New Xbox Controller Could Open Whole New World to Gamers With Disabilities

New Xbox Controller Could Open Whole New World to Gamers With Disabilities

Microsoft on Thursday introduced its new Xbox Adaptive Controller, designed specifically for gamers with disabilities. The new hardware can be used for game play with an Xbox One console or Windows 10 PC, and it offers Bluetooth plug-and-play compatibility.

It supports Xbox Wireless Controller features such as button remapping, and it connects to external buttons, switches, joysticks and mounts. Microsoft developed the Xbox Adaptive Controller to enable gamers with physical disabilities to customize their respective setups.

xbox adaptive controller

Microsoft partnered with several high-profile global organizations dedicated to providing accessibility to those with physical disabilities: The AbleGamers Charity, The Cerebral Palsy Foundation, Craig Hospital, SpecialEffect, and Warfighter Engaged. Microsoft developers also worked directly with gamers who have limited mobility.

The Xbox Adaptive Controller will be available later this year for about US$100.

Serious Control Panel

The inspiration for the Xbox Adaptive Controller was a 2014 social media post featuring a photo of a custom gaming controller made by Warfighter Engaged, a nonprofit organization that develops gaming controllers for disabled veterans.

It caught the attention of a Microsoft engineer, which resulted in a hackathon at Microsoft’s 2015 Ability Summit, where the first prototype of a controller for people with disabilities was developed. Now, three years later, the final product is about ready for the market.

Unlike the standard unit that is held in two hands, the Xbox Adaptive Controller utilizes a flat yet compact design that allows it to rest on a table.

In the place of small joysticks that typically are controlled with a user’s thumb are two round light-touch-enabled pads that players can use by rolling their palms on them or pressing with their hands. These offer essentially the same level of precision as the thumb joysticks on a normal controller, but they have an added option of providing an audible cue for another layer of sensory input.

The Xbox Adaptive Controller also features a standard D-pad, an Xbox power button, and a profile button that allows users to shift among several mapping options.

Where the Xbox Adaptive Controller offers serious flexibility is in its ability to work with other existing accessibility tools, including those that offer air-power input methods or foot pedals. These can connect to one the 19 3.5mm ports on the back panel of the controller. Each of these devices can be mapped to the unit, and can be modified on the fly without even pausing the game.

Specialty Controller

The Xbox Adaptive Controller is designed from the ground up to be a unique controller for those with special needs.

“Gaming — and especially online games — is an important outlet for people with disabilities,” said Roger Entner, principal analyst at Recon Analytics.

“They can often interact with others without having their disability play a role in the interaction,” he told TechNewsWorld.

“Particularly as we move to technologies like virtual reality, gaming can be one of the few ways a disabled person can step away from their disabilities, depending on what they are,” said Rob Enderle, principal analyst at the Enderle Group.

“For instance someone without legs or missing an arm or most of their fingers can still play a video game — if they have the right controller — as well or better than someone who isn’t disabled,” he told TechNewsWorld.

“Any physical deformities are hidden behind the game avatar so the disabled person can, for a short time in game, experience what it is like to be treated for how they do — not how they look,” Enderle said. “Video games distract everyone from reality, and this can often be very important for someone struggling with the unfairness of a disability. So, combined, video games can be incredibly important to someone challenged by a disability.”

Innovative Adaptations

To get this product to market actually may have taken some unique adaptation — not in anything technical, but rather in the kind of thinking that is typical of companies such as Microsoft.

“We have been around 14 years, but we spent some 10 years trying to think we were helping gamers with disabilities,” said Mark Barlet, founder of AbleGamers.

“Now we have spent the last few years trying to convince the market that people with disabilities played games, and had to convince the companies to put real effort into catering to those with disabilities,” he told TechNewsWorld.

“However, we noted that the management at these companies never saw the why, because it was only a small portion of the population, so it took a while to convince the industry that this was an untapped market,” Barlet added. “Finally we had people that were passionately roaming the halls for years who were now in a position to make it happen.”

The advocacy, fact and reality finally converged three years ago, said Barlet.

“We did warn Microsoft that it won’t sell millions of these, but that they’ll get these in the hands of everyone who wants them,” he noted. “Why wouldn’t Microsoft want more dedicated gamers in their camp?”

Special Advantages

As the Xbox Adaptive Controller is designed to allow for greater flexibility with other input devices, it also could be used for those who prefer something beyond the normal controllers. In some cases, it could lead to gamers trying to get a potentially unfair advantage.

“Adaptive controllers could actually provide advantages in gaming because they, in theory, better match the controller to the person using it,” suggested Enderle.

“Right now, game controllers are pretty generic but people come in all shapes and sizes,” he pointed out.

“In other competitive sports we have, at the highest levels, custom tools designed for the individual athlete, but not so much with computer gaming yet,” said Enderle. “These adaptive controllers, while initially focused on disabilities, could eventually open up a market for controllers that are specifically designed for the gamer that uses them.”

In most cases, the biggest advantage almost certainly will be opening up the world to those who have struggled just to enjoy the games for fun.

Still, “if a controller for people with physical limitations gives someone an edge in a competition, all players will use it,” said Recon Analytics’ Entner.

“I have personally played with quite a few players with disabilities, but only found out after quite a while,” he said. “Many relish that they are treated like everyone else when they are behind a screen and interact with everyone unimpaired by the perception of others.”

Budget-Friendly Surface Tablet May Horn In on iPad’s Turf

Budget-Friendly Surface Tablet May Horn In on iPad’s Turf

Microsoft plans to release a line of Surface tablets priced in the US$400 range later this year, Bloomberg reported Wednesday, citing unnamed sources.

The tablets will have 10-inch screens and rounded edges, and USB-C connectivity — a first in Microsoft tablets. They will be about 20 percent lighter than the Surface Pros. Their battery life will be about four hours shy of the 13.5-inch Surface Pro, based on the report.

“It’s entirely possible that this rumored Surface is the real deal,” said Eric Smith, director for connected computing at Strategy Analytics.

Intel for the Guts

The new tablets reportedly will have CPUs and graphics chips from Intel.

“The lower battery life screams Intel as opposed to an ARM-based processor,” Smith told TechNewsWorld.

“The expectation was that they would likely shift the offering’s iPad-focused products to Qualcomm’s Snapdragon processor to be more in line with their Always Connected PC efforts,” noted Rob Enderle, principal analyst at the Enderle Group.

“However, I was expecting this to happen closer to the second-generation offering,” he told TechNewsWorld. “This would seem to be several quarters early for that — and if so, this round may be Intel-based instead.”

Microsoft said at last year’s Computex in Taipei that it would partner with various hardware vendors and use Intel and Qualcomm for its Always Connected PCs — a line of Windows 10 computers that can turn on instantly, with built-in LTE connectivity, days-long battery life, and eSIM technology incorporated.

Selling to School Kids

“As opposed to prosumers, enterprise users and MacBook switchers that Microsoft targets with the Surface Pro and Surface Book, this new Surface [will target] the Chrome-based detachable market that’s opening up this year,” Strategy Analytics’ Smith suggested.

HP and Acer “have already jumped in to address younger consumer segments already comfortable with productivity in Chrome OS,” he pointed out, and “Microsoft’s looking for a way to boost the Windows ecosystem with new types of devices. Right now, the market’s sorely missing competent, detachable 2-in-1s to compete against laptops.”

The education market is the likely target, Smith said.

Aiming at the Enterprise

It’s possible the new Surface line will target the enterprise.

From the start, Surface products have targeted Apple, but they “lagged in battery life and appearance even as they led in utility and usefulness,” Enderle observed.

The new Surface tablet is likely “aimed at the 10.5-inch iPad Pro, which has done very well, as it addresses the sweet spot of relatively low price for users who value mobility and a modern touch interface in their productivity machines,” Smith opined.

It’s possible the new Surface tablet might be an enterprise offering focused on further blocking iPad penetration of that market, Enderle suggested.

“Apple has never really embraced the needs of enterprise partners IBM and Cisco, both of which would likely prefer a product more like IBM’s old ThinkPad offering,” he said. “The iPad is still heavily consumer-focused.”

If a low-priced Surface tablet is in the works, it’s “a more natural companion device to the PC than the iPad is,” noted Holger Mueller, principal analyst at Constellation Research, as it would use the same software.

Also, there’s “a big push going on from Microsoft on the future workplace at the moment,” he told TechNewsWorld. “If Microsoft gets it right, it can create a more productive and integrated workplace.”

The main target would be developing nations, Mueller suggested.

Apple “has largely won the first world, but the rest is up for grabs,” he said. “The battle for the poor of the second world and the whole third world as a platform is in full swing.”

Overall, the tablet market “continues to struggle with price pressure, and being flanked by phablets on the smaller side and convertible PCs on the larger,” Strategy Analytics’ Smith said. “Our research shows the tablet market fell 7 percent in Q1 2018, which puts us in the third straight year of year-on-year declines.”

How to Back Up iPhone Data to an External Drive

How to Back Up iPhone Data to an External Drive

A recent incident reminded me of the importance of backing up one’s phone regularly. Soon after carrying my recycling out to the curbside, I realized I had misplaced my 6-month-old iPhone. Cue brief panic, followed by deep concern that I’d somehow tossed my device into that transparent bag I’d left outside for the world to see.

That led me to yelling “Hey, Siri” a few times around my apartment until the familiar chime sounded, revealing my trusty phone was hiding on a stepladder underneath a coat. Phew.

I have no idea how or why I managed to leave my phone there, but had I not found it, the situation could have been much worse: It had been months since I’d backed up my data. I was lucky to escape what could have been a potential disaster caused by my absent-minded tendencies.

Save Main Drive Space

I bought my current laptop a little over a year ago and actually had some trouble managing backups at first. My partner and I use the same computer for backing up our phones, but with ever-increasing device storage capacities and solid-state hard drives still somewhat expensive, despite featuring in more and more systems, space is at a premium.

Apple demands a lot of storage for its backups, especially since it often stores multiple versions. A 256-GB hard drive to run one’s system and keep data safe is just not enough anymore.

The thing is, Apple does not make it easy to sync backups to an external drive automatically. Typically, iPhone owners will plug in their devices, and Apple will create a directory on the main hard drive and stuff the backup there. That’s easy, and it’s probably enough for most people. Forcing iTunes to store the backup elsewhere requires a redirect trick.

Using Windows 10

Here’s how I solved the problem on my Windows 10 machine. First, since I had the capacity on my current drive (but only just), I created an iPhone backup using the regular iTunes sync method to the default location, just in case any mishaps should occur. I went to the folder Apple uses to store backups, typically this one:

C:\Users\[Username]\AppData\Roaming\Apple Computer\MobileSync\Backup

You should replace [Username] with your own actual username, naturally.

You’ll want to copy that folder to your desired new backup location, and then either delete the original Backup folder or rename it as “BackupOld.” Then hold the shift key and click the right mouse button to open a command window. There, enter the following:

mklink /J “%APPDATA%\Apple Computer\MobileSync\Backup” “[External Drive]:\iTunes Backup”

Of course, you’ll replace [External Drive] with your actual drive letter.

You can add subfolders here too if you like to keep your storage as organized as possible. So, something like this would work just fine:

E:\MyBackups\iTunes Backup

Then you can close the command prompt window, and try an iPhone backup to see if it works.

Using macOS

The steps are similar for Mac systems. You should find the standard backup folder here:

~/Library/Application Support/MobileSync/

Copy, then remove or rename the Backup folder. Then open a terminal and type this:

ln -s /Volumes/[External Drive]/MobileSync/Backup ~/Library/Application\ Support/MobileSync/Backup

Close the terminal and then try an iPhone backup to see if it works.

Better Safe Than Sorry

Even if you have a main hard drive large enough to handle your backups without any concern, shuttling your data to an external drive has its advantages. It can act as an off-system failsafe in case your computer’s drive collapses beyond repair. It also frees up the main drive, which hopefully will keep your computer working snappily for a little longer.

In either case, please remember to back up your phone regularly. And maybe don’t put yourself in a situation where you wonder for 15 minutes if you tossed it out with the recycling.

Highly Sensitive Encrypted Email at Risk of Exposure

Highly Sensitive Encrypted Email at Risk of Exposure

A newfound flaw in email clients that use PGP

and S/MIME to encrypt messages can be exploited to expose the plain text of the missives, according to a paper published Monday.

By injecting malicious snippets of text into encrypted messages, attackers can use the flaw to make the email client exfiltrate decrypted copies of the emails, explained the authors, a team of researchers from three European universities.

Malicious action is triggered as soon as a recipient opens a single crafted email from an attacker, they wrote. The team is comprised of researchers from the Munster University of Applied Sciences and Ruhr University Bochum, both in Germany, and KU Leuven in the Netherlands.

The software defect was found in 23 of 35 S/MIME clients and in 10 of 28 PGP clients tested.

“While it is necessary to change the OpenPGP and S/MIME standards to fix these vulnerabilities, some clients had even more severe implementation flaws allowing straightforward exfiltration of the plaintext,” the researchers wrote.

Client Ignores Bad News

Although the issue is serious, it has more to do with buggy clients at the host than with OpenPGP, Exabeam Chief Security Strategist Stephen Moore he told TechNewsWorld.

Some email clients fail to use the encryption protocol’s native features to stymie the kind of attack described by the researchers, noted Phil Zimmermann, author of PGP and an associate professor at Delft University of Technology in the Netherlands.

“There’s some checking that goes on in PGP. If the email client reacts to the news delivered by PGP that something has been tampered with, then everything will be OK,” he told TechNewsWorld. “But if the client ignores that information, then you get this vulnerability.”

Fixing the flaw in an email client that uses PGP isn’t an onerous task, Zimmermann added.

“I saw someone patch it pretty quickly, within a few hours,” he said.

A patch to address the flaw already has been made for the Thunderbird email client, but not yet for Apple Mail, said Nate Cardozo, a senior staff attorney with the Electronic Frontier Foundation.

“The patch doesn’t close the vulnerability — it just makes it impossible to exploit on a client,” he told TechNewsWorld.

“Emails that are sent from the client are still exploitable,” Cardozo pointed out. “It fixes the receiving end of the vul, but it doesn’t fix the underlying vulnerability in the protocol, which remains.”

When that underlying problem is fixed, it likely won’t be backward-compatible, he added.

Sensitive Info Threatened

Since only a small percentage of email users employ a PGP or S/MIME client, the threat the flaw poses to all users isn’t as severe as it could be, said Alexis Dorais-Joncas, security intelligence team lead at Eset.

“However, it is extremely severe for the vulnerable users and their correspondents, as this threat offers a way for an attacker to access clear-text content of communications meant to be secure,” he told TechNewsWorld.

Of the more than 3 billion email users in the world, only tens of millions use PGP mail, EFF’s Cardozo estimated.

“Those that use it, however, are people like journalists, system administrators and folks that run vulnerability reporting programs at big companies,” he said, “so the type of information that is sent via PGP is usually the most sensitive of sensitive.”

Past Messages Endangered

Adding to the severity of the attack is its ability to access past emails.

“The victim’s mail client can be used as a tool to decrypt old emails that have been sent or received,” Cardozo said. “That’s pretty severe.”

For users concerned about the security of their PGP or S/MIME email clients, Eset’s Dorais-Joncas offered these recommendations:

  • Stop using vulnerable email clients to decrypt emails. Use a standalone application.
  • Disable HTML rendering and automatic remote content in your email client. This will block the backchannel communication mechanism used by the flaw to exfiltrate cleartext data.
  • Look for updates. It is expected that vendors will issue patches to correct some of the flaws exposed by the researchers.
Open Source Is Everywhere and So Are Vulnerabilities, Says Black Duck Report

Open Source Is Everywhere and So Are Vulnerabilities, Says Black Duck Report

Black Duck by Synopsys on Tuesday released the 2018 Open Source Security and Risk Analysis report, which details new concerns about software vulnerabilities amid a surge in the use of open source components in both proprietary and open source software.

The report provides an in-depth look at the state of open source security, license compliance and code-quality risk in commercial software. That view shows consistent growth over the last year, with the Internet of Things and other spaces showing similar problems.

This is the first report Black Duck has issued since Synopsys acquired it late last year. The Synopsys Center for Open Source Research & Innovation conducted the research and examined findings from anonymized data drawn from more than 1,100 commercial code bases audited in 2017.

The report comes on the heals of heightened alarm regarding open source security management following the major data breach at Equifax last year. It includes insights and recommendations to help organizations’ security, risk, legal, development and M&A teams better understand the open source security and license risk landscape.

The goal is to improve the application risk management processes that companies put into practice.

Industries represented in the report include the automotive, big data (predominantly artificial intelligence and business intelligence), cybersecurity, enterprise software, financial services, healthcare, Internet of Things, manufacturing and mobile app markets.

“The two big takeaways we’ve seen in this year’s report are that the actual license compliance side of things is improving, but organizations still have a long way to go on the open source security side of things,” said Tim Mackey, open source technology evangelist at Black Duck by Synopsys.

Gaining Some Ground

Organizations have begun to recognize that compliance with an open source license and the obligations associated with it really do factor into governance of their IT departments, Mackey told LinuxInsider, and it is very heartening to see that.

“We are seeing the benefit that the ecosystem gets in consuming an open source component that is matured and well vetted,” he said.

One surprising finding in this year’s report is that the security side of the equation has not improved, according to Mackey.

“The license part of the equation is starting to be better understood by organizations, but they still have not dealt with the number of vulnerabilities within the software they use,” he said.

Structural Concerns

Open source is neither more nor less secure than custom code, based on the report. However, there are certain characteristics of open source that make vulnerabilities in popular components very attractive to attackers.

Open source has become ubiquitous in both commercial and internal applications. That heavy adoption provides attackers with a target-rich environment when vulnerabilities are disclosed, the researchers noted.

Vulnerabilities and exploits are regularly disclosed through sources like the National Vulnerability Database, mailing lists and project home pages. Open source can enter code bases through a variety of ways — not only through third-party vendors and external development teams, but also through in-house developers.

Commercial software automatically pushes updates to users. Open source has a pull support model. Users must keep track of vulnerabilities, fixes and updates for the open source system they use.

If an organization is not aware of all the open source it has in use, it cannot defend against common attacks targeting known vulnerabilities in those components, and it exposes itself to license compliance risk, according to the report.

Changing Stride

Asking whether open source software is safe or reliable is a bit like asking whether an RFC or IEEE standard is safe or reliable, remarked Roman Shaposhnik, vice president of product & strategy at Zededa.

“That is exactly what open source projects are today. They are de facto standardization processes for the software industry,” he told LinuxInsider.

A key question to ask is whether open source projects make it safe to consume what they are producing, incorporating them into fully integrated products, Shaposhnik suggested.

That question gets a twofold answer, he said. The projects have to maintain strict IP provenance and license governance to make sure that downstream consumers are not subject to frivolous lawsuits or unexpected licensing gotchas.

Further, projects have to maintain a strict security disclosure and response protocol that is well understood, and that it is easy for downstream consumers to participate in a safe and reliable fashion.

Better Management Needed

Given the continuing growth in the use of open source code in proprietary and community-developed software, more effective management strategies are needed on the enterprise level, said Shaposhnik.

Overall, the Black Duck report is super useful, he remarked. Software users have a collective responsibility to educate the industry and general public on how the mechanics of open source collaboration actually play out, and the importance of understanding the possible ramifications correctly now.

“This is as important as understanding supply chain management for key enterprises,” he said.

Report Highlights

More than 4,800 open source vulnerabilities were reported in 2017. The number of open source vulnerabilities per code base grew by 134 percent.

On average, the Black Duck On-Demand audits identified 257 open source components per code base last year. Altogether, the number of open source components found per code base grew by about 75 percent between the 2017 and 2018 reports.

The audits found open source components in 96 percent of the applications scanned, a percentage similar to last year’s report. This shows the ongoing dramatic growth in open source use.

The average percentage of open source in the code bases of the applications scanned grew from 36 percent last year to 57 percent this year. This suggests that a large number of applications now contain much more open source than proprietary code.

Pervasive Presence

Open source use is pervasive across every industry vertical. Some open source components have become so important to developers that those components now are found in a significant share of applications.

The Black Duck audit data shows open source components make up between 11 percent and 77 percent of commercial applications across a variety of industries.

For instance, Bootstrap — an open source toolkit for developing with HTML, CSS and JavaScript — was present in 40 percent of all applications scanned. jQuery closely followed with a presence in 36 percent of applications.

Other components common across industries was Lodash, a JavaScript library that provides utility functions for programming tasks. Lodash appeared as the most common open source component used in applications employed by such industries as healthcare, IoT, Internet, marketing, e-commerce and telecommunications, according to the report.

Other Findings

Eighty-five percent of the audited code bases had either license conflicts or unknown licenses, the researchers found. GNU General Public License conflicts were found in 44 percent of audited code bases.

There are about 2,500 known open source licenses governing open source components. Many of these licenses have varying levels of restrictions and obligations. Failure to comply with open source licenses can put businesses at significant risk of litigation and compromise of intellectual property.

On average, vulnerabilities identified in the audits were disclosed nearly six years ago, the report notes.

Those responsible for remediation typically take longer to remediate, if they remediate at all. This allows a growing number of vulnerabilities to accumulate in code bases.

Of the IoT applications scanned, an average of 77 percent of the code base was comprised of open source components, with an average of 677 vulnerabilities per application.

The average percentage of code base that was open source was 57 percent versus 36 percent last year. Many applications now contain more open source than proprietary code.

Takeaway and Recommendations

As open source usage grows, so does the risk, OSSRA researchers found. More than 80 percent of all cyberattacks happened at the application level.

That risk comes from organizations lacking the proper tools to recognize the open source components in their internal and public-facing applications. Nearly 5,000 open source vulnerabilities were discovered in 2017, contributing to nearly 40,000 vulnerabilities since the year 2000.

No one technique finds every vulnerability, noted the researchers. Static analysis is essential for detecting security bugs in proprietary code. Dynamic analysis is needed for detecting vulnerabilities stemming from application behavior and configuration issues in running applications.

Organizations also need to employ the use of software composition analysis, they recommended. With the addition of SCA, organizations more effectively can detect vulnerabilities in open source components as they manage whatever license compliance their use of open source may require.

Tech Career Checklist: Aggressive Diversity, Cold Cash

Tech Career Checklist: Aggressive Diversity, Cold Cash

I’ve become convinced that too many of us don’t prioritize our employment choices properly. What recently drew my attention to this was a conversation I had with Dell’s CFO Tom Sweet at Dell Technology World. We were chatting about Dell’s problem attracting employees. Because Dell is a private company, few employees get stock or stock options — they get cash instead. It seems that has put Dell at a disadvantage when competing for top folks.

Because I have a rather substantial background in compensation and employee motivation, I started to wonder whether Dell’s employees were at an advantage rather than a disadvantage, and whether the recruitment issue was one of correcting a false impression rather than overcoming a competitive weakness.

Having watched a ton of my peers lose their options over the years — and more recently, watching the issues surrounding harassment and diversity in most tech firms — I’d like to challenge the impression that a company should even want employees who value options over cash and stronger employee protections.

I’ll offer my perspective on that and then close with my product of the week: Mirage Solo, a new virtual reality headset from Lenovo.

Diversity Commitment

I don’t believe it matters how much money you make if you don’t feel safe at work. I spent some time talking to Michael Dell at Dell Technology World, and one of his comments really stuck with me. He said that if he should catch anyone abusing a woman or minority, he personally would ensure that they were prosecuted to the full extent of the law. For some of the recently exposed abusers, 50 years in prison would be an appropriate punishment, in his opinion.

There aren’t a lot of CEOs who have this kind of passion for the issue. If you are a member of one of the groups commonly harassed or abused, working for a company that has someone at the top who believes in taking aggressive steps to solve the problem likely should be a high priority.

I also spent some time talking to Brian Reaves, Dell’s chief diversity officer. From my vantage point, the role of chief diversity officer is more form than substance in way too many companies. Few have much authority, and they often are just trotted out to give the appearance the company is doing something. If you look at hiring practices or talk to groups in the firm who are abused, however, they are more paper tiger than change agent.

Because Brian has the full backing of Michael Dell and Karen Quintos (the most powerful woman at Dell), his position has teeth. He has been instrumental in driving an inclusive strategy at the firm.

If you are a member of a group that is commonly abused, I now think that as you choose among firms, you should ask for an interview with the firm’s chief diversity officer. Make your own determination about whether the person in that role really would have your back, or is there primarily to take the heat off abusive managers.

Cash vs. Options

One of the events that really stuck with me when I was working for IBM years ago was its stock crash. Prior to that occurrence, a lot of the executives, because we were acquired, were millionaires on paper. Many bought expensive houses and cars on credit, counting on their pool of options to ensure their future and retirement.

Then the stock went from around US$150 to under $40, and millions of dollars in options were lost almost overnight. Worse, many of those folks then were laid off. Many had huge expensive loans, inadequate savings to pay them off, and massive debt. It was catastrophic — but not anywhere near as bad as the dot-com crash a decade or so later.

When the dot-com bubble burst, far more folks lost their homes and ended up living in their expensive cars while they dodged repossession. Going from rich to homeless is about as traumatic as it gets.

Had they had cash instead of options, they still would have had the cash. With cash, you can diversify your portfolio and better protect against catastrophic stock events. Yes, you don’t get the tax advantages of options, but those breaks do you little good if the options go underwater.

If you want to see a ton of folks just hit a productivity wall, take their option value to zero at scale. For a long time, the employees just don’t want to talk about anything else, so getting anything done — like turning around the company — can become impossible. Employees individually have little impact on company valuation, and when the stock crashes the money they lose on paper easily could overwhelm the salary they get.

The lesson is that although you may build up more equity with options, you also have a vastly higher risk of losing it all. I’ve seen that happen to a lot of folks who never recovered. The options may look better on the surface, but once risk is factored in, cash appears to be the better choice. That is particularly true in a volatile market, and right now we have a very volatile market.

Wrapping Up: Doing What You Love

There is a saying that “if you do what you love you’ll never work a day in your life.” I think the quality and security of a job trumps compensation. I also think that if you believe, as I do, that diversity makes for a better company — particularly if you are part of creating that diversity — then you should favor firms that aggressively protect their diverse populations and encourage diverse hiring over firms that give those efforts lip service.

Finally, cash may be better than options from the standpoint of long-term risk and sustainable wealth growth, because you can better protect against a market crash and catastrophic outcome. Yes, you may not be able to buy that expensive car or house as soon, but you are far less likely to end up homeless.

The fact is, you likely don’t need that house or car as much as you need to avoid becoming homeless. It makes me wonder whether candidates who prefer options over cash, particularly in today’s market, really are as smart as some think.

Finally, we spend way too much time on compensation and not enough on finding something we love to do. I’m thinking we need to readjust our priorities. What do you think?

Rob Enderle's Product of the Week

Google’s Daydream platform really looked interesting at launch, but it has been kind of problematic in terms of use. That is because when you place your smartphone into a carrier, it might not fit well, and you could end up with something less than ideal. The less-than-ideal part might kick in when email, phone calls, social networking alerts, or text messages come in, screwing up your experience.

The headsets Samsung designed for its phones actually are impressively good, but the fact remains that the smartphone is far more a communications device than a virtual reality showcase.

Still, this approach has proven to be a very inexpensive way to get into VR. The headsets that use the phones are cheap, some well under $20 (granted most of these are junk) so it does allow folks to get a VR experience without a huge investment.

However, if you should get hooked and want something better, the jump-up could be massive: A PC-based VR solution could cost thousands of dollars.

The market needed something in between, and the Lenovo Mirage Solo is just that.

Lenovo Mirage Solo

Lenovo Mirage Solo

Lenovo has built the core components that make Daydream work into a VR headset that, while far more expensive than a smartphone holder, is far less expensive than a PC-based solution.

Unlike those PC solutions, it is untethered. I’ve damn near killed myself several times with the tethers on these things. You almost need someone spotting you with this stuff, so you don’t literally break a leg.

This is a full Daydream implementation, so it uses Daydream content. It is far easier to set up and use than either the smartphone or PC solution, and the cost is around where the latest lower-cost group of PC connected headsets resides — but you don’t need a PC. Because the Lenovo Daydream fills a critical need for an integrated Daydream solution, it is my product of the week.