Friday, 29 May 2015

Death to Gmail

gmail cookies

Although this blog is [currently] hosted on Google facilities, I very openly advocate the need to be fearful and keep one’s distance from this overreaching giant. One such recent separation move from the company I once highly regarded, back in its days of doing no evil, has been the retirement of my Gmail email address. However, one can only run away from Gmail that far: a third to a half of all the emails I am sending, or receiving, go or come from Gmail addresses*.
Information I have stumbled upon this week put the need to disassociate myself from all manner of Gmail incarnations to a state of emergency mode. As you can read here, new documents revealed by Google in court reveal the detailed and massive level of scrutiny we are all under when we pass under Google’s radar. Which is, in effect, and as per my Firewall’s inputs, is almost all the time. That first article links to this article, discussing – in detail – the thorough way in which Google reads Gmails and analyses them. This is genuinely scary stuff.
Yes, I can still imagine there will be a whole lot of people arguing I am fussing over nothing, and who cares if Google knows so much about them. They’re right; that truly explains why Google bothers to collect so much information in the first place and only release some details on its operations when forced to by the courts. It is clear Google would never abuse the information it has, especially not in order to gain financial profits. It is also clear no one would ever be able to put their claws on the information Google is storing in order to abuse it as per their own special whim. Indeed, we can all trust Google when it acts as the self appointed  guardian of the detailed encyclopaedia on everything there is to know about us.
Cynicism aside, the matter at hand is quite serious. I have mentioned before there are plenty of health providers out there that rely on Gmail addresses for their core communications. Then there are the billions of Android users who have to use Gmail on their smartphones**. It’s an epidemic!

Image by Anne Petersen, Creative Commons (CC BY-NC-ND 2.0) licence

*It is interesting to note that today we have received news of a class action against Yahoo receiving the green light to go ahead. Yahoo is blamed for scanning the emails of people who did not accept its terms & conditions - people who sent emails to Yahoo addresses, as opposed to people sending emails from Yahoo addresses. No doubt Google will take an active part in Yahoo's defence with this one.

**Google has announced today a new mechanism that would allow it to scan all user app interactions in Android when the home button is pressed. Just in case it wasn't invasive enough.

Thursday, 28 May 2015

On the Woes of In App Purchases

App Store

One of the things I hate the most about today’s software scene is the “free with in app purchasing” business model. To be more specific, since there are several ways for implementing in app purchasing, I detest the apps that lure you in with their free price only for you to find out there is no proper way to use them without spending money. Generally speaking, I’d much rather open my wallet upfront, spend the money, and use my new app at will.
Since most apps nowadays offer in app purchasing, and since some do so in a meaningful way, I do commit the occasional in app purchase sin. To give you a couple of examples, I did spend extra in order to acquire extra levels in Monument Valley and I did spend a few dollars getting rid of the ads in CARROT Hunger (mostly because I thought the developers deserve some of my cash).
Having done so, I could not avoid noting the peculiar. My son was able to access these in app purchases on “his” iOS device, which runs under his account and benefits from iOS’ Family Sharing with mine; whereas my wife, who runs her own account but also benefits from iOS’ Family Sharing with mine was unable to do so. At first I thought it was a bug with CARROT and turned to their support (who, by the way, proved willing to go out of their way to help me), but when I noticed the problem is not limited to CARROT I cut to the chase and raised a support call with Apple directly.
This led to an interesting evening on the phone with Apple. The various guys I spoke with, as the case escalated up the echelons of Apple Support, were all trying to be helpful (even if some did not know what Monument Valley, a game Apple had boasted aplenty about, was). Eventually, after an hour and a half, I reached a supervisor who told me, simply, that “in app purchases are not supported by Family Sharing”.
I do not know whether he was trying to get rid of me or whether that explanation was genuine. I challenged him: I asked why it works for my son, and he admitted he doesn’t know and that one way or another, Apple has a bug on its hands; I asked what the point of Family Sharing is, since it is clear I am not about to spend more money on Monument Valley but rather login to my account on my wife’s device so that she can play the game. Is that what Apple really wants me to do? Again, he got rid of me politely.

My takes are simple:
  1. As discussed before, Apple’s Family Sharing is half cooked and not particularly well implemented.
  2. In case you did not figure it out already, in app purchases are best avoided.

Image by Cristiano Betta, Creative Commons (CC BY 2.0) licence

Tuesday, 26 May 2015

Insult to Injury

One cool crash test dummy

The other week I received news that one of my parents’ best friends is in a comma, at a hospital in Israel, following a traffic accident. That accident took place while he was on his way to the synagogue, but I will let the tragic outcome overshadow the irony of the situation. By the sound of the descriptions reaching my ears, the friend was not wearing his seatbelt (although his family denies such accusations); again, other than being a lesson for the rest of us, this does not matter much now. The point is that the life of this man of advanced age is, at least as he used to know it, over. He’s either going to die or live the rest of his life severely disabled.
At one stage or another we all hit that point in our lives. One can only hope it won’t be as sudden and it won’t be too painful, but who am I kidding: that is rarely the case.

I actually had an affair, so to speak, with that guy in the comma.
Some two decades back, us – family and friends – gathered for the memorial of a recently deceased relative of mine. Being me, I refused to take part in the religious rites that my otherwise secular family persisted with. Hardly anyone cared – as they should – with the exception of this “friend”.
He confronted me and told me off by asking whether I’m a Jew or not. I told him, politely, that I am not; to which he completely lost it and swung a punch in the trajectory of my face.
Now, I am not the most physical of people (and that’s a severe understatement). But I had the size and the age advantage, and I easily dodged the swing – which would have clearly hurt me a lot, had it landed. The guy was preparing for a second round; I was preparing for a counterattack which, in all likelihood, would have settled things pretty quickly. I did not want to do it, but in the interest of self-defence and given the need to react quickly it was pretty much unavoidable.
Luckily for the two of us, the guy was restrained from behind by a woman that happened to be there. No one else bothered to intervene or say anything, despite dozens of eyes witnessing the event. I stepped outside and that was pretty much it.
The rest of that evening went along as if nothing had happened.

I, however, do not consider matters closed.
The whole incident happened right before the eyes of my parents. And although they referred to the guy as “silly” in later conversation, they still kept this person that was so eager to punch me in the name of his religion of birth as a best friend of theirs.
Now that he is in hospital I wish him the best recovery possible. Whatever happened between us is not punishable by death or severe injury. However, I will never forgive my parents. All in all it was just another brick in the wall that, eventually, saw me leave for Australia.

Monday, 25 May 2015

The Fitness Bracelet, or: Why I Love My iPhone

Not exactly satisfied with a Pebble watch’s fulfilment of her fitness tracking needs, my wife decided to try for a fitness bracelet instead. Since we were on experimentation mode and did not want to spend tons of money, and since we weren’t really blown away with excitement over the Jawbone/Up and Misfit environments as revealed to us through the Pebble, we opted for the Xiaomi option.
You may not have heard of Xiaomi before, but it is one of the world’s largest manufacturers of smartphones. Third largest, according to what I read online, behind companies you might have heard of called Samsung and Apple. The catch with Xiaomi, and the reason it’s relatively anonymous, is that it is focused on selling at its homeland of China. Regardless, my experience with Xiaomi thus far has been very positive: its products, whether power packs or headphones, are cheap but offer high quality. Xiaomi designs are very Apple like (and I’m sure Apple’s lawyers are just waiting for Xiaomi to step out of China before they start their legal attack), and its value for money eclipses everyone else by orders of magnitude.
So we went for the Xiaomi Mi fitness bracelet, available in Australia for $30 (but also easily available for less, even half, if one is patient in one’s bargain hunting). Together with an Android or iOS app, the Mi offers basic step counting (but not other sports), sleep tracking and alert facilities (the bracelet shakes when the smartphone rings or when you set it up as an alarm clock). The bracelet battery requires a special cable but lasts a month between charges, while the bracelet itself is waterproof. If you’re into these things, you can personalise yours with colourful covers. In other words, the functionality offered by the Mi blows away most of the competition regardless of price; what you’re missing out on is heartbeat tracking (only available in the most recent / most expensive bracelets, and often unreliably so) as well as the whole fitness ecosystem, the likes of Jawbone offer, where you can do things like maintain your dietary calendar at the same time or receive health advice as per your gathered inputs.

As I have already discussed in previous posts, and as should be glaringly obvious through reading the previous paragraph, privacy is a big deal with fitness trackers. So we did what we should do and read the privacy policy that comes with the Xiaomi iPhone app (because there’s nothing in the bracelet itself). What we’ve found was very similar to the usual No Privacy policy we got conditioned to accept from your local neighbourhood American company, but with two noteworthy points.
First, Xiaomi’s terms & conditions dictate that one should not use Xiaomi’s facilities to insult the Democratic Republic of China. Clearly, there’s a redundant word in that sentence; think how dreary life would be if such privileges were to be removed from the likes of Twitter.
Second, Xiaomi’s privacy policies included the following. And I quote:
You hereby consent that Mi Talk may analyze your phone contacts to search for your friends who also use Mi Talk. Mi Talk codes your telephone number through highly intensive and irreversible encryption algorithm and retrieve your contacts in this way to match you with existing phone book contacts on Mi Talk. Other users also can find you through Mi Talk if you are on their phone book list.
As well as:
The “Intelligent Phone Number Recognition” Service, where the “Intelligent Phone Number Recognition” Service refers to the service that recognize phone numbers that come from incoming and outgoing calls or text messages. Xiaomi will upload such number to its server, therefore identify the “Marked Information” of such number. Your data and information in this Service will be strictly protected, and we make sure you cannot be identified result from uploading such information. 
To which I would like to note that most of this crap has obviously been taken, word for word, from the Android app. This is because:
  1. Unlike Android, iOS apps cannot have access to call records.
  2. Unlike Android, iOS apps require the user’s explicit approval in order to be able to access the contacts stored on the phone prior to the app's first attempt to access the contacts (as opposed to during the app's installation). Such privileges can be easily revoked later, too.
I know the above can be achieved on Android as well if one bothers to take the right measures. But for me, as a privacy conscientious end user, that difference speaks volumes. Ultimately, it is the reason why I am willing to fork out hundreds of dollars more in order to get myself an iPhone.

Image copyrights: Xiaomi

Saturday, 23 May 2015

Olympus vs. Sony: The Photo System Dilemma

RX1 & OMD - Streetwalkers

The weird shattering of my camera purchasing aspirations has brought me back to the drawing board. That is, it makes me think: what camera system should I be getting into?
I’m way past SLRs. With all due respect to their potential for superior quality, their quality to bulk ratio is incredibly poor. On the other side of the spectrum, I’m looking for something that’s more than a pocket camera, thank you very much. This leaves me with two popular options (I designate the ones from, say, Fuji or Samsung, as unpopular):

  1. The Four Thirds system, as represented by the Olympus OMD E-M1 camera; and
  2. The Sony E-mount system, as represented by the Sony Alpha A6000.
The Olympus offerings seem to be designed for the photographer, with plenty of dials and such that make taking the photo one wants to take a delight. Equipment is generally available for less money, too. On the other hand, I’m not much of a fan of the 4:3 aspect ratio and the sensor is rather oldish.
The Sony is more of a gadget than a camera. Sure, it lacks a touchscreen, but its APS-C is newer, bigger and mucho flashier than the Olympus’.
I’m inclined towards either the Sony or waiting out a year to see where the wind blows as far as new models are concerned. I suspect replacement models for both of the above mentioned models will be out: Olympus already released its Mark 2 version, with some nifty features like being able to take 60MP photos (which sounds great but lacks practicality for me, given I rarely carry a tripod). And surely Sony would not want to wait too long in between models, especially as it releases a new Mark for its successful RX100 every year?

Your opinions would be greatly appreciated.

Image by Zhao !, Creative Commons (CC BY-ND 2.0) licence

Friday, 22 May 2015

The Netflix Tax

Netflix mailer packaging: October 2013

I seem to have stumbled upon a trend: I try to access the Internet at night, but it’s just not there.
Some websites, including major ones, seem simply out of reach; others are so slow to load that it’s just not worth it. [Excuse the technical jargon, but it appears as if I am unable to reach my DNS server.] The situation seems at its worst on Sunday nights.
What gives?

I’ll give you my hypothesis: it starts with net and ends with flix. Or, in other words, the recent official release of Netflix in Australia has broken all dams, and now Australians are streaming videos at large. As they should, and as they should have been able to for years if it wasn’t for the copyright monopoly bastards’ greed keeping us back in the Stone Age.
However, now that the genie has been uncorked, the lack of infrastructure is made rather too glaringly obvious. Years, if not decades, of poor investment in core technologies, have been exposed within the lengths of a month or two.

The good thing is, the Liberals’ latest budget has pretty much left the NBN in ashes with all hope of infrastructure improvements decimated. So we know that we’re going to be stuck in the dark ages with unusable Internet for years to come. Because that is the vision that the politicians we have elected are offering us!
I don’t know about you, but I’d like to see some change.

Image by Bill Rogers, Creative Commons (CC BY-NC-ND 2.0) licence

Wednesday, 20 May 2015

Warning: Pebble & Fitness Trackers

Some six months ago I reviewed my Pebble smartwatch and gave it a very favourable rating. Shortly afterwards my Pebble broke down but was quickly – and impeccably – replaced by a brand new one, posted to me through a very hassle free process by Pebble itself. So far so good.
Today I am here to tell you that I no longer recommend Pebble. In fact, I’d advise you to steer away. The reason is simple: our second Pebble watch, a Pebble Steel model, broke down as well, suffering from the exact same screen fault as well as a problem with its Bluetooth functionality. On the same week my Pebble Steel broke down, a friend’s Pebble Steel broke down with – again – the same screen problem.
As it happens, 3 out of the 4 different model Pebble watches I have daily encounters with, all active for 6 months or less, have broken down. Sure, Pebble has been very helpful honouring its warranties, but a lemon is a lemon and the Pebble is clearly a lemon.

This warning comes at a time in which virtually everyone I know has, by now, begun wearing watches/bracelets with tracking facilities. I regularly ask these people what they do with their gadget, and the universal answer is “I track my walking/running and my sleep”.
None of them seems aware that the data they’re tracking is also at the disposal of their gadget’s provider, usually Garmin or Fitbit. None of them is aware these companies make money off this data. And none of them has even begun to think of what their detailed location and activity patterns data can be used for.
But that is the manifestation of today’s out of sight, out of mind, Big Brother.

The Apple Watch is yet to make an impression on the market, and frankly I don’t expect that to happen until the second to third model. That’s what happened with the iPhone and later with the iPad.
However, with the direction the Apple Watch is heading for, I can actually start to see some benefit that will allow me to be happy with the fact I’m being voluntarily tracked. I’d be more than happy to wear an Apple Watch that looks at my heart rate if, in return, it would direct me to the nearest hospital well in advance of a heart attack it can see coming but I am not feeling yet.
Pebble watches are not that sophisticated. They offer an ecosystem of apps, but in general they are not much more than glorified smartphone notification systems. And their tracking applications can be easily blocked from calling home with my personal data.
Which brings me to say: why isn’t there a fitness/health app out there that prides itself on not divulging my data with anyone but me?

Monday, 18 May 2015

The Unwelcomed iPhone 6S

It is with a sad face that I declare it is virtually certain I will be getting myself a brand new iPhone 6 Plus S (or would it be the iPhone 6S Plus?) when it comes out, probably around September/October.
Sad, because I was hoping to get another year out of my otherwise very fine iPhone 5 (that is, until Apple deliberately butchered it through iOS release 8.2 a few months back). Sad, because the benefits I would gain out of an “S” model are marginal in comparison to the benefits that come with a complete model redesign (note how last year’s 5S looked archeological the second the 6 came out). Sad, because I was hoping my next iPhone – with which I am planning to spend some three years – would enjoy the benefits of a software based home button (saving space) and a USB C connector to replace the current Lightning one (in the name of universality). But I know such changes cannot come on an "S" release.
As sad as it is, such a replacement is investable given that I consider it important to have my smartphone running the latest and greatest. That’s pretty much a must for anyone aware of security concerns; anything else runs on full of publicly known vulnerabilities, which are basically a time bomb waiting for a slimy nosed hacker with a quest for notoriety.
Alas, my iPhone 5 is now dying unexpectedly when the battery reaches 30%. Headphone performance is also suffering, with distorted sound when the battery is on its low half despite me using very mobile phone friendly, easy to drive, headphones (Sennheiser Momentum On Ear, if you have to ask).

Since I mentioned an expected three year lifespan out of my future iPhone 6S Plus, the way my previous iPhones survived, I will add that with the bigger screen size come higher probabilities of screen malfunctions/breakups. So will it last three years?
Check this blog in three years time to find out!

Image by Martin Hajek, Creative Commons (CC BY-NC-ND 2.0) licence

Friday, 15 May 2015

How Not to Lose Weight

“I know you’re exceptionally smart and good looking, but still – how do you do it?”
I get that a lot. Lately, these questions relate to my allegedly exceptionally successful campaign of weight reduction, a campaign that – by the way – is now in the process of getting itself wound down due to it shattering all the goals I could have imagined along the way. I will still answer the question, though.

But before I answer I want to stress something out: I never did embark on a campaign of weight reduction. What I did do, starting mid January, was start playing with a funny calorie counting app I got for my phone after reading a funny article about it. That’s all I intended to do; there was never a New Year’s resolution or anything like that. So much for being perceived as a person of supreme will power or long term vision; I’m just a person with tons of affection for gadgets.
That said, when I started playing with the CARROT Hunger app, the analytical part of me kicked into action. Yes, there is more to the analytical part of me than movie reviews! That analyst quickly recognised facts evident through the food consumption data I have been collecting via CARROT: it became clear my default eating habits are slowly, but very surely, making me gain weight. Something had to change if I wanted to stop this trend.
If you are looking for the two word answer to the above question of how I did it, then it would be “portion sizes”. However, if you are a mature person you would know life is more complicated than two words and the devil is in the details. So here are my insights into the details that make the reduction in portion sizes such a big deal.

First, there is the fact that, as calorie counter applications go, CARROT is not a particularly good one. I mean, it’s got the sarcasm and attitude, which is funny and all, but it’s got a shit all database of built in [Australian] food items. This meant that when I wanted to feed something I ate into CARROT, I had to look at the packaging to see what to enter; I had to weigh or estimate how much I ate; and I had to look over the Internet to try and assess the qualities of the food that did not come packed up and labelled. Doing this meant my awareness of what goes in through my pie hole, as CARROT calls it. In turn, this made me start to question thing I’ve been taking for granted. To put it in terms I can easily relate to, it made me erect a firewall around my mouth.
The second factor is to do with what it is that one tends to cut when one realises one needs to cut portion sizes. I didn’t go about cutting the portions uniformly; it’s the fillers that bore most of the grunt. It’s the chips that come on the side of the shawarma, the pita that comes with the hummus, the sides that come with the main that bear most of this burden. When you stop to consider the nature of these items that tend to bear most of the load of the portion cutting, one word dominates affairs: carbs.
Now comes the third factor, which is perhaps the nicest one. It is the analysis and the learning that pushed me into submission [to cut portion sizes]; what made me able to persevere is the fact my stomach quickly got used to the idea and felt perfectly happy with the reduced portions. In other words, I no longer feel the need to eat as much as I used to. Indeed, I feel better eating less, thank you very much. I cannot stress how important this is, because it means the process of taking control over my diet (and by proxy, my weight) is no longer a struggle but rather one of perpetual motion.
Which brings me to add an important fact: Exercise. Or rather, the lack of it. I do not know if my successful affairs would, or could, have been as successful as they were if I was to add exercise to the equation. I severely doubt it, for the simple fact that exercise creates unquantifiable hunger that is hard to control; no longer would I have been able to enjoy the smaller portions I got used to. In other words, exercise would add significant and hard to control chaos into my comfortable little world. My point is simple: given that my success depends on the relative lack of exercise, I cannot claim my approach to controlling my diet and/or losing weight is a healthy one!

So there you go. This is how I do it. Perhaps you’d be able to gain something out of my experience, and perhaps – probably – not.
Personally, I’m curious about the why question, especially given this quest of mine was rather unintentional. I can point to three reasons to explain my perseverance thus far: First and foremost, inertia. By the time I realised something was going on it was already going on. Second is the feeling and realisation I’m doing better, supported by things like clothes being more comfortable, belts going up a notch, and the very complimenting process of acquiring new clothes that fit my current size (as well as witnessing how baggy some of my “old” clothes are); I will not deny this feeling is heavily mixed with the fear of regressing back to where I was before.
The third reason is one of those that explain a lot about yours truly lately: my father. When my father died, more than a year ago, the dominating notion was that he had a few more good years left in him that he missed out on. When I track the reason for his perceived premature death, the common theme that keeps coming up is overweight. While, as an adult, I never belonged to a category most people would label fat, I do see the point in reducing mechanical stress off my body – my non exercising body – as a measure with which to reduce the probability of inheriting a similar ending to my father’s.
There you have it: inertia, fear, and the need to prevent history from repeating. There’s a whole world of psychological analysis in there.

Image by Daniel Oines, Creative Commons (CC BY 2.0) licence

Monday, 11 May 2015

Little Big Snitch

What do the following applications have in common: Evernote, Chrome and Spotify?
A lot, obviously. They’re all fine desktop applications available in many environments (Windows, Mac, and even Linux for Chrome).
Oh, and they all call home to Google. Evernote pings Google Analytics upon starting, probably to collect usage statistics; Chrome calls home before any browsing commences, pretty much destroying all chances of browsing being genuinely anonymous; and Spotify seems to rely on Google’s services to run in the first place.
The above three are just one blatant example for the way Google has managed to weave itself into the very fabric of our Internet. It’s not only there as the most dominant search engine by far; neither is it there solely in the role of the provider of the world’s most dominant mobile operating system. It’s in pretty much everything we do online, period. Just in case we needed further proof concerning Google being the biggest danger to Internet users.
In case you’re wondering how I know all of the above, the answer is: Little Snitch.

Little Snitch is one of the more admired Mac applications around. It’s a firewall, like many others before it, but to the best of my knowledge it is a fairly unique one: whereas most firewalls provide controls at the application level, as in – they let you control which applications can access or be accessed from the Internet, Little Snitch goes one step further. It lets the user take control over each individual Internet connection initiated by an application.
I will use Firefox as an example. When I start this web browser application, Little Snitch shows me how Firefox contacts Mozilla (its maker), how it contacts Google (to download an up to date list of malicious websites), and how it contacts the makers of most of my browser add ons just to say hello. Sometimes it also checks to see whether new versions of these add ons are available.
If I use Firefox to actually browse around, as opposed to merely starting it up, Little Snitch can show me what each page I’m looking at does. Some are straight forward: Duckduckgo goes to, well, Duckducgo. Some aren’t as simple: If I read an email with the latest Dick Smith sale and I ask to show the remote content included in the email (i.e., images included in the email in addition to its text), I can see that in addition to downloading the images that email pings two other third party trackers.
And so on; the image of the Internet, as revealed by Little Snitch, is quite a horrific one. Almost every app makes some unnecessary calls. The Witopia VPN application calls home to the software company on whose code the application is based. 1Password, the password management application I cannot recommend enough, calls home to its maker AgileBits.
You may argue there is no harm in those calls; I will argue to the contrary. If all this data these companies collect is so irrelevant, why is it that so much data gets collected by so many applications and web pages? Clearly, someone out there thinks there is money to be made of our data. Lots of it, given the extent of what’s going on.
Little Snitch can help you fight this war of attrition. If you are dedicated to the cause, you can devise rules for each application that prevent the ongoing lynching of your privacy. It’s a tough fight to wage, though, and it is also a losing battle: unless we force a change of behaviour at the political level, the likes of Google will always find the next better way to keep their eyes on us. Some times there are workarounds: Chromium, the open source browser on which Chrome is based, does not call home to Google (assuming you replace the Google default with another search engine); other times, though, as per the Spotify case, you'd have to give up on using its services.
There is little doubt that the story I’ve seen on my Mac repeats itself on your PC and your smartphone just the same. It is also clear why the NSA collects so much metadata and governments rush to enact data retention legislation: if the commercial world can do it, why can’t they capitalise on the fact?
Clearly, we need to stop this line of thinking. We need to win our Internet back.

In the mean time, as a tool for seeing the online world for what it is, and for supplying some protection as per the level the user chooses to deploy, Little Snitch is essential.
Highly recommended.

Image copyrights: Objective Development Software GmbH

Wednesday, 6 May 2015

Health Stats

In a recent post I told you about my successful adventures with the CARROT Hunger calorie counting app. Now I come bearing news of evidence that shows the success of that program goes significantly further than weight loss.
Last week I did my more or less regular yearly health checkup. It's nothing fancy, and not even remotely close to deeper examinations along the lines of EKG or sticking pipes up certain bodily cavities. It is, however, a nice way to see whether more thorough tests are needed.
Introductions aside, my current results proved to be my best ever. Not my best given my age, not my best in recent years, but rather my best ever recorded health results. It's all there, in numbers: blood pressure, cholesterol, glucose and more. It goes without saying I am very much impressed, but I do wonder what it is exactly that got me to the point I'm at.
Analysing recent changes to my habits, I can report the following:
  1. No significant changes to exercise habits (by common standards, I'm a bum).
  2. With notable exceptions (see below), I eat the same food I have been eating for years/decades now. I eat meat, I eat cheese, and my newly formed habits do not regard fat as evil.
  3. I do, in general, eat less of everything.
  4. Legumes now comprise more of my diet than they used to in previous years. Or, to put it in plain English, the rise in availability of better quality hummus, wholemeal pitas and good Harif (hot sauce to go with the hummus) means that I eat a lot of it. Hummus, that is.
  5. I do my best to avoid sugars, and fructose in particular. It is not an outright ban (a special corner of my stomach is reserved to your Lindts and to good ice cream), but your ordinary sugary stuff no longer passes through these firewalls, thank you very much. It's important to note that junk food is therefore high on the list of banned food: from bun to whatnot, it's all sparkling with sugar.
Which brings me to say: I do wonder how much of this important improvement in my health stats is to do with the latter point concerning sugar. If I was a betting person (I'm not), I would say a lot.

Image by Alisha Vargas, Creative Commons (CC BY 2.0) licence

Sunday, 3 May 2015

Devising a Policy for Managing Photos in the Online Age

This past week my handling of the photos I maintain online in my Flickr account was challenged. I see no point in discussing the specifics of the complaint, but I will say that in the grand scheme of things I do welcome such challenges. I have been posting photos online for more than a decade now, and during that time the way I approach the matter - things like what photos I post and who is allowed access to my photos - changed. It is challenges such as this week's that help me rethink and thus improve. 
It seems to me as if the development of the way I have been posting photos online mirrors the development of the Internet in general. I started, very naively, with an approach that had all of my photos posted online for everyone to see. Following some incidents that made it clear several photos of mine were attracting attention of the wrong kind, and then the process of becoming a father and seeking to protect my child, I started restricting access to the photos I post online. And then, years later, came Mr Snowden to teach us a lesson or two about what really goes on with the Internet.
There is, therefore, a point in conducting an exercise to elicit all the considerations involved with posting and maintaining photos and then coming up with a strategy with which to devise the optimal approach. At hand is the privacy and security of yours truly, my immediate family, and the rest of the people in my photos to whom I refer as friends or family.
The exercise is thus that of risk management exercise, and its purpose is to find the best place on the continuum of usability and security/privacy for me to be at. We all do this very same exercise when we post photos online or, for that matter, deal with any of our friends information that is at our disposal: think allowing Facebook to access the contacts information on your smartphone so as to allow you to chat with people on WhatsApp. It may well be that most of the time most of us do not think of the implications of such acts, but that only serves to further enhance the running of this particular exercise and the existence of this post.
The tension caused to me by the complaint I have received is therefore not coincidental. If anything, I would urge for such challenges to take place more often, in order to reduce and prevent the frequency of occasions in which our privacy is harmed by people who simply wish to use some online service.
With that in mind, let us start with the exercise.


The following are things to think about when deciding on how to best deal with our collections of digital photographs:
  • Privacy: Are the photos I’m uploading going to be viewed by the people I approve of, and only by the people I approve of? Facebook, for example, would very much like to have all your photos public and occasionally stretches things in order to pull its users down that path.
    What other things is the service planning for my photos? For example, this week Microsoft opened a service to the public where the public uploads photos to a Microsoft algorithm trying its best to guess the age of the person in the photo. Millions of people have uploaded their photos to play this game. However, is Microsoft going to use these photos for purposes other than guessing their subjects' age? Did the people who uploaded their photos think to ask this question before they uploaded their photos?
    Yet another question, to which the answer is almost universally sad, is what other information is gathered about me and passed on to third parties when I use a photo service?
  • Security: Is there adequate security in place to prevent my photos from falling into the wrong place?
  • Cost: How much should I invest in local and cloud facilities enabling me to store and access my photos?
  • Commercialisation: It’s not a consideration on its own, but the answer to the question “who is making money out of me storing my photos in a certain way” can be.
  • Control: Do I have control over my photos? I warmly recommend you read the terms & conditions of your cloud providers of choice, as well as their privacy policies. If you do so, you will find that with both Facebook and Google, uploading a photo gives them rights over it; what was once yours is no longer so. They own them now. In a way, they own you.
    Yahoo’s Flickr is the exception there, with one of its core promises being that your photos are always yours. While it’s doubtful either Facebook or Google will abuse your photos to the extreme, Facebook does use them to present advertisements to your friends; who knows what they’ll do next. Also consider what really happens when you think you delete a photo; given the photo is no longer yours, it is no longer yours to delete. And don’t get me started on Snapchat; by now even they admit they never really delete your photos.
    Closely following on the same subject of control is the question of what's going to happen when your cloud service of choice retires to cloud 9. Facebook and Google may seem immortal, but it is clear some cloud providers will not make it to immortality; it is therefore wise to choose a provider from which you can retrieve your photos, eventually.
  • Picture quality: Once upon a time, storage space was expensive so we tended to cut calories from our locally stored photos. On the cloud this is still often the case: the likes of Facebook and Evernote reduce the quality of the photos you store with them. Flickr does not, but it does impose limits (fairly generous ones) on the size of photos you can store with them.
  • Backup: Disasters happen; thinking about backup options is of paramount importance, particularly when the answer most people would give to “what non-living thing you’d rescue first from your burning house” is their photos.
  • Distribution: Does your storage solution of choice allow you to distribute your photos as per your preferences? More specifically, do you have control over the confidentiality of your photos - who is allowed to watch what?
  • Availability/accessibility: By now we live in a world where anything other than 24/7 access to our photos, on whatever platform we can think of, is inconceivable. As it happens, cloud services tend to be significantly more reliable in this department than your hard drive at home.
  • Search and retrieval: The invention of digital photography means that nowadays we all take photos in numbers previously inconceivable. Having the ability to later find a specific photo is therefore important. Luckily, there are software tools at our disposal to help us arrange our local collection (the recently replaced iPhoto comes into mind first). On the cloud side of things, different services offer different grade facilities with which to organise and index your photo collection.
  • Non flattering photos: I’m showing my age when I say this consideration is new to me, but for the Facebook generation the ability to handle photos deemed unflattering to certain people seems to be of extreme importance.
  • Creative commons: I am a major advocate for the culture of sharing. Once upon a time, before I got burnt and before Snowden, I used to have all my photos available to the public under a Creative Commons licence that allowed people to do pretty much what they like with those photos. Nowadays I limit people’s access to photos I consider private, but I still allow Creative Commons access to all the rest. I am happy to report that my otherwise very ordinary photos have thus been used on thousands of occasions and by some prestigious websites (glad to be of help!).
    I will use this opportunity to clarify a misconception: applying copyrights on your photos, as opposed to Creative Commons licences, does not grant you the legal mandate to prevent others from using your photos altogether; most countries have some fair use clauses in their copyright legislation that will give people the right to use your copyrighted photos in certain limited ways. In other words, copyright is no privacy guarantee; your only foolproof way of preventing people from abusing your photos is to prevent them from being able to access your photos in the first place.


Following is a summary of the threats facing our photos in an online world:
  • Cloud providers:
    Any cloud provider storing my photos can be hacked, with my photos taken away as prize. The exception to this rule is if my photos were encrypted before I uploaded them to the cloud, which is rarely the case – both because the cloud provider relies on unencrypted contents to make its money and because they can’t provide the photo management services they do provide on encrypted content (not as easily, at least).
    Regardless, people are constantly trying to hack their way into cloud providers. We’ve seen it with celebrity photos getting pulled out of Apple’s iCloud. More than that, there is the risk of people working for the cloud providers abusing the treasure trove of contents I put under their hands; that has happened before. There is also the risk of accidents: I recall a case where a user (or was it users?) lost the contents of their Flickr account because of a Yahoo mistake. To use professional terms, there were cases of where the integrity of the photos held by cloud providers was compromised. With all their powers, cloud services are just another word for a “computer located elsewhere”, and computers (as well as their operators) fail. That said, we can probably safely assume that the likes of Google have somewhat better backup facilities than we have at home.
    When assessing the risks from cloud providers, we need to assume a rational position. For example, I have been asked before to remove a certain photo from the web in order to prevent that photo from falling into the wrong hands. That’s fine; yet such requests have me held up to standards that almost no one stands up to. Those same people that complain at me are almost certainly happy to send their photos via email, an inherently insecure communications method, while using the cloud email services of the very same providers they wanted me to avoid in the first place. No, there is no sense in that.
    One danger coming from cloud providers and, for that matter, from hardware providers is that of tracking and privacy robbing. Actually, this is not a danger in the regular sense of the word: it’s not theoretical, it is actually happening. As things are, we do not really know what our cloud providers do with all the data we give them (photos) and all the data they collect on us in the process. The same might apply, say, when we store our photos on our hard drives at home: what confidence do we have that this drive does not do something we would not approve of with our data (especially when the drive is some part of a server or NAS)?
    With companies such as Google, Facebook and Yahoo we can rest assured there is malice about; that’s how these companies make their money. Think of the pressure that Facebook applies on you to conform and share stuff through its facilities: it is there, this pressure, because there’s tons of money at stake. The numbers clearly indicate this approach is working very well for Facebook, thank you very much.
    With Facebook we know that not only does it collect our photos, it also measures how long we look at each photo and what we do before and after looking at the photo. In addition, the majority of websites share insight they gather about us with third party trackers. Most of us know this is taking place but still prefer to live in denial: hand up if you bothered to install countermeasures, such as Ghostery?
  • Hackers:
    This one is self explanatory. There are people out there whose aim is to put me in a compromised position for the improvement of their financial situation or their status. These people make their living out of hacking. Our best protection from this scum is to keep our systems up to date, maintain healthy Internetting habits, and make ourselves as least attractive as possible to pick on through using unique, complicated passwords and multiple authentication techniques.
  • NSA/GCHQ/ASD (insert your local spy agency):
    If there is one certainty in life, is that the information we share online through PRISM providers is copied by the NSA. That includes the photos you upload to Facebook, Google, Apple, Microsoft, Dropbox (not a PRISM partner, but I doubt this bothers the NSA) and Yahoo. By all means – object to it and apply pressure to change the way of things on your political representative. In the mean time, deal with that.
    It is also safe to say the NSA will not, does not, rest as long as it puts its hands on all other online data sources. Your only saving grace there is end to end encryption, which – as mentioned – does not apply to cloud photo services.
    Let’s also be clear about the safety of the photos you hold locally. If the NSA, GCHQ or any other of our tax payer funded so called security services want to, they will break into your local storage and take your photos on the way with or without your knowledge. Only the extremely careful application of encryption, to a level unachievable by most people whose last name is not Snowden, can save you there.
    Luckily for us, I doubt the NSA has the resources to run such focused attacks at massive scale. Thus I presume that the readers of this blog are, almost by definition (given presumed background), immune to such intrusion. Unless, of course, the NSA has associated you to me by virtue of you reading this sentence. You're doomed.
  • Friends:
    To put it eloquently, your friends are dicks.
    Once they have access to your photos, or – even worse – once they take a photo of you, there is no telling what they will do with it. Malicious intent is not required here, given the abundance of ignorance at hand. You might be an infosec expert, but statistically speaking your friends and family are highly unlikely to realise what happens behind the scenes on their smartphone, set as it is to its default settings, when they take a photo. They have no idea what happens when they share a photo online through one service or another. They do not think twice before they email your photos around.
    Then comes their negligence. Statistically speaking, your friends are likely to have shit passwords “protecting” their cloud accounts or, for that matter, their hardware. Your friends are likely to run computer equipment riddled with malware and viruses while being completely oblivious to the fact.
    Then there is the malicious. I hope your friends are nice people; but at least in the corporate world, it is no big secret that the biggest threat to security comes from the inside through disgruntled employees. Given that we all lost some friends along the way, the threat of a friend gone rogue is one of the major cataclysmic events that can happen to your photos. Case in point: former boyfriends publishing compromising photos of their exes. As I said, dicks.
  • Me (and you):
    Everything I said about friends applies to me, as well, and just the same. I like to think I’m on top of the latest when it comes to information security, but was I taken by surprise through the Snowden revelations? I was. Can I guarantee my hardware is never compromised? Nope.
    So yes, I’m a dick.
  • Disasters:
    Fires, burglary and even power failures - acts of the goddess, if you will - can all come between us and our photos, either permanently or intermediately. Backups are one way to address the problem, but a local backup kept on a hard drive next to your main computer would do little to help in case of a fire.
  • Physical loss:
    If you were to lose the physical copy of your photos, nowadays in the form of a hard drive or a USB stick / memory card, you would probably want whoever has that drive to not be able to access your photos. In other words, you’d probably want that drive adequately encrypted.

Target State

As I said, ours is an optimisation exercise. What we are looking to find is the optimal point of usability, protection, security and cost when it comes to storing and distributing a personal collection of digital images.

My Policy

Given the above lists of considerations and threats, the aspirational target state, and experience gathered through years of managing my photos both online and offline, I have arrived at the following policy highlights:
  • Maintain local copies of all my photos on local hard drives with RAID redundancy. All the photos are encrypted (with a very complex key) to prevent unauthorised use in case the hard drives fall into the wrong hands.
  • Maintain an online photo album on the cloud using a Flickr account protected by a very complex password and two way authentication. Flickr’s most notable advantages over other cloud providers are its generous storage, fidelity to the original photos, good photo organisation facilities, facilities to manage Creative Commons photos, facilities to control access to my photos, and policies that leave me as the sole legal owner of my photos.
  • Define private photos as photos that provide identifying information on their subjects when those subjects happen to be more than just random people out there in public when I happened to take the photos. Identifying information may include faces, but also things like car licence plates or location information.
  • Limit my posting of private photos online to my Flickr account. Exceptions to this rule (e.g., providing copies of my photos for printing purposes) require ensuring the provider's privacy policy makes it clear the photos will not be used for anything other than the purpose I post them for.
  • Maintain strict confidentiality on all private photos. Only a very limited number of friends and family are allowed to access my private photos. As I type, we are talking about 6 people (plus my dear friends at the NSA), although that number is limited more by lack of interest than my refusal to grant access to my photos.
  • Regular reviewing of the list of friends allowed to access personal photos. I do not agree with Facebook’s policy of hoarding friends; people that used to be my friends 10 years ago may not be friends of mine anymore, and that’s fine. It’s called life.
  • Limit the tagging of my photos so as to prevent people who shouldn’t do so from associating my photos with specific people. For example, I will not describe a photo, even a public photo, as “this is where my friend John Doe had breakfast”, instead settling for “this is where my friend John had breakfast”. Given the abundance of Johns in this world, good luck to those trying to find info about John Doe. For the record, the professional term for such privacy measures is privacy through obscurity.
    The same policy applies to the EXIF data that our digital cameras add to our photos. Most of that information is harmless, but in most cases I do not want photos location to be made public. Most of the better photo processing tools allow their users to control what EXIF information passes through the photos they handle.
  • Do not take objectively compromising photos. I have been told off for holding on to photos other people consider unflattering, but what I do not do is take unequivocally compromising photos. You will find no dick photos or, for that matter, no nudity in my collection. Not because I do not allow access to these photos, but rather because I do not take them in the first place.

Some final thoughts.
Is my policy perfect? No, it clearly isn’t. It has its weak spots, mostly (in my opinion) through its reliance on Yahoo for security and on my friends for decency and respect. However, as I have already stated, anyone claiming to have the perfect solution is either ignorant or foolish. The world is a complex place; the trick is to find the optimal point in this complex world, the point that offers the best balance of usability and privacy. I consider my policy to offer a good balance as well as to be evidence based and devoid of prejudices. In other words, I consider my policy to be good.
That said, my risk averse nature is clearly mirrored by my policy's very conservative nature, given we are living in an age where finding someone's photo is generally a Google search away. An age where having no online presence can actually harm one's brand.
I do admit there is plenty of room for ignorance in my behalf. If you disagree with my analysis or if you think you can offer improvements to my policy, do feel free to challenge me. On my part, I promise to publish the photos of successful challengers.

Image by Kurtis Garbutt, Creative Commons (CC BY 2.0) licence