World Wide Web
Yes, how could you not be sure that when somebody offers to host your personal data for free on their servers that nothing could possib-lie go wrong. Uh, PossibLY go wrong.
This band was playing a small stage along Via Roma at Borgo a Mozzano’s Halloween festival. I haven’t been able to figure out their name yet (will update when I do). The singer managed to put out an amazing amount of vocal power from such a small frame.
That’s our local butcher dancing with the cow’s head and eyeball.
(on youtube the video is available in 1080)
This is the first I’ve noticed location-specific ads being inserted into a google search. It makes sense that their map becomes a revenue source. If the ads don’t work, the the map will go away. It’ll be interesting to see how this plays out.
I was searching for something random on Google (no, not that, regular expression examples) and noticed that funny little bar they put up there a while back when Google+ had the world all a-flutter. My little box had a  in it. Hmmm.. A few people I’d never heard of had “circled” me. Nobody I knew. I think I last checked G+ a few weeks ago, maybe it was a month. Oh well, so much for that one. Facebook will eventually do a MySpace, taking everyone’s cleverly crafted content out with it, but G+ won’t be the Facebook that does it. Or something like that.
Typing of Google, anyone else notice that Google has become much more aggressive about implicit substitution? I’m used to it autocorrecting typing, which actually led to ever more lazy typing, at least on my part. But I thought it always let me know when it was making a presumptive change. Search for [Congres] (using square brackets to denote the text box since “” has meaning in this context) and it used to note “Do you mean “Congress”” Yeah yeah, just fat-fingered the last letter, NP. Now it just silently corrects unless you use quotes. Maybe you actually wanted to find the “Hotel Du Congres.”
OK, annoying, but not fatal. But what is actually quite tedious is when you search for something slightly esoteric like [“white screen of death” client certificate]. 122,000 results. Whee. Oh, wait, most have nothing to do with client certificates – how can that be? [“white screen of death” “client” “certificate”] yields 367 results, almost all relevant. So for about 121,000 results Google assumes I just accidentally typed “client” and/or “certificate”? Those do not seem like common typos for [ ] (blank). If I went to all the trouble of typing out the words “client” and “certificate” does it not generally undermine the utility of a search function if it arbitrarily decides to ignore any inconvenient terms?
I find my self quote-forcing ([“white screen of death” +client +certificate] yields the same 367 results) most of my searches. Since when did my search terms become optional? WTF Google? Search is the one thing you do well. Well, that and advertising. Please don’t break it. Trust me, if you blow search you are not going to make up the difference with Social Networking.
Update: I recently searched for a scholarly article to back an assumption that document collections stored in structured databases can be accessed faster than document collections stored in file systems. I used the word “median” rather than “average” in my search, but clever Google knows the two are often synonyms and rather than limit my search to documents that use the typically academic “median,” I got almost entirely useless results referencing various colloquial “average” constructions.
So somebody added me to a FaceBook group – I haven’t yet looked into how, but facebook lets me opt out later (rather than opt in) which means I’m getting dozens of messages a day and I’ll have to get around to unsubscribing when I can.
Wow…. this is amazing. Somebody you don’t like? Subscribe them to high volume facebook groups. Their inboxes will fill with random crap. That’s awesome – other people can put you in a group and you have to opt out. That’s even better than G+ leaking “circle” names; fortunately, I read about that one before populating my “annoying morons I follow only because I have to for business reasons” circle. Now where are those “Fans of Pedobear” and “10% For Al Queda” groups? Lets see how long it takes to get all the FaceBook employees on the no fly list.
Seems like Facebook is responding badly to the perceived pressure from G+ (isn’t that dead yet?). I have no idea how long the groups opt out has been in place, but one of my favorite recent moves is the mobile snarf function whereby your facebook mobile app scrapes your mobile phone directory to populate everyone’s mobile phone numbers in their database and then default suggest that direct messages be sent to mobile devices. If nothing else convinced people that facebook messaging is a horrible substitute for email, this should.
This is a great example of why putting information in the “cloud” means ceding all control to entities who’s motivations may not align with yours. Facebook has decided that their best interests are served by snarfing mobile numbers, running up phone bills, and stuffing inboxes and there’s nothing you can do but write a whiny letter. They have your data on their hardware, so they own it.
Weird: I have yet to find a way to import an RSS feed into G+. This is one of those things that significantly undermines Google’s “your data” cred. Anyone know of a way to do it? I haven’t found an “import RSS feed into your feed” the way facebook kinda does and the wordpress/facebook plugin does.
I’m a very strong believer in “he who owns the hardware, owns the data,” so, for example, posting this on G+ means that this text is Google’s (note, this was originally published on G+, then I stole it back!). And since it didn’t originate on my personal wordpress installation (free as in speech, free as in beer) running on my server at home (free as in speech, not absurdly expensive as in cheap beer), it isn’t mine.
My server also runs my mail server, my file server, my web server etc. all from my garage meaning that’s my data and my hardware and fully protected by law, while any data on Google’s server is effectively shared with every good and bad government in the world and my only legal recourse if it gets hacked or stolen or sold or given away or simply deleted is to… write an angry post on my blog and swear never to trust a cloud service again.
This is, obviously, exactly the same at FaceBook and every other cloud service. I use Facebook as a syndication service: I post on my own servers and syndicate via RSS to FaceBook, which becomes, in effect, the most frequently used RSS reader should people who haven’t gotten around to blocking me in their streams might find and by which perhaps occasionally be amused. This means I still own my data and my data has no particular dependence on FaceBook’s survival.
This post is visible only as long as Google wants it to be. If Google changes the rules, I lose the data. OK, I can download it – as long as they choose to let me, but it isn’t my data. When I post on my server then give FaceBook permission to republish the data, I control my data and they get only what I decide to give them. When I post this on Google and then ask “please, sir, may I recover my post for another use?” the power relationship is reversed: Google owns and controls everything and my rights and usage are only what they deign to offer me.
That almost everyone trusts the billionaire playboys who put king sized beds in their 767 party plane as “do no evil” paragons of virtue is odd to me, but nothing better validates Erich Fromm’s thesis than the pseudo-religious idolatry of Google and Apple. Still, even the True Believers should realize that the founders of these Great Empires are not truly immortal and that even if Google is doing no evil now, it will change hands and those that inherit every search you’ve ever done, every web page you’ve ever visited, every email you’ve ever sent, every phone call you’ve ever made or received, the audio of every message ever left for you, the GPS traces of every step you’ve ever taken, every text and chat and tweet might think, say, that Doing Good means something different than you think it does. One should also remember the Socratic Paradox that renders tautological Google’s vaunted motto.
Unfortunately, at least so far, Google won’t let me use G+ to syndicate my data – they insist on owning it and dictating the terms by which I can access it. If I want to syndicate content through my G+ network, it seems I have to fully gift Google that content. I’m hoping there’s a tool to populate my “posts” from RSS so the canonical will remain on my server. Because it is the Right Thing To Do.
(Shhhh.. I’m going to copy and paste this into my own wordpress installation, even though I wrote it here on the G+ interface. They probably won’t send me a DMCA takedown, but I do run the risk that they’ll hit me with a “duplicate content penalty” and set my page rank to 0 thus ensuring nobody ever finds my site again. Ah, absolute power, so reassuring to remember that it is absolutely incorruptible.)
An interesting artifact of the FB vs. G+ debate is the justification by a lot of tech-savvy people in moving to G+ from FB because they believe Google to be less evil. It is an odd comparison to make, both companies are in essentially the same business: putting out honey pots of desirable web properties, attracting users, harvesting them, and selling their data.
Distinguishing between grades of evil in companies that harvest and sell user data seems a little arbitrary. I’d think it would make more sense to use each resource for what it does well rather than arbitrarily announce that you’re one or the other.
However, if one is making the choice as to what service to call home on the basis of least “evil” and assuming that metric is derived in some way from the degree to which the company in question harvests your data and sells it, then it is somewhat illuminating to look at real numbers. One can assume that the more deeply one probes each user captured by the honey pot, the more data extracted, the more aggressively sold, the more money one makes. The company that makes the most money per user is probing the deepest and selling the hardest.
From Technology Review May/June 2011, annual revenue per monthly unique US visitor:
Facebook: $ 12.10
Google squeezes out and sells more than 13.5x the data per user. Google wins. But Facebook is gathering $12.10 worth of user data, why should Google allow Facebook to have it? If Google wins that last morsel of data to take to market and takes out Facebook, Google can increase their gross revenue by 7%.
I’ve also heard people argue that Zuckerberg seems more personally avaricious, mean, or evil than Google’s founders, comparing Google’s marketing spin to “The Social Network”
Zuckerberg’s only newsworthy purchase was a $7m house in Palo Alto. Google co-founders were in the news over a lawsuit between them over whether their 767 “party plane” (Eric Schmidt) could house Brin’s California king bed. This is in addition to their 757 and two Gulfstream Vs they talked NASA into letting them park at Moffet under the pretense that the planes would be retrofit with instruments for NASA. When they couldn’t do that (FAA regs, who knew?), they bought a Dornier Alpha, but still get to park their jumbo jets and gulfstreams inside NASA hangers for some reason. Suck on that, Ellison!
There’s a great story at the wall street journal describing some of the techniques that are being used to track people on line that I found informative (as are the other articles listed in the series in the box below). EFF is doing some good work on this; your browser configuration probably uniquely identifies you and thus every site you’ve ever visited (via data exchanges). Unique information about you is worth about $0.00_1. Collecting a few hundred million 1/10ths of a cent starts to add up and may end up raising your insurance premiums.
One of the more entertaining/disturbing tricks is to use “click jacking” to remotely enable a person’s webcam or microphone. Is your computer or network running slowly? Maybe it is the video you’re inadvertently streaming back (and maybe you just have way too many tabs open…)
A few things you can do to improve your privacy include:
- Opt out of Rapleaf. Rapleaf collects user information about you and ties it to your email address. You have to opt out with each email address individually, which almost certainly confirms to them that all your email addresses belong to the same person. You might want to use unique Tor sessions for each opt out if you don’t want them to get more information than they already have via the process.
- Use Tor for anything sensitive. If you care about privacy, learn about Tor. It does slow browsing so you have to be very committed to use it for everything. But the browser plug in makes it pretty easy to turn it on for easy browsing.
- Don’t use IE for anything personal or important.
- Run SpyBot Search and Destory regularly. Spybot helps block BHOs and toolbars that seem to proliferate automagically and helps remove tracking cookies. You’ll be amazed at how many are installed on your system. I have used or not used TeaTimer. I’m less excited about having a lot of background tools, even helpful ones than I used to be. Spybot currently starts out looking for 1,359,854 different known spywares. Yikes.
- Check what people know about you: Google will tell you, so will Yahoo. Spooky.
- Use firefox. If for no other reason than the following plugins (personally, it is my favorite, but I know people who favor chrome or even rockmelt, but talk about tracking!) Just don’t use IE.
- Use the private browsing mode in your browser (CTRL-SHIFT-P in FireFox). It’d be nice if you could enable non-private browsing on a whitelist basis for sites you either trust or have to trust. We’ll get there eventually…
- TACO should help block flash cookies.
- Install noscript to block scripts by default. You can add all your favorite sites as you go so things work. It is a pain in the ass for a while, but security requires vigilance.
- Install adblock plus. It helps keep the cookies away. It also reduces ad annoyance. You can enable ads for your favorite sites so they can pay their colo fees.
- Add HTTPS Everywhere from EFF. The more your connections to sites are encrypted, the less your ISP (and others) can see about what you’re doing while you’re there. Your ISP still knows every site you visit, and probably sells that information, but if your sessions are encrypted they don’t see the actual text you type. It also makes it harder for script kiddies to grab your passwords at the cafe.
More detailed instructions about how to access facebook’s new Open Graph (below). Open Graph is an interesting OAuth based mechanism by which facebook is opening their database to “select” third parties and allowing those parties to read FB cookies and automatically connect to FB and read “engagement enhancing” information about the user such as their social graph, their profile, their news feed, the groups they belong to, their pictures (including all that they’ve been tagged in): just about everything FB knows about them. The details are at this URL.
It is not 100% clear to me yet whether giving the third party access to the facebook cookies, but if the techcrunch article is correct, then third parties can read FB cookies, which are all under the domain .facebook.com and all “send for: Any type of connection” including the “lxe” cookie which is the user’s sign-in email address.
To experiment with Open Graph, first log in to facebook… Read more…
- Recent Comments
- 10 Gbyte Win10 Spyware “upgrade” now forced on users (4)
- Post History
February 2020 M T W T F S S « Nov 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29