Choosing a new car

Emily and I bought a new car! Our old cars are from 1998 and 2003, so this was a big change. In this blog post I’ll describe our decision process in more detail than anyone could possibly care about.

I was fairly confident I wanted to buy new rather than used. I know “new cars lose a ton of value the minute you drive them off the lot” (because why would someone buy from you when they can get the same thing from the dealer), but there’s also risk in buying a secondhand car. For example what if the first owner didn’t respect the break-in period, or didn’t change oil, transmission, or other fluids, or what if the seats got wet and there is early mildew growth? These problems are hard to check for and could reduce the longevity of the car or lead to higher maintenance costs. It’s plausible, at least, that the money lost by paying more upfront will be saved in maintenance costs in the long run. I guess I don’t have a lot of faith in the average person to treat a car decently. Plus who doesn’t appreciate a new car?

High level filtering

We had four requirements that narrowed the options significantly:

  • Can fit two rear-facing child car seats without inconveniencing driver or front passenger. Specifically our Graco Size4Me 65, which is huge (my review on Amazon, if you’re curious). This requirement eliminates a lot more cars than you would think if you don’t have much experience with rear-facing child car seats. Two great resources for this are’s Car Seat Check and Alex on Autos’s Child Seat Reviews.
  • Enough cargo space for road trips and camping/climbing trips. For a family of four. This is subjective.
  • All wheel drive and decent ground clearance. Experience tells me that this is good enough for approach roads at many climbing areas while not hurting paved road handling or fuel economy too much.
  • Either a tow hitch or roof rails. For transporting bikes. I prefer a tow hitch.

That led me to SUVs and crossovers. So in May of last year I started making a spreadsheet of all 103 SUVs and crossovers currently sold in the US.

Mid level filtering

I spent a few hours here and there over the next few months recording various stats about each model. Length, fuel economy, seating capacity, etc. From early on I was reasonably confident that the Subaru Outback and Toyota Highlander would meet our requirements, so I used them as benchmarks for comparison. I crossed cars off the list if it was obvious we wouldn’t be happy with them. Some examples:

  • Too short (Kia Soul, Mazda CX-3). Generally anything shorter than our Corolla wouldn’t have as much trunk space as we wanted.
  • Absurdly long (Chevrolet Suburban, Infiniti QX80). Longer cars are more difficult to drive and park.
  • Poor gas mileage (Cadillac Escalade, Toyota Sequoia, Nissan Armada).
  • More expensive than other good options without clear benefits. (Bentley Bentayga, Toyota Land Cruiser). Subaru Outback MSRP is around $36k when configured with the features we wanted. We couldn’t bring ourselves to spend $20k more for the Lexus RX Hybrid or Volvo XC60, or $30k more for the Volvo XC90. That’s a huge difference. Sure, these are “luxury” cars and they’re nicer, but not $20k or $30k nicer. Not to us. So that eliminated a lot of cars. It basically wiped out the luxury brands: BMW, Lexus, Mercedes, Porsche, and Volvo.
  • Poor reliability, owner satisfaction, and road test scores from Consumer Reports. (Various Jeeps, Mitsubishi Outlander).
  • All electric (only the Tesla Model X). I love all-electric cars but we live in a building with a shared parking garage with no charging options. This also reduces the benefit of plug-in hybrids. We could have worked with the homeowner’s association to hire an electrician to install a charging station or at least an outlet, but we didn’t want to put forth the effort.

Low level filtering

And then it got difficult. We had a list of seventeen cars from eleven brands, any of which would be fine. Eleven dealerships is too many to visit. We needed to narrow it down further.

Diesel vs. gasoline wasn’t a factor—all the cars on our short list were gasoline.

Some cars have three rows of seats. We thought about whether that was important to us and decided it wasn’t. Children have to be in child seats or booster seats until they’re like 8 years old so we wouldn’t be driving anyone else’s kids around anytime soon so the extra seats would only be useful when we have extra adults with us which basically only happens when our parents are visiting, which is infrequent. So the third row is nice-to-have but certainly not a requirement.

I love hybrids in theory. We’re planning on owning this car for a long time so there probably is a small cost savings with a hybrid, but it isn’t huge. If the car we chose had a hybrid option we probably would have taken it, but it wasn’t something that factored into our decision.

Two person seat memory was an absolute requirement because I’d be driving the car on weekends and Emily would be driving it on weekdays. This didn’t rule out any cars, but it did mean we had to choose more expensive trims.

Blind spot monitoring was an absolute requirement—it’s a fantastic safety feature—but this didn’t rule out any cars, either.

We started visiting dealerships. We visited the Putnam group of dealerships in Burlingame, because they sell five of the brands on our list (Chevrolet, Buick, Nissan, Subaru, Toyota). We also visited dealerships for Hyundai, Kia, Toyota, and Subaru. We test drove a few cars and sat in a few more. I’m wary of American cars so we didn’t see the Ford Edge. The Acuras were a little pricier so we didn’t see them. Maybe we didn’t give them a fair chance.

We got a better idea how much trunk space we wanted and which features we did and did not care about, and we narrowed it down to four: Kia Sorento, Nissan Murano, Subaru Outback, and Toyota Highlander. The Highlander is the most expensive of the bunch, and we both thought the handling was cushier than we would like. Not the end of the world, but we thought the other options handled better (though we didn’t actually drive the Murano). The Highlander was also the most expensive of the bunch. The remaining three were similarly priced, though perhaps the Outback is slightly cheaper when built out with the options we wanted. The Outback also has better gas mileage than the Murano and Sorento. I’ve never been a huge fan of the Sorento’s frontend. Reviews generally praise the Outback’s AWD. Consciously this didn’t play a big part in our decision making, but subconsciously… who knows.

Then we decided on the Outback!

The spreadsheet

Switch to “The Short List” tab at the bottom to see only highly ranked cars. View full size in Google Sheets for ease of use and to see full column titles. Disclaimers:

  • Ratings and notes are my personal opinion for my specific needs. A car that’s a bad choice for me might be a good choice for someone else. In other words, sorry if I railed your car!
  • I make no promises about any of this data. If you notice a mistake let me know and I’ll fix it.
  • MPG numbers are from (EPA and Department of Energy) for the all wheel drive trim with the best MPG (not necessarily what we would have bought, but useful for eliminating poor performers). Most numbers are for the 2018 model year, but a few are for 2017.
  • Most other info is for the 2017 model year, but some is for 2018.
  • An empty field means I didn’t collect data. I didn’t bother for many minor features, especially for cars that we had already ruled out.
  • The “as configured” price is a rough approximation of how much it would cost for us, configured with the features we want. This usually includes things like all wheel drive, blind spot indicators, lane departure warning, surround view cameras, etc.
Posted in All | 2 Comments

Two movie recommendations

Emily and I watched two movies recently that I thought were worth recommending.

The Accountant

Ben Affleck is an accountant and also a trained assassin. Rated R. It’s pretty violent and a lot of people get shot in the head, but I thought it wasn’t over the top gory. Emily wasn’t too turned off by it. Great pace. Interesting story. Some twists. Well-placed humor. Not a kids movie.

Netflix | IMDB

Spider-Man: Homecoming

I know, another Spider-Man reboot. It’s PG-13 and I assume middle and high school kids would love it. The action and story are fine. Interesting. Kinda quaint when compared to the planet-threatening aspects of some of the other recent Marvel movies. But that’s fine—kinda refreshing honestly. The best part is the lighthearted humor. The writing/acting/directing/editing really clicks. It’s playful and fun to watch.

Netflix | IMDB

Posted in All | Leave a comment

Assisted braking belay devices

Hey climbers, did you know there are assisted braking belay devices other than the Petzl Grigri? Did you know there are passive assisted braking devices where “passive” means “no moving parts”?

It occurred to me that many people might not be familiar with the other options. has an extensive list. The Mammut Smart has been around for a while. I recently bought an Edelrid Mega Jul. I’ve only used it a few times but I’m fairly happy with it. The Black Diamond ATC Pilot is also interesting to me.

I don’t have enough experience with the various devices to recommend one over the other. If you’re thinking about buying a new belay device I encourage you to read a few reviews online, watch the manufacturer’s how-to video, and try to test out a friend’s device.

Lastly, I’d like to point out an important safety tip from an OutdoorGearLab review, “passive models do not generate the same braking force as active devices. … Contrary to what we’ve seen on the internet, the Smart and Mega Jul cannot be expected to catch even small falls without a brake hand on the rope. To say it another way, if your belayer gets knocked unconscious by rockfall, these passive assisted braking devices are unlikely to catch your fall.” And of course it’s wise to keep your brake hand on the rope for active braking devices, too.

Posted in All | Leave a comment

On the Shadow Brokers NSA leaks

The leaks published by The Shadow Brokers (Wikipedia, New York Times) are the perfect example of why we should minimize the sensitive information kept by the government. I posted about this in the context of encryption backdoors two years ago. But whether we’re talking about encryption backdoors, security vulnerabilities or hacking tools, the most reliable way to avoid data leaks is to not store the data in the first place. It can’t be stolen if it doesn’t exist.

A simplistic way to do risk analysis for data leaks is to ask “what are the chances this will happen?” But that’s wrong. Data leaks will happen. It’s not a question of “if” it’s a question of “how often and how severe.”

We can look at the WannaCry ransomware attack for a real-world example. The Wikipedia article cites damage estimates of hundreds of millions of dollars. We don’t know how long the NSA has been building hacking tools, but I’d be surprised if they started before the year 2000. Are we ok with $100 million dollars in damages/lost productivity worldwide every 17 years?
What if it was every 10 years? Every 5 years? What if the damages were worse?

I strongly believe the potential harm from withholding security vulnerabilities far exceeds the potential gain from attempting to keep them private. The NSA shouldn’t be stockpiling security vulnerabilities or building hacking tools, and they shouldn’t have backdoors into encryption. The advantages do not justify the disadvantages.

Posted in All, Computers | Leave a comment

Star Trek

I watched all episodes of the original Star Trek series over the last two years. It’s not amazing, but it has its moments. Some episodes are great, some are dumb, and some are boring. Episodes are almost entirely self-contained—no cross-episode story arcs.

I watched the “remastered” versions on Netflix. The quality is good, though I disliked basically every CG effect that was added. They look cheap and feel out of place from the rest of the show, which retains a 1960s look. The rotating colored lights at the tips of the warp nacelles are especially ridiculous.

I’ve now moved on to watching The Next Generation. Everything is better: the stories, the scripts, the sets, the lighting, the CG effects. The cast is bigger and characters are better developed. The cross-episode story arcs add a lot of depth (e.g. Wesley and The Traveler, The Borg, Data learning more about his origins and family).

It took me two years to watch all 79 episodes of the original series, so it’s gonna be a while before I finish watching/rewatching all 178 episodes of The Next Generation.

Posted in All | 2 Comments

Technology news briefs

There were three events last week that I thought didn’t get enough news coverage:

1. Good news: Proposed restrictions on warrantless electronic device border searches

Bills were proposed in the Senate and House to require a probable cause warrant before searching the digital devices of US citizens and legal permanent residents at the border. This is great. Customs and Border Protection have been asserting that they’re allowed to search travelers’ digital devices because they fall under the “border search exception” to the Fourth Amendment. However, digital devices contain vast amounts of personal information. It’s unreasonable to expect a person to reveal everything about themselves just to get back into their own country. Thank you Senators Wyden and Paul and Representatives Polis, Smith, and Farenthold! More info.

2. Bad news: Hacking into a smart TV by sending it radio signals

Apparently some guy got full access to a smart TV by sending it specially crafted radio signals. Some new smart TVs have built in video cameras. This means a hacker could turn on your TV’s video camera and watch you. This should terrify you. More info

3. More bad news: Remote execution bug in embedded Wi-Fi code in a tremendous number of mobile devices

It’s not clear how severe this is. In the worst case an attacker could execute code on your phone just by being near it. Or maybe it’s only possible if the attacker is connected to the same Wi-Fi network as your phone. In any case, you should apply software updates ASAP, and as always, avoid connecting to random Wi-Fi networks. Only use Wi-Fi at your house and your office. According to Google’s blog post, potentially affected phones are, at a minimum: all iPhones since the iPhone 4, Google Nexus 5, 6, and 6P, and “most Samsung flagship devices.” That’s a shit ton of phones and that’s not even a complete list.

More info: Google’s blog post, Ars Technica main article, Ars Technica iOS article, April 2017 Android Security Bulletin link 1 and link 2, and Samsung security update announcement.

A few takeaways:

  • Always update your software/firmware/OS as soon as possible.
  • Don’t connect to untrusted or non-password protected Wi-Fi networks. You’re putting yourself at risk.
  • Google Project Zero should try harder for coordinated and responsible disclosure. I’m using a Nexus 5X, one of Google’s own phones, and I don’t even have the fix yet. The latest security patch level available to me is March 5, 2017. Imagine how screwed all the normal people are whose mobile providers really suck at providing software updates. Also, maybe don’t provide attack code immediately? I understand the rationale for wide disclosure once one vendor makes the issue public (Apple released their security update on April 3rd), but you don’t need to give the attack tools to the entire world. Edit: I want to add that I’m extremely grateful to Google and the Project Zero researchers. They’re doing fantastic work and we’re absolutely better off because of them (unrelated to this issue, but by all accounts Tavis Ormandy is absolutely crushing it). I just wish this specific issue was a little more coordinated.
  • This feels like it’s only the beginning. Vulnerability testing of this type of code is difficult (read Google’s disclosure blog post if you don’t believe me). I suspect embedded code like this hasn’t gotten a lot of eyeballs and we’ll see an increase in these types of discoveries in the future.
Posted in All, Computers | Leave a comment

Two years with a Retrospec Mantra

I commuted a few miles a day for two years on a black Retrospec Mantra single-speed bike. I bought it from Amazon for $256 in October 2014.

Retrospec Mantra

(more photos)

It’s nothing special. Fairly low quality, but appropriately priced. The steel is heavy and the ride is dull. The plastic pedals are clunky and don’t spin particularly freely. The wheels are sturdy. The Kenda KWest K193 tires have been fine. I put ~1200 miles on them and had 2 or 3 flats. Not amazing, but not terrible considering the roads I was on.

I added front and rear fenders, a seat lock, and front and rear lights. Total weight including fenders, lights, tires, pedals, and saddle is 27 lbs 11 oz.

It comes with a flip-flop hub, which means it can be ridden as a fixed-gear or freewheel by swapping the rear wheel around. It arrived as fixed-gear. I rode it this way for a few weeks and didn’t like it. I found it inconvenient to not be able to coast and freely position the pedals when stopping. So I switched to freewheel. I added a rear brake for redundancy.

The original brake pads were awful. Poor braking power and they shredded to nothingness after less than 100 miles. I switched to Shimano BR-6700 Ultegra brake pads and holders and they’ve been great. The brake levers have some wiggle in them, but they work fine.

I’ve been happy with it. I don’t worry about it getting beat up on Caltrain. I don’t worry too much when locking it outside. Total cost of ownership has been low. I’ve done no maintenance other than replacing the brake pads and changing punctured tubes. I wish the gear was lower to make going uphill less annoying, but it’s been fine. Buying a single-speed for this commute was a good choice.

Posted in Cycling | Leave a comment

USS Hornet

On Saturday, Emily, Ruby and I visited the USS Hornet, a decommissioned Essex Class Navy aircraft carrier moored in Alameda, California. You get free reign to wander the flight deck, hanger deck, and a deck or two below. The passageways are cold metal, strewn with gauges, levers and knobs. Ceilings are low and stairs are steep. In addition to wandering, we also took a loosely-guided tour of the island, which I enjoyed.

Overall I thought it was great. Would recommend. A+++. Great shipping. Not stroller or wheelchair friendly. I think kids would like it, though they should be young enough to be worn or old enough to climb a ladder on their own safely.

You can see all our pictures on Flickr. Here’s a sampling:

USS Hornet (CV-12)

USS Hornet (CV-12) island

USS Hornet (CV-12) Primary Flight Control


Posted in All | Leave a comment