Thursday, 23 May 2013

Evolution of the Personal Organizer

Malden Open

At 4th grade I found myself overwhelmed. I knew too many other kids, specifically kids in my class, to be able to memorize everyone’s phone numbers. The solution was to create my very first contact list in a tiny personal phone/address book I “borrowed” from my father. That point in time also marked another important event: since that very first personal implementation of the documentation of personal information, I started thinking of problems with the way I do it and ways of improving it. The bug hasn’t subsided since; quite the opposite. You know me, I cannot be satisfied with anything: as time goes along I have more and more data to document, and even stricter demands as to how this data is to be documented.
The next step up from the written page came to this early adapter during the nineties through the then magical electronic personal organizers. These gadgets were revolutionary to a degree: they allowed their users to type their information in through a tiny keyboard, thus enabling features such as sorting, error correction and text searches. However, the key problem with these gizmos was that you couldn’t get your data out: Lost the device? Or better yet, battery dead? My condolences.
Come the late nineties a new generation of these personal organizers came about in the shape of the Palm Pilot. That new gadget had the additional ability to talk to an application on your PC and synchronize its data between the two. In addition to Palm’s own application, synchronization was possible with Microsoft’s Outlook. Thus the backup problem was solved, as long as one remembered to synchronize their gadget. Or was it? What was to happen if your PC broke down or better yet got stolen?
The solution there arrived during the early naughties with the introduction of the first ever smartphones (even though they weren’t called that at the time). In retrospect these Pocket PC (Windows Mobile) gadgets were horrible to use, but it was during their reign that cloud computing first emerged (even if no one called it cloud computing at the time): this Goodie Two-Shoes of a search engine company that just revolutionized the world of Internet mail through its introduction of Gmail, a company called Google, now offered Pocket PC users to sync their contacts with their Google account. Lost your gadget? PC got stolen? No worries, your data is safe with Google. At Google they did no harm back then.
The rest of the story is more widely familiar. Apple came along with its iPhone, turning what used to be a personal organizer booklet into what everyone knows today as the smartphone. Cloud computing also came in big, with companies out there begging users to come and enjoy their free products and store their data with them. They even offer apps that allow the seamless synchronization of your data across gadgets, computers and the cloud. Surely you’ve heard of some of them: there’s Google with what we now know as Drive, Microsoft with its Skydrive, Dropbox and Evernote, to name just some of the more famous players in the field. But how do you choose between them? And what criteria do you apply in order to make an educated choice?
Somewhere along the way a new concern has emerged: security. Some of the cloud services of the time did not use encrypted channels as they transferred my data along (and some still don't do it to this day). Given the sensitivity of some of the data I was bringing with me, I started limiting the storage of that data to services such as Evernote where all communications is always encrypted.
Gradually I realized my bigger concern is privacy. I want my data to remain mine and only mine; I don’t want it intercepted on the way, I don’t want anyone to be able to hack their way into my cloud accounts, I don’t want my data sold to anyone, I don’t want targeted ads shot at me based on my personal data, and I also don’t want my data handed over at the whim of some crazy government out there (without naming names I will say “Patriot Act”). So, what can I do? These new needs of mine made the playing field that much more complicated: there is a reason why all these companies wanted me to store my data with them, and that reason is usually because of them making money out of my data. That is certainly the case with Google, for example (not to mention Facebook). The better companies, as far as I was concerned, were those who made their money out of tempting me to invest in better facilities than the free account they lured me in with. Say, companies like Dropbox or Evernote.
But how does one distinguish between these? The way I see it there are two ways for the user to make an educated choice here. The first is to rely on public record: what do the records tell us about specific cloud companies? You will find, for example, that almost all of them have been hacked to one extent or another. The level of extent is important, because it makes a difference whether the hacker hit a wall of encryption or whether they were able to steal data Sony style. You will also see that companies such as Dropbox, which took pride in having nothing to do with the data users uploaded with them, have been found to actually have a thing or two to do there. I will let you judge on the extent and on whether it matters; the point is the need to be informed.
The second tool at our disposal is the privacy policy. Usually this is a long and tedious document, but if you do read it carefully you will be able to get a glimpse of what happens with your data once you give it away to a cloud provider. Evernote recently updated theirs and I took the bother of reading the policy: it is quite good, but it still allows Evernote to access your data under certain conditions, albeit relatively extreme. The point, though, is that while data is encrypted between you and Evernote, it is not encrypted inside Evernote. Employees of theirs can see your stuff.
On the face of it that is not all bad. The same level of security applies to our bank accounts; while there are a few things more sensitive than our bank account we tend to be generally happy with that. Then again, who knows where the data is stored? It could be anywhere – that is what cloud computing is all about. And who knows what a rogue employee at a cloud computing company somewhere in a country I do not know can do with my data?
Luckily there are options to address that worry, too. Kim Dotcom’s new Mega service promises to encrypt everything you store with them at the source (you) to such a level Mega has no idea what it’s storing. I heard doubts about that claim, though; more importantly, there are no smartphone facilities for Mega yet while I have found its website rather annoying. Then there is SpiderOak, who offer a service very similar to Dropbox’ yet more sophisticated: they, too, claim to have no idea what they are storing for you as everything is encrypted all the way from your PC. They are not perfect either, with comparably poor smartphone apps, but I have found their facilities otherwise good (their support in particular).
Ultimately, it seems the solution to my problem has been in my hands all along. Using the open source TrueCrypt encryption application (Windows, Mac & Linux) allows the creation of encrypted file containers. In them one can put whatever data one wants, and as long as one chooses a decent password one is secure to a level that even the NSA should find hard to crack. Stick one of those TrueCrypt containers on Dropbox, install an app that allows your smartphone to decrypt TrueCrypt’s encryption on your smartphone (like Disk Decipher for the iPhone), and you are good to go. Cloud storage and full synchronization of your data without anyone knowing what’s in there.
My only problem with that last option? Smartphone access is limited to read only (as in, writing my updates back is only possible if I let go of the TrueCrypt encryption). It is also important to note this solution is much more hassle unfree than, say, simply using Dropbox or Evernote without TrueCrypt’s help. I suspect ways to improve the situation would be found, eventually.
I also suspect it won’t take long till I have further demands that would make the latest personal organization solution I have implemented defunct, too. As with everything, the most important thing is for you to be aware of the ins and outs and make the best educated decisions that applies to your case.


Image by Kerry Lannert, Creative Commons license

1 comment:

kancelarijske stolice said...

Great article, thanks for sharing!