Data ethics

https://www.nytimes.com/2018/03/22/opinion/democracy-survive-data.html

This is like lashing a rope around the cracking foundation of a building. What we need is for an ethics of data to be engineered right into the information skyscrapers being built today. We need data ethics by design. Any good building must comply with a complex array of codes, standards and detailed studies of patterns of use by its eventual inhabitants. But technical systems are today being built with a minimal concern for compliance and a total disregard for the downstream consequences of decades of identifiable data being collected on the babies being born into the most complicated information ecology that has ever existed.

~ Colin Koopman

Presented without commentary.

Don’t give away details about yourself

https://krebsonsecurity.com/2018/04/dont-give-away-historic-details-about-yourself/

I hope readers don’t interpret this story as KrebsOnSecurity endorsing secret questions as a valid form of authentication. In fact, I have railed against this practice for years, precisely because the answers often are so easily found using online services and social media profiles. But if you must patronize a company or service that forces you to select secret questions, I think it’s a really good idea not to answer them truthfully. Just make sure you have a method for remembering your phony answer, in case you forget the lie somewhere down the road.

~ Brian Krebs

“Two Factor” authentication (2FA) is best. “Two Factor” means two DIFFERENT methods of interacting with you — so a web site login, which requires also sending you a code via a message to your phone is “Two Factor”.

…and 2FA via your phone is a TERRIBLE idea, because you can easily lose it or have it stolen. There are better methods of 2FA, but I won’t bore you here.

So asking you “security questions” does not in fact increase security. But you’re stuck with it because you have no power of the entities you have to interact with. So what to do?

Treat those questions just like passwords — MAKE THEM UP!

However you are storing your passwords — that’s an entire other discussion — just ALSO record the questions they asked, and the REAL-SOUNDING BUT TOTALLY FAKE ANSWERS.

I repeat…

MAKE UP FAKE ANSWERS AND STORE THEM WITH YOUR PASSWORDS.

You might be AMAZED to discover my mother happens to have 42 different maiden names.

You might be AMAZED to discover how many different cars I learned to drive stick on.

…or the 42 different names for my first dog.

…you see where this is going?

Normally, I try to keep these ramblings succinct, but here’s a fun story…

Many moon ago, Tracy and I had a Blockbuster account. We were in the store, in the check out line, and the cashier says to me, “Oh, can I have your phone number?” We had been customers so long, it was before Blockbuster figured out people just keep the DVDs, and so they wanted to be able to start calling people. Someone expanded their customer database fields, added a new data field to the checkout screen and then trained or prompted the poor cashiers to gather this data. (This is called “compliance” in the industry — getting the people at the point of sale terminals to comply with the database marketing strategies of the home office.)

Anyway. Here’s this nice high school girl just doing her summer job, and of course, I can simply say “No.” But then they’re probably going to ding her “compliance” score with corporate. (In some cases, your pay, bonus and even employment are tied to compliance scores.)

So without missing a beat, I help both her (compliance) and I (privacy) and I give her my phone number with two digits flipped. I just immediately smiled and said 6 – 1 – 0 – 8 – 6 – 7 – 5 – 0 – 3 – 9 (shoulda been 5309 — you know I’m making numbers up right :)

…and Tracy says, “wait, that’s not our number,” thinking she’s being helpful.

“Exactly,” I say with a smile.

The cashier realizes I had just plainly lied to her. (Technically, I was trying to lie to her corporate overlords.)

…and I said, “oh sorry, 6 – 1 – 0 – 8 – 6 – 7 – 0 – 5 – 3 – 9”. (Same crap, just with two other numbers flipped. I always loved those ‘remember this string of numbers games’.)

“Is that really your number?”

“oh! Sorry, 6108675123… wait, no, 610876432178 … hmmm, you don’t seem to like these digits I’m saying… how about 6105551212?”

Now she’s like, “You’re weird.” (Unrelated ad hominem attack, but alas, true. But probably explains why girls IN high school never asked for my number.)

“…and Blockbuster still doesn’t have my phone number.”

At which point, she [I presume] took the compliance ding and didn’t enter any numbers.

To this day, (we have the same phone number,) Blockbuster — and whomever eventually bought their customer data because that’s the only thing they had in the end worth money — does not have my home phone number.

So there’s a little glimpse into Craig’s head.

Maybe you just realized why 2FA with your phone is really REALLY bad? You’re also giving away your phone number.

Wait, you read this far? Great, here’s how you REALLY do 2FA properly:

https://en.wikipedia.org/wiki/Google_Authenticator

A fight for survival! An RSS revival!

https://www.macstories.net/linked/the-rss-revival/

While millions of people may be happy getting their news from Facebook or an aggregator like Apple News (which I also use, occasionally, for more mainstream headlines), the resiliency of RSS makes me happy. There was a time when I thought all my news could come from social feeds and timelines; today, I’m more comfortable knowing that I – not a questionable and morally corrupt algorithm – fully control hundreds of sources I read each day.

~ Federico Viticci

Hear! Hear!

Ok, but how do you use this? The SUPER easy way is to go to http://feedbin.com . There you can tell it what sites you want to follow, and FeedBin will “consume” the RSS feeds. It dove-tails them together into a linear stream of short snippettes and excerpts. You skim along only seeing things from sites you wanted to follow. Some site annoys you? …just remove that feed.

See something you like? …click through and you’re taking to the original item on the actual site. THIS is why all sites provide RSS feeds — if a site doesn’t, it’s not a real web site. Huge sites (like BBC) provide various feeds you can choose from… just international news for example.

…and yes, this blog has an RSS feed. In fact, all WordPress sites have an RSS feed AUTOMATICALLY. So that’s like a third of the internet right there.

Take a few hours to figure this out — you can thank me later.

¿ What happens if FeedBin goes away ? Same thing as when the RSS aggregator before it went away, a replacement appeared. Also, you can install a dedicated program on your own computer than can follow and present the feeds — us real geeks, we use an RSS aggregator combined with dedicated reader apps, but now I’m just showing off.

The filter bubble

https://www.brainpickings.org/2011/05/12/the-filter-bubble/

Well, personalization is sort of privacy turned inside out: it’s not the problem of controlling what the world knows about you, it’s the problem of what you get to see of the world.

~ Eli Pariser

There are thousands — that’s not a typo — of companies which trade (buy, sell) data about users. We’ve reached a point where it is no longer possible to hide. You might also be interested in reading this:

https://www.schneier.com/blog/archives/2018/03/facebook_and_ca.html

I struggle with distractions

To say that I “struggle” with distractions is a HUGE understatement.

Some time ago, I saw the following idea — sorry, I forget where — and I wanted to share it. (I’ve no idea if/how you would do this on non-Apple-IOS devices, sorry.) Ready?

Move EVERYTHING off of the home screen.

This is not the lock screen on my phone — THIS IS THE HOME SCREEN. When I unlock the phone, this is what I see. Nothing. The frequent-apps/dock is empty, and all the apps are ‘rightward’ in other screens. And they’re just in a jumbled mess because I never swipe off this screen.

Instead, I swipe down and type in the search field.

Perhaps you’re thinking, “so what?”

It changes your life. I spent weeks (after making this change) waking up my phone, staring at this screen and thinking, “wait, why did I wake up my phone?” Now I think, “what’s the weather going to be?” wake the phone, swipe down, type ‘w-e’ touch weather app. Etc. Wake the phone, do exatcly what I want, close phone.

Yes, this does still require a small bit of discipline to not double-tap Home and swipe through the running apps, but I never was a big user of that anyway.

If you’re paying close attention, you’ll note my phone is in “do not disturb” mode at 1:30 in the afternoon. That’s another pro-tip. Add EVERYONE you’d ever want a call from to your VIP list. Disable the “ring through” feature (where multiple calls from the same number can push through do not disturb). Then schedule DND from 11:01 to 11:00 daily. <<= …read the ordering of those times carefully.

(…and sorry, no, that is not the one-secret-minute when you could actually call me.)

Any time I’m expecting a call from someone random — car’s in the shop, plumber is expected around 9am — I just turn off ‘do not disturb’. As a bonus, I immediately realize how many junk calls I used to get. I don’t have a problem remembering to turn it back on, and I get a fresh reminder of how delightful it is to have the phone screen my calls.

These days?

My phone now NEVER rings.

Except when it does! …and I discover that it is now always someone I would like to talk to.

One.
Tiny.
Success.
At.
A.
Time.

The King complex

https://www.artofmanliness.com/2018/01/12/king-complex-makes-internet-hard-put/

That’s the reason it’s difficult for many individuals to leave the internet — even for as little as a few hours in the evening, over a weekend, or on vacation. In short, the internet makes us feel like kings. It is the ultimate concierge.

~ Blake Snow

I’ve read a lot about how parts of the Internet are designed to hold your attention, how social media services are designed to beaddicting, and how using “game” theories can get everyone to want to interact more, and how all of that leads to a slippery slope. But this idea — thinking of how the Internet _caters_ to your every whim, and why you then drool all over it to get more of that — this is a new twist I’d not seen before.

Ittoqqortoormiit is not a typo

How does one advance the timezone in one-hour steps on a trans-atlantic cruise?

Yes, this is definitely a “first world problem”, but this took me way WAY too long to figure out. If just one person ever finds this helpful…

Scenario: You want to advance your clock (in my case, an iPad and an iPhone) one hour every day. This happens on a cruise when they want to bump the ship’s time forward several nights in a row. You could, of course, do this in the reverse order when you cruise back home westward. /eyeroll

So you go to the “Date & Time” settings and you quickly realize that you should not just change the time by an hour… that messes everything up. You don’t actually want it to be an hour further in the future, you just want your phone to know the LOCAL display of the time needs to shift. If you change the actual time, all your texts and everything else (think image timestamps) will do a screwy timewarp because your device is still set to some east coast timezone. When you reach land, and touch a cell carrier, and your phone auto-sets the time, and… well, I dunno what would happen.

Next you realize that Apple won’t let you TELL it the time zone. Yo, phone, I’m now in, “GMT -3”, nope, no can do. You cannot select a timezone by name of timezone.

Now you realize you need to know the NAMES of places in timezones you never imagined existed. In fact, timezones which lie in the middle of the Atlantic and which have just one teeny tiny town in the entire WORLD that uses that timezone. You are now searching on timeAndDate.com instead of enjoying your vacation.

Tada! You now need the information below: So, flip off the “auto-adjust” timezone setting and search for these city names and you’re done. (You can use any start/end city that you want.)

Timezone geekery: The junk after each ‘City, Country’ combination is the number of hours forward from the East coast, and the GMT offset for Standard/Daylight-savings time-of-the-year.

New York, NY (+0, GMT -5/GMT -4)
Hamilton, Bermuda (+1, GMT -4/GMT -3)
Nuuk, Greenland (+2, GMT -3/GMT -2)
Praia, Cape Verde (+3, GMT -2/GMT -1)
Ittoqqortoormiit, Greenland (+4,  GMT -1/GMT +0)
Algiers, Algeria (+5, GMT +0/GMT +1)
Barcelona, Spain (+6, GMT +1/GMT +2)

Conspiracy theories on facebook

Do you believe that the contrails left by high-flying aircraft contain sildenafil citratum, the active ingredient in Viagra? Or that light bulbs made from uranium and plutonium are more energy-efficient and environmentally friendly? Or that lemons have anti-hypnotic benefits?

If you do, then you are probably a regular consumer of conspiracy theories, particularly those that appear on the Italian language version of Facebook (where all these were sourced). It is easy to dismiss conspiracy theories as background noise with little if any consequences in the real world.

~ Alessandro Bessi et al, from Science Vs Conspiracy: Collective Narratives In The Age Of (Mis)Information

It remembers for keeps

Anyone who works with computers learns to fear their capacity to forget. Like so many things with computers, memory is strictly binary. There is either perfect recall or total oblivion, with nothing in between. It doesn’t matter how important or trivial the information is. The computer can forget anything in an instant. If it remembers, it remembers for keeps.

~ Maciej Cegłowski, from his talk at Beyond Tellerrand