Computers for Pros: Goodbye Mac, Hello ThinkPad

Back in February, I sold my 2017 MacBook Pro. For a couple of years, I had been grumbling about the direction Apple products have taken. I did have problems with the infamous butterfly keyboard. I actually liked the touch bar – except for its tendency to freeze at the exact moment I need to mute my sound quickly. And I couldn’t help noticing the many useful things that had disappeared from my older MacBooks:

  • MagSafe.
  • A battery charge level indicator
  • A light on the charging connector that changes color when the battery is charging or full
  • A long power cord instead of a brick that won’t fit every outlet
  • A common DisplayPort or HDMI output
  • An SD card reader
  • The ability for the owner to replace or upgrade the memory, storage, and battery.

I understand and appreciate the iterative design process, especially efforts to simplify products to their essence. But recently Apple seems to be obsessed with making everything thinner at the expense of almost anything else, including a lot of features people rely on all day at work.

Screenshot from Apple's support article for cleaning a MacBook Pro keyboard, including diagrams for holding the MacBook at ridiculous angles with elaborate patterns for spraying compressed air under the keys.
LOLnope.

I’m not talking about niche features. I’m talking about a reliable keyboard and a usable power cord in machines that easily cost two or three grand. The idea of sinking more money into one of those machines just seemed like buying a time bomb that would eventually interfere with my work.

At the same time, I picked up a new gig in an all-Windows shop. I used a company-issued laptop with Windows 10, and I was excited to try out the new Windows Subsystem for Linux for a real project. That experiment exceeded my expectations – it wasn’t just serviceable in an environment where I was required to use Windows, but it was a legitimate way out of my recent Mac woes. It’s always been my opinion that Windows 10 is great. But I want to talk about switching from MacBooks to a ThinkPad here, not about switching from macOS to Windows 10.

So about a month ago, I bought a Lenovo ThinkPad for all my consulting work. ThinkPads have their own cult following, but of a very different culture than Apple. Mac industrial design is mostly about a consumer market, but you’d never see a ThinkPad in a hip product placement on a top movie or TV show. They’re all-business, they don’t grab attention anywhere, and they like it that way. And the vast majority of ThinkPad customers aren’t enthusiasts; it’s mostly bulk corporate sales.

That corporate customer base makes ThinkPads a fundamentally different product from a Mac. But considering how many things the Mac has been sacrificing in the uncompromising pursuit of thinness, it has some big advantages to offer someone who likes their aging Mac a lot more than the new ones:

  • ThinkPad keyboards are the best keyboards available on a laptop. Its quality tactile feedback somehow enhances everything I do with it. We’re talking deep key travel, and lightly curved keys to fit the curve of my fingers. Page Up/Down keys right with the arrow keys. I struggle with being too long-winded in my writing, and this keyboard might be making it worse because I enjoy typing on it so much.
  • You can choose whether the Fn key turns your function keys into media keys, or your media keys into function keys. And there’s a user-customizable key as well.
  • ThinkPads ship with a very clean Windows build. They rolled all their OEM-specific controls into one application, and I think it doesn’t even run by default. No Lenovo-installed third party apps. (Windows 10 has some annoying default stuff, like Candy Crush Saga, that can be removed easily.)
  • Corporate IT departments want the ability to repair laptop components themselves instead of shipping them back to the factory, so ThinkPads have loads of parts that can be replaced or upgraded by the user inside. This is especially important for components like the battery, memory, or storage.
  • Those part upgrades also mean you can save a significant amount of money upgrading these machines yourself. Apple gets to charge ridiculous markups on storage and memory, and buyers have no choice because everything comes soldered onto the board.
  • You get several good and reasonably-priced warranty options at the time of purchase. You can choose the duration, as well as an option to have someone come to you for repairs instead of sending the machine to the factory.
  • I criticize Apple for sacrificing functionality in the pursuit of thinness, but I still value portability – just not to Apple’s extremes. ThinkPads offer some very portable MacBook Air competitors, and at the moment they’re far more powerful as well since it’s been a long time since the last MacBook Air refresh.
  • If you don’t want the most portable model available, you can get a laptop with interchangeable or extended batteries.
  • Miss non-reflective matte displays? Those are still an option on many ThinkPads, including mine. I can’t put a price on the ability to work from a picnic table outside next to my dog without tons of screen glare.
  • Also, Apple’s refusal to put touch sensors on the main display is silly and wrong. Windows machines that support multi-touch and graphics pen input are so good.

But not everything carries over perfectly for someone used to Apple products:

  • MacBook Pros have every ThinkPad beat on display quality. Most ThinkPads have multiple display options, because the display is one of the easiest places for an IT department to cut costs on a bulk order. So there are some truly dismal display options on the low end. The high end options can be very good. The best ones have 100% Adobe sRGB coverage and would be suitable for professional graphics work (especially in tandem with a Wacom pen) but they still don’t push quite as much brightness as a MacBook Pro can. (I think the Microsoft Surface line has better displays on average, but at the high end everyone has great options.)
  • Apple’s thinness crusade does give them a solid advantage in the “powerful and portable” category. Almost all the portable ThinkPads use Intel U-series chips (these are the same class as what’s in the MacBook Air). They have vastly improved compared to the generation of U chips currently offered in the Air, but they still are better for everyday workloads than they are for long renders or compiles. The one exception to this is the just-released ThinkPad Carbon X1 Extreme, which can compete head-to-head with a 15″ MacBook Pro. But they don’t have a 13″ MBP equivalent.
  • You have to order online, and Lenovo’s pricing system is notoriously inconsistent. It feels more like buying a car – if you paid sticker price, you’re a sucker. (For the record? I’m a sucker.) There are ways to find third parties who, in exchange for contact details to spam endlessly, will give you a Lenovo corporate discount code. And the discounts are significant. Sometimes they have big holiday sales as well. But ugh, what a hassle.

So it’s been a month now. I had cold feet when the device was coming, and was prepared to ship it back and buy a MacBook Pro and a silicone keyboard cover. But I’m so happy with it. In some ways, I think my preferences might be more suited to a ThinkPad in the first place – I get a similar kind of joy from other belongings that are built with durability in mind, like my Toyota truck or my Levi’s jeans. The unibody MacBook used to be a great fit on that list, but the ThinkPad has been quietly getting better and better at this for 26 years now.

I know some people would be better served by a different choice. Windows 10 won’t fit everyone’s needs as well as it does mine (especially for multimedia work). I also have a high opinion of the Microsoft Surface line in terms of the overall package, which looks a little more like Apple’s in general. And heck, a lot of my gripes about current Macs can be worked around with an external keyboard. Lenovo even offers the ThinkPad keyboard in an external bluetooth model 😉

Specs for my ThinkPad T480

CPU: Quad-core Intel Core i7-8650U (8th-gen Kaby Lake R, 15W, 1.9GHz base / 4.3GHz turbo)
GPUs: 2GB Nvidia MX150 discrete; Intel UHD 620 integrated
Memory: 32GB DDR4-2400
Display: 14.0″ WQHD (2560 x 1440) IPS anti-glare (non-touch)
Storage: 1TB SATA SSD (I used one I bought earlier this year)
Biometrics: Touch fingerprint reader, IR face login
Dimensions: 13.25″ x 9.15″ x .078″ / 336.6 x 232.5 x 19.95 (mm)
Ports, oh so many ports: Gigabit Ethernet, HDMI, SDXC, 2x USB 3.0 type-A, 1x USB type-C (full capabilities), 1x Thunderbolt 3 (full capabilities), 1/8″ headphone/headset

Reflecting After 2 Months Of Full-Time RV Living

IMG_2076

How are things going?

Really well. Much better than expected. I spent a year and a half anxiously questioning the entire decision to live on the road, as well as sweating the many things to learn and responses to things that could go wrong. Other full-timers warned me to expect the first few months to be difficult. But that ended up an anticlimactic exercise for me – it was constantly on my mind for 16 months of research and preparations, but so far, once I set off, it really hasn’t demanded much attention from me in my daily life.

Where have you been so far?

My first 2 weeks were at a county park at Horsetooth Reservoir just outside Fort Collins, Colorado. This stay included about a week worth of single-digit (F) temperatures and two significant snowstorms, which confirmed that I can happily live in cold weather in my trailer without much hassle.

https://www.instagram.com/p/BRKi1vvgdMh

Then I spent a month in Montrose, a city of 19,000 people on Colorado’s western slope. The location was gorgeous and so was my park, but I didn’t find much of a scene for people around my age.

https://www.instagram.com/p/BSeL1–gwd-/

After that, I took a day off work for a long weekend of my first off-grid camping at Valley of the Gods, which is mixed-use public Bureau of Land Management land in southern Utah. It was a stunning place, and the camping was extremely secluded. I don’t have a generator yet, and had no idea how long my batteries would last from running my lights or heater, but I never saw my battery meter drop below “full,” so that’s good news.

By this point, I was longing to be back in a big city after dropping populations by ~2 Million > ~200,000 > 20,000 in January, February, and March. I ended up booking a week of RV park space in Mesa, Arizona- one city over from Tempe, where I went to high school. I visited a lot of old friends and it was nice to be back somewhere familiar.

After a week in Mesa, I headed for my current spot, which is somewhere hot in Southern California. After barely missing the chance to skip all of last winter, I’m in complete bliss. I started to feel the toll of staying in 4 different states in 2 weeks’ time, so I extended my original 1-week booking here to 2 weeks so I don’t have to jump straight into another relocation.

How is working from the road?

It’s not very different from my previous experience in work-from-home jobs. I need to have separate spaces available for working and relaxing, and that influenced the kind of trailer I bought.

Connectivity is obviously important, and it limits where I can camp. Signal quality can be hard to fully research in advance. I’m relying on the “Coverage?” app and especially camper-submitted cell information from Campendium. I’ve had one campsite where the LTE wasn’t good enough for video chat, and I don’t like introducing that kind of uncertainty into a client relationship. It’s crucial that I give my clients a consistent, reliable experience, and I won’t compromise on that just for the RV lifestyle.

In 2 months, I’ve had 2 interruptions to work: one was an unannounced power outage at a park, and one was when a landscaping crew was working nearby with power tools when I had a client call scheduled. The first time, I relocated to a cafe I’d already worked from, and the second time, I drove my truck to a quiet spot and did my call from there.

By the way, I’m currently taking on web consulting clients! If you know someone with a web app that is eating up way more of their attention than it should be, send them my way!)

What’s your social life like?

My closest friends are spread all over the country and for years I’ve mostly talked with them online. When we get together in person, it feels like we haven’t been apart at all. I have actually seen way more of these people in the last couple of months – people who I never saw when I was throwing all my employer’s vacation days at family holidays. So in one way, that’s great.

I’m relying a lot more on phone calls, video chat, and social media for keeping contact with family. In Colorado I had a close-knit family group and extended friends there who I go longer stretches without seeing. I expect I’ll be feeling the distance more as the months go on, but it also makes me more certain that I’ll want to stop in Colorado for something like 2-4 months once I’m back.

I have yet to really connect and make new friends with any locals. Some of this is what all yuppie twentysomethings struggle with as they leave college for the workforce, and some of it is also a bit of generational friction as I find myself regularly staying in places that are RV-friendly, but also not that happening for young people beyond perhaps some outdoorsy stuff nearby. I used to use a couple of dating apps for serious dating, and now I’ve changed my profiles to very obviously just be looking to go do fun things around town and make new friends. We’ll see if that clicks anywhere.

What is planning your travel like?

I’m still learning kind of sites I like most (Private RV parks? City/County/National land? Free camping? Big or small cities?) and what fits my budget best.

Rhythm-wise, I felt that one month in Montrose was too long when I felt like covering more disance, but also that back-to-back 1-week reservations in different places was too rapid a pace.  I suspect that unless I want to plant roots for a while, 2 weeks might be my “sweet spot” while experiencing new places. But unfortunately, most paid camping has a high weekly rate and a low monthly rate, so if you’re going to pay for 2 weeks, you might as well pay for a month. I have a theory that I might be able to balance this out by doing 2 weeks of pricey reserved camping, and 2 weeks of boondocking on public land. That theory will require a $1,000 generator investment to find out, but that would pay for itself after a month of free camping.

It does feel stressful when my current camping arrangement is running out of time and I need to plan what’s next. Usually this happens when I’ve got other stuff on my mind (work, personal life, etc.) and sometimes it does make me jealous of people staying places for long amounts of time who have one less thing to worry about. It can make me feel stressed or burned out. I think with time I will learn a good rhythm for this. Right now I do have the urge to cover some ground, but I know that won’t always be the case. I am always free to slow down.

What else has changed about your daily life from before?

I rarely stream video any more. (Have plenty on local media, I haven’t cut TV out entirely.) I cook a lot more food for myself. The dog usually gets more activity, as do I, but we’ve stayed in a couple of dog-unfriendly areas which don’t have a lot going on and we’ve had to make explicit trips to dog parks.

Switching time zones (and bouncing off Daylight Savings Time during my week in Arizona) has kind of thrown me off. My trailer gets tons of natural light and I am earlier to rise and to bed.

Are you happy with your rig?

Very. Except for the damn awning (it’s gotta go). I’ve also confirmed my initial suspicion that I am not a fan of RV slide-outs. I’ll write a whole post about them at some point, but to me, they’re not worth the hassle. And in the wind, mine makes my trailer far less comfortable.

IMG_2230.jpg My living room slide is like a giant sail when it’s windy out. It picked up the whole RV in Utah and almost threw it off the stand. I almost didn’t catch this before it got worse.

I knew when I got this trailer that it would meet my initial needs for adjusting to RV life while also keeping things sane for working from home. I’ve already started to notice how I use the space, and how I could, in time, get by with less. Right now I feel like you could chop the last 5 feet off my 30-foot trailer and I wouldn’t mind. I bet as time goes on, that number will increase. I could see a future where I’m happy with a very small fiberglass trailer, an Airstream, or even a 4×4 truck camper.

So what would you do differently?

Hindsight 20/20? I might have considered a small Class C RV while towing a small car behind it. But I’m not crying one bit over my choice.

Resources for everyday folks on internet privacy and security

I’ve had several friends from non-computing fields ask me for advice about tools for better privacy and security online. Some of this is in reaction to recently repealed FCC privacy rules that prevented Internet Service Providers (ISPs) from selling their customers’ private browsing information. Some of it is concern about an increasingly invasive surveillance state, and breaches by hacking groups with state funding.

I’ve been looking to improve my own digital security as well, and have found most of the resources out there to be hard to digest and turn into an action plan that doesn’t start with years of learning. So I’m putting my short notes on what I think matters most here, as well as some links for those who want to learn more. This is by no means a definitive or infallible guide, and if you have specific concerns, you should get individualized advice on this stuff.

Contents:

The 3 Major Web Security Technologies and What They Protect

  1. HTTPS is a secure way to connect to a remote website without anyone being able to read what gets sent or received. More and more websites are supporting or defaulting to HTTPS these days. (This is what we said “look for the lock icon in the address bar!” about in the ’90s.) Importantly, HTTPS does not prevent your ISP or Big Brother from knowing what site you’re visiting. And it doesn’t keep you anonymous from the servers running the site you’re visiting – anyone with their server or access logs knows about your visit, and if they get hacked or subpoenaed, you have exposure to threats here. But HTTPS is great! You should avoid ever using a login or password on sites that don’t use HTTPS (Ask sites without HTTPS why they aren’t protecting their users!) If you use the Chrome or Firefox browsers on your PC or Mac, I recommend installing the HTTPS Everywhere browser extension, which tries to use HTTPS connections to sites whenever possible. (Be advised that every once in a while, HTTPS Everywhere can cause issues if a site has not set up HTTPS properly. The extension can be disabled on a site-by-site basis in these instances.)
  2. A VPN (virtual private network) will encrypt your entire internet connection between your device and the VPN’s server. (Your apps are covered too! However, some services, especially from financial institutions and outgoing mail servers, are often blocked over VPN.) This makes for good protection against unsecured public Wi-Fi networks, snooping ISPs, network censorship, and can route around corporate or government surveillance before the VPN server (but only if you’re connecting to a server beyond those surveillance tools). But on the VPN server side, your traffic still comes out unprotected. Think of it like a secure pipeline or signal repeater to access the Internet from the VPN server’s location, instead of your own. Trust is important here – a VPN provider is just as capable of bad actions as your local ISP. (In fact, the majority of free VPNs are super malicious. I currently do not recommend any free-to-the-public VPN. Even that cool one you heard about from a trusted brand.) It’s also important to know what information the VPN provider is logging about you.
  3. Tor is a tool which tries to fully anonymize your identity and browsing information from everyone. (HTTPS and VPNs protect part of your browsing information during part of a browsing session.) It requires you to use their modified version of the Firefox browser, and disables functionality present in other browsers that can be used to reveal your identity or communications. They also have some important warnings which need to be heeded to keep you protected.

Choosing a VPN service

This is a complicated and personal decision. I suggest keeping the following in mind:

  • Who do you want to shield your internet data from? Your neighbors at the café? The tech staff at your work or school? Your ISP? Your government or one you’re visiting?
  • What devices do you want to protect? If you just connect your PC to a VPN, your phone is still exposed. Some VPNs have a limit on how many devices can connect at once.
  • What kind of logging do you care about the VPN doing? Some log everything. Some log as little as possible.
  • Do you need something that’s easy to use? Sometimes the best VPN on paper turns out to be difficult to set up or use.

I used two different guides to VPNs in my research:

  • PCMag.com reviewed several VPN services on their quality of service and ease of use, but paid almost no attention to the privacy or logging side of things.
  • That One Privacy Site has a detailed guide to many VPN services which focuses on their quantitative specs (with a strong emphasis on their security against government surveillance), and has very little about their usability or quality.

I decided that I want to use a VPN to protect my browsing information from corporations who would like to sell it for their own purposes, possibly to my detriment. I will use other technologies to add security for more sensitive situations.

I chose to use Private Internet Access on my iOS, macOS, and Windows devices. They claim to log very little about what their customers access, allow a good number of devices connected at once, have a lot of available servers, and are a great deal at $40/year. Installation was very easy, and it automatically connects to their VPN whenever I turn any device on. On my mobile devices, it seamlessly handles any transitions between cellular and wi-fi networks, and maintains a permanent connection. Everything works very well.

My biggest caveat for Private Internet Access: they’re under United States jurisdiction, and they aren’t very transparent about who runs or owns the business. (Their corporate address is a coworking space just next to Union Station in Denver, so points for a Colorado business, perhaps?) I would probably advise something else for activists or people more concerned about a snooping government than a snooping ISP.

Let’s talk about your e-mail and messaging apps.

All email is inherently insecure. Treat it like a postcard that could be read by anyone between the writer and intended recipient. Don’t use it for sensitive information about you or anyone else. Unless you want to learn how to do PGP-encrypted email. (You don’t want to learn how to do PGP-encrypted email.)

SMS messaging and most internet messaging apps are also particularly vulnerable. Don’t talk about anything that could be damaging to yourself or any vulnerable third parties over them. Even if you think you’re having a private conversation. But I do recommend using Signal for private, encrypted messaging and calls. (Install: iOSAndroidChrome) Others have said WhatsApp (owned by Facebook) is secure, but since the UK Snooper’s Charter became law, we can no longer be sure of this.

Other things you should be doing

  • It’s long past time to actually start using different, strong passwords for every account you have. No excuses! You will get burned if you don’t. And possibly embarrassed publicly. You can check to see where your login information has already been compromised at “Have I Been Pwned?”
  • Use a password manager to generate and store all those different passwords you have. The two I can vouch for are LastPass (which I use, and like for their features and pricing, though sometimes they have some usability and design issues) and 1Password (which also works well and has better design but costs more). Nowadays these managers can be unlocked on your phone with a fingerprint, which makes them faster than remembering any password. Seriously, come on in. The water’s fine. I don’t remember any of my passwords any more.
  • Enable two-factor authentication on any service that supports it. This protects you in case someone does get a hold of your password. Here’s more on how 2FA works, and here’s a list of who supports 2FA with links to each provider’s own 2FA instructions.
  • Worried about other Internet companies like Facebook, Google, and Amazon tracking you? I recommend the following:
    • Change your default search engine to DuckDuckGo, which works very well and doesn’t track you. This is an available search engine in iOS as well.
    • There is a browser extension for Firefox and Chrome called Privacy Badger that is meant to block tracking stuff outright. I don’t use it but it sounds great.
    • Only allow cookies from the actual site you’re visiting (block third party cookies that usually are for ads):
      • Safari 10.1 (macOS): Preferences > Privacy > Cookies and website data: “Allow from current website only”
      • Firefox 52: Preferences/Settings  > Privacy > History > Use custom settings for history > Accept cookies from sites > Accept third-party cookies: Never
      • Chrome 57 desktop: Preferences/Settings > Show advanced settings > Privacy > Content settings > Block third-party cookies and site data
      • iOS 10: Settings > Safari > Block Cookies > Allow from Current Website Only
      • Chrome 57 Android: Settings > Site Settings > Cookies > Block third-party cookies

Educational resources

The best place to learn more about this stuff for yourself is the Electronic Frontier Foundation’s Surveillance Self-Defense Guide. I particularly recommend “An Introduction to Threat Modeling,” which covers the kind of different security risks to keep in mind before you set about a plan to improve your operational security.