Google Calendar assigning wrong times on CSV import? Here's one fix for the time zone bug.

I can get pretty disgusted with Google Calendar, but then I make myself remember how bad Apple's iCal is. By comparison, gCal is a ruddy gem.

I had to remind myself of that today, because gCal was particularly disgusting.

It started when I tried importing my son's baseball team schedule into a public calendar using my old (best on the web!) import directions ...

Gordon's Tech: Import Calendar data into Google Calendar via CSV files

Here's the header and first row of the CSV file that I was finally able to import. It looks like you need the bloody seconds in the date. I worked with Excel for Mac, used the convert functions to turn text into numbers, then chose the precise format, then exported. Subject,Start Date,Start Time,End Date,End Time,All Day Event,Description,Location,Private Edgumbe Peewee Hockey,10/24/09,2:10:00 PM,10/24/09,3:10:00 PM,FALSE,Practice, Highland North,FALSE

This time I did necessary concatenations of strings and type transforms using Apple's excellent (and under-appreciated) and inexpensive Numbers.app spreadsheet.

The good news is that gCal no longer requires "seconds" in the time fields, and, although I don't think it's documented, it will even work with "military" time (14:20 instead of 2:20 PM).

The bad news is that time zone support is flaky. After I imported all of my calendar entries were off by about 3 hours, even though my time zone (general calendar settings) and the calendar's time zone were both CST.

I made several tries at fixing it, but this is what worked.

1. Switch to Calender Settings:General
2. Change your time zone to something different.
3. Save.
4. Change it back to the correct setting.
5. Save.

After I did that my next import worked.

Fortunately I know to always do imports into a unique calendar; there's no way to undo an import and repetitively deleting 50 bad calendar items is a good source of Google hate [1]. I created and deleted test calendars until I figured a workaround for the bug. (If you do get bit by a bad import sync to the (abominable) OS X iCal and repair there.)

See also:

• Using OS X 10.5 iCal with Google CalDAV - cleaning up import disasters
• Adding events to Google Calendar: generating quick add statements
• Import Calendar data into Google Calendar via CSV files

[1] Why are calendar apps so awful? My theory is that they are quite hard to do well, but management doesn't value them. So they never receive sufficient investment.

Blogger's "Links to this Post" is working?

I was reviewing an old post when I came across "LINKS TO THIS POST" at the bottom of the post.

That's not surprising. Blogger featured this long ago. I thought I'd turned it off though -- it's never shown anything.

Today it does. So has Blogger restored the long lost backlink function? That would be a big memory management boost.

Doodle:schedule a group activity

Doodle isn't yet another calendaring service. That's good, because it would take a crowbar to get my family off Google Calendar.

Doodle augments calendaring systems. It helps with negotiating a common meeting time between multiple participants on diverse platforms. Our local HIMSS chapter has used it for a year or more and it's been working well.

Doodle solves a problem I have, and it has a track record. So it's worth my time to test Doodle against Gordon's Laws for software and service use.

First I'll start with the fundamentals. Doodle is a Swiss company (Zurich) and revenue is a mixture of ads (yech) and premium services:

• solo - mobile support (web site), calendar connect (but this comes with free service too), ad free: $30/year
• business: solo + branding and encryption + 20 users: $350/year
• enterprise: negotiable

That's encouraging -- they have a plausible way to make money that doesn't require them selling me out. On the other hand, I don't see a lot of value to the 'solo' account since Calendar Connect comes with a free account.

Next I'll look at account setup and revocation. It's not obvious, but if you look at the login at the top of Doodle pages the Doodle icon is a drop down. Click it and you'll see how to link Doodle to your (two-factor protected) Google account using OpenID. That, of course, can be revoked from Google. I'm willing to give them my Gmail address -- it's hardly secret and already gets vast amounts of (largely filtered out) spam.

Next I tried the Google Calendar integration. I don't like that they want my Google Contacts. So that's a negative; I decided not to provide that access for now. I may give them access to one of my Google Apps accounts that has no significant Contacts exposure.

Overall Doodle gets a B+. No data lock, easy exit, plausible business model, good credentials handling. They miss the A because they insist on access to my Google Contacts rather than Calendar alone.

I'll give them a try.

PS. Extra points for having a $3 iPhone app and an Android app. Non-free is a very good sign for an iPhone app. Almost takes them to A-.

Update: As per comments, Doodle allows one to drop access to Contacts after an initial privileges grant. So they do get an A- which is pretty good. Best would be if Content access was always optional.

In practice Calendar access isn't very useful for me -- very few events of mine show up on my personal gmail calendar. They show up on calendars I subscribe to, such as my corporate calendar, the family calendar, my wife and kids calendars, etc. (Dog does not have her own calendar yet.)

So to know my true free/busy time Doodle would need access to an API that doesn't exist yet. On the other hand, subscribing to the Doodle calendar feed lets me visualize Doodle controlled appointments within my Google Calendar. That's useful now.

Contacts access would be useful within Doodle, but as noted above I'm cautious about allowing that.

Facetime connections to elderly parents - a Logitech webcam problem

I mentioned a few weeks ago that I was testing a Facetime videolink to my mother. It's not my first attempt. I'd tried Google Video Chat two years ago, but after months of struggle I gave up; it had, and still has, dismal usability. iChat was even worse. In all cases I've been using the excellent Logitech QuickCAm Vision Pro for Mac. (Still the best webcam ever sold, though I fear it's going away without a true replacement.)

After a few weeks of testing I can report that Facetime is a big usability improvement over Google Video Chat. I configured my mother's machine to auto-answer my calls; I can call from my phone or desktop and her machine will pick up. Facetime doesn't need to be running, OS X 10.6.x will launch it.

There's only one problem.

After I close the call at my end Facetime continues to run on her machine. It doesn't auto-exit (and, at this time, she can't see well enough to reliably quit the app) [1]. This means her webcam stays powered on [3]. Under some conditions, perhaps mostly time, the embedded OS that manages in-camera focus and exposure control crashes. The Webcam still works, but it focuses to infinity and the light levels are very low. If you pull the USB cable, wait a few seconds, then plug it in again, the camera will reset.

I'm considering a few workarounds. Firstly, it would be great if Apple officially supported auto-answer, so FT could then auto-exit on close. Alternatively I could

• Run a cron job to restart her machine once a night - thereby quitting FT and turning off her camera (see update - there's an easier fix - just set this in "Energy Saver"
• Run AppleScript to quit Facetime.app nightly. Unfortunately FT is not scriptable [2], but this article suggests options: How To Create a Security Cam with FaceTime for Mac and AppleScript | Mac|Life
• Resign myself to getting remote control of her computer working again (Windows has a big advantage here, RDP is light years ahead of Apple's VNC technology).

I'm leaning to the nightly restart as the simplest fix, but I should also try remote control -- again!

[1] As her macular degeneration has progressed we've been focusing on her iPad use.
[2] Apple needs to kill AppleScript, but I fear there'd be not replacement. 
[3] The webcam then stays in active mode, so it appears like it's always sharing an image.

See also:

• Gordon's Tech: FaceTime: AutoAnswer, URL, desktop 1 click call

Update:

When a Google search doesn't return much, it's often because the function one is seeking is now a part of the OS.

OS X Energy Saver allows one to schedule a restart. I'll schedule my mothers machine to reboot at 2am daily, that should clear out any dangling FT sessions.

Incidentally, there's a longstanding, perhaps ancient, UI flaw with OS X Energy Save scheduling. Look at this:

It looks like the first option is available for selection, but the second (schedule restart) is unselectable -- it's "grayed out".

Look carefully (it took me a while). The select box (drop down) on the first row is also grayed out. This is standard behavior. The reason the 2nd row is so confusing is that it starts with a drop down -- there's no preceding text to display in normal font. Despite appearances this row is available for selection. Just click the check box.

I deleted a prefs file and did a number of Google searches before I realized what was going on. I found others who made the same mistake ...

Google's two factor: Three weeks later

I implemented Google's two factor authentication about three weeks ago. It's mostly working, but there are a few issues:

1. Application-specific passwords are risky.
2. You can't de-authorize a computer from Google Accounts.
3. Authentication isn't working quite right with Google.app on the iPhone.
4. I've had to create more application-specific passwords than I'd expected

The big positive is that with two-factor and https I'm now willing to connect with an untrusted machine. By untrusted I machine a machine that has a reasonable chance of hosting a keystroke logger. That means any machine running XP and any machine I don't control. My work laptop, for example, is doubly untrusted.

A second bonus is that I'm now more comfortable with using my Google account as an OpenID/OAuth server.

The biggest problem is application-specific passwords. They behave like regular passwords, so if a keystroke logger captures the password one it can be used to, say, get access to your email from OS X Mail.app.

You really, really, really do not want to use an application-specific password on an untrusted machine. Google should provide more warning about their use. I use them on my iPhone and and my home Mac.

Use of application-specific passwords on an iPhone is a PITA. You can't generate these from an iPhone and they're a nuisance to type in. I've stored one in the encrypted 1Password database I use on my iPhone for reuse only on that device. (I'm taking this risk since if my iPhone is stolen and the 1Password database is hacked I'm in a world of pain anyway.)

Having this password on my iPhone is particularly important because Google.app's current behavior is obnoxious. In my case I entered a application-specific password and authenticated. Subsequently other iPhone Google App references (example desktop shortcut to Google Reader) requested a Google account password, not an Authenticator password and not an application-specific password. Every two weeks or so, however, Google.app makes me enter a NEW application-specific password.

The second shortcoming is that there doesn't seem to be a way to easily de-authorize a computer. When you first connect to a Google account from a new machine you're asked to enter your Google password [1]. Then, if you're using Authenticator.app, you're asked to enter your Authenticator token. At that point, if the machine authenticates, there's an option to authorize it for a month.

There should be a way to reverse that decision from your Google account. For example - what if the machine is lost? What if, as in my case, you make that choice from an untrusted machine and decide it was a bad idea? (In theory deleting cookies will undo this, but, perhaps due to user error, that didn't work for me. Of course that also requires physical control of the machine.) For now, be careful to only "authorize" your primary, secured, non-portable, home machine.

Lastly I've found I needed around 8-14 application-specific passwords, even when I reuse one - such as for IMAP and SMTP authentication from OS X Mail.app. There's no way around this one -- I use a lot of Google services from many devices and accounts.

Overall I'm pleased with Google's two factor authentication. They've given it a lot of thought, and I love that they've open sourced key parts of the infrastructure. We needed this years ago, but I'm grateful to have it at all.

[1] At that point, on a keystroke logger infected machine, your Google password is public knowledge. That's why I was willing to simplify my Google password. I now assume it is public, though I obviously haven't made it public.

See also:

• Implementing Google's two factor authentication
• Google's two factor authentication and why you need four OpenID accounts
• Firesheep, sidejacking, and SSH Tunneling with DreamHost
• Google's flawed security checklist -- and the right fix from Facebook

Bing and Parental Controls - worse than Google

Google's parental controls are pretty feeble, though there's a roundabout way to lock filtering to the most severe setting.

What about Microsoft's Bing? Bing starts out with one significant advantage -- the connections are not https encrypted so OS X domain filtering actually works.

Alas Bing's controls seem even weaker (emphases mine) ...

Block explicit websites

... Ensure that SafeSearch is always on when your kids search on Bing, choose what they see online, set time limits and game restrictions, and more. Windows users can install the free download, Windows Live Family Safety....

Ensure SafeSearch is on, I presume, by standing over your favorite teen! [3]

Interestingly in 2009 Microsoft had a better approach to parental controls ...

Bing Modified To Enable Porn Filtering - CBS News

... , "explicit images and video content will now be coming from a separate single domain, explicit.bing.net...

... Almost all third-party filtering tools can be configured to block specific domains or sites, as can the parental controls in Microsoft Vista and Mac OS X...

After this 2009 press release however, Microsoft removed all references to explicit.bing.net [1]. I wasn't able to find any explanation of what happened to it. [2]

My own tests suggest Microsoft really did abandon this scheme. The domain 'explicit.bing.net' brings up the usual bing interface, so the domain still exists, but there's no longer any redirecting to this domain. For example, a search on "Hot Babes" with OS X Parental Controls blocking explicit.bing.net brought up an impressive array of high resolution images.

Without the ability to lock Bing's parental control settings, and with the inexplicable demise of explicit.bing.net, Bing manages to come in 2nd behind Google's parental controls. The one advantage of Bing is that the lack of https encryption makes it easier to track pages visited.

[1] Either that or their feeble Blog search doesn't work with Safari. Microsoft is falling apart almost as fast as it grew to power.
[2] I wonder if corporate lawyers advise against attempting to do parental controls. Microsoft probably has less liability if they do nothing than if they provide an imperfect solution. 
[3] Though it doesn't help OS X users like me, Windows Live Family Safety sounds relatively useful.

Stuck in Apple's photo management Limbo

I suspect there aren't many of us stuck in Apple's photo management Limbo. Maybe a few hundred geeks. Perhaps we should develop a secret handshake?

We are early iPhoto adopters who have our images distributed across several Libraries. Sometimes we did this deliberately because iPhoto was pretty wimpy in the old days; it couldn't handle large numbers of images. At other times Library multiplication was the result of travel or partnerships (ex: marriage).

We, the Lost, would like to put all the images together in one place. Once upon a time we thought Apple would add Library import to iPhoto, but about four years ago we realized that wasn't going to happen. Since then some of us have used iPhoto Library Manager to merge iPhoto Libraries but others are too chicken.

For years we thought we might join libraries in Aperture, or that Apple would create an 'iPhoto Pro' with Library management. By this time price had become irrelevant, but instead Aperture languished.

More recently Apple reinvested in Aperture, and dropped the price dramatically ($80 via App Store). It is clearly intended to be iPhoto Pro. iPhoto itself is becoming simpler and losing features.

The problem is, Aperture 3 doesn't really import iPhoto Libraries. Yes, I know it claims to do it. I know many people say it works. Wrong both times. The import process has not only been buggy in the worst possible way (indetectable loss of very valued data), it can't work correctly. Aperture 3.x doesn't even have a place to store some of iPhoto's metadata, such as comments on events. In other cases Aperture 3 does have a place to store iPhoto metadata but, astoundingly, the import process ignores this.

So we're in Limbo. Even if Apple tries to fix Aperture, it might be years before they succeed. I have a bad feeling they won't bother -- there aren't enough geeks like me. Most of us own Aperture anyway.

I'm guessing I'll have to stay with iPhoto and use IPLM's merge feature. I'll be approaching that with the same enthusiasm as juggling antimatter. Merging iPhoto's monstrous data structure would be a hard problem even if Apple tried to help ...