/designer relationships.

The startling fact was that when Peter N., Matt MacKenzie, Moshe Silverstein and I had an issue with the core Neo4J BD system while building a new idea and we reported it to the Neo4J Dev/issues list. Neo4J would acknowledge the issue (if in fact, it were an issue vs. ourselves failing to read the manual), but Michael would have often fixed it prior to us receiving the email and uploaded it to GitHub. I've never seen a company respond so quickly!

I have never dealt with another company that could address developer issues within a week, nevertheless doing it within a day. Fixing issues within 30 minutes was literally unheard of. NOTE: I do not wish to set any unrealistic developer expectations. YAMMV. Mine was awesome! From what I understand, the same level of commitment still exists.

All of this is why Neo4J is special to me. They care about developers. I know I introduced many of you  (reading this post) to coding and/or Neo4J (source: Google Analytics; personal emails).   The truth is that I now want to express just how special Neo4J is.  Many other companies (whom I will not mention by name), could win big time by understanding why Neo4J is helping developers like myself while incumbent giants see themselves losing market share each year to niche players.

Just my (CAD) $0.016534  worth (today's exchange rate).

Duane Nickull

Appendix "A" - Ryan's Email:

Hi there,

We believe in startups as early innovators and disruptors in their respective industries, so we wanted to make it easier to get access to the powerful features in Neo4j Enterprise. We're super happy to let y'all know that we've dramatically expanded the Neo4j Startup Program.

“I’m always struck by the breadth of disruptive business models built around graph technology. Our Startup Program aims to give back to the startup community and make graph technology available to data infrastructures that thrive on connections and drive innovation. It’s gratifying to see our Startup Program members in action and witness their success.” – Emil Eifrem, CEO and Co-Founder of Neo4j

Are you building a product and have <= 50 employees and < $3mm in revenue

You can get Neo4j Enterprise for free, including Causal Clustering and online backup for scale and availability.

But wait, there's more

Qualifying startups also get access to Neo4j Bloom 2 for data discovery and visualization.

Apply today 2 or learn more about the Startup Program from my blog post 2.

Best of luck building your applications and businesses!

Why Using Facebook's OAuth functionality Might not be Wise

I've worked in the tech industry for 25 years. I’m NEVER going to use Facebook to log in to third-party apps and sites online. You should pay attention to the reasons why.

First - who wants FB to know what else you're doing on the internet? It's none of their business. Don't blame the authors of OAuth (Open Authentication). They have done a great job of making it easier to access the web by not having to set up yet another set of login credentials. OAuth is a good idea. It is the implementation, or more precisely who implements it, that scares me.

I use Google OAuth but may rethink this as well. Luckily, Google (to my knowledge) has never revealed my date to malicious entities.

Facebook has, on the other hand, had numerous beaches with accounts being hacked reaching tens of million accounts.  Facebook’s announcement last fall that a security breach allowed hackers to infiltrate the accounts of at least 50 million users, and possibly tens of millions more. The attackers could have gained access to Facebook and possibly, ipso facto, any other accounts you use OAuth for.  This had been noted in a New York Times article where the author states the true magnitude of the danger.  At the time of the article, neither Facebook nor third-party sites seem to be able to measure the true extent of the breach.

The major concern for me is that tech giants security departments tend not to make their processes and procedures public. Once an attack has occurred, all OAuth tokens of affected accounts should be immediately invalidated.  This would require automation to expedite the response as hackers can automate the attack vectors.  A clever attacker could feed each compromised account into a process that forked several new processes to try accessing other targetted accounts.

Complicating this further, many friends I know have admitted they use the same passwords for multiple systems.  Some change their online banking, eBay and PayPal to higher standards, however many do not.  The belief here is that online banking is an A1 priority target for hackers.  Of course, anyone who has read Mitnick's articles on social hacking knows that Facebook and other social media sites can easily be leveraged by clever hackers.

The takeaway here is to take an inventory of which sites you have relied on OAuth for and with which account, then perform your own security audit.  After digesting the contents of this post, I hope it will illuminate some of the potential risks.

Are you working on 64 bit versions of your native Android Apps?

Google recently made a blog post outlining a new requirement for any Android application written in native code to provide a 64-bit version by August 2019.  The requirement is only for those apps using native code and app developers should note that Kotlin/Java source code will not be affected.

The 64-bit CPUs deliver faster, richer experiences and it is imperative to understand the ramifications of this requirement.  Note that  Google is not making changes to 32-bit support.  Google Play will continue to deliver apps with 32-bit native code to 32-bit devices. The requirement means that those apps will need to have a 64-bit version as well.

There is plenty of prepared documentation on how to check whether your app already supports 64-bit and how to become 64-bit compliant.  Technoracle encourages all app developers to understand the requirements.  Briefly, here is a synopsis.

Starting August 1, 2019:

All new apps and app updates are required to provide 64-bit versions of any 32-bit native code they provide.

Extension: Google Play will continue to accept 32-bit only updates to existing games that use Unity 5.6 or older until August 2021.

Starting August 1, 2021:

Google Play will stop serving apps without 64-bit versions on 64-bit capable devices, meaning they will no longer be available in the Play Store on those devices. This will include games built with Unity 5.6 or older. The requirement does not apply to:

• APKs or app bundles explicitly targeting Wear OS or Android TV, which are form factors that do not currently support 64-bit code.
  
• APKs or app bundles that Google Play won't install on Android 9 Pie or later (support for 64-bit does not need to extend to APKs that are only on Android 8 Oreo and below).

We are here to help.  If you have doubts, please contact us directly.

Why Responsive Website Designs Matter

I had previously blogged about my prediction that one day more than 50% of all web traffic would be from "mobile devices".  At the time, I blogged “Smartphone adoption marches on, with 44% of mobile phone users owning a smartphone, compared with 18% in 2009, according to Nielsen” (Post link here - http://technoracle.blogspot.com/2012/01/mobile-tipping-point-five-key-facts.html )

While this prediction was shared by most analysts, no one at the time had predicted that it could rise to over 85%.  During the process of building a recent website for Canadian Cybertech, I perused the server logs to review how the website was being used. To my surprise, we recorded 86% of all engagements were on phones or tablets in November 2018.

So what is a responsive website and why is it critical to have?  Responsive website templates and layouts adjust dynamically to be viewed on almost any sized screen.  They also adjust their layout based on screen orientation.  The opposite pattern of responsive design was once called "keyhole browsing", a term used to denote the rather unpleasant experiences of trying to view a statically laid out website using a small screen.

Most websites you can find today using Google, Yahoo or Bing will be responsive as all three have been known to elevate search engine rankings higher for a responsive website.  Not using a responsive layout can cost you dearly in terms of potential traffic.

So why else is it so important?

To help people understand the differences, here are some examples.  The first graphic shows the opening layout of the Powell Street Salon website on a normal sized computer screen.

The background graphic is shown fully, the menu and other elements are scaled accurately for the screen size and the site has a very spacious look.  The same website on mobile automatically adjusts, as shown below.

Note the menu has collapsed into the three bar icons and the background photo has been cropped without compromising the integrity of the layout.  The font sizes have been adjusted to be readable on the device and the text flows to a more practical layout.

The anti-pattern of responsive can be quite horrible for any mobile user.  Here is a website I found that does not use a responsive design.  First the normal sized computer screen view.

Note that the page elements are not very well aligned as the HTML and CSS code has not taken into account that computer monitors can range from the archaic 640 X 1080 pixel resolution to newer Ultra HD screens with resolutions of up to 4K.  The real horror comes from the first view on a mobile device.  More than half the content disappears.

When the mobile phone is re-oriented into landscape mode, the trouble continues.

Consider now how your business would be perceived if your website was not responsive.  Using the same ratios as the Powell Street Salon, 86% of all your websites visitors could have been so riled up by a bad website experience they likely would have likely clicked on one of your competitor's websites.

The key takeaway here is that most businesses cannot afford to alienate four out of every five of their potential customers.

If you are not yet using responsive designs, please contact us and we can help.  Packages range in price from $500 and up.

Why I am Pro-proportional Representation

In British Columbia, we are finally getting serious about replacing the first past the post electoral system with one that will provide proportional representation.  Why?  For starters, the idea that our elected officials are representative of the desires of the voters just seems like a good idea.  Secondly, gerrymandering is quite frankly evil and should not be allowed to continue in BC (or anywhere).

There are some who say that the new electoral system will not allow our BC government to function at 100% efficiency.  I would state that no system can guarantee such, including the current one.

If you have not yet mailed in your ballot, please consider doing so.  Make our politicians represent what we want.

S/MIME and OpenPGP email easily hackable

I just came across a very cool article with detailed instructions on how to leverage a very simple attack vector to hack many email clients.  Using the scenario in the article, the attacker is able to accumulate encrypted emails and store these emails for some time before starting an attack.  The only constraint seems to be that the email account is still active and the operator of it uses one of the email clients that have failed to protect cyphertext. 

To decrypt one of the emails, he or she manipulates cyphertext using malleability gadgets. Social engineering (K. Mitnick et al) is used to understand basic environmental factors of the target's email client, O/S, encryption software etc. The attacker then transmists the manipulated email to either the original sender or anyone on the CC list.  The email uses new headers and the manipulated cyphertext is hidden within an invisible iFrame. The email can basically be transmitted in such a way as to avoid it appearing suspicious.  Once the receiver opens the email in his client, the manipulated ciphertext will be decrypted. First, the private key of the victim is used to decrypt the session key, and then this session key is used to decrypt the manipulated cyphertext. The decrypted plaintext is then sent to the attacker by using an exflitration channel (hyperlink, events to trigger it). 

The obvious defense is to use only plain text to render your emails or use one of the email clients that did not succumb to this method.

Full article: https://efail.de/efail-attack-paper.pdf

AmericanEHR Incorporates ONC’s Certified HIT Developer Transparency Data

I have always been proud of the work I was part of at Hot Tomali.  One of our most prolific endeavours was the work we did on American EHR pertaining to Electronic Health Records knowledge.  Hot Tomali CEO Thomas Stringham is a key co-founder of AmericanEHR.com, the voice of the American medical community pertaining to ratings and readiness preparations for electronic health records software platforms. AmericanEHR is dedicated to the creation of an online community of clinicians who use IT to deliver first rate health care to American citizens. Through education, social media and the collection of peer contributed data, AmericanEHR provides tools and data to facilitate optimal decision making for potential EHR purchasers. The company has grown substantially and is largely considered the top source of accurate and timely data on the most common EHR software platforms.

On July 19 this new announcement came out:

ONC recently launched a dashboard listing new transparency information for certified health information technology. This data was released to help purchasers of health IT to access information about costs and limitations they may encounter when implementing and using certified health IT products. Developers must also make a Transparency Attestation indicating whether they will take additional voluntary actions to increase transparency regarding their products and business practices. This includes proactively providing meaningful information to prospective customers and to organizations that publish comparative information and tools for the benefit of health IT purchasers. The disclosure of this information is required under certification rules established by ONC on January 14, 2016.

AmericanEHR is proud to announce the full integration of ONC’s Certified Health IT Developer Transparency Attestation data into our certified EHR product profiles and our EHR comparison tool. Users can now see if a Certified Health IT developer supports or has declined to support the Transparency Attestation. Links to each developers Public Product Disclosure(s) are also available as downloadable PDF’s or web links.

Read the rest on AmericanEHR.com.

Neo4J Fundamentals Training in Vancouver, BC this week!

Neo4j Fundamentals

Duration:  8-hours/1 day

Skill Level: Beginner

Course Description

This course will give you a foundational knowledge of graph databases and use cases. You'll learn all the getting-started basics, including data import and creation, basic modeling, and querying. Learn to use Neo4j's powerful query language, Cypher, and how it can drastically improve your connected data problems.

Link to register: https://www.eventbrite.com/e/neo4j-fundamentals-vancouver-ca-tickets-25494630125

Best Suited For:

• Anyone with an interest in database technology
• Developers, Administrators, DevOps engineers, DBAs, Business Analysts and students.

Skills taught:

• An understanding of graph databases
• How to use graph databases
• Introduction to data modeling with Graph databases
• How to get started working with Neo4j
• Build confidence in building a graph enabled application

 Prerequisites

You don’t need any previous experience with Neo4j, NOSQL databases or specific development languages 

Course Outline

• Introduction to Graphs
• Introduction to Graph based Modeling
• Neo4j and Cypher
• Advanced Queries with Cypher
• Real-world implementation use cases with Neo4j

Technical requirements

*You will need your own laptop.*  Please arrive early to quickly install the product and labs used in the class.

Where can I contact the organizer with any questions?

For any questions about the event, e-mail training@neotechnology.com

Energy Efficient Building Funding Available

As you all know, a large part of my work has been focused on energy efficiency including renewable and alternative energy development. I was fortunate enough to have worked directly with many great minds at the US Department of Energy and the National Renewable Energy Lab (NREL).

I keep myself involved in many conversations around these subjects and wanted to share some great news.  The Building Technologies Office (BTO) Emerging Technologies Program (ETP) has announced the availability of $8 million USD for Funding Opportunity Announcement (FOA) DE-FOA-0001383, “Building Energy Efficiency Frontiers & Innovations Technologies (BENEFIT) – 2016.” BTO seeks to fund three Innovations topics and two Frontiers topics to support our efforts to reduce the energy use of commercial and residential buildings. In addition, a supplemental section will provide a maximum of $100K/year to encourage partnerships between universities and for-profit companies.

This is great news for those who have ideas that have not yet been implemented. Especially in cases where the prime reason for not implementing the ideas is funding related.

The Innovations section will support:

• Open Topic for Energy Efficiency Solutions for Residential and Commercial Buildings 
• Human-in-the-Loop Sensor & Control Systems 
• Infiltration Diagnostic Technologies 

The Frontiers section will support:

• Plug and Play Sensor Systems 
• Advanced Air-Sealing Technologies for Existing Buildings 

Details are as follows:

Submission Deadline for Concept Papers: January 29, 2016
Submission Deadline for Full Applications: April 18, 2016
Informational Webinar: December 21, 2015, 2:00 PM ET

Apply Now

Email BENEFIT2016@ee.doe.gov 

Google Places "Type" Dropdown list (Free HTML Code)

I've been working on a new venture named GoPage (www.gopage.com).  As part of our lookup through the Google Places API, we need to pass over the "type" parameter. The Google Places API is a REST based API that uses the URI to control facets of the returned data.  The type is added in based on the taxonomy containing over one hundred different types of locations expressed here.

The request is made by issuing the following post:

https://maps.googleapis.com/maps/api/place/radarsearch/json?location=48.859294,2.347589&radius=5000&types=food|cafe&keyword=vegetarian&key=API_KEY

The types=value parameter is shown in blue.  If you find yourself wanting to implement this in an HTML drop down list, you will not find that code on the internet (as I did not) and face the tedious task of having to write it yourself.  Well, today is your lucky day. Here is the code done for you. Now you have time to do something else (like play video games) and tell your boss you worked hard to copy and paste all 100 types into the HTML source.

Have fun!

(Remember to paste this as Plain Text and change the form action to your own code)

</form action="form_processor.php">
<select name="type">
<!-- Based on Google Types as of 2015-09-21
     First value is selected by default. If selected, no type should be written into the API -->
<option value="" selected="selected">Any</option>
<option value="accounting">Accounting</option>
<option value="airport">Airport</option>
<option value="amusement_park">Amusement_park</option>
<option value="aquarium">Aquarium</option>
<option value="art_gallery">Art_gallery</option>
<option value="atm">Atm</option>
<option value="bakery">Bakery</option>
<option value="bank">Bank</option>
<option value="bar">Bar</option>
<option value="beauty_salon">Beauty_salon</option>
<option value="bicycle_store">Bicycle_store</option>
<option value="book_store">Book_store</option>
<option value="bowling_alley">Bowling_alley</option>
<option value="bus_station">Bus_station</option>
<option value="cafe">Cafe</option>
<option value="campground">Campground</option>
<option value="car_dealer">Car_dealer</option>
<option value="car_rental">Car_rental</option>
<option value="car_repair">Car_repair</option>
<option value="car_wash">Car_wash</option>
<option value="casino">Casino</option>
<option value="cemetery">Cemetery</option>
<option value="church">Church</option>
<option value="city_hall">City_hall</option>
<option value="clothing_store">Clothing_store</option>
<option value="convenience_store">Convenience_store</option>
<option value="courthouse">Courthouse</option>
<option value="dentist">Dentist</option>
<option value="department_store">Department_store</option>
<option value="doctor">Doctor</option>
<option value="electrician">Electrician/option>
<option value="electronics_store">Electronics_store</option>
<option value="embassy">Embassy</option>
<option value="establishment">Establishment</option>
<option value="finance">Finance</option>
<option value="fire_station">Fire_station</option>
<option value="florist">Florist</option>
<option value="food">Food</option>
<option value="funeral_home">Funeral_home"</option>
<option value="furniture_store">Furniture_store</option>
<option value="gas_station">Gas_station</option>
<option value="general_contractor">General_contractor</option>
<option value="grocery_or_supermarket">Grocery_or_supermarket</option>
<option value="gym">Gym</option>
<option value="hair_care">Hair_care</option>
<option value="hardware_store">Hardware_store</option>
<option value="health">Health</option>
<option value="hindu_temple">Hindu_temple</option>
<option value="home_goods_store">Home_goods_store</option>
<option value="hospital">Hospital</option>
<option value="insurance_agency">Insurance_agency</option>
<option value="jewelry_store">Jewelry_store</option>
<option value="laundry">Laundry</option>
<option value="lawyer">Lawyer</option>
<option value="library">Library</option>
<option value="liquor_store">Liquor_store</option>
<option value="local_government_office">Local_government_office</option>
<option value="locksmith">Locksmith</option>
<option value="lodging">Lodging</option>
<option value="meal_delivery">Meal_delivery</option>
<option value="meal_takeaway">Meal_takeaway</option>
<option value="mosque">Mosque</option>
<option value="movie_rental">Movie_rental</option>
<option value="movie_theater">Movie_theater</option>
<option value="moving_company">Moving_company</option>
<option value="museum">Museum</option>
<option value="night_club">Night_club</option>
<option value="painter">Painter</option>
<option value="park">Park</option>
<option value="parking">Parking</option>
<option value="pet_store">Pet_store</option>
<option value="pharmacy">Pharmacy</option>
<option value="physiotherapist">Physiotherapist</option>
<option value="place_of_worship">Place_of_worship</option>
<option value="plumber">Plumber</option>
<option value="police">Police</option>
<option value="post_office">Post_office</option>
<option value="real_estate_agency">Real_estate_agency</option>
<option value="restaurant">Restaurant</option>
<option value="roofing_contractor">Roofing_contractor</option>
<option value="rv_park">Rv_park</option>
<option value="school">School</option>
<option value="shoe_store">Shoe_store</option>
<option value="shopping_mall">Shopping_mall</option>
<option value="spa">Spa</option>
<option value="stadium">Stadium</option>
<option value="storage">Storage</option>
<option value="store">Store</option>
<option value="subway_station">Subway_station</option>
<option value="synagogue">Synagogue</option>
<option value="taxi_stand">Taxi_stand</option>
<option value="train_station">Train_station</option>
<option value="travel_agency">Travel_agency</option>
<option value="university">University</option>
<option value="veterinary_care">Veterinary_care</option>
<option value="zoo">Zoo</option>
</select>
<input type="submit" value="Submit">
</form>

Looking for Neo4J Help in Vancouver?

If you are in Vancouver, BC or the surrounding areas, including Nanaimo, Victoria or anywhere else in the Province, there are some great resources for Neo4J.  Personally, I've been working with Neo4J for several years and co-manage the Vancouver Graph Database User Group.  I love the technology and think it is great.

For companies interested in hearing more about Neo4J, there are many online resources.  I've published quite a few blog articles for developers on how to get started and supplied code examples and technical help in many contexts.  If you or your company is interested in having someone come in to help discuss Neo4J, please contact me at Hot Tomali. In business since 1998, Hot Tomali has survived the best and the worst times for High Tech.  Hot Tomali is working with Neo4J on a number of fronts including a Sitefinty CMS <-> Neo4J connector that allows developers to bring Neo4J data right into the Sitefinity environment and bind the data to objects.

DISCLAIMER: I am working as the CTO for Hot Tomali.

More on Geothermal Energy in British Columbia

The article below recently surfaced via the Vancouver Sun.  As a person who has been a large proponent of Geothermal energy and a former consultant with the United States Department of Energy (US DOE), I have been advocating that BC MUST start developing geothermal power for years. Every other country in the ring of fire uses this abundant, clean and reliable/renewable source of energy, except Canada.

Our current BC Geothermal Resources Act, a BC statute, reads like a manual for keeping geothermal development to a minimal. Our provincial policies and processes are not conducive for geothermal companies to work in BC, nor have our politicians taken the necessary steps to start this clean and renewable energy industry in BC.

When I ran as an MLA candidate, my platform was strongly advocating the use of geothermal power instead of options like Site C or Fossils Fuels. If BC begins to use electric cars en masse, we will need a huge increase in power. even without, we can develop and sell power to other jurisdictions to replace their reliance on fossil fuels.

My dream is one day that we will start to use this form of power.

B.C. geothermal projects promising, but ‘high very risk’
Developer eager to work on proposal with BC Hydro
Bruce Constantineau
Vancouver Sun
July 22, 2015 5:55 PM

VANCOUVER — Two potential geothermal energy projects near Pemberton could
generate electricity for about seven cents a kilowatt hour — only slightly
higher than the 5.8 cents to 6.1 cents a kilowatt hour cost estimate of
the Site C dam project.

That's the conclusion of a recent Kerr Wood Leidal Associates study on the
economic viability of geothermal resources in B.C., which considered nine
of the most favourable geothermal sites in the province.

There are no geothermal energy projects operating in B.C. but the study
estimated the cost per kilowatt hour for the nine sites would range from
6.9 to 7.1 cents for Pebble Creek and Meager Creek near Pemberton to 17.6
cents for Clarke Lake near Fort Nelson.

BC Hydro senior strategic technology specialist Alex Tu said some of the
projects appear promising but stressed the cost estimates are still "very
uncertain" and carry a lot of risk.

"Even though it says seven cents a kilowatt hour, it's still a risky
proposition," he said. "All the geothermal in the province is still looked
at as very uncertain and very high risk but if you can make the project
happen, seven cents is a good price."

Tu noted BC Hydro invested tens of millions of dollars drilling at the two
Pemberton area sites in the 1970s and 1980s but could only produce enough
steam for a 20-kilowatt demonstration facility that operated for 18
months.

Geothermal power facilities work by drilling into the earth and
redirecting steam or hot water into turbines that convert the energy from
the fluid into electricity.

Tu said Hydro has always been open to geothermal power as an alternative
energy source but no geothermal projects have ever been submitted to Hydro
in any of its calls for power from independent power producers.

Hydro's standing offer program offers to pay producers $100 a megawatt
hour for smaller energy projects of up to 15 megawatts. The two Pemberton
area geothermal sites each have estimated capacities of 50 to 100
megawatts.

Borealis GeoPower chief geologist Craig Dunn, whose Calgary-based firm
hopes to build two geothermal power plants in B.C. by 2018, said he was
excited by the Kerr Wood study, which was commissioned by BC Hydro and
Geoscience BC.

"I think it's a giant step forward in recognizing that geothermal is a
viable energy opportunity for the province of British Columbia," he said.

Dunn said the drilling and turbine technology associated with geothermal
power continues to improve, making that form of energy more economically
viable than ever.

"As a private developer, I know that my costs are significantly less than
the estimates," he said.

Tu estimated the cost of the two proposed Borealis geothermal sites near
Valemount and Terrace at about $120 to $140 a megawatt hour but Dunn said
current drilling economics — with many drilling rigs now inactive due to
the oil industry slowdown — could cut that estimate by 25 to 50 per cent.

"We look forward to working with BC Hydro within the standing offer
program pricing (of $100 a megawatt hour)," he said. "We believe that we
can be economic."

http://www.vancouversun.com/business/energy/geothermal+projects+promising+high+very+risk/11234578/story.html

More Neo4J Training - Vancouver, BC

Back for the fourth time in two years, Hot Tomali is presenting two solid days of developer training for Neo4J.  Whether you are a skilled developer or just beginning, this course features an easy learning curve and tough challenges to cater to all levels.  At the very basic level, attendees will learn the basics of graph data basics, the Cypher language and how to embed Neo4J within applications.  On day two, we will dive into modelling databases and learn how to represent several domains into various data structures.

The classes are designed to maximize the learning over the 8 hour day and teach students what graph databases are, how they differ from RDBMS systems, the data model, Cypher (the query language), and how to build and use graph databases.

So, what is Neo4J and what are graph databases?

A graph database stores data as nodes and relationships.  Both particles have properties, expressed in key:value pairs.  Unlike RDBMS systems, graph database's schemas are determined by the instance data itself and not a separate structure.

Neo4J is the world’s leading graph database, meaning it is used by more customers than any other graph database. It offers several advantages over fixed schema databases, especially for startups given the immaturity of their data models. Neo4J does not require a schema like Relational DataBase Management Systems (RDBMS). Instead, Graph databases save data as “Nodes” that are connected with “Relationships”. Nodes and relationships both have “properties” which is how humans think about concepts in the real word. Nodes may be arbitrarily added or removed without re-writing an entire database schema, a true savings of costs and effort.

The Neo4J implementation of a graph database has become the industry standard. Cypher itself, a language similar to the Structured Query Language (SQL) has become a sort of Pseudo standard within the space. The course will cover the basics of Cypher and some advanced topics like sorting and filtering return values.

If there are still seats available by the time you’ve finished reading this article, sign up here! The cost is less than $100, an absolute rarity in technical courses in today's world.

All you have to bring is yourself and a laptop.

My Referendum Thoughts

I have been asked by many people what my thoughts are on the Transit Referendum.  For the record, I will repeat what I had earlier stated.  A referendum is not something I feel is needed in most cases as the process has flaws.  We elected the current government and with that election, have given them permission to move ahead with their stated election promises.  Nevertheless, we find ourselves in a referendum situation.

I have a good mind to vote no for the single reason I view a "yes" or "no" vote on the entire proposal as flawed.  If we are going through the time and effort of a referendum, it is a good time to maybe break out some of the programs into individual yes or no votes.

In general, I support far more infrastructure in public transit because it is both healthy for the economy and for the environment, but only if done properly.  Allowing hundred of kilometers of new bike lanes to be built without proper scientific research and oversight is a problem in my eyes.  As a cyclist, I do not support making cycling more dangerous as has been the result of some changes.  As an environmentalist, I do not support putting more CO2 into the atmosphere.  Unfortunately, the closure of Point Grey road does absolutely nothing to improve cycling safety (how can you improve over “zero” bike accidents in five years) and does a lot of cause further congestion which causes far more CO2 to be placed into the road.

Unfortunately, I have been born with a scientific and quantitative mind.  I actually read bills, study the fine print and do the math calculations.  There is not such thing as a free lunch and many of the current left wing propaganda is littered with the notion of “let’s throw up a few solar panels and ride a bike and we’re green!”.  Sadly, this is green washing and very far from the truth.  The average person amongst us, myself included, uses about nine times too much energy in general as we should be allowed to use.

So back to the current referendum. It would have been far better if each line item was listed separately and the ballot had a place to vote on improvements to the plan.  Where do I sit?

I would implement the following changes:

1. Require an external audit of the bike lanes with a stated goal, a scientific assessment of our track record towards the goal and an openness to hear ways the process can be improved. NO new bike lanes without some proper oversight please!

2. Instead of building more cars space on highways, I would like to see enhanced electric rail services around our region. I would vote for little improvements to be made to roads, instead having our region served uop with improved electric rail service.  If I lived in Langley, I would much rather ride a 180 KPH commuter rail and be downtown in 18 minutes and be able to read or work on the train than simply one more lane for cars.  Since the costs are about equal, it is worth thought.  Same for the new Massey Tunnel.  Why not electric rail that one could take from downtown Victoria to Vancouver (connected with the ferry system)?

3. The old Skytrain is an obsolete technology.  I would rather see more street level trains.

4. For Broadway corridor, use existing rail rights of way and augment it with branch lines.  If the data suggests that a tunnel will accomplish the goals while using existing rail corridors wont, then I will be ok with a tunnel. I would much rather see a New York style train than our hated Skytrain system.  It is bloated, old and costly.

As for walking, all for it. 

The tax itself is a bit of an issue.  We are taking on a very large debt here and it might be better to ask ourselves “do we really want 1,000,000 more people here?”.  Why not help other cities develop instead of Vancouver becoming this major metropolis?

All of this needs more discussion.  This is a band aid on a cast sitting on top of stitches to hold things together.  We, as a society, cannot keep growing like this.

I just stuffed my ballot. I voted “yes” despite the flaws.  After all, what is the real alternative?  Another flawed process with more wasted money?   GAH!  To think how much good I could have done if elected to the provincial legislature..