Digital Privacy at the Border with 1Password and DEVONthink

digital privacy at the border

For whatever reason, people think of my country as progressive. A recent change to customs law might go some way to challenging that. Customs agents in New Zealand now have the power to demand security information including passwords, PIN numbers or biometric access to digital devices. They call it a ‘digital strip search’. If New Zealand has long been thought of as pioneering, I’m embarrassed to list this among our firsts. Assurances from customs that the threshold for search is high make no difference, the fact remains, the law exists. 1  What follows are some suggestions for apps and services that can help protect your digital privacy at the border.

First, note this is not legal advice, neither am I qualified to offer any. I am also basing this upon New Zealand customs law, which only covers the search of physical devices, and does not compel anybody to provide access to cloud services. 2 To state the obvious, you would do well to know the laws the that govern your border crossings, no matter where you travel. For the U.S, you could do worse than familiarise yourself with the recommendations from civil liberties group, the Electronic Frontier Foundation.

Digital Strip Search, an Apt Phrase

Most Academics have cause to travel often, and many carry sensitive information with them of one kind or another. My own work might be considered seditious in some parts of the world, 3 and I know plenty of academics and even grad students working under embargo, simply because that is how universities operate. To say nothing of our actual ‘private’ lives; iPhones with photos of family, personal messages, journal entries, medical information and so on. The phrase ‘digital strip search’ is apt, being submitted to such an invasion of privacy would make anyone would feel naked. If you would rather not put yourself through such an ordeal, 4 there are steps you can take to protect yourself.

Apps and Services to Manage Digital Privacy

This assumes you are traveling with iOS devices and not a Mac. That is not to say this cannot be done with a Mac, just that the entire process is more involved for Mac users. The principles still apply. If you’re travelling with a laptop, you could do worse than follow the advice of Bruce Schneier. Either way, it is getting to the point where traveling with as little tech as possible is the right way to go, even if it is impractical. And what gear you do travel with should be kept as clean as possible. Time willing, I may come back to the idea of travelling with a Mac.

1Password

 

1password Digital Privacy At The Border
1Password's Cloud Vaults provide security and convenience for border crossing

I cannot bang the 1Password drum loud enough. In my experience it is the best password manager available. It actually includes a feature called Travel Mode, designed for this situation. There is a school of thought, however, to suggest it is a nice idea that is a bit misguided in practice. Whether or not you decide to use it, it is a nice option to have.  Although it's not obvious that travel vaults are missing, that the feature exists is not a secret, so I do understand the argument.

At the same time, if you have a subscription to 1Password, the cloud vaults provide a better option by making it possible to remove the app entirely and download everything at the other end. This way you are not setting a flag that advertises you are ‘hiding' something.  It does mean holding on to an extra piece of information, as you will need the encryption key, as well as your password to set it all up again. See below for places you might put that.

Secure Private Data with DEVONthink’s Strong Encryption

I have written about using DEVONthink for this purpose. DEVONthink goes beyond being outstanding software for managing data by including strong AES 256 bit encryption. Again, you hold the keys, which means anything you put inside a DEVONthink database can be locked behind first class encryption. DEVONthink can store practically any kind of data or document, making it ideal for this scenario. Syncing is easy to setup with your choice of providers, including iCloud Drive.

Devonthink Digital Privacy
DEVONthink's iOS app can help maintain privacy with its strong encryption and flexible syncing

Among DEVONthink’s strengths is its ability to compartmentalise data in different ways. Whether you do that by group, or you setup a separate database for the documents. It can give you granular control over what you sync and when. It will even let you use multiple cloud services simultaneously as it sync’s each database separately.

You can work out for yourself how best to set this up, but my preference would be to setup a special database and download it to my device when I need it. That way I can be deliberate about what data I need, and organise it accordingly. I can also avoid using excess data.

Boxcryptor and Sync.com

If you have no use for DEVONthink, you might consider using encrypted cloud storage. If you're serious about privacy, using DropBox or  iCloud is not enough. In the past I have happily endorsed Sync.com for approximating the convenience of Dropbox while offering much better security with end-to-end encryption. I still hold that service in high regard, especially now the app has better integration with the iOS Files app. They offer 5Gb of storage for free, which should be plenty for this scenario.

If you prefer the flexibility of sticking with your existing cloud storage service, then take a look at Boxcryptor. It is free to use if you only need to secure one service, but you will need a paid account to encrypt file names so bear that in mind when naming your files.

A Method for Digital Privacy at the Border

Once you have handed over your passcode, or consented to unlock your device with TouchID or FaceID, anything on it is fair game. Many apps provide an extra security layer, but the passcode is all that is needed to change either the finger, or face to get beyond most of them. The safest approach is to have nothing on your device. Setup these apps before you leave, and remove everything from your device. Myself, I would even setup a different iCloud account altogether.

Before you leave

Back everything up, obviously. Now do it again. Don't rely on iCloud backup alone. Ideally you will have at least a secondary location. I use iMazing for this, and all my backups are included in my Time Machine Off-site clone, and my Backblaze continuous cloud backup. Incidentally, if you use Backblaze you have another means for client-side encrypted storage. You can retrieve anything you need to on demand from your Backblaze locker. The way I figure, that even leaves me room to make the kind of screw ups that come with having attention madness.

If you're an iOS only user, I would seriously consider investing in some external storage to add a secondary backup. The Sandisk iXpand Drives tend to be the best, not only for the drive quality but they include software to handle the backup.

Once you are backed up, setup a new iCloud account. Note, your devices can be logged into more than one account for different services. For example, you can log into the App Store with one iCloud account, and use a different one for Photos, iCloud Drive and so on.

When you Arrive

This should be obvious. Either download the necessary apps to your alternate iCloud account, or log back into your ordinary account and do the same. This is time consuming and annoying — and it will cost you data — but consider the alternatives. In this part of the world, it now means a choice between being digitally naked or a NZ$5000 on the spot fine for refusing access. Considering how you will maintain your digital privacy at the border is no longer optional.

Photo by Matt Artz on Unsplash

  1. New Zealand customs have form that should make anyone wary
  2. Anyone with eyes can see how stupid this makes the law, so stupid it hurts.
  3. Posting this probably doesn’t aid my cause
  4. And you don’t have a spare $5000 to throw at the problem

Show and Tell — 8 October, 2018

Collected links for academics, students, and other nerds

Markdown Converter | OU Libraries Tools

I shared my Docverter Workflow recently. When I have the time, I will update it with a Stylesheet. In the meantime, here is a web service using Pandoc that has a few different styles for converting Markdown documents

Times Newer Roman Is a Sneaky Font Designed to Make Your Essays Look Longer | the Verge

File this under amusing. I’m not advocating you use it. In fact, it’s a shame to think of classes so boring the inspiration can’t be found to write the minimum. My problem was always the opposite, how to keep under the word limit.

Sans Forgetica | RMIT

Apparently it's fun with fonts week. I find this more interesting. It is designed to help you remember by making you work at reading your notes. Maybe an antidote to handwriting being the best cognitive medium for notes? Come to think of it, looking at my handwriting, illegibility may always have been the real advantage.

Firefox Monitor | Mozilla

 1Password  runs a service called  watchtower, which is built in to their apps. A basic version is available from their website, but the public version will only scan for affected sites, and not email address. This, from Mozilla, is more like a proactive version of Have I Been Pwnded. Mozilla's contribution to privacy and security has to be admired, the improvements to Firefox are making it more an more attractive give the developments with Chrome,  and Apple's decision to cash in on user security.

Why I'm Done With Chrome | a Few Thoughts on Cryptographic Engineering

Speaking of Chrome,  here's Google again. It appears the time has come to delete Chrome. Sadly, like so many of these things that will be easier said than done

Bypass ‘Safari no Longer Supports Unsafe Extensions’ in Macos Mojave | George Garside

As for Safari, not that long ago I praised its new security features. Unfortunately, for all its convenience I'm now looking at the browser sideways. Say what you like about Apple's commitment to user security, but they are not without choices in how they enact it. If you have extensions you already trust but no longer work, workarounds are available. About that convenience….

Troy Hunt: Mmm… Pi-Hole…

If you want a more nuanced approach for controlling ads, and you enjoy tinkering with Raspberry Pi, this could be for you. Incidentally, there are ways to do something similar on some routers (such as the Synology), or a blunt force approach can be to edit your hosts file.

How to Build a Low Tech Website | Low Tech Mag

Another one for the tinkerers, I fancy this idea for a class project.

A Visualized History of Philosophy

More fun with web design and philosophy. This is an interactive, summarised and visualised history of philosophy. I will spare you the comments on auspicious absentees, or indeed on the philosophical decisions involved in drawing lines between names.  Although, for philosophy nerds that will be half the fun. Enjoy.

 

Photo by Andrew Neel on Unsplash

Details on a New PGP Vulnerability | Schneier on Security

You might have seem some of the hullabaloo around the web about the discovery of a security flaw in PGP or S/MIME. From Bruce Schneier, the vulnerability is not in the encryption itself, rather the exploit is carried out in transit.

The vulnerability isn't with PGP or S/MIME itself, but in the way they interact with modern e-mail programs. You can see this in the two suggested short-term mitigations: “No decryption in the e-mail client,” and “disable HTML rendering.”

The suggested workaround is solid advice. Email has never been a sensible means for secure communication.

Why is anyone using encrypted e-mail anymore, anyway? Reliably and easily encrypting e-mail is an insurmountably hard problem for reasons having nothing to do with today's announcement. If you need to communicate securely, use Signal. If having Signal on your phone will arouse suspicion, use WhatsApp.

Show and Tell – Tuesday 8 May, 2018

The Appademic Show And Tell Links.jpg

An intermitant collection of concisely annotated, tech related links

We Know Where You Live

Palantir Knows Everything About You

The most emblematic paradox; it goes like this. Facebook knows everything about you, but Palantir knows more.

Cops Around the Country Can Now Unlock iPhones, Records Show | Motherboard

I know most people don’t expect the FBI will want to access their phone. To understand the situation, put the argument to yourself in reverse and you will soon realise the implications. Thankfully, these holes are usually filled in before long. Either way, use the strongest security you can by principle.

Google's File on You Is 10 Times Bigger Than Facebook's – Here's How to View It | Zero Hedge

Compared with most people I know, I'm pretty careful about the privacy of my data. I'm still scared to look at what Google has on me. By now, nobody should be surprised, and yet I wager you will be surprised. Look if you dare.

Stop Using 6-Digit iPhone Passcodes | Motherboard

Typically we won’t hear about cracking technology going underground for sometime, so forget the argument that you — being a law abiding citizen — needn’t worry about the police.

Idle At Work

The New Lesson Plan for Elementary School: Surviving the Internet – the Washington Post

This is more than I can say for a majority of the fully grown adults I spend my days avoiding

Susan, a 10-year-old in pink sneakers who likes YouTube and the mobile game “Piano Tiles 2,” quietly raised her hand. “I will make sure that I don’t tell nobody my personal stuff,” she said, “and be offline for at least two hours every night.”

Silicon Valley's Sixty-Year Love Affair With the Word “Tool”

Permit me a juvenile aside if you will, it seems we could update the old adage about what you eat.

“Is Curing Patients a Sustainable Business Model?” Goldman Sachs Analysts Ask | Ars Technica

For whatever reason, I know a lot of people struggle coming to terms with this very simple, but obvious contradiction in our economic system. This is about as clear an example as one could imagine.

Your Pretty Face Is Going to Sell | Open Space 

A brief investigation of commodified affect via YouTube, amusing.

What Else Floats on Water

Apple Sued an Independent iPhone Repair Shop Owner and Lost | Motherboard

I come across some gobsmacking equivocation when it comes to Apple. The idea that this behemoth is anything other than a halo bearing wonder of the modem world would undermine everything advocates want to believe about themselves. The truth is a little more uncomfortable.

“Apple is proving themselves to be the worldwide poster child of the Right to Repair movement,” Gay Gordon-Byrne, executive director of Repair.org, which is pushing for this legislation, told me. “They continue to make our case for us—suing legal repair providers, such as Henrik, lying to consumers about CPU performance throttling instead of battery replacements, and the coup de grace of hypocrisy—building products that are hard to repair and then proclaiming they care about the environment.”

Anyone wondering what right to repair would mean for the rest of the world might start here.

The specifics of Huseby’s case won’t matter for American repair shops, but that Apple continues to aggressively pursue a repair shop owner over 63 iPhone screens signals that Apple is not interested in changing its stance on independent repair, and that right to repair activists and independent repair companies should expect a long fight ahead of them: “I feel that this case was extremely important for them to win,” Huseby said.

Now Look Here

How Microsoft Helped Imprison a Man for ‘counterfeiting' Software It Gives Away for Free | TechCrunch

I’m out of words for this one. This is brutal from Microsoft, even if it should come as no surprise.

Stop Calling These Dark Design Patterns or Dark UX | These Are Simply asshole Designs

Whether you want to believe it or not, our economic system is built on obfuscation. These practices are deceitful, no question. At the same time, they paradoxically reveal a certain overlooked truth. I’ll leave it to you to work out what that is — in case you overlooked the first sentence.

Brutalist Design Is the Bad Influence We All Need

If you have any interest in design, you may like to read this. Aesthetics aside, there is a sociological argument hiding in here about pseudo-originality. I’ll leave you to find it.

The Disturbing High Modernism of Silicon Valley | Cal Newport

First time I’ve ever been remotely interested in something from this blog

No, Students Probably Aren't Blowing Their Student Loans on Bitcoin | the Chronicle of Higher Education How not to do research

Group Madness

Ex-Google Engineer Scraping YouTube to Pop Our Filter Bubbles | MIT

Chaslot, who worked at YouTube in 2011 and then at Google until 2013 (he claims he was fired for trying to give users more control over the algorithms that recommend content; neither Google nor YouTube addressed that contention in a response to a request for comment about this and other issues he has raised), figured this out by tracking YouTube’s suggestion algorithm. He tested his theory by building software that simulates the act of starting out watching one video on YouTube and then clicking on the recommended “Up next” video (which will also play automatically if you have YouTube’s autoplay feature turned on), over and over and over.

The New Lesson Plan for Elementary School: Surviving the Internet | Washington Post This is more than I can say for a majority of the fully grown adults I spend my days avoiding

Susan, a 10-year-old in pink sneakers who likes YouTube and the mobile game “Piano Tiles 2,” quietly raised her hand. “I will make sure that I don’t tell nobody my personal stuff,” she said, “and be offline for at least two hours every night.”

San Francisco's Bizarre Scooter War Shows How Tech Companies Ignore the Law | VICE

Literal disruption — and I mean, literally literal.

A Flaw-by-Flaw Guide to Facebook's New GDPR Privacy Changes | TechCrunch

No, it’s not about to end anytime soon

Facebook Removes 1.5 Billion Users From Protection of EU Privacy Law | Ars Technica

Either data is worth more than the tax breaks (which is likely) or to keep hold of both, a new level of tax dodging chicanery is required. Either way, Facebook is a grotesquely scaled version of a street huckster who gives you a dime while pinching your wallet from your pocket

Login With Facebook Data Hijacked by JavaScript Trackers – TechCrunch

In case you missed this. I recently heard a well known podcaster offering some thought on how it is relatively safe to use these single sign-on solutions. You know, Oauth is completely locked down; don’t be paranoid, and so on. So, anyway.

The abusive scripts were found on 434 of the top 1 million websites including cloud database provider MongoDB. That’s according to Steven Englehardt and his colleagues at Freedom To Tinker, which is hosted by Princeton’s Center For Information Technology Policy. I

The Many Deceptions of Mark Zuckerberg | Creative Good

Lies, damned lies, and Facebook.

Broaden Your Mind

Introduction · Front-End Developer Handbook 2018

Open source generosity of a kind. Nerds are largely a very generous cultural subset

And Now, For Something Completely Different

In Search of Photographic Treasure: Alfred G. Buckham | International Center of Photography

These photos are incredible.

A Robot Does the Impossible: Assembling an Ikea Chair Without Having a Meltdown

Closest thing to genuine artificial intelligence yet

 

Photo by Jon Tyson on Unsplash

Show and Tell – 3rd April, 2018

Best Facebook Privacy Links.jpg

We Know Where You Live

The subheadings for this link gathering exercise might seem like nonsense. They are, it’s true, but not random nonsense. 1 If you recognise their origin, maybe you've also picked up how this particular Python title has taken on more meaning recently.

MoviePass CEO: ‘We Watch How You Drive From Home to the Movies'   Surely we're waking up to all this, right? Beware the ills of convenience

According to Media Play News, CEO Mitch Lowe told those at a business forum that the movie subscription service's app not only tracks your location, but follows you to and from the theater. “We watch how you drive from home to the movies,” he said, adding that “we watch where you go afterwards.” Not surprisingly, the company is hoping to understand customer habits and “build a night at the movies.”

How Widely Do Companies Share User Data? Here’s A Chilling Glimpse | Fastcodesign The tangible cause and effect of the Facebook revelations have the tech media in a spin. Meanwhile, Paypal quietly released details of their data sharing practices in January to comply within European law. That the response was just as quiet shows how routine a practice this is. This one is particularly galling given the paucity of genuine alternatives.

Group Madness

I’m still coming to terms with the level of surprise writ large in this debacle. The contemporary social contract has been a digital exchange for some time. Self surveillance is the norm, not an exception.

Facebook Has Had Countless Privacy Scandals. But This One Is Different The optimist has it this will incite a revolt. As much as I’d like to believe it, I see little around me to support the claim. I haven’t logged into Facebook for months, my reticence long established. However, I would wager that rolling through my ‘news’ feed will be a strangely self contained outrage directed at Facebook, within Facebook itself.

This is a data collection scandal. This is a scandal triggered by a specific incident, but that is broadly about the ways massive companies track us, harvest information from us, and then sell us as coercion targets in sophisticated information campaigns that could be for anything from diapers to mattresses to anti-vax literature.

The story will endure not because of animosity toward political data use but because it perfectly touches upon a deeper anxiety about our online privacy that’s been building for years. Indeed, the Cambridge Analytica scandal could well be the catalyst for a much bigger targeting revolt — a full-scale personal and public reckoning that looks at the way we’ve used the internet for the last decade. It’s a moment that forces us, collectively, to step back and think about what we sacrificed for a more convenient and connected world. And on an internet that feels increasingly toxic it’s hard to look at the tradeoffs we’ve made and feel like we’re getting a fair deal.

Then again, I’m just as likely to find all the awkward emotional oversharing, inner monologues, and general nonsense as usual.

Why Nothing Is Going To Happen To Facebook Or Mark Zuckerberg  On the flip-side. Where some see revolt, others see business as usual.

With Wall Street leading the way, the four entities with the strongest ability to cause long-term damage to Facebook in response to revelations that Cambridge Analytica illicitly used 50 million of its users’ data for political purposes didn’t seem ready to do so: Analysts told investors to buy the dip. Advertisers kept spending. Legislators continued to sit on their hands while a basic ad transparency bill rotted in Congress. And though users posted #DeleteFacebook en masse, Facebook actually rose to 8th place from 12th in the iOS mobile App Store since the day before the Cambridge Analytica news broke. It’s holding steady on Android, too.

No one can pretend Facebook is just harmless fun any more | The Guardian

We have now reached the point where an unaccountable private corporation is holding detailed data on over a quarter of the world’s population. Zuckerberg and his company have been avoiding responsibility for some time. Governments everywhere need to get serious in how they deal with Facebook.

How to Use Facebook While Giving It the Minimum Amount of Personal Data | the Verge  Some advice for minimising the data you share with Facebook. I’m all likelihood it’s too late, but developing good, conscious habits is always a good thing

Towards a world without Facebook | TechCrunch  A modest proposal if ever I saw one. I have sniped and snarked at crypto currencies on these pages, often with vague hat tipping toward the untapped potential of blockchain technology for other purposes. But I’ll admit, I hardly ever come across hard coded examples, let alone share them. Interestingly, the Facebook debacle has given us a barn to aim at, so we should see some interesting attempts at turning the page

We’re approaching — or maybe already at — the point at which these tools could be put together to construct, say, a small-scale decentralized social network. It would still face the critical-mass problem: but that could be addressed by focusing on specific cohorts and communities; art collectives, churches, fandoms, etcetera. It would still face the ordinary-people-don’t-want-tokens problem: but that could be addressed by having a designated token-handling admin for each node, in the same way that online communities used to have designated email admins or local Usenet sysadmins, so ordinary users would just need a URL, a userid/password, and perhaps a decision whether to pay for access or be advertised to.

Are you ready? This is all the data Facebook and Google have on you | The Guardian — If you still need a readout, this provides a decent run down of that data hoarding at Facebook and Google. But wait, there’s more — much more.

Mark Zuckerberg Thinks We’re Idiots | Monday Note Not a novel point, the irony in this claim has reached catch phrase proportions by now. Then again, if ever there were a time to put a finer point on it.

As Facebook’s leader, Zuckerberg resolves to get things straightened out in the future (“it’s my job, right?”) while he delivers a callcenter-style broken record reassurance: “Your privacy is important to us”. Yes, of course, our privacy is important to you; you made billions by surveilling and mining our private lives. One wonders how aware Zuckerberg is of the double entendre.

What Else Floats on Water

Apple, everyone needs more free iCloud storage | The Verge  Honestly, Apple may as well give us the bird for all you can store in 5Gb. For all the talk of user hostile action on the design front, examples of inaction offer enough insight inot priorities. At least for anyone not prone to religious feelings.

Apple: Former Engineer Will Unlock iPhone X for $15,000 | Fortune   Despite the sense this has always been a lucrative business waiting to happen, surely setting up this enterprise involved navigating a labrynthe of  mind-bending legal chicanery.

Stanford Students Challenge Apple on iPhone Addiction | Inside Higher Ed  Yeah, I can’t see Apple helping people use their devices less. Unless, of course, there is a way to spin it.

iOS 11 Bugs Are so Common They Now Appear in Apple Ads | the Verge  This has since been cleaned up. Amusing, yes. At the same time, it points to a normalisation of novelty over stability. All but unique to software as a product,  we essentially purchase it broken, and pay to have it fixed. Even if we pay for it via the hardware. Rumour has it this year's update to iOS will be a stability release.

Apple CEO Tim Cook says Facebook should have regulated itself, but it’s too late for that now | Recode – Call me a cynic 2, but this is a little convenient for — and from — Apple. If I prefer Apple's approach, I'm not so comfortable with subtle opportunism. Privacy wouldn’t be a selling point if they didn’t have anything to differentiate themselves from.

Cook has made a point of criticizing Facebook for both the Cambridge Analytica affair and its overall approach to consumer privacy in recent days. But it’s not a new stance for him or the company: He made similar comments about Facebook and Google in 2015, and his predecessor Steve Jobs went out of his way to contrast Apple’s privacy stance with rivals like Google in 2010.

I don't doubt the existence of influential voices arguing for it's inherant value, but if it didn't have that other kind of value we wouldn't find so many contradictions Look a little closer and you fill find a fair degree of enabling. Take the Uber debacle, Apple has been found greasing the wheels before. Or more recently, the situation in China with carte Blanche to encryption keys. Intentional or not, this looks a cynical intervention. Apple’s own iCloud even runs on Google infrastructure, so pull that apart.

Bob Burrough | Twitter — Further to the above, this from a former Apple luminary pointing to the absurdly broad language from Apple claiming to keep all data safe from prying eyes. The line is crossed where the claim is made that your web traffic is kept private, to which Burroughs counters:

Since This Is Obviously Not True, the Only Possible Options Here Are: – Apple Believes This Is True, and They're Too Foolish to See How It Isn't. – Apple Doesn't Believe This, and They're Misleading Customers for Marketing Reasons.”

Apple’s approach might be more desireble, but to think of them as some benevolent entity immune from the profit motive is naive at best.

Now, Look Here

A Startup Is Pitching a Mind-Uploading Service That Is “100 Percent Fatal” | MIT Technology Review  A materialist’s guide to the afterlife

This story has a grisly twist, though. For Nectome’s procedure to work, it’s essential that the brain be fresh. The company says its plan is to connect people with terminal illnesses to a heart-lung machine in order to pump its mix of scientific embalming chemicals into the big carotid arteries in their necks while they are still alive (though under general anesthesia).

‘Blockchain' Is Meaningless | the Verge  The Appropriation of language is a uniquely troubling proposition in a capitalist society. There’s too much incentive for opportunism. Scratch that, the appropriation of everything.

Bose Sunglasses Hands-on: Audio AR Makes More Sense Than You Think | Engadget  Or does it? Nobody seems to learn this lesson. Allow me to phrase it in the turned about syntax of a little green mad with a laser sword: A model for success nerds and fashion are not. 3

Exclusive: This Is the Most Dexterous Robot Ever Created | MIT Technology Review  If you’re not keeping up with robots, you might have missed this.

AI Has a Hallucination Problem That's Proving Tough to Fix | WIRED — Computer says no.

Spotify Needs Your Help Tagging and Sorting Tunes | Engadget  Economists of a particular persuasion worked this out a very long time ago. It’s called surplus value, and this is a clever, if insidious way to capture it. The more work consumers do, the less resources Spotify need to spend, and voila more profit from that surplus. I’m not saying don’t do it, I’m merely bringing the aporia to your attention. This is the real gift economy

Broaden Your Mind

If we have come to the same intersection again, only to recognise it as such, I would at least like to think we might turn left this time. While the world is run by creeps, there are still good people out there, doing good work.

12 Things Everyone Should Understand About Tech | Humane Tech – You don’t need to agree with all of this to recognise its potential importance. A lot of these points seem obvious to anyone who can think even the smallest bit sociologically, but sadly are lost on most people working in, writing about, or commenting on technology. Usually to quote the first paragraph of an article is a good indication that linker hasn’t read it, in this instance it means this is the point.

…tech goes a lot deeper than the phones in our hands, and we must understand some fundamental shifts in society if we’re going to make good decisions about the way tech companies shape our lives—and especially if we want to influence the people who actually make technology.

It would appear the timing is right for a new approach to technology in general. What we have now is parristic, and disturbing.

And Now, For Something Completely Different

How Two Photographers Unknowingly Shot the Same Millisecond in Time | Petapixel  I have a thing for coincidence. So often the impression of synchronicity is a psychological phenomenon, but this one has irrefutable physical evidence. This is, in a word, neat.

Why the PDF Is Secretly the World's Most Important File Format | Motherboard  Something that most academic users are intimately acquainted with.

Photo by Caroline Methot on Unsplash

  1. Don’t get me started on how people use the word ‘random’
  2. Many people do
  3. Sorry, Apple doesn’t count — they’re a fashion brand making consumer electronics these days, not the other way around.

How To Change Your Facebook Settings To Opt Out of Platform API Sharing | EFF

With the Facebook scandal casting a shadow on anything even remotely tech related, we're not short on opinion. What's surprised me most about the whole situation, is that anyone should be surprised at all. What's more, I can't see how the proposed changes will do much.  The most expedient thing right now would seem to be sharing information like this from the Electronic Frontier Foundation. Locking your profile down, insofar as it can be locked down. While you defintely should — lock it down — sadly the horse has bolted, and with your data.

Over the weekend, it became clear that Cambridge Analytica, a data analytics company, got access to more than 50 million Facebook users' data in 2014. The data was overwhelmingly collected, shared, and stored without user consent. The scale of this violation of user privacy reflects how Facebook's terms of service and API were structured at the time. Make no mistake: this was not a data breach. This was exactly how Facebook's infrastructure was designed to work.

My point exactly, this is how it was designed to work. Nobody should be the least bit surprised at this situation. If you’re similarly cynical about the efficacy of the plan to address the situation, and at the same time caught in a bind like most people on the question of whether to keep using the service. The minimum requirement is another look over those settings.

You shouldn't have to do this. You shouldn't have to wade through complicated privacy settings in order to ensure that the companies with which you've entrusted your personal information are making reasonable, legal efforts to protect it. But Facebook has allowed third parties to violate user privacy on an unprecedented scale, and, while legislators and regulators scramble to understand the implications and put limits in place, users are left with the responsibility to make sure their profiles are properly configured.

Not only should you not have to do it, but you shouldn’t expect that settings will routinely change to such a degree that maintaining the level of privacy you desire requires you to check over it every time Facebook rearranges the furniture.

 

Alphabet’s ‘Outline’ Homebrew VPN Software Offers Open-Source, Easy Set-Up Privacy You Control

Alphabet's ‘Outline' looks an interesting project. I want to revisit some of the security/privacy recommendations on this site, my own perspective on private VPN companies has shifted since I last wrote about one in particular. I would agree this is not a ‘privacy panacea’, but have every intention of seeing if I can break it.

Jigsaw, the Alphabet-owned Google sibling that serves as a human rights-focused tech incubator, will now offer VPN software that you can easily set up on your own server—or at least, one you set up yourself, and control in the cloud. And unlike older homebrew VPN code, Jigsaw says it's focused on making the setup and hosting of that server simple enough that even small, less savvy organizations or even individual users can do it in minutes

Show and Tell — Friday 23rd February, 2018

Showandtell 23 02 2018.jpg

Some of these links have collected a little dust over the past few weeks. Things have been quiet around here whole I dealt with the little matter of moving from one island to another. If you enjoy the quips, read on. If you only came for the potentially useful links, I’m sure you can find them. Enjoy.

How Not to be Seen

Salon to Ad Blockers: Can We Use Your Browser to Mine Cryptocurrency? | Ars Technica — Salon might think this is clever, but I doubt they think it’s honest. Nor do I think they care. What stands out to me, other than litany of other implications, is yet more massaging of meaning. Salon claims it will take advantage of ‘unused computing power’, then clocks the CPU to ridiculous levels. But the real kicker is clause of ‘one browser session’. People simply don’t close their browsers anymore, so this could go on for a lot longer than what unsuspecting users think it will. In short, not a fan.

Hey Alexa, Is It True a TV Advert Made Amazon Echo Order Cat Food? | Technology | the Guardian — If nothing else, this illustrates what should already be clear. These devices have one function, buy stuff.

Key iPhone Source Code Gets Posted Online in ‘Biggest Leak in History' – Motherboard — I was listening to a popular ‘tech’ podcast 1 a few days ago and heard another proclamation that Apple is more focused on security than anybody ever. Sure, all the evidence supports that. Oh wait, no it doesn’t.

Facial Recognition Software Is Coming to Industries Like Fast Food and Luxury Shopping. | Slate — Sadly, this is now inevitable. It’s still creepy, bordering on terrifying.

Objective-See | Mac Malware 2017 — If you’re still under the illusion there is no such thing on macOS

Chinese Police Are Using Facial Recognition Sunglasses to Track Citizens | the Verge — Say what you like, this is happening

Idle at Work

Numbers | Becky Hansmeyer – If you haven’t yet seen the app, check out Snapthread. This is an interesting insight into the difficulties facing independent developers. It is not unlike running an independent blog.

The Light Entertainment War

Can an App That Rewards You for Avoiding Facebook Help Beat Smartphone Addiction? | Technology | the Guardian  Or, just stay off Facebook

Facebook personal data use and privacy settings ruled illegal by German court | Technology | The Guardian

Heiko Duenkel, litigation policy officer at the VZBV, said: “Facebook hides default settings that are not privacy friendly in its privacy centre and does not provide sufficient information about it when users register. This does not meet the requirement for informed consent.”

The court also ruled eight clauses in Facebook’s terms of service to be invalid, including terms that allow Facebook to transmit data to the US and use personal data for commercial purposes. The company’s “authentic name” policy – a revision of a rule that once required users to use their “real names” on the site, but which now allows them to use any names they are widely known by – was also ruled unlawful.

Early Facebook and Google Employees Form Coalition to Fight What They Built | The New York Times  — Doing anything evenly vaguely related to tech can be disheartening at times. If you can see through all the bullshit, let alone have a desire to present a balance against some of the more disturbing trends, you might find some hope in this project.

The effect of technology, especially on younger minds, has become hotly debated in recent months. In January, two big Wall Street investors asked Apple to study the health effects of its products and to make it easier to limit children’s use of iPhones and iPads. Pediatric and mental health experts called on Facebook last week to abandon a messaging service the company had introduced for children as young as 6. Parenting groups have also sounded the alarm about YouTube Kids, a product aimed at children that sometimes features disturbing content.

The new group also plans to begin lobbying for laws to curtail the power of big tech companies. It will initially focus on two pieces of legislation: a bill being introduced by Senator Edward J. Markey, Democrat of Massachusetts, that would commission research on technology’s impact on children’s health, and a bill in California by State Senator Bob Hertzberg, a Democrat, which would prohibit the use of digital bots without identification.

The Idiot in Society

You Don't Understand Bitcoin, but You Understand Free Money  —  I’m not posting his for what it shares, but for the utterly moronic sentiment in its title. This so-called free money has an economic underpinning, whether people like this idiot want to believe it or not. We could go all the way back to the labour if you like, but let’s talk about energy consumption instead. Bitcoin alone is currently using more than 1m transatlantic flights worth of carbon per year. If we really want to make something of the revolutionary technology that makes bitcoin possible, we'll have to deal with all the snake oil salesmen, and sociopaths first.

Bitcoin’s energy sage is huge – we can't afford to ignore it | The Guardian — Thought I was making up that figure? If you know anything about economics, you know value has to come from somewhere. The next time you hear some idiot banging on about Bitcoin being decoupled from politics, remind them… actually, forget it, who knows what those people are high on.

Could be, Might be useful

Markdown Converter | OU Libraries Tools — A tool like this can help enable an iOS only workflow if you work with Markdown.

10 Hidden Tricks That'll Make Life With Your iPhone X so Much Easier | BGR — If you have one, this is actually useful.

Left by Rekka — If you’re looking for a simple, plain text writing app.

Setting Up GitHub Pages HTTPS Custom Domains Using CloudFront and Lamda@Edge — A while ago I posted a reminder of what education users can get through Github. If you’re already on that train, here is a tutorial for adding ssl to GitHub pages (check)

Tweak Spotify's Recommendation Tech to Create Custom Playlists | Engadget — Yet more fun with the Spotify API

And now, for Something Completely Different

Solo, a Star Wars Story | Kottke — I’m with Kottke, my ongoing love and obsession with Star Wars is embarrassing and irrational. I’m an outlier, in that I feel like the Last Jedi all but redeemed the crimes of Abrams. Not that I really cared in the end, when it comes to a galaxy far far away, I inevitably give in to childish joy. Whatever this ends up being, I intend to enjoy it

Gorgeous 50-Megapixel Panoramas Shot on an iPhone at 20,000 Feet — It’s these capabilities that trap us in the double bind. What you can do with an iPhone now is amazing, especially in photography. Consider these pictures were taken with a phone, and therefore camera, that is already 2 generations old.

Kids Use Data From Space to Make Cool Basslines With a Modular Synthesizer | Synthtopia — Ah space music.

  1. You know, an Apple Cast

Photo by Daniel Cheung on Unsplash

Do Not, I Repeat, Do Not Download Onavo, Facebook’s Vampiric VPN Service

Old news, yes I know. However if anything bears repeating, this is over qualified. If clarification is needed, the Onavo VPN does not enable any kind of new practice from Facebook. No, it simply makes it dramatically more efficient for Facebook to do what they always do, track everything. What’s particularly nauseating in this instance, is how they’re taking advantage of general misunderstanding around security and privacy. To my mind, this meets the modern definition of a lie. Onavo is spyware.

If you’re someone who can’t live without Facebook or simply can’t find the courage to delete it, the Onavo appears under the “Explore” list just above the “Settings” menu. I’d recommend you never click it. Facebook is already vacuuming up enough your data without you giving them permission to monitor every website you visit.

Show and Tell – Wednesday, 10 Jan 2018

Anyone wondering when more content might be added to this site, fear not. Like any sane person with a family, I took a little time away from the desk over the past few weeks. Having returned to task this week I have been feverishly working in the background, putting more permanent fixes in place for some of the things I mentioned last month. Dealing with amateur mistakes I made when both setting up this site initially, and migrating it to WordPress. 1 Even if there is still work to be done, by now the site should be much faster for most users, and in subtle ways it should look nicer. If you are having any trouble viewing the site, please drop me a line here

Now that I am able to get back to the writing, I have a lot to share. In the meantime, here is some of the Show and Tell backlog I have been sitting on.

We Know Where You Live

Amazon wants a key to your house. I did it. I regretted it. | The Washington Post — Never has that subtitle been more apt. Another in case you missed it link, but not for the reason you might think. Sometimes I despair. You’d think this was a critical look at the idea of totalising one’s life with a tech shopping company. Alas, it appears more of a thinly disguised lament that using one place to shop doesn’t allow you to get the best prices. If this is your only concern here, I fear you are lost.

Cryptojacking WordPress | WIRED  — Ordinarily I’m opposed to neologisms, but sometimes somebody nails it. To be fair, I’m much more opposed to Cryprojackers.

Meltdown and Spectre: What Apple Users Need to Know  — By now this is everywhere, and the patches are arriving. This whole issue is remarkable for how long these vulnerabilities have existed. Whenever you hear that crazy relative of yours telling people not to upgrade their OS, remind them of these vulnerabilities.

What Spectre and Meltdown Mean For WebKit | WebKit — More technical insight into how this all works.

Worst Passwords of 2017: From ‘123456' to ‘starwars' | the Independent  — This also did the rounds, but it bears sharing again. I realise how unlikely it is that anyone reading this would engage in such practices, but we all know somebody who needs a little help with this stuff.

Haven: Keep Watch  — This is interesting. I’d like to think we could see it on Apple devices, but that seems incredibly unlikely. In fact, it’s the first development in some time that has me casting an envious eye at the ugly green robot.

Snowden-Backed App ‘Haven' Turns Your Phone Into a Home Security System | WIRED  — See above

Group Madness

Elon Musk Shows Off the Tesla Roadster He's Prepping for Space  — I’m a space fan, but sorry this is fucking stupid. If you look closely you will notice a disturbing ideology that says we need to send junk to Mars, because we have too much junk down here. If we want to become a multi-planetary civilisation, it can’t be so we don’t have to sort our shit out on this planet.
To be clear, I want to see people on Mars, I was once a single digit child who wanted a laser sword. But I don’t want us to go there just so we have two planets to fuck up.

Oh, and by the way, Musk wants to Nuke the joint too, I guess he really is serious about getting it ready for humans. The funniest response to this I have seen was this: “Shouldn't we try to blow up the moon first?”

First Digital Pill Approved to Worries About Biomedical ‘Big Brother' | New York Times  — It says a lot about this historical moment that such a monumental breakthrough should be legitimately accompanied with this kind of suspicion.

The Attention Economy is the Addiction Economy | Medium — That more people involved in tech are starting to wake up to this isn encouraging. If it’s a bit much to suggest articles like this never go far enough, we have to start the conversation one ay or another.

Clean Energy Is a Bright Spot Amid a Dark Tech Cloud | WIRED – An actual example of Blockchain being applied to something other than destructive speculation.

Now Look Here

Panic Blog | the Future of Transmit iOS  — This has been about the wires the past week or so. In case you missed it, Panic will stop updating Transmit for iOS. The app will keep working for sometime, but it won’t be getting any further love unless something changes. This is a shame, but it’s sad to say that by the sounds of things, it won’t affect many people. One imagines — at least one hopes — that the iOS Files app will gradually develop to takeover the crucial functionality that pro users might miss. On top of which apps like Workflow and Pythonista can step in.

Remote Control a Mac From an iPhone via Workflow | Six Colors  — This is probably the year we will learn the fate of Workflow. Here’s hoping this kind of inventiveness adds to the case for its continued development and success, in whatever form that may be.

Marxico | Markdown Editor for Evernote — Having written up a guide for how to leave the green elephant behind, I thought I might engage some irony. This is pretty neat actually, if you’re an Evernote user who wants to use Markdown this is an option. As a bonus, sometime ago I write up intersections for turning web apps into native apps. 2

And Now For Something Completely Different

The Last Jedi Trailer Song in GarageBand iOS | YouTube — I’ve been threatening to write about iOS music apps for some time. The things you can now do on the iPad, even with GarageBand, are incredible.

How BeatMaker Caught the iOS Music Trend Before It Even Started | CDM Create Digital Music  — BeatMaker 3 is one of my favourite iOS apps full stop, let a one music apps. Whether you’re into music making on iOS or interested in development, this is an interesting insight into the history of development on the platform

New App Descript Lets You Edit Audio Like a Word Document – Gearnews.com  – If anyone can explain to me how this works?

The Smallest PaaS Implementation You've Ever Seen | Dokku  — This is awesome

Star Wars Episode IV.1.d: The Pentesters Strike Back | CyberPoint International on Vimeo  — Something that brings together two very specific geek spheres. You know who you are.


  1. And all the other amateur mistakes in between. 
  2. So to speak, if you was to split hairs they’re not actually native.