Costco Should Reuse Plastic Egg Cartons

  • Environment

Plastic egg cartons provides better protection than cardboard, and since they are so strong, why not reuse them so we don’t have to keep making more?

 

A couple of years ago Costco introduced plastic egg cartons, which are stronger and prevented yolk from broken eggs from contaminating the cartons below. While these are made from 100% recycled plastic (props to them), I still feel guilty about how much energy went into the manufacturing of the plastic. They are also surprisingly bulky, taking up more space in recycling bins than should given their weight. Furthermore it requires still more energy to recycle these cartons again; Why not just reuse the cartons instead?

   

Consumers can drop off old plastic cartons and these can be densely packed and shipped - in the same truck that carried the eggs to Costco - already returning back to the packaging facility. Cleaning and inspection of these cartons are definitely required, but this should be less resource-intensive compared to both manufacturing completely new cartons, as well as to recycle the old cartons.

Costco can benefit in several ways by doing this. Reusing these cartons means they don’t need to manufacture as many new ones. They can either pass these savings to consumers (albeit probably only a few cents), and create a marketing campaign to spread awareness about reusing and recycling plastics.

One drawback is the slight inconvenience that this brings to customers. However, Costco customers almost always drive a car, so they can easily store old cartons in their trunk. The cartons are light and don’t take up too much space so one can even drop these off every other week when they do their shopping.

Another necessary change is that reused cartons need to have an updated expiry date on the container. This can be solved by using stickers instead of etching the expiry date on the side; The cleaning process will get rid of any gunk and old stickers.

Nonetheless the biggest challenge I see is for someone with authority to get behind this project since it involves changing Costco’s distribution logistics, potential legal considerations about reusing customer-provided cartons, and working with other vendors to clean and inspect the reused packaging. However, if Costco is able to put this into practice then I think this represents a significant step in companies recognizing the importance of finding ways to reduce their environmental impact. Other stores, such as UK’s Tesco (they sell 1.3 billion eggs yearly!), have also adopted plastic cartons for several years already, so other stores can benefit from a trial run. Let’s start with eggs and see what this grows into!

Wireless is More

  • Wireless
  • HCI

This post is about my recent experiences using wireless charging and AirPods, and thoughts about future interaction models.

 

My iPhone 7 battery life has been on the decline for the last few months. Although the physical hardware is aging, there’s a few other factors at play too. I noticed that I was using my phone more for emails and browsing, as well as for listening to podcasts over bluetooth. It is also the winter season at Waterloo, which has a small impact when I use my phone outside. On occasion I’ve charged my phone with a 12W iPad charger, but now I try to avoid it since it is bad for most phone batteries since they have less capacity. Remembering to plug in my phone in the afternoon is not something I want to constantly think about.

Instead, I got a wireless charger and a wireless adapter for my phone. If you previously asked me to estimate the increase of convenience and comfort of wireless chargers I would probably have predicted it would be negligible. (How hard is plugging and unplugging a cable???)

Yet once I started using the wireless charger there was no going back1. There’s no need to aim the connector to align with the port, even though it’s second-nature already; the unconscious effort of making sure the cable doesn’t knock over objects is eliminated; walking out the door with my phone is instantaneous.

Now, whenever I sit down at my desk, I just drop my phone on the charger so it is always charging. All this might seem like a tiny increase in convenience, but I wouldn’t be surprised if by doing this that most people wouldn’t need to worry about battery life anymore.

AirPods

AirPods are great. The most obvious benefit is, of course, the lack of wires. I’ve always wrapped my earphones “over-under” method which reduces the tension on the wires. Nonetheless I found that as wires age, they get tangled more easily, which is why I usually carry with me my (relatively) new lightning EarPods.

I’ll admit I have a pretty unusual use case: Although the majority of the time I would listen on my phone, the problem was I would switch to my computer to do meetings every week. This meant I had to dig out my old 3.5mm with adapter earbuds, which I always keep with me in my bag.

Now I could’ve solved this by getting any pair of bluetooth earbuds but buying the AirPods was so much easier: I didn’t have to do any comparison of detailed tech specs. Furthermore when it comes to tech gadgets, I think that having a deep integration within an ecosystem is the biggest selling feature, which in this case meant it was easier to switch between devices. And of course, the charging case is elegantly designed and makes a wonderful snap sound as it closes. It’s the little details that matter.

I’ve heard many people worry about how easy it seams to lose them, but in most cases there isn’t much to fear - for one, audio playback automatically pauses (except phone calls) if one AirPod falls out. The only rule is to make sure each AirPod is either in your ear or in the case.

I do have to mention a few nitpick details because as good as any product is, there can always be improvements. Hopefully these issues can be addressed in a future update.

  • When I first used AirPods I didn’t have as good of an understanding on how switching between devices work. I thought that because it was already linked to my iCloud account that if I play music from my phone, then play from my computer, then the AirPods would automatically do so too. Eventually I realized that I had to explicitly switch the audio source 2.
  • I would like to have the ability to switch audio source when the charging case gets opened right beside that device, saving the user from 3D-touching into the audio settings.
  • When an audio source does get switched, sometimes it takes just a tad longer than what seems like it should take.
  • Sometimes there is a buzzing sound when there is no sound being played, which is especially noticeable when scrolling through video because it seems to prime the audio driver (even though no sound is being played yet).

It all comes together

Improvements in hardware is often the driving force behind device upgrades because customers want the newest features. However, the existing hardware we have today is already very capable. Suppose a consumer wants to see a 15% improvement before they upgrade their phone. However a 15% improvement from an iPhone X might be equivalent to several model jumps back in say the iPhone 4 days. It is a much higher bar today.

Yet another approach of developing new features is to support a different paradigm of interactions. Two obvious examples we see today are voice assistants and virtual reality. No doubt hardware plays a critical role, but the importance of software and integration in an ecosystem also cannot be understated for these paradigms. Both use personal and public data, coupled with the current context, to provide and act upon requests by the user. The hardest part is achieving a near-perfect accuracy and responding fast enough to overcome the habit of how users currently accomplish their tasks today.

The overall theme over the past two years is the trend towards all things wireless, and that’s something I would like to see and hear taken to a whole new level in the upcoming years. Let’s go build a wireless connected world!

Footnotes

1 ↩ Thank god for Xcode 9’s wireless debugging feature!

2 ↩ Thinking back, of course this is necessary because it’s not possible for computers to fully read our thoughts (yet)

VPS Promotional Strategies

  • Marketing

Disclaimer: I have been running this website on Digital Ocean for several years now. Opinions expressed in this post are solely my own™.

 

I’ve been seeing a lot of Digital Ocean’s “free 60 day trial with $100” promo for several weeks now 1, 2. This was a significantly larger credit compared to most other providers (aside from the big three) so I was curious why they chose this marketing strategy and what kinds of customers that they would attract. Let’s take a closer look.

First of all let’s see what alternative VPS solutions are available and how do companies get the word out to customers:

  • Digital Ocean (DO) is giving $100 for 60 days by using promoted tweets on Twitter.
  • Amazon, Microsoft, and Google all offer varying amounts (some up to a full year) of free credits accessible directly from their website.
  • Linode is a long-time sponsor on many podcasts and offers $20 in free credits, which equates to 4 months on their lowest-tier plan. 3

So the question is: from a business point of view, which marketing strategy is the best? I would like to name a couple of these customer segments specifically in the context of this article so we can better understand how each is targeted. Hobbyists are people who have an idea, are familiar with programming/technology, and are looking to start building their product as a side project. Upstarts are startups who have an MVP and are looking to grow their product (which usually requires scaling their servers). Enterprises are established businesses with large computing needs wanting to take advantage of a cloud-hosted environment and want the piece of mind provided by a well-known provider.

[Hobbyists] Linode’s $20 free credit

One way to look at the $20 free credit is that it attracts hobbyists who are just hacking on a side project. By offering this specifically to podcast listeners, Linode can more easily target those who just that final push of starting a project. When they finally do decide to take the leap, the hope for Linode is that customers remember Linode and use their coupon code instead of some other service.

Since hobbyists will most likely be working in their spare time, it may take several months to build an MVP). This matches perfectly with the 4 months of free hosting. But is it possible for Linode to profit from this promotion?

That’s where economies of scale kicks in: Hobby projects usually have low performance requirements and often sit idle most of the time. Since these VPS run in containers, it is possible to run many many containers on a single physical machine. This means the cost during the free trial is fairly low and the operating margins are relatively high once customers start paying. Thus the main determinant for success in this promotional strategy is the conversion rate from free trial to paying customer. (This is not to say that Linode only has small customers.)

[Upstarts] Digital Ocean’s $100 for 60 days

The other way is to give a larger promotional credit, but explicitly limit it to two months. This incentive targets people who are looking for higher compute requirements (eg. a $50 monthly plan) to try out their platform. These customers might have already built out their prototype or are looking to switch providers. If this is the case then eventually customers will be paying around $50 per month, 10x of what Linode would receive. However keep in mind that these customers will most likely be fully (or close to) utilizing the VPS instance, reducing the number of instances run per physical machine, and leading to a lower operating margin compared to Linode.

Now, another outcome is that the customer scales back to a lower tier after their trial ends because they don’t need so much power. In this case it is most likely that the server was not fully utilized to begin with so the cost to Digital Ocean during the trial was also lower. Although these customers are on a lower tier, DO is still able to convert a customer, as well as consolidate their VPS in a manner similar to Linode. Overall, this strategy is mostly about the trade off of obtaining higher volumes albeit at a lower margin.

[Enterprises] How can companies offer 1 year free credit?

Amazon offers 12 months of free compute along with other goodies, while Google offers a $300 credit for 12 months in addition to always-free App Engine platform, and Microsoft Azure also runs a similar promotion. These comapnies enjoy top-of-mind consumer awareness which gives them a marketing advantage.

But you might be wondering is this even sustainable? Let’s pick on Amazon since they segment out their AWS financials. In 2017 Amazon AWS had net sales of $17.5 Billion, with an operating margin of 24.8%. Keep in mind however that free credits are treated as expenses for accounting purposes, so it wouldn’t be part of the operating margin.

Amazon provides 12 months of 750 hours of t2.micro compute which has 1 “vCPU” and 1 Gb RAM. Notice this is bits, not bytes. The free tier that Amazon offers provide one-eighth the RAM at a price 55% more expensive than what DO and Linode offers. This additional restriction in RAM further helps in allowing it to consolidate VPS instances to a single machine.

Thus Amazon is able to take the economies of scale to the extreme 4, which can significantly reduce the cost of their promotion. If customers do decide to start paying, the retail prices it charges are higher than that of independent providers. Nonetheless, I would assume that the vast majority of AWS revenue comes from enterprises who deal with significantly higher volumes or require one of the extensive line of services offered. The one year free trial is just a low-cost marketing spend to attract some new customers, but mainly to put pressure on competition to offer promotions (which drive down competitors’ margins more than the effect on Amazon).

Summary

There is a fair amount of competition in online hosting but all signs point to continued growth in the overall industry. Thus it is vital that companies be able to attract these new customers by offering free promotions. Thanks to the economies of scale allowed by the consolidation of multiple VPS instances to a single server, the cost of promotion can be reduced. Linode is targeting the Hobbyists segment where the large idle times provide a relatively higher margin. DO’s promotion targets a more established company looking to scale, allowing for higher revenues compared to hobbyists, but at a slightly lower margin. Amazon has significantly better scale and is able to acquire both enterprise customers who contribute higher volumes of revenue, as well as higher margins from idle machines.

Now if only I can stop seeing these Twitter ads because they probably have gotten about all they can out of me, but the nature of online advertising is essentially spray and pray. I just hope I won’t regret seeing whatever ad that becomes the successor.

Footnotes

1 ↩ Looks like their ad works because now I’m writing about it :P

2 ↩ They slightly clarified the ad - originally it was a bit deceiving/clickbait title “free $100 credit” and wasn’t until reaching the website did they explain it was for 60 days only

3 ↩ Here’s some of my favourite podcasts that are sponsored by Linode - take your pick ATP, Core Intuition, or Under the Radar

4 ↩ I mean, I heard Amazon sells a lot of e-books so they must need a good CDN

Gift Card Scams

  • Life

The other day my dad went to buy some house supplies. Just as he was about to checkout, another customer offered him a gift card in exchange for cash at a discount (the gift card was given as store credit for a previous item he returned). After some thought my dad agreed and, after verifying the balance, paid him the cash. My dad then purchased the supplies with the card, afterwards which still had a substantial balance.

He explained what happened after he picked me up and asked if I saw any problems. At first I saw no issue with this: he got cashback from the store, so the customer could not have gotten any personal information. It might have been possible to lookup (future) purchases, but so could a casual observer.

But then the cynic in me came out: Was it possible to purchase something online using a gift card? I checked the website FAQ and sure enough, it was possible.

However I wasn’t too concerned. If this was a scam all along then the money would already be long gone. Furthermore the way that my dad told the story made the other customer sound like he just wanted the liquidity of cash and didn’t have any malicious intent.

We drove back to the store and checked the balance of the card. It was the correct amount. Since we were already at the store and didn’t want to take any chances, we bought some more items to use up the balance (we couldn’t exchange for a new gift card).

Analysis

As uneventful (albeit random) this story is, I think there were a few interesting learnings here in no particular order.

I was aware of the market where people sell gift cards at a discount online but this was the first time I’ve witnessed it in person. I’ve never really trusted online markets because, if anything went wrong, it can be very frustrating to find someone who can be responsible for the loss. However this risk is significantly reduced if the transaction is in person, and by personally verifying the card balance.

I thought it was unfortunate that the other customer had to sell the gift card at a discount. However there was no way of knowing his reasoning and that was no business of mine. Ultimately it was his decision to offer the balance at the discounted rate. What mattered was that both parties were content with the deal.

It was also interesting to think of this transaction from the view of an investor. Suppose the offer was $200 for a $250 gift card. The potential return would be 25%. Of course there is also the potential of losing 100%, but everything has a risk. What would you have done?

From a developer’s perspective, it was kind of fun to try to think outside the box. For me when dealing with these kinds of questions, I find it easier to just assume there was a solution/scam, which would allow me to focus on how it could have been done.

I try to start with the assumption of good intentions when dealing with strangers. I think this type of behaviour is increasingly important in the society that we have today. In a way, this is the continuous version of prisoner’s dilemma. However, as the saying goes, it is equally important to “trust but verify”.

Thank you to whoever sold that gift card.

History of iOS APIs for User Tracking

  • Privacy

One of the key metrics for advertising companies is conversion rates. This might be the percentage of people who click on an ad or install an app. Targeted ads are commonly used to identify the right audience to display an ad to, thus increasing the likelihood that they get converted.

So how do advertisers know who to target? To do so requires a great deal of knowledge about an individual. This might be gathered by tracking the apps and websites visited, one’s daily routines, and the network of friends on social media. I think many people put off privacy because its benefits are not immediate nor obvious. One (hypothetical) malicious use is if an insurance company discriminates prices based one’s usage pattern.

Nonetheless there are a few valid use cases for limited tracking. For example services want to identify users who try to reinstall an app to get a new free trial or replace their previous fraudulent account. Or perhaps companies want to give users a discount for upgrading to a new version or when buying multiple apps1.

How tracking works

Suppose someone builds a tracking library (Triple Tap seems fitting) and convinces many apps to include it. What are some ways it can amalgamate user sessions across apps? Nowadays everyone uses a NAT router so there might be hundreds or even thousands of users behind a single IP address. The easiest way to distinguish users is to generate a UUID on startup. However, since mobile applications are sandboxed and cannot communicate with other apps, the library must rely on some information from the operating system to ensure consistency between apps. Assuming this library is included in a lot of mobile apps, it is then possible to build a list of apps used by a single user.

[iOS 2 - 6] UDID

Historically iOS provided a convenient method [[UIDevice currentDevice] uniqueIdentifier].

A unique device identifier is a hash value composed from various hardware identifiers such as the device’s serial number. It is guaranteed to be unique for every device but cannot publicly be tied to a user account. […]

Unfortunately there are several downsides of this identifier from a privacy standpoint. Although this cannot publicly be tied to a user account, many apps do require users to sign in, thus allowing them to establish a link. Furthermore, since this is based on the physical device identifier, the same identifier will be generated even after you sell or recycle your device. Luckily the general community has become a lot more privacy conscious and this was deprecated in iOS 5 and removed by iOS 7.

[iOS 6 - Present] IDFA

In iOS 6 Apple introduced Identifier for Advertisers (IDFA) to replace the deprecated UDID. This identifier was created specifically for advertising and tracking and provided some benefits for privacy such as the ability for users to generate a new identifier. It also provided an option for users to request limited ad-tracking which, similar to the Do Not Track HTTP header, only informs that user do not want to be tracked. It isn’t until iOS 10 that this identifier will return nil when the option is enabled.

[iOS 6 - Present] identifierForVendor

At the same time, Apple introduced an API specifically allowing apps from a developer to obtain the same user identifier from all installed apps on a device published by that developer. Tracking libraries cannot distinguish users using this method because apps from different developers will return different identifiers.

[iOS 2 - 11] MAC Addresses

When UDID was replaced by IDFA, some people were just not content with an identifier that could be reset. Thus many applications began using the wifi MAC address instead. This was short-lived as iOS 7 began returning a constant 02:00:00:00:00:00. Nonetheless it was still possible to use the ARP table to retrieve the MAC address from the wifi router, at least until this was removed iOS 11! Such a classic game of cat and mouse.

[iOS 3 - 8] canOpenURL

Although this API was available since the early iPhone OS era, it seems like only in the last couple of years have apps adopted custom URLs as a priority feature. This makes sense because, with custom URL schemes and the ability to query for its existence, apps can be smarter by properly opening that app, or bringing up the App Store sheet. But who would have thought that any company would have the audacity to scan all the apps on one’s phone? This was addressed by limiting the number of queries and by requiring apps to specify URL schemes they intend to query ahead of time so it can get reviewed2.

[iOS 8 - Present] iCloud Keychain

iCloud Keychain was introduced as users began using multiple devices and as Apple improved its cloud infrastructure. In the simplest form, one can think of it as a key-value dictionary that is synchronized with Apple’s servers and the rest of the user’s devices. However the side effect of this persistence is that data stored on servers will not be deleted, even if the user has deleted the app from all of their devices. This is not to say that Apple is not aware of this issue - it’s just that privacy leakage and the goal of persistence for apps are inherently irreconcilable. In fact iOS 10 betas initially changed the behaviour to perform the deletion, but was reverted due to compatibility problems3. The bright side is that this only allows persistently storing data, but apps still need to find a way of communicating with other apps.

[iOS 11 - Present] DeviceCheck

This provides developers with the ability to verify the authenticity of an Apple device and to store two bits of information on a per-device, per-developer basis. This is now the preferred way to record characteristics about a user such as flagging fraudulent users and free trial usage in a privacy-preserving manner. A lot of thought has been put into this. For example although it provides a queryable timestamp (of when bits are updated), this is trimmed to provide only year and month granularity. This gives 828 (69 years * 12 months) possibilities if we assume date ranges can be between January 1970 - January 2030. However this can easily be (if not already) constrained to only accept timestamps within the last few months.

Conclusion

User tracking is common practice today, mostly for ad targeting. To do so ad tracking libraries must be able to distinguish users behind NAT routers, which may be in the hundreds or thousands. Furthermore apps must rely on the operating system in order to acquire a consistent identifier between apps. Historically iOS provided several convenient APIs to do so, however these identifiers could identify users and persisted between installs.

iOS removed many sources of persistent identifiers and replaced them with privacy-respecting alternatives that provide most, if not all, of the necessary functionality. Nonetheless there are still other sources, albeit small (eg. carrier name, device name, model, version), which together can be used to fingerprint a device. Maybe we should all go back to using a Blackberry with separate work/personal profiles?

Footnotes

Note: All the iOS versions affected signified by the square brackets are inclusive.

1 ↩ Developers can now use App Bundles.

2 ↩ Querying URL Schemes.

3 ↩ Ironic anecdote: Deleting iCloud Keychain probably would have prevented crashes on Frenzy if users had just restored their phone. This was due to the app trying to failing to decrypt the database since it was using the key from the previous phone (backed up) on a newly created database (not backed up).

A selection of other sneaky methods: